Beispiel #1
0
function content()
{
    $MAIN = loadadmintmplate("main");
    $CONTENT = "\r\n   <p>\r\n      For now there isn't much here in the way of content.  please keep in mind\r\n      that this project is still in its very early stages.\r\n   </p>\r\n   <p>\r\n      <a href='http://fishcms.com'>FishCMS</a> is intended to be a simple, clean,\r\n      and easy to use Content Management System targeted at Christian websites\r\n      such as <a href='http://believewith.us'>BelieveWith.US</a>.  FishCMS\r\n      started out as an extension of the prayerlist program used at BelieveWith.US\r\n   </p>\r\n   <p>\r\n      From this Admin Control Panel you will be able to edit, configure, and\r\n      control your FishCMS site.\r\n   </p>\r\n";
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $TEMPLATES = loadadmintmplate("templates");
    if (isset($HTTP_GET_VARS['set'])) {
        //if we are supposed to set the template
        //set the template here
        $sql = "UPDATE `" . $list_prefix . "config` SET `value` = '" . $HTTP_POST_VARS['template'] . "' WHERE `key` = 'template';";
        $result = db_query($sql);
        if ($result) {
            $CONTENT = "The theme was successfully changed to " . $HTTP_POST_VARS['template'] . "<BR>\r\n";
        } else {
            $CONTENT = "ERROR: I was unable to change the theme!<BR>\r\n";
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } else {
        //else we will draw the form for the user to change the template.
        //first lets read the template from the configuration
        $sql = "SELECT * FROM " . $list_prefix . "config WHERE `Key` = 'template';";
        $result = db_query($sql);
        if (!$result) {
            $template = "default";
        } else {
            $rows = db_num_rows($result);
            if ($rows == 0) {
                $template = "default";
            } else {
                $row = db_fetch_array($result);
                $template = $row['value'];
            }
        }
        $WORK = insert_into_template($TEMPLATES, "{TEMPLATE}", $template);
        $WORK = insert_into_template($WORK, "{THEMELIST}", themelist($template));
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    }
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $CATEGORIES = loadadmintmplate("categories");
    //we can choose to edit, add, or delete a category.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        if (isset($HTTP_POST_VARS['delete_yes'])) {
            if ($HTTP_POST_VARS['category'] > 0) {
                $sql = "DELETE FROM `" . $list_prefix . "category` WHERE `id` = " . $HTTP_POST_VARS['category'] . ";";
                $result = db_query($sql);
                if ($result) {
                    $CONTENT = "The selected category has been deleted.<BR><BR>";
                } else {
                    $CONTENT = "The selected category could not be deleted.<BR><BR>";
                }
            } else {
                $CONTENT = "You can not delete the SYSTEM category.<BR><BR>";
            }
        } else {
            $CONTENT = "You must click the checkbox to delete a category.<BR><BR>";
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "add")) {
        //we will do a search of the categories in the db in reverse sort on order.
        $sql = "SELECT * FROM `" . $list_prefix . "category` ORDER BY `order` DESC limit 1;";
        $result = db_query($sql);
        $rows = db_num_rows($result);
        //we will add +1 to that for the new entry's order.
        if ($rows == 0) {
            $order = 1;
        } else {
            //we will add +1 to that for the new entry's order.
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        }
        //then we will insert the new category and its order value into the db.
        //we will then report success or failure and draw the page.
        if (isset($HTTP_POST_VARS['catname'])) {
            $sql = "INSERT INTO " . $list_prefix . "category VALUES ('', '" . $HTTP_POST_VARS['catname'] . "', '" . $order . "');";
            $result = db_query($sql);
            if ($result) {
                $CONTENT = "The category " . $HTTP_POST_VARS['catname'] . " has been added to the database<BR><BR>\r\n";
            } else {
                $CONTENT = "Sorry there was an ERROR while adding the category to the database.<BR><BR>\r\n";
            }
        } else {
            $CONTENT = "Sorry but the category must have a name!<BR><BR>\r\n";
        }
        //lets output the results.
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        //first we must make sure that our category is valid and not category 0
        if ($HTTP_POST_VARS['category'] > 0) {
            $sql = "SELECT * FROM `" . $list_prefix . "category` WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                //lets figure out if we need to change the name or leave it the same.
                if (isset($HTTP_POST_VARS['catname']) && $HTTP_POST_VARS['catname'] != "") {
                    $name = $HTTP_POST_VARS['catname'];
                } else {
                    $name = $row['name'];
                }
                //lets figure out if there's a change to the order.
                if (isset($HTTP_POST_VARS['position'])) {
                    if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
                        $result = db_query($sql);
                        if ($result) {
                            $rows = db_num_rows($result);
                        } else {
                            $rows = 0;
                        }
                        if ($rows > 0) {
                            $row2 = db_fetch_array($result);
                            $sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                            $result = db_query($sql);
                            $order = $row2['order'];
                        } else {
                            $order = $row['order'];
                        }
                    } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
                        $result = db_query($sql);
                        if ($result) {
                            $rows = db_num_rows($result);
                        } else {
                            $rows = 0;
                        }
                        if ($rows > 0) {
                            $row2 = db_fetch_array($result);
                            $sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                            $result = db_query($sql);
                            $order = $row2['order'];
                        } else {
                            $order = $row['order'];
                        }
                    } else {
                        //the order will stay the same by default.
                        $order = $row['order'];
                    }
                }
                $sql = "UPDATE `" . $list_prefix . "category` SET ";
                $sql .= "`name` = '" . $name . "', `order` = '" . $order . "' ";
                $sql .= "WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
                $result = db_query($sql);
                if ($result) {
                    $CONTENT = "The changes made have been saved.<BR><BR>\r\n";
                } else {
                    $CONTENT = "ERROR: Unable to make the changes requested.<BR><BR>\r\n";
                }
            } else {
                $CONTENT = "ERROR: Unable to alter a category that does not exist.<BR><BR>\r\n";
            }
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } else {
        //here we will read the categories from the db and let the user choose to delete or edit them.
        //we will include a form to optionally add a category.
        //category 0 is always present and can not be deleted.
        //to delete a category the user must choose it from a list, enter the name in a box and click "Delete"
        $CONTENT = "<select name='category'>";
        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `id` > 0 ORDER BY `order`;";
        $result = db_query($sql);
        $rows = db_num_rows($result);
        if ($rows == 0) {
            $CONTENT .= "<option value='-'>No categories found</option>";
        } else {
            $i = 0;
            while ($i < $rows) {
                $row = db_fetch_array($result);
                $CONTENT .= "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
                $i++;
            }
        }
        $CONTENT .= "</select>";
        //lets output the results.
        $WORK = insert_into_template($CATEGORIES, "{CATLIST}", $CONTENT);
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    }
}
Beispiel #4
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $LINKS = loadadmintmplate("links");
    $WORK = $LINKS;
    if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
        //if we are to edit a link
        //lets get the links from the db
        $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows == 0) {
            //lets make sure that the news exists
            $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
        } else {
            //if it does we will read it from the db and add it to our output.
            $row = db_fetch_array($result);
            $WORK = insert_into_template($WORK, "{LINKID}", $row['id']);
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
            $WORK = insert_into_template($WORK, "{LINKTITLE}", $row['title']);
            $WORK = insert_into_template($WORK, "{LINKURL}", $row['url']);
        }
    } else {
        //if we are not editing an news lets prepare the form for a new news.
        $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
        $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
    }
    //lets delete a link if its selected
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
        $sql = "DELETE FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
        $result = db_query($sql);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        $WORK = "You must check the confirmation box to delete a link.<br>\r\n" . $WORK;
    }
    //lets edit/add a link if thats our job.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        if (isset($HTTP_POST_VARS['newlink'])) {
            //we are adding a new link
            $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC limit 1;";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $order = $row['order'] + 1;
            } else {
                $order = 1;
            }
            if (isset($HTTP_POST_VARS['linktitle']) && isset($HTTP_POST_VARS['linkurl'])) {
                $sql = "INSERT INTO " . $list_prefix . "links VALUES ('', '" . $HTTP_POST_VARS['category'] . "', '" . $HTTP_POST_VARS['linktitle'] . "', '" . $HTTP_POST_VARS['linkurl'] . "', '" . $order . "');";
                $result = db_query($sql);
            }
        } else {
            //we are editing an existing link
            if (isset($HTTP_POST_VARS['linkid'])) {
                //we must know the links linkid to work on it.
                //lets get our existing db entry
                $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "' ORDER BY `order` DESC limit 1;";
                $result = db_query($sql);
                $row = db_fetch_array($result);
                //lets figure out our order
                $order = 1;
                if (0 == strcmp($HTTP_POST_VARS['position'], "same")) {
                    //no change to the order.
                    $order = $row['order'];
                } elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                    //it needs to move up
                    $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row2 = db_fetch_array($result);
                        $sql = "UPDATE `" . $list_prefix . "links` SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                        $result = db_query($sql);
                        $order = $row2['order'];
                    }
                } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                    // it needs to move down
                    $sql = "SELECT * FROM " . $list_prefix . "links WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row2 = db_fetch_array($result);
                        $sql = "UPDATE " . $list_prefix . "links SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                        $result = db_query($sql);
                        $order = $row2['order'];
                    }
                }
                //now we have the correct order, category, name, and url lets update the db
                if ($row['category'] != $HTTP_POST_VARS['category']) {
                    //if we are moving to a NEW category lets make this the last link present.
                    $sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row = db_fetch_array($result);
                        $order = $row['order'] + 1;
                    } else {
                        $order = 1;
                    }
                }
                //now lets save our changes
                $sql = "UPDATE " . $list_prefix . "links SET `category` = '" . $HTTP_POST_VARS['category'] . "', `title` = '" . $HTTP_POST_VARS['linktitle'] . "', `url` = '" . $HTTP_POST_VARS['linkurl'] . "', `order` = '" . $order . "' WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "';";
                $result = db_query($sql);
            } else {
                $WORK = "ERROR: you must check 'Save as a new link' to make a new link.<BR>\r\n" . $WORK;
            }
        }
        catorder();
    }
    //lets output our news cp.
    $WORK = insert_into_template($WORK, "{LINKSLIST}", linkslist());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $GENERAL = loadadmintmplate("general");
    $CONTENT = "";
    //we will process changes here.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
        //changes to the site info
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
        $result = db_query($sql);
        $RESULT = "Changes to site configuration saved.<BR>\r\n";
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
        //changes to the index page
        if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
            $sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
            $result = db_query($sql);
            $RESULT = "The index page will now use the modules for content.";
        } elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
            //if we have checked the redirect
            if (isset($HTTP_POST_VARS['redirect'])) {
                //and if we know where to redirect the user to...
                $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
                $result = db_query($sql);
                $RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
            } else {
                $RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
            }
        }
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
        //changes to the active modules
        if (isset($HTTP_POST_VARS['disable'])) {
            //if we are to make the module inactive lets do it.
            $sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
            $result = db_query($sql);
            $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
        } elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
            $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows > 0) {
                    $row2 = db_fetch_array($result);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
                    $result = db_query($sql);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
                    $result = db_query($sql);
                    $RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
                } else {
                    $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
                }
            } else {
                $RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
            }
        } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
            $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows > 0) {
                    $row2 = db_fetch_array($result);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
                    $result = db_query($sql);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
                    $result = db_query($sql);
                    $RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
                } else {
                    $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
                }
            } else {
                $RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
            }
        }
        fixorder(1);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
        //changes to the inactive modules
        $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows > 0) {
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        } else {
            $order = 1;
        }
        $sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
        $result = db_query($sql);
        $RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
    }
    //output will be added to $CONTENT.
    $CONTENT .= $RESULT . $GENERAL;
    //We don't have to read the site info from the db and place it into the
    //template because the filltemplate function will do it for us automagically.
    //we will read and output the index page settings here.
    $sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
    $result = db_query($sql);
    if ($result) {
        //if its in the db we will go with the db's configured value
        $rows = db_num_rows($result);
        $row = db_fetch_array($result);
        $action = $row['value'];
    } else {
        $action = "modules";
    }
    if (strcmp($action, "modules") != 0) {
        $CHECKED = "{REDIRCHECKED}";
    } else {
        $CHECKED = "{MODCHECKED}";
        $action = "";
    }
    $CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
    //This is backards to how we normally do things but it works!
    $CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
    //we will read and output the active index modules here
    $CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
    //we will read and output the inactive index modules here
    $CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
    //now we will output our work.
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $ARTICLES = loadadmintmplate("articles");
    $WORK = $ARTICLES;
    if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
        //if we are to edit an article
        //lets get the article from the db
        $sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows == 0) {
            //lets make sure that the article exists
            $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
        } else {
            //if it does we will read it from the db and add it to our output.
            $row = db_fetch_array($result);
            $WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
            $WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
            $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
            $WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
            $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
        }
    } else {
        //if we are not editing an article lets prepare the form for a new article.
        $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
        $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
    }
    //lets delete an article if its selected
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
        $sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        $WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
    }
    if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        $user = admincookie();
        $posted_by = $user['user_id'];
        if (isset($HTTP_POST_VARS['newarticle'])) {
            //its a new article being saved.
            $sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
            $result = db_query($sql);
        } elseif (isset($HTTP_POST_VARS['articleid'])) {
            //its an old article being saved
            $sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
            $result = db_query($sql);
        } else {
            $WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
        }
    }
    //lets output our article cp.
    $WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $BLOCKS = loadadmintmplate("blocks");
    //we will process changes here
    if (0 == strcmp($HTTP_GET_VARS['mode'], "ablocks")) {
        //process active blocks
        if (isset($HTTP_POST_VARS['disable'])) {
            //if we are to disable the block
            $sql = "DELETE FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
            $result = db_query($sql);
        } else {
            //otherwise we will process all the fields.
            //lets read the db info for the block, we will set the default order also
            $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows != 0) {
                $row = db_fetch_array($result);
                $order = $row['order'];
                $id = $row['id'];
            } else {
                $order = 1;
            }
            //we will default to order of 1.
            //lets determine if there are any moves
            if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                //if it moves up
                //now we will find the new value for $order to move to
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` < '" . $order . "' ORDER by `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows != 0) {
                    //if we have no rows we don't move it up, but if there are rows we want to trade places with the one above.
                    $row2 = db_fetch_array($result);
                    //now we will set $row2 to $row's order
                    $sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
                    $result = db_query($sql);
                    if ($result) {
                        //if we succeeded we will now change $order to $row2's previous order
                        $order = $row2['order'];
                    }
                }
            } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                //if it doesn't move.
                //now we will find the new value for $order to move to
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` > '" . $order . "' ORDER by `order`;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows != 0) {
                    //if we have no rows we don't move it down, but if there are rows we want to trade places with the one below.
                    $row2 = db_fetch_array($result);
                    //now we will set $row2 to $row's order
                    $sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
                    $result = db_query($sql);
                    if ($result) {
                        //if we succeeded we will now change $order to $row2's previous order
                        $order = $row2['order'];
                    }
                }
            }
            //now lets see if we are moving the block to a new blockset
            if (0 != strcmp($HTTP_POST_VARS['block_area'], "-")) {
                //we are moving the blockset
                $blockset = $HTTP_POST_VARS['block_area'];
                //if we are moving to a new block set we need to make 100% sure that we don't break the order so we will put this on the end of that blockset.
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if (0 != $rows) {
                    $row = db_fetch_array($result);
                    $order = $row['order'] + 1;
                } else {
                    //there are no blocks in this blockset so we will be the first.
                    $order = 1;
                }
            } else {
                //we are not moving the blockset
                $blockset = $row['blockset'];
            }
            //here is where we will update the db with the new values for block.
            $sql = "UPDATE " . $list_prefix . "blocks SET `blockset` = '" . $blockset . "', `order` = '" . $order . "' WHERE `id` = '" . $id . "';";
            $result = db_query($sql);
        }
        //here we will run fix order to correct any issues in the order of the modules.
        fixorder(1, 1);
        fixorder(1, 2);
        fixorder(1, 3);
        fixorder(1, 4);
    }
    if (0 == strcmp($HTTP_GET_VARS['mode'], "iblocks")) {
        //process inactive blocks
        //lets figure out what our order and blockset are.
        $blockset = $HTTP_POST_VARS['block_area'];
        $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if (0 != $rows) {
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        } else {
            //there are no blocks in this blockset so we will be the first.
            $order = 1;
        }
        //now lets prepare our sql query
        $sql = "INSERT INTO " . $list_prefix . "blocks VALUES ('', '" . $HTTP_POST_VARS['inactive_blocks'] . "', '" . $blockset . "', '" . $order . "');";
        $result = db_query($sql);
    }
    //now we will handle our output.
    $WORK = insert_into_template($BLOCKS, "{INACTIVE_BLOCK_LIST}", list_inactive_blocks());
    $WORK = insert_into_template($WORK, "{ACTIVE_BLOCK_LIST}", list_active_blocks());
    $WORK = insert_into_template($WORK, "{MOVE_AREA_LIST}", move_area_list());
    $WORK = insert_into_template($WORK, "{AREA_LIST}", area_list());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    printf("%s", striptemplate($WORK));
}
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $CALENDAR = loadadmintmplate("calendar");
    $CONTENT = "";
    //first lets see if we are deleting an event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        //we are deleting this event.
        if (isset($HTTP_POST_VARS['delete_yes'])) {
            $sql = "DELETE FROM `" . $list_prefix . "calendar` WHERE `id` = '" . $HTTP_POST_VARS['deletelist'] . "';";
            $result = db_query($sql);
        } else {
            $CONTENT .= "You must check the checkbox to confirm deleting this event.<BR>\r\n";
        }
    }
    //lets see if we are adding a weekly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "dow")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '" . $HTTP_POST_VARS['dow'] . "', '', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a monthly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "dom")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '" . $HTTP_POST_VARS['dom'] . "', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a yearly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "moy")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '" . $HTTP_POST_VARS['moy'] . $HTTP_POST_VARS['domoy'] . "', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a scheduled event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "norm")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '', '" . $HTTP_POST_VARS['yearlist'] . $HTTP_POST_VARS['month'] . $HTTP_POST_VARS['day'] . "', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets draw our interface now.
    $CONTENT .= insert_into_template($CALENDAR, "{DELETE_LIST}", listevents());
    $CONTENT = insert_into_template($CONTENT, "{YEARMENU}", yearmenu());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}