# Copyright 2005-2011 by webspell.org #
# #
# visit webSPELL.org, webspell.info to get webSPELL for free #
# - Script runs under the GNU GENERAL PUBLIC LICENSE #
# - It's NOT allowed to remove this copyright-tag #
# -- http://www.fsf.org/licensing/licenses/gpl.html #
# #
# Code based on WebSPELL Clanpackage (Michael Gruber - webspell.at), #
# Far Development by Development Team - webspell.org #
# #
# visit webspell.org #
# #
##########################################################################
*/
$_language->read_module('rubrics');
if (!isnewsadmin($userID) or mb_substr(basename($_SERVER['REQUEST_URI']), 0, 15) != "admincenter.php") {
die($_language->module['access_denied']);
}
if (isset($_POST['save'])) {
$CAPCLASS = new Captcha();
if ($CAPCLASS->check_captcha(0, $_POST['captcha_hash'])) {
$pic = $_FILES['pic'];
if (checkforempty(array('name'))) {
safe_query("INSERT INTO " . PREFIX . "news_rubrics ( rubric ) values( '" . $_POST['name'] . "' ) ");
$id = mysql_insert_id();
$filepath = "../images/news-rubrics/";
if ($pic['name'] != "") {
move_uploaded_file($pic['tmp_name'], $filepath . $pic['name'] . ".tmp");
@chmod($filepath . $pic['name'] . ".tmp", 0755);
$getimg = getimagesize($filepath . $pic['name'] . ".tmp");
$rubricpic = '';
if ($ds['link4'] && $ds['url4'] != "http://" && !$ds['window4']) {
$related .= '• <a href="' . $ds['url4'] . '">' . $ds['link4'] . '</a> ';
}
if (empty($related)) {
$related = "n/a";
}
if (isnewsadmin($userID) or isnewswriter($userID) and $ds['poster'] == $userID) {
$adminaction = '<input type="button" onclick="MM_openBrWindow(\'news.php?action=edit&newsID=' . $ds['newsID'] . '\',\'News\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=600\')" value="' . $_language->module['edit'] . '" />
<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'news.php?action=delete&id=' . $ds['newsID'] . '\')" value="' . $_language->module['delete'] . '" />';
} else {
$adminaction = '';
}
$bg1 = BG_1;
eval("\$news = \"" . gettemplate("news") . "\";");
echo $news;
if (isnewsadmin($userID)) {
if (!$ds['published']) {
echo '<form method="post" action="news.php?quickactiontype=publish"><input type="hidden" name="newsID[]" value="' . $ds['newsID'] . '" /><input type="submit" name="submit" value="' . $_language->module['publish_now'] . '" /></form>';
} else {
echo '<form method="post" action="news.php?quickactiontype=unpublish"><input type="hidden" name="newsID[]" value="' . $ds['newsID'] . '" /><input type="submit" name="submit" value="' . $_language->module['unpublish'] . '" /></form>';
}
}
$comments_allowed = $ds['comments'];
$parentID = $newsID;
$type = "ne";
$referer = "index.php?site=news_comments&newsID={$newsID}";
include "comments.php";
} else {
echo $_language->module['no_access'];
}
}
</tr>
<tr>
<td><b>' . $_language->module['squad'] . '</b></td>
<td><b>' . getsquadname($ds['squadID']) . '</b></td>
</tr>
<tr>
<td><b>' . $_language->module['position'] . '</b></td>
<td><input type="text" name="position[' . $ds['sqmID'] . ']" value="' . getinput($ds['position']) . '" size="60" />' . $activity . '</td>
</tr>
<tr>
<td><b>' . $_language->module['access_rights'] . '</b></td>
<td>' . $_language->module['joinus_admin'] . ': ' . $join . ' ' . $_language->module['fightus_admin'] . ': ' . $fight . '</td>
</tr>';
}
}
if (isnewsadmin($id)) {
$news = '<input type="checkbox" name="newsadmin" value="1" onmouseover="showWMTT(\'id1\')" onmouseout="hideWMTT()" checked="checked" />';
} else {
$news = '<input type="checkbox" name="newsadmin" value="1" onmouseover="showWMTT(\'id1\')" onmouseout="hideWMTT()" />';
}
if (isnewswriter($id)) {
$newswriter = '<input type="checkbox" name="newswriter" value="1" onmouseover="showWMTT(\'id2\')" onmouseout="hideWMTT()" checked="checked" />';
} else {
$newswriter = '<input type="checkbox" name="newswriter" onmouseover="showWMTT(\'id2\')" onmouseout="hideWMTT()" value="1" />';
}
if (ispollsadmin($id)) {
$polls = '<input type="checkbox" name="pollsadmin" value="1" onmouseover="showWMTT(\'id3\')" onmouseout="hideWMTT()" checked="checked" />';
} else {
$polls = '<input type="checkbox" name="pollsadmin" value="1" onmouseover="showWMTT(\'id3\')" onmouseout="hideWMTT()" />';
}
if (isfeedbackadmin($id)) {
echo $awards_head;
$n = 1;
while ($ds = mysql_fetch_array($ergebnis)) {
if ($n % 2) {
$bg1 = BG_1;
$bg2 = BG_2;
} else {
$bg1 = BG_3;
$bg2 = BG_4;
}
$date = date("d.m.Y", $ds['date']);
$squad = '<a href="index.php?site=members&action=showsquad&squadID=' . $ds['squadID'] . '&page=' . $page . '&sort=' . $sort . '&type=' . $type . '">' . getsquadname($ds['squadID']) . '</a>';
$award = cleartext($ds['award']);
$homepage = $ds['homepage'];
