newsverwaltung erweitert, add edit bouten und parameter check
git-svn-id: svn://svn.cccv.de/engel-system@187 29ba0400-6e00-0410-a75a-ca02368028f8
This commit is contained in:
cookie
parent
02a7b492a8
commit
b91450e558
|
|
@ -7,13 +7,13 @@ include ("./inc/funktion_db_list.php");
|
|||
include ("./inc/funktion_user.php");
|
||||
|
||||
|
||||
if (!IsSet($_GET["action"])) {
|
||||
if (!IsSet($_GET["action"]))
|
||||
{
|
||||
$SQL = "SELECT * from News order by Datum DESC";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
$SQL = "SELECT * from News order by Datum DESC";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
$rowcount = mysql_num_rows($Erg);
|
||||
?>
|
||||
$rowcount = mysql_num_rows($Erg);
|
||||
?>
|
||||
Hallo <?PHP echo $_SESSION['Nick'] ?>, <br>
|
||||
hier kannst du die News säbern... falls jemand auf die Idee kommt,
|
||||
hier herumzuspamen oder aus Versehen falsche Informationen zu hinterlegen :)<br><br>
|
||||
|
|
@ -29,82 +29,95 @@ hier herumzuspamen oder aus Versehen falsche Informationen zu hinterlegen :)<br>
|
|||
</tr>
|
||||
<?PHP
|
||||
|
||||
for ($i=0; $i < $rowcount; $i++) {
|
||||
echo "\t<tr class=\"content\">\n";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Datum")."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Betreff")."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Text")."</td>";
|
||||
echo "\t <td>".UID2Nick(mysql_result($Erg, $i, "UID"))."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Treffen")."</td>";
|
||||
echo "\t <td><a href=\"./news.php?action=change&date=".mysql_result($Erg, $i, "Datum")."\">XXX</a></td>";
|
||||
echo "\t</tr>\n";
|
||||
for ($i=0; $i < $rowcount; $i++)
|
||||
{
|
||||
echo "\t<tr class=\"content\">\n";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Datum")."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Betreff")."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Text")."</td>";
|
||||
echo "\t <td>".UID2Nick(mysql_result($Erg, $i, "UID"))."</td>";
|
||||
echo "\t <td>".mysql_result($Erg, $i, "Treffen")."</td>";
|
||||
echo "\t <td><a href=\"./news.php?action=change&date=".mysql_result($Erg, $i, "Datum")."\">XXX</a></td>";
|
||||
echo "\t</tr>\n";
|
||||
}
|
||||
echo "</table>";
|
||||
}
|
||||
echo "</table>";
|
||||
|
||||
|
||||
} else {
|
||||
|
||||
switch ($_GET["action"])
|
||||
else
|
||||
{
|
||||
|
||||
case 'change':
|
||||
$SQL = "SELECT * from News where (Datum='". $_GET["date"]. "')";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
unSet($chsql);
|
||||
|
||||
echo "<form action=\"./news.php\" method=\"GET\">\n";
|
||||
|
||||
echo "<table>\n";
|
||||
echo " <tr><td>Datum</td><td><input type=\"text\" size=\"40\" name=\"date\" value=\"".
|
||||
mysql_result($Erg, 0, "Datum")."\" disabled></td></tr>\n";
|
||||
echo " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"".
|
||||
mysql_result($Erg, 0, "Betreff")."\"></td></tr>\n";
|
||||
echo " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">".
|
||||
mysql_result($Erg, 0, "Text")."</textarea></td></tr>\n";
|
||||
echo " <tr><td>Engel</td><td><input type=\"text\" size=\"40\" name=\"eUser\" value=\"".
|
||||
UID2Nick(mysql_result($Erg, 0, "UID"))."\" disabled></td></tr>\n";
|
||||
echo " <tr><td>Treffen</td><td><input type=\"text\" size=\"40\" name=\"eTreffen\" value=\"".
|
||||
mysql_result($Erg, 0, "Treffen")."\"></td></tr>\n";
|
||||
echo "</table>";
|
||||
|
||||
echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"change_save\">\n";
|
||||
echo "<input type=\"submit\" value=\"Abschicken...\">\n";
|
||||
echo "</form>";
|
||||
|
||||
echo "<form action=\"./news.php?action=delete\" method=\"POST\">\n";
|
||||
echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n";
|
||||
echo "<input type=\"submit\" value=\"löschen...\">\n";
|
||||
echo "</form>";
|
||||
|
||||
break;
|
||||
|
||||
case 'change_save':
|
||||
$chsql="UPDATE News set Betreff = \"". $_GET["eBetreff"]. "\", Text = \"". $_GET["eText"].
