Viewing file: 61.php (8.83 KB) -rw-rw-rw- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php require_once('../Connections/oa.php'); ?>
<?php
// *** Logout the current user.
$FF_Logout = $HTTP_SERVER_VARS['PHP_SELF'] . "?FF_Logoutnow=1";
if (isset($HTTP_GET_VARS['FF_Logoutnow']) && $HTTP_GET_VARS['FF_Logoutnow']=="1") {
if (!session_id()) session_start();
session_unregister("MM_Username");
session_unregister("MM_UserAuthorization");
$FF_logoutRedirectPage = "../index.php";
// redirect with URL parameters (remove the "FF_Logoutnow" query param).
if ($FF_logoutRedirectPage == "") $FF_logoutRedirectPage = $HTTP_SERVER_VARS['PHP_SELF'];
if (!strpos($FF_logoutRedirectPage, "?") && $HTTP_SERVER_VARS['QUERY_STRING'] != "") {
$FF_newQS = "?";
reset ($HTTP_GET_VARS);
while (list ($key, $val) = each ($HTTP_GET_VARS)) {
if($key != "FF_Logoutnow"){
if (strlen($FF_newQS) > 1) $FF_newQS .= "&";
$FF_newQS .= $key . "=" . urlencode($val);
}
}
if (strlen($FF_newQS) > 1) $FF_logoutRedirectPage .= $FF_newQS;
}
header("Location: $FF_logoutRedirectPage");
exit;
}
// *** Restrict Access To Page: Grant or deny access to this page
$FF_authorizedUsers=" ";
$FF_authFailedURL="login.php";
$FF_grantAccess=0;
if (!session_id()) session_start();
if (isset($HTTP_SESSION_VARS['priorUrl'])) session_unregister("priorUrl");
if (isset($HTTP_SESSION_VARS["MM_Username"])) {
if (true || !(isset($HTTP_SESSION_VARS["MM_UserAuthorization"])) || $HTTP_SESSION_VARS["MM_UserAuthorization"]=="" || strpos($FF_authorizedUsers, $HTTP_SESSION_VARS["MM_UserAuthorization"])) {
$FF_grantAccess = 1;
}
}
if (!$FF_grantAccess) {
$priorUrl = "http://".$HTTP_SERVER_VARS['HTTP_HOST'].$HTTP_SERVER_VARS['SCRIPT_NAME'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING']) && $HTTP_SERVER_VARS['QUERY_STRING'] != "") $priorUrl .= "?".$HTTP_SERVER_VARS['QUERY_STRING'];
session_register("priorUrl");
$FF_qsChar = "?";
if (strpos($FF_authFailedURL, "?")) $FF_qsChar = "&";
$FF_referrer = "Restricted Area";
$FF_authFailedURL = $FF_authFailedURL . $FF_qsChar . "accessdenied=" . urlencode($FF_referrer);
header("Location: $FF_authFailedURL");
exit;
}
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;
$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
}
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($_POST["MM_update"])) && ($_POST["MM_update"] == "form1")) {
$updateSQL = sprintf("UPDATE contenidos SET idcat=%s, orden=%s, tema=%s, titulo=%s, textoinicial=%s, textocompleto=%s, enlace=%s, imagen=%s WHERE idcontenido=%s",
GetSQLValueString($HTTP_POST_VARS['idcat'], "int"),
GetSQLValueString($HTTP_POST_VARS['orden'], "int"),
GetSQLValueString($HTTP_POST_VARS['tema'], "int"),
GetSQLValueString($HTTP_POST_VARS['titulo'], "text"),
GetSQLValueString($HTTP_POST_VARS['textoinicial'], "text"),
GetSQLValueString($HTTP_POST_VARS['textocompleto'], "text"),
GetSQLValueString($HTTP_POST_VARS['enlace'], "text"),
GetSQLValueString($HTTP_POST_VARS['imagen'], "text"),
GetSQLValueString($HTTP_POST_VARS['idcontenido'], "int"));
mysql_select_db($database_oa, $oa);
$Result1 = mysql_query($updateSQL, $oa) or die(mysql_error());
$updateGoTo = "61.php";
if (isset($_SERVER['QUERY_STRING'])) {
$updateGoTo .= (strpos($updateGoTo, '?')) ? "&" : "?";
$updateGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $updateGoTo));
}
mysql_select_db($database_oa, $oa);
$query_rsCont = "SELECT * FROM contenidos WHERE idcontenido=61 ORDER BY titulo";
$rsCont = mysql_query($query_rsCont, $oa) or die(mysql_error());
$row_rsCont = mysql_fetch_assoc($rsCont);
