Project

General

Profile

1 2 Manuela
<?php
2
/**
3
 *
4
 * @category        modules
5
 * @package         news
6
 * @author          WebsiteBaker Project
7
 * @copyright       Ryan Djurovich
8
 * @copyright       WebsiteBaker Org. e.V.
9
 * @link            http://websitebaker.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.3
12
 * @requirements    PHP 5.3.6 and higher
13
 * @version         $Id$
14
 * @filesource      $HeadURL$
15
 * @lastmodified    $Date$
16
 *
17
 */
18
19
if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }
20
// suppress to print the header, so no new FTAN will be set
21
$admin_header = false;
22
// Tells script to update when this page was last updated
23
$update_when_modified = false;
24
// show the info banner
25
//$print_info_banner = true;
26
// Include WB admin wrapper script
27
require(WB_PATH.'/modules/admin.php');
28
29
if(!$admin->checkFTAN('GET')) {
30
    $admin->print_header();
31
    $admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
32
}
33
34
// After check print the header
35
$admin->print_header();
36
37
// Include the ordering class
38
require(WB_PATH.'/framework/class.order.php');
39
// Get new order
40
$order = new order(TABLE_PREFIX.'mod_news_posts', 'position', 'post_id', 'section_id');
41
$position = $order->get_new($section_id);
42
43
// Get default commenting
44
$sql = 'SELECT `commenting` FROM `'.TABLE_PREFIX.'mod_news_settings` '
45
     . 'WHERE `section_id`='.(int)$section_id;
46
$commenting = $database->get_one($sql);
47
$now = time();
48
$sUrl = WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.'&section_id='.$section_id.'&post_id=';
49
$sql  = 'INSERT INTO `'.TABLE_PREFIX.'mod_news_posts` SET '
50
      . '`section_id`='.$database->escapeString($section_id).', '
51
      . '`page_id`='.$database->escapeString($page_id).', '
52
      . '`position`='.$database->escapeString($position).', '
53
      . '`active`=1, '
54
      . '`title`=\'\', '
55
      . '`link`=\'\', '
56
      . '`content_short`=\'\', '
57
      . '`content_long`=\'\', '
58
      . '`commenting`=\''.$database->escapeString($commenting).'\', '
59
      . '`created_when`='.$now.', '
60
      . '`created_by`='.$admin->get_user_id().', '
61
      . '`published_when` ='.$now.', '
62
      . '`published_until` =0, '
63
      . '`posted_when` ='.$now.', '
64
      . '`posted_by` ='.$admin->get_user_id().'';
65
66
if (($database->query($sql))) {
67
    $post_id = $admin->getIDKEY($database->getLastInsertId());
68
    $admin->print_success($TEXT['SUCCESS'], $sUrl.$post_id);
69
} else {
70
    $post_id = $admin->getIDKEY(0);
71
    $admin->print_error($database->get_error(), $sUrl.$post_id);
72
}
73
$admin->print_footer();