9 |
$ss = array("HTTP_GET_VARS", "HTTP_POST_VARS", "HTTP_POST_FILES"); |
$ss = array("HTTP_GET_VARS", "HTTP_POST_VARS", "HTTP_POST_FILES"); |
10 |
while (list($key, $val) = each($ss)) array_walk($$val, "ss"); |
while (list($key, $val) = each($ss)) array_walk($$val, "ss"); |
11 |
# ---KLUDGE-END--- |
# ---KLUDGE-END--- |
12 |
$phptmp = "php"; |
$phptmp = "^php"; |
13 |
function sql($sql) { |
function sql($sql) { |
14 |
# echo "<TT><B>[SQL]</B> $sql<BR>\n"; |
# echo "<TT><B>[SQL]</B> $sql<BR>\n"; |
15 |
} |
} |
16 |
function newsEdit($art, $trigger = "") { |
function newsEdit($art, $trigger = "") { |
17 |
global $phptmp, $picdir, $syspicdir, $section, $dbh, $tpl; |
global $phptmp, $picdir, $syspicdir, $section, $section_menu, $dbh, $tpl; |
18 |
global $ed_id, $ed_cat; |
global $ed_id, $ed_cat; |
19 |
$i = 1; |
$i = 1; |
20 |
global $ed_delete_main, $ed_del_main; |
global $ed_delete_main, $ed_del_main; |
49 |
if ($cancel || $save) { |
if ($cancel || $save) { |
50 |
if ($save) { |
if ($save) { |
51 |
// Move temp pics & save article. |
// Move temp pics & save article. |
52 |
if (ereg("^$phptmp", $titlepic_url2) && $ed_id > 0) { |
if (ereg("$phptmp", $titlepic_url2) && $ed_id > 0) { |
53 |
$sql = "SELECT title_pic FROM news WHERE (news_id = $ed_id)"; |
$sql = "SELECT title_pic FROM news WHERE (news_id = $ed_id)"; |
54 |
sql($sql); |
sql($sql); |
55 |
$sth = $dbh->prepare($sql); |
$sth = $dbh->prepare($sql); |
61 |
if ($row) MyDelete($syspicdir."/".$row); |
if ($row) MyDelete($syspicdir."/".$row); |
62 |
} |
} |
63 |
global $ed_title, $ed_lead, $ed_titlepic_alt, |
global $ed_title, $ed_lead, $ed_titlepic_alt, |
64 |
$ed_titlepic_pos, $ed_more, $ed_cat; |
$ed_titlepic_pos, $ed_more, $ed_more_title, |
65 |
|
$ed_cat; |
66 |
$ed_title = MyQuote($ed_title); |
$ed_title = MyQuote($ed_title); |
67 |
$ed_lead = MyQuote($ed_lead); |
$ed_lead = MyQuote($ed_lead); |
68 |
$ed_titlepic_nm = MyQuote(basename($titlepic_name)); |
$ed_titlepic_nm = MyQuote(basename($titlepic_name)); |
69 |
$ed_titlepic_alt = MyQuote($ed_titlepic_alt); |
$ed_titlepic_alt = MyQuote($ed_titlepic_alt); |
70 |
$ed_more = MyQuote($ed_more); |
$ed_more = MyQuote($ed_more); |
71 |
|
$ed_more_title = MyQuote($ed_more_title); |
72 |
if (!$ed_titlepic_pos) $ed_titlepic_pos = 0; |
if (!$ed_titlepic_pos) $ed_titlepic_pos = 0; |
73 |
if ($ed_id > 0) { |
if ($ed_id > 0) { |
74 |
$sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, url = $ed_more, date = CURRENT_TIMESTAMP WHERE (news_id = $ed_id)"; |
$sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, url = $ed_more, url_title = $ed_more_title, date = CURRENT_TIMESTAMP WHERE (news_id = $ed_id)"; |
75 |
sql($sql); |
sql($sql); |
76 |
$dbh->dbh_do($sql); |
$dbh->dbh_do($sql); |
77 |
} else { |
} else { |
78 |
$sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, url, date) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_more, CURRENT_TIMESTAMP)"; |
$sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, url, url_title, date) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_more, $ed_more_title, CURRENT_TIMESTAMP)"; |
79 |
sql($sql); |
