Permalink
Browse files

first push

  • Loading branch information...
1 parent 3f5dc45 commit dd753326314866015effa5720fd76d0ee25f3856 Ri Caragol committed Dec 25, 2012
Showing with 754 additions and 0 deletions.
  1. +30 −0 content.php
  2. +47 −0 create_subject.php
  3. +36 −0 delete_page.php
  4. +30 −0 delete_subject.php
  5. +84 −0 edit_page.php
  6. +130 −0 edit_subject.php
  7. +23 −0 index.php
  8. +93 −0 login.php
  9. +21 −0 logout.php
  10. +84 −0 new_page.php
  11. +43 −0 new_subject.php
  12. +77 −0 new_user.php
  13. +35 −0 page_form.php
  14. +21 −0 staff.php
View
@@ -0,0 +1,30 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php find_selected_page(); ?>
+<?php include("includes/header.php"); ?>
+<table id="structure">
+ <tr>
+ <td id="navigation">
+ <?php echo navigation($sel_subject, $sel_page); ?>
+ <br />
+ <a href="new_subject.php">+ Add a new subject</a>
+ </td>
+ <td id="page">
+ <?php if (!is_null($sel_subject)) { // subject selected ?>
+ <h2><?php echo $sel_subject['menu_name']; ?></h2>
+ <?php } elseif (!is_null($sel_page)) { // page selected ?>
+ <h2><?php echo $sel_page['menu_name']; ?></h2>
+ <div class="page-content">
+ <?php echo $sel_page['content']; ?>
+ </div>
+ <br />
+ <a href="edit_page.php?page=<?php echo urlencode($sel_page['id']); ?>">Edit page</a>
+ <?php } else { // nothing selected ?>
+ <h2>Select a subject or page to edit</h2>
+ <?php } ?>
+ </td>
+ </tr>
+</table>
+<?php require("includes/footer.php"); ?>
View
@@ -0,0 +1,47 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php
+ $errors = array();
+
+ // Form Validation
+ $required_fields = array('menu_name', 'position', 'visible');
+ foreach($required_fields as $fieldname) {
+ if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && $_POST[$fieldname] != 0)) {
+ $errors[] = $fieldname;
+ }
+ }
+
+ $fields_with_lengths = array('menu_name' => 30);
+ foreach($fields_with_lengths as $fieldname => $maxlength ) {
+ if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; }
+ }
+
+ if (!empty($errors)) {
+ redirect_to("new_subject.php");
+ }
+?>
+<?php
+ $menu_name = mysql_prep($_POST['menu_name']);
+ $position = mysql_prep($_POST['position']);
+ $visible = mysql_prep($_POST['visible']);
+?>
+<?php
+ $query = "INSERT INTO subjects (
+ menu_name, position, visible
+ ) VALUES (
+ '{$menu_name}', {$position}, {$visible}
+ )";
+ $result = mysql_query($query, $connection);
+ if ($result) {
+ // Success!
+ redirect_to("content.php");
+ } else {
+ // Display error message.
+ echo "<p>Subject creation failed.</p>";
+ echo "<p>" . mysql_error() . "</p>";
+ }
+?>
+
+<?php mysql_close($connection); ?>
View
@@ -0,0 +1,36 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php
+ // make sure the subject id sent is an integer
+ if (intval($_GET['page']) == 0) {
+ redirect_to('content.php');
+ }
+
+ $id = mysql_prep($_GET['page']);
+ // make sure the page exists (not strictly necessary)
+ // it gives some extra security and allows use of
+ // the page's subject_id for the redirect
+ if ($page = get_page_by_id($id)) {
+ // LIMIT 1 isn't necessary but is a good fail safe
+ $query = "DELETE FROM pages WHERE id = {$page['id']} LIMIT 1";
+ $result = mysql_query ($query);
+ if (mysql_affected_rows() == 1) {
+ // Successfully deleted
+ redirect_to("edit_subject.php?subj={$page['subject_id']}");
+ } else {
+ // Deletion failed
+ echo "<p>Page deletion failed.</p>";
+ echo "<p>" . mysql_error() . "</p>";
+ echo "<a href=\"content.php\">Return to Main Site</a>";
+ }
+ } else {
+ // page didn't exist, deletion was not attempted
+ redirect_to('content.php');
+ }
+?>
+<?php
+// because this file didn't include footer.php we need to add this manually
+mysql_close($db);
+?>
View
@@ -0,0 +1,30 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php
+ if (intval($_GET['subj']) == 0) {
+ redirect_to("content.php");
+ }
+
+ $id = mysql_prep($_GET['subj']);
+
+ if ($subject = get_subject_by_id($id)) {
+
+ $query = "DELETE FROM subjects WHERE id = {$id} LIMIT 1";
+ $result = mysql_query($query, $connection);
+ if (mysql_affected_rows() == 1) {
+ redirect_to("content.php");
+ } else {
+ // Deletion Failed
+ echo "<p>Subject deletion failed.</p>";
+ echo "<p>" . mysql_error() . "</p>";
+ echo "<a href=\"content.php\">Return to Main Page</a>";
+ }
+ } else {
+ // subject didn't exist in database
+ redirect_to("content.php");
+ }
+?>
+
+<?php mysql_close($connection); ?>
View
@@ -0,0 +1,84 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php
+ // make sure the subject id sent is an integer
+ if (intval($_GET['page']) == 0) {
+ redirect_to('content.php');
+ }
+
+ include_once("includes/form_functions.php");
+
+ // START FORM PROCESSING
+ // only execute the form processing if the form has been submitted
+ if (isset($_POST['submit'])) {
+ // initialize an array to hold our errors
+ $errors = array();
+
+ // perform validations on the form data
+ $required_fields = array('menu_name', 'position', 'visible', 'content');
+ $errors = array_merge($errors, check_required_fields($required_fields));
+
+ $fields_with_lengths = array('menu_name' => 30);
+ $errors = array_merge($errors, check_max_field_lengths($fields_with_lengths));
+
+ // clean up the form data before putting it in the database
+ $id = mysql_prep($_GET['page']);
+ $menu_name = trim(mysql_prep($_POST['menu_name']));
+ $position = mysql_prep($_POST['position']);
+ $visible = mysql_prep($_POST['visible']);
+ $content = mysql_prep($_POST['content']);
+
+ // Database submission only proceeds if there were NO errors.
+ if (empty($errors)) {
+ $query = "UPDATE pages SET
+ menu_name = '{$menu_name}',
+ position = {$position},
+ visible = {$visible},
+ content = '{$content}'
+ WHERE id = {$id}";
+ $result = mysql_query($query);
+ // test to see if the update occurred
+ if (mysql_affected_rows() == 1) {
+ // Success!
+ $message = "The page was successfully updated.";
+ } else {
+ $message = "The page could not be updated.";
+ $message .= "<br />" . mysql_error();
+ }
+ } else {
+ if (count($errors) == 1) {
+ $message = "There was 1 error in the form.";
+ } else {
+ $message = "There were " . count($errors) . " errors in the form.";
+ }
+ }
+ // END FORM PROCESSING
+ }
+?>
+<?php find_selected_page(); ?>
+<?php include("includes/header.php"); ?>
+<table id="structure">
+ <tr>
+ <td id="navigation">
+ <?php echo navigation($sel_subject, $sel_page); ?>
+ <br />
+ <a href="new_subject.php">+ Add a new subject</a>
+ </td>
+ <td id="page">
+ <h2>Edit page: <?php echo $sel_page['menu_name']; ?></h2>
+ <?php if (!empty($message)) {echo "<p class=\"message\">" . $message . "</p>";} ?>
+ <?php if (!empty($errors)) { display_errors($errors); } ?>
+
+ <form action="edit_page.php?page=<?php echo $sel_page['id']; ?>" method="post">
+ <?php include "page_form.php" ?>
+ <input type="submit" name="submit" value="Update Page" />&nbsp;&nbsp;
+ <a href="delete_page.php?page=<?php echo $sel_page['id']; ?>" onclick="return confirm('Are you sure you want to delete this page?');">Delete page</a>
+ </form>
+ <br />
+ <a href="content.php?page=<?php echo $sel_page['id']; ?>">Cancel</a><br />
+ </td>
+ </tr>
+</table>
+<?php include("includes/footer.php"); ?>
View
@@ -0,0 +1,130 @@
+<?php require_once("includes/session.php"); ?>
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+<?php confirm_logged_in(); ?>
+<?php
+ if (intval($_GET['subj']) == 0) {
+ redirect_to("content.php");
+ }
+ if (isset($_POST['submit'])) {
+ $errors = array();
+
+ $required_fields = array('menu_name', 'position', 'visible');
+ foreach($required_fields as $fieldname) {
+ if (!isset($_POST[$fieldname]) || (empty($_POST[$fieldname]) && !is_numeric($_POST[$fieldname]))) {
+ $errors[] = $fieldname;
+ }
+ }
+ $fields_with_lengths = array('menu_name' => 30);
+ foreach($fields_with_lengths as $fieldname => $maxlength ) {
