<?php
function formatDate($val)
{
    $arr = explode('-', $val);
    return date('d M Y', mktime(0,0,0, $arr[1], $arr[2], $arr[0]));
}
?>

 
<html>
<body>
<table width="100%" cellspacing="0" cellpadding="5">
<tr>
    <td bgcolor="Orange"><font size="5" color="Black">
    <b>James Bennet's CMS</b></font>
    </td>
</tr>
</table>
<?php
include('../lib/conf.php');
include('../lib/functions.php');
if (!$_POST['submit'])
{
     if ((!isset($_GET['id']) || trim($_GET['id']) == '')) 
     { 
         die('Missing record ID!'); 
     }
    $connection = mysql_connect($host, $user, $pass) or die ('Unable to connect to mysql database!');
    mysql_select_db($db) or die ('Unable to select mysql database!');
    $id = $_GET['id'];
    $query = "SELECT title, content, contact FROM news WHERE id = '$id'";
    $result = mysql_query($query) or die ("Error in mysql query: $query. " . mysql_error());
 
    if (mysql_num_rows($result) > 0)
    {
        $row = mysql_fetch_object($result);
?>
<table cellspacing="5" cellpadding="5">
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST">
<input type="hidden" name="id"  value="<?php echo $id; ?>">
<tr>
    <td valign="top"><b><font size="2">Title</font></b></td>
    <td>
      <input size="50" maxlength="250" type="text" name="title" 
value="<?php echo $row->title; ?>">
    </td>
</tr>
<tr>
    <td valign="top"><b><font size="2">Content</font></b></td>
    <td>
      <textarea name="content" cols="40" rows="10">
      <?php echo $row->content; ?>
      </textarea>
    </td>
</tr>
<tr>
    <td valign="top"><b><font size="2">Contact Address:</font></b></td>
    <td>
      <input size="50" maxlength="250" type="text" name="contact"
      value="<?php echo $row->contact; ?>">
    </td>
</tr>
<tr>
    <td>
        <input type="Submit" name="submit" value="Edit">
</td>
</tr>
</form>
</table>
<?php
    }
    else
    {
        echo '<font size=-1>That content could not be located in our database.</font>';
    }
}
else
{
    $errorList = array();
 
    $title = $_POST['title'];
    $content = $_POST['content'];
    $contact = $_POST['contact'];
    $id = $_POST['id'];
 
    if ((!isset($_POST['id']) || trim($_POST['id']) == '')) 
    { 
      die ('Missing record ID!'); 
    }
    if (trim($_POST['title']) == '') 
    { 
      $errorList[] = 'Invalid entry: Title'; 
    }
 
    if (trim($_POST['content']) == '') 
    { 
      $errorList[] = "Invalid entry: Content"; 
    }
 
    if (trim($_POST['contact']) == '') 
    { 
      $contact = $def_contact; 
    }
 
    if (sizeof($errorList) == 0)
    {
        $connection = mysql_connect($host, $user, $pass) or die ('Unable to connect to mysql database!');
        mysql_select_db($db) or die ('Unable to select mysql database!');
        $query = "UPDATE news SET title = '$title', content = '$content', contact = '$contact', timestamp = NOW() WHERE id = '$id'";
        $result = mysql_query($query) or die ("Error in query: $query. " . mysql_error());
        echo '<font size=-1>Update successful!';
        echo '<a href=index.php>Go back to the main menu</a>.</font>';
        mysql_close($connection);
    }
    else
    {
        echo '<font size=-1>The following errors were encountered:'; 
        echo '<br>';
        echo '<ul>';
        for ($x=0; $x<sizeof($errorList); $x++)
        {
            echo "<li>$errorList[$x]";
        }
        echo '</ul></font>';
    }
}
?>
</body>
</html>