sql($sql); |
80 |
$dbh->dbh_do($sql); |
$dbh->dbh_do($sql); |
81 |
$sql = "SELECT news_id FROM news WHERE (title = $ed_title)"; |
$sql = "SELECT news_id FROM news WHERE (title = $ed_title)"; |
145 |
} |
} |
146 |
} else { |
} else { |
147 |
// Delete temp pics. |
// Delete temp pics. |
148 |
if (ereg("^$phptmp", $titlepic_url2)) |
if (ereg("$phptmp", $titlepic_url2)) |
149 |
MyDelete($syspicdir."/".$titlepic_url2); |
MyDelete($syspicdir."/".$titlepic_url2); |
150 |
$i = 1; |
$i = 1; |
151 |
while (isset(${"ed_textpic_id_".$i})) { |
while (isset(${"ed_textpic_id_".$i})) { |
152 |
$tmp = ${"textpic_url2_".$i}; |
$tmp = ${"textpic_url2_".$i}; |
153 |
if (ereg("^$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
154 |
$i++; |
$i++; |
155 |
} |
} |
156 |
} |
} |
157 |
if (!isset($art["limit"])) $art["limit"] = 1; |
if (!isset($art["limit"])) $art["limit"] = 1; |
158 |
if (!isset($art["npar"])) $art["npar"] = 1; |
if (!isset($art["npar"])) $art["npar"] = 1; |
159 |
return array_shift(newsLoad($ed_id, $ed_cat, |
return array_shift(newsLoad($ed_id, $ed_cat, |
160 |
$art["limit"], $art["npar"])); |
$art["limit"], $art["offset"], $art["npar"])); |
161 |
} |
} |
162 |
// Handle temp pic upload. |
// Handle temp pic upload. |
163 |
global $HTTP_POST_FILES; |
global $HTTP_POST_FILES; |
175 |
$titlepic_url = $nm.$ext; |
$titlepic_url = $nm.$ext; |
176 |
$titlepic_name = $name; |
$titlepic_name = $name; |
177 |
$u = $titlepic_url2; |
$u = $titlepic_url2; |
178 |
if (ereg("^$phptmp", $u)) MyDelete($syspicdir."/".$u); |
if (ereg("$phptmp", $u)) MyDelete($syspicdir."/".$u); |
179 |
unset($clear_main, $clr_main); |
unset($clear_main, $clr_main); |
180 |
} else if (ereg("^ed_textpic_url_([1-9][0-9]*)$", $key, $regs)) { |
} else if (ereg("^ed_textpic_url_([1-9][0-9]*)$", $key, $regs)) { |
181 |
$n = $regs[1]; |
$n = $regs[1]; |
182 |
${"textpic_url_".$n} = $nm.$ext; |
${"textpic_url_".$n} = $nm.$ext; |
183 |
${"textpic_name_".$n} = $name; |
${"textpic_name_".$n} = $name; |
184 |
$u = ${"textpic_url2_".$n}; |
$u = ${"textpic_url2_".$n}; |
185 |
if (ereg("^$phptmp", $u)) MyDelete($syspicdir."/".$u2); |
if (ereg("$phptmp", $u)) MyDelete($syspicdir."/".$u2); |
186 |
unset(${"clear_".$n}, ${"clr_".$n}); |
unset(${"clear_".$n}, ${"clr_".$n}); |
187 |
} else { |
} else { |
188 |
// [?!?] |
// [?!?] |
212 |
$tp->assign("levels", $levels); |
$tp->assign("levels", $levels); |
213 |
// ----- |
// ----- |
214 |
global $ed_id, $ed_title, $ed_lead, $ed_titlepic_pos, |
global $ed_id, $ed_title, $ed_lead, $ed_titlepic_pos, |
215 |
$ed_titlepic_alt, $ed_cat, $ed_more; |
$ed_titlepic_alt, $ed_cat, $ed_more, |
216 |
|
$ed_more_title; |
217 |
global $ed_edit, $ed_preview, $preview, $add; |
global $ed_edit, $ed_preview, $preview, $add; |
218 |
if (!$ed_preview) $ed_preview = ($preview ? true : false); |
if (!$ed_preview) $ed_preview = ($preview ? true : false); |
219 |
if ($ed_edit) $ed_preview = false; |
if ($ed_edit) $ed_preview = false; |
228 |
$ed_warning = 0; |
$ed_warning = 0; |
229 |
if ($ed_edit || $ed_preview || $add || $delete || $clear) { |
if ($ed_edit || $ed_preview || $add || $delete || $clear) { |
