Code:
Code: Select all
<?php
require_once('../includes/sentry.php');
$theSentry = new Sentry();
if (!$theSentry->checkLogin(1) ){ header("Location: login.php"); die(); }
?>
<?php
// Get the PHP file containing the DbConnector class
require_once('http://+URL+.com/includes/DbConnector.php');
require_once('http://+URL+.com/includes/Validator.php');
// Create an instance of DbConnector
$connector = new DbConnector();
$validator = new Validator();
?>
<?php
// Require the database class
require_once('../includes/DbConnector.php');
// IMPORTANT!!! Validate the ID number. See below
// Create an object (instance) of the DbConnector
$connector = new DbConnector();
// Execute the query to retrieve the selected article
$result = $connector->query('SELECT ID,title,thearticle,tagline FROM cmsarticles WHERE ID = '.$HTTP_GET_VARS['id']);
// Get an array containing the resulting record
$row = $connector->fetchArray($result);
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link href="http://+URL+.com/includes/css.css" type="text/css" rel="stylesheet">
<script type="text/javascript" src="../jscripts/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
mode : "textareas",
theme : "simple"
});
function showMCE(id,linkObj) {
if (tinyMCE.getInstanceById(id) == null) {
linkObj.innerHTML = "hide editor";
tinyMCE.execCommand('mceAddControl', false, id);
}
else {
linkObj.innerHTML = "show editor";
tinyMCE.execCommand('mceRemoveControl', false, id);
}
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>++ - Admin - New Tutorial</title>
<meta name="keywords" content="++">
<meta name="description" content="++">
</head><body class="body">
<div class="container">
<div class="header"><a href="http://+URL+.com/index.php">Home</a> - <a href="http://+URL+.com/admin/index.php">Admin</a> - New Tutorial</div>
<div class="menu"><a href="http://+URL+/admin/login.php?action=logout">Logout</a> | <a href="http://+URL+/feedback-support.php">Feedback/Support</a> | <a target="_blank" href="http://www.+URL+.com">Visit ++</a></div>
<div class="content"><div class="content-holder">
<p><table class="table"><tr><td><p>
<?php
// Get the PHP file containing the DbConnector class
require_once('../includes/DbConnector.php');
// Check whether a form has been submitted. If so, carry on
if ($_POST){
// Create an instance of DbConnector
$connector = new DbConnector();
$insertQuery = ("UPDATE cmsarticles SET title='".$_POST['title']."', title='".$_POST['tagline']."', title='".$_POST['section']."', thearticle='".$_POST['thearticle']."' WHERE ID='".$_POST['id']."'");
// Save the form data into the database
if ($result = $connector->query($insertQuery)){
// It worked, give confirmation
echo '<center><b>Article updated</b></center><br>';
}else{
// It hasn't worked so stop. Better error handling code would be good here!
exit('<center>Sorry, there was an error saving to the database</center>');
}
}
?>
<form method="post" action="http://+URL+/admin/edit-tutorial.php?id=<?php echo $row['ID'];?>">
Title:-<br>
<input name="title" id="title" type="text" value="<?php echo $row['title'];?>">
<br>
Tagline:-<br>
<input name="tagline" id="tagline" type="text" value="<?php echo $row['tagline'];?>">
<br>
Article:-<br>
<table class="table-inside"><tr><td><textarea name="thearticle" id="thearticle" cols="107" rows="15"><?php echo $row['thearticle'];?></textarea></td></tr></table>
<br>Section:-<br>
<select name="section" id="section"><?PHP
$result = $connector->query('SELECT ID,name FROM cmssections ORDER BY name');
while ($row = $connector->fetchArray($result)){
echo '<option value="'.$row['ID'].'">'.$row['name'].'</option>';
}
?></select>
<input name="Submit1" type="submit" value="update">
</form></p></td></tr></table></p>
</div>
</div>
</div>
<p class="footer">+URL+.com is not affiliated to +URL+.com in any way</p>
</body></html>
I have used some code from here which I understand may be wrong to begin with, sorry
Joel