Untitled

<?php
if( (isset($_GET['m'])) AND ($_GET['m'] == 'write') ) { ?>
<form action="?a=news&amp;m=write&amp;do=send" method="post">
<label for="title">News-Titel: </label>
<input name="title" type="text"><br />
<label for="text">News-Text:<br /></label>
<textarea name="text" cols="60" rows="20"></textarea><br />
<label for="cat">Kategorie: </label>
<select name="cat">
  <option value="News">News</option>
  <option value="Wartung">Wartung</option>
  <option value="Server">Server</option>
</select><br />
<label for="autor">Autor: </label>
<select name="autor">
  <option value="Choast">Choast</option>
  <option value="ChaosChaot">ChaosChaot</option>
  <option value="Nonomiya">Nonomiya</option>
  <option value="LillyFee87">LillyFee87</option>
</select><br />
<input name="send" type="submit" class="button" value="News Eintragen">
</form>
<p><a href="?a=news">Zur &Uuml;bersicht</a></p>
<?php
    }else if(isset($_GET['m']) == 'edit') {
    $id = $_GET['id'];
    $sql = "SELECT * FROM news WHERE id='".mysql_real_escape_string($id)."'";
    mysql_set_charset('utf8');
    $entry = mysql_query($sql,$datenbank) or die(mysql_error());
    $news = mysql_fetch_object($entry);
    {
?>
<form action="?a=news&amp;m=edit&amp;id=<?php echo $id ?>&amp;do=update" method="post">
<label for="title">News-Titel: </label>
<input name="title" type="text" value="<?php echo $news->title ?>"><br />
<label for="text">News-Text:<br /></label>
<textarea name="text" cols="60" rows="20"><?php echo $news->text ?></textarea><br />
<label for="cat">Kategorie: </label>
<input name="cat" type="text" value="<?php echo $news->cat ?>" readonly="true" /><br />
<label for="autor">Autor: </label>
<input name="autor" type="text" value="<?php echo $news->autor ?>" readonly="true" /><br />
<input name="send" type="submit" class="button" value="News Updaten">
</form>
<p><a href="?a=news">Zur &Uuml;bersicht</a></p>
<?php
}
}else{
?>
<h4><a href="?a=news&amp;m=write">Neuen News Eintrag erstellen</a></h4>
<table border="1">
  <tr>
    <th>Titel</th>
    <th>Datum</th>
    <th>Kategorie</th>
    <th>Optionen</th>
  </tr>
  <?php
    $sql = "SELECT * FROM news ORDER BY id DESC";
    mysql_set_charset('utf8');
    $entry = mysql_query($sql,$datenbank) or die(mysql_error());
    while($news = mysql_fetch_object($entry))
    { ?>
        <tr>
        <td><?php echo $news->title ?></td>
        <td><?php echo $news->datum ?></td>
        <td><?php echo $news->cat ?></td>
        <td><a href="?a=news&amp;m=edit&amp;id=<?php echo $news->id ?>">Bearbeiten</a><br />
          <a href="?a=news&amp;m=delete&amp;id=<?php echo $news->id ?>">L&ouml;schen</a></td>
        </tr>
    <?php } ?>
</table>
<p>&nbsp;</p>
<p><a href="?a=overview">Zur&uuml;ck zur &Uuml;bersicht</a></p>
<?php } ?>
<?php
if(isset($_GET['do']) AND 'send' == $_GET['do']) {
$sqlk = "INSERT INTO news
                    (
                        title,
                        text,
                        cat,
                        autor,
                        datum
                    )
        VALUES
                    (
                        '".mysql_real_escape_string($_POST['title'])."',
                        '".mysql_real_escape_string($_POST['text'])."',
                        '".mysql_real_escape_string($_POST['cat'])."',
                        '".mysql_real_escape_string($_POST['autor'])."',
                        NOW()
                    )";
$qry = mysql_query($sqlk,$datenbank) or die(mysql_error());

$titel = $_POST['title'];

$HOST = "127.0.0.1"; //the ip of the bukkit server
$password = "superdupergeheimespasswort";
//Can't touch this:
$sock = socket_create(AF_INET, SOCK_STREAM, 0)
or die("error: could not create socket\n");
$succ = socket_connect($sock, $HOST, 4445)
or die("error: could not connect to host\n");
//Authentification
socket_write($sock, $command = md5($password)."<Password>", strlen($command) + 1)
or die("error: failed to write to socket\n");
//Begin custom code here.
socket_write($sock, $command = "/Command/ExecuteConsoleCommand:broadcast Neuer News Eintrag: ".$titel.";", strlen($command) + 1) //Writing text/command we want to send to the server
or die("error: failed to write to socket\n");
}
?>
<?php
if(isset($_GET['do']) AND 'update' == $_GET['do']) {
$id = $_GET['id'];
$sql = "update news set title = '".mysql_real_escape_string($_POST['title'])."' , text = '".mysql_real_escape_string($_POST['text'])."' WHERE id='".mysql_real_escape_string($id)."'";

$qry = mysql_query($sql,$datenbank) or die(mysql_error());

$titel = $_POST['title'];

$HOST = "127.0.0.1"; //the ip of the bukkit server
$password = "superdupergeheimespasswort";
//Can't touch this:
$sock = socket_create(AF_INET, SOCK_STREAM, 0)
or die("error: could not create socket\n");
$succ = socket_connect($sock, $HOST, 4445)
or die("error: could not connect to host\n");
//Authentification
socket_write($sock, $command = md5($password)."<Password>", strlen($command) + 1)
or die("error: failed to write to socket\n");
//Begin custom code here.
socket_write($sock, $command = "/Command/ExecuteConsoleCommand:broadcast News Beitrag wurde bearbeitet: ".$titel.";", strlen($command) + 1) //Writing text/command we want to send to the server
or die("error: failed to write to socket\n");
}
?>