A
Anonymous
Guest
Ok so I was using this script to implement an updateable news source and it doesn't work on the windows server I am on below are the errors I am getting I know how to fix the undefined variable but I am unfamiliar with the rest as I am new to php. Thanks I appreciate any helps i can get.
here is the script if you need it
[/code]
here is the script if you need it
Code:
<?php
session_start();
?>
<?php
//-----------------------------------------
/* INCLUDE AND SETTING UP SOME VARIABLES */
include 'config.php';
// 1:visualizza il form per l'inserimento delle news
$visualizzaFormInserimento=0;
// 1:visualizza il form per editare le news
$visualizzaFormEdit=0;
// 1:visualizza lista news presenti nel db
$visualizzaNewsList=1;
// messaggio "variabile" mostrato nell'header
$msg="";
// emoticons path
$emopath=$enPath."prototype/test/emoticons/";
// emoticons array
$emoticons = array ( "char" => array ( ":)" , ":D" , ":(" , ":-S" , ":-P" , "8o|" , ":-O" , ";)" ),
"icon" => array ( "<img src=\"".$emopath."smile001.gif\" alt=\"smilie for :)\" title=\":)\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile002.gif\" alt=\"smilie for :D\" title=\":D\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile003.gif\" alt=\"smilie for :(\" title=\":(\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile005.gif\" alt=\"smilie for :-S\" title=\":-S\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile007.gif\" alt=\"smilie for :-P\" title=\":-P\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile011.gif\" alt=\"smilie for 8o|\" title=\"8o|\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile008.gif\" alt=\"smilie for :-O\" title=\":-O\" width=\"21\" height=\"21\" border=\"0\" />",
"<img src=\"".$emopath."smile009.gif\" alt=\"smilie for ;)\" title=\";)\" width=\"21\" height=\"21\" border=\"0\" />"
),
"meaning" => array ( "happy" , "very happy" , "sad" , "confused" , "tongue sticking out" , "angry grin" , "surprised" , "wink" ) );
//------------------------------
/* ADMIN RESTRICTED AREA TEST */
//------------------------------------------------------------------------------
// update session variables with "user name" and "password"
if ( isset($_POST['id']) && isset($_POST['pw']) ) {
$_SESSION['userid']=$_POST['id']; $_SESSION['password']=$_POST['pw'];
}
// check "user name" and "password"
if ($_SESSION['userid']==$id && $_SESSION['password']==$pw ) {
//------------------------------------------------------------------------------
//********************** START WHILE LOOP (DUMMY) ******************************
//------------------------------------------------------------------------------
do {
//------------------------------------------------------------------------------
/************** CONNESSIONE E OPERAZIONI PRELIMINARI DATABASE *****************/
//------------------------------------------------------------------------------
if (!$conn = connect($db_host,$db_user,$db_pw,$db_name,$table_name)) break;
//------------------------------------------------------------------------------
/********************** ESECUZIONE VARIE OPZIONI ******************************/
//------------------------------------------------------------------------------
/*******************************************************************************
*** delete single news ***
*******************************************************************************/
if ($_GET['action']=='delete') {
$newsid = $_GET['newsid'];
$query="DELETE FROM $table_name WHERE newstime='$newsid'";
if ($result = mysql_query($query,$conn)) {
// news deleted from database
$msg=".:. News removed.";
// delete image from file system
deleteImg($newsid.".jpg");
}
// error during delete query
else $msg=".:. Delete failure:<br />" . mysql_error();
break; }
/*******************************************************************************
*** delete all news ***
*******************************************************************************/
if ($_GET['action']=='deleteall') {
if ($_GET['confirm']) {
$query="DELETE FROM $table_name WHERE 1";
if ($result = mysql_query($query,$conn)) {
// alla news deleted from database
$msg=".:. All news deleted successfully.";
// empty images dir
purge("images/");
}
