, 2003-2007 // Raul Mateos , 2005-2007 // Load global vars require_once ("include/config.php"); check_login (); if (! give_acl ($config['id_user'], 0, "PM")) { audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation", "Trying to access Link Management"); require ("general/noaccess.php"); return; } if (isset ($_POST["create"])) { // If create $subject = get_parameter ("subject"); $text = get_parameter ("text"); $timestamp = $ahora = date ("Y/m/d H:i:s"); $author = $config['id_user']; $sql = "INSERT INTO tnews (subject, text, author, timestamp) VALUES ('$subject','$text', '$author', '$timestamp') "; $result = mysql_query ($sql_insert); if (! $result) { echo "

".__('Not created. Error inserting data')."

"; } else { echo "

".__('Created successfully')."

"; $id_link = mysql_insert_id (); } } if (isset ($_POST["update"])) { // if update $id_news = get_parameter ("id_news"); $subject = get_parameter ("subject"); $text = get_parameter ("text"); $timestamp = $ahora = date("Y/m/d H:i:s"); $sql_update ="UPDATE tnews SET subject = '".$subject."', text ='".$text."', timestamp = '$timestamp' WHERE id_news = '".$id_news."'"; $result = mysql_query($sql_update); if (! $result) echo "

".__('Not updated. Error updating data')."

"; else echo "

".__('Updated successfully')."

"; } if (isset ($_GET["borrar"])) { // if delete $id_news = get_parameter ("borrar"); $sql_delete = "DELETE FROM tnews WHERE id_news = ".$id_news; $result = mysql_query ($sql_delete); if (! $result) echo "

".__('Not deleted. Error deleting data')."

"; else echo "

".__('Deleted successfully')."

"; } // Main form view for Links edit if ((isset ($_GET["form_add"])) || (isset ($_GET["form_edit"]))) { if (isset($_GET["form_edit"])) { $creation_mode = 0; $id_news = get_parameter ("id_news"); $sql = 'SELECT * FROM tnews WHERE id_news = '.$id_news; $result = mysql_query ($sql); if ($row = mysql_fetch_array ($result)) { $subject = $row["subject"]; $text = $row["text"]; $author = $row["author"]; $timestamp = $row["timestamp"]; } else { echo "

".__('Name error')."

"; } } else { // form_add $creation_mode =1; $text = ""; $subject = ""; $author = $config['id_user']; } // Create news echo "

".('Pandora Setup')." > "; echo ('Site news management')."

"; echo ''; echo ''; if ($creation_mode == 1) echo ""; else echo ""; echo ""; echo ''; echo ''; echo "

'.__('Subject').'	'; echo '
'.__('Text').'	'; echo $text; echo '

"; echo ""; echo "

"; echo '

'; } else { // Main list view for Links editor echo "

".('Pandora Setup')." > "; echo ('Site news management')."

"; echo ""; echo ""; echo ""; echo ""; echo ""; $sql = 'SELECT * FROM tnews ORDER BY timestamp'; $result = mysql_query ($sql); $color = 1; while ($row=mysql_fetch_array($result)){ if ($color == 1) { $tdcolor = "datos"; $color = 0; } else { $tdcolor = "datos2"; $color = 1; } echo ""; echo ""; echo ""; echo ''; } echo "

".__('Subject')."	".__('Author')."	".__('Timestamp')."	".__('Delete')."
".$row["subject"]."	".$row["author"]."	".$row["timestamp"]."

"; echo ""; echo "

"; echo "

"; } ?>

".__('Not created. Error inserting data')."

".__('Created successfully')."

".__('Not updated. Error updating data')."

".__('Updated successfully')."

".__('Not deleted. Error deleting data')."

".__('Deleted successfully')."

".__('Name error')."

".__('Pandora Setup')." > "; echo __('Site news management')."

".__('Pandora Setup')." > "; echo __('Site news management')."

".('Pandora Setup')." > "; echo ('Site news management')."

".('Pandora Setup')." > "; echo ('Site news management')."