1 <?
2 session_start();
3 header ("Cache-Control: no-cache, must-revalidate");
4 if (!$pagename) {
5 $pagename = "MainMenu";
6 }
7
8 $stylesheet = "newsdbadmin.css";
9 include "config.php";
10 include "functions.php";
11
12
13 if ($logout) {
14 session_unregister("usr");
15 session_unregister("pwd");
16 $pagename = "Login";
17 }
18 if (!isset($usr) and !isset($pwd)) {
19 session_register("usr");
20 session_register("pwd");
21 $pagename = "Login";
22 }
23 else {
24 $connect = dbconnect();
25 $query = "SELECT * FROM newsusers WHERE user = '$usr' and password = '$pwd'";
26 $result = mysql_query ($query);
27 if (!$userrow = mysql_fetch_array($result)) {
28 $pagename = "Login";
29 $logintrue = "no";
30 }
31 elseif ($login == "Store") {
32 setcookie ("usr", "$usr");
33 setcookie ("pwd", "$pwd");
34 }
35 }
36
37 echo adminheadertable($pagename, $stylesheet);
38
39 include "menubar.php";
40 echo "<br><br>";
41
42 if ($pagename == "MainMenu") {
43 echo "
44 <div align='center'>
45 <h2>Main Menu</h2>
46 <div class='menupanel'>
47
48 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=SubmitStory'>SUBMIT a New Story</a></div>
49 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=EditStory'>EDIT an Existing Story (by Story ID)</a></div>
50 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=EditStory&viewstory=yes'>VIEW an Existing Story (by Story ID)</a></div>
51 <div align='left' class='menuitem'>VIEW STORIES for [ <a href='$PHP_SELF?pagename=SearchDatabase&field=storydate&value=today'>today</a>—<a href='$PHP_SELF?pagename=SearchDatabase&field=storydate&value=yesterday&submit=Search'>yesterday</a>—<a href='$PHP_SELF?pagename=SearchDatabase&field=storydate&value=tomorrow&submit=Search'>tomorrow</a> ]</div>
52 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=NewsCaster'>UPLOAD a Newscast Audio File</a></div>
53 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=SearchDatabase'>SEARCH for Stories</a></div>
54 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=ToolsMenu'>Tools Menu</a></div>
55 <br>
56 </div>
57 </div>";
58 }
59
60 if ($pagename == "ToolsMenu") {
61 echo "
62 <div align='center'>
63 <h2>Tools Menu</h2>
64 <div class='menupanel'>
65 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=StoryOrder'>SET Story Order</a></div>
66 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=EditReporters'>EDIT Reporter List</a></div>
67 <!-- <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=SearchDatabase&submit=all'>BROWSE the News Database</a></div> -->
68 <div align='left' class='menuitem'><a href='weekend.html'>EDIT the Weekend News Page</a></div>
69 <div align='left' class='menuitem'><a href='http://www.northcountrypublicradio.org/news.php' target='_blank'>VISIT the Latest Live News Page at NCPR.org</a></div>
70 <div align='left' class='menuitem'><a href='$PHP_SELF?pagename=MainMenu'>Main Menu</a></div>
71 <br>
72 </div>
73 </div>";
74 }
75
76 if ($pagename == "SubmitStory") {
77 include "storyform.php";
78 }
79
80 if ($pagename == "EditStory") {
81 if ($storyid) {
82 $connect = dbconnect();