else $msg=".:. Delete fail:<br />" .mysql_error();
}
else { $msg="You're about to delete all news in database:<a href=\"".$_SERVER['SCRIPT_NAME']."?action=deleteall&confirm=true\"> go on</a>.";
$visualizzaNewsList=0;
}
break; }
/*******************************************************************************
*** submit news ***
*******************************************************************************/
if ($_GET['action']=='insert') {
// validate submitted fields
if ( isset($_POST['text']) && $_POST['text']!="" ) {
//******** RACCOLTA DATI *********
// news ID (timestamp)
$newsid = $_POST['time'];
// title
$newstitle = trim($_POST['title']);
$newstitle = nl2br(htmlspecialchars($newstitle));
$newstitle = str_replace('<', '<', $newstitle);
$newstitle = str_replace('>', '>', $newstitle);
// text
$text = trim($_POST['text']);
// bbcode
bb2html( $text );
// emoticons
$text = doReplace($text , $emoticons['char'], $emoticons['icon'] );
// image position
$align=$_POST['imgposition'];
//image link
if (isset($_POST['url']) && $_POST['url']!="http://") $linkImg=$_POST['url']; else $linkImg="";
//******* INSERIMENTO DATABASE E UPLOAD FILE *********
// insertion query
if (!insertText($conn, $table_name, $newsid, $text, $newstitle )) break;
// file upoload routine
if (!uploadFile($conn, $newsid, $table_name,$linkImg,$align)) break;
}
else {
$msg = ".:. Submit news, image must be ".$maxSize."K max jpg file.";
// show submitting form
$visualizzaFormInserimento=1;
// hide news list
$visualizzaNewsList=0;
}
break; }
/*******************************************************************************
*** edit news (update) ***
*******************************************************************************/
if ($_GET['action']=='edit') {
if (isset($_POST['newsid']) && isset($_POST['text']) && $_POST['text']!=""){
//******** INSERIMENTO DATI EDITATI ****************
//******** RACCOLTA DATI ****************
// news id
$newsid = $_POST['newsid'];
// title
$newstitle = trim($_POST['title']);
$newstitle = nl2br(htmlspecialchars($newstitle));
$newstitle = str_replace('<', '<', $newstitle);
$newstitle = str_replace('>', '>', $newstitle);
// text
$text = trim($_POST['text']);
bb2html( $text );
$text = doReplace($text, $emoticons['char'], $emoticons['icon'] );
// image position
$align=$_POST['imgposition'];
// image link
$linkImg=$_POST['url'];
//******* INSERIMENTO DATABASE E UPLOAD FILE ****************
// update text row
if (!updateText($conn, $table_name, $newsid, $text, $newstitle )) break;
// delete image
if ($_POST['deleteimage']=="delete") {
// aggiorna il database cancellando il record dell'immagine
updateImg($conn, $newsid, $table_name , "del" , "del");
// delete image from file system
deleteImg($newsid.".jpg");
break;
}
if ($_POST['delink']=="on") $linkImg="del";
// upload image
uploadFile($conn, $newsid, $table_name, $linkImg, $align);
}
else {
//********** PRINT EDIT FORM ***************
if (isset($_GET['newsid']) && $_GET['newsid']!="" && is_numeric($_GET['newsid']) ) {
$newsid = $_GET['newsid'];
$msg="Edit text and/or upload image [max ".$maxSize."K, jpg file].";
$visualizzaFormEdit=1; $visualizzaNewsList=0;
}
else if (isset($_POST['newsid']) && $_POST['newsid']!="" && is_numeric($_POST['newsid']) ) {
$newsid = $_POST['newsid'];
$msg="Edit text and/or upload image [max ".$maxSize."K, jpg file].";
$visualizzaFormEdit=1; $visualizzaNewsList=0;
}
else {
$msg="General fault, retry.";
$visualizzaFormEdit=0; $visualizzaNewsList=1;
}
}
break; }
/*******************************************************************************
*** show help ***
*******************************************************************************/
if ($_GET['action']=='help') {
$msg=":: List : Show all news.<br />
:: Add News : Submit news.<br />
:: Delete All : Delete all the news.<br />
:: Preview : Show news look.<br />
:: Help : Show this page.<br />";
$visualizzaNewsList=0;
break; }
/*******************************************************************************
*** show help ***
*******************************************************************************/
if ($_GET['action']=='about') {
$msg="Need help?<br /><br />
Contact us: <a href=\"mailto:info@test.com\">info@test.com</a><br />";
$visualizzaNewsList=0;
// inutile....
break; }
/*** CHIUSURA WHILE DUMMY ***/
} while(0);
//------------------------------------------------------------------------------
/*********************** END WHILE LOOP (DUMMY) *******************************/
//------------------------------------------------------------------------------
//------------------------------------------------------------------------------
/*********************** XHTML OUTPUT ******************************/
//------------------------------------------------------------------------------
// print header xhtml
top();
// print menu
print_header($msg);
// print news submit form
if ($visualizzaFormInserimento) printFormNews();
// print edit form
if ($visualizzaFormEdit) { printFormEdit($conn, $table_name, $newsid); }
// se la connessione al db Ë riuscita e non ci sono stati errori
// durante le query successive visualizza le news presenti nel db
// e chiudi la connessione
if ($conn && $visualizzaNewsList) {
// stampa l'elenco delle news se presenti
print_news(0, $conn, $table_name);
// chiusura della connessione
mysql_close($conn);
}
// print footer
foot();
} // end if check restricted area
//-------------------------------------------------------------------
/* if check user name and password fail print restricted area form */
else {restictedArea();}
/************************** F U N C T I O N S *******************************/
/*******************************************************************************
** Visualizza Form per accesso alla Restricted Area **
*******************************************************************************/
function connect($db_host,$db_user,$db_pw,$db_name,$table_name) {
global $msg;
// connessione al DBMS
if (!$conn = @mysql_connect($db_host, $db_user, $db_pw)) {
$msg="Error during connection, check connection parameters in 'config.php' file: " . mysql_error();
return $conn;
}
// crea il db se non esiste
$query="CREATE DATABASE IF NOT EXISTS `".$db_name."`";
if (!$result = @mysql_query($query,$conn)) {
$msg="Error during database creation: " . mysql_error();
$conn=0;
return $conn;
}
// selezione del db
if (!$result= @mysql_select_db($db_name,$conn)) {
$msg="Error during database selection: " . mysql_error();
$conn=0;
return $conn;
}
// se la tabella non esiste la crea
if(!@mysql_num_rows(mysql_query("SHOW TABLES LIKE '".$table_name."'"))==1) {
// Crea la tabella $table_name
$query = "CREATE TABLE `$table_name` (
`newstime` INT DEFAULT '0' NOT NULL ,
`newstext` TEXT NOT NULL ,
`newsimg` VARCHAR(50) DEFAULT '',
`align` ENUM( 'left', 'right' ) DEFAULT 'left' NOT NULL ,
`link` VARCHAR(150) DEFAULT '',
`newstitle` VARCHAR(100) DEFAULT '',
PRIMARY KEY ( `newstime` )
);";
if (!$result = @mysql_query($query,$conn)) {
$msg="Table creation fail: " . mysql_error();
$conn=0;
return $conn;
}
}
return $conn;
}
/*******************************************************************************
** STAMPA INTESTAZIONE E MENU **
*******************************************************************************/
function print_header($msg) {
// Nome del file corrente
$currentFile= array_pop(explode("/", $_SERVER["SCRIPT_NAME"]));
echo "
<table border='1' cellpadding='10' cellspacing='0' width='500'>
<tr><td class=\"logo\">Home Page News<br />
<div class=\"mini-text\"> [ v.1.5 ] </div></td></tr>
<tr><td class=\"menu\"><strong>.: menu:
<a href='$currentFile'>list</a> |
<a href='$currentFile?action=insert'>add news</a> |
<a href='$currentFile?action=deleteall'>delete all</a> |
<a href='demo.php' target='_blank'>preview</a> |
<a href='$currentFile?action=help'>help</a> |
<a href='$currentFile?action=about'>?</a></strong>
</td></tr>";
if (isset($msg) && $msg!="") print "<tr><td><span class='titolo'>$msg</span</td></tr>";
print "</table>";
}
/*******************************************************************************
** VISUALIZZA NEWS **
********************************************************************************
** $newscount: numero di news da visualizzare (0: tutte le news presenti)
** $conn: handle di connessione al db restituito da una chiamata mysql_connect()
** $table_name: tabella in cui sono memorizzate le news
*******************************************************************************/
function print_news($newscount, $conn, $table_name) {
$query="SELECT newstime,newstext,newsimg,newstitle FROM $table_name ORDER BY newstime DESC";
$result = @mysql_query($query,$conn) or die(mysql_error());
$num_rows = @mysql_num_rows($result);
if ($num_rows) {
// tabella che contiene le news...
echo "<p></p>
<table class=\"tablenews\">
<tr><td class=\"title\" colspan=\"5\">News list:</td></tr>
<tr><td width=\"80\" class=\"keyc\">Date</td>
<td class=\"keyc\">Text</td>
<td class=\"keyc\" width=\"40\">Edit</td>
<td class=\"keyc\" width=\"40\">Img</td>
<td class=\"keyc\" width=\"50\">Delete</td>
</tr>";
// estraggo le news...
