Your IP : 216.73.216.40
<?php
if (!$user) {
echo "<br><div class=notice>You must be a Site Administrator to access this page</div>";
exit;
}
$id = $_REQUEST["id"];
$hyperText = $_REQUEST["hyperText"];
$hyperLink = $_REQUEST["hyperLink"];
$description = $_REQUEST["description"];
$expiry = $_REQUEST["expiry"];
if (!$expiry) $expiry = date("Y-m-d");
$status = $_REQUEST["status"];
$submit = $_REQUEST["submit"];
$tbl = "announcements";
$r = 3;
$status_array = array('current','expired');
$file_types_array = array("txt", "doc", "pdf", "jpg", "png", "gif");
$max_file_size = 1048576;
if ($_FILES["file"] > ""){
foreach($_FILES["file"]["error"] as $key => $value){
if($_FILES["file"]["name"][$key] != ""){
if($value == UPLOAD_ERR_OK){
$origfilename = $_FILES["file"]["name"][$key];
$filename = explode(".", $_FILES["file"]["name"][$key]);
$filenameext = $filename[count($filename)-1];
unset($filename[count($filename)-1]);
$filename = implode(".", $filename);
$filename = substr($filename, 0, 50) . "." . $filenameext;
$file_ext_allow = FALSE;
for($x=0; $x<count($file_types_array); $x++){
if($filenameext == $file_types_array[$x]){
$file_ext_allow = TRUE;
}
}
if($file_ext_allow){
if($_FILES["file"]["size"][$key]<$max_file_size){
if(move_uploaded_file($_FILES["file"]["tmp_name"][$key], $filename)){
$hyperLink = $filename;
//$error = "";
} else {
$error = $filename." was not successfully uploaded";
}
} else {
$error = $filename." was too big, not uploaded";
}
} else {
$error = $filename." had an invalid file extension, not uploaded";
}
} else {
$error = $filename." was not successfully uploaded";
}
}
}
}
if ($submit == 'SAVE') {
if (mysql_num_rows(mysql_query("select * from announcements where id=$id"))) {
mysql_query("update $tbl set hyperText='$hyperText',hyperLink='$hyperLink',description='$description',expiry='$expiry',userID='$user',status='$status' where id=$id");
} else {
mysql_query("insert into $tbl(hyperText,hyperLink,description,dated,expiry,userID,status) values('$hyperText','$hyperLink','$description',curdate(),'$expiry','$user','$status')");
}
generate_html();
} else if ($action == "del") {
mysql_query("delete from $tbl where id=$id");
} else if ($action == "expired") {
mysql_query("update $tbl set status='expired' where id=$id");
generate_html();
}else if ($action == "current") {
mysql_query("update $tbl set status='current' where id=$id");
generate_html();
}
$form .= "<form method='post' action='$PHP_SELF?conf=annpost' enctype='multipart/form-data'>
<div align='right'>Upload pdf file linked to notification <input type='file' name='file[]'></div>$error";
if (!$id){
$form .= "<table class=normal width='90%'>
<tr><td nowrap>Hyper Link</td>
<td><input type='text' name='hyperText' value='' size='50'></td></tr>
<tr><td nowrap>Link URL/File</td>
<td><input type='text' name='hyperLink' value='' size='50'>
(if file is to be uploaded, leave it blank)</td></tr>
<tr valign='top'><td>Description</td>
<td><textarea name='description' rows='2' cols='50'></textarea></td></tr>
<tr><td nowrap>Expiry Date</td>
<td><input type='text' name='expiry' value='$expiry' size='15'></td></tr>
<tr><td nowrap>Status</td><td><select name='status'>";
foreach ($status_array as $s){
$form .= "<option value='$s'";
if ($s == $status) $form .= " selected";
$form .= ">$s</option>";
}
$form .= "</select> Shows or hides the announcement on the home page</td></tr>
<tr><td colspan='2'><input type='submit' class=btn name='submit' value='SAVE'></td></tr>";
}else{
$form .= "<tr><td><a href='$PHP_SELF?conf=annpost&id='>New notification</a></td></tr>";
}
$form .= "</table><table class='search' width='98%'>
<tr bgcolor='FFEECA'><th nowrap>HyperText</th><th nowrap>HyperLink</th><th nowrap>Description</th></tr>";
