Your IP : 216.73.216.40
<?php
checkadmin($role);
$tbl = "guzette";
$sub_arr = array("notice","news","tender");
$id = $_REQUEST["id"];
$subject = htmlsafe($_POST["subject"]);
$title = htmlsafe($_POST["title"]);
$filename = htmlsafe($_POST["filename"]);
$description = htmlsafe($_POST["description"]);
if (basename($_FILES['userfile']['name'])) {
$filename = strtolower('documents/'.basename($_FILES['userfile']['name']));
upload_file();
}
$expiry = $_POST["expiry"];
if (!$expiry) $expiry = date("Y-m-d");
$submit = $_POST["submit"];
if ($submit == 'SAVE') {
if (mysql_num_rows(mysql_query("select * from $tbl where id=$id"))) {
mysql_query("update $tbl set subject='$subject',title='$title',filename='$filename',description='$description',expiry='$expiry',user='$user' where id=$id");
} else {
mysql_query("insert into $tbl(subject,title,filename,description,dated,expiry,status,user) values('$subject','$title','$filename','$description',now(),'$expiry','online','$user')");
}
} else if ($submit == "DELETE") {
mysql_query("delete from $tbl where id=$id");
} else if ($action == "offline") {
mysql_query("update $tbl set status='offline' where id=$id");
} else if ($action == "online") {
mysql_query("update $tbl set status='online' where id=$id");
}
guzettefeed();
echo "<div align='right'>Upload guzette file (pdf) <input type='file' name='userfile'></div>
<table class=normal width='90%'>";
if (!$id){
echo "<tr><td nowrap>Subject</td>
<td><select name='subject'>";
foreach ($sub_arr as $sb) {
echo "<option value='$sb'";
if ($subject == $sb) echo " selected";
echo ">$sb</option>";
}
echo "</select></td></tr>
<tr valign='top'><td nowrap>Title</td>
<td><input type='text' name='title' size='50' value='$o->title'></td></tr>
<tr valign='top'><td nowrap>Filename</td>
<td><input type='text' name='filename' size='50' value='$o->filename'></td></tr>
<tr valign='top'><td nowrap>Description</td>
<td><input type='text' name='description' size='50' value='$o->description'></td></tr>
<tr><td nowrap>Expiry Date</td>
<td><input type='text' name='expiry' value='$expiry' size='15'>
<input type='submit' name='submit' value='SAVE' style='width:80px'></td></tr>";
} else {
echo "<tr><td>[ <a href='$PHP_SELF?conf=$conf&id='>New guzette</a> ]</td></tr>";
}
echo "</table>";
$rs = mysql_query("select * from $tbl order by subject,status,dated desc,id");
if ($rs) {
echo "<table class='normal' width='98%'>
<tr><th>No.</th><th width='95%'>Guzette</th></tr>";
while($o = mysql_fetch_object($rs)) {
$i++;
if ($id == $o->id) {
echo "<tr><td>$i</td><td align='center'>
<input type='hidden' name='id' value='$o->id'>
<table class=normal width='90%'>
<tr><td nowrap>Subject</td>
<td><select name='subject'>";
foreach ($sub_arr as $sb) {
echo "<option value='$sb'";
if ($o->subject == $sb) echo " selected";
echo ">$sb</option>";
}
echo "</select></td></tr>
<tr><td nowrap>Title</td>
<td><input type='text' name='title' size='50' value='$o->title'></td></tr>
<tr><td nowrap>Filename</td>
<td><input type='text' name='filename' size='50' value='$o->filename'></td></tr>
<tr><td nowrap>Description</td>
<td><input type='text' name='description' size='50' value='$o->description'></td></tr>
<tr><td nowrap>Expiry Date</td>
<td nowrap><input type='text' name='expiry' value='$o->expiry' size='15'>
<input type='submit' name='submit' value='SAVE' style='width:80px'>
<input type='submit' name='submit' value='DELETE' style='width:80px'></td></tr>
</table></td></tr>";
} else {
if ($i % 2) echo "<tr valign='top' bgcolor='$col1'>";
else echo "<tr valign='top' bgcolor='$col2'>";
echo "<td>$i</td><td width='80%'><a name='$o->id'></a>
<a href='downloads.php?filename=$o->filename'>$o->title</a>
[ <a href='$PHP_SELF?conf=$conf&id=$o->id#$o->id'>Edit</a> ] ";
if ($o->status == 'offline')
echo "[ <a href='$PHP_SELF?conf=$conf&action=online&id=$o->id'>Show</a> ]";
else
echo "[ <a href='$PHP_SELF?conf=$conf&action=offline&id=$o->id'>Hide</a> ]";
echo "<br><b>[ $o->subject ]</b> $o->description<br>
<div align='right'>By $o->user dated $o->dated effective till $o->expiry</div></td></tr>";
}
}
echo "</table>";
}
?>