<?php
session_start();
//==========================
//Author: biyuan
//Time: 2006.07
//Contact: QQ6010707
//==========================
?>
<html>
<head>
<title> Brigitte the original network PHP+ACCESS Article management system </title>
<meta http-equiv="content-type" content="text/html; charset=gb2312" />
<style type="text/css">
body {
margin:0px;
text-align:center;
font-size:12px;
font-family:verdana;
}
td {
font-size:12px;
height:28px;
padding:4px;
font-family:verdana;
}
A:link,
A:visited,
A:active {
color: #005a17; text-decoration: none;
}
A:hover {
color: #ff5a00; text-decoration: underline;
}
</style>
</head>
<body>
<?php
//==================================
//Connect to database
//==================================
@$conn = new com("ADODB.Connection");
$conn->Open("DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=" . realpath("article.mdb"));
//==================================
//The article navigation
//==================================
function article_menu(){
global $conn;
@$sql = "Select * From List";
@$rs = $conn->Execute($sql);
while(!$rs->Eof){
echo "| <a href="?classid=" . $rs->Fields[2]->value . "">" . $rs->Fields[1]->value . "</a> ";
$rs->MoveNext();
}
echo "| <a href="?admin=login"> Background management </a>rn";
$rs->Close();
if(@$_SESSION["ARTICLEADMIN"] == "BY_PHP_ARTICLE"){
echo "<br /> Management options -> | <a href="?admin=class"> Classification management </a> | <a href="?admin=insert"> Published an article </a> | <a href="?admin=list"> The article lists </a> | <a href="?admin=logout"> Logged out </a>";
}
}
//==================================
//Article_list (article category ID)
//==================================
function article_list($str){
global $conn;
@$sql = "Select id,by_title,by_name,by_time,by_count From Article Where by_class = " . $str . " Order By id desc";
@$rs = $conn->Execute($sql);
if(!$rs->Eof){
echo "<table border="0" cellspacing="1" cellpadding="0" bgcolor="#cccccc">rn"
. " <tr bgcolor="#F3F3F3" align="center">rn"
. " <td> The article title </td><td> The authors </td><td> Published time </td><td> viewed </td>rn"
. " </tr>rn";
while(!$rs->Eof){
echo " <tr bgcolor="#FFFFFF">rn"
. " <td><a href="?artid=" . $rs->Fields[0]->value . "">" . $rs->Fields[1]->value . "</a></td><td>" . $rs->Fields[2]->value . "</td><td>" . date("Y-m-d H:i:s",$rs->Fields[3]->value) . "</td><td>" . $rs->Fields[4]->value . "</td>rn"
. " </tr>rn";
$rs->MoveNext();
}
echo "</table>rn";
}
else {
echo "<br /> This category does not exist or does not currently have any articles !";
}
$rs->Close();
}
//==================================
//Article_look (article ID)
//==================================
function article_look($str){
global $conn;
@$sql = "Select * From Article Where id = " . $str;
@$rs = $conn->Execute($sql);
@$usql= "Update Article Set by_count = (by_count + 1) Where id = " . $str;
$conn->Execute($usql);
if(!$rs->Eof){
@$body = $rs->Fields[5]->value;
$body = str_replace("[url=file://%22,%22%22,$body/]\","",$body[/url]);
echo "<table border="0" width="60%" cellspacing="1" cellpadding="0" bgcolor="#cccccc">rn"
. " <tr bgcolor="#F3F3F3" align="center">rn"
. " <td style="font-size:14px;font-weight:bold">" . $rs->Fields[1]->value . "</td>rn"
. " </tr>rn"
. " <tr bgcolor="#F3F3F3" align="center">rn"
. " <td> The authors :" . $rs->Fields[2]->value . " | Published time :" . date("Y-m-d H:i:s",$rs->Fields[3]->value) . " | viewed :" . $rs->Fields[4]->value . "</td>rn"
. " </tr>rn"
. " <tr bgcolor="#FFFFFF">rn"
. " <td>" . $body . "</td>rn"
. " </tr>rn"
. " <tr bgcolor="#F3F3F3">rn"
