Sophie

Sophie

distrib > Mandriva > 2010.0 > i586 > media > contrib-release > by-pkgid > 99c7b4207008bf5019e51309ea55eafa > files > 30

php-pear-LiveUser-0.16.12-4mdv2010.0.noarch.rpm

<?php
// $Id: news_new.php,v 1.8 2005/09/29 19:54:16 lsmith Exp $

// CREATING ENVIRONMENT
require_once 'conf.php';

// If the user hasn't the right to write news -> access denied.
if (!$LU->checkRight(RIGHT_NEWS_NEW)) {
    $tpl->loadTemplatefile('news_notallowed.tpl.php', false, false);
    include_once 'finish.inc.php';
    exit();
}

$tpl->loadTemplatefile('news_new.tpl.php');

// Read form data.
$news     = array_key_exists('news', $_POST)     ? htmlspecialchars(strip_tags($_POST['news'])) : '';
$valid_to = array_key_exists('valid_to', $_POST) ? (int)$_POST['valid_to'] : '';
$group    = array_key_exists('group_id', $_POST) ? (int)$_POST['group_id'] : '';


// If $news is not empty, we have something to work.
if (!empty($news)) {

    if (!ereg('^[1-9][0-9]?$', $valid_to)) {
        $tpl->setVariable('script_msg', '<p style="color: red;">Only numbers between 1 and 99 are allowed here.</p>');
    } elseif (!$LU->checkRightLevel(RIGHT_NEWS_NEW, $LU->getProperty('perm_user_id'), $group)) {
        $tpl->setVariable('script_msg', '<p style="color: red;">You don\'t have the right to post news for this group.</p>');
    } else {
    // Form seems to be correct. Write data into the db.
    $news = str_replace("\r\n",'<br />',$news);

    $result = $db->query('INSERT INTO
                  news (
                      news_id,
                      created_at,
                      valid_to,
                      news,
                      owner_user_id,
                      owner_group_id
                  )
                  VALUES (
                      ' . $db->nextId('news') . ',
                      NOW(),
                      ' . $db->quote( date('Y.m.d H:i:s', time()+60*60*24*7*$valid_to), 'timestamp' ) . ',
                      ' . $db->quote( addslashes( $news ), 'text' ).',
                      ' . $db->quote( $LU->getProperty('perm_user_id'), 'integer' ) . ',
                      ' . $group . ')');

        $tpl->setVariable('script_msg', '<p><b>News has been added.</b></p>');

        // null form data.
        $news     = '';
        $valid_to = '';
        $group    = '';
    }
}

$tpl->setVariable('form_action', 'news_new.php');

if (!empty($news)) {
    $tpl->setVariable('message', $news);
}

if (!empty($valid_to)) {
    $tpl->setVariable('valid', $valid_to);
} else {
    $tpl->setVariable('valid', '2');
}

// If the user is member in more than one group, show them.
if (count($LU->getProperty('group_ids')) > 1) {
    $res = $db->query('SELECT
                         section_id AS group_id,
                         description AS group_comment
                     FROM
                         liveuser_translations
                     WHERE
                         section_type = 3
                         AND section_id IN (' . implode(', ', $LU->getProperty('group_ids')) . ')
                     ORDER BY
                         group_id');

    while ($row = $res->fetchRow()) {
        $tpl->setCurrentBlock('choose_group');
        $tpl->setVariable(array('value' => $row['group_id'],
                              'label' => $row['group_comment']));
        if ($group == $row['group_id']) {
            $tpl->setVariable('selected', 'selected');
        }
        $tpl->parseCurrentBlock();
    }

} else {
    $tpl->setCurrentBlock('set_group');
    $tpl->setVariable('group_id', current($LU->getProperty('group_ids')));
    $tpl->parseCurrentBlock();
}

include_once 'finish.inc.php';
?>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional