<tr> <td> </br> <table class="normal_content"> <tr><td><strong>Categories:</strong></td></tr> <?php echo $adm_log == 1 ? '<form name=add_categ action=admin_work.php method=post><tr><td><input type=text name="categ_name" /></td></tr><tr><td><input type=submit name=submit value="Add categ" /></td></tr></form>' : ''; $query = 'SELECT * FROM categories ORDER BY categ_name'; $result = sql_query($query, $db); if (mysql_num_rows($result) > 0) { while ($row = mysql_fetch_array($result)) { extract($row); $query = 'SELECT * FROM posts WHERE categ_id=' . mysql_real_escape_string($categ_id, $db); $result2 = sql_query($query, $db); $adm_link = $adm_log == 1 && $categ_id != 1 ? '<a href="admin_main.php?mode=confirm&submit=categ_del&id=' . $categ_id . '"><span style="color:green;">Delete</span></a>' : ''; echo '<tr><td><div><a href="index.php?categ=' . $categ_id . '">' . deletenbsp($categ_name) . '(' . mysql_num_rows($result2) . ')</a></br>' . $adm_link . '</div></td><tr><tr><td>-------------</td></tr>'; } mysql_free_result($result); } else { echo '<tr><td>Categories not found</td></tr>'; } ?> </table> </td></tr> </table> </td> </tr> </table> </td>
function show_tag_posts($id, $db) { if (!ctype_digit($id)) { alert_try_sqlinj(); header('index.php'); die; } $similar = array(); $query = 'SELECT * FROM posttags WHERE post_id=' . mysql_real_escape_string($id, $db); $result = sql_query($query, $db); if (mysql_num_rows($result) > 0) { while ($row = mysql_fetch_array($result)) { extract($row); $query = 'SELECT pt.post_id AS post_id,post_title FROM posttags pt JOIN posts po ON pt.post_id=po.post_id WHERE pt.tag_id=' . mysql_real_escape_string($tag_id, $db) . ' AND pt.post_id!=' . mysql_real_escape_string($id, $db) . ' ORDER BY post_id DESC LIMIT 0,' . MAX_SIMILAR_POSTS; $result2 = sql_query($query, $db); if (mysql_num_rows($result2) > 0) { while ($row = mysql_fetch_array($result2)) { extract($row); if (!array_key_exists($post_id, $similar)) { $similar[$post_id] = deletenbsp($post_title); } } } } } if (count($similar) > 0) { echo '----------------------<div><span style="font-size:15px;">Similar posts:</span></br>'; foreach ($similar as $key => $value) { echo '<span style="font-size:12px;"><a href="view_post.php?id=' . $key . '">' . $value . '</a></span></br>'; } echo '</div>----------------------'; } }
?> <tr><td>Add/Delete a Tag</td></tr> <tr><td> <form name=add/deletetag action=admin_work.php method=post> <table> <tr><td><label for="tag_name">Tag Name:</label><input type=text name=tag_name id=tag_name /></td><td><input type=submit name=submit value="Add tag" /></td></tr> <tr><td> <?php $query = 'SELECT * FROM tags ORDER BY tag_name'; $result = sql_query($query, $db); if (mysql_num_rows($result) > 0) { echo '<select name=tag_id>'; while ($row = mysql_fetch_array($result)) { extract($row); echo '<option value=' . $tag_id . '>' . deletenbsp($tag_name) . '</option>'; } echo '</select></td><td><input type=submit name=submit value="Delete tag" /></td></tr>'; } else { echo 'Tags not Found'; } ?> <tr><td><a href="admin_main.php?mode=add_post">Back to Add post>></a></td></tr> <?php break; //Confirm //Confirm case 'confirm': $queryhttp = $_SERVER['QUERY_STRING'];