function checkadminlogin()
{
global $table_prefix, $HTTP_COOKIE_VARS;
//lets see if we are logged in already.
$admin = admincookie();
if (0 != strcmp($admin['username'], "anonymous") && $admin['admin'] == 1) {
return 1;
} else {
return 0;
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$ARTICLES = loadadmintmplate("articles");
$WORK = $ARTICLES;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit an article
//lets get the article from the db
$sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the article exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
}
} else {
//if we are not editing an article lets prepare the form for a new article.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete an article if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
$user = admincookie();
$posted_by = $user['user_id'];
if (isset($HTTP_POST_VARS['newarticle'])) {
//its a new article being saved.
$sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
$result = db_query($sql);
} elseif (isset($HTTP_POST_VARS['articleid'])) {
//its an old article being saved
$sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
$result = db_query($sql);
} else {
$WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
}
}
//lets output our article cp.
$WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}