1 |
ravilov |
1.1 |
<?php |
2 |
ravilov |
1.7 |
set_magic_quotes_runtime(false); |
3 |
ravilov |
1.1 |
# ---KLUDGE-BEGIN--- |
4 |
|
|
function ss(&$i, $k) { |
5 |
|
|
if (is_array($i)) array_walk($i, "ss"); |
6 |
|
|
if (!is_string($i)) return; |
7 |
|
|
$i = stripslashes($i); |
8 |
|
|
if ($k) { global $$k; $$k = stripslashes($$k); } |
9 |
|
|
} |
10 |
|
|
$ss = array("HTTP_GET_VARS", "HTTP_POST_VARS", "HTTP_POST_FILES"); |
11 |
|
|
while (list($key, $val) = each($ss)) array_walk($$val, "ss"); |
12 |
|
|
# ---KLUDGE-END--- |
13 |
ravilov |
1.5 |
$phptmp = "^php"; |
14 |
ravilov |
1.1 |
function sql($sql) { |
15 |
ravilov |
1.7 |
#echo "<TT><B>[SQL]</B> $sql<BR>\n"; |
16 |
ravilov |
1.1 |
} |
17 |
ravilov |
1.7 |
function my_cmp($a, $b) { return MyCompare($a["txt"], $b["txt"]); } |
18 |
|
|
function newsEdit($art, $trigger = "", $isVijest = false) { |
19 |
ravilov |
1.9 |
global $phptmp, $picdir, $syspicdir, $aupicdir, $sysaupicdir, $dbh, $tpl; |
20 |
|
|
global $section, $section_menu, $section_menu2, $spec; |
21 |
ravilov |
1.7 |
global $ed_id, $ed_cat, $isMed; |
22 |
ravilov |
1.1 |
$i = 1; |
23 |
|
|
global $ed_delete_main, $ed_del_main; |
24 |
|
|
$delete_main = $ed_delete_main; |
25 |
|
|
$del_main = $ed_del_main; |
26 |
|
|
global $ed_clear_main, $ed_clr_main; |
27 |
ravilov |
1.7 |
global $ed_clear_author, $ed_clr_author; |
28 |
ravilov |
1.1 |
$clear_main = $ed_clear_main; |
29 |
|
|
$clr_main = $ed_clr_main; |
30 |
ravilov |
1.7 |
$clear_author = $ed_clear_author; |
31 |
|
|
$clr_author = $ed_clr_author; |
32 |
ravilov |
1.1 |
global $ed_titlepic_url, $ed_titlepic_url2, $ed_titlepic_name; |
33 |
|
|
$titlepic_url = $ed_titlepic_url; |
34 |
|
|
$titlepic_url2 = $ed_titlepic_url2; |
35 |
ravilov |
1.7 |
$titlepic_name = urldecode($ed_titlepic_name); |
36 |
|
|
# Fix for M$IE |
37 |
ravilov |
1.1 |
if ($titlepic_url == "none") $titlepic_url = ""; |
38 |
ravilov |
1.7 |
global $ed_author_url, $ed_author_url2, $ed_author_name; |
39 |
|
|
$author_url = $ed_author_url; |
40 |
|
|
$author_url2 = $ed_author_url2; |
41 |
|
|
$author_name = urldecode($ed_author_name); |
42 |
|
|
# Fix for M$IE |
43 |
|
|
if ($author_url == "none") $author_url = ""; |
44 |
ravilov |
1.1 |
while (true) { |
45 |
|
|
global ${"ed_text_id_".$i}; |
46 |
|
|
if (!isset(${"ed_text_id_".$i})) break; |
47 |
|
|
global ${"ed_delete_".$i}, ${"ed_del_".$i}; |
48 |
|
|
${"delete_".$i} = ${"ed_delete_".$i}; |
49 |
|
|
${"del_".$i} = ${"ed_del_".$i}; |
50 |
|
|
global ${"ed_clear_".$i}, ${"ed_clr_".$i}; |
51 |
|
|
${"clear_".$i} = ${"ed_clear_".$i}; |
52 |
|
|
${"clr_".$i} = ${"ed_clr_".$i}; |
53 |
ravilov |
1.15 |
global ${"ed_fclear_".$i}, ${"ed_fclr_".$i}; |
54 |
|
|
${"fclear_".$i} = ${"ed_fclear_".$i}; |
55 |
|
|
${"fclr_".$i} = ${"ed_fclr_".$i}; |
56 |
ravilov |
1.7 |
global ${"ed_textpic_url_".$i}, ${"ed_textpic_url2_".$i}, ${"ed_textpic_name_".$i}; |
57 |
ravilov |
1.1 |
${"textpic_url_".$i} = ${"ed_textpic_url_".$i}; |
58 |
|
|
${"textpic_url2_".$i} = ${"ed_textpic_url2_".$i}; |
59 |
ravilov |
1.7 |
${"textpic_name_".$i} = urldecode(${"ed_textpic_name_".$i}); |
60 |
|
|
# Fix for M$IE |
61 |
ravilov |
1.1 |
if (${"textpic_url_".$i} == "none") ${"textpic_url_".$i} = ""; |
62 |
ravilov |
1.15 |
global ${"ed_textpic_full_".$i}, ${"ed_textpic_full2_".$i}, ${"ed_textpic_fname_".$i}; |
63 |
|
|
${"textpic_full_".$i} = ${"ed_textpic_full_".$i}; |
64 |
|
|
${"textpic_full2_".$i} = ${"ed_textpic_full2_".$i}; |
65 |
|
|
${"textpic_fname_".$i} = urldecode(${"ed_textpic_fname_".$i}); |
66 |
|
|
# Fix for M$IE |
67 |
|
|
if (${"textpic_full_".$i} == "none") ${"textpic_full_".$i} = ""; |
68 |
ravilov |
1.1 |
$i++; |
69 |
|
|
} |
70 |
ravilov |
1.7 |
// ----- |
71 |
|
|
$categories = array(); |
72 |
|
|
$sql = "SELECT cat_id, text FROM news_categories ORDER BY text"; |
73 |
|
|
sql($sql); |
74 |
|
|
$sth = $dbh->prepare($sql); |
75 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
76 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
77 |
|
|
while ($row = $sth->fetchrow_array()) array_push($categories, |
78 |
|
|
array("id" => $row[0], "txt" => $row[1])); |
79 |
|
|
$sth->finish(); |
80 |
|
|
usort($categories, "my_cmp"); |
81 |
|
|
// ----- |
82 |
|
|
$specs = array(); |
83 |
ravilov |
1.8 |
$sql = "SELECT spec_id, opis FROM specijalizacije WHERE (spec_id != 0) AND (NOT link)"; |
84 |
ravilov |
1.7 |
sql($sql); |
85 |
|
|
$sth = $dbh->prepare($sql); |
86 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
87 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
88 |
|
|
while ($row = $sth->fetchrow_array()) array_push($specs, array("id" => $row[0], "txt" => $row[1])); |
89 |
|
|
$sth->finish(); |
90 |
|
|
usort($specs, "my_cmp"); |
91 |
|
|
// ----- |
92 |
ravilov |
1.8 |
$levels = array(); |
93 |
|
|
$sql = "SELECT level_id, class, name FROM par_levels ORDER BY name"; |
94 |
|
|
sql($sql); |
95 |
|
|
$sth = $dbh->prepare($sql); |
96 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
97 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
98 |
|
|
while ($row = $sth->fetchrow_array()) array_push($levels, array("id" => $row[0], "class" => $row[1], "name" => $row[2])); |
99 |
|
|
$sth->finish(); |
100 |
|
|
// ----- |
101 |
ravilov |
1.1 |
global $cancel, $save; |
102 |
|
|
if ($cancel || $save) { |
103 |
|
|
if ($save) { |
104 |
|
|
// Move temp pics & save article. |
105 |
ravilov |
1.8 |
if (ereg("$phptmp", $titlepic_url2) && $ed_id > 0 && file_exists("$syspicdir/$titlepic_url2")) { |
106 |
ravilov |
1.1 |
$sql = "SELECT title_pic FROM news WHERE (news_id = $ed_id)"; |
107 |
|
|
sql($sql); |
108 |
|
|
$sth = $dbh->prepare($sql); |
109 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
110 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
111 |
|
|
$row = $sth->fetchrow_array(); |
112 |
|
|
$sth->finish(); |
113 |
|
|
$row = array_shift($row); |
114 |
|
|
if ($row) MyDelete($syspicdir."/".$row); |
115 |
|
|
} |
116 |
ravilov |
1.8 |
if (ereg("$phptmp", $author_url2) && $ed_id > 0 && file_exists("$sysaupicdir/$author_url2")) { |
117 |
ravilov |
1.7 |
$sql = "SELECT author_pic FROM news WHERE (news_id = $ed_id)"; |
118 |
|
|
sql($sql); |
119 |
|
|
$sth = $dbh->prepare($sql); |
120 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
121 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
122 |
|
|
$row = $sth->fetchrow_array(); |
123 |
|
|
$sth->finish(); |
124 |
|
|
$row = array_shift($row); |
125 |
|
|
if ($row) MyDelete($sysaupicdir."/".$row); |
126 |
|
|
} |
127 |
ravilov |
1.1 |
global $ed_title, $ed_lead, $ed_titlepic_alt, |
128 |
ravilov |
1.6 |
$ed_titlepic_pos, $ed_more, $ed_more_title, |
129 |
ravilov |
1.11 |
$ed_cat, $ed_author_alt, $ed_author_info, |
130 |
ravilov |
1.12 |
$ed_author_ime, $ed_prikazi; |
131 |
ravilov |
1.1 |
$ed_title = MyQuote($ed_title); |
132 |
|
|
$ed_lead = MyQuote($ed_lead); |
133 |
ravilov |
1.7 |
$ed_author_nm = urldecode(MyQuote(basename($author_name))); |
134 |
|
|
$ed_author_alt = MyQuote($ed_author_alt); |
135 |
ravilov |
1.11 |
$ed_author_ime = MyQuote($ed_author_ime); |
136 |
ravilov |
1.7 |
$ed_author_info = MyQuote($ed_author_info); |
137 |
|
|
$ed_titlepic_nm = urldecode(MyQuote(basename($titlepic_name))); |
138 |
ravilov |
1.1 |
$ed_titlepic_alt = MyQuote($ed_titlepic_alt); |
139 |
|
|
$ed_more = MyQuote($ed_more); |
140 |
ravilov |
1.6 |
$ed_more_title = MyQuote($ed_more_title); |
141 |
ravilov |
1.1 |
if (!$ed_titlepic_pos) $ed_titlepic_pos = 0; |
142 |
|
|
if ($ed_id > 0) { |
143 |
ravilov |
1.12 |
$sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, author_pic = $ed_author_nm, author_alt = $ed_author_alt, author_info = $ed_author_info, author_name = $ed_author_ime, url = $ed_more, url_title = $ed_more_title, plivamed = ".($isMed?"true":"false").", prikazi = ".($ed_prikazi?"true":"false").", ord = 0, d_change = NOW() WHERE (news_id = $ed_id)"; |
144 |
ravilov |
1.1 |
sql($sql); |
145 |
|
|
$dbh->dbh_do($sql); |
146 |
|
|
} else { |
147 |
ravilov |
1.12 |
$sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, author_pic, author_alt, author_info, author_name, url, url_title, plivamed, prikazi, d_orig, d_change) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_author_nm, $ed_author_alt, $ed_author_info, $ed_author_ime, $ed_more, $ed_more_title, ".($isMed?"true":"false").", ".($ed_prikazi?"true":"false").", NOW(), NOW())"; |