. " <td align="right"> 【 <a href="javascript:history.back();"> return Back to the </a> 】 【 <a href="javascript:print();"> play print </a> 】 【 <a href="javascript:close();"> guan closed </a> 】 </td>rn"
. " </tr>rn"
. " </table>rn"
. " <script language="JavaScript">document.title += "--" . $rs->Fields[1]->value . "";</script>rn";
}
else {
echo "<br /> The article does not exist or has been deleted by the administrator !";
}
$rs->Close();
}
//==================================
//Background: classification management
//==================================
function admin_class(){
global $conn;
@$sql = "Select * From List";
@$rs = $conn->Execute($sql);
echo "<form action="" method="post" name="frm">rn";
while(!$rs->Eof){
echo " category :<input type="text" value="" . $rs->Fields[1]->value . "" name="class_" . $rs->Fields[0]->value . "" /> Serial number :<input type="text" value="" . $rs->Fields[2]->value . "" name="class_cid_" . $rs->Fields[0]->value . "" /> <input type="button" value=" Modify the " onclick="frm.action='?admin=class&class=edit&id=" . $rs->Fields[0]->value . "';submit();" /> <input type="button" value=" delete " onclick="frm.action='?admin=class&class=del&id=" . $rs->Fields[0]->value . "';submit();" /><br />rn";
$rs->MoveNext();
}
echo " category :<input type="text" name="class_name" /> Serial number :<input type="text" name="class_cid" /> <input type="button" value=" increase " onclick="frm.action='?admin=class&class=add';submit();" /> <input type="button" value=" idle " disabled />rn"
. "</form>rn";
//Add a category
if(@$_GET["class"] == "add"){
if(@$_POST["class_name"] == "" || @$_POST["class_cid"] == ""){
echo "<br /> incomplete !";
echo "<script language="JavaScript">setTimeout("history.back();", 2000);</script>";
exit();
}
else {
@$sql = "Insert into List(by_list,by_cid) Values('" . $_POST["class_name"] . "' , '" . $_POST["class_cid"] . "')";
$conn->Execute($sql);
echo "<br /> Add a success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=class';", 2000);</script>";
}
}
//Modify a category
if(@$_GET["class"] == "edit"){
if(@$_POST["class_" . $_GET["id"]] == "" || @$_POST["class_cid_" . $_GET["id"]] == ""){
echo "<br /> incomplete !";
echo "<script language="JavaScript">setTimeout("history.back();", 2000);</script>";
exit();
}
else {
@$sql = "Update List Set by_list = '" . $_POST["class_" . $_GET["id"]] . "' , by_cid = '" . $_POST["class_cid_" . $_GET["id"]] . "' Where id = " . $_GET["id"];
$conn->Execute($sql);
echo "<br /> Modify the success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=class';", 2000);</script>";
}
}
//Delete a category
if(@$_GET["class"] == "del"){
@$sql = "Delete From List Where id = " . $_GET["id"];
$conn->Execute($sql);
echo "<br /> Delete the success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=class';", 100);</script>";
}
}
//==================================
//Background: publish articles (support HTML)
//==================================
function admin_insert(){
global $conn;
if(@$_GET["innert"] == "add"){
if(@$_POST["title"] == "" || @$_POST["name"] == "" || @$_POST["class"] == "" || @$_POST["body"] == ""){
echo "<br /> incomplete !";
echo "<script language="JavaScript">setTimeout("history.back();", 2000);</script>";
exit();
}
else {
@$body = $_POST["body"];
$body = str_replace("'", "''", $body);
$body = str_replace("rn", "<br />", $body);
@$sql = "Insert into article(by_title,by_name,by_time,by_count,by_body,by_class) Values('" . $_POST["title"] . "' , '" . $_POST["name"] . "' , #" . date("Y-m-d G:i:s") . "# , 0 , '" . $body . "' , '" . $_POST["class"] . "')";
$conn->Execute($sql);
echo "<br /> Add a success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=insert';", 2000);</script>";
}
}
else {
echo "<div style="width:590px;text-align:left">rn"
. "<form action="?admin=insert&innert=add" method="post">rn"
. " Article title: <input type="text" name="title" /><br />rn"
. " Author: <input type="text" name="name" /><br />rn"
. " Article category: <select name="class">rn";
@$sql = "Select * From List";
@$rs = $conn->Execute($sql);
while(!$rs->Eof){
echo "<option value="" . $rs->Fields[2]->value . "">" . $rs->Fields[1]->value . "</option>rn";
$rs->MoveNext();
}
echo "</select><br />rn"
. " Main body: <textarea cols="70" rows="14" name="body"></textarea><br />rn"
. "<center><input type="submit" value=" submit " /> <input type="reset" value=" reset " /></center>rn"
. "</form>rn"
. "</div>rn";
}
}
//==================================
//Background: list of articles
//==================================
function admin_list(){
global $conn;
@$sql = "Select id,by_title,by_name,by_time,by_count,by_class From Article Order By id desc";
@$rs = $conn->Execute($sql);
if(!$rs->Eof){
echo "<table border="0" cellspacing="1" cellpadding="0" bgcolor="#cccccc">rn"
. " <tr bgcolor="#F3F3F3" align="center">rn"
. " <td> The article title </td><td> The article classification <td> The authors </td><td> Published time </td><td> viewed </td><td> operation </td>rn"
. " </tr>rn";
while(!$rs->Eof){
@$sql = "Select * From List Where by_cid = " . $rs->Fields[5]->value;
@$crs = $conn->Execute($sql);
@$cid = $crs->Fields[1]->value;
echo " <tr bgcolor="#FFFFFF">rn"
. " <td><a href="?artid=" . $rs->Fields[0]->value . "">" . $rs->Fields[1]->value . "</a></td><td>" . $cid . "</td><td>" . $rs->Fields[2]->value . "</td><td>" . $rs->Fields[3]->value . "</td><td>" . $rs->Fields[4]->value . "</td><td><a href="?admin=list&list=edit&id=" . $rs->Fields[0]->value . ""> The editor </a> | <a href="?admin=list&list=del&id=" . $rs->Fields[0]->value . ""> delete </a></td>rn"
. " </tr>rn";
$crs->Close();
$rs->MoveNext();
}
echo "</table>rn";
}
else {
echo "<br /> This category does not exist or does not currently have any articles !";
}
$rs->Close();
//Modify the article
if(@$_GET["list"] == "edit"){
if(@$_GET["edit"] == "true"){
if(@$_POST["title"] == "" || @$_POST["name"] == "" || @$_POST["class"] == "" || @$_POST["body"] == ""){
echo "<br /> incomplete !";
echo "<script language="JavaScript">setTimeout("history.back();", 2000);</script>";
exit();
}
else {
@$body = $_POST["body"];
$body = str_replace("'", "''", $body);
$body = str_replace("rn", "<br />", $body);
@$sql = "Update article Set by_title = '" . $_POST["title"] . "' , by_name = '" . $_POST["name"] . "' , by_count = " . $_POST["count"] . " , by_body = '" . $body . "' , by_class = '" . $_POST["class"] . "' Where id = " . $_GET["id"];
$conn->Execute($sql);
echo "<br /> Modify the success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=list';", 2000);</script>";
}
}
else {
@$sql = "Select * From Article Where id = " . $_GET["id"];
@$rs = $conn->Execute($sql);
echo "<div style="width:590px;text-align:left">rn"
. "<form action="?admin=list&list=edit&edit=true&id=" . $rs->fields[0]->value . "" method="post">rn"
. " Article title: <input type="text" name="title" value="" . $rs->fields[1]->value . "" /><br />rn"
. " Author: <input type="text" name="name" value="" . $rs->fields[2]->value . "" /><br />rn"
. " Number of visits: <input type="text" name="count" value="" . $rs->fields[4]->value . "" /><br />rn"
. " Article category: <select name="class" id="class">rn";
@$sql = "Select * From List";
@$crs = $conn->Execute($sql);
while(!$crs->Eof){
