Specifications
$conn = db_connect();
$sql = “select * from stories order by modified desc”;
$result = mysql_query($sql, $conn);
echo “<H2>Editor admin</H2>”;
echo “<TABLE>”;
echo “<TR><TH>Headline</TH><TH>Last modified</TH></TR>”;
while ($story = mysql_fetch_array($result)) {
echo “<TR><TD>”;
echo $story[headline];
echo “</TD><TD>”;
echo date(“M d, H:i”, $story[modified]);
echo “</TD><TD>”;
if ($story[published]) {
echo “[<A HREF=\”unpublish_story.php?story=$story[id]\”>unpublish</A>] “;
}
else {
echo “[<A HREF=\”publish_story.php?story=$story[id]\”>publish</A>] “;
echo “[<A HREF=\”delete_story.php?story=$story[id]\”>delete</A>] “;
}
echo “[<A HREF=\”story.php?story=$story[id]\”>edit</A>] “;
echo “</TD></TR>”;
}
echo “</TABLE>”;
?>
This script should be made available only to the people who are authorized to publish stories
to the live site. In our sample application, this would be the site editor, but there is no access
control on this script for simplicity. It should, however, be protected in a live situation.
This is very similar to stories.php except that the editor is given a screen showing the stories
for every writer, not just her own. The if statement ensures that appropriate options are pre-
sented for each story. Published stories can be unpublished, and unpublished stories can be
published or deleted.
These three links submit to unpublish_story.php, publish_story.php, and
delete_story.php, respectively.
The script publish_story.php uses the following SQL query:
update stories set published = $now
where id = $story
Building a Content Management System
C
HAPTER 26
26
CONTENT
MANAGEMENT
SYSTEMS
615
LISTING 26.10 Continued
32 7842 ch26 3/6/01 3:36 PM Page 615