230 |
global $ed_title, $ed_lead, $ed_titlepic_pos, |
global $ed_title, $ed_lead, $ed_titlepic_pos, |
231 |
$ed_titlepic_alt, $ed_cat, $ed_more; |
$ed_titlepic_alt, $ed_cat, $ed_more, |
232 |
|
$ed_more_title; |
233 |
if (!$HTTP_POST_FILES["ed_titlepic_url"]["name"]) $titlepic_url = ""; |
if (!$HTTP_POST_FILES["ed_titlepic_url"]["name"]) $titlepic_url = ""; |
234 |
if (!$titlepic_url) $titlepic_url = $titlepic_url2; |
if (!$titlepic_url) $titlepic_url = $titlepic_url2; |
235 |
if (!$titlepic_url && !($clear_main || $clr_main)) |
if (!$titlepic_url && !($clear_main || $clr_main)) |
264 |
} else { |
} else { |
265 |
list($ed_title, $ed_lead, $ed_titlepic_pos, $titlepic_url, |
list($ed_title, $ed_lead, $ed_titlepic_pos, $titlepic_url, |
266 |
$titlepic_url2, $titlepic_name, $ed_titlepic_alt, |
$titlepic_url2, $titlepic_name, $ed_titlepic_alt, |
267 |
$ed_cat, $ed_more, $width, $height) = array($art["title"], |
$ed_cat, $ed_more, $ed_more_title, $width, $height) = |
268 |
$art["lead"], $art["pic_pos"], $art["pic_url"], |
array($art["title"], $art["lead"], $art["pic_pos"], |
269 |
$art["pic_url"], $art["pic_url"], $art["pic_alt"], |
$art["pic_url"], $art["pic_url"], $art["pic_url"], |
270 |
$art["category"], $art["more"], $art["pic_w"], $art["pic_h"]); |
$art["pic_alt"], $art["category"], $art["more"], |
271 |
|
$art["more_title"], $art["pic_w"], $art["pic_h"]); |
272 |
while ($art["text"] && list($id, $val) = each($art["text"])) { |
while ($art["text"] && list($id, $val) = each($art["text"])) { |
273 |
list($id, $txt, $title, $lev, $cls, $pic, $alt, $pos, $w, $h) = array( |
list($id, $txt, $title, $lev, $cls, $pic, $alt, $pos, $w, $h) = array( |
274 |
$val["id"], $val["text"], $val["title"], $val["level"], |
$val["id"], $val["text"], $val["title"], $val["level"], |
302 |
if ($val["id"] == $lev) $class = $val["class"]; |
if ($val["id"] == $lev) $class = $val["class"]; |
303 |
if ((${"clear_".$i} || ${"clr_".$i}) && $ed_preview && (${"textpic_name_".$i} != ${"textpic_url2_".$i})) { |
if ((${"clear_".$i} || ${"clr_".$i}) && $ed_preview && (${"textpic_name_".$i} != ${"textpic_url2_".$i})) { |
304 |
$tmp = ${"textpic_url2_".$i}; |
$tmp = ${"textpic_url2_".$i}; |
305 |
if (ereg("^$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
if (ereg("$phptmp", $tmp)) MyDelete($syspicdir."/".$tmp); |
306 |
$picurl = ${"textpic_url_".$i} = ${"textpic_url2_".$i} = $name = ""; |
$picurl = ${"textpic_url_".$i} = ${"textpic_url2_".$i} = $name = ""; |
307 |
} |
} |
308 |
if (!$name) $name = $picurl; |
if (!$name) $name = $picurl; |
309 |
$txt = MyEscape($txt); |
$txt = MyEscape(convert_html($txt)); |
310 |
$txt2 = ParseNewline($txt); |
$txt2 = ParseNewline($txt, true); |
311 |
global ${"ed_text_force_".$i}; |
global ${"ed_text_force_".$i}; |
312 |
$force = ${"ed_text_force_".$i}; |
$force = ${"ed_text_force_".$i}; |
313 |
$empty = (($ed_preview && !$txt && !$pos && !$new) ? true : false); |
$empty = (($ed_preview && !$txt && !$pos && !$new) ? true : false); |
321 |
"n" => $i, |
"n" => $i, |
322 |
"txt" => $txt2, |
"txt" => $txt2, |
323 |
"txt2" => $txt, |
