enforce_login(); if (!check_perms('users_mod')) { error(403); } $DB->query(" INSERT INTO staff_blog_visits (UserID, Time) VALUES (".$LoggedUser['ID'].", NOW()) ON DUPLICATE KEY UPDATE Time = NOW()"); $Cache->delete_value('staff_blog_read_'.$LoggedUser['ID']); define('ANNOUNCEMENT_FORUM_ID', 19); if (check_perms('admin_manage_blog')) { if (!empty($_REQUEST['action'])) { switch ($_REQUEST['action']) { case 'takeeditblog': authorize(); if (empty($_POST['title'])) { error("Please enter a title."); } if (is_number($_POST['blogid'])) { $DB->query(" UPDATE staff_blog SET Title = '".db_string($_POST['title'])."', Body = '".db_string($_POST['body'])."' WHERE ID = '".db_string($_POST['blogid'])."'"); $Cache->delete_value('staff_blog'); $Cache->delete_value('staff_feed_blog'); } header('Location: staffblog.php'); break; case 'editblog': if (is_number($_GET['id'])) { $BlogID = $_GET['id']; $DB->query(" SELECT Title, Body FROM staff_blog WHERE ID = $BlogID"); list($Title, $Body, $ThreadID) = $DB->next_record(); } break; case 'deleteblog': if (is_number($_GET['id'])) { authorize(); $DB->query(" DELETE FROM staff_blog WHERE ID = '".db_string($_GET['id'])."'"); $Cache->delete_value('staff_blog'); $Cache->delete_value('staff_feed_blog'); } header('Location: staffblog.php'); break; case 'takenewblog': authorize(); if (empty($_POST['title'])) { error("Please enter a title."); } $Title = db_string($_POST['title']); $Body = db_string($_POST['body']); $DB->query(" INSERT INTO staff_blog (UserID, Title, Body, Time) VALUES ('$LoggedUser[ID]', '".db_string($_POST['title'])."', '".db_string($_POST['body'])."', NOW())"); $Cache->delete_value('staff_blog'); $Cache->delete_value('staff_blog_latest_time'); send_irc("PRIVMSG ".ADMIN_CHAN." :!blog " . $_POST['title']); header('Location: staffblog.php'); break; } } View::show_header('Staff Blog','bbcode'); ?>