diff options
author | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-11-30 10:49:24 +0000 |
---|---|---|
committer | cookie <cookie@29ba0400-6e00-0410-a75a-ca02368028f8> | 2006-11-30 10:49:24 +0000 |
commit | b91450e558455d704cd0d09504b503be9eacd590 (patch) | |
tree | 056ee0a7c2e99443b63e0bac5c69ea35aa11708d | |
parent | 02a7b492a8f3102e8cbba4607bde906b565b1aee (diff) |
newsverwaltung erweitert, add edit bouten und parameter check
git-svn-id: svn://svn.cccv.de/engel-system@187 29ba0400-6e00-0410-a75a-ca02368028f8
-rwxr-xr-x | www-ssl/admin/news.php | 163 | ||||
-rwxr-xr-x | www-ssl/nonpublic/engelbesprechung.php | 19 | ||||
-rwxr-xr-x | www-ssl/nonpublic/news_output.php | 16 |
3 files changed, 112 insertions, 86 deletions
diff --git a/www-ssl/admin/news.php b/www-ssl/admin/news.php index f37c9a08..137695b3 100755 --- a/www-ssl/admin/news.php +++ b/www-ssl/admin/news.php @@ -7,13 +7,13 @@ include ("./inc/funktion_db_list.php"); include ("./inc/funktion_user.php"); -if (!IsSet($_GET["action"])) { - -$SQL = "SELECT * from News order by Datum DESC"; -$Erg = mysql_query($SQL, $con); +if (!IsSet($_GET["action"])) +{ + $SQL = "SELECT * from News order by Datum DESC"; + $Erg = mysql_query($SQL, $con); -$rowcount = mysql_num_rows($Erg); -?> + $rowcount = mysql_num_rows($Erg); + ?> Hallo <?PHP echo $_SESSION['Nick'] ?>, <br> hier kannst du die News säbern... falls jemand auf die Idee kommt, hier herumzuspamen oder aus Versehen falsche Informationen zu hinterlegen :)<br><br> @@ -29,82 +29,95 @@ hier herumzuspamen oder aus Versehen falsche Informationen zu hinterlegen :)<br> </tr> <?PHP -for ($i=0; $i < $rowcount; $i++) { - echo "\t<tr class=\"content\">\n"; - echo "\t <td>".mysql_result($Erg, $i, "Datum")."</td>"; - echo "\t <td>".mysql_result($Erg, $i, "Betreff")."</td>"; - echo "\t <td>".mysql_result($Erg, $i, "Text")."</td>"; - echo "\t <td>".UID2Nick(mysql_result($Erg, $i, "UID"))."</td>"; - echo "\t <td>".mysql_result($Erg, $i, "Treffen")."</td>"; - echo "\t <td><a href=\"./news.php?action=change&date=".mysql_result($Erg, $i, "Datum")."\">XXX</a></td>"; - echo "\t</tr>\n"; -} -echo "</table>"; - - -} else { - -switch ($_GET["action"]) -{ - -case 'change': - $SQL = "SELECT * from News where (Datum='". $_GET["date"]. "')"; - $Erg = mysql_query($SQL, $con); - - echo "<form action=\"./news.php\" method=\"GET\">\n"; - - echo "<table>\n"; - echo " <tr><td>Datum</td><td><input type=\"text\" size=\"40\" name=\"date\" value=\"". - mysql_result($Erg, 0, "Datum")."\" disabled></td></tr>\n"; - echo " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"". - mysql_result($Erg, 0, "Betreff")."\"></td></tr>\n"; - echo " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">". - mysql_result($Erg, 0, "Text")."</textarea></td></tr>\n"; - echo " <tr><td>Engel</td><td><input type=\"text\" size=\"40\" name=\"eUser\" value=\"". - UID2Nick(mysql_result($Erg, 0, "UID"))."\" disabled></td></tr>\n"; - echo " <tr><td>Treffen</td><td><input type=\"text\" size=\"40\" name=\"eTreffen\" value=\"". - mysql_result($Erg, 0, "Treffen")."\"></td></tr>\n"; + for ($i=0; $i < $rowcount; $i++) + { + echo "\t<tr class=\"content\">\n"; + echo "\t <td>".mysql_result($Erg, $i, "Datum")."</td>"; + echo "\t <td>".mysql_result($Erg, $i, "Betreff")."</td>"; + echo "\t <td>".mysql_result($Erg, $i, "Text")."</td>"; + echo "\t <td>".UID2Nick(mysql_result($Erg, $i, "UID"))."</td>"; + echo "\t <td>".mysql_result($Erg, $i, "Treffen")."</td>"; + echo "\t <td><a href=\"./news.php?action=change&date=".mysql_result($Erg, $i, "Datum")."\">XXX</a></td>"; + echo "\t</tr>\n"; + } echo "</table>"; +} +else +{ - echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n"; - echo "<input type=\"hidden\" name=\"action\" value=\"change_save\">\n"; - echo "<input type=\"submit\" value=\"Abschicken...\">\n"; - echo "</form>"; - - echo "<form action=\"./news.php?action=delete\" method=\"POST\">\n"; - echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n"; - echo "<input type=\"submit\" value=\"löschen...\">\n"; - echo "</form>"; - - break; - -case 'change_save': - $chsql="UPDATE News set Betreff = \"". $_GET["eBetreff"]. "\", Text = \"". $_GET["eText"]. - "\", Treffen=". $_GET["eTreffen"]. " where (Datum = '". $_GET["date"]. "') limit 1"; - break; - -case 'delete': - $chsql="DELETE from News where Datum = '". $_POST["date"]. "' limit 1"; - break; -} + unSet($chsql); -if (IsSet($chsql)) { -// SQL-Statement ausführen... - $Erg = mysql_query($chsql, $con); - If ($Erg == 1) + switch ($_GET["action"]) { - echo "Änderung erfolgreich gesichert..."; - } - else + case 'change': + if (isset($_GET["date"])) + { + $SQL = "SELECT * from News where (Datum='". $_GET["date"]. "')"; + $Erg = mysql_query($SQL, $con); + + if( mysql_num_rows( $Erg)==1) + { + echo "<form action=\"./news.php\" method=\"GET\">\n"; + + echo "<table>\n"; + echo " <tr><td>Datum</td><td><input type=\"text\" size=\"40\" name=\"date\" value=\"". + mysql_result($Erg, 0, "Datum")."\" disabled></td></tr>\n"; + echo " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"". + mysql_result($Erg, 0, "Betreff")."\"></td></tr>\n"; + echo " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">". + mysql_result($Erg, 0, "Text")."</textarea></td></tr>\n"; + echo " <tr><td>Engel</td><td><input type=\"text\" size=\"40\" name=\"eUser\" value=\"". + UID2Nick(mysql_result($Erg, 0, "UID"))."\" disabled></td></tr>\n"; + echo " <tr><td>Treffen</td><td><input type=\"text\" size=\"40\" name=\"eTreffen\" value=\"". + mysql_result($Erg, 0, "Treffen")."\"></td></tr>\n"; + echo "</table>"; + + echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n"; + echo "<input type=\"hidden\" name=\"action\" value=\"change_save\">\n"; + echo "<input type=\"submit\" value=\"Abschicken...\">\n"; + echo "</form>"; + + echo "<form action=\"./news.php?action=delete\" method=\"POST\">\n"; + echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n"; + echo "<input type=\"submit\" value=\"löschen...