$totalRows_rsCont = mysql_num_rows($rsCont);
?>
<html>
<head>
<title>ACTUALIZAR AUTORREGULACION</title>
<!-- tinyMCE -->
<script language="javascript" type="text/javascript" src="/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
theme : "advanced",
language : "es",
theme_advanced_resizing : true,
theme_advanced_disable : "cleanup,code,help,styleselect,cut,copy,paste",
mode : "textareas",
plugins : "table,advhr,advimage,emotions,iespell,insertdatetime,preview,flash,searchreplace,print,contextmenu,iwimg",
theme_advanced_buttons1_add_before : "save,separator",
theme_advanced_buttons1_add : "fontselect,fontsizeselect, iwimg",
theme_advanced_buttons2_add : "separator,insertdate,inserttime,preview,zoom,separator,forecolor,backcolor",
theme_advanced_buttons3_add : "emotions,iespell,flash,advhr,separator,print",
theme_advanced_buttons2_add_before: "cut,copy,paste,separator,search,replace,separator",
theme_advanced_buttons3_add_before : "tablecontrols,separator",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "center",
theme_advanced_path_location : "bottom",
plugin_insertdate_dateFormat : "%Y-%m-%d",
plugin_insertdate_timeFormat : "%H:%M:%S",
extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]",
external_link_list_url : "tinymce/example/example_link_list.js",
external_image_list_url : "tinymce/example/example_image_list.js",
flash_external_list_url : "tinymce/example/example_flash_list.js",
relative_urls : false,
remove_script_host : true,
document_base_url : "http://observatorio.dama.gov.co/",
theme_advanced_buttons3_add : "pastetext,pasteword,selectall"
});
function convertWord(type, content) {
switch (type) {
// Gets executed before the built in logic performes it's cleanups
case "before":
content = content.toLowerCase(); // Some dummy logic
break;
// Gets executed after the built in logic performes it's cleanups
case "after":
content = content.toLowerCase(); // Some dummy logic
break;
}
return content;
}
</script>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<table width="400" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td><a href="<?php echo $FF_Logout ?>">Salir</a></td>
</tr>
</table>
<table width="600" border="1" align="center" cellpadding="0" cellspacing="0">
<tr>
<td> </td>
</tr>
<tr>
<td><form name="form1" method="POST" action="<?php echo $editFormAction; ?>">
<p>
<input name="idcontenido" type="hidden" id="idcontenido" value="<?php echo $row_rsCont['idcontenido']; ?>">
<input name="idcat" type="hidden" id="idcat" value="<?php echo $row_rsCont['idcat']; ?>">
<input name="orden" type="hidden" id="orden" value="<?php echo $row_rsCont['orden']; ?>">
<input name="enlace" type="hidden" id="enlace" value="<?php echo $row_rsCont['enlace']; ?>">
<input name="imagen" type="hidden" id="imagen" value="<?php echo $row_rsCont['imagen']; ?>">
</p>
<p>
<input name="tema" type="text" id="tema" value="<?php echo $row_rsCont['tema']; ?>">
</p>
<p>
<textarea name="titulo" cols="100" rows="8" id="titulo"><?php echo $row_rsCont['titulo']; ?></textarea>
</p>
<p>
<textarea name="textoinicial" cols="100" rows="15" id="textoinicial"><?php echo $row_rsCont['textoinicial']; ?></textarea>
</p>
<p>
<textarea name="textocompleto" cols="100" rows="15" id="textocompleto"><?php echo $row_rsCont['textocompleto']; ?></textarea>
<br>
<input type="submit" name="Submit" value="Enviar">
</p>
<input type="hidden" name="MM_update" value="form1">
</form></td>
</tr>
<tr>
<td> </td>
</tr>
</table>
</body>
</html>
<?php
mysql_free_result($rsCont);
?>
|