148 |
ravilov |
1.1 |
sql($sql); |
149 |
|
|
$dbh->dbh_do($sql); |
150 |
ravilov |
1.10 |
$sql = "SELECT currval('news_news_id_seq')::text"; |
151 |
ravilov |
1.1 |
sql($sql); |
152 |
|
|
$sth = $dbh->prepare($sql); |
153 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
154 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
155 |
|
|
$rows = array(); |
156 |
|
|
while ($row = $sth->fetchrow_array()) array_push($rows, $row); |
157 |
|
|
$sth->finish(); |
158 |
|
|
$row = array_pop($rows); |
159 |
|
|
if (is_array($row)) $row = array_shift($row); |
160 |
|
|
if ($row) $ed_id = $row; |
161 |
|
|
} |
162 |
ravilov |
1.7 |
if ($titlepic_url2) MyMove("$syspicdir/$titlepic_url2", urldecode("$syspicdir/$titlepic_name")); |
163 |
|
|
if ($author_url2) MyMove("$sysaupicdir/$author_url2", urldecode("$sysaupicdir/$author_name")); |
164 |
ravilov |
1.1 |
$i = 1; |
165 |
ravilov |
1.8 |
$parents = array(); |
166 |
|
|
$last_level = 0; |
167 |
|
|
$last_id = 0; |
168 |
ravilov |
1.1 |
while ($ed_id > 0 && isset(${"ed_text_id_".$i})) { |
169 |
|
|
global ${"ed_text_title_".$i}, ${"ed_text_".$i}, |
170 |
|
|
${"ed_textpic_alt_".$i}, ${"ed_textpic_pos_".$i}, |
171 |
ravilov |
1.8 |
${"ed_text_level_".$i}, ${"ed_hl_".$i}, |
172 |
|
|
${"ed_textpic_exp_".$i}; |
173 |
ravilov |
1.15 |
list($id, $tit, $txt, $pic, $full, $orig, $alt, $pos, $del, $lev, $hl, $exp) = array( |
174 |
ravilov |
1.1 |
${"ed_text_id_".$i}, ${"ed_text_title_".$i}, |
175 |
ravilov |
1.15 |
${"ed_text_".$i}, ${"textpic_url2_".$i}, ${"textpic_full2_".$i}, |
176 |
|
|
${"textpic_name_".$i}, ${"ed_textpic_alt_".$i}, |
177 |
|
|
${"ed_textpic_pos_".$i}, ${"del_".$i}, ${"ed_text_level_".$i}, |
178 |
|
|
${"ed_hl_".$i}, ${"ed_textpic_exp_".$i}); |
179 |
ravilov |
1.8 |
if ($lev != $last_level) { |
180 |
|
|
if ($last_level) { |
181 |
|
|
if ($last_level < $lev) array_push($parents, $id); |
182 |
|
|
if ($last_level > $lev && count($parents) > 0) array_pop($parents); |
183 |
|
|
} |
184 |
|
|
$last_level = $lev; |
185 |
|
|
$parent = $parents[0]; |
186 |
|
|
if ($parent < 0) $parent = $last_id; |
187 |
|
|
} |
188 |
ravilov |
1.1 |
$tit = MyQuote($tit); |
189 |
|
|
$txt = MyQuote($txt); |
190 |
ravilov |
1.8 |
$exp = MyQuote($exp); |
191 |
ravilov |
1.7 |
$hl = MyQuote($hl); |
192 |
ravilov |
1.1 |
$orig = basename($orig); |
193 |
|
|
$org = MyQuote($orig); |
194 |
|
|
$alt = MyQuote($alt); |
195 |
|
|
if (!$pos) $pos = 0; |
196 |
|
|
if ($id && $id > 0) { |
197 |
|
|
if ($del || !$orig) { |
198 |
|
|
$sql = "SELECT pic FROM paragraphs WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; |
199 |
|
|
sql($sql); |
200 |
|
|
$sth = $dbh->prepare($sql); |
201 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
202 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
203 |
|
|
while ($row = $sth->fetchrow_array()) { |
204 |
|
|
list($pic) = $row; |
205 |
|
|
MyDelete($syspicdir."/".$pic); |
206 |
|
|
} |
207 |
|
|
$sth->finish(); |
208 |
|
|
} |
209 |
|
|
if ($del) $sql = "DELETE FROM paragraphs WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; |
210 |
ravilov |
1.8 |
else $sql = "UPDATE paragraphs SET title = $tit, level = $lev, text = $txt, hl = $hl, pic = $org, alt = $alt, pos = $pos, pic_title = $exp WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; |
211 |
ravilov |
1.1 |
sql($sql); |
212 |
|
|
$dbh->dbh_do($sql); |
213 |
|
|
} else if (!$del) { |
214 |
ravilov |
1.8 |
$sql = "INSERT INTO paragraphs (news_id, title, level, text, pic, alt, pos, hl, pic_title) VALUES ($ed_id, $tit, $lev, $txt, $org, $alt, $pos, $hl, $exp)"; |
215 |
ravilov |
1.1 |
sql($sql); |
216 |
|
|
$dbh->dbh_do($sql); |
217 |
ravilov |
1.8 |
$sql = "SELECT currval('paragraphs_paragraph_id_seq')::text"; |
218 |
ravilov |
1.1 |
sql($sql); |
219 |
|
|
$sth = $dbh->prepare($sql); |
220 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
221 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
222 |
ravilov |
1.8 |
$row = $sth->fetchrow_array(); |
223 |
ravilov |
1.1 |
$sth->finish(); |
224 |
ravilov |
1.8 |
$row = array_shift($row); |
225 |
|
|
$last_id = $id = $row; |
226 |
ravilov |
1.1 |
} |
227 |
|
|
if ($pic) MyMove("$syspicdir/$pic", "$syspicdir/$orig"); |
228 |
|
|
$i++; |
229 |
|
|
} |
230 |
ravilov |
1.7 |
if ($ed_id) { |
231 |
|
|
$sql = "DELETE FROM spec_news WHERE (news_id = $ed_id)"; |
232 |
|
|
sql($sql); |
233 |
|
|
$dbh->dbh_do($sql); |
234 |
|
|
for ($k = 0; $k < count($specs); $k++) { |
235 |
|
|
$var = "ed_spec_".$specs[$k]["id"]; global $$var; |
236 |
|
|
if (!$$var) continue; |
237 |
|
|
$sql = "INSERT INTO spec_news (news_id, spec_id) VALUES ($ed_id, ".$specs[$k]["id"].")"; |
238 |
|
|
sql($sql); |
239 |
|
|
$dbh->dbh_do($sql); |
240 |
|
|
} |
241 |
|
|
$sql = "DELETE FROM cat_news WHERE (news_id = $ed_id)"; |
242 |
|
|
sql($sql); |
243 |
|
|
$dbh->dbh_do($sql); |
244 |
|
|
for ($k = 0; $k < count($categories); $k++) { |
245 |
|
|
$var = "ed_cat_".$categories[$k]["id"]; |
246 |
|
|
global $$var; |
247 |
ravilov |
1.8 |
if ($categories[$k]["id"] != $ed_cat && !$$var) continue; |
248 |
ravilov |
1.7 |
$sql = "INSERT INTO cat_news (news_id, cat_id) VALUES ($ed_id, '".$categories[$k]["id"]."')"; |
249 |
|
|
sql($sql); |
250 |
|
|
$dbh->dbh_do($sql); |
251 |
|
|
} |
252 |
|
|
} |
253 |
ravilov |
1.1 |
} else { |
254 |
|
|
// Delete temp pics. |
255 |
ravilov |
1.7 |
if (ereg("$phptmp", $titlepic_url2)) MyDelete($syspicdir."/".$titlepic_url2); |
256 |
|
|
if (ereg("$phptmp", $author_url2)) MyDelete($sysaupicdir."/".$author_url2); |
257 |
ravilov |
1.1 |
$i = 1; |
258 |
|
|
while (isset(${"ed_textpic_id_".$i})) { |
259 |
|
|
$tmp = ${"textpic_url2_".$i}; |
260 |
ravilov |
1.5 |
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
261 |
ravilov |
1.15 |
$tmp = ${"textpic_full2_".$i}; |
262 |
|
|
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
263 |
ravilov |
1.1 |
$i++; |
264 |
|
|
} |
265 |
|
|
} |
266 |
ravilov |
1.2 |
if (!isset($art["limit"])) $art["limit"] = 1; |
267 |
|
|
if (!isset($art["npar"])) $art["npar"] = 1; |
268 |
ravilov |
1.1 |
return array_shift(newsLoad($ed_id, $ed_cat, |
269 |
ravilov |
1.4 |
$art["limit"], $art["offset"], $art["npar"])); |
270 |
ravilov |
1.1 |
} |
271 |
|
|
// Handle temp pic upload. |
272 |
|
|
global $HTTP_POST_FILES; |
273 |
|
|
while (list($key, $val) = each($HTTP_POST_FILES)) { |
274 |
|
|
list($name, $type, $tname, $size) = array( |
275 |
|
|
$val["name"], $val["type"], |
276 |
|
|
$val["tmp_name"], $val["size"]); |
277 |
|
|
if ($size <= 0) continue; |
278 |
|
|
if (!$name) continue; |
279 |
|
|
if ($tname == "none") continue; |
280 |
ravilov |
1.8 |
$name = strtr($name, "¹ðè澩ÐÈÆ® ", "ssdcczzSSDCCZZ_"); |
281 |
ravilov |
1.1 |
$nm = basename($tname); |
282 |
|
|
$ext = ereg_replace('^.*(\..+)$', '\1', $name); |
283 |
|
|
if ($key == "ed_titlepic_url") { |
284 |
ravilov |
1.7 |
move_uploaded_file($tname, $syspicdir."/".$nm.$ext); |
285 |
ravilov |
1.1 |
$titlepic_url = $nm.$ext; |
286 |
|
|
$titlepic_name = $name; |
287 |
|
|
$u = $titlepic_url2; |
288 |
ravilov |
1.5 |
if (ereg("$phptmp", $u)) MyDelete($syspicdir."/".$u); |
289 |
ravilov |
1.1 |
unset($clear_main, $clr_main); |
290 |
ravilov |
1.7 |
} else if ($key == "ed_author_url") { |
291 |
|
|
move_uploaded_file($tname, $sysaupicdir."/".$nm.$ext); |
292 |
|
|
$author_url = $nm.$ext; |
293 |
|
|
$author_name = $name; |
294 |
|
|
$u = $author_url2; |
295 |
|
|
if (ereg("$phptmp", $u)) MyDelete($sysaupicdir."/".$u); |
296 |
|
|
unset($clear_author, $clr_author); |
297 |
ravilov |
1.1 |
} else if (ereg("^ed_textpic_url_([1-9][0-9]*)$", $key, $regs)) { |
298 |
ravilov |
1.7 |
move_uploaded_file($tname, $syspicdir."/".$nm.$ext); |
299 |
ravilov |
1.1 |
$n = $regs[1]; |
300 |
|
|
${"textpic_url_".$n} = $nm.$ext; |
301 |
|
|
${"textpic_name_".$n} = $name; |
302 |
|
|
$u = ${"textpic_url2_".$n}; |
303 |
ravilov |
1.5 |
if (ereg("$phptmp", $u)) MyDelete($syspicdir."/".$u2); |
304 |
ravilov |
1.1 |
unset(${"clear_".$n}, ${"clr_".$n}); |
305 |
ravilov |
1.15 |
} else if (ereg("^ed_textpic_full_([1-9][0-9]*)$", $key, $regs)) { |
306 |
|
|
move_uploaded_file($tname, $syspicdir."/".$nm.$ext); |
