Go to the documentation of this file.00001 <?php
00002 if(!defined('__PRAGYAN_CMS'))
00003 {
00004 header($_SERVER['SERVER_PROTOCOL'].' 403 Forbidden');
00005 echo "<h1>403 Forbidden<h1><h4>You are not authorized to access the page.</h4>";
00006 echo '<hr/>'.$_SERVER['SERVER_SIGNATURE'];
00007 exit(1);
00008 }
00017
00018
00019 class news implements module {
00020 private $userId;
00021 private $moduleComponentId;
00022 private $action;
00023
00024
00025 private function getNews() {
00026 $result=mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = $this->moduleComponentId");
00027 $query=mysql_fetch_array($result);
00028
00029 $rss_output1 ="<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?><rss version=\"2.0\" xmlns:media=\"http://search.yahoo.com/mrss/\">";
00030 $rss_output1 .= <<<TTT
00031 <channel>
00032 <title> {$query['news_title']} </title>
00033 <description> {$query['news_description']} </description>
00034 <link> {$query['news_link']} </link>
00035 <language>en-gb</language>
00036 <copyright> {$query['news_copyright']} </copyright>
00037 TTT;
00038
00039 $query1=mysql_query("SELECT * FROM `news_data` WHERE `page_modulecomponentid` = $this->moduleComponentId ORDER BY `news_rank`");
00040 while($myrow=mysql_fetch_array($query1)){
00041
00042 $rss_output1.=<<<RSSOUTPUT
00043
00044 <item>
00045 <title>{$myrow['news_title']}</title>
00046 <description>{$myrow['news_feed']}</description>
00047 <link>http:
00048 <pubDate>{$myrow['news_date']}</pubDate>
00049 </item>
00050 RSSOUTPUT;
00051
00052 }
00053
00054 $rss_output1.="\n </channel>\n</rss>\n";
00055 return $rss_output1;
00056 }
00057
00058
00059 public function getHtml($gotuid, $gotmoduleComponentId, $gotaction) {
00060 $this->userId = $gotuid;
00061 $this->moduleComponentId = $gotmoduleComponentId;
00062 $this->action = $gotaction;
00063
00064 if($gotaction=='view')
00065 return $this->actionView();
00066 if($gotaction=='edit')
00067 return $this->actionEdit();
00068 if($gotaction == 'rssview')
00069 return $this->actionRssview();
00070
00071 }
00072
00078 public function getNewsArray($moduleCompId) {
00079
00080
00081
00082 if($moduleCompId<>0)
00083 $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`=$moduleCompId ORDER BY `news_rank`,`news_id`";
00084 else
00085 $query="SELECT * FROM `news_data` ORDER BY `news_rank`,`news_id`";
00086 $result=mysql_query($query) or die (mysql_error());
00087 $i=0;
00088 while($news=mysql_fetch_assoc($result)){
00089 foreach($news as $var=>$val)
00090 $newsArray[$i][$var]=$val;
00091 $i++;
00092 }
00093
00094 return $newsArray;
00095 }
00096
00097 public function actionRssview() {
00098 header('Content-type: application/rss+xml; charset=utf-8');
00099 echo $this->getNews();
00100 exit;
00101 }
00102
00103 public function actionEdit() {
00104
00105
00106 $validateScript=<<<VALSCRIPT
00107 <script type="text/javascript">
00108 function trim(str)
00109 {
00110 return str.replace(/^\s+|\s+$/g, '');
00111 }
00112
00113 function validate_empty()
00114 {
00115 var empty = 0;
00116 var title = trim(document.AddNews.title.value);
00117 var feed = trim(document.AddNews.feed.value);
00118
00119 if(title.length == 0)