if ( $newscount>$num_rows || $newscount==0 ) $newscount=$num_rows;
for ($i=0; $i<$newscount; $i++) {
$riga=mysql_fetch_row($result);
// le varie righe
$data=date('d M y' , $riga[0]);
$text = $riga[1];
if ($riga[2]==NULL) $imgField=" "; else $imgField="<a href=\"javascript:CaricaFoto('images/".$riga[2]."')\"><img src=\"icons/preview.gif\" border=0></a>";
if (isset($riga[3]) && $riga[3]!="") $title = "<strong>".$riga[3]."</strong><br />"; else $title="";
if ( $i&1 ) { $bgcolor='#F5F5F5'; } // righe dispari
else $bgcolor='#DCE0E3';
echo "<tr><td bgcolor='$bgcolor' class=\"testo\">$data</td>
<td bgcolor='$bgcolor' class=\"testo\" style=\"text-align:left\">$title $text</td>
<td bgcolor='$bgcolor' class=\"testo\"><a href='".$_SERVER['SCRIPT_NAME']."?action=edit&newsid=$riga[0]'><img src=\"icons/edit.gif\" border=0></a></td>
<td bgcolor='$bgcolor' class=\"testo\" style=\"text-align:center\">$imgField</td>
<td bgcolor='$bgcolor' class=\"testo\"><a href='".$_SERVER['SCRIPT_NAME']."?action=delete&newsid=$riga[0]'><img src=\"icons/delete.gif\" border=0></a></td>
</tr>";
// chiusura tabella
if ($i==$newscount-1) print "</table><br />";
}
}
else echo "<p></p>
<table border='1' width='500' cellspacing='0' cellpadding='4'>
<tr><td class=\"titolo\" style=\"text-align:center\">..: News table is empty :..</td></tr>
</table>";
}
/*******************************************************************************
** VISUALIZZA FORM PER INSERIMENTO NEWS **
*******************************************************************************/
function printFormNews() {
global $emoticons,$maxSize;
$currentFile= array_pop(explode("/", $_SERVER["SCRIPT_NAME"]));
$currenttime=time();
$data = date('d M y' , $currenttime);
/* TEXT SECTION ******************************************************/
echo "<p></p>
<form enctype=\"multipart/form-data\" name=\"news\" action=\"$currentFile?action=insert\" method=\"post\">
<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"".($maxSize*1000)."\" />
<input type=\"hidden\" name=\"time\" value=\"$currenttime\" />
<table class=\"tablenews\">
<tr><td class=\"title\" colspan=\"2\">Text setup</td></tr>
<tr><td class=\"key\" colspan=\"2\">Date : ".$data."</td></tr>
<tr><td class=\"key\">
Title: <input type=\"text\" name=\"title\" size=\"58\" maxlength=\"100\" value=\"\" /><br /><br />
Text:<br /><textarea cols=\"48\" rows=\"6\" wrap=\"ON\" name=\"text\">Enter your news here</textarea><br />
";
/* BBCODE SHORTCUT ***************************************************/
printBBcodeShort();
echo "</td><td width=\"60\" class=\"emo\">eMo<br /><br />";
/* EMOTICONS *********************************************************/
printEmoticons($emoticons);
/* FILE UPLOAD SECTION ***********************************************/
printFormUpload(0, $img=null);
echo "<tr><td colspan=\"2\" class=\"keyc\"><input type=\"submit\" value=\">> POST <<\" /></td></tr>
</table></form>";
}
/*******************************************************************************
** Visualizza Form per editare una news **
*******************************************************************************/
function printFormEdit($conn, $table_name, $id) {
global $emoticons;
$query = "SELECT newstext,newsimg,align,link,newstitle FROM $table_name WHERE newstime='$id'";
$result = @mysql_query($query,$conn) or die(mysql_error());
$row = mysql_fetch_row($result);
$data = date('d M y' , $id);
// text
$text = $row[0];
// emoticons
$text = doReplace($text, $emoticons['icon'], $emoticons['char'] );
// text bbcode reverse
html2bb($text);
// image
$currentImage=$row[1];
// image align
$align=$row[2];
// image link
$hyperlink=$row[3];
// title
$title=$row[4];
$title = str_replace('<', '<', $title);
$title = str_replace('>', '>', $title);
echo "<p></p>
<form enctype=\"multipart/form-data\" name=\"news\" action=\"".$_SERVER['SCRIPT_NAME']."?action=edit\" method=\"post\">
<input name=\"newsid\" type=\"hidden\" value=\"$id\">
