forked from mikeallisonJS/simplecoin
-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathnews.php
More file actions
36 lines (30 loc) · 1.12 KB
/
Copy pathnews.php
File metadata and controls
36 lines (30 loc) · 1.12 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
<?php
include ("includes/header.php");
$goodMessage = "";
$returnError = "";
//Scince this is the Admin panel we'll make sure the user is logged in and "isAdmin" enabled boolean; If this is not a logged in user that is enabled as admin, redirect to a 404 error page
if(!$cookieValid || $isAdmin != 1) {
header('Location: /');
exit;
}
$action = $_POST["action"];
if($action == "news") {
$title = $_POST["title"];
$title = sqlesc($title);
$news = $_POST["news"];
$news = sqlesc($news);
$currentTime = time();
mysql_query("INSERT INTO news (title,message) VALUES ('$title','$news')") or sqlerr(__FILE__, __LINE__);
}
$res = mysql_query("SELECT title, message FROM news WHERE id = 1");
$row = mysql_fetch_array($res);
echo "<h2>Edit news</h2><br/>";
echo "<form action=news.php method=post>";
echo "<input type=hidden name=action value=news>";
echo "Title<br>";
echo "<textarea name=title rows=1 cols=80>" . htmlspecialchars($row["title"]) . "</textarea><br>";
echo "News<br>";
echo "<textarea name=news rows=10 cols=80>" . htmlspecialchars($row["message"]) . "</textarea>";
echo "<br><input type=submit value=Submit>";
echo "</form>";
?>