307 |
|
|
$n = $regs[1]; |
308 |
|
|
${"textpic_full_".$n} = $nm.$ext; |
309 |
|
|
${"textpic_fname_".$n} = $name; |
310 |
|
|
$u = ${"textpic_full2_".$n}; |
311 |
|
|
if (ereg("$phptmp", $u)) MyDelete($syspicdir."/".$u2); |
312 |
|
|
unset(${"fclear_".$n}, ${"fclr_".$n}); |
313 |
ravilov |
1.1 |
} else { |
314 |
ravilov |
1.15 |
// ?!? |
315 |
ravilov |
1.1 |
} |
316 |
|
|
} |
317 |
|
|
// ----- |
318 |
|
|
$tp = new Smarty(); |
319 |
|
|
$tp->assign("levels", $levels); |
320 |
|
|
// ----- |
321 |
|
|
global $ed_id, $ed_title, $ed_lead, $ed_titlepic_pos, |
322 |
ravilov |
1.6 |
$ed_titlepic_alt, $ed_cat, $ed_more, |
323 |
ravilov |
1.7 |
$ed_more_title, $ed_author_url, $ed_author_alt, |
324 |
ravilov |
1.12 |
$ed_author_info, $ed_author_ime, $ed_prikazi; |
325 |
ravilov |
1.1 |
global $ed_edit, $ed_preview, $preview, $add; |
326 |
|
|
if (!$ed_preview) $ed_preview = ($preview ? true : false); |
327 |
|
|
if ($ed_edit) $ed_preview = false; |
328 |
|
|
global $HTTP_POST_VARS, $HTTP_GET_VARS; |
329 |
|
|
$delete = count(preg_grep('/^ed_delete_[0-9]+$/', |
330 |
|
|
array_keys(array_merge($HTTP_GET_VARS, |
331 |
|
|
$HTTP_POST_VARS)))) > 0; |
332 |
ravilov |
1.7 |
global $ed_clear_author; |
333 |
|
|
$clear = (count(preg_grep('/^ed_clear_(main|author|[0-9]+)$/', |
334 |
ravilov |
1.1 |
array_keys(array_merge($HTTP_GET_VARS, |
335 |
|
|
$HTTP_POST_VARS)))) > 0); |
336 |
|
|
$ed_pgfs = array(); |
337 |
ravilov |
1.2 |
$ed_warning = 0; |
338 |
ravilov |
1.7 |
$nspecs = array(); |
339 |
|
|
$ncats = array(); |
340 |
|
|
// Transfer data |
341 |
ravilov |
1.1 |
if ($ed_edit || $ed_preview || $add || $delete || $clear) { |
342 |
ravilov |
1.7 |
for ($i = 0; $i < count($specs); $i++) { |
343 |
|
|
$var = "ed_spec_".$specs[$i]["id"]; |
344 |
|
|
global $$var; |
345 |
|
|
$nspecs[$specs[$i]["id"]] = $$var ? true : false; |
346 |
|
|
} |
347 |
|
|
for ($i = 0; $i < count($categories); $i++) { |
348 |
|
|
$var = "ed_cat_".$categories[$i]["id"]; |
349 |
|
|
global $$var; |
350 |
|
|
$ncats[$categories[$i]["id"]] = $$var ? true : false; |
351 |
|
|
} |
352 |
ravilov |
1.1 |
global $ed_title, $ed_lead, $ed_titlepic_pos, |
353 |
ravilov |
1.6 |
$ed_titlepic_alt, $ed_cat, $ed_more, |
354 |
ravilov |
1.7 |
$ed_more_title, $ed_author_url, |
355 |
ravilov |
1.11 |
$ed_author_alt, $ed_author_info, |
356 |
ravilov |
1.12 |
$ed_author_ime, $ed_prikazi; |
357 |
ravilov |
1.1 |
if (!$HTTP_POST_FILES["ed_titlepic_url"]["name"]) $titlepic_url = ""; |
358 |
|
|
if (!$titlepic_url) $titlepic_url = $titlepic_url2; |
359 |
ravilov |
1.7 |
if (!$titlepic_url && !($clear_main || $clr_main)) $titlepic_url = $art["pic_url"]; |
360 |
|
|
if (!$author_url && !($clear_author || $clr_author)) $author_url = $art["au_pic"]; |
361 |
ravilov |
1.1 |
list($width, $height) = PicSize($titlepic_url); |
362 |
ravilov |
1.7 |
list($width2, $height2) = PicSize($author_url, $sysaupicdir); |
363 |
ravilov |
1.2 |
global $ed_title_force; |
364 |
|
|
if ($titlepic_url && !$ed_titlepic_pos && !$ed_title_force) $ed_warning = 2; |
365 |
ravilov |
1.1 |
$i = 1; |
366 |
|
|
while (isset(${"ed_text_id_".$i})) { |
367 |
|
|
$id = ${"ed_text_id_".$i}; |
368 |
|
|
global ${"ed_text_".$i}, ${"ed_text_title_".$i}, |
369 |
|
|
${"ed_text_level_".$i}, ${"ed_textpic_alt_".$i}, |
370 |
ravilov |
1.8 |
${"ed_textpic_pos_".$i}, ${"ed_hl_".$i}, |
371 |
|
|
${"ed_textpic_exp_".$i}; |
372 |
ravilov |
1.1 |
$pic_url = ($HTTP_POST_FILES["ed_textpic_url_".$i]["name"]) ? |
373 |
|
|
${"textpic_url_".$i} : ""; |
374 |
|
|
if (!$pic_url) $pic_url = ${"textpic_url2_".$i}; |
375 |
ravilov |
1.15 |
$full_url = ($HTTP_POST_FILES["ed_textpic_full_".$i]["name"]) ? |
376 |
|
|
${"textpic_full_".$i} : ""; |
377 |
|
|
if (!$full_url) $full_url = ${"textpic_full2_".$i}; |
378 |
ravilov |
1.1 |
$tmp = ""; |
379 |
|
|
for ($j = 0; $j < count($art["text"]); $j++) |
380 |
|
|
if ($art["text"][$j]["id"] == $id) $tmp = $art["text"][$j]["pic"]; |
381 |
|
|
if (!$pic_url && $tmp && !(${"clear_".$i} || ${"clr_".$i})) $pic_url = $tmp; |
382 |
ravilov |
1.15 |
$tmp = ""; |
383 |
|
|
