diff options
| author | Philip Häusler <msquare@notrademark.de> | 2011-09-14 22:23:29 +0200 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2011-09-14 22:23:29 +0200 |
| commit | 3c33e23c3cdbd2602724d2ee179823b7336ca178 (patch) | |
| tree | 0eca336668278f56fd41b0106b0680addffc2ffd /includes/pages/user_news.php | |
| parent | fc90174dd8d7ff4417af478b3ee60646443488f9 (diff) | |
admin_news privilege for writing news too
Diffstat (limited to 'includes/pages/user_news.php')
| -rw-r--r-- | includes/pages/user_news.php | 84 |
1 files changed, 43 insertions, 41 deletions
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 48b3764c..5d725c13 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -80,22 +80,22 @@ function user_news_comments() { $html .= "</table>"; $html .= ' - <br /> - <hr> - <h2>Neuer Kommentar:</h2> - <a name="Neu"> </a> - - <form action="' . page_link_to("news_comments") . '" method="post"> - <input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '"> - <table> - <tr> - <td align="right" valign="top">Text:</td> - <td><textarea name="text" cols="50" rows="10"></textarea></td> - </tr> - </table> - <br /> - <input type="submit" value="sichern..."> - </form>'; + <br /> + <hr> + <h2>Neuer Kommentar:</h2> + <a name="Neu"> </a> + + <form action="' . page_link_to("news_comments") . '" method="post"> + <input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '"> + <table> + <tr> + <td align="right" valign="top">Text:</td> + <td><textarea name="text" cols="50" rows="10"></textarea></td> + </tr> + </table> + <br /> + <input type="submit" value="sichern..."> + </form>'; } else { $html .= "Fehlerhafter Aufruf!"; } @@ -108,7 +108,7 @@ function user_news() { $html = ""; - if (isset ($_POST["text"]) && isset ($_POST["betreff"])) { + if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && in_array("admin_news", $privileges)) { if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges)) $_POST["treffen"] = 0; sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . @@ -137,32 +137,34 @@ function user_news() { else $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> '; } - $html .= '</div> - <br /><hr /> - <h2>' . Get_Text(6) . '</h2> - <a name="Neu"> </a> - - <form action="" method="post"> - <table> - <tr> - <td align="right">' . Get_Text(7) . '</td> - <td><input type="text" name="betreff" size="60"></td> - </tr> - <tr> - <td align="right">' . Get_Text(8) . '</td> - <td><textarea name="text" cols="50" rows="10"></textarea></td> - </tr>'; - if (in_array('admin_news', $privileges)) { - $html .= ' <tr> - <td align="right">' . Get_Text(9) . '</td> - <td><input type="checkbox" name="treffen" size="1" value="1"></td> - </tr>'; + $html .= '</div>'; + if (in_array("admin_news", $privileges)) { + $html .= '<br /><hr /> + <h2>' . Get_Text(6) . '</h2> + <a name="Neu"> </a> + + <form action="" method="post"> + <table> + <tr> + <td align="right">' . Get_Text(7) . '</td> + <td><input type="text" name="betreff" size="60"></td> + </tr> + <tr> + <td align="right">' . Get_Text(8) . '</td> + <td><textarea name="text" cols="50" rows="10"></textarea></td> + </tr>'; + if (in_array('admin_news', $privileges)) { + $html .= ' <tr> + <td align="right">' . Get_Text(9) . '</td> + <td><input type="checkbox" name="treffen" size="1" value="1"></td> + </tr>'; + } + $html .= '</table> + <br /> + <input type="submit" value="' . Get_Text("save") . '"> + </form>'; } - $html .= '</table> - <br /> - <input type="submit" value="' . Get_Text("save") . '"> - </form>'; return $html; } ?>
\ No newline at end of file |