admin_news privilege for writing news too

This commit is contained in:
Philip Häusler 2011-09-14 22:23:29 +02:00
parent fc90174dd8
commit 3c33e23c3c
1 changed files with 43 additions and 41 deletions

View File

@ -80,22 +80,22 @@ function user_news_comments() {
$html .= "</table>"; $html .= "</table>";
$html .= ' $html .= '
<br /> <br />
<hr> <hr>
<h2>Neuer Kommentar:</h2> <h2>Neuer Kommentar:</h2>
<a name="Neu">&nbsp;</a> <a name="Neu">&nbsp;</a>
<form action="' . page_link_to("news_comments") . '" method="post"> <form action="' . page_link_to("news_comments") . '" method="post">
<input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '"> <input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '">
<table> <table>
<tr> <tr>
<td align="right" valign="top">Text:</td> <td align="right" valign="top">Text:</td>
<td><textarea name="text" cols="50" rows="10"></textarea></td> <td><textarea name="text" cols="50" rows="10"></textarea></td>
</tr> </tr>
</table> </table>
<br /> <br />
<input type="submit" value="sichern..."> <input type="submit" value="sichern...">
</form>'; </form>';
} else { } else {
$html .= "Fehlerhafter Aufruf!"; $html .= "Fehlerhafter Aufruf!";
} }
@ -108,7 +108,7 @@ function user_news() {
$html = ""; $html = "";
if (isset ($_POST["text"]) && isset ($_POST["betreff"])) { if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && in_array("admin_news", $privileges)) {
if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges)) if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges))
$_POST["treffen"] = 0; $_POST["treffen"] = 0;
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
@ -137,32 +137,34 @@ function user_news() {
else else
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a>&nbsp; '; $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a>&nbsp; ';
} }
$html .= '</div> $html .= '</div>';
<br /><hr /> if (in_array("admin_news", $privileges)) {
<h2>' . Get_Text(6) . '</h2> $html .= '<br /><hr />
<a name="Neu">&nbsp;</a> <h2>' . Get_Text(6) . '</h2>
<a name="Neu">&nbsp;</a>
<form action="" method="post">
<table> <form action="" method="post">
<tr> <table>
<td align="right">' . Get_Text(7) . '</td> <tr>
<td><input type="text" name="betreff" size="60"></td> <td align="right">' . Get_Text(7) . '</td>
</tr> <td><input type="text" name="betreff" size="60"></td>
<tr> </tr>
<td align="right">' . Get_Text(8) . '</td> <tr>
<td><textarea name="text" cols="50" rows="10"></textarea></td> <td align="right">' . Get_Text(8) . '</td>
</tr>'; <td><textarea name="text" cols="50" rows="10"></textarea></td>
if (in_array('admin_news', $privileges)) { </tr>';
$html .= ' <tr> if (in_array('admin_news', $privileges)) {
<td align="right">' . Get_Text(9) . '</td> $html .= ' <tr>
<td><input type="checkbox" name="treffen" size="1" value="1"></td> <td align="right">' . Get_Text(9) . '</td>
</tr>'; <td><input type="checkbox" name="treffen" size="1" value="1"></td>
</tr>';
}
$html .= '</table>
<br />
<input type="submit" value="' . Get_Text("save") . '">
</form>';
} }
$html .= '</table>
<br />
<input type="submit" value="' . Get_Text("save") . '">
</form>';
return $html; return $html;
} }
?> ?>