for ($j = 0; $j < count($art["text"]); $j++) |
384 |
|
|
if ($art["text"][$j]["id"] == $id) $tmp = $art["text"][$j]["full"]; |
385 |
|
|
if (!$full_url && $tmp && !(${"fclear_".$i} || ${"fclr_".$i})) $full_url = $tmp; |
386 |
ravilov |
1.1 |
$level = ${"ed_text_level_".$i}; |
387 |
ravilov |
1.8 |
list($w, $h) = PicSize($pic_url); |
388 |
ravilov |
1.15 |
list($w2, $h2) = PicSize($full_url); |
389 |
ravilov |
1.1 |
array_push($ed_pgfs, array($id, |
390 |
|
|
${"ed_text_".$i}, ${"ed_text_title_".$i}, |
391 |
ravilov |
1.8 |
$level, $pic_url, ${"textpic_name_".$i}, |
392 |
ravilov |
1.15 |
$full_url, ${"textpic_fname_".$i}, |
393 |
ravilov |
1.1 |
${"ed_textpic_alt_".$i}, ${"ed_textpic_pos_".$i}, |
394 |
ravilov |
1.15 |
$w, $h, $w2, $h2, ${"ed_hl_".$i}, ${"ed_textpic_exp_".$i}, false)); |
395 |
ravilov |
1.1 |
$i++; |
396 |
|
|
} |
397 |
|
|
} else { |
398 |
ravilov |
1.7 |
if ($ed_id) { |
399 |
|
|
$sql = "SELECT spec_id FROM spec_news WHERE (news_id = $ed_id)"; |
400 |
|
|
sql($sql); |
401 |
|
|
$sth = $dbh->prepare($sql); |
402 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
403 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
404 |
|
|
while ($row = $sth->fetchrow_array()) $nspecs[$row[0]] = true; |
405 |
|
|
$sth->finish(); |
406 |
|
|
$sql = "SELECT cat_id FROM cat_news WHERE (news_id = $ed_id)"; |
407 |
|
|
sql($sql); |
408 |
|
|
$sth = $dbh->prepare($sql); |
409 |
|
|
if (!$sth) error("Cannot prepare query: \"$sql\""); |
410 |
|
|
if (!$sth->execute()) error("Cannot execute query: \"$sql\""); |
411 |
|
|
while ($row = $sth->fetchrow_array()) $ncats[$row[0]] = true; |
412 |
|
|
$sth->finish(); |
413 |
ravilov |
1.12 |
} else $art["show"] = true; |
414 |
ravilov |
1.1 |
list($ed_title, $ed_lead, $ed_titlepic_pos, $titlepic_url, |
415 |
|
|
$titlepic_url2, $titlepic_name, $ed_titlepic_alt, |
416 |
ravilov |
1.7 |
$ed_cat, $ed_more, $ed_more_title, $width, $height, |
417 |
|
|
$author_url, $author_url2, $author_name, |
418 |
ravilov |
1.11 |
$ed_author_alt, $ed_author_info, $width2, $height2, |
419 |
ravilov |
1.12 |
$ed_author_ime, $ed_prikazi) = array($art["title"], $art["lead"], |
420 |
|
|
$art["pic_pos"], $art["pic_url"], $art["pic_url"], |
421 |
|
|
urldecode($art["pic_url"]), $art["pic_alt"], $art["category"], |
422 |
|
|
$art["more"], $art["more_title"], $art["pic_w"], $art["pic_h"], |
423 |
ravilov |
1.7 |
$art["au_pic"], $art["au_pic"], urldecode($art["au_pic"]), |
424 |
ravilov |
1.11 |
$art["au_alt"], $art["au_info"], $art["au_w"], $art["au_h"], |
425 |
ravilov |
1.12 |
$art["au_name"], $art["show"]); |
426 |
|
|
if ($art["text"]) reset($art["text"]); |
427 |
ravilov |
1.1 |
while ($art["text"] && list($id, $val) = each($art["text"])) { |
428 |
ravilov |
1.7 |
array_push($ed_pgfs, array($val["id"], $val["text"], $val["title"], |
429 |
ravilov |
1.8 |
$val["level"], urldecode($val["pic"]), |
430 |
ravilov |
1.15 |
urldecode($val["pic"]), urldecode($val["full"]), urldecode($val["full"]), |
431 |
|
|
$val["alt"], $val["pos"], $val["w"], $val["h"], $val["fw"], $val["fh"], |
432 |
|
|
$val["hl"], $val["exp"], false)); |
433 |
ravilov |
1.1 |
} |
434 |
|
|
$ed_id = $art["id"]; |
435 |
|
|
if (!$ed_id) $ed_id = -1; |
436 |
|
|
} |
437 |
ravilov |
1.7 |
$ncats[$ed_cat] = true; |
438 |
|
|
for ($i = 0; $i < count($specs); $i++) $specs[$i]["check"] = $nspecs[$specs[$i]["id"]]; |
439 |
|
|
for ($i = 0; $i < count($categories); $i++) $categories[$i]["check"] = $ncats[$categories[$i]["id"]]; |
440 |
|
|
$tp->assign("specs", $specs); |
441 |
|
|
$tp->assign("categories", $categories); |
442 |
|
|
if ($ed_more && !strstr($ed_more, "://")) { |
443 |
|
|
$pos = strpos($ed_more, "?"); |
444 |
|
|
if ($pos === false || $pos != 0) $ed_more = "http://".$ed_more; |
445 |
|
|
} |
446 |
ravilov |
1.1 |
if ($add) { |
447 |
|
|
global $add_num; |
448 |
|
|
for ($i = 0; $i < intval($add_num); $i++) |
449 |
ravilov |
1.15 |
array_push($ed_pgfs, array(-1, "", "", -1, "", "", "", "", "", 0, 0, 0, 0, 0, "", "", true)); |
450 |
ravilov |
1.1 |
} |
451 |
ravilov |
1.3 |
$ed_empty = ($ed_title || $ed_lead || $ed_titlepic_pos || $ed_more) ? false : true; |
