• Main Page
  • Related Pages
  • Namespaces
  • Data Structures
  • Files
  • Examples
  • File List
  • Globals

cms/modules/news.lib.php

Go to the documentation of this file.
00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 { 
00004         header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005         echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006         echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007         exit(1);
00008 }
00017 //NOTE (by Abhishek) : I've deliberately not used safe_html in NEWS module so as to give the user the freedom to use HTML tags to specify stuff like highlighted news,colored news, images, etc ... 
00018 
00019  class news implements module {
00020         private $userId;
00021         private $moduleComponentId;
00022         private $action;
00023 
00024 
00025         private function getNews() {
00026                 $result=mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = $this->moduleComponentId");
00027                 $query=mysql_fetch_array($result);
00028 
00029                 $rss_output1 ="<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?><rss version=\"2.0\" xmlns:media=\"http://search.yahoo.com/mrss/\">";
00030                 $rss_output1 .= <<<TTT
00031                 <channel>
00032     <title> {$query['news_title']} </title>
00033     <description> {$query['news_description']} </description>
00034     <link> {$query['news_link']} </link>
00035      <language>en-gb</language>
00036     <copyright> {$query['news_copyright']} </copyright>
00037 TTT;
00038 
00039                 $query1=mysql_query("SELECT * FROM `news_data` WHERE `page_modulecomponentid` = $this->moduleComponentId ORDER BY `news_rank`");
00040                 while($myrow=mysql_fetch_array($query1)){
00041 
00042                         $rss_output1.=<<<RSSOUTPUT
00043 
00044     <item>
00045       <title>{$myrow['news_title']}</title>
00046       <description>{$myrow['news_feed']}</description>
00047       <link>http://www.pragyan.org/{$myrow['news_link']}</link>
00048       <pubDate>{$myrow['news_date']}</pubDate>
00049     </item>
00050 RSSOUTPUT;
00051 
00052                 }
00053 
00054                 $rss_output1.="\n  </channel>\n</rss>\n";
00055                 return $rss_output1;
00056         }
00057 
00058 
00059         public function getHtml($gotuid, $gotmoduleComponentId, $gotaction) {
00060                 $this->userId = $gotuid;
00061                 $this->moduleComponentId = $gotmoduleComponentId;
00062                 $this->action = $gotaction;
00063 
00064                 if($gotaction=='view')
00065                         return $this->actionView();
00066                 if($gotaction=='edit')
00067                         return $this->actionEdit();
00068                 if($gotaction == 'rssview')
00069                         return $this->actionRssview();
00070 
00071         }
00072 
00078         public function getNewsArray($moduleCompId) {
00079         
00080           //changes added to news module by Kulz to fetch news to main menu etc with same function
00081         
00082                 if($moduleCompId<>0)
00083                   $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`=$moduleCompId  ORDER BY `news_rank`,`news_id`";
00084                 else
00085                   $query="SELECT * FROM `news_data` ORDER BY `news_rank`,`news_id`";
00086                 $result=mysql_query($query) or die (mysql_error());
00087                 $i=0;
00088                 while($news=mysql_fetch_assoc($result)){
00089                         foreach($news as $var=>$val)
00090                                 $newsArray[$i][$var]=$val;
00091                         $i++;
00092                 }
00093 
00094                 return $newsArray;
00095         }
00096 
00097         public function actionRssview() {
00098                 header('Content-type: application/rss+xml; charset=utf-8');
00099                 echo $this->getNews();
00100                 exit;
00101         }
00102 
00103         public function actionEdit() {
00104         
00105         
00106         $validateScript=<<<VALSCRIPT
00107         <script type="text/javascript">
00108         function trim(str)
00109                 {
00110                          return str.replace(/^\s+|\s+$/g, '');
00111                 }
00112 
00113         function validate_empty()
00114                 {
00115                         var empty = 0;
00116                         var title = trim(document.AddNews.title.value);
00117                         var feed  = trim(document.AddNews.feed.value);
00118         
00119                         if(title.length == 0)
00120                                 {
00121                                         empty++;
00122                                         alert("The title should not be left blank");
00123                                         document.AddNews.title.focus();
00124                                 }
00125                         else if(feed.length == 0)
00126                                 {
00127                                         empty++;
00128                                         alert("Enter a Description of the News");
00129                                         document.AddNews.feed.focus();
00130                                 }
00131                         return (empty == 0);
00132                 }
00133         </script>
00134 VALSCRIPT;
00135                 if(isset($_GET['subaction'])) {
00136                         global $ICONS;
00137                         if(isset($_GET['newsid']) && ctype_digit($_GET['newsid'])) {
00138                                 if($_GET['subaction'] == 'deletenews') {
00139                                         $query1 = "SELECT * FROM `news_data` WHERE `news_id`=".escape($_GET['newsid'])." AND `page_modulecomponentid` = $this->moduleComponentId";
00140                                         $result = mysql_query($query1);
00141                                         $row = mysql_fetch_assoc($result);
00142         
00143                                         $query = "DELETE FROM `news_data` WHERE `news_id`=".escape($_GET['newsid'])." AND `page_modulecomponentid`='$this->moduleComponentId'";
00144                                         $result = mysql_query($query);
00145                                         displayinfo('News feed has been successfully deleted.');
00146                                 }
00147                                 elseif($_GET['subaction'] == 'editnews') {
00148                                         $query = "SELECT * FROM `news_data` WHERE `news_id`={$_GET['newsid']} AND `page_modulecomponentid` = $this->moduleComponentId";
00149                                         $result = mysql_query($query);
00150                                         $row = mysql_fetch_assoc($result);
00151                                         $editForm = <<<EDITFORM
00152                                                 $validateScript
00153                                                 <fieldset><legend>{$ICONS['News Edit']['small']} Edit News<legend><form name="AddNews" action="./+edit" method="POST" onsubmit="return validate_empty();">
00154                                                         Title of News Item  <input type="text" name="title" id="title" size="50" value="{$row['news_title']}"><br /><br />
00155                                                         News Description  <br><textarea name="feed" id="feed" cols="50" rows="10">{$row['news_feed']}</textarea><br />
00156                                                         Rank/Importance of Feed  <input type="text" name="rank" size="10" value="{$row['news_rank']}" /><br /><br />
00157                                                         Relative link  <input type="text" name="link" size=40 value="{$row['news_link']}" ><br><br>
00158                                                         <input type="submit" value="Save Changes" name="btnSaveChanges"/>
00159                                                         <input type="hidden" name="newsid" value="{$row['news_id']}" />
00160                                         </form></fieldset>
00161 EDITFORM;
00162 
00163                                         return $editForm;
00164                                 }
00165                         }
00166                         elseif($_GET['subaction'] == 'addnews') {
00167                                 if(isset($_POST['btnAddNews'])) {
00168                                         $query1 = "SELECT MAX(`news_id`) FROM `news_data` WHERE `page_modulecomponentid`='$this->moduleComponentId'";
00169                                         $result = mysql_query($query1);
00170                                         $resultArray = mysql_fetch_row($result);
00171                                         $news_id = 1;
00172                                         if(!is_null($resultArray[0]))
00173                                                 $news_id = $resultArray[0] +1;
00174                                         $query2 = "INSERT INTO `news_data` (`page_modulecomponentid`, `news_id`, `news_title`, `news_feed`, `news_rank`,`news_link`) VALUES('$this->moduleComponentId','$news_id','".escape($_POST['title'])."','".escape($_POST['feed'])."','".escape($_POST['rank'])."','".escape($_POST['link'])."')";
00175                                         $result = mysql_query($query2) or die(mysql_error() . '<br />' . $query2);
00176                                 }
00177                                 else {
00178                                 
00179                                         $addnews=<<<NEWS
00180 $validateScript
00181 <fieldset><legend>{$ICONS['News Add']['small']} Add News<legend>
00182 <form name="AddNews" action="./+edit&subaction=addnews" method="POST" onsubmit="return validate_empty()">
00183                                                                 Title of News Item  <input type="text" name="title" id="title" size=50 /><br><br>
00184                                                                 News Description  <br><textarea name="feed" id="feed" cols="50" rows="10"> </textarea><br>
00185                                                                 Rank/Importance of Feed <input type="text" name="rank" size=10 /><br><br>' .
