Your IP : 216.73.216.40
<?php
checkAdmin($webid, $user);
if (!authenticate($webid, $user) == 'admin')
die('Admin page');
?>
Assign access right to webmaster for content updation. Webmaster can create and maintain content under the top level menu.
<?php
$rowid = $_REQUEST['rowid'];
$parentid = $_REQUEST['parentid'];
if (!$parentid) $parentid = 0;
$userid = $_POST['userid'];
$submit = $_POST['submit'];
$tbl = 'webpages';
/*
function setright($rowid, $status, $dateexpiry, $userid) {
$tbl = 'webpages';
mysql_query("update $tbl set status='$status',dateexpiry='$dateexpiry',userid='$userid' where rowid=$rowid");
mysql_query("update $tbl set dateexpiry='$dateexpiry' where parentid=$rowid and dateexpiry < $dateexpiry");
mysql_query("update $tbl set status='$status',userid='$userid' where parentid=$rowid");
$rs = mysql_query("select * from $tbl where parentid=$rowid");
if (mysql_num_rows($rs)) {
while ($o = mysql_fetch_object($rs)) {
setright($o->rowid, $status, $dateexpiry, $userid);
}
}
}
*/
switch ($submit) {
case "SAVE":
if (mysql_num_rows(mysql_query("select * from $tbl where rowid=$rowid"))) {
setright($rowid, $userid);
}
break;
}
if ($rowid > 0 && !$parentid) {
$rs = mysql_query("select * from $tbl where rowid=$rowid");
if ($o = mysql_fetch_object($rs)) {
$parentid = $o->parentid;
}
}
//get the parentid of page under updation
$parent = '';
foreach ($contentcategories as $key => $cc) {
if ($parentid == $key)
$parent = $cc;
else
$parents .= "[<a href='admin.php?conf=$conf&parentid=$key'>$cc</a>]";
}
if (!$parent) {
$rs = mysql_query("select hypertext from $tbl where webid='$webid' and rowid=$parentid");
if ($o = mysql_fetch_object($rs)) {
$parent = $o->hypertext;
}
}
echo "<div class='error'>Under ";
if ($parent) {
echo "$parent <!--input type='hidden' name='parentid' value='$parentid'--> $parents";
} else {
//echo "<select name='parentid' style='width: 200px' onchange=\"document.location.href='$PHP_SELF?conf=$conf&parentid='+this.value\">
echo "<select name='parentid' style='width: 200px'>
<option value='0'>Homepage</option>";
$rs = mysql_query("select rowid,hypertext from $tbl where webid='$webid' and parentid<=$parentid and pagecontent='' and status='online' order by rowid");
while ($o = mysql_fetch_object($rs)) {
echo "<option value='$o->rowid'";
if ($parentid == $o->rowid) echo " selected";
echo ">$o->hypertext</option>";
}
echo "</select>";
}
echo "</div>";
if ($role == 'admin') {
echo "<table cellpadding='5' border='1' width='95%'style='border-collapse: collapse'>
<tr><th nowrap>Page Details</th><th>Webmaster</th></tr>";
$rs = mysql_query("select * from $tbl where webid='$webid' and parentid=$parentid order by rowid");
while ($o = mysql_fetch_object($rs)) {
if ($o->rowid == $rowid) {
echo "<tr valign='top'><td rowspan='2'><b>$o->hypertext</b><br>
Page access: $o->pageaccess<br>Page type: $o->pagetype<br>Dated: $o->datecreation</td>
<th><select name='userid'>";
$sr = mysql_query("select * from webusers where webid='$webid' and role in('admin','webmaster')");
while ($q = mysql_fetch_object($sr)) {
echo "<option value='$q->userid'";
if ($o->userid == $q->userid) echo " selected";
echo ">$q->userid</option>";
}
echo "</select><br><input type='hidden' name='rowid' value='$o->rowid'></th></tr>
<tr><th><input type='submit' name='submit' value='SAVE'>";
if ($o->pagetype == 'menu') echo "<br><a href='admin.php?conf=$conf&parentid=$o->rowid'>View inner links</a>";
echo "</th></tr>";
} else {
echo "<tr valign='top'><td><a href='admin.php?conf=$conf&rowid=$o->rowid'>$o->hypertext</a><br>
Page access: $o->pageaccess<br>Page type: $o->pagetype<br>Dated: $o->datecreation</td>
<th>$o->userid</th></tr>";
}
}
/*
foreach ($contentcategories as $key => $cc) {
echo "<tr valign='top'><td colspan='2'><a href='admin.php?conf=$conf&parentid=$key'>$cc</a></td></tr>";
}
*/
echo "</table>";
} else
echo "<h3>Access permission denied</h3>";
?>
These pages are stored in the database and is accessible through click of some menu link.