--- inc/newsEdit.php 2001/09/19 12:23:57 1.7 +++ inc/newsEdit.php 2001/10/12 09:22:02 1.14 @@ -16,7 +16,8 @@ } function my_cmp($a, $b) { return MyCompare($a["txt"], $b["txt"]); } function newsEdit($art, $trigger = "", $isVijest = false) { - global $phptmp, $picdir, $syspicdir, $aupicdir, $sysaupicdir, $section, $section_menu, $dbh, $tpl; + global $phptmp, $picdir, $syspicdir, $aupicdir, $sysaupicdir, $dbh, $tpl; + global $section, $section_menu, $section_menu2, $spec; global $ed_id, $ed_cat, $isMed; $i = 1; global $ed_delete_main, $ed_del_main; @@ -70,7 +71,7 @@ usort($categories, "my_cmp"); // ----- $specs = array(); - $sql = "SELECT spec_id, opis FROM specijalizacije WHERE (NOT link)"; + $sql = "SELECT spec_id, opis FROM specijalizacije WHERE (spec_id != 0) AND (NOT link)"; sql($sql); $sth = $dbh->prepare($sql); if (!$sth) error("Cannot prepare query: \"$sql\""); @@ -79,11 +80,20 @@ $sth->finish(); usort($specs, "my_cmp"); // ----- + $levels = array(); + $sql = "SELECT level_id, class, name FROM par_levels ORDER BY name"; +sql($sql); + $sth = $dbh->prepare($sql); + if (!$sth) error("Cannot prepare query: \"$sql\""); + if (!$sth->execute()) error("Cannot execute query: \"$sql\""); + while ($row = $sth->fetchrow_array()) array_push($levels, array("id" => $row[0], "class" => $row[1], "name" => $row[2])); + $sth->finish(); + // ----- global $cancel, $save; if ($cancel || $save) { if ($save) { // Move temp pics & save article. - if (ereg("$phptmp", $titlepic_url2) && $ed_id > 0) { + if (ereg("$phptmp", $titlepic_url2) && $ed_id > 0 && file_exists("$syspicdir/$titlepic_url2")) { $sql = "SELECT title_pic FROM news WHERE (news_id = $ed_id)"; sql($sql); $sth = $dbh->prepare($sql); @@ -94,7 +104,7 @@ $row = array_shift($row); if ($row) MyDelete($syspicdir."/".$row); } - if (ereg("$phptmp", $author_url2) && $ed_id > 0) { + if (ereg("$phptmp", $author_url2) && $ed_id > 0 && file_exists("$sysaupicdir/$author_url2")) { $sql = "SELECT author_pic FROM news WHERE (news_id = $ed_id)"; sql($sql); $sth = $dbh->prepare($sql); @@ -107,11 +117,13 @@ } global $ed_title, $ed_lead, $ed_titlepic_alt, $ed_titlepic_pos, $ed_more, $ed_more_title, - $ed_cat, $ed_author_alt, $ed_author_info; + $ed_cat, $ed_author_alt, $ed_author_info, + $ed_author_ime, $ed_prikazi; $ed_title = MyQuote($ed_title); $ed_lead = MyQuote($ed_lead); $ed_author_nm = urldecode(MyQuote(basename($author_name))); $ed_author_alt = MyQuote($ed_author_alt); + $ed_author_ime = MyQuote($ed_author_ime); $ed_author_info = MyQuote($ed_author_info); $ed_titlepic_nm = urldecode(MyQuote(basename($titlepic_name))); $ed_titlepic_alt = MyQuote($ed_titlepic_alt); @@ -119,14 +131,14 @@ $ed_more_title = MyQuote($ed_more_title); if (!$ed_titlepic_pos) $ed_titlepic_pos = 0; if ($ed_id > 0) { - $sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, author_pic = $ed_author_nm, author_alt = $ed_author_alt, author_info = $ed_author_info, url = $ed_more, url_title = $ed_more_title, plivamed = ".($isMed?"true":"false").", d_change = NOW() WHERE (news_id = $ed_id)"; + $sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, author_pic = $ed_author_nm, author_alt = $ed_author_alt, author_info = $ed_author_info, author_name = $ed_author_ime, url = $ed_more, url_title = $ed_more_title, plivamed = ".($isMed?"true":"false").", prikazi = ".