-
Notifications
You must be signed in to change notification settings - Fork 0
/
article.php
executable file
·111 lines (101 loc) · 3.83 KB
/
article.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
/**
* Display Articles Individually
*
* $Id: article.php, 2005-12-06 13:59:43 Exp $
*/
$cd = '.';
require_once $cd . '/include/config.inc.php';
require_once $cd . '/include/fnc_individual.inc.php';
require_once $cd . '/include/http_headers.inc.php';
require_once $cd . '/include/fnc_logs.inc.php';
session_control();
if (isset($_REQUEST['id']) && $_REQUEST['id'] !== null) {
$id = abs(intval($_REQUEST['id']));
$id_next = abs(intval($_REQUEST['id'])) + 1;
$id_prev = abs(intval($_REQUEST['id'])) - 1;
if ($session_status == 'on') {
$draft_id_sql = "`id` = '" . $id . "'";
$draft_id_sql_next = "`id` = '" . $id_next . "'";
$draft_id_sql_prev = "`id` = '" . $id_prev . "'";
} else {
$draft_id_sql = "(`draft` = '0') AND (`id` = '{$id}')";
$draft_id_sql_next = "(`draft` = '0') AND (`id` >= '{$id_next}') ORDER BY `id` ASC LIMIT 1";
$draft_id_sql_prev = "(`draft` = '0') AND (`id` <= '{$id_prev}') ORDER BY `id` DESC LIMIT 1";
}
if (file_exists($cd . '/include/user_include/article_addition.inc.php')) {
include_once $cd . '/include/user_include/article_addition.inc.php';
} else {
$article_addition = '';
}
$sql = 'SELECT'.
" `id`, `href`, `name`, `date`, DATE_FORMAT(`mod`, '%Y-%m-%d %T') as `mod`, `comment`, `category`, `draft`".
" FROM `{$log_table}` WHERE " . $draft_id_sql;
$sql_next = 'SELECT'.
" `id`, `name`".
" FROM `{$log_table}` WHERE " . $draft_id_sql_next;
$sql_prev = 'SELECT'.
" `id`, `name`".
" FROM `{$log_table}` WHERE " . $draft_id_sql_prev;
$res = mysql_query($sql);
$row = mysql_fetch_array($res);
$row_next = mysql_fetch_array(mysql_query($sql_next));
$row_prev = mysql_fetch_array(mysql_query($sql_prev));
if ($row_next || $row_prev) {
if ($row_next && !$row_prev) {// First Entry
$row_next = convert_to_utf8($row_next);
$next_title = htmlspecialchars(strip_tags($row_next['name']));
$next_entry =<<<EOD
<p class="flip-link">
<span class="next"><a href="./article.php?id={$row_next['id']}" title=""{$next_title}"">{$lang['next']}</a></span>
</p>
EOD;
} elseif (!$row_next && $row_prev) {// Latest Entry
$row_prev = convert_to_utf8($row_prev);
$prev_title = htmlspecialchars(strip_tags($row_prev['name']));
$next_entry =<<<EOD
<p class="flip-link">
<span class="prev"><a href="./article.php?id={$row_prev['id']}" title=""{$prev_title}"">{$lang['prev']}</a></span>
</p>
EOD;
} else {
$row_next = convert_to_utf8($row_next);
$row_prev = convert_to_utf8($row_prev);
$next_title = htmlspecialchars(strip_tags($row_next['name']));
$prev_title = htmlspecialchars(strip_tags($row_prev['name']));
$next_entry =<<<EOD
<p class="flip-link">
<span class="prev"><a href="./article.php?id={$row_prev['id']}" title=""{$prev_title}"">{$lang['prev']}</a></span>
<span class="next"><a href="./article.php?id={$row_next['id']}" title=""{$next_title}"">{$lang['next']}</a></span>
</p>
EOD;
}
} else {
$next_entry = '';
}
if ($row) {
$row = convert_to_utf8($row);
format_date($row_name = 'date');
$title_date = $formatted_date;
$article_box = display_article_box($row);
$contents =<<<EOD
<div class="section">
{$next_entry}
<h2 class="date-title">{$title_date}</h2>
{$article_box}
</div>
EOD;
} else {
header('Location: ' . $http . '://' . $_SERVER['HTTP_HOST'] . $cfg['root_path'] . 'var/contents/index.php?id=error404');
exit;
}
} else {
$id_form = display_by_id_form('article');
$contents =<<<EOD
<div class="section">
{$id_form}
</div>
EOD;
}
xhtml_output('log');
?>