SanitizeHtml($details);
$sql="UPDATE news_bytes SET is_approved='$status', summary='".htmlspecialchars($summary)."', ".
"details='".$details."' WHERE id='$id' AND group_id='$group_id'";
$result=db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= _('Error On Update:');
} else {
$feedback .= _('NewsByte Updated.');
}
/*
Show the list_queue
*/
$approve='';
$list_queue='y';
}
}
news_header(array('title'=>_('News admin')));
if ($approve) {
/*
Show the submit form
*/
$sql="SELECT * FROM news_bytes WHERE id='$id' AND group_id='$group_id'";
$result=db_query($sql);
if (db_numrows($result) < 1) {
exit_error(_('Error'), _('NewsByte not found'));
}
$group =& group_get_object($group_id);
echo notepad_func();
echo '
'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'
';
} else {
/*
Show list of waiting news items
*/
$sql="SELECT * FROM news_bytes WHERE is_approved <> 4 AND group_id='$group_id'";
$result=db_query($sql);
$rows=db_numrows($result);
$group =& group_get_object($group_id);
if ($rows < 1) {
echo '
';
}
}
news_footer(array());
} else if (user_ismember($sys_news_group,'A')) {
/*
News uber-user admin pages
Show all waiting news items except those already rejected.
Admin members of $sys_news_group (news project) can edit/change/approve news items
*/
if ($post_changes) {
if ($approve) {
if ($status==1) {
/*
Update the db so the item shows on the home page
*/
$sanitizer = new TextSanitizer();
$details = $sanitizer->SanitizeHtml($details);
$sql="UPDATE news_bytes SET is_approved='1', post_date='".time()."', ".
"summary='".htmlspecialchars($summary)."', details='".$details."' WHERE id='$id'";
$result=db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= _('Error On Update:');
} else {
$feedback .= _('NewsByte Updated.');
}
} else if ($status==2) {
/*
Move msg to deleted status
*/
$sql="UPDATE news_bytes SET is_approved='2' WHERE id='$id'";
$result=db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= _('Error On Update:');
$feedback .= db_error();
} else {
$feedback .= _('NewsByte Deleted.');
}
}
/*
Show the list_queue
*/
$approve='';
$list_queue='y';
} else if (getStringFromRequest('mass_reject')) {
/*
Move msg to rejected status
*/
$news_id = getArrayFromRequest('news_id');
$sql="UPDATE news_bytes "
."SET is_approved='2' "
."WHERE id IN ('".implode("','",$news_id)."')";
$result=db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= _('Error On Update:');
$feedback .= db_error();
} else {
$feedback .= _('NewsBytes Rejected.');
}
}
}
news_header(array('title'=>_('News admin')));
if ($approve) {
/*
Show the submit form
*/
$sql="SELECT groups.unix_group_name,news_bytes.* ".
"FROM news_bytes,groups WHERE id='$id' ".
"AND news_bytes.group_id=groups.group_id ";
$result=db_query($sql);
if (db_numrows($result) < 1) {
exit_error(_('Error'), _('NewsByte not found'));
}
$group =& group_get_object(db_result($result,0,'group_id'));
$user =& user_get_object(db_result($result,0,'submitted_by'));
echo '
'.sprintf(_('Approve a NewsByte For Project: %1$s'), $group->getPublicName()).'
';
} else {
/*
Show list of waiting news items
*/
$old_date = time()-60*60*24*30;
$sql_pending= "
SELECT groups.group_id,id,post_date,summary,
group_name,unix_group_name
FROM news_bytes,groups
WHERE is_approved=0
AND news_bytes.group_id=groups.group_id
AND post_date > '$old_date'
AND groups.is_public=1
AND groups.status='A'
ORDER BY post_date
";
$old_date = time()-(60*60*24*7);
$sql_rejected = "
SELECT groups.group_id,id,post_date,summary,
group_name,unix_group_name
FROM news_bytes,groups
WHERE is_approved=2
AND news_bytes.group_id=groups.group_id
AND post_date > '$old_date'
ORDER BY post_date
";
$sql_approved = "
SELECT groups.group_id,id,post_date,summary,
group_name,unix_group_name
FROM news_bytes,groups
WHERE is_approved=1
AND news_bytes.group_id=groups.group_id
AND post_date > '$old_date'
ORDER BY post_date
";
show_news_approve_form(
$sql_pending,
$sql_rejected,
$sql_approved
);
}
news_footer(array());
} else {
exit_error(_('Permission denied.'),sprintf(_('You have to be an admin on the project you are editing or a member of the %s News team.'), $GLOBALS['sys_name']));
}
// Local Variables:
// mode: php
// c-file-style: "bsd"
// End:
?>