($ed_prikazi?"true":"false").", ord = 0, d_change = NOW() WHERE (news_id = $ed_id)"; sql($sql); $dbh->dbh_do($sql); } else { - $sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, author_pic, author_alt, author_info, url, url_title, plivamed, d_orig, d_change) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_author_nm, $ed_author_alt, $ed_author_info, $ed_more, $ed_more_title, ".($isMed?"true":"false").", NOW(), NOW())"; + $sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, author_pic, author_alt, author_info, author_name, url, url_title, plivamed, prikazi, d_orig, d_change) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_author_nm, $ed_author_alt, $ed_author_info, $ed_author_ime, $ed_more, $ed_more_title, ".($isMed?"true":"false").", ".($ed_prikazi?"true":"false").", NOW(), NOW())"; sql($sql); $dbh->dbh_do($sql); - $sql = "SELECT news_id FROM news WHERE (title = $ed_title)"; + $sql = "SELECT currval('news_news_id_seq')::text"; sql($sql); $sth = $dbh->prepare($sql); if (!$sth) error("Cannot prepare query: \"$sql\""); @@ -141,17 +153,32 @@ if ($titlepic_url2) MyMove("$syspicdir/$titlepic_url2", urldecode("$syspicdir/$titlepic_name")); if ($author_url2) MyMove("$sysaupicdir/$author_url2", urldecode("$sysaupicdir/$author_name")); $i = 1; + $parents = array(); + $last_level = 0; + $last_id = 0; while ($ed_id > 0 && isset(${"ed_text_id_".$i})) { global ${"ed_text_title_".$i}, ${"ed_text_".$i}, ${"ed_textpic_alt_".$i}, ${"ed_textpic_pos_".$i}, - ${"ed_text_level_".$i}, ${"ed_hl_".$i}; - list($id, $tit, $txt, $pic, $orig, $alt, $pos, $del, $lev, $hl) = array( + ${"ed_text_level_".$i}, ${"ed_hl_".$i}, + ${"ed_textpic_exp_".$i}; + list($id, $tit, $txt, $pic, $orig, $alt, $pos, $del, $lev, $hl, $exp) = array( ${"ed_text_id_".$i}, ${"ed_text_title_".$i}, ${"ed_text_".$i}, ${"textpic_url2_".$i}, ${"textpic_name_".$i}, ${"ed_textpic_alt_".$i}, ${"ed_textpic_pos_".$i}, - ${"del_".$i}, ${"ed_text_level_".$i}, ${"ed_hl_".$i}); + ${"del_".$i}, ${"ed_text_level_".$i}, ${"ed_hl_".$i}, + ${"ed_textpic_exp_".$i}); + if ($lev != $last_level) { + if ($last_level) { + if ($last_level < $lev) array_push($parents, $id); + if ($last_level > $lev && count($parents) > 0) array_pop($parents); + } + $last_level = $lev; + $parent = $parents[0]; + if ($parent < 0) $parent = $last_id; + } $tit = MyQuote($tit); $txt = MyQuote($txt); + $exp = MyQuote($exp); $hl = MyQuote($hl); $orig = basename($orig); $org = MyQuote($orig); @@ -171,24 +198,22 @@ $sth->finish(); } if ($del) $sql = "DELETE FROM paragraphs WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; - else $sql = "UPDATE paragraphs SET title = $tit, level = $lev, text = $txt, hl = $hl, pic = $org, alt = $alt, pos = $pos WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; + else $sql = "UPDATE paragraphs SET title = $tit, level = $lev, text = $txt, hl = $hl, pic = $org, alt = $alt, pos = $pos, pic_title = $exp WHERE (news_id = $ed_id) AND (paragraph_id = $id)"; sql($sql); $dbh->dbh_do($sql); } else if (!$del) { - $sql = "INSERT INTO paragraphs (news_id, title, level, text, pic, alt, pos, hl) VALUES ($ed_id, $tit, $lev, $txt, $org, $alt, $pos, $hl)"; + $sql = "INSERT INTO paragraphs (news_id, title, level, text, pic, alt, pos, hl, pic_title) VALUES ($ed_id, $tit, $lev, $txt, $org, $alt, $pos, $hl, $exp)"; sql($sql); $dbh->dbh_do($sql); - $sql = "SELECT paragraph_id FROM paragraphs WHERE (text = $txt)"; + $sql = "SELECT currval('paragraphs_paragraph_id_seq')::text"; sql($sql); $sth = $dbh->prepare($sql); if (!