00186                                                                                 'Relative link  <input type="text" name="link" size=40 /><br><br>
00187                                                                 <input type="submit" name="btnAddNews" value="Submit News Feed" />
00188                                                                 </form></fieldset>
00189 NEWS;
00190                                         return $addnews;
00191                                 }
00192                         }
00193                 }
00194                 elseif(isset($_POST['btnSaveChanges']) && isset($_POST['newsid'])) {
00195                         $query = "UPDATE `news_data` SET `news_title`='".escape($_POST['title'])."',`news_feed`='".escape($_POST['feed'])."',`news_rank`='".escape($_POST['rank'])."',`news_link`='".escape($_POST['link'])."' WHERE `news_id`=".escape($_POST['newsid'])." AND `page_modulecomponentid`=$this->moduleComponentId";
00196                         $result = mysql_query($query);
00197                         displayinfo("News feed has been successfully updated.");
00198                 }
00199                 if(isset($_POST['btnNewsPropSave'])) {
00200                         $query = "UPDATE `news_desc` SET `news_title` = '".escape($_POST['news_title'])."', `news_description`='".escape($_POST['news_desc'])."', `news_link`='".escape($_POST['news_link'])."', `news_copyright`='".escape($_POST['news_copyright'])."' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'";
00201                         if(mysql_query($query))
00202                                 displayinfo("News Page Properties has been successfully updated.");
00203                         else
00204                                 displayerror("There has been some error in updating Properties.");
00205                 }
00206 
00207                 $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`='$this->moduleComponentId' ORDER BY `news_rank`,`news_id`";
00208                 $result=mysql_query($query);
00209                 $descResult = mysql_fetch_assoc(mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"));
00210                 $rowCount = mysql_num_rows($result);
00211                 global $ICONS;
00212                 $news = "<form method=POST action='./+edit'>";
00213                 $news .= "<table width=100%><tr><td>Title:</td><td><input name='news_title' type='text' value='{$descResult['news_title']}'></td></tr>";
00214                 $news .= "<tr><td>Description:</td><td><textarea name='news_desc'>{$descResult['news_description']}</textarea></td></tr>";
00215                 $news .= "<tr><td>Link:</td><td><input name='news_link' type='text' value='{$descResult['news_link']}'></td></tr>";
00216                 $news .= "<tr><td>Copyright:</td><td><textarea name='news_copyright'>{$descResult['news_copyright']}</textarea></td></tr>";
00217                 $news .= "<tr><td></td><td><input type='submit' value='Save' name='btnNewsPropSave'></td></tr></table>";
00218                 $news .= "</form>";
00219                 $news .= "<fieldset><legend>{$ICONS['News Edit']['small']} Edit News<legend><form name=\"newsedit\" action=\"./+edit\" method=\"POST\">";
00220                 $news.=<<<CHECKDEL
00221                 <script language="javascript">
00222 
00223                         function checkDelete(butt,fileDel) {
00224                                 if(confirm('Are you sure you want to delete news id'+fileDel+'?')) {
00225                                         window.location+= '&subaction=deletenews&newsid='+fileDel;
00226                                 }
00227                                 else
00228                                         return false;
00229                         }
00230             </script>
00231 
00232 CHECKDEL;
00233                 global $urlRequestRoot, $sourceFolder, $templateFolder,$cmsFolder;
00234                 $editImage = "<img style=\"padding:0px\" src=\"$urlRequestRoot/$cmsFolder/$templateFolder/common/icons/16x16/apps/accessories-text-editor.png\" alt=\"Edit\" />";
00235                 $deleteImage = "<img style=\"padding:0px\" src=\"$urlRequestRoot/$cmsFolder/$templateFolder/common/icons/16x16/actions/edit-delete.png\" alt=\"Delete\" />";
00236 
00237                 
00238                 $news .= "<table frame=\"vsides\" border=\"1\" width=\"100%\">";
00239                 $news .="<tr><th>Sl. No.</th><th>Edit</th><th>Delete</th><th>News ID</th><th>Title</th><th>Feed</th><th>Rank</th><th>Date</th><th>Link</th></tr>";
00240                 $i = 1;
00241                 while($row=mysql_fetch_assoc($result)) {
00242                         $news .=
00243                                         '<tr align="center"><td>'.$i.'</td><td><a href="./+edit&subaction=editnews&newsid='.$row['news_id'].'">' . $editImage . '</a></td>' .
