enforce_login(); define('ANNOUNCEMENT_FORUM_ID', 19); View::show_header('Blog','bbcode'); require(SERVER_ROOT.'/classes/class_text.php'); $Text = new TEXT; if(check_perms('admin_manage_blog')) { if(!empty($_REQUEST['action'])) { switch($_REQUEST['action']) { case 'deadthread' : if(is_number($_GET['id'])){ $DB->query("UPDATE blog SET ThreadID=NULL WHERE ID=".$_GET['id']); $Cache->delete_value('blog'); $Cache->delete_value('feed_blog'); } header('Location: blog.php'); break; case 'takeeditblog': authorize(); if(is_number($_POST['blogid']) && is_number($_POST['thread'])){ $DB->query("UPDATE blog SET Title='".db_string($_POST['title'])."', Body='".db_string($_POST['body'])."', ThreadID=".$_POST['thread']." WHERE ID='".db_string($_POST['blogid'])."'"); $Cache->delete_value('blog'); $Cache->delete_value('feed_blog'); } header('Location: blog.php'); break; case 'editblog': if(is_number($_GET['id'])){ $BlogID = $_GET['id']; $DB->query("SELECT Title, Body, ThreadID FROM blog WHERE ID=$BlogID"); list($Title, $Body, $ThreadID) = $DB->next_record(); } break; case 'deleteblog': if(is_number($_GET['id'])){ authorize(); $DB->query("DELETE FROM blog WHERE ID='".db_string($_GET['id'])."'"); $Cache->delete_value('blog'); $Cache->delete_value('feed_blog'); } header('Location: blog.php'); break; case 'takenewblog': authorize(); $Title = db_string($_POST['title']); $Body = db_string($_POST['body']); $ThreadID = $_POST['thread']; if($ThreadID && is_number($ThreadID)) { $DB->query("SELECT ForumID FROM forums_topics WHERE ID=".$ThreadID); if($DB->record_count() < 1) { error("No such thread exists!"); header('Location: blog.php'); } } else { $ThreadID = Misc::create_thread(ANNOUNCEMENT_FORUM_ID, $LoggedUser[ID], $Title, $Body); if($ThreadID < 1) { error(0); } } $DB->query("INSERT INTO blog (UserID, Title, Body, Time, ThreadID, Important) VALUES ('".$LoggedUser['ID']."', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', '".sqltime()."', ".$ThreadID.", '".(($_POST['important']=='1')?'1':'0')."')"); $Cache->delete_value('blog'); if ($_POST['important']=='1') { $Cache->delete_value('blog_latest_id'); } if(isset($_POST['subscribe'])) { $DB->query("INSERT IGNORE INTO users_subscriptions VALUES ('$LoggedUser[ID]', $ThreadID)"); $Cache->delete_value('subscriptions_user_'.$LoggedUser['ID']); } header('Location: blog.php'); break; } } ?>