<table class=\"tablenews\">
<tr><td class=\"title\" colspan=\"2\">Text setup</td></tr>
<tr><td class=\"key\" colspan=\"2\">Date : ".$data."</td></tr>
<tr><td class=\"key\">
Title: <input type=\"text\" name=\"title\" size=\"58\" maxlength=\"100\" value=\"$title\" /><br /><br />
Text:<br /><textarea cols=\"48\" rows=\"6\" wrap=\"ON\" name=\"text\">$text</textarea><br />
";
/* BBCODE SHORTCUT ***************************************************/
printBBcodeShort();
echo "</td><td width=\"60\" class=\"emo\">eMo<br /><br />\n";
/* EMOTICONS *********************************************************/
printEmoticons($emoticons);
/* FILE UPLOAD SECTION ***********************************************/
printFormUpload( 1 , $currentImage, $hyperlink, $align );
echo "<tr><td colspan=\"2\" class=\"keyc\">
<input type=\"submit\" value=\">> UPDATE <<\">
</td></tr>
</table></form>";
@mysql_close($conn);
}
/*******************************************************************************
** VISUALIZZA LA LISTA DELLE EMOTICONS DISPONIBILI **
*******************************************************************************/
function printEmoticons(&$matrice) {
for ($i=0; $i<count($matrice['char']); $i++ ) {
echo "<a href=\"javascript:SetEm_o('".$matrice['char'][$i]."')\">".$matrice['icon'][$i]."</a> ";
if ( $i&1 ) print "<br />";
}
}
/*******************************************************************************
** VISUALIZZA LA LISTA DELLE SHORTCUT BBCODE **
*******************************************************************************/
function printBBcodeShort() {
echo "<a href=\"javascript:SetEm_o('[b][/b]')\"><img src=\"icons/bold.gif\" alt=\"bold\" width=\"21\" height=\"20\" border=\"0\" /></a>
<a href=\"javascript:SetEm_o('[i][/i]')\"><img src=\"icons/italic.gif\" alt=\"italic\" width=\"21\" height=\"20\" border=\"0\" /></a>
<a href=\"javascript:SetEm_o('[u][/u]')\"><img src=\"icons/underline.gif\" alt=\"underline\" width=\"21\" height=\"20\" border=\"0\" /></a>
<a href=\"javascript:SetEm_o('[url=http://www.enterwebaddresshere.com]Text Your Link Will Display[/url]')\"><img src=\"icons/createlink.gif\" width=\"21\" height=\"20\" alt=\"create link\" border=\"0\" /></a>
<a href=\"javascript:SetEm_o('[br]')\"><img src=\"icons/break.gif\" alt=\"break line\" width=\"21\" height=\"20\" border=\"0\" /></a>
";
}
/*******************************************************************************
** VISUALIZZA FORM UPLOAD IMMAGINE **
*******************************************************************************/
function printFormUpload($flag, $img , $hyperlink="" , $align="left") {
if ($hyperlink=="") $unlinkButton=" ";
else $unlinkButton="<input name=\"delink\" type=\"checkbox\" value=\"on\">Unlink";
if ($img=="") $img = " No image submitted for this news.";
else $img = "<a href=\"javascript:CaricaFoto('images/".$img."')\"> <img style=\"padding: 0px 0px 15px 0px\" border=\"0\" align=\"left\" src=\"images/".$img."\" width=\"100\" /></a>
<br /> <input name=\"deleteimage\" type=\"checkbox\" value=\"delete\">Delete current image<br />";
echo "<tr><td class=\"title2\" colspan=\"2\"><br />Image setup</td></tr>";
if ($flag) echo "<tr><td class=\"key\" colspan=\"2\">".$img."</td></tr>";
echo "<tr><td style=\"background-color:#E1EAEE; font-size: 12px; font-family:Verdana,Arial; font-weight:normal;\"; colspan=\"2\"><br />
.: image file : <input name=\"userfile\" type=\"file\" size=\"25\" />
.: align : <select size=\"1\" name=\"imgposition\">";
if ($align=="left") echo "<option value=\"left\">Left</option><option value=\"right\">Right</option>";
else echo "<option value=\"right\">Right</option><option value=\"left\">Left</option>";
echo "</select><br />";
// link immagine
if ($flag && $hyperlink!="") $size=38;
else $size=50;
echo "<br /> .: current image link : <input name=\"url\" type=\"text\" size=\"$size\" value=\"$hyperlink\"> ".$unlinkButton."
