Context Navigation

source: trunk/admin/modules/Elezioni/ele_come.php@ 23

Last change on this file since 23 was 23, checked in by roby, 14 years ago
Gestione charset con query mysql e sostituzione funzioni ereg
File size: 8.9 KB

Line
1	<?php
2	/************************************************************************/
3	/* Eleonline - Raccolta e diffusione dei dati elettorali */
4	/* by Roberto Gigli & Luciano Apolito */
5	/* http://www.eleonline.it */
6	/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7	/************************************************************************/
8	/* Modulo Come si vota, servizi, numeri e link */
9	/* Amministrazione */
10	/************************************************************************/
11
12
13	if (!defined('ADMIN_FILE')) {
14	die ("You can't access this file directly...");
15	}
16
17	$aid=$_SESSION['aid'];
18	$dbi=$_SESSION['dbi'];
19	$prefix=$_SESSION['prefix'];
20	$currentlang=$_SESSION['lang'];
21	$id_comune=$_SESSION['id_comune'];
22	$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
23	$id_cons_gen=$param['id_cons_gen'];
24	$perms=ChiSei(0);
25
26
27	if (isset($param['add_title'])) get_magic_quotes_gpc() ? $add_title=$param['add_title']:$add_title=addslashes($param['add_title']); else $add_title='';
28	if (isset($param['add_preamble'])) get_magic_quotes_gpc() ? $add_preamble=$param['add_preamble']:$add_preamble=addslashes($param['add_preamble']); else $add_preamble='';
29	if (isset($param['add_content'])) get_magic_quotes_gpc() ? $add_content=$param['add_content']:$add_content=addslashes($param['add_content']); else $add_content='';
30	if (isset($param['vai'])) get_magic_quotes_gpc() ? $vai=$param['vai']:$vai=addslashes($param['vai']); else $vai='come';
31	if (isset($param['mid'])) get_magic_quotes_gpc() ? $mid=$param['mid']:$mid=addslashes($param['mid']); else $mid='';
32	if (isset($param['ok'])) get_magic_quotes_gpc() ? $ok=$param['ok']:$ok=addslashes($param['ok']); else $ok='';
33	if (isset($param['op'])) get_magic_quotes_gpc() ? $op=$param['op']:$op=addslashes($param['op']); else $op='come';
34	$tab='_ele_'.$op;
35
36	/*********************************************************/
37	/* come Functions */
38	/*********************************************************/
39	$sql="SELECT t1.descrizione,t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune'";
40	$res = mysql_query("$sql", $dbi);
41	list($descr_cons,$tipo_cons,$id_cons) = mysql_fetch_row($res);
42
43	include("modules/Elezioni/ele.php");
44	include("inc/funzioni.php");
45
46	function come() {
47	global $admin, $bgcolor1, $bgcolor2, $prefix, $dbi, $id_cons, $tipo_cons, $id_cons,$id_cons_gen, $editimage1,
48	$add_content, $add_preamble, $add_title, $vai,$mid,$tab,$op,$editor;
49
50	if ($tab=='_ele_come') echo "<center><font class=\"title\"><b>"._ADMINCOME."</b></font></center><br>";
51	elseif ($tab=='_ele_numeri') echo "<center><font class=\"title\"><b>"._ADMINNUMERI."</b></font></center><br>";
52	elseif ($tab=='_ele_servizi') echo "<center><font class=\"title\"><b>"._ADMINSERVIZI."</b></font></center><br>";
53	elseif ($tab=='_ele_link') echo "<center><font class=\"title\"><b>"._ADMINLINK."</b></font></center><br>";
54
55	echo "<br>";
56
57
58	echo "<center><font class=\"title\"><b>"._ALLCOME."</b></font><br><br><table border=\"0\" width=\"70%\" >"
59	."<td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._TITOLO."</b></td>"
60	."<td bgcolor=\"$bgcolor1\" align=\"center\"> <b>"._FUNZIONI."</b> </td></tr>";
61	$result = mysql_query("select mid, title,preamble, content, editimage from ".$prefix.$tab." where id_cons='$id_cons'", $dbi);
62	while(list($mid2, $title, $preamble, $content, $editimage) = mysql_fetch_row($result)) {
63
64	echo "<tr>"
65	."<td align=\"center\" width=\"100%\">$title</td>"
66	."<td align=\"right\" nowrap bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=$op&vai=editedit&mid=$mid2&id_cons_gen=$id_cons_gen\">
67	<img src=\"modules/Elezioni/images/edit.gif\" border=\"0\" align=\"middle\"> "._EDIT."</a> -
68	<a href=\"admin.php?op=$op&vai=deleteedit&mid=$mid2&id_cons_gen=$id_cons_gen\">"._DELETE."
69	<img src=\"modules/Elezioni/images/delete.gif\" border=\"0\" align=\"middle\"></a>"
70	."</td></tr>";
71
72	}
73	echo "</table><br>";
74	echo "<table border=\"0\" width=\"70%\"><tr><td>";
75	echo "<br>";
76	if($vai=='editedit'){
77	$result = mysql_query("select title, preamble,content, editimage from ".$prefix.$tab." WHERE mid='$mid' AND id_cons='$id_cons'", $dbi);
78	list($add_title,$add_preamble, $add_content, $editimage) = mysql_fetch_row($result);
79	}
80	//25.05.2009
81	$sql="SELECT editor,ed_user FROM ".$prefix."_config";
