protected function main()
{
//Si on a bien envoyé un article à éditer
if (!empty($_GET['id']) && is_numeric($_GET['id'])) {
inc_lib('press/get_info_article');
$dn_article = get_info_article($_GET['id']);
if (empty($dn_article)) {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
//Si on a soumis le formulaire
if (isset($_POST['submit'])) {
inc_lib('press/edit_article');
edit_article($dn_article['p_id'], $_POST['paper'], $_POST['link'], $_POST['numero'], $_POST['country'], $_POST['contenu'], $_POST['date_pub']);
redir(Nw::$lang['press']['redir_article_edited'], true, 'press.html?article=' . $dn_article['p_id']);
}
$this->set_title($dn_article['p_ressource_name']);
$this->set_tpl('press/edit.html');
$this->add_css('code.css');
$this->add_css('forms.css');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['press']['mod_title'] => array('press.html'), $dn_article['p_ressource_name'] => array('press.html?article=' . $dn_article['p_id']), Nw::$lang['press']['art_edit'] => array('')));
inc_lib('bbcode/unparse');
Nw::$tpl->set(array('ID' => $dn_article['p_id'], 'RESSOURCE' => $dn_article['p_ressource_name'], 'DATE' => $dn_article['date'], 'LIEN' => $dn_article['p_link'], 'CONTENU' => unparse($dn_article['p_description']), 'PAYS' => $dn_article['p_lang'], 'NUMERO' => $dn_article['p_num']));
} else {
redir(Nw::$lang['press']['error_dont_exist'], false, 'press.html');
}
}
<?php
session_start();
include 'model.php';
$connect = connect();
include 'header.php';
$edit = edit_article($connect);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$title = $_POST['title'];
$text = $_POST['text'];
$date = $_POST['date'];
} else {
$title = $_SESSION['title'];
$text = $_SESSION['text'];
$date = $_SESSION['date'];
}
?>
<form method="post">
<input type="text" name="title" value="<?php
echo $title;
?>
"><br/>
<textarea name="text"><?php
echo $text;
?>
</textarea><br/>
<input type="date" name="date" value="<?php
echo $date;
?>
"><br/>
<input type="submit" name="submit" value="Добавить"><br/>
/* Is Knowledgebase enabled? */
if (!$hesk_settings['kb_enable']) {
hesk_error($hesklang['kbdis']);
}
/* This will tell the header to include WYSIWYG editor Javascript */
define('WYSIWYG', 1);
/* What should we do? */
if ($action = hesk_REQUEST('a')) {
if ($action == 'add_article') {
add_article();
} elseif ($action == 'add_category') {
add_category();
} elseif ($action == 'manage_cat') {
manage_category();
} elseif ($action == 'edit_article') {
edit_article();
} elseif ($action == 'import_article') {
import_article();
} elseif ($action == 'list_private') {
list_private();
} elseif ($action == 'list_draft') {
list_draft();
} elseif (defined('HESK_DEMO')) {
hesk_process_messages($hesklang['ddemo'], 'manage_knowledgebase.php', 'NOTICE');
} elseif ($action == 'new_article') {
new_article();
} elseif ($action == 'new_category') {
new_category();
} elseif ($action == 'remove_article') {
remove_article();
} elseif ($action == 'save_article') {
<?php
if (tp('verif') == 1) {
$id_article = tp('art_id');
$id_chapitre = tp('chapitre');
$titr_article = tp('titre');
//Check if have same Titre and same Chapitre
$titr_article_sql = str_replace(' ', '', $titr_article);
$nbr_article_exist = $db->QuerySingleValue0("select count(id) from article where REPLACE(titre, ' ','') = '{$titr_article_sql}' and article.id_chapitre = {$id_chapitre} and article.id <> {$id_article} ");
if ($nbr_article_exist > 0) {
exit("3#{$nbr_article_exist}");
}
model::load('budget', 'budget');
if (!edit_article($id_article, $id_chapitre, $titr_article)) {
exit("2");
} else {
exit("1");
}
} else {
view::load('budget', 'editarticle');
}
function processing()
{
if ($_SESSION['Logged_In'] != True) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_not_logged_in') . "</p></div>";
return 0;
}
$action = $_REQUEST['action'];
$id = $_REQUEST['id'];
$commentid = $_POST['commentid'];
$name = str_replace("\\'", "'", $_POST['name']);
$category = $_POST['category'];
$description = $_POST['description'];
$title = str_replace("\\'", "'", $_POST['title']);
$seftitle = $_POST['seftitle'];
$comment = str_replace("\\'", "'", $_POST['editedcomment']);
$text = str_replace("\\'", "'", $_POST['text']);
$text_limit = $_POST['text_limit'];
$auto_html = $_POST['auto_html'];
$date = date('Y-m-d H:i:s');
$display_title = $_POST['display_title'];
$display_info = $_POST['display_info'];
$commentable = $_POST['commentable'];
$publish = $_POST['publish'];
$publish_category = $_POST['publish'];
$position = $_POST['position'];
$display = $_POST['display'];
$image = $_POST['image'];
$fpost_enabled = false;
$fpublished = 1;
if ($_POST['fposting'] == "YES" or $_POST['task'] == "advancededit") {
$fpublished = 0;
$fpost_enabled = true;
$fpost_day = $_POST['fposting_day'];
$fpost_month = $_POST['fposting_month'];
$fpost_year = $_POST['fposting_year'];
$fpost_hour = $_POST['fposting_hour'];
$fpost_minute = $_POST['fposting_minute'];