$sth) error("Cannot prepare query: \"$sql\""); if (!$sth->execute()) error("Cannot execute query: \"$sql\""); - $rows = array(); - while ($row = $sth->fetchrow_array()) array_push($rows, $row); + $row = $sth->fetchrow_array(); $sth->finish(); - $row = array_pop($rows); - if (is_array($row)) $row = array_shift($row); - $id = $row; + $row = array_shift($row); + $last_id = $id = $row; } if ($pic) MyMove("$syspicdir/$pic", "$syspicdir/$orig"); $i++; @@ -210,7 +235,7 @@ for ($k = 0; $k < count($categories); $k++) { $var = "ed_cat_".$categories[$k]["id"]; global $$var; - if (!$$var) continue; + if ($categories[$k]["id"] != $ed_cat && !$$var) continue; $sql = "INSERT INTO cat_news (news_id, cat_id) VALUES ($ed_id, '".$categories[$k]["id"]."')"; sql($sql); $dbh->dbh_do($sql); @@ -241,6 +266,7 @@ if ($size <= 0) continue; if (!$name) continue; if ($tname == "none") continue; + $name = strtr($name, "¹šðè澞©ŠÐÈÆ®Ž ", "ssdcczzSSDCCZZ_"); $nm = basename($tname); $ext = ereg_replace('^.*(\..+)$', '\1', $name); if ($key == "ed_titlepic_url") { @@ -271,21 +297,12 @@ } // ----- $tp = new Smarty(); - // ----- - $levels = array(); - $sql = "SELECT level_id, class, name FROM par_levels ORDER BY name"; -sql($sql); - $sth = $dbh->prepare($sql); - if (!$sth) error("Cannot prepare query: \"$sql\""); - if (!$sth->execute()) error("Cannot execute query: \"$sql\""); - while ($row = $sth->fetchrow_array()) array_push($levels, array("id" => $row[0], "class" => $row[1], "name" => $row[2])); - $sth->finish(); $tp->assign("levels", $levels); // ----- global $ed_id, $ed_title, $ed_lead, $ed_titlepic_pos, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $ed_author_url, $ed_author_alt, - $ed_author_info; + $ed_author_info, $ed_author_ime, $ed_prikazi; global $ed_edit, $ed_preview, $preview, $add; if (!$ed_preview) $ed_preview = ($preview ? true : false); if ($ed_edit) $ed_preview = false; @@ -316,7 +333,8 @@ global $ed_title, $ed_lead, $ed_titlepic_pos, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $ed_author_url, - $ed_author_alt, $ed_author_info; + $ed_author_alt, $ed_author_info, + $ed_author_ime, $ed_prikazi; if (!$HTTP_POST_FILES["ed_titlepic_url"]["name"]) $titlepic_url = ""; if (!$titlepic_url) $titlepic_url = $titlepic_url2; if (!$titlepic_url && !($clear_main || $clr_main)) $titlepic_url = $art["pic_url"]; @@ -330,7 +348,8 @@ $id = ${"ed_text_id_".$i}; global ${"ed_text_".$i}, ${"ed_text_title_".$i}, ${"ed_text_level_".$i}, ${"ed_textpic_alt_".$i}, - ${"ed_textpic_pos_".$i}, ${"ed_hl_".$i}; + ${"ed_textpic_pos_".$i}, ${"ed_hl_".$i}, + ${"ed_textpic_exp_".$i}; $pic_url = ($HTTP_POST_FILES["ed_textpic_url_".$i]["name"]) ? ${"textpic_url_".$i} : ""; if (!$pic_url) $pic_url = ${"textpic_url2_".$i}; @@ -339,14 +358,12 @@ if ($art["text"][$j]["id"] == $id) $tmp = $art["text"][$j]["pic"]; if (!$pic_url && $tmp && !(${"clear_".$i} || ${"clr_".$i})) $pic_url = $tmp; $level = ${"ed_text_level_".$i}; - $class = ""; - while (list($key, $val) = each($levels)) - if ($val["id"] == $level) $class = $val["class"]; + list($w, $h) = PicSize($pic_url); array_push($ed_pgfs, array($id, ${"ed_text_".$i}, ${"ed_text_title_".$i}, - $level, $class, $pic_url, ${"textpic_name_".$i}, + $level, $pic_url, ${"textpic_name_".$i}, ${"ed_textpic_alt_".$i}, ${"ed_textpic_pos_".$i}, - 0, 0, ${"ed_hl_".