00120 {
00121 empty++;
00122 alert("The title should not be left blank");
00123 document.AddNews.title.focus();
00124 }
00125 else if(feed.length == 0)
00126 {
00127 empty++;
00128 alert("Enter a Description of the News");
00129 document.AddNews.feed.focus();
00130 }
00131 return (empty == 0);
00132 }
00133 </script>
00134 VALSCRIPT;
00135 if(isset($_GET['subaction'])) {
00136 global $ICONS;
00137 if(isset($_GET['newsid']) && ctype_digit($_GET['newsid'])) {
00138 if($_GET['subaction'] == 'deletenews') {
00139 $query1 = "SELECT * FROM `news_data` WHERE `news_id`=".escape($_GET['newsid'])." AND `page_modulecomponentid` = $this->moduleComponentId";
00140 $result = mysql_query($query1);
00141 $row = mysql_fetch_assoc($result);
00142
00143 $query = "DELETE FROM `news_data` WHERE `news_id`=".escape($_GET['newsid'])." AND `page_modulecomponentid`='$this->moduleComponentId'";
00144 $result = mysql_query($query);
00145 displayinfo('News feed has been successfully deleted.');
00146 }
00147 elseif($_GET['subaction'] == 'editnews') {
00148 $query = "SELECT * FROM `news_data` WHERE `news_id`={$_GET['newsid']} AND `page_modulecomponentid` = $this->moduleComponentId";
00149 $result = mysql_query($query);
00150 $row = mysql_fetch_assoc($result);
00151 $editForm = <<<EDITFORM
00152 $validateScript
00153 <fieldset><legend>{$ICONS['News Edit']['small']} Edit News<legend><form name="AddNews" action="./+edit" method="POST" onsubmit="return validate_empty();">
00154 Title of News Item <input type="text" name="title" id="title" size="50" value="{$row['news_title']}"><br /><br />
00155 News Description <br><textarea name="feed" id="feed" cols="50" rows="10">{$row['news_feed']}</textarea><br />
00156 Rank/Importance of Feed <input type="text" name="rank" size="10" value="{$row['news_rank']}" /><br /><br />
00157 Relative link <input type="text" name="link" size=40 value="{$row['news_link']}" ><br><br>
00158 <input type="submit" value="Save Changes" name="btnSaveChanges"/>
00159 <input type="hidden" name="newsid" value="{$row['news_id']}" />
00160 </form></fieldset>
00161 EDITFORM;
00162
00163 return $editForm;
00164 }
00165 }
00166 elseif($_GET['subaction'] == 'addnews') {
00167 if(isset($_POST['btnAddNews'])) {
00168 $query1 = "SELECT MAX(`news_id`) FROM `news_data` WHERE `page_modulecomponentid`='$this->moduleComponentId'";
00169 $result = mysql_query($query1);
00170 $resultArray = mysql_fetch_row($result);
00171 $news_id = 1;
00172 if(!is_null($resultArray[0]))
00173 $news_id = $resultArray[0] +1;
00174 $query2 = "INSERT INTO `news_data` (`page_modulecomponentid`, `news_id`, `news_title`, `news_feed`, `news_rank`,`news_link`) VALUES('$this->moduleComponentId','$news_id','".escape($_POST['title'])."','".escape($_POST['feed'])."','".escape($_POST['rank'])."','".escape($_POST['link'])."')";
00175 $result = mysql_query($query2) or die(mysql_error() . '<br />' . $query2);
00176 }
00177 else {
00178
00179 $addnews=<<<NEWS
00180 $validateScript
00181 <fieldset><legend>{$ICONS['News Add']['small']} Add News<legend>
00182 <form name="AddNews" action="./+edit&subaction=addnews" method="POST" onsubmit="return validate_empty()">
00183 Title of News Item <input type="text" name="title" id="title" size=50 /><br><br>
00184 News Description <br><textarea name="feed" id="feed" cols="50" rows="10"> </textarea><br>
00185 Rank/Importance of Feed <input type="text" name="rank" size=10 /><br><br>' .
00186 'Relative link <input type="text" name="link" size=40 /><br><br>
00187 <input type="submit" name="btnAddNews" value="Submit News Feed" />
00188 </form></fieldset>
00189 NEWS;
00190 return $addnews;
00191 }
00192 }
00193 }
00194 elseif(isset($_POST['btnSaveChanges']) && isset($_POST['newsid'])) {
00195 $query = "UPDATE `news_data` SET `news_title`='".escape($_POST['title'])."',`news_feed`='".escape($_POST['feed'])."',`news_rank`='".escape($_POST['rank'])."',`news_link`='".escape($_POST['link'])."' WHERE `news_id`=".escape($_POST['newsid'])." AND `page_modulecomponentid`=$this->moduleComponentId";
00196 $result = mysql_query($query);
00197 displayinfo("News feed has been successfully updated.");
00198 }
00199 if(isset($_POST['btnNewsPropSave'])) {
00200 $query = "UPDATE `news_desc` SET `news_title` = '".escape($_POST['news_title'])."', `news_description`='".escape($_POST['news_desc'])."', `news_link`='".escape($_POST['news_link'])."', `news_copyright`='".escape($_POST['news_copyright'])."' WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'";
00201 if(mysql_query($query))
00202 displayinfo("News Page Properties has been successfully updated.");
00203 else
00204 displayerror("There has been some error in updating Properties.");
00205 }
00206
00207 $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`='$this->moduleComponentId' ORDER BY `news_rank`,`news_id`";
00208 $result=mysql_query($query);
00209 $descResult = mysql_fetch_assoc(mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = '{$this->moduleComponentId}'"));
00210 $rowCount = mysql_num_rows($result);
00211 global $ICONS;
00212 $news = "<form method=POST action='./+edit'>";
00213 $news .= "<table width=100%><tr><td>Title:</td><td><input name='news_title' type='text' value='{$descResult['news_title']}'></td></tr>";
00214 $news .= "<tr><td>Description:</td><td><textarea name='news_desc'>{$descResult['news_description']}</textarea></td></tr>";
00215 $news .= "<tr><td>Link:</td><td><input name='news_link' type='text' value='{$descResult['news_link']}'></td></tr>";
00216 $news .= "<tr><td>Copyright:</td><td><textarea name='news_copyright'>{$descResult['news_copyright']}</textarea></td></tr>";
00217 $news .= "<tr><td></td><td><input type='submit' value='Save' name='btnNewsPropSave'></td></tr></table>";
00218 $news .= "</form>";
00219 $news .= "<fieldset><legend>{$ICONS['News Edit']['small']} Edit News<legend><form name=\"newsedit\" action=\"./+edit\" method=\"POST\">";
00220 $news.=<<<CHECKDEL
00221 <script language="javascript">
00222
00223 function checkDelete(butt,fileDel) {
00224 if(confirm('Are you sure you want to delete news id'+fileDel+'?')) {
00225 window.location+= '&subaction=deletenews&newsid='+fileDel;
00226 }
00227 else
00228 return false;
00229 }
00230 </script>
00231
00232 CHECKDEL;
00233 global $urlRequestRoot, $sourceFolder, $templateFolder,$cmsFolder;
00234 $editImage = "<img style=\"padding:0px\" src=\"$urlRequestRoot/$cmsFolder/$templateFolder/common/icons/16x16/apps/accessories-text-editor.png\" alt=\"Edit\" />";
00235 $deleteImage = "<img style=\"padding:0px\" src=\"$urlRequestRoot/$cmsFolder/$templateFolder/common/icons/16x16/actions/edit-delete.png\" alt=\"Delete\" />";
00236
00237
00238 $news .= "<table frame=\"vsides\" border=\"1\" width=\"100%\">";
00239 $news .="<tr><th>Sl. No.</th><th>Edit</th><th>Delete</th><th>News ID</th><th>Title</th><th>Feed</th><th>Rank</th><th>Date</th><th>Link</th></tr>";
00240 $i = 1;
00241 while($row=mysql_fetch_assoc($result)) {
00242 $news .=
00243 '<tr align="center"><td>'.$i.'</td><td><a href="./+edit&subaction=editnews&newsid='.$row['news_id'].'">' . $editImage . '</a></td>' .