}
if ($text_limit == "") {
$text_limit = 0;
}
if ($position == "") {
$position = 1;
}
if ($commentable == "") {
$commentable = "NO";
}
if ($publish != "ON") {
$position = 4;
}
if ($display_title == "") {
$display_title = "NO";
}
if ($display_info == "") {
$display_info = "NO";
}
if ($fpost_enabled or $_POST['task'] == "advancededit") {
$date = $fpost_year . '-' . $fpost_month . '-' . $fpost_day . ' ' . $fpost_hour . ':' . $fpost_minute . ':00';
}
if ($_POST['task'] == "add_category") {
if ($_POST['submit_text']) {
if ($name == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_empty') . "</p></div>";
view_categories();
} else {
if ($seftitle == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_empty') . "</p></div>";
view_categories();
} else {
if (check_if_unique('category_name', $name)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_exists') . "</p></div>";
view_categories();
} else {
if (check_if_unique('category_seftitle', $seftitle)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_exists') . "</p></div>";
view_categories();
} else {
if (cleancheckSEF($seftitle) == "notok") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_illegal') . "</p></div>";
view_categories();
} else {
mysql_query("INSERT INTO " . s('prefix') . "categories(name,seftitle,description,published) VALUES('{$name}', '{$seftitle}', '{$description}', '{$publish_category}')");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p></div>";
}
}
}
}
}
}
}
if ($_POST['task'] == "edit_category") {
if ($_POST['submit_text']) {
if ($name == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_empty') . "</p></div>";
edit_category();
} else {
if ($seftitle == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_empty') . "</p></div>";
edit_category();
} else {
if (check_if_unique('category_name', $name, $id)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_name_exists') . "</p></div>";
edit_category();
} else {
if (check_if_unique('category_seftitle', $seftitle, $id)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_exists') . "</p></div>";
edit_category();
} else {
if (cleancheckSEF($seftitle) == "notok") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_category_seftitle_illegal') . "</p></div>";
edit_category();
} else {
mysql_query("UPDATE " . s('prefix') . "categories SET name='{$name}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "categories SET seftitle='{$seftitle}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "categories SET description='{$description}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "categories SET published='{$publish_category}' WHERE id='{$id}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p></div>";
}
}
}
}
}
}
} else {
if ($_POST['task'] == "new") {
if ($_POST['submit_text']) {
$_SESSION['temp']['title'] = $title;
$_SESSION['temp']['seftitle'] = $seftitle;
$_SESSION['temp']['text'] = $text;
if ($title == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>";
new_article();
unset($_SESSION['temp']);
} else {
if ($seftitle == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_empty') . "</p></div>";
$_SESSION['temp']['seftitle'] = $_SESSION['temp']['title'];
new_article();
unset($_SESSION['temp']);
} else {
if (cleancheckSEF($seftitle) == "notok") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_illegal') . "</p></div>";
new_article();
unset($_SESSION['temp']);
} else {
if (check_if_unique('article_title', $title)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>";
new_article();
unset($_SESSION['temp']);
} else {
if (check_if_unique('article_seftitle', $seftitle)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_exists') . "</p></div>";
new_article();
unset($_SESSION['temp']);
} else {
if ($auto_html == "ON") {
$text = str_replace('<p></p>', '', '<p>' . preg_replace('#\\n|\\r#', '</p>$0<p>', $text) . '</p>');
}
$query = "INSERT INTO " . s('prefix') . "articles(title,seftitle,text,textlimit,date,category,position,displaytitle,displayinfo,commentable,image,published) VALUES('" . $title . "', '" . $seftitle . "', '" . $text . "', '" . $text_limit . "', '" . $date . "', '" . $category . "', '" . $position . "', '" . $display_title . "', '" . $display_info . "', '" . $commentable . "', '" . $image . "', '" . $fpublished . "')";
mysql_query($query);
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . "'>" . l('back') . "</a></p></div>";
unset($_SESSION['temp']);
}
}
}
}
}
}
} else {
if ($_POST['task'] == "simpleedit") {
if ($_POST['submit_text']) {
$_SESSION['temp']['title'] = $title;
$_SESSION['temp']['text'] = $text;
if ($title == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>";
edit_article(simple);
unset($_SESSION['temp']);
} else {
if (check_if_unique('article_title', $title, $id)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>";
edit_article(simple);
unset($_SESSION['temp']);
} else {
$text = str_replace('<p></p>', '', '<p>' . preg_replace('#\\n|\\r#', '</p>$0<p>', $text) . '</p>');
mysql_query("UPDATE " . s('prefix') . "articles SET title='{$title}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET text='{$text}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET textlimit='{$text_limit}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET category='{$category}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET position='{$position}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET displaytitle='{$display_title}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET displayinfo='{$display_info}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET commentable='{$commentable}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET image='{$image}' WHERE id='{$id}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($category) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>";
unset($_SESSION['temp']);
}
}
}
} else {
if ($_POST['task'] == "advancededit") {
if ($_POST['submit_text']) {
$_SESSION['temp']['title'] = $title;
$_SESSION['temp']['seftitle'] = $seftitle;
$_SESSION['temp']['text'] = $text;
if ($title == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_empty') . "</p></div>";
edit_article(advanced);
unset($_SESSION['temp']);
} else {
if ($seftitle == "") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_empty') . "</p></div>";
edit_article(advanced);
unset($_SESSION['temp']);
} else {
if (cleancheckSEF($seftitle) == "notok") {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_illegal') . "</p></div>";
edit_article(advanced);
unset($_SESSION['temp']);
} else {
if (check_if_unique('article_title', $title, $id)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_title_exists') . "</p></div>";
edit_article(advanced);
unset($_SESSION['temp']);
} else {
if (check_if_unique('article_seftitle', $seftitle, $id)) {
echo "<div class=\"" . s('css_error') . "\"><h2>" . l('admin_error') . "</h2><p>" . l('error_article_seftitle_exists') . "</p></div>";
edit_article(advanced);
unset($_SESSION['temp']);
} else {
mysql_query("UPDATE " . s('prefix') . "articles SET title='{$title}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET seftitle='{$seftitle}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET text='{$text}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET textlimit='{$text_limit}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET date='{$date}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET category='{$category}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET position='{$position}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET displaytitle='{$display_title}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET displayinfo='{$display_info}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET commentable='{$commentable}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET image='{$image}' WHERE id='{$id}'");
mysql_query("UPDATE " . s('prefix') . "articles SET published='{$fpublished}' WHERE id='{$id}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($category) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>";
unset($_SESSION['temp']);
}
}
}
}
}
}
} else {
if ($_GET['task'] == "delete") {
mysql_query("DELETE FROM " . s('prefix') . "articles WHERE id='{$id}'");
echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . "'>" . l('backhome') . "</a></p>";
} else {
if ($_POST['task'] == "editcomment") {
mysql_query("UPDATE " . s('prefix') . "comments SET name='{$name}' WHERE id='{$commentid}'");
mysql_query("UPDATE " . s('prefix') . "comments SET comment='{$comment}' WHERE id='{$commentid}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>";
} else {
if ($_GET['task'] == "freezecomments") {
$categoryid = find_article_cat($id);
mysql_query("UPDATE " . s('prefix') . "articles SET commentable='FREEZ' WHERE id='{$id}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>";
} else {
if ($_GET['task'] == "unfreezecomments") {
$categoryid = find_article_cat($id);
mysql_query("UPDATE " . s('prefix') . "articles SET commentable='YES' WHERE id='{$id}'");
echo "<div class=\"" . s('css_success') . "\"><h2>" . l('operation_completed') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($id) . "/'>" . l('back') . "</a></p></div>";
} else {
if ($_GET['task'] == "deletecomment") {
$commentid = $_GET['commentid'];
$articleid = $_GET['articleid'];
mysql_query("DELETE FROM " . s('prefix') . "comments WHERE id='{$commentid}'");
echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . find_cat_sef($categoryid) . "/" . find_article_sef($articleid) . "/'>" . l('back') . "</a></p>";
} else {
if ($_GET['task'] == "deletecategory") {
$categoryid = $_GET['categoryid'];
mysql_query("DELETE FROM " . s('prefix') . "categories WHERE id='{$id}'");
echo "<h2>" . l('deleted_success') . "</h2><p><a href='" . s('website') . "categories/'>" . l('back') . "</a></p>";
}
}
}
}
}
}
}
}
}
}
}
