Просмотр файла dotwidgeta/admin/authors.php

Размер файла: 6.47Kb
<?php

include("dotwidgeta_config.php"); // change if the config file is not in admin directory

include("connect_db.php"); 

$metatitle = $sitename . " - Authors List";

include($admin_header_file);



// -------------------------------------------------------------

//  Authors list

// -------------------------------------------------------------

if($action == "list" || $action == "") {



print "<blockquote><p class=\"PAGEHEADING\">Admin: Authors List";



print "<P><A HREF=\"index.php\">Main Menu</A> | <A HREF=\"authors.php?action=add\">Add an Author</A></p>";



$authors = mysql_query("SELECT id, name FROM article_authors ORDER BY name");

if (!$authors) {

  echo("<P>Error retrieving authors from database!<BR>".

       "Error: " . mysql_error());

  exit();

}



?>



<p><span class="TIPLABEL">Tip</span><span class="TIPTEXT">: <i>Careful!</i> A "Delete" is final!</span></p>



<TABLE BORDER=1 cellpadding="5">

<tr><td><b>Author</b></td><td><b>Options</b></td></tr>



<?php 



while ($author = mysql_fetch_array($authors)) {

  $id   = $author["id"];

  $name = $author["name"];

  echo("<TR>\n");

  echo("<td>$name </td>\n".

       "<td><A HREF='authors.php?action=edit&id=$id'>Edit</A>|".

       "<A HREF='authors.php?action=del&id=$id'>Delete</A></td>\n");

  echo("</TR>\n");

}



echo ("</table><br>");



}



// -------------------------------------------------------------

//  Add an author

// -------------------------------------------------------------

if($action == "add") {



print "<blockquote><p class=\"PAGEHEADING\">Admin: Add an Author";



print "<P><A HREF=\"index.php\">Main Menu</A> | <A HREF=\"authors.php?action=list\">Authors List</A> | <A HREF=\"authors.php?action=add\">Add an Author</A></p>";



if ($submit) {



  $sql = "INSERT INTO article_authors SET " .

         "name='$name', " .

         "email='$email', " .

         "byline='$byline', " .

         "pic_url='$pic_url' "; 

  if (mysql_query($sql)) {

    echo("<P>New author added</P><br>");

  } else {

    echo("<P>Error adding new author: " .

         mysql_error() . "</P>");

  }



} else {

?>



<p><span class="TIPLABEL">Tip</span><span class="TIPTEXT">: Review the current list of authors before adding another.</span></p>



<FORM ACTION="<?php echo($PHP_SELF."?action=add"); ?>" METHOD=POST>

<P><b>Enter the new author:</b><BR><br>

<TABLE>

<TR VALIGN="TOP">

	<TD>Name:</TD>

	<TD><INPUT TYPE=TEXT NAME="name" SIZE=20 MAXLENGTH=100></TD>

</TR>

<TR VALIGN="TOP">

	<TD>eMail:</TD>

	<TD><INPUT TYPE=TEXT NAME="email" SIZE=20 MAXLENGTH=100></TD>

</TR>

<TR VALIGN="TOP">

	<TD>Byline:  <br><br>&nbsp;<a href="markuptags.htm" target="_blank">Markup Tags</a></TD>

	<TD><TEXTAREA NAME="byline" ROWS=3 COLS=45></TEXTAREA></TD>

</TR>

<TR VALIGN="TOP">

	<TD>URL to Author Pic:</TD>

	<TD><INPUT TYPE=TEXT NAME="pic_url" SIZE=20 MAXLENGTH=100></TD>

</TR>

<TR VALIGN="TOP">

	<TD>&nbsp;</TD>

	<TD><INPUT TYPE=SUBMIT NAME="submit" VALUE="SUBMIT"></TD>

</TR>

</TABLE><br>

  

</FORM>



<?php



	}

}



// -------------------------------------------------------------

//  Delete an author

// -------------------------------------------------------------

if($action == "del") {



print "<blockquote><p class=\"PAGEHEADING\">Admin: Delete Author";



print "<P><A HREF=\"index.php\">Main Menu</A> | <A HREF=\"authors.php?action=list\">Return to Authors list</A> | <A HREF=\"authors.php?action=add\">Add another Author</A></p>";



// Delete all articles belonging to the author

// along with the entry for the author.

$ok1 = mysql_query("DELETE FROM articles WHERE aid=$id"); 

$ok2 = mysql_query("DELETE FROM article_authors WHERE id=$id");

if ($ok1 and $ok2) {

  echo("<P>Author deleted successfully!</P><br>");

} else {

  echo("<P>Error deleting author from database!<BR>".

       "Error: " . mysql_error());

}

}



// -------------------------------------------------------------

//  Edit an author

// -------------------------------------------------------------

if($action == "edit") {



print "<blockquote><p class=\"PAGEHEADING\">Admin: Edit Author";



print "<P><A HREF=\"index.php\">Main Menu</A> | <A HREF=\"authors.php?action=list\">Authors List</A> | <A HREF=\"authors.php?action=add\">Add an Author</A></p>";



  if ($submit) {



  $sql = "UPDATE article_authors SET " .

         "name='$name', " .

         "email='$email', " .

         "byline='$byline', " .

		 "pic_url='$pic_url' " .

         "WHERE id=$id";



  if (mysql_query($sql)) {

    echo("<P>Author details updated.</P><br>");

  } else {

    echo("<P>Error updating author details: " .

         mysql_error() . "</P><br>");

  }



  } else {



  $author=mysql_query("SELECT name, email, byline, pic_url " .

                      "FROM article_authors " .

                      "WHERE id=$id");

  if (!$author) {

    echo("<P>Error fetching author details: " .

      mysql_error() . "</P><br>");

    exit();

  }



  $author = mysql_fetch_array($author);



  $name = $author["name"];

  $email = $author["email"];

  $byline = $author["byline"];

  $pic_url = $author["pic_url"];



  // Add slashes to database

  // values for use as HTML attributes

  $name = addslashes($name);

  $email = addslashes($email);

  $byline = addslashes($byline);

  $pic_url = addslashes($pic_url);



?>



<FORM ACTION="<?php echo($PHP_SELF."?action=edit"); ?>" METHOD=POST>

<P><b>Edit the author:</b><BR><br>

<TABLE>

<TR VALIGN="TOP">

	<TD>Name:</TD>

	<TD><INPUT TYPE=TEXT NAME="name" VALUE="<?php echo($name); ?>" SIZE=20 MAXLENGTH=100></TD>

</TR>

<TR VALIGN="TOP">

	<TD>eMail:</TD>

	<TD><INPUT TYPE=TEXT NAME="email" VALUE="<?php echo($email); ?>" SIZE=20 MAXLENGTH=100></TD>

</TR>

<TR VALIGN="TOP">

	<TD>Byline:</TD>

	<TD><TEXTAREA NAME="byline" ROWS=3 COLS=45><?php echo($byline); ?></TEXTAREA></TD>

</TR>

<TR VALIGN="TOP">

	<TD>URL to Author Pic:</TD>

	<TD><INPUT TYPE=TEXT NAME="pic_url" VALUE="<?php echo($pic_url); ?>" SIZE=40 MAXLENGTH=100></TD>

</TR>

<TR>

	<TD>&nbsp;</TD>

	<TD><INPUT TYPE=SUBMIT NAME="submit" VALUE="SUBMIT"></TD>

</TR>

</TABLE>

<INPUT TYPE=HIDDEN NAME="id" VALUE="<?php echo($id); ?>">

</FORM><BR>



<?php 

	

}

}



// -------------------------------------------------------------

//  Call the footer file

// -------------------------------------------------------------



include($admin_footer_file);

?>