|
||||
"\", Treffen=". $_GET["eTreffen"]. " where (Datum = '". $_GET["date"]. "') limit 1";
|
||||
break;
|
||||
|
||||
case 'delete':
|
||||
$chsql="DELETE from News where Datum = '". $_POST["date"]. "' limit 1";
|
||||
break;
|
||||
}
|
||||
|
||||
if (IsSet($chsql)) {
|
||||
// SQL-Statement ausführen...
|
||||
$Erg = mysql_query($chsql, $con);
|
||||
If ($Erg == 1)
|
||||
switch ($_GET["action"])
|
||||
{
|
||||
echo "Änderung erfolgreich gesichert...";
|
||||
}
|
||||
else
|
||||
{
|
||||
echo "Ein Fehler ist aufgetreten... probiere es am besten nocheinmal... :)<br><br>\n";
|
||||
echo mysql_error($con);
|
||||
echo "<br><br>\n[$chsql]";
|
||||
}
|
||||
SetHeaderGo2Back();
|
||||
}
|
||||
case 'change':
|
||||
if (isset($_GET["date"]))
|
||||
{
|
||||
$SQL = "SELECT * from News where (Datum='". $_GET["date"]. "')";
|
||||
$Erg = mysql_query($SQL, $con);
|
||||
|
||||
if( mysql_num_rows( $Erg)==1)
|
||||
{
|
||||
echo "<form action=\"./news.php\" method=\"GET\">\n";
|
||||
|
||||
echo "<table>\n";
|
||||
echo " <tr><td>Datum</td><td><input type=\"text\" size=\"40\" name=\"date\" value=\"".
|
||||
mysql_result($Erg, 0, "Datum")."\" disabled></td></tr>\n";
|
||||
echo " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"".
|
||||
mysql_result($Erg, 0, "Betreff")."\"></td></tr>\n";
|
||||
echo " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">".
|
||||
mysql_result($Erg, 0, "Text")."</textarea></td></tr>\n";
|
||||
echo " <tr><td>Engel</td><td><input type=\"text\" size=\"40\" name=\"eUser\" value=\"".
|
||||
UID2Nick(mysql_result($Erg, 0, "UID"))."\" disabled></td></tr>\n";
|
||||
echo " <tr><td>Treffen</td><td><input type=\"text\" size=\"40\" name=\"eTreffen\" value=\"".
|
||||
mysql_result($Erg, 0, "Treffen")."\"></td></tr>\n";
|
||||
echo "</table>";
|
||||
|
||||
echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n";
|
||||
echo "<input type=\"hidden\" name=\"action\" value=\"change_save\">\n";
|
||||
echo "<input type=\"submit\" value=\"Abschicken...\">\n";
|
||||
echo "</form>";
|
||||
|
||||
echo "<form action=\"./news.php?action=delete\" method=\"POST\">\n";
|
||||
echo "<input type=\"hidden\" name=\"date\" value=\"". $_GET["date"]. "\">\n";
|
||||
echo "<input type=\"submit\" value=\"löschen...\">\n";
|
||||
echo "</form>";
|
||||
}
|
||||
else
|
||||
echo "FEHLER: Eintrag \"". $_GET["date"]. "\" nicht gefunden";
|
||||
}
|
||||
else
|
||||
echo "Fehler: \"date\" nicht übergeben";
|
||||
break;
|
||||
|
||||
case 'change_save':
|
||||
if( isset($_GET["date"]) && isset($_GET["eBetreff"]) && isset($_GET["eText"]) )
|
||||
$chsql="UPDATE News set Betreff = \"". $_GET["eBetreff"]. "\", Text = \"". $_GET["eText"].
|
||||
"\", Treffen=". $_GET["eTreffen"]. " where (Datum = '". $_GET["date"]. "') limit 1";
|
||||
else
|
||||
echo "Fehler: nicht genügend parameter übergeben";
|
||||
break;
|
||||
|
||||
case 'delete':
|
||||
if (isset($_POST["date"]))
|
||||
$chsql="DELETE from News where Datum = '". $_POST["date"]. "' limit 1";
|
||||
else
|
||||
echo "Fehler: \"date\" nicht übergeben";
|
||||
break;
|
||||
} //SWITCH
|
||||
|
||||
if (IsSet($chsql))
|
||||
{
|
||||
// SQL-Statement ausführen...