$i}, false)); + $w, $h, ${"ed_hl_".$i}, ${"ed_textpic_exp_".$i}, false)); $i++; } } else { @@ -365,27 +382,25 @@ if (!$sth->execute()) error("Cannot execute query: \"$sql\""); while ($row = $sth->fetchrow_array()) $ncats[$row[0]] = true; $sth->finish(); - } + } else $art["show"] = true; list($ed_title, $ed_lead, $ed_titlepic_pos, $titlepic_url, $titlepic_url2, $titlepic_name, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $width, $height, $author_url, $author_url2, $author_name, - $ed_author_alt, $ed_author_info, $width2, $height2) = - array($art["title"], $art["lead"], $art["pic_pos"], - $art["pic_url"], $art["pic_url"], urldecode($art["pic_url"]), - $art["pic_alt"], $art["category"], $art["more"], - $art["more_title"], $art["pic_w"], $art["pic_h"], + $ed_author_alt, $ed_author_info, $width2, $height2, + $ed_author_ime, $ed_prikazi) = array($art["title"], $art["lead"], + $art["pic_pos"], $art["pic_url"], $art["pic_url"], + urldecode($art["pic_url"]), $art["pic_alt"], $art["category"], + $art["more"], $art["more_title"], $art["pic_w"], $art["pic_h"], $art["au_pic"], $art["au_pic"], urldecode($art["au_pic"]), - $art["au_alt"], $art["au_info"], $art["au_w"], $art["au_h"]); + $art["au_alt"], $art["au_info"], $art["au_w"], $art["au_h"], + $art["au_name"], $art["show"]); + if ($art["text"]) reset($art["text"]); while ($art["text"] && list($id, $val) = each($art["text"])) { - list($id, $txt, $title, $lev, $cls, $pic, $alt, $pos, $w, $h) = array( - $val["id"], $val["text"], $val["title"], $val["level"], - $val["class"], urldecode($val["pic"]), $val["alt"], $val["pos"], - $val["w"], $val["h"]); array_push($ed_pgfs, array($val["id"], $val["text"], $val["title"], - $val["level"], $val["class"], urldecode($val["pic"]), + $val["level"], urldecode($val["pic"]), urldecode($val["pic"]), $val["alt"], $val["pos"], $val["w"], - $val["h"], $val["hl"], false)); + $val["h"], $val["hl"], $val["exp"], false)); } $ed_id = $art["id"]; if (!$ed_id) $ed_id = -1; @@ -402,7 +417,7 @@ if ($add) { global $add_num; for ($i = 0; $i < intval($add_num); $i++) - array_push($ed_pgfs, array(-1, "", "", -1, "", "", "", "", 0, 0, 0, "", true)); + array_push($ed_pgfs, array(-1, "", "", -1, "", "", "", 0, 0, 0, "", "", true)); } $ed_empty = ($ed_title || $ed_lead || $ed_titlepic_pos || $ed_more) ? false : true; $ed_text = array(); @@ -410,14 +425,15 @@ $ed_warnings = ($ed_warning ? true : false); $i = 1; while (list($key, $val) = each($ed_pgfs)) { - list($id, $txt, $tit, $lev, $cls, $pic, $name, $alt, $pos, $w, $h, $hl, $new) = $val; + list($id, $txt, $tit, $lev, $pic, $name, $alt, $pos, $w, $h, $hl, $exp, $new) = $val; $del = ((${"delete_".$i} || ${"del_".$i}) ? true : false); array_push($ed_records, array("val" => $del, "id" => $id)); if ($del) { $i++; continue; } $picurl = ${"textpic_url_".$id}; if (!$picurl) $picurl = $pic; $class = ""; - while (list($key, $val) = each($levels)) if ($val["id"] == $lev) $class = $val["class"]; + reset($levels); + while (list($k, $v) = each($levels)) if ($v["id"] == $lev) $class = $v["class"]; if ((${"clear_".$i} || ${"clr_".$i}) && $ed_preview && (${"textpic_name_".$i} != ${"textpic_url2_".$i})) { $tmp = ${"textpic_url2_".$i}; if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); @@ -426,13 +442,14 @@ if (!