+ if (strlen(trim(mysql_prep($_POST[$fieldname]))) > $maxlength) { $errors[] = $fieldname; }
+ }
+
+ if (empty($errors)) {
+ // Perform Update
+ $id = mysql_prep($_GET['subj']);
+ $menu_name = mysql_prep($_POST['menu_name']);
+ $position = mysql_prep($_POST['position']);
+ $visible = mysql_prep($_POST['visible']);
+
+ $query = "UPDATE subjects SET
+ menu_name = '{$menu_name}',
+ position = {$position},
+ visible = {$visible}
+ WHERE id = {$id}";
+ $result = mysql_query($query, $connection);
+ if (mysql_affected_rows() == 1) {
+ // Success
+ $message = "The subject was successfully updated.";
+ } else {
+ // Failed
+ $message = "The subject update failed.";
+ $message .= "<br />". mysql_error();
+ }
+
+ } else {
+ // Errors occurred
+ $message = "There were " . count($errors) . " errors in the form.";
+ }
+
+
+
+
+ } // end: if (isset($_POST['submit']))
+?>
+<?php find_selected_page(); ?>
+<?php include("includes/header.php"); ?>
+<table id="structure">
+ <tr>
+ <td id="navigation">
+ <?php echo navigation($sel_subject, $sel_page); ?>
+ </td>
+ <td id="page">
+ <h2>Edit Subject: <?php echo $sel_subject['menu_name']; ?></h2>
+ <?php if (!empty($message)) {
+ echo "<p class=\"message\">" . $message . "</p>";
+ } ?>
+ <?php
+ // output a list of the fields that had errors
+ if (!empty($errors)) {
+ echo "<p class=\"errors\">";
+ echo "Please review the following fields:<br />";
+ foreach($errors as $error) {
+ echo " - " . $error . "<br />";
+ }
+ echo "</p>";
+ }
+ ?>
+ <form action="edit_subject.php?subj=<?php echo urlencode($sel_subject['id']); ?>" method="post">
+ <p>Subject name:
+ <input type="text" name="menu_name" value="<?php echo $sel_subject['menu_name']; ?>" id="menu_name" />
+ </p>
+ <p>Position:
+ <select name="position">
+ <?php
+ $subject_set = get_all_subjects();
+ $subject_count = mysql_num_rows($subject_set);
+ // $subject_count + 1 b/c we are adding a subject
+ for($count=1; $count <= $subject_count+1; $count++) {
+ echo "<option value=\"{$count}\"";
+ if ($sel_subject['position'] == $count) {
+ echo " selected";
+ }
+ echo ">{$count}</option>";
+ }
+ ?>
+ </select>
+ </p>
+ <p>Visible:
+ <input type="radio" name="visible" value="0"<?php
+ if ($sel_subject['visible'] == 0) { echo " checked"; }
+ ?> /> No
+ &nbsp;
+ <input type="radio" name="visible" value="1"<?php
+ if ($sel_subject['visible'] == 1) { echo " checked"; }
+ ?> /> Yes
+ </p>
+ <input type="submit" name="submit" value="Edit Subject" />
+ &nbsp;&nbsp;
+ <a href="delete_subject.php?subj=<?php echo urlencode($sel_subject['id']); ?>" onclick="return confirm('Are you sure?');">Delete Subject</a>
+ </form>
+ <br />
+ <a href="content.php">Cancel</a>
+ <div style="margin-top: 2em; border-top: 1px solid #000000;">
+ <h3>Pages in this subject:</h3>
+ <ul>
+<?php
+ $subject_pages = get_pages_for_subject($sel_subject['id']);
+ while($page = mysql_fetch_array($subject_pages)) {
+ echo "<li><a href=\"content.php?page={$page['id']}\">
+ {$page['menu_name']}</a></li>";
+ }
+?>
+ </ul>
+ <br />
+ + <a href="new_page.php?subj=<?php echo $sel_subject['id']; ?>">Add a new page to this subject</a>
+ </div>
+ </td>
+ </tr>
+</table>
+<?php require("includes/footer.php"); ?>
View
@@ -0,0 +1,23 @@
+<?php require_once("includes/connection.php"); ?>
+<?php require_once("includes/functions.php"); ?>
+
+<?php find_selected_page(); ?>
+<?php include("includes/header.php"); ?>
+<table id="structure">
+ <tr>
+ <td id="navigation">
+ <?php echo public_navigation($sel_subject, $sel_page); ?>
+ </td>
+ <td id="page">
+ <?php if ($sel_page) { ?>
+ <h2><?php echo htmlentities($sel_page['menu_name']); ?></h2>
+ <div class="page-content">
+ <?php echo strip_tags(nl2br($sel_page['content']), "<b><br><p><a>"); ?>
+ </div>
+ <?php } else { ?>
+ <h2>Welcome to Widget Corp</h2>
+ <?php } ?>
+ </td>
+ </tr>
+</table>
+<?php include("includes/footer.php"); ?>
Oops, something went wrong.

0 comments on commit dd75332

Please sign in to comment.