echo "<option value="" . $crs->Fields[2]->value . "">" . $crs->Fields[1]->value . "</option>rn";
$crs->MoveNext();
}
$crs->close();
@$body = $rs->Fields[5]->value;
$body = str_replace("<br />","rn",$body);
echo "</select><br />rn"
. "<script language="JavaScript">rn"
. "document.getElementById("class").selectedIndex = " . $rs->fields[6]->value . " - 1;rn"
. "</script>rn"
. " Main body: <textarea cols="70" rows="14" name="body">" . $body . "</textarea><br />rn"
. "<center><input type="submit" value=" submit " /> <input type="reset" value=" reset " /></center>rn"
. "</form>rn"
. "</div>rn";
}
}
//Delete articles
if(@$_GET["list"] == "del"){
@$sql = "Delete From Article Where id = " . $_GET["id"];
$conn->Execute($sql);
echo "<br /> Delete the success !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=list';", 100);</script>";
}
}
//==================================
//Permission to verify
//==================================
function admin_session(){
if(@$_SESSION["ARTICLEADMIN"] != "BY_PHP_ARTICLE"){
echo "<br /> Please login first !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=login';", 2000);</script>";
exit();
}
}
//==================================
//The background of landing
//==================================
function admin_login(){
if(@$_SESSION["ARTICLEADMIN"] == "BY_PHP_ARTICLE"){
echo "<script language="JavaScript">window.location.href='?admin=admin';</script>";
}
else{
echo "<table border="0" cellspacing="1" cellpadding="0" bgcolor="#cccccc">rn"
. " <tr bgcolor="#F3F3F3" align="center">rn"
. " <td><strong> Administrator login </strong></td>rn"
. " </tr>rn"
. " <tr bgcolor="#FFFFFF">rn"
. " <form method="post" action="?admin=check">rn"
. " <td><input type="password" name="adminPass" /><input type="submit" value=" determine " /></td>rn"
. " </form>rn"
. " </tr>rn"
. "</table>rn";
}
}
//==================================
//Login authentication
//==================================
function admin_check(){
if(trim($_POST["adminPass"]) != "admin"){
echo "<br /> Wrong password !";
echo "<script language="JavaScript">setTimeout("history.back();", 2000);</script>";
}
else {
echo "<br /> Log in successfully !";
@$_SESSION["ARTICLEADMIN"] = "BY_PHP_ARTICLE";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=admin';", 2000);</script>";
}
}
//==================================
//URL parameter list
//==================================
function page_load(){
@$classid = $_GET["classid"];
if($classid != ""){
if(!is_numeric($classid)){
echo "<br /> Wrong parameter !";
return false;
}
else {
article_list($classid);
}
}
@$artid = $_GET["artid"];
if($artid != ""){
if(!is_numeric($artid)){
echo "<br /> Wrong parameter !";
return false;
}
else {
article_look($artid);
}
}
@$admin = $_GET["admin"];
if($admin == "login"){
admin_login();
}
if($admin == "check"){
admin_check();
}
if($admin == "admin"){
admin_session();
echo "<br /> Log in successfully ! Please select the function menu to operate .";
}
if($admin == "logout"){
session_destroy();
echo "<br /> Exit successfully !";
echo "<script language="JavaScript">setTimeout("window.location.href='?admin=login';", 2000);</script>";
}
if($admin == "class"){
admin_session();
admin_class();
}
if($admin == "insert"){
admin_session();
admin_insert();
}
if($admin == "list"){
admin_session();
admin_list();
}
if($classid == "" && $artid == "" && $admin == ""){
echo "<script language="JavaScript">window.location.href='?classid=1';</script>";
}
}
?>
<div style="width:100%;text-align:left;background:#cccccc;line-height:20px;">
<br /><br /><br /> The article classification -> <?=article_menu();?>
</div>
<?=page_load();?>
<?php
$conn->Close();
?>
</body>
</html>