public function runSearch() { global $systemConfiguration; global $logger; $newsPosts = array(); $sql = "SELECT * FROM bsi_news_posts "; $where = ""; if ($this->id > 0) { $where .= "id = " . $this->id; } else { if ($this->categoryId > 0) { $where .= "category_id = " . $this->categoryId; } else { if ($this->monthNumber > 0 && $this->yearNumber > 0) { $where .= "CAST(DATE_FORMAT(date_posted, '%Y') as UNSIGNED) = " . $this->yearNumber . " AND CAST(DATE_FORMAT(date_posted,'%m') as UNSIGNED) = " . $this->monthNumber; } else { if (strlen(trim($this->keywords)) > 0) { $keywords = str_ireplace(" ", "%", $this->keywords); $where .= NewsSearchCriteria::$titleField . " LIKE '%" . mysql_escape_string($keywords) . "%' OR " . NewsSearchCriteria::$contentsField . " LIKE '%" . mysql_escape_string($keywords) . "%'"; } } } } if ($where != "") { $where = " WHERE " . $where; $sql .= $where; } $sql .= " ORDER BY date_posted DESC "; $postsPerPage = $systemConfiguration->getNewsItemsPerPage(); $count = NewsPost::count($where); $this->totalPages = max(ceil($count / $postsPerPage), 1); if ($this->page < 1) { $this->page = 1; } else { if ($this->page > $this->totalPages) { $this->page = $this->totalPages; } } $sql .= " LIMIT " . ($this->page - 1) * $postsPerPage . "," . $postsPerPage; $query = mysql_query($sql); if (!$query) { $logger->LogError("Error returning news posts for page {$page}."); $logger->LogError("Error: " . mysql_errno() . ". Error message: " . mysql_error()); $logger->LogError("SQL: {$sql}"); die("Error: " . mysql_errno() . ". Error message: " . mysql_error()); } while ($row = mysql_fetch_assoc($query)) { $newsPost = NewsPost::fetchFromParameters($row, true); $newsPosts[] = $newsPost; } return $newsPosts; }
<?php // TODO: Uncomment include "access.php"; include_once "../includes/SystemConfiguration.class.php"; global $systemConfiguration; global $logger; $errors = array(); $message = ""; $newsPost = new NewsPost(); if (isset($_POST['SBMT_REG'])) { $logger->LogInfo("Form has been submitted."); $newsPost = NewsPost::fetchFromParameters($_POST); if (!$newsPost->save()) { $logger->LogError("Error saving news category."); foreach ($newsPost->errors as $error) { $logger->LogError($error); $errors[] = $error; } } else { $message = "Values were updated successfully!"; $newsPost = NewsPost::fetchFromDb($newsPost->id); } } else { if (isset($_REQUEST['id']) && is_numeric($_REQUEST['id'])) { $logger->LogInfo("Page was called for edit of id: " . $_REQUEST['id']); $id = intval($_REQUEST['id']); $logger->LogDebug("Numeric id is: {$id}"); $newsPost = NewsPost::fetchFromDb($id); if ($newsPost == null) { $logger->LogError("Invalid request. No news category with id: {$id} exists.");
public static function fetchFromDbPage($page, $isPageNumberValidated = false) { global $logger; global $systemConfiguration; NewsPost::$staticErrors = array(); $postsPerPage = $systemConfiguration->getAdminItemsPerPage(); if (!$isPageNumberValidated) { if ($page < 1) { $page = 1; } else { $count = NewsPost::count(); $lastPage = ceil($count / $postsPerPage); if ($page < $lastPage) { $page = $lastPage; } } } $newsPosts = array(); $sql = "SELECT * FROM bsi_news_posts ORDER BY date_posted DESC LIMIT " . ($page - 1) * $postsPerPage . "," . $postsPerPage; $query = mysql_query($sql); if (!$query) { $logger->LogError("Error: " . mysql_errno() . ". Error message: " . mysql_error()); $logger->LogError("SQL: {$sql}"); die("Error: " . mysql_errno() . ". Error message: " . mysql_error()); } while ($row = mysql_fetch_assoc($query)) { $newsPost = NewsPost::fetchFromParameters($row, true); $newsPosts[] = $newsPost; } return $newsPosts; }