blob: f45a7e3afb02b8891e4107f1d65b87ca19bf4782 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
<?php
/**
* Bayonet Content Management System
* Copyright (C) 2008 Joseph Hunkeler & Evan O'Connell
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* Note to anyone feeling the need to edit this file...
* You MUST declare $db as global inside your functions in order access MySQL from here.
*/
function EditAnnouncements()
{
global $db;
if(isset($_POST['processed']))
{
//Secure our data to prevent injection attacks.
$title = addslashes($_POST['title']);
$text = addslashes($_POST['text']);
if(empty($title) || empty($text))
{
echo "You must fill everything out before proceeding.";
return;
}
//Update the database with the new data.
$db->Query("UPDATE bayonet_announcements SET title = '$title', text = '$text' WHERE announcement_id = 0");
echo "Announcement, '$title', has been edited.\n <br /><br /> Please wait while you are redirected. <br /><br />
<a href=\"?op=announcements\">Click here if you don't feel like waiting.</a>";
// 3 second redirect to go back to the edit page
PageRedirect(2, "?op=announcements");
//die, because we have completed what we wanted to do.
return;
}
//Grab the page from the database according to the $article_id passed to the function.
$result = $db->Query("SELECT title,text FROM bayonet_announcements WHERE announcement_id = 0");
$announcement = $db->FetchRow($result);
?>
<form action="<?php $_SERVER['PHP_SELF']; ?>" method="post">
<table>
<tr><td>Announcement Title: <input type="text" name="title" value="<?php echo $announcement['title'] ?>" maxlength="50" size="30" /> </td></tr>
<tr><td> <textarea id="markItUp" rows="30" cols="80" name="text"><?php echo $announcement['text'] ?></textarea> </td></tr>
<tr><td> <input type="submit" name="processed" value="Submit Changes" /> </td></tr>
</table>
</form>
<?php
}
?>
|
