Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- date_default_timezone_set("Asia/Manila");
- include('includes/header.php');
- require_once('../connection.php');
- include('includes/functions.php');
- include('includes/html_form_functions.php');
- // get information of current user logged in for later use
- // $current_page = $_POST['page'];
- if (!$_SESSION['logged_in']) {
- header('Location: login.php');
- die();
- } else {
- // get page_name
- if (isset($_GET['page'])) {
- $selected_page = select_page($_GET['page']);
- // check if page exist, if not then redirect
- if ($selected_page['page_id'] != $_GET['page']) {
- redirect_to("index.php?p={$_GET['p']}");
- exit();
- } else {
- $parent_id = $_GET['page'];
- $page_name = select_page($_GET['page']);
- }
- } else {
- $page_name = null;
- }
- if (isset($_POST['submit'])) {
- // handle image file
- if (isset($_FILES['file'])) {
- $name = $_FILES['file']['name'];
- $allowed = ['png', 'jpg', 'gif', 'bmp'];
- $path = '../uploads/';
- $temp = $_FILES['file']['tmp_name'];
- $ext = explode('.', $name);
- $ext = strtolower(end($ext));
- $file = uniqid('', true) . time() . '.' . $ext;
- if (in_array($ext, $allowed) && move_uploaded_file($temp, '../uploads/' . $file)) {
- $query = "INSERT INTO images (name,image_path) VALUES ('$file' , '$path')";
- $pdo->query($query);
- } else {
- $message = "Invalid image type.";
- }
- }
- // validate user inputs
- if (isset($_POST['article-title'], $_POST['article-content'])) {
- $article_title = $_POST['article-title'];
- $article_content = $_POST['article-content'];
- if (empty($article_title) or empty($article_content)) {
- $message = 'Please fill all fields';
- } else {
- // execute code if no errors
- $article_title = $_POST['article-title'];
- $article_content = $_POST['article-content'];
- $current_user = get_user_information($_SESSION['username']);
- $author_id = $current_user['id'];
- $date_added = date('Y-m-d H:i:s');
- $parent_id = $_GET['page'];
- $query = "INSERT INTO article
- (title,content,author_id,date_added,parent_id)
- VALUES (:article_title,:article_content,:author_id,:date_added,:parent_id)";
- try {
- global $pdo;
- $stmt = $pdo->prepare($query);
- $stmt->bindParam(":article_title", $article_title);
- $stmt->bindParam(":article_content", $article_content);
- $stmt->bindParam(":author_id", $author_id);
- $stmt->bindParam(":date_added", $date_added);
- $stmt->bindParam(":parent_id", $parent_id);
- $stmt->execute();
- if ($stmt->rowCount() == 1) {
- $message = "Added Successfully!";
- createLog("Add Article");
- } else {
- $message = "Could Not Add";
- }
- } catch (PDOException $e) {
- echo $e->getMessage();
- } //end catch
- // header("Location: admission.php");
- } //end else
- } //end: isset($_POST['article-title'] , $_POST['article-content']
- } elseif (isset($_POST['cancel'])) {
- redirect_to("index.php?p={$_GET['p']}");
- }
- } //end else
- ?>
- <div id="index-container">
- <div id="index-header">
- <a href="index.php?p"><img src="images/logo-with-abbr.png" id="logo"/></a>
- <p class="clear"/>
- <div id="top-nav">
- <ul>
- <li><a href="#">Users</a> <span class="separator"> | </span></li>
- <li><a href="logs.php?p=log_viewer">Log Viewer</a> <span class="separator"> | </span></li>
- <li><a href="logout.php" onclick="return confirm('Logout?');">Log out</a> <span
- class="separator"> | </span></li>
- <li><a href="../index.php" target="_blank"><span id="view-site-style">View Site</span></a></li>
- </ul>
- </div>
- <p class="clear"/>
- </div>
- <div id="index-article">
- <div id="menu-nav">
- <div id="menu-nav-navigation">
- <ul id="menu-list">
