Your IP : 216.73.216.40
<?php
checkAdmin($webid, $user);
?>
Edit content of webpages here. Familiarity with HTML tags is must to work at this advance level of content administration. Admin/user pages will be accessible after proper authentication. <br><br>
<?php
$rowid = $_REQUEST['rowid'];
$hypertext = $_POST['hypertext'];
$pagetitle = $hypertext;
$parentid = $_REQUEST['parentid'];
if (!$parentid) $parentid = 0; //top level link
$pageaccess = $_POST['pageaccess'];
$pagetype = $_POST['pagetype'];
if (!$pagetype) $pagetype = 'html'; //static webpage
$pagecontent = $_POST['pagecontent'];
$pagecontent = str_replace('"', "'", $pagecontent);
if ($pagetype != 'html') $pagecontent = strip_tags($pagecontent);
else $pagecontent = htmlsafe($pagecontent);
$dateexpiry = $_POST['dateexpiry'];
if (!$dateexpiry || $dateexpiry == '0000-00-00 00:00:00') $dateexpiry = next_month();//date('Y-m-d');
$status = $_POST['status'];
$userid = $_POST['userid'];
$submit = $_POST['submit'];
$tbl = 'webpages';
$contentcategories = array(0=>'Homepage',99990=>'Orphan',99995=>'Format',99996=>'Tender',99997=>'Profile',99998=>'Advertisement',99999=>'Announcement');
//$pagetypes = array('html','php','url','file');
$pagetypes = array('menu','html','url','file','php');
$pageaccesses = array('public','user','admin');
$statuss = array('online','offline');
switch ($submit) {
case "UP":
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
$sr = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid<$rowid order by rowid desc limit 0,1");
if (mysql_num_rows($sr)) {
$o = mysql_fetch_object($sr);
$prowid = $o->rowid;
mysql_query("update $tbl set parentid=100000 where parentid=$prowid");
mysql_query("update $tbl set rowid=100000 where rowid=$prowid");
mysql_query("update $tbl set parentid=$prowid where parentid=$rowid");
mysql_query("update $tbl set rowid=$prowid where rowid=$rowid");
mysql_query("update $tbl set parentid=$rowid where parentid=100000");
mysql_query("update $tbl set rowid=$rowid where rowid=100000");
}
}
$rowid = $prowid;
break;
case "DOWN":
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
$sr = mysql_query("select * from $tbl where webid='$webid' and status='online' and parentid=$parentid and rowid>$rowid order by rowid limit 0,1");
if (mysql_num_rows($sr)) {
$o = mysql_fetch_object($sr);
$nrowid = $o->rowid;
mysql_query("update $tbl set parentid=100000 where parentid=$nrowid");
mysql_query("update $tbl set rowid=100000 where rowid=$nrowid");
mysql_query("update $tbl set parentid=$nrowid where parentid=$rowid");
mysql_query("update $tbl set rowid=$nrowid where rowid=$rowid");
mysql_query("update $tbl set parentid=$rowid where parentid=100000");
mysql_query("update $tbl set rowid=$rowid where rowid=100000");
}
}
$rowid = $nrowid;
break;
case "SAVE":
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid and userid='$user'"))) {
mysql_query("update $tbl set hypertext='$hypertext',parentid=$parentid,
pagetype='$pagetype',pageaccess='$pageaccess',pagecontent='$pagecontent',
dateupdation=now(),dateexpiry='$dateexpiry'
where rowid=$rowid");
} else
echo "<div class='error'>Read only page</a>";
} else {
mysql_query("insert into $tbl
(webid,hypertext,parentid,pagetitle,pagetype,pageaccess,pagecontent,datecreation,dateupdation,dateexpiry,dateaccess,status,userid)
values('$webid','$hypertext',$parentid,'$pagetitle','$pagetype','$pageaccess','$pagecontent',now(),now(),'$dateexpiry',now(),'online','$user')");
$rowid = mysql_insert_id();
}
break;
case "DELETE":
mysql_query("delete from $tbl where rowid=$rowid");
$hypertext = ''; $parentid = 0; $pagetitle = ''; $pagetype = 'html';
$pageaccess = 'public'; $pagecontent = '';
$rowid = 0;
break;
}
if ($rowid > 0 && !$parentid) {
$rs = mysql_query("select * from $tbl where rowid=$rowid");
if ($o = mysql_fetch_object($rs)) {
$parentid = $o->parentid;
}
}
//get the parentid of page under updation
$parent = '';
foreach ($contentcategories as $key => $cc) {
if ($parentid == $key)
$parent = $cc;
else
$parents .= "[<a href='admin.php?conf=$conf&parentid=$key'>$cc</a>]";
}
if (!$parent) {
$rs = mysql_query("select hypertext from $tbl where webid='$webid' and rowid=$parentid");
if ($o = mysql_fetch_object($rs)) {
$parent = $o->hypertext;
}
}
echo "<div class='error'>Under ";
if ($parent) {
echo "$parent <input type='hidden' name='parentid' value='$parentid'> $parents";
} else {
//echo "<select name='parentid' style='width: 200px' onchange=\"document.location.href='$PHP_SELF?conf=$conf&parentid='+this.value\">
echo "<select name='parentid' style='width: 200px'>
<option value='0'>Homepage</option>";
$rs = mysql_query("select rowid,hypertext from $tbl where webid='$webid' and parentid<=$parentid and pagecontent='' and status='online' order by rowid");
while ($o = mysql_fetch_object($rs)) {
echo "<option value='$o->rowid'";
if ($parentid == $o->rowid) echo " selected";
echo ">$o->hypertext</option>";
}
echo "</select>";
}
echo "</div>
Add New <select name='pagetype' style='width: 150px' onchange=\"document.location.href='$PHP_SELF?conf=$conf&parentid=$parentid&rowid=&pagetype='+this.value\">
<option value='0'>New page</option>";
foreach ($pagetypes as $pt) {
echo "<option value='$pt'";
if ($pagetype == $pt) echo ' selected';
echo ">$pt</option>";
}
echo "</select>
OR Edit <select name='rowid' style='width: 150px' onchange=\"document.location.href='$PHP_SELF?conf=$conf&parentid=$parentid&rowid='+this.value\">
";
$rs = mysql_query("select * from $tbl where webid='$webid' and parentid=$parentid order by rowid");
while ($o = mysql_fetch_object($rs)) {
echo "<option value='$o->rowid'";
if ($o->rowid == $rowid) {
echo " selected";
$hypertext = $o->hypertext;
$parentid = $o->parentid;
$pagetitle = $o->pagetitle;
$pagetype = $o->pagetype;
$pageaccess = $o->pageaccess;
$pagecontent = htmlunsafe($o->pagecontent);
$status = $o->status;
$dateexpiry = $o->dateexpiry;
$userid = $o->userid;
}
echo ">$o->hypertext</option>";
}
echo "</select>
<table cellpadding='5' width='95%'>
<tr bgcolor='silver'>
<td>Access Scope<br>
<select name='pageaccess' style='width: 100px'>";
foreach ($pageaccesses as $pa) {
echo "<option value='$pa'";
if ($pageaccess == $pa) echo ' selected';
echo ">$pa</option>";
}
echo "</select></td>
<td>Expiry Date<br>";
$yr = date("Y",strtotime($dateexpiry));
$mth = date("m",strtotime($dateexpiry));
$dt = date("d",strtotime($dateexpiry));
//instantiate class and set properties
$myCalendar = new tc_calendar("dateexpiry", true, false);
$myCalendar->setIcon("images/calendar.gif");
$myCalendar->setDate($dt, $mth, $yr);
$myCalendar->setPath("classes/");
$myCalendar->setYearInterval(2010, 2025);
$myCalendar->dateAllow('2010-01-01', '2025-12-31');
$myCalendar->setDateFormat('j F Y');
//output the calendar
$myCalendar->writeScript();
echo "</td><td>";
if ($rowid) echo "<input type='submit' name='submit' value='UP' style='width: 80px'><br><input type='submit' name='submit' value='DOWN' style='width: 80px'>";
echo "</td></tr></table>
<table>
<tr><td>Link Text (Hypertext under menus) $status<br>
<input type='text' name='hypertext' size='60' value='$hypertext'>
</td></tr>
<tr><td>Page Content<br>";
if ($pagetype == 'html')
echo "<textarea name='pagecontent' style='width: 100%'>$pagecontent</textarea>";
else
echo "<input type='text' name='pagecontent' size='60' value='$pagecontent'>";
echo "</td></tr>
<tr><th>";
//if ($userid == $user) {
echo "<input type='submit' name='submit' value='SAVE' style='width: 80px'> ";
if ($rowid) echo "<input type='submit' name='submit' value='DELETE' style='width: 80px'>";
//echo "<input type='submit' name='submit' value='DELETE' style='width: 80px'>";
//}
echo "</th></tr></table>
URL of this page is http://$webid/inner.php?conf=$rowid
";
?>
<p>
These pages are stored in the database and is accessible through click of some menu link.
</p>