Show sourcecode

The following files exists in this folder. Click to view.

test/incl/blokket/

add-article.php
aside.php
blokket-default.php
data/
initiate.php
remove-article.php
show-all-articles.php
show-article.php
update-article.php

`update-article.php`

1 lines ASCII Unix (LF)

1

<?php
$text = null;
$selected = "Select article";

$saved = false;

if(isset($_POST['article-editor-selection']))
{
    $selected = strip_tags($_POST['article-editor-selection']);
}

if(isset($_POST['article-editor-text']))
{
    $selected = $_POST["selected-article"];
    if($selected != "Select article" && $selected != null)
    {
        writeOverFileContents("incl/blokket/data/" . $selected, strip_tags($_POST['article-editor-text'], '<img><p><strong><emphasis><i><b>'));
        $saved = true;
    }
}

if(isset($selected) && $selected != "Select article")
    $text = getFileContents("incl/blokket/data/" . $selected);
?>

<h1>Update article</h1>
<fieldset>
    <form method="post">
        <p><label for="selection-list">Articles:</label><br>
        <select id="selection-list" name="article-editor-selection" onchange='form.submit();'>
            <?php
            $path = "incl/blokket/data";
            $filenames = readDirectory($path);
            echo "<option value='Select article' selected>Select article</option>";
            $contents = null;

            foreach ($filenames as $filename)
            {
                if($selected == $filename)
                    $contents .= "<option value='" . $filename . "' selected>" . $filename . "</option>";
                else
                    $contents .=  "<option value='" . $filename . "'>" . $filename . "</option>";
            }

            echo $contents;
            ?>
        </select></p>
    </form>

    <form method="post">
        <p><textarea rows="4" cols="50" name="article-editor-text"><?php echo $text; ?></textarea><br>
        <input type="hidden" name="selected-article" value="<?php echo $selected; ?>">
        <input type="submit" name="doSave" value="Save changes">
        <input type="reset" name="reset" value="Reset"></p>
    </form>

<?php
if(isset($saved) && isset($_POST["doSave"]))
{
    if(isset($selected) && ($selected != "Select article"))
    {
        if (substr(sprintf('%o', fileperms("incl/blokket/data/" . $selected)), -4) != 666) // TODO Check more comprehensively instead of just checking against 666.
            echo "<p class='notice'>The selected article cannot be edited.</p>";

        if ($saved == true)
            echo "<p class='success'>The changes to the article were saved.</p>";
        else
            echo "<p class='error'>The changes to the article were not saved.</p>";
    }
    else
        echo "<p class='notice'>No article has been selected for editing.</p>";
}
?>
</fieldset>