452 |
ravilov |
1.1 |
$ed_text = array(); |
453 |
|
|
$ed_records = array(); |
454 |
ravilov |
1.2 |
$ed_warnings = ($ed_warning ? true : false); |
455 |
ravilov |
1.1 |
$i = 1; |
456 |
|
|
while (list($key, $val) = each($ed_pgfs)) { |
457 |
ravilov |
1.15 |
list($id, $txt, $tit, $lev, $pic, $name, $fpic, $fname, $alt, $pos, $w, $h, $fw, $fh, $hl, $exp, $new) = $val; |
458 |
ravilov |
1.1 |
$del = ((${"delete_".$i} || ${"del_".$i}) ? true : false); |
459 |
|
|
array_push($ed_records, array("val" => $del, "id" => $id)); |
460 |
|
|
if ($del) { $i++; continue; } |
461 |
|
|
$picurl = ${"textpic_url_".$id}; |
462 |
|
|
if (!$picurl) $picurl = $pic; |
463 |
ravilov |
1.15 |
$fullurl = ${"textpic_full_".$id}; |
464 |
|
|
if (!$fullurl) $fullurl = $fpic; |
465 |
ravilov |
1.1 |
$class = ""; |
466 |
ravilov |
1.8 |
reset($levels); |
467 |
|
|
while (list($k, $v) = each($levels)) if ($v["id"] == $lev) $class = $v["class"]; |
468 |
ravilov |
1.1 |
if ((${"clear_".$i} || ${"clr_".$i}) && $ed_preview && (${"textpic_name_".$i} != ${"textpic_url2_".$i})) { |
469 |
|
|
$tmp = ${"textpic_url2_".$i}; |
470 |
ravilov |
1.5 |
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
471 |
ravilov |
1.1 |
$picurl = ${"textpic_url_".$i} = ${"textpic_url2_".$i} = $name = ""; |
472 |
|
|
} |
473 |
|
|
if (!$name) $name = $picurl; |
474 |
ravilov |
1.15 |
if ((${"fclear_".$i} || ${"fclr_".$i}) && $ed_preview && (${"textpic_full_".$i} != ${"textpic_full2_".$i})) { |
475 |
|
|
$tmp = ${"textpic_full2_".$i}; |
476 |
|
|
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
477 |
|
|
$fullurl = ${"textpic_full_".$i} = ${"textpic_full2_".$i} = $fname = ""; |
478 |
|
|
} |
479 |
|
|
if (!$fname) $fname = $fullurl; |
480 |
ravilov |
1.7 |
$txt = MyEscape(convert_html($txt), false); |
481 |
ravilov |
1.5 |
$txt2 = ParseNewline($txt, true); |
482 |
ravilov |
1.14 |
$txt3 = str_replace("&", "&", MyEscape(convert_html($txt), true)); |
483 |
ravilov |
1.7 |
$txt3 = str_replace("\"", """, $txt3); |
484 |
|
|
$txt3 = str_replace("<", "<", $txt3); |
485 |
|
|
$txt3 = str_replace(">", ">", $txt3); |
486 |
|
|
$hl = MyEscape(convert_html($hl), false); |
487 |
|
|
$hl2 = ParseNewline($hl, true); |
488 |
ravilov |
1.8 |
if ($hl2) $hl2 = GetHighlight($hl2); |
489 |
ravilov |
1.14 |
$hl3 = str_replace("&", "&", MyEscape(convert_html($hl), true)); |
490 |
ravilov |
1.7 |
$hl3 = str_replace("\"", """, $hl3); |
491 |
|
|
$hl3 = str_replace("<", "<", $hl3); |
492 |
|
|
$hl3 = str_replace(">", ">", $hl3); |
493 |
ravilov |
1.2 |
global ${"ed_text_force_".$i}; |
494 |
|
|
$force = ${"ed_text_force_".$i}; |
495 |
ravilov |
1.1 |
$empty = (($ed_preview && !$txt && !$pos && !$new) ? true : false); |
496 |
ravilov |
1.2 |
$warning = 0; |
497 |
|
|
if ($empty && !$force) $warning = 1; |
498 |
|
|
if ($picurl && !$pos && !$force) $warning = 2; |
499 |
ravilov |
1.1 |
$ed_empty = $ed_empty && $empty; |
500 |
ravilov |
1.2 |
$ed_warnings = $ed_warnings || ($warning && !$force); |
501 |
ravilov |
1.1 |
array_push($ed_text, array( |
502 |
|
|
"id" => $id, |
503 |
|
|
"n" => $i, |
504 |
|
|
"txt" => $txt2, |
505 |
|
|
"txt2" => $txt, |
506 |
ravilov |
1.7 |
"txt3" => $txt3, |
507 |
|
|
"hl" => $hl2, |
508 |
|
|
"hl2" => $hl, |
509 |
|
|
"hl3" => $hl3, |
510 |
ravilov |
1.5 |
"title" => MyEscape(convert_html($tit)), |
511 |
ravilov |
1.1 |
"level" => $lev, |
512 |
ravilov |
1.5 |
"class" => MyEscape(convert_html($class)), |
513 |
|
|
"url" => MyEscape(convert_html($picurl)), |
514 |
|
|
"name" => MyEscape(convert_html($name)), |
515 |
ravilov |
1.15 |
"full" => MyEscape(convert_html($fullurl)), |
516 |
|
|
"fname" => MyEscape(convert_html($fname)), |
517 |
ravilov |
1.5 |
"alt" => MyEscape(convert_html($alt)), |
518 |
ravilov |
1.8 |
"w" => $w, |
519 |
|
|
"h" => $h, |
520 |
ravilov |
1.15 |
"fw" => $fw, |
521 |
|
|
"fh" => $fh, |
522 |
ravilov |
1.1 |
"pos" => $pos, |
523 |
ravilov |
1.8 |
"exp" => MyEscape(convert_html($exp)), |
524 |
ravilov |
1.2 |
"warning" => $warning, |
525 |
ravilov |
1.15 |
"clr" => (${"clear_".$i} || ${"clr_".$i} || !$picurl) ? true : false, |
526 |