"txt2" => $txt, |
324 |
"title" => MyEscape($tit), |
"title" => MyEscape(convert_html($tit)), |
325 |
"level" => $lev, |
"level" => $lev, |
326 |
"class" => MyEscape($class), |
"class" => MyEscape(convert_html($class)), |
327 |
"url" => MyEscape($picurl), |
"url" => MyEscape(convert_html($picurl)), |
328 |
"name" => MyEscape($name), |
"name" => MyEscape(convert_html($name)), |
329 |
"alt" => MyEscape($alt), |
"alt" => MyEscape(convert_html($alt)), |
330 |
"width" => $w, |
"width" => $w, |
331 |
"height" => $h, |
"height" => $h, |
332 |
"pos" => $pos, |
"pos" => $pos, |
340 |
$tp->assign("ed_cat", $ed_cat); |
$tp->assign("ed_cat", $ed_cat); |
341 |
$tp->assign("ed_preview", $ed_preview); |
$tp->assign("ed_preview", $ed_preview); |
342 |
$tp->assign("ed_trigger", $trigger); |
$tp->assign("ed_trigger", $trigger); |
343 |
$tp->assign("ed_title", MyEscape($ed_title)); |
$tp->assign("ed_title", MyEscape(convert_html($ed_title))); |
344 |
$tp->assign("ed_lead", MyEscape($ed_lead)); |
$tp->assign("ed_lead", MyEscape(convert_html($ed_lead))); |
345 |
$tp->assign("ed_titlepic_pos", $ed_titlepic_pos); |
$tp->assign("ed_titlepic_pos", $ed_titlepic_pos); |
346 |
$tp->assign("ed_titlepic_url", MyEscape($titlepic_url)); |
$tp->assign("ed_titlepic_url", MyEscape(convert_html($titlepic_url))); |
347 |
$tp->assign("ed_titlepic_url2", MyEscape($titlepic_url2)); |
$tp->assign("ed_titlepic_url2", MyEscape(convert_html($titlepic_url2))); |
348 |
$tp->assign("ed_titlepic_name", MyEscape($titlepic_name)); |
$tp->assign("ed_titlepic_name", MyEscape(convert_html($titlepic_name))); |
349 |
$tp->assign("ed_titlepic_alt", MyEscape($ed_titlepic_alt)); |
$tp->assign("ed_titlepic_alt", MyEscape(convert_html($ed_titlepic_alt))); |
350 |
$tp->assign("ed_titlepic_width", $width); |
$tp->assign("ed_titlepic_width", $width); |
351 |
$tp->assign("ed_titlepic_height", $height); |
$tp->assign("ed_titlepic_height", $height); |
352 |
$tp->assign("ed_more", MyEscape($ed_more)); |
$tp->assign("ed_more", MyEscape($ed_more)); |
353 |
|
$tp->assign("ed_more_title", MyEscape($ed_more_title)); |
354 |
$tp->assign("ed_clr_main", ($clear_main || $clr_main || !$titlepic_url) ? true : false); |
$tp->assign("ed_clr_main", ($clear_main || $clr_main || !$titlepic_url) ? true : false); |
355 |
$tp->assign("ed_text", $ed_text); |
$tp->assign("ed_text", $ed_text); |
356 |
$tp->assign("ed_empty", $ed_empty); |
$tp->assign("ed_empty", $ed_empty); |
360 |
$tp->assign("newspicdir", "$picdir/"); |
$tp->assign("newspicdir", "$picdir/"); |
361 |
$params = array(); |
$params = array(); |
362 |
if ($section) array_push($params, "section=$section"); |
if ($section) array_push($params, "section=$section"); |
363 |
|
if ($section_menu) array_push($params, "section_menu=$section_menu"); |
364 |
if ($ed_id) array_push($params, "ed_id=$ed_id"); |
if ($ed_id) array_push($params, "ed_id=$ed_id"); |
365 |
if ($ed_preview) array_push($params, "ed_preview=$ed_preview"); |
if ($ed_preview) array_push($params, "ed_preview=$ed_preview"); |
366 |
if ($trigger) array_push($params, "$trigger=1"); |
if ($trigger) array_push($params, "$trigger=1"); |