cannibal
01-17-2006, 03:37 AM
HI
I have news PHP script that allow the admin and the users to add news
what I want is to add an attachment ability for them so they can attach doc files with the news then a link appears to download thet file
this is the main code file
<?
require ("global.php");
if ($HTTP_COOKIE_VARS["cookie_login"] !="log"){
logintoadmin();
exit();
}
//Find Author Name
function FindAuthorName($author_id) {
global $users_table ;
dbconnect();
$users_result = mysql_query("SELECT user_name FROM $users_table WHERE user_id='$author_id'");
$users_row = mysql_fetch_object($users_result);
return ($users_row->user_name);
}
//End of Find Author Name
//Start of Login TO Admin
function logintoadmin() {
printf("<form method=post action=\"rlogon.php\">
<p>User name <input type=text style=\"font-family: Tahoma\" size=20 name=user_name>
<br><br>Password <input type=password style=\"font-family: Tahoma\" size=20 name=user_pass></p><p><input type=submit value=\"login\"></form></p>");
}
// End of Login To Admin
function GenerateMainForm(){
global $HTTP_COOKIE_VARS ;
echo "<form method=post action='admin.php'>" ;
echo "<br><b>Select from the options </b><br><br>";
echo "<input type=submit name=choice value='Add news'><br>";
echo "<input type=submit name=choice value='View my news list'><br>";
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
echo "<input type=submit name=choice value='Add user'><br>";
echo "<input type=submit name=choice value='List users'><br>";
}
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 0) {
echo "<input type=submit name=choice value='User options'><br>";
}
echo "<br><br><br><br><br>";
}
// Start of Generate News List
function GenerateNewsList() {
global $news_table ,$users_table ,$HTTP_COOKIE_VARS;
dbconnect();
//When Admin Want to view News ...
// He Can Delet - Modify His News And Other News
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
$news_result = mysql_query("SELECT news_id , news_title ,news_author FROM $news_table ORDER BY news_id DESC");
echo "<br><br><br><table border=1 width=\80%\" bordercolor=#FFFFFF height=2>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center><font color=#FFFFFF>The latest news list</tr>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=##800000 width=63><td><font size=1 face=Tahoma color=#FFFFFF></b><b>News number</b></td>" ;
echo "<td bgcolor=#800000 width=200><font size=1 face=Tahoma color=#FFFFFF><b>News Subject </b></td>" ;
echo "<td bgcolor=#800000 width=63><font size=1 face=Tahoma color=#FFFFFF><b>News author </b></td>" ;
while ($news_row = mysql_fetch_object($news_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=20><font size=1 face=Tahoma>".$news_row->news_id."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=200><font size=1 face=Tahoma>".$news_row->news_title."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF><font size=1 face=Tahoma>".FindAuthorName($news_row->news_author)."</font></td>" ;
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=del&id=%s\">Delete news</a></font></td>",$news_row->news_id);
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=modify&id=%s\">Edit news</a></font></td>",$news_row->news_id);
} //End While
echo "</table>" ;
} // End Admin News Section
// When User want to View News ..