$arr = mysql_query("select * from $tbl order by status,dated desc,id");
if ($arr) {
while($o = mysql_fetch_object($arr)){
$i++;
$rid = $o->id;
$hyperText = $o->hyperText;
$hyperLink = $o->hyperLink;
$description = $o->description;
$dated = $o->dated;
$expiry = $o->expiry;
$userID = $o->userID;
$status = $o->status;
if ($id == $rid){
$form .= "<tr><td colspan='$r' align='center'>
<input type='hidden' name='id' value='$rid'>
<table class=normal width='90%'>
<tr bgcolor='FFE5CA'><th><font color='black'>Edit</font></th></tr>
<tr><td nowrap>HyperText</td>
<td><input type='text' name='hyperText' value='$hyperText' size='50'></td></tr>
<tr><td nowrap>HyperLink</td>
<td><input type='text' name='hyperLink' value='$hyperLink' size='50'></td></tr>
<tr valign='top'><td nowrap>Description</td>
<td><textarea name='description' rows='2' cols='50'>$description</textarea></td></tr>
<tr><td nowrap>ExpiryDate</td>
<td nowrap><input type='text' name='expiry' value='$expiry' size='15'></td></tr>
<tr><td nowrap>Status</td><td><select name='status'>";
foreach ($status_array as $s){
$form .= "<option value='$s'";
if ($s == $status) $form .= " selected";
$form .= ">$s</option>";
}
$form .= "</select> Shows or hides the announcement on the home page</td></tr>
<tr><td></td><td><input type='submit' class=btn name='submit' value='SAVE'></td></tr>
</table></td></tr>";
} else {
if ($i % 2) $form .= "<tr valign='top'>"; else $form .= "<tr valign='top' bgcolor='F1EDC2'>";
$form .= "<td width='30%'><a name='$rid'></a><font size='-1'>$hyperText<br>
[<a href='$PHP_SELF?conf=annpost&id=$rid#$rid'>Edit</a>] ";
if ($status == 'expired')
$form .= "[<a href='$PHP_SELF?conf=annpost&action=current&id=$rid'>Show</a>]";
else
$form .= "[<a href='$PHP_SELF?conf=annpost&action=expired&id=$rid'>Hide</a>]";
$form .= "</font></td><td><a href='$hyperLink'><font size='-1'>$hyperLink</font></a><br>
<font size=-1>Dated: $dated (by $userID)<br>Expiry: $expiry</font></td>
<td><font size='-1'>$description</font></td></tr>";
}
}
}
$form .= "</table></center></form>";
echo $form;
function generate_html(){
//to select only those which are to be shown
$result = mysql_query("SELECT * FROM announcements where status='current' order by dated desc, id desc");
$num = mysql_num_rows($result);
$i=0;
$pg = "<table border=0 cellpadding=0 cellspacing=5 >
<tr><td width=280 height=20 align=center><font face=sans-serif size=3px><b>Notifications</b></font></td></tr>
<!--<tr><td></td></tr>-->
<tr></tr>
</table>";
while ($i < $num) {
$dated = @mysql_result($result,$i,"dated");
$text = @mysql_result($result,$i,"hyperText");
$url = @mysql_result($result,$i,"hyperLink");
$des = @mysql_result($result,$i,"description");
$expiry = @mysql_result($result,$i,"expiry");
$i++;
if (strpos($url,"http:")==0 || strpos($url,"inner.php")==0){
$url = 'pub/' . $url;
}
$pg .= "
<table border=0 cellpadding=0 cellspacing=4>
<tr valign='top'>
<td><img src='images/arrow.gif'></td>
<td onmouseover=\"show('announce$i')\" onmouseout=\"hide('announce$i')\" >
<a href=\"$url\">$text</a><br/>
<table class=\"announce\" id=\"announce$i\" border=0 cellpadding=0 cellspacing=5>
<tr valign='top'>
<td align=center class=\"announce\" >
<font size=1pts>Dated $dated<br>$des<br>Expiry $expiry</td>
</tr></table>
</td></tr></table>";
}
$pg .= "<div align='right'><a href='http://www.adobe.com/products/acrobat/readstep2.html'>Download PDF Reader</a> | <a href='inner.php?conf=annmore'>More Notifications..</a></div>";
$htmlfile = "announcements.php";
if (!$fp = fopen($htmlfile, "w")){
echo "Cannot open file ($htmlfile)";
exit;
} else if (is_writable($htmlfile)) {
if (fwrite($fp, $pg) === FALSE) {
echo "Cannot write to file ($htmlfile)";
exit;
}
}
}
?>