From 0dabaa505e4463498665a1eb6ab95979578beab3 Mon Sep 17 00:00:00 2001
From: Philip Häusler <msquare@notrademark.de>
Date: Wed, 26 Dec 2012 14:02:27 +0100
Subject: #28 begin log

---
 includes/pages/admin_news.php | 144 +++++++++++++++++++++---------------------
 1 file changed, 73 insertions(+), 71 deletions(-)

(limited to 'includes/pages/admin_news.php')

diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php
index ca1f81fc..f6c06001 100644
--- a/includes/pages/admin_news.php
+++ b/includes/pages/admin_news.php
@@ -1,87 +1,89 @@
 <?php
 function admin_news() {
-	global $user;
-	
-	if (!isset ($_GET["action"])) {
-		header("Location: " . page_link_to("news"));
-	} else {
-		$html = "";
-		switch ($_GET["action"]) {
-			case 'edit' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+  global $user;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+  if (!isset ($_GET["action"])) {
+    header("Location: " . page_link_to("news"));
+  } else {
+    $html = "";
+    switch ($_GET["action"]) {
+      case 'edit' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					$html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
 
-					$html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
+          $html .= '<a href="' . page_link_to("news") . '">&laquo Back</a>';
 
-					$html .= "<table>\n";
-					$html .= "  <tr><td>Datum</td><td>" .
-					date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
-					$html .= "  <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
-					$news["Betreff"] . "\"></td></tr>\n";
-					$html .= "  <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
-					$news["Text"] . "</textarea></td></tr>\n";
-					$html .= "  <tr><td>Engel</td><td>" .
-					UID2Nick($news["UID"]) . "</td></tr>\n";
-					$html .= "  <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
-						'1' => "Ja",
-						'0' => "Nein"
-					), $news['Treffen']) . "</td></tr>\n";
-					$html .= "</table>";
+          $html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n";
 
-					$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
-					$html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
-					$html .= "</form>";
+          $html .= "<table>\n";
+          $html .= "  <tr><td>Datum</td><td>" .
+              date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n";
+          $html .= "  <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" .
+              $news["Betreff"] . "\"></td></tr>\n";
+          $html .= "  <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" .
+              $news["Text"] . "</textarea></td></tr>\n";
+          $html .= "  <tr><td>Engel</td><td>" .
+              UID2Nick($news["UID"]) . "</td></tr>\n";
+          $html .= "  <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array (
+            '1' => "Ja",
+            '0' => "Nein"
+          ), $news['Treffen']) . "</td></tr>\n";
+          $html .= "</table>";
 
-					$html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
-					$html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
-					$html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
-					$html .= "</form>";
-				} else
-					return error("No News found.", true);
-				break;
+          $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
+          $html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n";
+          $html .= "</form>";
 
-			case 'save' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+          $html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n";
+          $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n";
+          $html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n";
+          $html .= "</form>";
+        } else
+          return error("No News found.", true);
+        break;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+      case 'save' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
-					"', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
-					header("Location: " . page_link_to("news"));
-				} else
-					return error("No News found.", true);
-				break;
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
 
-			case 'delete' :
-				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
-					$id = $_REQUEST['id'];
-				else
-					return error("Incomplete call, missing News ID.", true);
+          sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) .
+              "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1");
+          engelsystem_log("News updated: " . $_POST["eBetreff"]);
+          header("Location: " . page_link_to("news"));
+        } else
+          return error("No News found.", true);
+        break;
 
-				$news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-				if (count($news) > 0) {
-					list ($news) = $news;
+      case 'delete' :
+        if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
+          $id = $_REQUEST['id'];
+        else
+          return error("Incomplete call, missing News ID.", true);
 
-					sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
-					header("Location: " . page_link_to("news"));
-				} else
-					return error("No News found.", true);
-				break;
-		}
-	}
-	return $html;
+        $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+        if (count($news) > 0) {
+          list ($news) = $news;
+
+          sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1");
+          engelsystem_log("News deleted: " . $news['Betreff']);
+          header("Location: " . page_link_to("news"));
+        } else
+          return error("No News found.", true);
+        break;
+    }
+  }
+  return $html;
 }
 ?>
\ No newline at end of file
-- 
cgit v1.2.3-54-g00ecf