$rang = $ds['rang'];
if (isclanwaradmin($userID) || isnewsadmin($userID)) {
$adminaction = '<input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=awards&action=edit&awardID=' . $ds['awardID'] . '\');return document.MM_returnValue" value="' . $_language->module['edit'] . '" />
<input type="button" onclick="MM_confirm(\'really delete this award?\',\'index.php?site=awards&delete=true&awardID=' . $ds['awardID'] . '\')" value="' . $_language->module['delete'] . '" />';
} else {
$adminaction = '';
}
eval("\$awards_content = \"" . gettemplate("awards_content") . "\";");
echo $awards_content;
$n++;
}
eval("\$awards_foot = \"" . gettemplate("awards_foot") . "\";");
echo $awards_foot;
} else {
echo $_language->module['no_entries'];
}
}
case 0:
$comments = str_replace($replace, $vars, $_language->module['no_comment']);
break;
case 1:
$comments = str_replace($replace, $vars, $_language->module['comment']);
break;
default:
$comments = str_replace($replace, $vars, $_language->module['comments']);
break;
}
}
} else {
$comments = '';
}
$adminaction = '';
if (isnewsadmin($userID)) {
$adminaction .= '<input type="button" onclick="MM_goToURL(\'parent\',\'news.php?quickactiontype=unpublish&newsID=' . $ds['newsID'] . '\');return document.MM_returnValue;" value="' . $_language->module['unpublish'] . '" /> ';
}
if (isnewswriter($userID) and $ds['poster'] == $userID or isnewsadmin($userID)) {
$adminaction .= '<input type="button" onclick="MM_openBrWindow(\'news.php?action=edit&newsID=' . $ds['newsID'] . '\',\'News\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=600\');" value="' . $_language->module['edit'] . '" />
<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'news.php?action=delete&id=' . $ds['newsID'] . '\')" value="' . $_language->module['delete'] . '" />';
}
eval("\$news = \"" . gettemplate("news") . "\";");
echo $news;
$i++;
unset($related);
unset($comments);
unset($lang);
unset($ds);
}
}
}
} else {
$comments = '';
}
$viewed = $ds['viewed'];
if ($ds['rating']) {
$ratingpic = '<img src="images/ratingpics/rating' . $ds['rating'] . '.png" width="80" height="16" alt="" />';
} else {
$ratingpic = '<img src="images/ratingpics/rating0.png" width="80" height="16" alt="" />';
}
$tags = \webspell\Tags::getTagsLinked('news', $ds['newsID']);
$adminaction = '';
if (isnewsadmin($userID)) {
$adminaction .= '<a href="news.php?quickactiontype=unpublish&newsID=' . $ds['newsID'] . '" class="btn btn-danger">' . $_language->module['unpublish'] . '</a> ';
}
if (isnewswriter($userID) && $ds['poster'] == $userID || isnewsadmin($userID)) {
$adminaction .= '<input type="button" onclick="window.open(\'news.php?action=edit&newsID=' . $ds['newsID'] . '\',\'News\',\'toolbar=no,status=no,scrollbars=yes,width=800,height=600\');" value="' . $_language->module['edit'] . '" class="btn btn-danger">
<input type="button" onclick="MM_confirm(\'' . $_language->module['really_delete'] . '\', \'news.php?action=delete&id=' . $ds['newsID'] . '\')" value="' . $_language->module['delete'] . '" class="btn btn-danger">';
}
$data_array = array();
$data_array['$newsID'] = $newsID;
$data_array['$headline'] = $headline;
$data_array['$rubrikname'] = $rubrikname;
$data_array['$rubricpic'] = $rubricpic;
$data_array['$ratingpic'] = $ratingpic;
$data_array['$related'] = $related;
$data_array['$viewed'] = $viewed;
$data_array['$tags'] = $tags;
$data_array['$isintern'] = $isintern;
$data_array['$content'] = $content;
$data_array['$adminaction'] = $adminaction;
} else {
$adminaction = '';
}
eval("\$links_details = \"" . gettemplate("links_details") . "\";");
echo $links_details;
unset($banner);
}
eval("\$links_foot = \"" . gettemplate("links_foot") . "\";");
echo $links_foot;
} else {
echo $_language->module['no_links'] . '<br /><br />
[ <a href="index.php?site=links">' . $_language->module['go_back'] . '</a> ]';
}
} else {
$_language->read_module('links');
if (ispageadmin($userID) || isnewsadmin($userID)) {
echo '<input type="button" onclick="MM_goToURL(\'parent\',\'index.php?site=links&action=new\');return document.MM_returnValue" value="' . $_language->module['new_link'] . '" /><br /><br />';
}
$cats = safe_query("SELECT * FROM " . PREFIX . "links_categorys ORDER BY name");
if (mysql_num_rows($cats)) {
$anzcats = mysql_num_rows(safe_query("SELECT linkcatID FROM " . PREFIX . "links_categorys"));
$bg1 = BG_1;
eval("\$links_category = \"" . gettemplate("links_category") . "\";");
echo $links_category;
$i = 1;
while ($ds = mysql_fetch_array($cats)) {
$anzlinks = mysql_num_rows(safe_query("SELECT linkID FROM " . PREFIX . "links WHERE linkcatID='" . $ds['linkcatID'] . "'"));
if ($i % 2) {
$bg1 = BG_1;
$bg2 = BG_2;
} else {
