= 5) && ( !$isMac ) )
$useSpaw = true;
if ( $useSpaw )
{
$editorType = "html";
}
else
{
$editorType = "txt";
}
}
else
{
$editorType = $_GET['editorType'];
}
$mode = ( isset( $_POST['mode'] ) ) ? $_POST['mode'] : "";
switch ( $mode )
{
# CREATE
case "create" :
$body = $_POST['body'];
$title = $_POST['title'];
$body = str_replace( "","", $body );
$body = str_replace( "
", "", $body );
$body = str_replace( "<![CDATA[", "", $body );
$body = str_replace( "]]>", "", $body );
$query = "INSERT INTO page (pg_content, pg_date_start, pg_title, pg_root, pg_parent_id, pg_author_id, pg_charset, form, guestbook, pagebanner, bannername, formname) VALUES ('$body', NOW(), '$title', '$_POST[root]', '$_POST[parentId]', '$_POST[userId]', '$_POST[charset]', '$_POST[form]', '$_POST[guestbook]', '$_POST[pagebanner]', '$_POST[bannername]', '$_POST[formname]')" ;
mysql_query( $query );
echo mysql_error( $connexion );
$id = mysql_insert_id();
$mode = 'update' ;
$body = stripslashes( $body );
$title = stripslashes( $title );
header("Location: editorinsert.php?id=$id");
break;
# UPDATE
case "update" :
$body = $_POST['body'];
if ( $editorType == "txt" )
{
$body = str_replace( "\r\n", "
", $body );
}
$body = str_replace( "", "", $body );
$body = str_replace( "
", "", $body );
$body = str_replace( "<![CDATA[", "", $body );
$body = str_replace( "]]>", "", $body );
$query = "UPDATE page SET pg_content = '$body', pg_title = '$_POST[title]', pg_root = '$_POST[root]', pg_parent_id = '$_POST[parentId]', pg_charset = '$_POST[charset]', form = '$_POST[form]', guestbook = '$_POST[guestbook]', pagebanner = '$_POST[pagebanner]', bannername = '$_POST[bannername]', formname = '$_POST[formname]' WHERE id = '$_POST[id]' ";
mysql_query($query);
print( mysql_error( ) );
$body = stripslashes( $body );
$title = stripslashes( $_POST['title'] );
header("Location: editorinsert.php?id=$_POST[id]");
break;
# DELETE
case "delete" :
if ($_POST['id'] != 1)
{
$query = "DELETE FROM page WHERE id = '$_POST[id]'" ;
$content = mysql_query( $query );
$query = "DELETE FROM page WHERE pg_parent_id = '$_POST[id]'" ;
$content = mysql_query( $query );
header("Location: editorinsert.php");
}
break;
default :
$query = "SELECT usr_id, usr_name FROM users WHERE usr_name LIKE '$_SERVER[PHP_AUTH_USER]'";
$usr = mysql_fetch_object( mysql_query( $query ) );
$userName = $usr->usr_name;
$userId = $usr->usr_id;
// START OF A NEW RECORD
if ( !isset( $_GET['id'] ) )
{
$mode = "create";
$title = "";
$body = "";
$parentId = "";
$root = "";
$id = "";
// START OF AN UPDATE
}
else
{
$query = "SELECT * FROM page WHERE id = '$_GET[id]' ";
$content = mysql_fetch_object( mysql_query( $query ) );
$title = $content->pg_title;
$root = $content->pg_root;
$parentId = $content->pg_parent_id;
$title = stripslashes( $title );
$body = $content->pg_content;
$body = stripslashes( $body );
$mode = "update" ;
$id = $_GET['id'];
}
break ;
} // end of switch
require_once( "editor.php" );
?>