<br /><br /></td></tr>";
}
/*******************************************************************************
** html -> bbcode **
*******************************************************************************/
function html2bb(&$html2bbtxt) {
// let's remove all the linefeeds, unix
$html2bbtxt = str_replace(chr(10), '', $html2bbtxt); // "\n"
// and Mac (windoze uses both)
$html2bbtxt = str_replace(chr(13), '', $html2bbtxt); // "\r"
// 'ordinary' transformations
$html2bbtxt = str_replace('<br />', '[br]', $html2bbtxt);
$html2bbtxt = str_replace('<strong>', '[b]', $html2bbtxt);
$html2bbtxt = str_replace('</strong>', '[/b]', $html2bbtxt);
$html2bbtxt = str_replace('<em>', '[i]', $html2bbtxt);
$html2bbtxt = str_replace('</em>', '[/i]', $html2bbtxt);
$html2bbtxt = str_replace('<span style="border-bottom: 1px dotted">', '[u]', $html2bbtxt);
$html2bbtxt = str_replace('</span>', '[/u]', $html2bbtxt);
// more stuff
$html2bbtxt = str_replace('<a href="','[url=', $html2bbtxt);
$html2bbtxt = str_replace('</a>', '[/url]', $html2bbtxt);
$html2bbtxt = str_replace('" >', ']', $html2bbtxt);
// the hypertext entities.. (ditto)
$html2bbtxt = str_replace('<', '<', $html2bbtxt);
$html2bbtxt = str_replace('>', '>', $html2bbtxt);
$html2bbtxt = preg_replace("/<\?(.*)\?>/i", "<b>hypertext: \\1</b>", $html2bbtxt);
// you know what happens to the inventor of the database on Judgement Day?
if (get_magic_quotes_gpc()) stripslashes($html2bbtxt);
}
/*******************************************************************************
** bbcode -> html **
*******************************************************************************/
function bb2html(&$string){
$string = nl2br(htmlspecialchars($string));
$patterns = array(
'`\[b\](.+?)\[/b\]`is',
'`\[i\](.+?)\[/i\]`is',
'`\[u\](.+?)\[/u\]`is',
'`\[url=([a-z0-9]+://)([\w\-]+\.([\w\-]+\.)*[\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*?)?)\](.*?)\[/url\]`si'
);
$replaces = array(
'<strong>\\1</strong>',
'<em>\\1</em>',
'<span style="border-bottom: 1px dotted">\\1</span>',
'<a href="\1\2" >\6</a>'
);
$string = str_replace("[br]", "<br />", $string);
$string = preg_replace($patterns, $replaces , $string);
}
/*******************************************************************************
** sostituisce gli elementi con stesso indice fra 2 array **
*******************************************************************************/
// sostituisce in $text tutte le occorrenze degli elementi dell'array $s con le
// analoghe (di pari indice) dell'array $d,
function doReplace( &$text, &$s, &$d ) {
$textMod="";
for ($i=0; $i<count($s); $i++) {
if (!$i) $textMod = str_replace($s[$i], $d[$i], $text);
else $textMod = str_replace($s[$i], $d[$i], $textMod);
}
return $textMod;
}
/*******************************************************************************
** Upload image file **
*******************************************************************************/
function uploadFile($conn,$newsid,$table_name,$linkImg,$align) {
global $msg,$maxSize;
if ( $_FILES['userfile']['size']!=0 && $_FILES['userfile']['size']($maxSize*1000)
&& ($_FILES['userfile']['type'] == 'image/jpg'
|| $_FILES['userfile']['type'] == 'image/jpeg'
|| $_FILES['userfile']['type'] == 'image/pjpeg') ) {
$uploaddir = 'images/';
$uploadfile = $uploaddir . $newsid . ".jpg";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
// upload riuscito
$msg.= " Image successfully uploaded.";
// update image file name in database
if (updateImg($conn, $newsid, $table_name, $newsid.".jpg" , $linkImg , $align )) return true;
else return false;
}
else {
$msg.= " Error: possible file upload attack!";
return false;
}
}
else {
// image not submitted
if ($_FILES['userfile']['size']==0 && $_FILES['userfile']['name']=="") {
$msg .= " Image not submitted.";
// update (in case) link and align
if (updateImg($conn, $newsid, $table_name, "" , $linkImg , $align )) return true;
else return false;
}
else $msg .= " Image upload failure, wrong file.";
}
}
/*******************************************************************************
** Aggiorna il campo newsimg,link e align **
*******************************************************************************/
function updateImg($connId, $newsId, $table_name, $fileName , $linkImg , $align="left" ) {
global $msg;
// aggiorno i campi selettivamente
$query="UPDATE $table_name SET align='$align' ";