83 $query = "SELECT * FROM news WHERE story_id LIKE '$storyid'";
84 $result = mysql_query ($query);
85
86 if ($story = mysql_fetch_array($result)) {
87 do {
88 include "dbfields.php";
89 } while ($story = mysql_fetch_array($result));
90
91 if ($viewstory) {
92 echo "<table cellpadding='10' cellspacing='0' align='center' bgcolor='#FFFFFF' border='0'>";
93 echo "<tr><td align='center'><table ><tr><td><br>";
94 echo displaystory($storyid,1);
95 echo "<br><br></td></tr></table></td></tr></table>";
96 echo "<br>\n
97 <table align='center' class='browse'>\n
98 <tr align='center'>\n
99 <td width='100' class='browse'>Story ID $storyid</td>\n
100 <td width='100' class='browse'><a href='$PHP_SELF?pagename=EditStory&viewstory=yes&storyid=".($storyid-1)."'>Previous</a></td>\n
101 <td width='100' class='browse'><a href='$PHP_SELF?pagename=EditStory&viewstory=yes&storyid=".($storyid+1)."'>Next</a></td>\n
102 <td width='100' class='browse'><a href='$PHP_SELF?pagename=EditStory&storyid=".$storyid."'>Edit This Story</a></td>\n
103 </tr>\n
104 </table>\n";
105 }
106 else {
107 $edit = "true";
108 include "storyform.php";
109 }
110 }
111 else {
112 include "getstoryidform.php";
113 echo "<p>Story ID <b>$storyid</b> not found. Please enter a different number.</p>";
114 }
115 mysql_close ($link); // close database connection;
116 }
117 else {
118 include "getstoryidform.php";
119 }
120 }
121
122 if ($pagename == "SearchDatabase") {
123 include "requestnewsform.php";
124 }
125
126 if ($pagename == "ConfirmationScreen") {
127 if ($submit == "Add Full Story") {
128 echo "<div align='center'><div align='left' class='form'>";
129 echo "<p>Here is your Full Story / Transcript as it will appear on the site:</p><table class='whitebg'><tr><td>";
130 $htmlfullstory = htmltext($fullstory);
131 echo $htmlfullstory;
132 echo "</td></tr></table><form action='$PHP_SELF' method='post' name='fullstorycnf' id='fullstorycnf'>";
133 echo "<p><b>Is this OKAY?</b>";
134 include "hiddenfields.php";
135 echo "<input type='hidden' name='pagename' value='UpdateResults'>";
136 echo "<input type='submit' name='fullstorysubmit' value='Yes'>";
137 echo "<input type='submit' name='fullstorysubmit' value='No'>";
138 echo "</form>";
139 echo "</div></div>";
140 }
141 elseif ($delete == "DELETE STORY") {
142 echo "<div align='center'>";
143 echo "ARE YOUR SURE YOU WANT TO DELETE THE STORY TITLED:<br><br>";
144 echo "<strong>$title</strong><br><br>";
145 echo "With ID number <strong>$storyid</strong> ???<br><br><br>";
146 echo "<form action='$PHP_SELF' method='post' name='newscnf' id='newscnf'>";
147 echo "Please Enter Story ID number to confirm: <input type='text' name='confirmid'><br><br>";
148 include "hiddenfields.php";
149 echo "<input type='hidden' name='pagename' value='UpdateResults'>";
150 echo "<input type='submit' name='submit' value='DELETE'> ";
151 echo "<input type='submit' name='submit' value='NO'>";
152 echo "</form></div>";
153 }
154 else { // PREVIEW STORY
155 echo "<table cellpadding='10' cellspacing='0' align='center' bgcolor='#FFFFFF' border='0'>";
