.
*/
/**
* Note to anyone feeling the need to edit this file...
* You MUST declare $db as global inside your functions in order access MySQL from here.
*/
function ListPages($pid = NULL)
{
global $db;
$result = $db->Query("SELECT `page_id`,`title` FROM `bayonet_pages`");
$pages = $db->Fetch($result);
echo "
";
}
function NewPage()
{
global $db;
if(isset($_POST['processed']))
{
//Secure our data to prevent injection attacks.
$title = addslashes($_POST['title']);
$text = addslashes($_POST['text']);
if(empty($title))
{
echo "You must fill everything out before proceeding.";
return;
}
//Update the database with the new data.
$db->Query("INSERT INTO `bayonet_pages` (`page_id` ,`author_id` ,`page_created` ,`title` ,`text`)VALUES (NULL , '0',CURRENT_TIMESTAMP , '$title', '$text')");
echo "New page, '$title', has been added.\n";
PageRedirect(2, "?op=pages");
//die, because we have completed what we wanted to do.
return;
}
?>
Add New Page
Query("UPDATE `bayonet_pages` SET `title` = '$title', `text` = '$text' WHERE `page_id` = '$page_id'");
echo "Page, '$title', has been edited.\n";
PageRedirect(2, "?op=pages&edit={$page_id}");
//die, because we have completed what we wanted to do.
return;
}
//Grab the page from the database according to the $article_id passed to the function.
$result = $db->Query("SELECT `title`, `text` FROM `bayonet_pages` WHERE `page_id` = '$page_id' LIMIT 1");
$page = $db->FetchRow($result);
?>
Query("SELECT title FROM bayonet_pages WHERE page_id = '$page_id' LIMIT 1");
$page = $db->FetchRow($result);
if(isset($_POST['proceed']))
{
echo "Page '{$page['title']}', was deleted.";
$db->Query("DELETE FROM bayonet_pages WHERE page_id = '$page_id' LIMIT 1");
PageRedirect(2, "?op=pages&edit={$page_id}");
return;
}
if(isset($_POST['cancel']))
{
echo "User cancelled deletion of page: '{$page['title']}'";
PageRedirect(2, "?op=pages&edit={$page_id}");
return;
}
if($page_id == 1){
echo "You can not delete the home page.";
PageRedirect(2, "?op=pages&edit={$page_id}");
return;
}
?>