// He can only View His News and Modify - Delete it
else if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 0) {
$author_id = $HTTP_COOKIE_VARS["cookie_user_id"] ;
$news_result = mysql_query("SELECT news_id , news_title ,news_author FROM $news_table WHERE news_author ='$author_id' ORDER BY news_id DESC");
echo "<br><br><br><table border=1 width=\80%\" bordercolor=#FFFFFF height=2>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center> <font color=#FFFFFF>The latest news list (".FindAuthorName($author_id).")</tr>";
echo "<tr bordercolor=#C0C0C0 bgcolor=##800000 width=63><td><font size=1 face=Tahoma color=#FFFFFF></b><b>News number</b></td>";
echo "<td bgcolor=#800000 width=200><font size=1 face=Tahoma color=#FFFFFF><b>News Subject </b></td>";
echo "<td bgcolor=#800000 width=63><font size=1 face=Tahoma color=#FFFFFF><b>News author </b></td>";
while ($news_row = mysql_fetch_object($news_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=20><font size=1 face=Tahoma>".$news_row->news_id."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=200><font size=1 face=Tahoma>".$news_row->news_title."</font></td>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF><font size=1 face=Tahoma>".FindAuthorName($news_row->news_author)."</font></td>";
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=del&id=%s\">Delete news</a></font></td>",$news_row->news_id);
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=modify&id=%s\">Edit News</a></font></td>",$news_row->news_id);
} //End While
echo "</table>" ;
} // End of Users News Section
}
// End of GenerateNewsList
// Start of Add News
function AddNews(){
global $HTTP_COOKIE_VARS ;
echo " <form method=post action=addnews.php>" ;
echo " <br><b>Add New News </b><br><br>";
echo " <input type=hidden value='True' name=add>";
echo " News subject <input type= text size=50 name=news_title ><br>" ;
echo " News author ".$HTTP_COOKIE_VARS["cookie_user_name"] ;
printf (" <input type=hidden value='%s' name=news_author><br>",$HTTP_COOKIE_VARS["cookie_user_id"]);
echo " News Body<br><textarea cols=50 rows=6 name=news_body> </textarea><br>" ;
echo " Ready <input type=radio value='1' name=news_status checked>
<br><br> " ;
echo "<li>The news date will be added automatically</li><br>";
echo "<li> You can use HTML in the news </li><br>";
echo "<li> For example write the news in front page and add it here</li><br>";
echo "<input type=submit value='Save'>";
}
//End of Add News
//Start Of Add User
//This Section For Admin Only .. He can Add New Users And Change There Properities ..
function AddnewUser() {
global $HTTP_COOKIE_VARS ;
echo "<form method=post action='adduser.php'>" ;
echo " <br><b> Add new user </b><br><br>";
echo " <input type=hidden value='True' name=add>";
echo " User name <input type=text size=70 name=user_name ><br>" ;
echo " Password <input type= text size=70 name=user_password ><br>" ;
echo " Email <input type= text size=70 name=user_email ><br>" ;
echo "<br><input type=submit value='Save'>";
}
//End of Add User
//Start of GenerateUsersList
function GenerateUsersList() {
global $HTTP_COOKIE_VARS , $users_table ;
dbconnect();
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
$users_result = mysql_query("SELECT user_id , user_name FROM $users_table ORDER BY user_id");
echo "<br><br><br><table border=1 width=300 bordercolor=#FFFFFF>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center> <font color=#FFFFFF>Users list </tr>";
while ($users_row = mysql_fetch_object($users_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0>".$users_row->user_id."</td>" ;
echo "<td bordercolor=#C0C0C0>".$users_row->user_name."</td>";
printf ("<td bordercolor=#C0C0C0><a href=\"users.php?process=del&id=%s\">Delete User</a></td>",$users_row->user_id);
printf ("<td bordercolor=#C0C0C0><a href=\"users.php?process=modify&id=%s\">Edit User</a></td>",$users_row->user_id);
} //End While
echo "</table>" ;
echo "<br><font color=800000><li>If you delete any user then all his news will be deleted also</li><br>";
}
}
// End of GenerateUsersList
// Start of UserProperities
function UserProperities() {
global $HTTP_COOKIE_VARS , $users_table ;
dbconnect();
$author_id = $HTTP_COOKIE_VARS["cookie_user_id"];
$user_result = mysql_query("SELECT * FROM $users_table WHERE user_id = '$author_id'");
$result = mysql_fetch_object($user_result);
echo "<form method=post action='changeuser.php'>" ;
echo " <br><b>Modify your profile</b><br><br>";
echo " User name<br> <input type=text value='$result->user_name' size=40 name=user_name ><br>" ;
echo " Passeord<br> <input type= text value='$result->user_password' size=40 name=user_password ><br>" ;
echo " Email<br> <input type=text value='$result->user_email' size=40 name=user_email ><br>" ;
echo "<br><input type=submit value='Save'>";
}
// End of UserProperities
?>
I have news PHP script that allow the admin and the users to add news
what I want is to add an attachment ability for them so they can attach doc files with the news then a link appears to download thet file
this is the main code file
<?
require ("global.php");
if ($HTTP_COOKIE_VARS["cookie_login"] !="log"){
logintoadmin();
exit();
}
//Find Author Name
function FindAuthorName($author_id) {
global $users_table ;
dbconnect();
$users_result = mysql_query("SELECT user_name FROM $users_table WHERE user_id='$author_id'");
$users_row = mysql_fetch_object($users_result);
return ($users_row->user_name);
}
//End of Find Author Name
//Start of Login TO Admin
function logintoadmin() {
printf("<form method=post action=\"rlogon.php\">
<p>User name <input type=text style=\"font-family: Tahoma\" size=20 name=user_name>
<br><br>Password <input type=password style=\"font-family: Tahoma\" size=20 name=user_pass></p><p><input type=submit value=\"login\"></form></p>");
}
// End of Login To Admin
function GenerateMainForm(){
global $HTTP_COOKIE_VARS ;
echo "<form method=post action='admin.php'>" ;
echo "<br><b>Select from the options </b><br><br>";
echo "<input type=submit name=choice value='Add news'><br>";
echo "<input type=submit name=choice value='View my news list'><br>";
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
echo "<input type=submit name=choice value='Add user'><br>";
echo "<input type=submit name=choice value='List users'><br>";
}
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 0) {
echo "<input type=submit name=choice value='User options'><br>";
}
echo "<br><br><br><br><br>";
}
// Start of Generate News List
function GenerateNewsList() {
global $news_table ,$users_table ,$HTTP_COOKIE_VARS;
dbconnect();
//When Admin Want to view News ...
// He Can Delet - Modify His News And Other News
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
$news_result = mysql_query("SELECT news_id , news_title ,news_author FROM $news_table ORDER BY news_id DESC");
echo "<br><br><br><table border=1 width=\80%\" bordercolor=#FFFFFF height=2>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center><font color=#FFFFFF>The latest news list</tr>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=##800000 width=63><td><font size=1 face=Tahoma color=#FFFFFF></b><b>News number</b></td>" ;
echo "<td bgcolor=#800000 width=200><font size=1 face=Tahoma color=#FFFFFF><b>News Subject </b></td>" ;
echo "<td bgcolor=#800000 width=63><font size=1 face=Tahoma color=#FFFFFF><b>News author </b></td>" ;
while ($news_row = mysql_fetch_object($news_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=20><font size=1 face=Tahoma>".$news_row->news_id."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=200><font size=1 face=Tahoma>".$news_row->news_title."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF><font size=1 face=Tahoma>".FindAuthorName($news_row->news_author)."</font></td>" ;
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=del&id=%s\">Delete news</a></font></td>",$news_row->news_id);
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=modify&id=%s\">Edit news</a></font></td>",$news_row->news_id);
} //End While
echo "</table>" ;
} // End Admin News Section
// When User want to View News ..
// He can only View His News and Modify - Delete it
else if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 0) {
$author_id = $HTTP_COOKIE_VARS["cookie_user_id"] ;
$news_result = mysql_query("SELECT news_id , news_title ,news_author FROM $news_table WHERE news_author ='$author_id' ORDER BY news_id DESC");
echo "<br><br><br><table border=1 width=\80%\" bordercolor=#FFFFFF height=2>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center> <font color=#FFFFFF>The latest news list (".FindAuthorName($author_id).")</tr>";
echo "<tr bordercolor=#C0C0C0 bgcolor=##800000 width=63><td><font size=1 face=Tahoma color=#FFFFFF></b><b>News number</b></td>";
echo "<td bgcolor=#800000 width=200><font size=1 face=Tahoma color=#FFFFFF><b>News Subject </b></td>";
echo "<td bgcolor=#800000 width=63><font size=1 face=Tahoma color=#FFFFFF><b>News author </b></td>";
while ($news_row = mysql_fetch_object($news_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=20><font size=1 face=Tahoma>".$news_row->news_id."</font></td>" ;
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF width=200><font size=1 face=Tahoma>".$news_row->news_title."</font></td>";
echo "<td bordercolor=#C0C0C0 bgcolor=#FFFFFF><font size=1 face=Tahoma>".FindAuthorName($news_row->news_author)."</font></td>";
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=del&id=%s\">Delete news</a></font></td>",$news_row->news_id);
printf ("<td bordercolor=#C0C0C0 bgcolor=#CCCCCC width=20><font size=1 face=Tahoma><a href=\"news.php?process=modify&id=%s\">Edit News</a></font></td>",$news_row->news_id);
} //End While
echo "</table>" ;
} // End of Users News Section
}
// End of GenerateNewsList
// Start of Add News
function AddNews(){
global $HTTP_COOKIE_VARS ;
echo " <form method=post action=addnews.php>" ;
echo " <br><b>Add New News </b><br><br>";
echo " <input type=hidden value='True' name=add>";
echo " News subject <input type= text size=50 name=news_title ><br>" ;
echo " News author ".$HTTP_COOKIE_VARS["cookie_user_name"] ;
printf (" <input type=hidden value='%s' name=news_author><br>",$HTTP_COOKIE_VARS["cookie_user_id"]);
echo " News Body<br><textarea cols=50 rows=6 name=news_body> </textarea><br>" ;
echo " Ready <input type=radio value='1' name=news_status checked>
<br><br> " ;
echo "<li>The news date will be added automatically</li><br>";
echo "<li> You can use HTML in the news </li><br>";
echo "<li> For example write the news in front page and add it here</li><br>";
echo "<input type=submit value='Save'>";
}
//End of Add News
//Start Of Add User
//This Section For Admin Only .. He can Add New Users And Change There Properities ..
function AddnewUser() {
global $HTTP_COOKIE_VARS ;
echo "<form method=post action='adduser.php'>" ;
echo " <br><b> Add new user </b><br><br>";
echo " <input type=hidden value='True' name=add>";
echo " User name <input type=text size=70 name=user_name ><br>" ;
echo " Password <input type= text size=70 name=user_password ><br>" ;
echo " Email <input type= text size=70 name=user_email ><br>" ;
echo "<br><input type=submit value='Save'>";
}
//End of Add User
//Start of GenerateUsersList
function GenerateUsersList() {
global $HTTP_COOKIE_VARS , $users_table ;
dbconnect();
if ($HTTP_COOKIE_VARS["cookie_user_admin"] == 1) {
$users_result = mysql_query("SELECT user_id , user_name FROM $users_table ORDER BY user_id");
echo "<br><br><br><table border=1 width=300 bordercolor=#FFFFFF>" ;
echo "<tr bordercolor=#C0C0C0 bgcolor=#800000 colspan=2 align=center> <font color=#FFFFFF>Users list </tr>";
while ($users_row = mysql_fetch_object($users_result) ) {
echo "<tr>";
echo "<td bordercolor=#C0C0C0>".$users_row->user_id."</td>" ;
echo "<td bordercolor=#C0C0C0>".$users_row->user_name."</td>";
printf ("<td bordercolor=#C0C0C0><a href=\"users.php?process=del&id=%s\">Delete User</a></td>",$users_row->user_id);
printf ("<td bordercolor=#C0C0C0><a href=\"users.php?process=modify&id=%s\">Edit User</a></td>",$users_row->user_id);
} //End While
echo "</table>" ;
echo "<br><font color=800000><li>If you delete any user then all his news will be deleted also</li><br>";
}
}
// End of GenerateUsersList
// Start of UserProperities
function UserProperities() {
global $HTTP_COOKIE_VARS , $users_table ;
dbconnect();
$author_id = $HTTP_COOKIE_VARS["cookie_user_id"];
$user_result = mysql_query("SELECT * FROM $users_table WHERE user_id = '$author_id'");
$result = mysql_fetch_object($user_result);
echo "<form method=post action='changeuser.php'>" ;
echo " <br><b>Modify your profile</b><br><br>";
echo " User name<br> <input type=text value='$result->user_name' size=40 name=user_name ><br>" ;
echo " Passeord<br> <input type= text value='$result->user_password' size=40 name=user_password ><br>" ;
echo " Email<br> <input type=text value='$result->user_email' size=40 name=user_email ><br>" ;
echo "<br><input type=submit value='Save'>";
}
// End of UserProperities
?>