if ($linkImg=="del") { $query.=", link='' "; $msg.=" Link deleted.";}
else if ($linkImg!="") { validateUrl($linkImg); $query.=", link='$linkImg' "; }
if ($fileName=="del") $query.=", newsimg='' ";
else if ($fileName!="") $query.=", newsimg='$fileName' ";
$query.=" WHERE newstime='$newsId'";
if ($result = @mysql_query($query,$connId)) return true;
else { $msg.=" Error during UPDATE: ".mysql_error(); return false; }
}
/*******************************************************************************
** Valida URL sprovvisti di http:// **
*******************************************************************************/
function validateUrl(&$url) {
$str1="www.";
if (!strncmp($str1, $url, 4)) $url="http://".$url;
else return true;
}
/*******************************************************************************
** Inserisce newstime e newstext **
*******************************************************************************/
function insertText($connId, $table_name, $newstime, $text, $title) {
global $msg;
// insertion query
$query="INSERT INTO $table_name (newstime,newstext,newstitle) VALUES ('$newstime','$text','$title')";
if ($result = mysql_query($query,$connId)) { $msg=".:. News added successfully."; return true; }
else { $msg=".:. Insertion failure:br />".mysql_error(); return false; }
}
/*******************************************************************************
** Aggiorna newstime e newstext **
*******************************************************************************/
function updateText($connId, $table_name, $newsId, $text, $title ) {
global $msg;
// update text field
$query = "UPDATE $table_name SET newstitle='$title' , newstext='$text' WHERE newstime='$newsId'";
if ($result = mysql_query($query,$connId)) { $msg=".:. News updated."; return true; }
else { $msg=".:. News update failure:<br />".mysql_error(); return false; }
}
/*******************************************************************************
** Delete Image from dir **
*******************************************************************************/
function deleteImg($fileName) {
global $msg;
if (file_exists("images/".$fileName)) {
if (unlink("images/".$fileName)) $msg.=" Image removed.";
else $msg.=" Image not removed.";
}
else $msg.=" Image not present.";
}
/*******************************************************************************
** Svuota una directory **
*******************************************************************************/
function purge($dir) {
$handle = opendir($dir);
while (false !== ($file = readdir($handle))) {
if ($file != "." && $file != "..") {
if (is_dir($dir.$file)) {
purge ($dir.$file."/");
rmdir($dir.$file);
}
else { unlink($dir.$file); }
}
}
closedir($handle);
}
/*******************************************************************************
** Visualizza Form per accesso alla Restricted Area **
*******************************************************************************/
function restictedArea() {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\">
<head>
<title>prototype News Restricted Area</title>
<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\" />
<style type=\"text/css\">
</style>
</head>
<body>
<div align=\"center\">
<div class=\"container\">
<div class=\"box\">
<p><strong>prototype News</strong><br />Restricted Area</p>
<form name=\"restricted\" action=\"$currentFile\" method=\"post\">
User Name: <input name=\"id\" type=\"text\" value=\"\" /><br />
Password: <input name=\"pw\" type=\"password\" value=\"\" />
<p><input type=\"submit\" value=\"submit\" /></p>
</form>
</div>
</div>
</div>
</body>
</html>
";
}
/*******************************************************************************
***** HEADER XHTML *****
*******************************************************************************/
function top() {
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\">
<head>
<title>prototype News</title>
<meta http-equiv=\"Content-Type\" content=\"text/html;charset=UTF-8\" />
<style type=\"text/css\">
</style>
<SCRIPT type=\"text/javascript\">
</SCRIPT>
</head>
<body>
<div class=\"container\">
";
}
/*******************************************************************************
***** FOOTER XHTML *****
*******************************************************************************/
function foot() { echo "</div></body></html>"; }
?>