|
||||
$Erg = mysql_query($chsql, $con);
|
||||
If ($Erg == 1)
|
||||
echo "Änderung erfolgreich gesichert...";
|
||||
else
|
||||
echo "Ein Fehler ist aufgetreten... probiere es am besten nocheinmal... :)<br><br>\n".
|
||||
mysql_error($con). "<br><br>\n[$chsql]";
|
||||
SetHeaderGo2Back();
|
||||
}
|
||||
}// IF-ELSE
|
||||
|
||||
}
|
||||
include ("./inc/footer.php");
|
||||
?>
|
||||
|
||||
|
|
|
|||
|
|
@ -15,12 +15,21 @@ $Erg = mysql_query($SQL, $con);
|
|||
// anzahl zeilen
|
||||
$Zeilen = mysql_num_rows($Erg);
|
||||
|
||||
for ($n = 0 ; $n < $Zeilen ; $n++) {
|
||||
if (mysql_result($Erg, $n, "Treffen")=="1") {
|
||||
echo "<p class='question'><u>".mysql_result($Erg, $n, "Betreff")."</u><br>".
|
||||
" <font size=1>".mysql_result($Erg, $n, "Datum").", ";
|
||||
for ($n = 0 ; $n < $Zeilen ; $n++)
|
||||
{
|
||||
if (mysql_result($Erg, $n, "Treffen")=="1")
|
||||
{
|
||||
echo "<p class='question'><u>".mysql_result($Erg, $n, "Betreff")."</u>";
|
||||
|
||||
// Schow Admin Page
|
||||
if( $_SESSION['CVS'][ "admin/news.php" ] == "Y" )
|
||||
echo " <a href=\"./../admin/news.php?action=change&date=". mysql_result($Erg, $n, "Datum"). "\">[edit]</a>";
|
||||
|
||||
echo "<br> <font size=1>".mysql_result($Erg, $n, "Datum").", ";
|
||||
echo UID2Nick(mysql_result($Erg, $n, "UID"))."</font></p>\n";
|
||||
echo "<p class='answetion'>".nl2br(mysql_result($Erg, $n, "Text"))."</p>\n";
|
||||
|
||||
|
||||
echo "<p class='answetion'>".nl2br(mysql_result($Erg, $n, "Text"))."</p>\n";
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -27,17 +27,21 @@ $Erg = mysql_query($SQL, $con);
|
|||
// anzahl zeilen
|
||||
$news_rows = mysql_num_rows($Erg);
|
||||
|
||||
for ($n = 0 ; $n < $news_rows ; $n++) {
|
||||
for ($n = 0 ; $n < $news_rows ; $n++)
|
||||
{
|
||||
|
||||
if (mysql_result($Erg, $n, "Treffen") == 0) {
|
||||
if (mysql_result($Erg, $n, "Treffen") == 0)
|
||||
echo "<p class='question'>";
|
||||
} else {
|
||||
else
|
||||
echo "<p class='engeltreffen'>";
|
||||
}
|
||||
echo "<u>".mysql_result($Erg, $n, "Betreff")."</u><br>\n";
|
||||
|
||||
echo "<u>".mysql_result($Erg, $n, "Betreff")."</u>\n";
|
||||
|
||||
echo " <font size=1>".mysql_result($Erg, $n, "Datum").", ";
|
||||
// Schow Admin Page
|
||||
if( $_SESSION['CVS'][ "admin/news.php" ] == "Y" )
|
||||
echo " <a href=\"./../admin/news.php?action=change&date=". mysql_result($Erg, $n, "Datum"). "\">[edit]</a><br>\n\t\t";
|
||||
|
||||
echo "<br> <font size=1>".mysql_result($Erg, $n, "Datum").", ";
|
||||
echo UID2Nick(mysql_result($Erg, $n, "UID"))."</font>";
|
||||
// avatar anzeigen?
|
||||
echo DisplayAvatar (mysql_result($Erg, $n, "UID"));
|
||||
|
|
|
|||
Loading…
Reference in New Issue