$name) $name = $picurl; $txt = MyEscape(convert_html($txt), false); $txt2 = ParseNewline($txt, true); - $txt3 = str_replace("&", "&", $txt); + $txt3 = str_replace("&", "&", MyEscape(convert_html($txt), true)); $txt3 = str_replace("\"", """, $txt3); $txt3 = str_replace("<", "<", $txt3); $txt3 = str_replace(">", ">", $txt3); $hl = MyEscape(convert_html($hl), false); $hl2 = ParseNewline($hl, true); - $hl3 = str_replace("&", "&", $hl); + if ($hl2) $hl2 = GetHighlight($hl2); + $hl3 = str_replace("&", "&", MyEscape(convert_html($hl), true)); $hl3 = str_replace("\"", """, $hl3); $hl3 = str_replace("<", "<", $hl3); $hl3 = str_replace(">", ">", $hl3); @@ -459,9 +476,10 @@ "url" => MyEscape(convert_html($picurl)), "name" => MyEscape(convert_html($name)), "alt" => MyEscape(convert_html($alt)), - "width" => $w, - "height" => $h, + "w" => $w, + "h" => $h, "pos" => $pos, + "exp" => MyEscape(convert_html($exp)), "warning" => $warning, "clr" => (${"clear_".$i} || ${"clr_".$i} || !$picurl) ? true : false )); @@ -473,7 +491,8 @@ $tp->assign("ed_preview", $ed_preview); $tp->assign("ed_trigger", $trigger); $tp->assign("ed_title", MyEscape(convert_html($ed_title))); - $tp->assign("ed_lead", MyEscape(convert_html($ed_lead))); + $tp->assign("ed_lead", MyEscape(convert_html($ed_lead), true)); + $tp->assign("ed_lead2", ParseNewline(MyEscape(convert_html($ed_lead), false), false)); $tp->assign("ed_titlepic_pos", $ed_titlepic_pos); $tp->assign("ed_titlepic_url", MyEscape(convert_html($titlepic_url))); $tp->assign("ed_titlepic_url2", MyEscape(convert_html($titlepic_url2))); @@ -486,11 +505,13 @@ $tp->assign("ed_author_name", MyEscape(convert_html($author_name))); $tp->assign("ed_author_alt", MyEscape(convert_html($ed_author_alt))); $tp->assign("ed_author_info", MyEscape(convert_html($ed_author_info))); + $tp->assign("ed_author_ime", MyEscape(convert_html($ed_author_ime))); $tp->assign("ed_author_width", $width2); $tp->assign("ed_author_height", $height2); $tp->assign("ed_more", MyEscape($ed_more)); $tp->assign("ed_more_new", strstr($ed_more, "://") ? true : false); $tp->assign("ed_more_title", MyEscape($ed_more_title)); + $tp->assign("ed_prikazi", $ed_prikazi); $tp->assign("ed_clr_main", ($clear_main || $clr_main || !$titlepic_url) ? true : false); $tp->assign("ed_clr_author", ($clear_author || $clr_author || !$author_url) ? true : false); $tp->assign("ed_text", $ed_text); @@ -502,7 +523,6 @@ $tp->assign("aupicdir", "$aupicdir/"); $tp->assign("vijest", $isVijest ? true : false); if ($ed_preview) { - include_once("author.php"); $tp->assign("AUTHOR", GetAuthor(MyEscape(convert_html($author_url)), MyEscape(convert_html($ed_author_alt)), MyEscape(convert_html($ed_author_info)), @@ -512,14 +532,15 @@ $params = array(); if ($section) array_push($params, "section=$section"); if ($section_menu) array_push($params, "section_menu=$section_menu"); + if ($section_menu2) array_push($params, "section_menu2=$section_menu2"); + if ($spec) array_push($params, "spec=$spec"); if ($ed_id) array_push($params, "ed_id=$ed_id"); if ($ed_preview) array_push($params, "ed_preview=$ed_preview"); if ($trigger) array_push($params, "$trigger=1"); - global $PHP_SELF; - $tp->assign("FORM_ACTION", $PHP_SELF.HTMLSpecialChars("?".implode("&", $params))); + $tp->assign("FORM_ACTION", HTMLSpecialChars("?".implode("&", $params))); if (!$ed_preview) { global $onload; - $onload .= "document.forms[0].elements[0].focus();"; + $onload .= "document.forms[1].elements[0].focus();"; } return $tp->fetch("edit.tpl"); }