00244 '<td><a onclick="return checkDelete(this, \''.$row['news_id'].'\');" >' . $deleteImage . '</a></td>';
00245 $news .= "<td>{$row['news_id']}</td><td>{$row['news_title']}</td><td>{$row['news_feed']}</td><td>{$row['news_rank']}</td><td>{$row['news_date']}</td><td><a href=\"$row[news_link]\">{$row['news_link']}</a></td></tr>\n";
00246 ++$i;
00247 }
00248 $news .= <<<END
00249 </table>
00250 <br /><input type=button value='Add News' onClick='window.location="./+edit&subaction=addnews"'> <input type=button value='View News' onClick='window.location="./+view"'></form></fieldset>
00251 END;
00252 return $news;
00253 }
00254
00255
00256
00257 public function createModule(&$moduleComponentId) {
00258 $query = "SELECT MAX(`page_modulecomponentid`) as MAX FROM `news_data` ";
00259 $result = mysql_query($query) or die(mysql_error() . "news.lib L:73");
00260 $row = mysql_fetch_assoc($result);
00261 $compId = $row['MAX'] + 1;
00262 $globalSettings = getGlobalSettings();
00263 if (mysql_query("INSERT INTO `news_desc` (`page_modulecomponentid` ,`news_copyright`)VALUES ('$compId', '{$globalSettings['cms_footer']}')")) {
00264 $moduleComponentId = $compId;
00265 return true;
00266 } else
00267 return false;
00268
00269 }
00270 public function deleteModule($moduleComponentId){
00271 if(mysql_query("DELETE FROM `news_data` WHERE `page_modulecomponentid` = '{$moduleComponentId}'") AND mysql_query("DELETE FROM `news_desc` WHERE `page_modulecomponentid` = '{$moduleComponentId}'"))
00272 return true;
00273 return false;
00274 }
00275
00276
00277
00278 public function copyModule($moduleComponentId){
00279 $result = mysql_query("SELECT MAX(page_modulecomponentid) as MAX FROM `news_data`") or die(mysql_error() . " news.lib L:74");
00280 $row = mysql_fetch_array($result);
00281 $compId = $row['MAX'] + 1;
00282
00283 $result = mysql_query("SELECT * FROM `news_data` WHERE `page_modulecomponentid` = '{$moduleComponentId}'");
00284 while($row = mysql_fetch_array($result))
00285 mysql_query("INSERT INTO `news_data` (`page_modulecomponentid` ,`news_title`,`news_feed`,`news_rank`,`news_date`,`news_link`)VALUES ('$compId', '{$row['news_title']}', '{$row['news_feed']}', '{$row['news_rank']}', '{$row['news_date']}', '{$row['news_link']}')");
00286 $result = mysql_query("SELECT * FROM `news_desc` WHERE `page_modulecomponentid` = '{$moduleComponentId}'");
00287 while($row = mysql_fetch_array($result))
00288 mysql_query("INSERT INTO `news_desc` (`page_modulecomponentid` ,`news_title`,`news_description`)VALUES ('$compId', '{$row['news_title']}', '{$row['news_description']}')");
00289 return $compId;
00290 }
00291
00292 public function actionView()
00293 {
00294 $moduleCompId=$this->moduleComponentId;
00295 $newsId=isset($_GET['id'])?$_GET['id']:"";
00296 $newsView = "";
00297 if($newsId=='')
00298 {
00299 $query="SELECT * FROM `news_desc` WHERE `page_modulecomponentid`=$moduleCompId";
00300 $result=mysql_query($query) or die(mysql_error()."news.lib L247");
00301 $temp=mysql_fetch_assoc($result);
00302 $newsView.="<h1><a href='{$temp['news_link']}'>{$temp['news_title']}</a></h1><br>";
00303 $cond="";
00304
00305
00306 }
00307 else
00308 $cond="AND `news_id`=$newsId";
00309 $query="SELECT * FROM `news_data` WHERE `page_modulecomponentid`=$moduleCompId $cond ORDER BY `news_rank`, `news_id`";
00310 $result=mysql_query($query);
00311 while($newsResult=mysql_fetch_assoc($result))
00312 {
00313 $newsView.=<<<NEWS
00314 <h2><a href="$newsResult[news_link]"> $newsResult[news_title]</a></h2>
00315 <p>$newsResult[news_feed]</p>
00316 NEWS;
00317 }
00318 $newsView .= "<br>" .$temp['news_copyright'];
00319 return $newsView;
00320 }
00321 }
00322