include() Undefined variable: Body <?enforce_login();if (!check_perms('adm

1. include() Undefined variable: Body
2.  
3. <?
4. enforce_login();
5. if (!check_perms('admin_manage_news')) {
6. error(403);
7. }
8.  
9. View::show_header('Manage news', 'bbcode');
10.  
11. switch ($_GET['action']) {
12. case 'takeeditnews':
13. if (!check_perms('admin_manage_news')) {
14. error(403);
15. }
16. if (is_number($_POST['newsid'])) {
17. authorize();
18.  
19. $DB->query("
20. UPDATE news
21. SET Title = '".db_string($_POST['title'])."', Body = '".db_string($_POST['body'])."'
22. WHERE ID = '".db_string($_POST['newsid'])."'");
23. $Cache->delete_value('news');
24. $Cache->delete_value('feed_news');
25. }
26. header('Location: index.php');
27. break;
28. case 'editnews':
29. if (is_number($_GET['id'])) {
30. $NewsID = $_GET['id'];
31. $DB->query("
32. SELECT Title, Body
33. FROM news
34. WHERE ID = $NewsID");
35. list($Title, $Body) = $DB->next_record();
36. }
37. }
38. ?>
39. <div class="thin">
40. <div class="header">
41. <h2><?= ($_GET['action'] == 'news') ? 'Create a news post' : 'Edit news post';?></h2>
42. </div>
43. <form class="<?= ($_GET['action'] == 'news') ? 'create_form' : 'edit_form';?>" name="news_post" action="tools.php" method="post">
44. <div class="box pad">
45. <input type="hidden" name="action" value="<?= ($_GET['action'] == 'news') ? 'takenewnews' : 'takeeditnews';?>">
46. <input type="hidden" name="auth" value="<?=$LoggedUser['AuthKey']?>">
47. <? if ($_GET['action'] == 'editnews') { ?>
48. <input type="hidden" name="newsid" value="<?=$NewsID; ?>">
49. <? } ?>
50. <h3>Title</h3>
51. <input type="text" name="title" size="95"<? if (!empty($Title)) { echo ' value="'.display_str($Title).'"'; } ?>>
52. <!-- Why did someone add this? <input type="datetime" name="datetime" value="<?=sqltime()?>" /> -->
53. <br>
54. <h3>Body</h3>
55. <?$Textarea = new TEXTAREA_PREVIEW('body', '', display_str($Body), 95, 15, true, false); ?>
56. <div class="center">
57. <input type="button" value="Preview" class="hidden button_preview_<?=$Textarea->getID()?>">
58. <input type="submit" value="<?= ($_GET['action'] == 'news') ? 'Create news post' : 'Edit news post';?>">
59. </div>
60. </div>
61. </form>
62.  
63. <h2>News archive</h2>
64. <?
65. $DB->query('
66. SELECT
67. ID,
68. Title,
69. Body,
70. Time
71. FROM news
72. ORDER BY Time DESC');// LIMIT 20
73. while (list($NewsID, $Title, $Body, $NewsTime) = $DB->next_record()) {
74. ?>
75. <div class="box vertical_space news_post">
76. <div class="head">
77. <strong><?=display_str($Title) ?></strong> - posted <?=time_diff($NewsTime) ?>
78. - <a href="tools.php?action=editnews&id=<?=$NewsID?>" class="brackets">Edit</a>
79. <a href="tools.php?action=deletenews&id=<?=$NewsID?>&auth=<?=$LoggedUser['AuthKey']?>" class="brackets">Delete</a>
80. </div>
81. <div class="pad"><?=Text::full_format($Body) ?></div>
82. </div>
83. <? } ?>
84. </div>
85. <? View::show_footer();?>