\">\n"; + echo "</form>"; + } + else + echo "FEHLER: Eintrag \"". $_GET["date"]. "\" nicht gefunden"; + } + else + echo "Fehler: \"date\" nicht übergeben"; + break; + + case 'change_save': + if( isset($_GET["date"]) && isset($_GET["eBetreff"]) && isset($_GET["eText"]) ) + $chsql="UPDATE News set Betreff = \"". $_GET["eBetreff"]. "\", Text = \"". $_GET["eText"]. + "\", Treffen=". $_GET["eTreffen"]. " where (Datum = '". $_GET["date"]. "') limit 1"; + else + echo "Fehler: nicht genügend parameter übergeben"; + break; + + case 'delete': + if (isset($_POST["date"])) + $chsql="DELETE from News where Datum = '". $_POST["date"]. "' limit 1"; + else + echo "Fehler: \"date\" nicht übergeben"; + break; + } //SWITCH + + if (IsSet($chsql)) { - echo "Ein Fehler ist aufgetreten... probiere es am besten nocheinmal... :)<br><br>\n"; - echo mysql_error($con); - echo "<br><br>\n[$chsql]"; + // SQL-Statement ausführen... + $Erg = mysql_query($chsql, $con); + If ($Erg == 1) + echo "Änderung erfolgreich gesichert..."; + else + echo "Ein Fehler ist aufgetreten... probiere es am besten nocheinmal... :)<br><br>\n". + mysql_error($con). "<br><br>\n[$chsql]"; + SetHeaderGo2Back(); } - SetHeaderGo2Back(); -} +}// IF-ELSE -} include ("./inc/footer.php"); ?> diff --git a/www-ssl/nonpublic/engelbesprechung.php b/www-ssl/nonpublic/engelbesprechung.php index 436a5271..84bd92b5 100755 --- a/www-ssl/nonpublic/engelbesprechung.php +++ b/www-ssl/nonpublic/engelbesprechung.php @@ -15,12 +15,21 @@ $Erg = mysql_query($SQL, $con); // anzahl zeilen $Zeilen = mysql_num_rows($Erg); -for ($n = 0 ; $n < $Zeilen ; $n++) { - if (mysql_result($Erg, $n, "Treffen")=="1") { - echo "<p class='question'><u>".mysql_result($Erg, $n, "Betreff")."</u><br>". - " <font size=1>".mysql_result($Erg, $n, "Datum").", "; +for ($n = 0 ; $n < $Zeilen ; $n++) +{ + if (mysql_result($Erg, $n, "Treffen")=="1") + { + echo "<p class='question'><u>".mysql_result($Erg, $n, "Betreff")."</u>"; + + // Schow Admin Page + if( $_SESSION['CVS'][ "admin/news.php" ] == "Y" ) + echo " <a href=\"./../admin/news.php?action=change&date=". mysql_result($Erg, $n, "Datum"). "\">[edit]</a>"; + + echo "<br> <font size=1>".mysql_result($Erg, $n, "Datum").", "; echo UID2Nick(mysql_result($Erg, $n, "UID"))."</font></p>\n"; - echo "<p class='answetion'>".nl2br(mysql_result($Erg, $n, "Text"))."</p>\n"; + + + echo "<p class='answetion'>".nl2br(mysql_result($Erg, $n, "Text"))."</p>\n"; } } diff --git a/www-ssl/nonpublic/news_output.php b/www-ssl/nonpublic/news_output.php index 1e4a349d..6c6fb8ff 100755 --- a/www-ssl/nonpublic/news_output.php +++ b/www-ssl/nonpublic/news_output.php @@ -27,17 +27,21 @@ $Erg = mysql_query($SQL, $con); // anzahl zeilen $news_rows = mysql_num_rows($Erg); -for ($n = 0 ; $n < $news_rows ; $n++) { +for ($n = 0 ; $n < $news_rows ; $n++) +{ - if (mysql_result($Erg, $n, "Treffen") == 0) { + if (mysql_result($Erg, $n, "Treffen") == 0) echo "<p class='question'>"; - } else { + else echo "<p class='engeltreffen'>"; - } - echo "<u>".mysql_result($Erg, $n, "Betreff")."</u><br>\n"; + + echo "<u>".mysql_result($Erg, $n, "Betreff")."</u>\n"; + // Schow Admin Page + if( $_SESSION['CVS'][ "admin/news.php" ] == "Y" ) + echo " <a href=\"./../admin/news.php?action=change&date=". mysql_result($Erg, $n, "Datum"). "\">[edit]</a><br>\n\t\t"; - echo " <font size=1>".mysql_result($Erg, $n, "Datum").", "; + echo "<br> <font size=1>".mysql_result($Erg, $n, "Datum").", "; echo UID2Nick(mysql_result($Erg, $n, "UID"))."</font>"; // avatar anzeigen? echo DisplayAvatar (mysql_result($Erg, $n, "UID")); |