156 echo "<tr>
157 <td class='headercell'>
158 Please check your story before final submission...
159 </td>
160 </tr>
161 <tr>
162 <td align='center'><table width='75%'><tr><td>
163 <br>";
164
165 // HERE IT IS
166 if ($image1upld != "no") {
167 if (isset($imagefile1_name) && $imagefile1_name != "none" && $imagefile1_name != "") {
168 $imagefile1_name = fileupload($imagefile1, $newsimagedir, str_replace(" ", "", $imagefile1_name));
169 }
170 }
171 if ($imagefile1_name) { $img1size = GetImageSize("$newsimagedir$imagefile1_name"); echo "<table width='".$img1size[0]."' border='0' align='left'><tr><td width='".$img1size[0]."' height='".$img1size[1]."'><img src='../news/images/".$imagefile1_name."' alt='".htmltext($image1cap)."' border='0' class='caption'></td></tr><tr><td><div class='caption'>".htmltext($image1cap)."</div></td>"; }
172 if ($image2upld != "no") {
173 if (isset($imagefile2_name) && $imagefile2_name != "none" && $imagefile2_name != "") {
174 $imagefile2_name = fileupload($imagefile2, $newsimagedir, str_replace(" ", "", $imagefile2_name));
175 }
176 }
177 if ($imagefile2_name) { $img2size = GetImageSize("$newsimagedir$imagefile2_name"); echo "</tr><tr><td width='".$img2size[0]."' height='".$img2size[1]."' align='right'><img src='../news/images/".$imagefile2_name."' alt='".htmltext($image2cap)."' border='0' align='right'></td></tr><tr><td><div class='caption'>".htmltext($image2cap)."</div></td>"; }
178
179 echo "</tr></table>";
180 echo "<div align='left' class='alert'>".htmltext($title).", <em class='normal'>".$storydate."</em></div>";
181
182 if ($neednewram != "false") {
183 list ($ramcontents, $ramaudiofile, $ramfilename) = audiofiler($newsaudiodir, $audiofile_name, $storydate, $starthour, $startmin, $startsec, $startthou, $endhour, $endmin, $endsec, $endthou);
184 $ramwritten = filewriter ($newsaudiodir.$ramfilename, $ramcontents);
185 }
186 if (isset($audiofile_name) && $audiofile_name != "none" && $audiofile_name != "") {
187 $ramaudiofile = $audiofile_name;
188 if (!$ramfilename) {
189 $ramfilename = $audiofile_name;
190 }
191 if ($audioupld != "no") {
192 $audiofiled = fileupload($audiofile, $newsaudiodir, $ramaudiofile);
193 }
194 }
195 echo "<div align='left'><a class=links href='".WEB_DIR."/news/audio/".$ramfilename."'>Listen to story</a>. ";
196 echo "<em class='normal'>(".duration($startmin, $endmin, $startsec, $endsec).")</em></div>";
197
198 echo "<div align='left'><p>".htmltext($description)."</p>";
199
200 if ($link1 || $link2 || $link3 || $link4) { echo "<div align='left'>Related Links:</div>"; }
201 if ($link1) { echo "<a class=links href='http://".$link1."' target='_blank'>".htmltext($linktext1)."</a><br>"; }
202 if ($link2) { echo "<a class=links href='http://".$link2."' target='_blank'>".htmltext($linktext2)."</a><br>"; }
203 if ($link3) { echo "<a class=links href='http://".$link3."' target='_blank'>".htmltext($linktext3)."</a><br>"; }
204 if ($link4) { echo "<a class=links href='http://".$link4."' target='_blank'>".htmltext($linktext4)."</a><br>"; }
205 echo "<hr><p><div class='alert'>Here are your keywords: <em class='normal'>".htmltext($keys)."</em></div></p>";
206 echo "<hr><p><div class='alert'>Your audio link will be named: <em class='normal'>".$ramaudiofile."</em></div></p>";
207 echo "<div class='alert'>";
208 echo "Your audio file will be played from start position ";
209 echo "<em class='status'>".lz($starthour).":".lz($startmin).":".lz($startsec).".".$startthou."</em> ";
210 echo "to end position ";
211 echo "<em class='status'>".lz($endhour).":".lz($endmin).":".lz($endsec).".".$endthou."</em>";
212 echo ".</div></div>";
213 // THERE IT WAS
214
215 // WAS THIS OKAY?
216 echo "<form action='$PHP_SELF' method='post' name='newscnf' id='newscnf'>";
217 echo "<div class='alert'>Is this OKAY? ";
218 if (isset($ramfilename) && (!isset($audiofile_name) || $audiofile_name == "none" || $audiofile_name == "")) {
219 $audiofile_name = $ramfilename;
220 echo "audiofile_name is $audiofile_name";
221 }
222 include "hiddenfields.php";
223 echo "<input type='hidden' name='pagename' value='UpdateResults'>";
224 echo "<input type='submit' name='submit' value='Yes'> ";
225 echo "<input type='submit' name='submit' value='No'></div>";
226 echo "</form>";
227
228 echo "</td></tr></table></td></tr></table>";
229 }
230 }
231
232 if ($pagename == "UpdateResults") {
233 if ($endsec >= 60) {// Fix Time for audio length
234 $endsec = ($endsec - 60);
235 $endmin = ($endmin + 1);
236 }
237 if ($submit=="Yes") {// If user selected YES on confirmation screen do this...
238 $connect = dbconnect();
239 if ($edit == "true") {// Update record with submitted info
240 $query = "UPDATE news SET
241 reporter_id='$reporter_id',
242 title='".mysql_escape_string($title)."',
243 storydate='$storydate_DB',
244 description='".mysql_escape_string($description)."',
245 starthour='$starthour',
246 startmin='$startmin',
247 startsec='$startsec',
248 startthou='$startthou',
249 endhour='$endhour',
250 endmin='$endmin',
251 endsec='$endsec',
252 endthou='$endthou',
253 audio='$ramfilename',
254 image1='$imagefile1_name',
255 image2='$imagefile2_name',
256 image1cap='".mysql_escape_string($image1cap)."',
257 image2cap='".mysql_escape_string($image2cap)."',
258 link1='$link1',
259 link2='$link2',
260 link3='$link3',
261 link4='$link4',
262 linktext1='".mysql_escape_string($linktext1)."',
263 linktext2='".mysql_escape_string($linktext2)."',
264 linktext3='".mysql_escape_string($linktext3)."',
265 linktext4='".mysql_escape_string($linktext4)."',
266 keywords='".mysql_escape_string($keys)."'
267 WHERE story_id = '$storyid';";
268 if ($fullstory) {$fsquery = "UPDATE stories SET story_url='$fullstory', story_id='$storyid' WHERE story_id='$storyid'";}
269 }
270 else {// Submit new story into database
271 $query = "INSERT INTO news
272 (reporter_id,
273 title,
274 storydate,
275 description,
276 starthour,
277 startmin,
278 startsec,
279 startthou,
280 endhour,
281 endmin,
282 endsec,
283 endthou,
284 audio,
285 image1,
286 image2,
287 image1cap,
288 image2cap,
289 link1,
290 link2,
291 link3,
292 link4,
293 linktext1,
294 linktext2,
295 linktext3,
296 linktext4,
297 keywords)
298 VALUES
299 ('$reporter_id',
300 '".mysql_escape_string($title)."',
301 '$storydate_DB',
302 '".mysql_escape_string($description)."',
303 '$starthour',
304 '$startmin',
305 '$startsec',
306 '$startthou',
307 '$endhour',
308 '$endmin',
309 '$endsec',
310 '$endthou',
311 '$ramfilename',
312 '$imagefile1_name',
313 '$imagefile2_name',
314 '".mysql_escape_string($image1cap)."',
315 '".mysql_escape_string($image2cap)."',
316 '$link1',
317 '$link2',
318 '$link3',
319 '$link4',
320 '".mysql_escape_string($linktext1)."',
321 '".mysql_escape_string($linktext2)."',
322 '".mysql_escape_string($linktext3)."',
323 '".mysql_escape_string($linktext4)."',
324 '".mysql_escape_string($keys)."');";
325 if ($fullstory) {$fsquery = "INSERT INTO stories (story_id, story_url) VALUES ('$storyid', '$fullstory');";}
326 }
327 $update = mysql_query ($query)
328 or die ("Unable to update database - notify Web Manager");
329 if ($fsquery) {$fsupdate = mysql_query ($fsquery);}
330 $lastedited = getlastedited("news");
331 mysql_close ($link);
332
333
334 echo "<div align='center'>
335 <div align='center' class='menupanel'>
336 <div align='center' class='alert'>Database updated successfully.</div>
337 <div align='center'>Your story ID number is <strong>$lastedited</strong></div><br><br>
338 <div align='center'><a href='$PHP_SELF?pagename=SubmitStory'>Make a new entry...</a></div>
339 <div align='center'><a href='$PHP_SELF?pagename=EditStory&viewstory=yes&storyid=$lastedited'>View last entry...</a></div>
340 <div align='center'><a href='$PHP_SELF'>Return to the MainMenu...</a></div>
341 </div>
342 </div>";
343 // DEBUG arraylist($_POST);
344 }
345 elseif ($submit=="DELETE" && $storyid == $confirmid) {// If user selected DELETE and confirmed STORYID do this...
