Mercurial > hg > fapweb

--- a/admin.inc.php	Sat Oct 05 10:34:32 2013 +0300
+++ b/admin.inc.php	Sat Oct 05 11:36:09 2013 +0300
@@ -164,7 +164,7 @@
           var str = strtrim(elem.value);
           if ((fields[id] == 1 || fields[id] == 4) && str == "")
           {
-            alert("One or more of the fields are empty.");
+            alert("One or more of the required fields are empty.");
             return "";
           }
           if (fields[id] == 4)
@@ -335,12 +335,31 @@
   sendPOSTRequest("action=update&type=compo&id="+id+"&"+args);
 }

+
+function addEntry(id)
+{
+  var args = makePostArgs({"name":1, "author":1, "filename":0}, "ne", id);
+
+  var msuccess = function(txt)
+  {
+    setTimeout("refreshEntries();", 50);
+  }
+
+  sendPOSTRequest("action=add&type=entry&compo_id="+id+"&"+args, msuccess);
+  return false;
+}
+
+
 function updateEntry(id)
 {
-  var args = makePostArgs({"name":1, "author":1, "compo_id":2}, "en", id);
+  var args = makePostArgs({"name":1, "author":1, "filename":0, "compo_id":2}, "en", id);

-  sendPOSTRequest(
-    "action=update&type=entry&id="+id+"&"+args);
+  var msuccess = function(txt)
+  {
+    setTimeout("refreshEntries();", 50);
+  }
+
+  sendPOSTRequest("action=update&type=entry&id="+id+"&"+args, msuccess);
 }
--- a/ajax.php	Sat Oct 05 10:34:32 2013 +0300
+++ b/ajax.php	Sat Oct 05 11:36:09 2013 +0300
@@ -2,6 +2,7 @@
 //
 // AJAX request handler backend module
 //
+$sessionType = "admin";
 require "mconfig.inc.php";
 require "msite.inc.php";
 require "msession.inc.php";
@@ -9,7 +10,11 @@
 // Check if we are allowed to execute
 if (!stCheckHTTPS() || !stAdmSessionAuth())
 {
-  header("Status: 404 Not Found");
+  stSetupCacheControl();
+
+  stSessionEnd(SESS_ADMIN);
+
+  header("Location: news");
   exit;
 }

@@ -158,12 +163,13 @@
             "<form>\n".
             " <table class=\"misc\">\n".
             "  <tr>\n".
-            "   <th colspan=\"3\">#".$id." - ".chentities($compo["name"])."</th>\n".
+            "   <th colspan=\"5\">#".$id." - ".chentities($compo["name"])."</th>\n".
             "  </tr>\n".
             "  <tr>\n".
             "   <th style=\"width:1%;\">Compo</th>\n".
             "   <th>Title</th>\n".
             "   <th>Author(s)</th>\n".
+            "   <th>Filename</th>\n".
             "   <th>Actions</th>\n".
             "  </tr>\n";

@@ -173,15 +179,25 @@
             echo
               "  <tr id=\"entry".$eid."\">\n".
               "   <td>".stGetFormTextInput(5, 5, "compo_id", $eid, "en", $id)."</td>\n".
-              "   <td>".stGetFormTextInput(35, 64, "name", $eid, "en", $entry["name"])."</td>\n".
+              "   <td>".stGetFormTextInput(30, 64, "name", $eid, "en", $entry["name"])."</td>\n".
               "   <td>".stGetFormTextInput(30, 64, "author", $eid, "en", $entry["author"])."</td>\n".
+              "   <td>".stGetFormTextInput(20, 64, "filename", $eid, "en", $entry["filename"])."</td>\n".
               "   <td>".
-              stGetFormButtonInput("update", $eid, $prefix, " Update ", "updateEntry(".$eid.")").
-              stGetFormButtonInput("delete", $eid, $prefix, " Delete ", "deleteEntry(".$eid.")").
+              stGetFormButtonInput("update", $eid, $prefix, " Upd ", "updateEntry(".$eid.")").
+              stGetFormButtonInput("delete", $eid, $prefix, " Del ", "deleteEntry(".$eid.")").
               "</td>\n".
               "  </tr>\n";
           }
+
+          $prefix = "ne";
           echo
+            "  <tr>\n".
+            "   <td></td>\n".
+            "   <td>".stGetFormTextInput(30, 64, "name", $id, "ne", "")."</td>\n".
+            "   <td>".stGetFormTextInput(30, 64, "author", $id, "ne", "")."</td>\n".
+            "   <td>".stGetFormTextInput(20, 64, "filename", $id, "ne", "")."</td>\n".
+            "   <td>".stGetFormButtonInput("add", $id, $prefix, " Add new ", "addEntry(".$id.")")."</td>\n".
+            "  </tr>\n".
             " </table>\n".
             "</form>\n";
         }
@@ -320,6 +336,16 @@
       execSQLCond($sql, "OK, attendee added.");
     }
     else
+    if ($type == "entry" && stChkRequestItem("name") &&
+      stChkRequestItem("author") && stChkRequestItem("compo_id"))
+    {
+      $sql = stPrepareSQL(
+        "INSERT INTO entries (name,author,compo_id) VALUES (%S,%Q,%D)",
+        "name", "author", "compo_id", "filename");
+
+      execSQLCond($sql, "OK, entry added.");
+    }
+    else
       setStatus(902, "No data.");
     break;

@@ -380,10 +406,11 @@
       stChkRequestItem("compo_id"))
     {
       $sql = stPrepareSQLUpdate("entries",
-        "WHERE id=".intval(stGetRequestItem("id")).
+        "WHERE id=".intval(stGetRequestItem("id")),
         array(
           "name" => "S",
           "author" => "S",
+          "filename" => "S",
           "compo_id" => "D",
         ));
--- a/createdb.php	Sat Oct 05 10:34:32 2013 +0300
+++ b/createdb.php	Sat Oct 05 11:36:09 2013 +0300
@@ -161,7 +161,7 @@
   "news" => "id INTEGER PRIMARY KEY AUTOINCREMENT, utime INT, title VARCHAR(128), text VARCHAR(4096), author VARCHAR(64), persist INT DEFAULT 0",
   "attendees" => "id INTEGER PRIMARY KEY AUTOINCREMENT, regtime INT, name VARCHAR(64), groups VARCHAR(64), oneliner VARCHAR(64), email VARCHAR(80), key VARCHAR(64), active INT DEFAULT 0",
   "compos" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(128), description VARCHAR(4096), visible INT DEFAULT 0, voting INT DEFAULT 0, showAuthors INT DEFAULT 0",
-  "entries" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(64), author VARCHAR(64), compo_id INT DEFAULT NULL, filename VARCHAR(256) DEFAULT NULL, screenshot VARCHAR(128) DEFAULT NULL",
+  "entries" => "id INTEGER PRIMARY KEY AUTOINCREMENT, name VARCHAR(64), author VARCHAR(64), compo_id INT DEFAULT NULL, filename VARCHAR(256) DEFAULT NULL",
   "votes" => "id INTEGER PRIMARY KEY AUTOINCREMENT, entry_id INT DEFAULT NULL, voter_id INT DEFAULT NULL, value INT DEFAULT 0",
   "settings" => "key VARCHAR(32) PRIMARY KEY, vtype INT, vstr VARCHAR(128), vtext TEXT, vint INT, desc VARCHAR(128)",
 );