Hello,
I've been using this code for years with a MySQL 4.0 db, but my site host has switched to 5.0. Bascially, the page is a content managment admin that lists a bunch of articles, as wel as allowing you to add articles using a form. Also, it lets you edit existing articles.
The page does not work properly since the changeover. It still aloows me to add articles, but when I edit it, instead of editing an existing record, it adds another record.
Here is the page code, can anyone tell me what I need to change? I'm not a very experienced PHP coder, i basically just use snippets and manipulate them.
thanks!
<?include ("admin_head.php"); ?>
<title>News Admin</title>
<font class="textheader">News Administrator</font><br>
<img src="/images/spacer_1x1.gif" width="1" height="30"><br>
<?php
//these lines not needed on live server
$delete = ($HTTP_GET_VARS['delete']);
$submit = ($HTTP_POST_VARS['submit']);
$title = ($HTTP_POST_VARS['title']);
$article = ($HTTP_POST_VARS['article']);
$status = ($HTTP_POST_VARS['status']);
$description = ($HTTP_POST_VARS['description']);
$date = ($HTTP_GET_VARS['date']);
$order_date = ($HTTP_GET_VARS['order_date']);
$news_id = ($HTTP_GET_VARS['news_id']);
$feature_status = ($HTTP_GET_VARS['feature_status']);
$PHP_SELF = ($_SERVER["PHP_SELF"]);
include ("../../../secure/movement_conf.php");
$db = mysql_connect ($sql_host, $sql_user, $sql_pass);
mysql_select_db("toneypar_movement",$db);
if ($submit) {
// here if no ID then adding else we're editing
if ($news_id) {
$sql = "UPDATE news SET title='$title',article='$article',status='$status',description='$description',feature_status='$feature_status',feature_id='$feature_id' WHERE news_id=$news_id";
} else {
$date = date('Y-m-d h:m');
$order_date = $date;
$sql = "INSERT INTO news (date,order_date,title,article,status,description,feature_status,feature_id) VALUES ('$date','$order_date','$title','$article','$status','$description','$feature_status','$feature_id')";
}
// run SQL against the DB
$result = mysql_query($sql);
echo "Record updated/edited!<p>";
echo "<a class=\"link11b\" href=\"$PHP_SELF\">ADD A RECORD/BACK TO LIST</a></P>";
} elseif ($delete) {
// delete a record
$sql = "DELETE FROM news WHERE news_id=$news_id";
$result = mysql_query($sql);
echo "Record deleted!<p>";
echo "<a class=\"link11b\" href=\"$PHP_SELF\">ADD A RECORD/BACK TO LIST</a></P>";
} else {
// this part happens if we don't press submit
if (!$news_id) {
// print the list if there is not editing
$result = mysql_query("SELECT DATE_FORMAT(date, '%m.%d.%Y') AS date,order_date,news_id,title,status FROM news ORDER BY order_date DESC",$db);
?>
<table border="0" cellpadding="5" cellspacing="1">
<tr>
<td class="tableHead">
<b>Date</b><br>
</td>
<td class="tableHead">
<b>Title</b><br>
</td>
<td class="tableHead">
<b>Status</b><br>
</td>
<td class="tableHead">
<b>Delete</b><br>
</td>
</tr>
<?
while ($myrow = mysql_fetch_array($result)) {?>
<tr>
<td class="side_bar">
<? print $myrow["date"]?><br>
</td>
<td class="side_bar">
<a href="<?$PHP_SELF?>?news_id=<? print $myrow["news_id"]?>"><? print $myrow["title"]?></a><br>
</td>
<td class="side_bar">
<? print $myrow["status"]?>
</td>
<td class="side_bar">
<a href="<?$PHP_SELF?>?news_id=<? print $myrow["news_id"]?>&delete=yes">DELETE</a><br>
</td>
</tr>
<? } ?>
</table>
<? } ?>
<form name="vbform" method="post" action="<?php echo $PHP_SELF?>">
<?php
if ($news_id) {
// editing so select a record
$sql = "SELECT * FROM news WHERE news_id=$news_id";
$result = mysql_query($sql);
$myrow = mysql_fetch_array($result);
$news_id = $myrow["news_id"];
$date = $myrow["date"];
$title = $myrow["title"];
$article = $myrow["article"];
$description = $myrow["description"];
$status = $myrow["status"];
$feature_status = $myrow["feature_status"];
$feature_id = $myrow["feature_id"];
// print the id for editing
?>
<input type=hidden name="news_id" value="<?php echo $news_id ?>">
<? } ?>
Title/Headline:<br>
<input size="80" type="Text" name="title" value="<?php echo htmlspecialchars($title) ?>"><br>
<br>
Short Description<br>
(one-sentence summary of the entry, to be displayed in the past news list):<br>
<input size="80" type="Text" name="description" value="<?php echo htmlspecialchars($description) ?>"><br>
<br>
Enter/Edit Article:<br>
<?include ("FCKeditor/fckeditor.php");
$oFCKeditor = new FCKeditor('article') ;
$oFCKeditor->ToolbarSet = 'News' ;
$oFCKeditor->BasePath = '/movement/m_admin/FCKeditor/';
$oFCKeditor->Width = '500' ;
$oFCKeditor->Height = '400' ;
$oFCKeditor->Value = $article ;
$oFCKeditor->Create() ;
?><br>
Do you want to feature a promo with this blog entry?<br></font>
<select name="feature_status" size="1">
<? if ($feature_status == yes) { ?>
<option value="no">No</option>
<option value="yes" SELECTED>Yes</option>
<?} else {?>
<option value="no" SELECTED>No</option>
<option value="yes">Yes</option>
<?}?>
</select>
<br><br>
If yes, which promo?<br></font>
<select name="feature_id" size="1">
<? if ($feature_id != "") {
$result = mysql_query("SELECT f_id,title FROM feature WHERE f_id=$feature_id",$db);
if ($myrow = mysql_fetch_array($result)) {?>
<option value="<?php print $myrow["f_id"]?>" SELECTED><?php print $myrow["title"]?></option>
<? } else {
echo "Sorry, no records were found!";
}?>
<?}?>
<option disabled>-------</option>
<?php $result = mysql_query("SELECT f_id,title FROM feature WHERE status='active'",$db);
if ($myrow = mysql_fetch_array($result)) {
do { ?>
<option value="<?php print $myrow["f_id"]?>"><?php print $myrow["title"]?></option>
<?php } while ($myrow = mysql_fetch_array($result));?>
<? } else {
echo "Sorry, no records were found!";
}?>
</select>
<br><br>
Status:<br>
<select name="status" size="1">
<? if ($status == inactive) { ?>
<option value="active">Active</option>
<option value="inactive" SELECTED>Inactive</option>
<?} else {?>
<option value="active" SELECTED>Active</option>
<option value="inactive">Inactive</option>
<?}?>
</select>
<br>
<input type="Submit" name="submit" value="Enter information">
<br><br>
</form>
<? } ?>
<?include ("admin_foot.php"); ?>