346 $connect = dbconnect();
347 $query = "DELETE FROM news WHERE story_id = '$storyid';";
348 $deleted = mysql_query ($query)
349 or die ("Unable to delete - notify Web Manager");
350 mysql_close ($link);
351 echo "<h2>Story ID number $storyid has been deleted<br><br></h2><br><br>";
352 echo "<div align='center'><p><a href='$PHP_SELF?pagename=SubmitStory'>Make a new entry...</a></p>";
353 echo "<p><a href='$PHP_SELF'>Return to the MainMenu...</a></p></div>";
354 }
355 elseif ($submit=="DELETE" && $storyid != $confirmid) {// If user selected DELETE but DID NOT confirm STORYID do this...
356 echo "<div align='center'>The number you entered did not match the story id to be deleted.";
357 echo "<form action='$PHP_SELF' method='post' name='newscnf' id='newscnf'>";
358 include "hiddenfields.php";
359 echo "<input type='hidden' name='pagename' value='ConfirmationScreen'>";
360 echo "<input type='hidden' name='delete' value='DELETE STORY'>";
361 echo "<input type='submit' name='back' value='BACK'>";
362 echo "</form></div>";
363 }
364 elseif ($fullstorysubmit) {
365 if ($fullstorysubmit == "Yes") {
366 $fsname = "fullstory".$newstoday;
367 $fsfile = checkseq($fsname, "a", "html");
368 $fswrite = filewriter($fsfile, htmltext($fullstory));
369 if ($fswrite) {
370 echo "<strong>Full Story/Transcript file written and saved as filename $fsfile.</strong> (<a href='fullstory.php?story=$fsfile' target='_blank'>VIEW</a>)";
371 if ($title) {
372 echo "<form method='post' action='$PHP_SELF' name='back' id='back'>";
373 include "hiddenfields.php";
374 echo "<input type='hidden' name='pagename' id='pagename' value='SubmitStory'>";
375 echo "<input type='submit' name='return' id='return' value='Return to Story Submission'></form>";
376 }
377 }
378 }
379 if ($fullstorysubmit == "No") {
380 include "fullstoryform.php";
381 }
382 }
383 else {// If user selected NO (or null) on story confirmation screen do this...
384 include "storyform.php";
385 }
386 }
387
388 if ($pagename == "FullStory") {
389 if ($changefullstory == "Change Transcript") {
390 $fullstory = filereader($fullstory);
391 }
392 include "fullstoryform.php";
393 }
394
395 if ($pagename == "ViewStory") {
396
397 }
398
399 if ($pagename == "Login") {
400 include "login.php";
401 }
402
403 if ($pagename == "StoryOrder") {
404 include "order.php";
405 }
406
407 if ($pagename == "NewsCaster") {
408 echo "<div align='center'>";
409 include "newscaster.php";
410 echo "</div>";
411 }
412
413 if ($pagename == "EditReporters") {
414 echo "<div align='center'>";
415 include "replist.php";
416 echo "</div>";
417 }
418
419 echo "<br><br>";
420
421 include "hrule.php";
422 ?>