82	$res = mysql_query("$sql", $dbi);
83	list($editor,$ed_user) = mysql_fetch_row($res);
84	//
85
86	echo "<center><font class=\"title\"><b>"._ADDCOME."</b></font></center><br>";
87	echo "<form action=\"admin.php\" method=\"post\">";
88	echo "<br><b><h6>"._TITOLO.":</b><br>
89	<input class=\"modulo\" type=\"text\" name=\"add_title\" value=\"$add_title\" size=\"50\" maxlength=\"100\"><br><br>";
90	if ($op=="link"){
91	if ($add_preamble=='')$add_preamble="http://";
92	echo "<b>"._LINK.":</b><br>"
93	."<input class=\"modulo\" name=\"add_preamble\" size=\"50\" value=\"$add_preamble\"><br><br><b>";
94	}else{
95	echo "<b>"._PREAMBOLO.":</b><br>";
96	//25 maggio 2009
97	if ($editor)
98	js_textarea("add_preamble", "$add_preamble", "$ed_user", "80", "10"); // 25 --> 24 maggio 2009 editor'
99	else
100	echo "<textarea class=\"modulo\" name=\"add_preamble\" rows=\"7\" wrap=\"virtual\" cols=\"60\">$add_preamble</textarea><br><br><b>";
101	//
102	echo "<br><br><b>";
103	}
104	if ($op=='come') echo _CONTENUTO;
105	elseif ($op=='numeri') echo _NUMERITEL;
106	elseif ($op=='servizi') echo _DESCRAPP;
107	elseif ($op=='link') echo _DESCRLINK;
108	echo ":</b><br>";
109	//( "._HELPHTML." )<br>";
110	//25 maggio 2009
111
112	if ($editor)
113	js_textarea("add_content", "$add_content", "$ed_user", "80", "20"); // 25 -->24 maggio 2009 editor
114	else
115	echo "<textarea class=\"modulo\" name=\"add_content\" rows=\"15\" wrap=\"virtual\" cols=\"60\">$add_content</textarea><br><br>";
116	//
117	echo "<br/><br/>";
118	echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
119	."<input type=\"hidden\" name=\"mid\" value=\"$mid\">"
120	."<input type=\"hidden\" name=\"tab\" value=\"$tab\">"
121	."<input type=\"hidden\" name=\"op\" value=\"$op\">";
122	if ($vai=='editedit'){
123	echo "<input type=\"hidden\" name=\"vai\" value=\"saveedit\">"
124	."<input class=\"modulo-button\"type=\"submit\" value=\""._OK."\">";
125	}else{
126	echo "<input type=\"hidden\" name=\"vai\" value=\"addedit\">"
127	."<input class=\"modulo-button\" type=\"submit\" value=\""._ADDCOME."\">";
128	}
129
130	echo "</form>";
131	echo "</td></tr></table></center>";
132	echo"</td></tr></table>";
133	include ("footer.php");
134	}
135
136	function saveedit($mid, $title, $preamble, $content) {
137	global $prefix, $dbi,$id_cons,$id_cons_gen,$tab,$op;
138
139	$temp=$title.$preamble.$content;
140	if (preg_match("/script/i",$temp)) die("La parola script e' proibita, devi toglierla dal testo.");
141	$result = mysql_query("update ".$prefix.$tab." set title='$title', preamble='$preamble', content='$content' WHERE mid='$mid' AND id_cons='$id_cons'", $dbi);
142	Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
143	}
144
145	function addedit($add_title, $add_preamble, $add_content) {
146	global $prefix, $dbi,$id_cons, $id_cons_gen,$tab,$op;
147
148	$result = mysql_query("insert into ".$prefix.$tab." (id_cons,title,preamble,content) values ('$id_cons', '$add_title', '$add_preamble','$add_content')", $dbi);
149	if (!$result) {
150	exit();
151	}
152	Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
153	}
154
155
156	function deleteedit($mid, $ok=0) {
157	global $prefix, $dbi, $id_cons,$id_cons_gen,$tab,$op;
158	if($ok) {
159	$result = mysql_query("delete from ".$prefix.$tab." where mid=$mid and id_cons='$id_cons'", $dbi);
160	if (!$result) {
161	return;
162	}
163	Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
164	} else {
165	ele();
166	OpenTable();
167	echo "<center><font size=\"4\"><b>"._ADMINCOME."</b></font></center>";
168	CloseTable();
169	echo "<br>";
170	OpenTable();
171	echo "<center>"._REMOVEINFO."";
172	echo "<br><br>[ <a href=\"admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen\">"._NO."</a> \| <a href=\"admin.php?op=$op&vai=deleteedit&mid=$mid&ok=1&id_cons_gen=$id_cons_gen\">"._YES."</a> ]</center>";
173	CloseTable();
174	echo"</td></tr></table>";
175	include("footer.php");
176	}
177
178
179
180	}
181	switch ($vai){
182
183	// or "come" or "servizi" or "editedit"
184	case "come":
185	ele();
186	come();
187	break;
188	case "editedit":
189	ele();
190	come();
191	break;
192
193	case "saveedit":
194	saveedit($mid, $add_title, $add_preamble,$add_content);
195	break;
196
197	case "numeri":
198	ele();
199	come();
200	break;
201
202	case "servizi":
203	ele();
204	come();
205	break;
206
207	case "link":
208	ele();
209	come();
210	break;
211
212
213
214	case "addedit":
215	addedit($add_title, $add_preamble,$add_content);
216	break;
217
218	case "deleteedit":
219	deleteedit($mid, $ok);
220	break;
221
222
223
224	}
225
226	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: