Tfe

Ongi etorri tfe-ren webgunera...

Old stuff/old_sites/www/include/perso/blog.php

(Deskargatu)
<?
    $action = preg_replace("/[^a-zA-Z]/","",$_GET['action']);
    
    if ($action == "ajouter")
    {
	if (empty($_POST['section']) or
	    empty($_POST['titre']) or
    	    empty($_POST['contenu']))
	{
	echo "<form action=\"index.php?page=perso&amp;id=blog&amp;action=ajouter\" method=\"post\">
	<dl>
	<dt>Section</dt>
	<dd><input type=\"text\" name=\"section\" value=\"".$_POST['section']."\" /></dd>
	<dt>titre</dt>
	<dd><input type=\"text\" name=\"titre\" value=\"".$_POST['titre']."\" /></dd>
	<dt>Contenu</dt>
	<dd><textarea cols=\"80\" rows=\"10\" name=\"contenu\">".$_POST['contenu']."</textarea></dd>
	
	<dt>Validation</dt>
	<dd><input type=\"submit\" value=\"Envoyer\" /></dd>
	</dl>
	
	</form>
	
	";
	}
	else { 
	    $query = "INSERT INTO mp_blog (section,titre,contenu,pseudo) VALUES
		('".text2html($_POST['section'])."',
		 '".text2html($_POST['titre'])."',
		 '".text2html($_POST['contenu'])."',		 
		 '".$nick."'
		 )";
	    mysql_query($query) or die(mysql_error());
	    echo "<p>Changement effectu&eacute;es.</p>";
	
	 }

    }
    
    elseif($action == "edit")
    {
    if (empty($_GET['article']))
    {
	echo "<h4>Liste des billets</h4>\n";
	echo "<ul>";
	$query = "SELECT id,titre FROM mp_blog WHERE pseudo='".$nick."' ORDER BY id DESC";
	$result = mysql_query($query) or die(mysql_error());
	while($row = mysql_fetch_assoc($result))	    
	{
	    echo "<li><a href=\"index.php?page=perso&amp;id=blog&amp;action=edit&amp;article=".$row{'id'}."\">".$row{'titre'}."</a></li>\n";
	}	    
	echo "</ul>\n";
    
    
    }
    else {
    	$id = preg_replace("/[\D]/","",$_GET['article']);
	if (empty($_POST['titre']) or
	    empty($_POST['section']) or
	    empty($_POST['contenu']))
	    {
	    $id = $_GET['article'];
	    aide();
	    $query = "SELECT * FROM mp_blog WHERE pseudo='".$nick."' and id='".$id."'";
	    $result = mysql_query($query) or die(mysql_error());
	    $row = mysql_fetch_assoc($result);
		echo "<form action=\"index.php?page=perso&amp;id=blog&amp;action=edit&amp;article=$id\" method=\"post\">
	    <dl>
	    <dt>Section</dt>
	    <dd><input type=\"text\" name=\"section\" value=\"".$row['section']."\" /></dd>
	    <dt>titre</dt>
	    <dd><input type=\"text\" name=\"titre\" value=\"".$row['titre']."\" /></dd>
	    <dt>Contenu</dt>
	    <dd><textarea cols=\"80\" rows=\"10\" name=\"contenu\">".html2text($row['contenu'])."</textarea></dd>
	
	    <dt>Validation</dt>
	    <dd><input name=\"action\" type=\"submit\" value=\"editer\" /> 
	    <input name=\"action\" type=\"submit\" value=\"supprimer\" /></dd>	    
	    </dl>
	
	    </form>
	     ";
	    }
	    else {
		if ($_POST['action'] == "supprimer")
		{
		    $query = "DELETE FROM mp_blog WHERE pseudo='".$nick."' and id='".$id."'";
		}
		else 
		{
		    $query = "UPDATE mp_blog set titre='".text2html($_POST['titre'])."',
		                                 section='".text2html($_POST['section'])."',
		                                 contenu='".text2html($_POST['contenu'])."'
		    WHERE  pseudo='".$nick."' and id='".$id."'";
		}
		mysql_query($query) or die(mysql_error());
		echo "<p>Modifications effectu&eacute;es.</p>";
	    }
	    
	    
    }
    }