|
|
"fclr" => (${"fclear_".$i} || ${"fclr_".$i} || !$fullurl) ? true : false |
527 |
ravilov |
1.1 |
)); |
528 |
|
|
$i++; |
529 |
|
|
} |
530 |
ravilov |
1.2 |
if ($ed_warnings) $ed_preview = false; |
531 |
ravilov |
1.1 |
$tp->assign("ed_id", $ed_id); |
532 |
|
|
$tp->assign("ed_cat", $ed_cat); |
533 |
|
|
$tp->assign("ed_preview", $ed_preview); |
534 |
|
|
$tp->assign("ed_trigger", $trigger); |
535 |
ravilov |
1.5 |
$tp->assign("ed_title", MyEscape(convert_html($ed_title))); |
536 |
ravilov |
1.14 |
$tp->assign("ed_lead", MyEscape(convert_html($ed_lead), true)); |
537 |
|
|
$tp->assign("ed_lead2", ParseNewline(MyEscape(convert_html($ed_lead), false), false)); |
538 |
ravilov |
1.1 |
$tp->assign("ed_titlepic_pos", $ed_titlepic_pos); |
539 |
ravilov |
1.5 |
$tp->assign("ed_titlepic_url", MyEscape(convert_html($titlepic_url))); |
540 |
|
|
$tp->assign("ed_titlepic_url2", MyEscape(convert_html($titlepic_url2))); |
541 |
|
|
$tp->assign("ed_titlepic_name", MyEscape(convert_html($titlepic_name))); |
542 |
|
|
$tp->assign("ed_titlepic_alt", MyEscape(convert_html($ed_titlepic_alt))); |
543 |
ravilov |
1.1 |
$tp->assign("ed_titlepic_width", $width); |
544 |
|
|
$tp->assign("ed_titlepic_height", $height); |
545 |
ravilov |
1.7 |
$tp->assign("ed_author_url", MyEscape(convert_html($author_url))); |
546 |
|
|
$tp->assign("ed_author_url2", MyEscape(convert_html($author_url2))); |
547 |
|
|
$tp->assign("ed_author_name", MyEscape(convert_html($author_name))); |
548 |
|
|
$tp->assign("ed_author_alt", MyEscape(convert_html($ed_author_alt))); |
549 |
|
|
$tp->assign("ed_author_info", MyEscape(convert_html($ed_author_info))); |
550 |
ravilov |
1.11 |
$tp->assign("ed_author_ime", MyEscape(convert_html($ed_author_ime))); |
551 |
ravilov |
1.7 |
$tp->assign("ed_author_width", $width2); |
552 |
|
|
$tp->assign("ed_author_height", $height2); |
553 |
ravilov |
1.1 |
$tp->assign("ed_more", MyEscape($ed_more)); |
554 |
ravilov |
1.7 |
$tp->assign("ed_more_new", strstr($ed_more, "://") ? true : false); |
555 |
ravilov |
1.6 |
$tp->assign("ed_more_title", MyEscape($ed_more_title)); |
556 |
ravilov |
1.12 |
$tp->assign("ed_prikazi", $ed_prikazi); |
557 |
ravilov |
1.1 |
$tp->assign("ed_clr_main", ($clear_main || $clr_main || !$titlepic_url) ? true : false); |
558 |
ravilov |
1.7 |
$tp->assign("ed_clr_author", ($clear_author || $clr_author || !$author_url) ? true : false); |
559 |
ravilov |
1.1 |
$tp->assign("ed_text", $ed_text); |
560 |
|
|
$tp->assign("ed_empty", $ed_empty); |
561 |
ravilov |
1.2 |
$tp->assign("ed_warning", $ed_warning); |
562 |
|
|
$tp->assign("ed_warnings", $ed_warnings); |
563 |
ravilov |
1.1 |
$tp->assign("ed_records", $ed_records); |
564 |
|
|
$tp->assign("newspicdir", "$picdir/"); |
565 |
ravilov |
1.7 |
$tp->assign("aupicdir", "$aupicdir/"); |
566 |
|
|
$tp->assign("vijest", $isVijest ? true : false); |
567 |
|
|
if ($ed_preview) { |
568 |
|
|
$tp->assign("AUTHOR", GetAuthor(MyEscape(convert_html($author_url)), |
569 |
|
|
MyEscape(convert_html($ed_author_alt)), |
570 |
|
|
MyEscape(convert_html($ed_author_info)), |
571 |
|
|
$width2, $height2)); |
572 |
|
|
} |
573 |
|
|
$tp->assign("med", $isMed ? true : false); |
574 |
ravilov |
1.1 |
$params = array(); |
575 |
|
|
if ($section) array_push($params, "section=$section"); |
576 |
ravilov |
1.6 |
if ($section_menu) array_push($params, "section_menu=$section_menu"); |
577 |
ravilov |
1.9 |
if ($section_menu2) array_push($params, "section_menu2=$section_menu2"); |
578 |
|
|
if ($spec) array_push($params, "spec=$spec"); |
579 |
ravilov |
1.1 |
if ($ed_id) array_push($params, "ed_id=$ed_id"); |
580 |
|
|
if ($ed_preview) array_push($params, "ed_preview=$ed_preview"); |
581 |
|
|
if ($trigger) array_push($params, "$trigger=1"); |
582 |
ravilov |
1.9 |
$tp->assign("FORM_ACTION", HTMLSpecialChars("?".implode("&", $params))); |
583 |
ravilov |
1.7 |
if (!$ed_preview) { |
584 |
|
|
global $onload; |
585 |
ravilov |
1.8 |
$onload .= "document.forms[1].elements[0].focus();"; |
586 |
ravilov |
1.7 |
} |
587 |
ravilov |
1.1 |
return $tp->fetch("edit.tpl"); |
588 |
|
|
} |
589 |
|
|
?> |