- <li class=<?php if (isMenuSelected($_GET['p'], 'home')) {
- echo "current";
- } else {
- echo " ";
- } ?>><a href="homepage.php?p=home" class="link-buttons"> Home</a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'admission')) {
- echo "current";
- } else {
- echo " ";
- } ?>><a href="index.php?p=admission" class="link-buttons">Admission</a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'announcement')) {
- echo "current";
- } else {
- echo "";
- } ?>><a href="announcement.php?p=announcement" class="link-buttons">Announcement</a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'news and events')) {
- echo "current";
- } else {
- echo "";
- } ?>><a href="index.php?p=news+and+events" class="link-buttons">News and Events</a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'about')) {
- echo "current";
- } else {
- echo "";
- } ?>><a href="index.php?p=about" class="link-buttons">About </a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'contact us')) {
- echo "current";
- } else {
- echo "";
- } ?>><a href="index.php?p=contact+us" class="link-buttons">Contact </a>
- </li>
- <li class=<?php if (isMenuSelected($_GET['p'], 'image gallery')) {
- echo "current";
- } else {
- echo "";
- } ?>>
- <a href="admin_gallery.php?p=image+gallery" class="link-buttons">Image Gallery</a>
- </li>
- <!-- <a href="add_news.php" ><li >News Content</li></a>
- <a href="#" ><li >Events</li></a> -->
- </ul>
- </div>
- <!-- end menu-nav-navigation -->
- </div>
- <!-- END MENU-NAV -->
- <div id="article-content">
- <p id="article-content-head">Add Article: <span
- id="page-name"><?php echo $page_name['page_name']; ?></span></p>
- <form action="add_article.php?page=<?php echo urlencode($_GET['page']) . "&p=" . $_GET['p']; ?>"
- method="POST"
- id="add-article-form" class="my_form">
- <?php if (isset($message)) { ?>
- <div class="alert alert-info alert-dismissable">
- <button type="button" class="close" data-dismiss="alert"
- aria-hidden="true">
- ×
- </button>
- <?php echo $message; ?>
- </div>
- <?php } ?>
- <label for="add-article-title">Title</label>
- <br/>
- <input type="text" size="50" maxlength="42" name="article-title" id="add-article-title"/>
- <br/>
- <label for="add-article-content">Content</label>
- <br/>
- <textarea name="article-content" id="add-article-content"></textarea>
- <br/>
- </form>
- <div id="upload-file">
- <form action="add_article.php?page=<?php echo urlencode($_GET['page']) . "&p=" . $_GET['p']; ?>"
- method="POST" enctype="multipart/form-data" id="image-uploader">
- <label>Upload image</label>
- <input type="file" name="file">
- <label for>Or Remove image</label>
- <br/>
- <input type="button" name="remove" id="btn-remove" onclick="clearFileInputField('upload-file')"
- href="javascript:noAction();" value="Remove">
- </form>
- </div>
- <button class="btn btn-success" name="submit" id="btn-save" onclick="submitForms()"><span
- class="glyphicon glyphicon-floppy-save"></span>
- Save
- </button>
- <button class="btn btn-success" name="cancel" id="btn-cancel">
- Cancel
- </button>
- </div>
- <!-- end article-content -->
- </div>
- <!-- END index-article -->
- <!-- DO NOT DELETE THIS SECTION -->
- <div id="index-footer">
- <p>DWNHS CMS ©2014</p>
- </div>
- </div><!-- end index-container -->
- <script>
- function clearFileInputField(tagId) {
- document.getElementById(tagId).innerHTML =
- document.getElementById(tagId).innerHTML;
- }
- submitForms = function(){
- document.getElementById("add-article-form").submit();
- document.getElementById("image-uploader").submit();
- }
- </script>
- <?php
- include_once('includes/footer.php');
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement