News CMS With Admin Panel
Okay this is a great news system (not to brag :X) but I have been working on it and I have found no errors at all! There's no comments because I made it for my site but now I want to share it with everyone else. (My site has a shoutbox instead).
FEATURES:
Admin Panel
Show News
Edit News
Delete News
Admin Panel Stylesheet
News Page Stylesheet
Well, let's gets tarted, shall we?
First run this query through PHPMyAdmin:
Code
CREATE TABLE `entries` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`category` VARCHAR(50) NOT NULL,
`title` text NOT NULL,
`short` text NOT NULL,
`full` text NOT NULL,
`date` text NOT NULL,
PRIMARY KEY ( `id`)
) TYPE=MyISAM;
That will create the table that stores your news entries. Next up is db.php that will hold your MySQL settings for the script:
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
<?php
$host= "XXXXX"; //Usually localhost.
$dbuser ="XXXXX"; //Database user.
$dbpass = "XXXXX"; //User's password.
$dbname = "XXXXX"; //MySQL database.
$connection = mysql_connect($host, $dbuser, $dbpass) or die(mysql_error()); //err0r!
mysql_select_db($dbname) or die(mysql_error()); //selects database
?>
Now we got that out of the way we will start writing the script itself. This page will be index.php. It will show the news entries.
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<link rel="stylesheet" type="text/css" media="screen" title="Default" href="style.css" />
<?php
// Database Connection
include 'db.php';
function show(){
global $db;
//get page 1 if no page is requested
if(!isset($_GET['page'])){
$page = "1";
} else {
//get requested page
$page = $_GET['page'];
}
if(!isset($_GET['category'])){
$category = "home";
} else {
$category = mysql_real_escape_string($_GET['category']);
}
//max entries per page
$max_results = "4";
//figure out the result limit
$from = (($page * $max_results) - $max_results);
//get pages from the database
$query = "SELECT *, DATE_FORMAT(date, '%W, %M %e, %Y <br/> %r') AS date FROM entries WHERE category = '$category' ORDER BY id DESC LIMIT $from, $max_results";
$sql = mysql_query($query);
while($row = mysql_fetch_array($sql)){
$id = $row['id'];
//check for a full story
if( $row['full'] == ""){
$readmore = "";
}else{
$readmore = "| <a href="?id=$id">Read more...</a>";
}
$title = stripslashes($row['title']);
$date = "{$row['date']}";
$short = stripslashes($row['short']);
$short = nl2br($short);
// show emtries
print("<div class='story'>
<h1><a href="?id=$id">$title</a></h1>
<h2>$date</h2>
<p>$short</p>
<p>$readmore</p>
");
}
//get total number of results
$total_results = mysql_result(mysql_query("SELECT COUNT(*) FROM entries"),0);
//round up
$total_pages = ceil($total_results / $max_results);
//show previous link
if($page > 1){
$prev = ($page - 1);
echo "<a href="".$_SERVER['PHP_SELF']."?page=$prev">Previous</a> - |";
}else{
echo "Previous - |";
}
for($i = 1; $i <= $total_pages; $i++){
if(($page) == $i){
echo "<strong>$i</strong>";
} else {
echo "<a href="".$_SERVER['PHP_SELF']."?page=$i">$i</a>";
}
}
//show next link
if($page < $total_pages){
$next = ($page + 1);
echo "| - <a href="".$_SERVER['PHP_SELF']."?page=$next">Next</a>";
}else{
echo "| - Next";
}
}
function showfull($id){
global $db;
//get page from the database
$query = "SELECT *, DATE_FORMAT(date, '%W, %M %e, %Y <br/> %r') AS date FROM entries WHERE id = '$id'";
$sql = mysql_query($query);
$row = mysql_fetch_array($sql);
$title = stripslashes($row['title']);
$date = "{$row['date']}";
$short = stripslashes($row['short']);
$short = nl2br($short);
$full = stripslashes($row['full']);
$full = nl2br($full);
if( $full != ""){
$fulltext = "$full";
}else{
$fulltext = "$short";
}
// show entry
print("<div class="story">
<h1>$title</h1>
<h2>$date</h2>
<p>$fulltext</p>
</div>
");
//get entries from the database and sort them by year and month in reverse
$query = "SELECT *, DATE_FORMAT(date, '%Y%m') AS sort, DATE_FORMAT(date, '%M %Y') AS date FROM entries WHERE category = 'archive' GROUP BY sort ORDER BY sort DESC";
$sql = mysql_query($query);
while($row = mysql_fetch_array($sql)){
$date = $row['date'];
// show emtries
print("<h1>$date</h1>
");
$query = "SELECT *, DATE_FORMAT(date, '%W, %M %e | %r') AS date FROM entries WHERE category = 'archive' ORDER BY id DESC";
$sql = mysql_query($query);
while($row = mysql_fetch_array($sql)){
$id = $row['id'];
$title = stripslashes($row['title']);
$date = $row['date'];
// show emtries
print("<a href="?id=$id">$date - $title</a><br/>");
}
}
}
$id = "{$_GET['id']}";
$archive = "{$_GET['archive']}";
if($archive != ""){
showarchive();
}elseif($id != ""){
showfull($id);
}else{
show();
}
?>
Okay now you are thinking "What? A link to a stylesheet. I don't have one yet. Well I made one for you! (better thank meh!) Name this file style.css:
Code
body {
margin: 0px auto 0px auto;
background-color: #ffffff;
color: #0d0d0d;
font-family: Tahoma, Verdana, Arial;
font-size: 10px;
}
a{
color: #821b1b;
text-decoration:none;
}
a:hover{
color: #821b1b;
text-decoration:none;
}
a:visited{
color: #821b1b;
text-decoration:none;
}
h1 {
color: #821b1b;
}
Now moving on to the leet admin panel (I think to much of it ha!) Name this file admin.php
PHP Code
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
<?php
session_start();
$_username = "admin"; //admin username to login
$_password = "password"; //admin password to login
print('<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>News</title>
<link rel="stylesheet" type="text/css" media="screen" title="Default" href="adminstyle.css" />
</head>
<body>');
if (isset($_POST['submit'])) {
//check if the username and password match
if ($_POST['username'] == $_username && $_POST['password'] == $_password) {
//set session variable
$_SESSION['logged_in'] = "true";
$_SESSION['username'] = $_username;
}
}
//if not logged in show the login form
if (!isset($_SESSION['logged_in'])) {
print('
<div id="login">
<h1>News Login</h1>
<form method="post" action="admin.php" class="login">
<label for="username">Username:</label> <input type="text" id="username" name="username" /><br/>
<label for="password">Password:</label> <input type="password" id="password" name="password" /><br/>
<input type="hidden" name="login" />
<label for="submit"> </label> <input type="submit" id="submit" name="submit" value="Login" /><br/>
<p style="font-size: 9px; text-align: center;">Created by <a href="http://d-webz.org">DylanM</a>.</p>
</div>
</form>');
//if logout is requested
} elseif (isset($_GET['do']) && $_GET['do'] == "logout") {
session_start();
$_SESSION = array();
session_destroy();
echo '<META HTTP-EQUIV="refresh" content="1"; URL="admin.php">';
} else {
print("<script type="text/javascript">
function preview(id1, id2){
var NewText = document.getElementById(id1).value;
splitText = NewText.split(/n/).join("");
var DivElement = document.getElementById(id2);
DivElement.innerHTML = splitText;
}
</script>
");
include 'db.php';
print("<div id="container"> <h1>Admin Panel</h1>
<p style="text-align: center;"><a href="?">Admin Home</a> | <a href="?action=new">New Entry</a> | <a href="?action=entries">Edit Entries</a> | <a href="?do=logout">Logout</a></p>");
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ADMIN FRONT PAGE /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($action == "") {
print("<p>Woot. This is your admin panel page. Use the above page to add, edit, and delete news. Created by DylanM (3xS). www.d-webz.org</p>");
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// SHOW ENTRIES /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif ($action == "entries") {
//get pages from the database
$query = "SELECT * FROM entries ORDER BY id DESC";
$sql = mysql_query($query);
print("<form method="post" action="" class="table">
<table width="760">
<tr>
<th>Select</td>
<th>Category</td>
<th>Title</td>
<th>Date</td>
</tr>
");
while($row = mysql_fetch_array($sql)){
$id = $row['id'];
$category = stripslashes($row['category']);
$title = stripslashes($row['title']);