00244                                         '<td><a onclick="return checkDelete(this, \''.$row['news_id'].'\');" >' . $deleteImage . '</a></td>';
00245                         $news .= "<td>{$row['news_id']}</td><td>{$row['news_title']}</td><td>{$row['news_feed']}</td><td>{$row['news_rank']}</td><td>{$row['news_date']}</td><td><a href=\"$row[news_link]\">{$row['news_link']}</a></td></tr>\n";
00246                         ++$i;
00247                 }
00248                 $news .= <<<END
00249 </table>
00250 <br /><input type=button value='Add News' onClick='window.location="./+edit&subaction=addnews"'> <input type=button value='View News' onClick='window.location="./+view"'></form></fieldset>
00251 END;
00252                 return $news;
00253         }
00254 
00255 
00256 
00257         public function createModule(&$moduleComponentId) {
00258                 $query = "SELECT MAX(`page_modulecomponentid`) as MAX FROM `news_data` ";
00259                 $result = mysql_query($query) or die(mysql_error() . "news.lib L:73");
00260                 $row = mysql_fetch_assoc($result);
00261                 $compId = $row['MAX'] + 1;
00262                 $globalSettings = getGlobalSettings();
00263                 if (mysql_query("INSERT INTO `news_desc` (`page_modulecomponentid` ,`news_copyright`)VALUES ('$compId', '{$globalSettings['cms_footer']}')")) {
00264                         $moduleComponentId = $compId;
00265                         return true;
00266                 } else
00267                         return false;
00268 
00269         }
00270         public function deleteModule($moduleComponentId){
00271                 if(mysql_query("DELETE FROM `news_data` WHERE `page_modulecomponentid` = '{$moduleComponentId}'") AND mysql_query("DELETE FROM `news_desc` WHERE `page_modulecomponentid` = '{$moduleComponentId}'"))
00272                         return true;
00273                 return false;
00274         }
00275 
00276 
00277 
00278         public function copyModule($moduleComponentId){
00279                 $result = mysql_query("SELECT MAX(page_modulecomponentid) as MAX FROM `news_data`") or die(mysql_error() . " news.lib L:74");
00280                 $row = mysql_fetch_array($result);
00281                 $compId = $row['MAX'] + 1;
00282                 
00283                 $result = mysql_query("SELECT * FROM `news_data` WHERE `page_modulecomponentid` = '{$moduleComponentId}'");
00284                 while($row = mysql_fetch_array($result))
00285                         mysql_query("INSERT INTO `news_data` (`page_modulecomponentid` ,`news_title`,`news_feed`,`news_rank`,`news_date`,`news_link`)VALUES ('$compId', '{$row['news_title']}', '{$row['news_feed']}', '{$row['news_rank']}', '{$row['news_date']}', '{$row['news_link']}')");
00286                 $result = mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = '{$moduleComponentId}'");
00287                 while($row = mysql_fetch_array($result))
00288                         mysql_query("INSERT INTO `news_desc` (`page_modulecomponentid` ,`news_title`,`news_description`)VALUES ('$compId', '{$row['news_title']}', '{$row['news_description']}')");
00289                 return $compId;
00290         }
00291 
00292         public function actionView()
00293         {
00294                 $moduleCompId=$this->moduleComponentId;
00295                 $newsId=isset($_GET['id'])?$_GET['id']:"";
00296                 $newsView = "";
00297                 if($newsId=='')
00298                 {
00299                         $query="SELECT * FROM `news_desc` WHERE `page_modulecomponentid`=$moduleCompId";
00300                         $result=mysql_query($query) or die(mysql_error()."news.lib L247");
00301                         $temp=mysql_fetch_assoc($result);
00302                         $newsView.="<h1><a href='{$temp['news_link']}'>{$temp['news_title']}</a></h1><br>";
00303                         $cond="";
00304 
00305 
00306                 }
00307                 else
00308                         $cond="AND `news_id`=$newsId";
00309                 $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`=$moduleCompId $cond ORDER BY `news_rank`, `news_id`";
00310                 $result=mysql_query($query);// or die (mysql_error()."news.lib 247");
00311                 while($newsResult=mysql_fetch_assoc($result))
00312                 {
00313                         $newsView.=<<<NEWS
00314                                 <h2><a href="$newsResult[news_link]"> $newsResult[news_title]</a></h2>
00315                                 <p>$newsResult[news_feed]</p>
00316 NEWS;
00317                 }
00318                 $newsView .= "<br>" .$temp['news_copyright'];
00319                 return $newsView;
00320         }
00321  }
00322 

Generated on Sun Jan 2 2011 04:55:32 for Pragyan CMS by  doxygen 1.7.1