--- inc/newsEdit.php 2001/09/28 23:34:37 1.10 +++ inc/newsEdit.php 2001/10/12 09:22:02 1.14 @@ -117,11 +117,13 @@ } global $ed_title, $ed_lead, $ed_titlepic_alt, $ed_titlepic_pos, $ed_more, $ed_more_title, - $ed_cat, $ed_author_alt, $ed_author_info; + $ed_cat, $ed_author_alt, $ed_author_info, + $ed_author_ime, $ed_prikazi; $ed_title = MyQuote($ed_title); $ed_lead = MyQuote($ed_lead); $ed_author_nm = urldecode(MyQuote(basename($author_name))); $ed_author_alt = MyQuote($ed_author_alt); + $ed_author_ime = MyQuote($ed_author_ime); $ed_author_info = MyQuote($ed_author_info); $ed_titlepic_nm = urldecode(MyQuote(basename($titlepic_name))); $ed_titlepic_alt = MyQuote($ed_titlepic_alt); @@ -129,11 +131,11 @@ $ed_more_title = MyQuote($ed_more_title); if (!$ed_titlepic_pos) $ed_titlepic_pos = 0; if ($ed_id > 0) { - $sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, author_pic = $ed_author_nm, author_alt = $ed_author_alt, author_info = $ed_author_info, url = $ed_more, url_title = $ed_more_title, plivamed = ".($isMed?"true":"false").", ord = 0, d_change = NOW() WHERE (news_id = $ed_id)"; + $sql = "UPDATE news SET category = '$ed_cat', title = $ed_title, lead = $ed_lead, title_pic = $ed_titlepic_nm, title_alt = $ed_titlepic_alt, title_pos = $ed_titlepic_pos, author_pic = $ed_author_nm, author_alt = $ed_author_alt, author_info = $ed_author_info, author_name = $ed_author_ime, url = $ed_more, url_title = $ed_more_title, plivamed = ".($isMed?"true":"false").", prikazi = ".($ed_prikazi?"true":"false").", ord = 0, d_change = NOW() WHERE (news_id = $ed_id)"; sql($sql); $dbh->dbh_do($sql); } else { - $sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, author_pic, author_alt, author_info, url, url_title, plivamed, d_orig, d_change) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_author_nm, $ed_author_alt, $ed_author_info, $ed_more, $ed_more_title, ".($isMed?"true":"false").", NOW(), NOW())"; + $sql = "INSERT INTO news (category, title, lead, title_pic, title_alt, title_pos, author_pic, author_alt, author_info, author_name, url, url_title, plivamed, prikazi, d_orig, d_change) VALUES ('$ed_cat', $ed_title, $ed_lead, $ed_titlepic_nm, $ed_titlepic_alt, $ed_titlepic_pos, $ed_author_nm, $ed_author_alt, $ed_author_info, $ed_author_ime, $ed_more, $ed_more_title, ".($isMed?"true":"false").", ".($ed_prikazi?"true":"false").", NOW(), NOW())"; sql($sql); $dbh->dbh_do($sql); $sql = "SELECT currval('news_news_id_seq')::text"; @@ -300,7 +302,7 @@ global $ed_id, $ed_title, $ed_lead, $ed_titlepic_pos, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $ed_author_url, $ed_author_alt, - $ed_author_info; + $ed_author_info, $ed_author_ime, $ed_prikazi; global $ed_edit, $ed_preview, $preview, $add; if (!$ed_preview) $ed_preview = ($preview ? true : false); if ($ed_edit) $ed_preview = false; @@ -331,7 +333,8 @@ global $ed_title, $ed_lead, $ed_titlepic_pos, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $ed_author_url, - $ed_author_alt, $ed_author_info; + $ed_author_alt, $ed_author_info, + $ed_author_ime, $ed_prikazi; if (!$HTTP_POST_FILES["ed_titlepic_url"]["name"]) $titlepic_url = ""; if (!$titlepic_url) $titlepic_url = $titlepic_url2; if (!$titlepic_url && !($clear_main || $clr_main)) $titlepic_url = $art["pic_url"]; @@ -379,18 +382,20 @@ if (!$sth->execute()) error("Cannot execute query: \"$sql\""); while ($row = $sth->fetchrow_array()) $ncats[$row[0]] = true; $sth->finish(); - } + } else $art["show"] = true; list($ed_title, $ed_lead, $ed_titlepic_pos, $titlepic_url, $titlepic_url2, $titlepic_name, $ed_titlepic_alt, $ed_cat, $ed_more, $ed_more_title, $width, $height, $author_url, $author_url2, $author_name, - $ed_author_alt, $ed_author_info, $width2, $height2) = - array($art["title"], $art["lead"], $art["pic_pos"], - $art["pic_url"], $art["pic_url"], urldecode($art["pic_url"]), - $art["pic_alt"], $art["category"], $art["more"], - $art["more_title"], $art["pic_w"], $art["pic_h"], + $ed_author_alt, $ed_author_info, $width2, $height2, + $ed_author_ime, $ed_prikazi) = array($art["title"], $art["lead"], + $art["pic_pos"], $art["pic_url"], $art["pic_url"], + urldecode($art["pic_url"]), $art["pic_alt"], $art["category"], + $art["more"], $art["more_title"], $art["pic_w"], $art["pic_h"], $art["au_pic"], $art["au_pic"], urldecode($art["au_pic"]), - $art["au_alt"], $art["au_info"], $art["au_w"], $art["au_h"]); + $art["au_alt"], $art["au_info"], $art["au_w"], $art["au_h"], + $art["au_name"], $art["show"]); + if ($art["text"]) reset($art["text"]); while ($art["text"] && list($id, $val) = each($art["text"])) { array_push($ed_pgfs, array($val["id"], $val["text"], $val["title"], $val["level"], urldecode($val["pic"]), @@ -437,14 +442,14 @@ if (!$name) $name = $picurl; $txt = MyEscape(convert_html($txt), false); $txt2 = ParseNewline($txt, true); - $txt3 = str_replace("&", "&", $txt); + $txt3 = str_replace("&", "&", MyEscape(convert_html($txt), true)); $txt3 = str_replace("\"", """, $txt3); $txt3 = str_replace("<", "<", $txt3); $txt3 = str_replace(">", ">", $txt3); $hl = MyEscape(convert_html($hl), false); $hl2 = ParseNewline($hl, true); if ($hl2) $hl2 = GetHighlight($hl2); - $hl3 = str_replace("&", "&", $hl); + $hl3 = str_replace("&", "&", MyEscape(convert_html($hl), true)); $hl3 = str_replace("\"", """, $hl3); $hl3 = str_replace("<", "<", $hl3); $hl3 = str_replace(">", ">", $hl3); @@ -486,7 +491,8 @@ $tp->assign("ed_preview", $ed_preview); $tp->assign("ed_trigger", $trigger); $tp->assign("ed_title", MyEscape(convert_html($ed_title))); - $tp->assign("ed_lead", MyEscape(convert_html($ed_lead))); + $tp->assign("ed_lead", MyEscape(convert_html($ed_lead), true)); + $tp->assign("ed_lead2", ParseNewline(MyEscape(convert_html($ed_lead), false), false)); $tp->assign("ed_titlepic_pos", $ed_titlepic_pos); $tp->assign("ed_titlepic_url", MyEscape(convert_html($titlepic_url))); $tp->assign("ed_titlepic_url2", MyEscape(convert_html($titlepic_url2))); @@ -499,11 +505,13 @@ $tp->assign("ed_author_name", MyEscape(convert_html($author_name))); $tp->assign("ed_author_alt", MyEscape(convert_html($ed_author_alt))); $tp->assign("ed_author_info", MyEscape(convert_html($ed_author_info))); + $tp->assign("ed_author_ime", MyEscape(convert_html($ed_author_ime))); $tp->assign("ed_author_width", $width2); $tp->assign("ed_author_height", $height2); $tp->assign("ed_more", MyEscape($ed_more)); $tp->assign("ed_more_new", strstr($ed_more, "://") ? true : false); $tp->assign("ed_more_title", MyEscape($ed_more_title)); + $tp->assign("ed_prikazi", $ed_prikazi); $tp->assign("ed_clr_main", ($clear_main || $clr_main || !$titlepic_url) ? true : false); $tp->assign("ed_clr_author", ($clear_author || $clr_author || !$author_url) ? true : false); $tp->assign("ed_text", $ed_text); @@ -515,7 +523,6 @@ $tp->assign("aupicdir", "$aupicdir/"); $tp->assign("vijest", $isVijest ? true : false); if ($ed_preview) { - include_once("author.php"); $tp->assign("AUTHOR", GetAuthor(MyEscape(convert_html($author_url)), MyEscape(convert_html($ed_author_alt)), MyEscape(convert_html($ed_author_info)),