$date = $row['date'];
// show entries
print("<tr>
<td><input type="checkbox" name="selected[]" value="$id"></td>
<td>$category</td>
<td><a href="?action=edit&id=$id">$title</a></td>
<td>$date</td>
<td><a href="?action=showcomments&id=$id">$comnum</a></td>
</tr>
");
}
print("
</table>
<br/>
<label for="action">Action:</label>
<select name="action" id="action">
<option value="archive">Archive
<option value="delete">Delete
</select>
<input type="submit" id="submit" name="Submit">
</form>
");
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// SHOW ADD NEW ENTRY FORM /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif($action == "new"){
print("<div class="input">
<form method="post" id="addentry" action="?action=addnewentry">
<label for="title">Title</label><input id="title" name="title" tabindex="1" type="text"><br/>
<label for="category">Category</label><input id="category" name="category" tabindex="2" type="text" value="home"><br/>
<label for="addshort">Short</label><textarea name="addshort" wrap="virtual" id="addshort" tabindex="3" onkeyup="preview('addshort', 'addpreview-short')"></textarea><br/><br/>
<label for="addfull">Full</label><textarea name="addfull" wrap="virtual" id="addfull" tabindex="4" onkeyup="preview('addfull', 'addpreview-full')"></textarea><br/>
<label for="submit">Submit</label><input id="submit" name="submit" value="Submit" tabindex="5" type="submit">
</div>
<div class="story">
<h1>Short Preview:</h1>
<div id="addpreview-short"></div><br/>
<h1>Full Preview:</h1>
<div id="addpreview-full"></div>
</div>
");
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ADD ENTRY /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif($action == "addnewentry"){
$title = mysql_real_escape_string($_POST['title']);
$category = mysql_real_escape_string($_POST['category']);
$short = mysql_real_escape_string($_POST['addshort']);
$full = mysql_real_escape_string($_POST['addfull']);
$query = "INSERT INTO entries (id, category, title, date, short, full)
VALUES (NULL, '$category', '$title', NOW(), '$short', '$full');";
mysql_query($query) or die("Add failed: " . mysql_error());
echo mysql_affected_rows() . ' record added.';
echo "<br/><a href="admin.php">Go back.</a>";
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// DELETE ENTRY /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif ($action == "delete"){
$selected = implode(",", $_POST['selected']);
$query = "DELETE FROM entries WHERE id IN ($selected)";
mysql_query($query) or die("Delete failed: " . mysql_error());
echo mysql_affected_rows() . ' record(s) deleted.';
echo "<br/><a href="admin.php">Go back.</a>";
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// ARCHIVE ENTRY /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif($action == "archive"){
$selected = implode(",", $_POST['selected']);
$query = "UPDATE entries SET category='archive' WHERE id IN ($selected)";
mysql_query($query) or die("Archive failed: " . mysql_error());
echo mysql_affected_rows() . ' record(s) moved to the archives.';
echo "<br/><a href="admin.php">Go back.</a>";
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// SHOW ENTRY EDIT /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif($action == "edit"){
$id = mysql_real_escape_string($_GET['id']);
//get page from the database
$query = "SELECT * FROM entries WHERE id = '$id'";
$sql = mysql_query($query);
$row = mysql_fetch_array($sql);
$title = stripslashes($row['title']);
$category = stripslashes($row['category']);
$date = stripslashes($row['date']);
$short = stripslashes($row['short']);
$full = stripslashes($row['full']);
print("<div class="input">
<form method="post" id="editentry" action="?action=editentry&id=$id">
<label for="title">Title</label><input id="title" name="title" tabindex="1" value="$title" type="text"><br/>
<label for="category">Category</label><input id="category" name="category" value="$category" tabindex="2" type="text"><br/>
<label for="editshort">Short</label><textarea name="editshort" wrap="virtual" id="editshort" tabindex="3" onkeyup="preview('editshort', 'editpreview-short')">$short</textarea><br/><br/>
<label for="editfull">Full</label><textarea name="editfull" wrap="virtual" id="editfull" tabindex="4" onkeyup="preview('editfull', 'editpreview-full')">$full</textarea><br/>
<label for="submit">Submit</label><input id="submit" name="submit" value="Submit" tabindex="5" type="submit">
</div>
<div class="story">
<h1>Short Preview:</h1>
<div id="editpreview-short"></div><br/>
<h1>Full Preview:</h1>
<div id="editpreview-full"></div>
</div>
");
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// EDIT ENTRY /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}elseif($action == "editentry"){
$id = mysql_real_escape_string($_GET['id']);
$title = mysql_real_escape_string($_POST['title']);
$title = htmlspecialchars("$title");
$category = "{$_POST['category']}";
$short = mysql_real_escape_string($_POST['editshort']);
$short = htmlspecialchars("$short");
$full = mysql_real_escape_string($_POST['editfull']);
$full = htmlspecialchars("$full");
$query = "UPDATE entries SET title = '$title', category = '$category', short = '$short', full = '$full' WHERE id = $id;";
mysql_query($query) or die("Edit failed: " . mysql_error());
echo mysql_affected_rows() . ' record modified.';
echo "<br/><a href="admin.php">Go back.</a>";
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// SHOW ERROR IF ALL ELSE FAILS /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
}else{
echo "There was an error";
echo "<br/><a href="admin.php">Go back.</a>";
}
print('<p style="font-size: 9px; text-align: center;">Created by <a href="http://d-webz.org">DylanM</a>.</p></div>');
}
?>
</body>
</html>
Okay now you have the admin file but you need to edit the username and password. You should see it at the top of the code. That username and password will be the login information to login to administer the news. So change that and now you may have noticed we have another link to a stylesheet you dont have...YET. Name this file adminstyle.css:
Code
body {
margin: 0px auto 0px auto;
background-color: #a0c8ed;
color: #0d0d0d;
font-family: Verdana, Geneva, Arial, sans-serif;
font-size: 10px;
}
a{
color: #821b1b;
text-decoration: none;
}
a:hover{
color: #821b1b;
text-decoration: underline;
}
a:visited{
color: #821b1b;
text-decoration: none;
}
h1 {
text-align:center;
color: #821b1b;
}
#login {
border: 1px solid black;
background-color: #fbfbfb;
width:300px;
padding: 5px;
margin-top: 50px;
margin-left: auto;
margin-right:auto;
}
.login label {
display: block;
width: 70px;
float: left;
text-align: right;
font-size: 10px;
padding-right: 10px;
}
.login input {
width: 200px;
margin-bottom: 10px;
padding: 2px;
border: 1px solid black;
background-repeat:no-repeat;
}
.login #submit {
height: 30px;
width: 204px;
}
#container {
border: 1px solid black;
background-color: #ffffff;
width: 760px;
padding: 5px;
margin-top:50px;
margin-left: auto;
margin-right: auto;
}
.input label {
display: block;
width: 70px;
float: left;
text-align: right;
font-size: 10px;
padding-right: 10px;
}
.input input,textarea {
width: 650px;
margin-bottom: 10px;
padding: 2px;
border: 1px solid black;
background-repeat:no-repeat;
}
.input textarea {
height: 300px;
}
.input #submit {
height: 30px;
width: 654px;
}
table{
border-width: 1px;
border-spacing: 1px;
border-style: outset;
border-color: black;
border-collapse: collapse;
}
table th{
border-width: 1px;
background-color: #f0f0f0;
padding: 3px;
border-style: solid;
border-color: black;
font-weight:bold;
}
table td{
border-width: 1px;
padding: 3px;
border-style: solid;
border-color: black;
}
table tr:hover {
background-color: #f0f0f0;
}
.table input {
padding: 2px;
border: 1px solid black;
background-repeat:no-repeat;
}
.table select {
padding: 2px;
border: 1px solid black;
background-repeat:no-repeat;
}
Thanks and I hope you liked this tutorial. It freakin took me FOREVER to right lol. Sorry if there is any typos, I haven't checked to see because I'm tired.