arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Commit mostly working CMS

Browse Source
This commit is contained in:
james 2008-08-21 20:30:20 +00:00
parent 8b5fc1c905
commit 44d88e646e
1 changed files with 90 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
config/cms.php
View File

@ -37,39 +37,84 @@
if($_POST['action']=="save") if($_POST['action']=="save")
{ {
$err=false;
foreach($config['languages'] AS $lang=>$langname) {
$filename=stripslashes($_POST['filename']);
// $filename=ereg_replace("[^A-Za-z0-9\.\_\/]","_",$_POST['filename']);
echo happy(i18n("Page text successfully saved")); if(substr($filename,-5)!=".html")
echo "no, actually its not saving yet, im not done!<br />"; $filename=$filename.".html";
$textname="text_$lang";
$titlename="title_$lang";
$showlogoname="showlogo_$lang";
//get the dt here to insert with ALL the languages, we cant rely on the INSERT NOW() always inserting multiple records with the same timestamp!
$insertdt=date("Y-m-d H:i:s");
$text=stripslashes($_POST[$textname]);
mysql_query("INSERT INTO cms (filename,dt,lang,text,title,showlogo) VALUES (
'".mysql_escape_string($filename)."',
'$insertdt',
'$lang',
'".mysql_escape_string($text)."',
'".mysql_escape_string($_POST[$titlename])."',
'".$_POST[$showlogoname]."'
)");
if(mysql_error()) {
echo error(i18n("An error occurred saving %1 in %2",array($filename,$langname)));
$err=true;
}
}
if(!$err)
echo happy(i18n("%1 successfully saved",array($_POST['filename'])));
} }
if($_GET['filename'] || $_GET['id'] || $_GET['action']=="create") if($_GET['filename'] || $_GET['action']=="create")
{ {
echo "<a href=\"cms.php\">&lt;&lt; Back to file list</a><br />\n"; echo "<a href=\"cms.php\">&lt;&lt; Back to file list</a><br />\n";
echo "<form method=\"post\" action=\"cms.php\">"; echo "<form method=\"post\" action=\"cms.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n"; echo "<input type=\"hidden\" name=\"action\" value=\"save\">\n";
if($_GET['filename']) if($_GET['filename'])
echo "<input type=\"hidden\" name=\"filename\" value=\"".htmlspecialchars($r->textname)."\">\n"; echo "<input type=\"hidden\" name=\"filename\" value=\"".htmlspecialchars($_GET['filename'])."\">\n";
else else
echo "Choose filename to create: /web/<input type=\"text\" name=\"filename\" size=\"15\">.html<hr />"; echo "Choose filename to create: /web/<input type=\"text\" name=\"filename\" size=\"15\">.html<hr />";
echo "<table width=\"100%\" cellpadding=\"3\">"; echo "<table width=\"100%\" cellpadding=\"3\">";
echo "<tr><td valign=\"top\">";
foreach($config['languages'] AS $lang=>$langname) { foreach($config['languages'] AS $lang=>$langname) {
echo "<tr><td>";
echo "<table class=\"tableview\" width=\"100%\">"; echo "<table class=\"tableview\" width=\"100%\">";
echo "<tr><th>"; echo "<tr><th colspan=\"2\">";
$q=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' AND lang='$lang' ORDER BY dt DESC LIMIT 1"); $q=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' AND lang='$lang' ORDER BY dt DESC LIMIT 1");
if($r=mysql_fetch_object($q)) { if($r=mysql_fetch_object($q)) {
if($r->dt=="0000-00-00 00:00:00" || !$r->dt) $dt="Never"; if($r->dt=="0000-00-00 00:00:00" || !$r->dt) $dt="Never";
else $dt=$r->dt; else $dt=$r->dt;
echo "<b>".htmlspecialchars($_GET['filename'])." - $langname</b> &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />"; echo "<b>".htmlspecialchars($_GET['filename'])." - $langname</b> &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />";
if($_GET['dt']) {
$q2=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' AND lang='$lang' AND dt<='".$_GET['dt']."' ORDER BY dt DESC LIMIT 1");
$r2=mysql_fetch_object($q2);
if($r2->dt!=$r->dt)
{
echo "Displaying historical file. Date: $r->dt";
$r=$r2;
}
}
} }
else else
{ {
echo "<b>$langname</b><br />"; // &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />"; echo "<b>$langname</b><br />"; // &nbsp;&nbsp; ".i18n("Last updated").": $dt<br />";
} }
echo "</th></tr>\n"; echo "</th></tr>\n";
echo "<tr><td>"; echo "<tr><td width=\"100\">".i18n("Page Title").":</td><td><input type=\"text\" name=\"title_$lang\" style=\"width: 99%;\" value=\"".htmlspecialchars($r->title)."\"></td></tr>\n";
echo "<tr><td width=\"100\">".i18n("Show Logo").":</td><td>";
if($r->showlogo) $ch="checked=\"checked\""; else $ch="";
echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"1\"> ".i18n("Yes");
echo "&nbsp;&nbsp;&nbsp;";
if(!$r->showlogo) $ch="checked=\"checked\""; else $ch="";
echo "<input $ch type=\"radio\" name=\"showlogo_$lang\" value=\"0\"> ".i18n("No");
echo "</td></tr>\n";
echo "<tr><td colspan=\"2\">";
require_once("../fckeditor/fckeditor.php"); require_once("../fckeditor/fckeditor.php");
$oFCKeditor = new FCKeditor("text_$lang") ; $oFCKeditor = new FCKeditor("text_$lang") ;
@ -81,25 +126,37 @@
echo "</td></tr></table>\n"; echo "</td></tr></table>\n";
echo "</td><td width=\"130\" valign=\"top\">"; echo "<br />";
echo "<table class=\"tableview\" width=\"130\">";
if($_GET['historylimit']) $historylimit=$_GET['historylimit'];
else $historylimit=30;
echo "<tr><th>".i18n("File History")."</th></tr>\n";
$q=mysql_query("SELECT id,dt FROM cms WHERE filename='".$_GET['filename']."' ORDER BY dt DESC LIMIT $historylimit");
if(mysql_num_rows($q)) {
echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($_GET['filename'])."&amp;id=$r->id\" style=\"font-size: 0.75em;\">$r->dt</a></td></tr>\n";
}
else
echo "<tr><td><i>No History</i></td></tr>\n";
echo "</table>\n";
echo "</td></tr>\n";
echo "<tr><td colspan=\"2\"><hr /></td></tr>\n";
} }
echo "<tr><td>"; echo "</td><td width=\"130\" valign=\"top\">";
echo "<table class=\"tableview\" width=\"130\">";
if($_GET['historylimit']) $historylimit=intval($_GET['historylimit']);
else $historylimit=30;
echo "<tr><th>".i18n("File History")."</th></tr>\n";
$q=mysql_query("SELECT DISTINCT(dt) FROM cms WHERE filename='".mysql_escape_string($_GET['filename'])."' ORDER BY dt DESC LIMIT $historylimit");
$first=true;
if(mysql_num_rows($q)) {
while($r=mysql_fetch_object($q))
{
if($r->dt==$_GET['dt']) $style="font-weight: bold;";
else $style="font-weight: normal;";
if($first && !$_GET['dt']) $style="font-weight: bold;";
echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($_GET['filename'])."&amp;dt=".rawurlencode($r->dt)."\" style=\"font-size: 0.75em; $style\">$r->dt</a></td></tr>\n";
$first=false;
}
}
else
echo "<tr><td><i>No History</i></td></tr>\n";
echo "</table>\n";
echo "</td></tr>\n";
echo "<tr><td colspan=\"2\">";
echo "<table><tr><td>"; echo "<table><tr><td>";
echo "<input type=\"submit\" value=\"".i18n("Save Page")."\" />\n"; echo "<input type=\"submit\" value=\"".i18n("Save Page")."\" />\n";
echo "</form>"; echo "</form>";
@ -115,15 +172,20 @@
else else
{ {
echo i18n("Choose a web page filename to edit"); echo i18n("Choose a web page filename to edit");
echo "&nbsp;";
echo "<a href=\"cms.php?action=create\">".i18n("or click here to create a new file")."</a><br />\n";
echo "<table class=\"summarytable\">"; echo "<table class=\"summarytable\">";
$q=mysql_query("SELECT DISTINCT(filename) AS filename, dt FROM cms ORDER BY filename"); $q=mysql_query("SELECT DISTINCT(filename) AS filename FROM cms ORDER BY filename");
echo "<tr><th>".i18n("Filename")."</th><th>".i18n("Last Update")."</th></tr>"; echo "<tr><th>".i18n("Filename")."</th><th>".i18n("Last Update")."</th></tr>";
while($r=mysql_fetch_object($q)) while($r=mysql_fetch_object($q))
{ {
echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($r->filename)."\">/web/$r->filename</a></td>"; echo "<tr><td><a href=\"cms.php?filename=".rawurlencode($r->filename)."\">/web/$r->filename</a></td>";
if($r->dt=="0000-00-00 00:00:00") $dt="Never"; $q2=mysql_query("SELECT dt FROM cms WHERE filename='".mysql_escape_string($r->filename)."' ORDER BY dt DESC LIMIT 1");
else $dt=$r->dt; $r2=mysql_fetch_object($q2);
if($r2->dt=="0000-00-00 00:00:00") $dt="Never";
else $dt=$r2->dt;
echo "<td>$dt</td>"; echo "<td>$dt</td>";
echo "</tr>"; echo "</tr>";