function content()
{
$MAIN = loadadmintmplate("main");
$CONTENT = "\r\n <p>\r\n For now there isn't much here in the way of content. please keep in mind\r\n that this project is still in its very early stages.\r\n </p>\r\n <p>\r\n <a href='http://fishcms.com'>FishCMS</a> is intended to be a simple, clean,\r\n and easy to use Content Management System targeted at Christian websites\r\n such as <a href='http://believewith.us'>BelieveWith.US</a>. FishCMS\r\n started out as an extension of the prayerlist program used at BelieveWith.US\r\n </p>\r\n <p>\r\n From this Admin Control Panel you will be able to edit, configure, and\r\n control your FishCMS site.\r\n </p>\r\n";
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$TEMPLATES = loadadmintmplate("templates");
if (isset($HTTP_GET_VARS['set'])) {
//if we are supposed to set the template
//set the template here
$sql = "UPDATE `" . $list_prefix . "config` SET `value` = '" . $HTTP_POST_VARS['template'] . "' WHERE `key` = 'template';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The theme was successfully changed to " . $HTTP_POST_VARS['template'] . "<BR>\r\n";
} else {
$CONTENT = "ERROR: I was unable to change the theme!<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//else we will draw the form for the user to change the template.
//first lets read the template from the configuration
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `Key` = 'template';";
$result = db_query($sql);
if (!$result) {
$template = "default";
} else {
$rows = db_num_rows($result);
if ($rows == 0) {
$template = "default";
} else {
$row = db_fetch_array($result);
$template = $row['value'];
}
}
$WORK = insert_into_template($TEMPLATES, "{TEMPLATE}", $template);
$WORK = insert_into_template($WORK, "{THEMELIST}", themelist($template));
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CATEGORIES = loadadmintmplate("categories");
//we can choose to edit, add, or delete a category.
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
if (isset($HTTP_POST_VARS['delete_yes'])) {
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "DELETE FROM `" . $list_prefix . "category` WHERE `id` = " . $HTTP_POST_VARS['category'] . ";";
$result = db_query($sql);
if ($result) {
$CONTENT = "The selected category has been deleted.<BR><BR>";
} else {
$CONTENT = "The selected category could not be deleted.<BR><BR>";
}
} else {
$CONTENT = "You can not delete the SYSTEM category.<BR><BR>";
}
} else {
$CONTENT = "You must click the checkbox to delete a category.<BR><BR>";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "add")) {
//we will do a search of the categories in the db in reverse sort on order.
$sql = "SELECT * FROM `" . $list_prefix . "category` ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$rows = db_num_rows($result);
//we will add +1 to that for the new entry's order.
if ($rows == 0) {
$order = 1;
} else {
//we will add +1 to that for the new entry's order.
$row = db_fetch_array($result);
$order = $row['order'] + 1;
}
//then we will insert the new category and its order value into the db.
//we will then report success or failure and draw the page.
if (isset($HTTP_POST_VARS['catname'])) {
$sql = "INSERT INTO " . $list_prefix . "category VALUES ('', '" . $HTTP_POST_VARS['catname'] . "', '" . $order . "');";
$result = db_query($sql);
if ($result) {
$CONTENT = "The category " . $HTTP_POST_VARS['catname'] . " has been added to the database<BR><BR>\r\n";
} else {
$CONTENT = "Sorry there was an ERROR while adding the category to the database.<BR><BR>\r\n";
}
} else {
$CONTENT = "Sorry but the category must have a name!<BR><BR>\r\n";
}
//lets output the results.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
//first we must make sure that our category is valid and not category 0
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "SELECT * FROM `" . $list_prefix . "category` WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
//lets figure out if we need to change the name or leave it the same.
if (isset($HTTP_POST_VARS['catname']) && $HTTP_POST_VARS['catname'] != "") {
$name = $HTTP_POST_VARS['catname'];
} else {
$name = $row['name'];
}
//lets figure out if there's a change to the order.
if (isset($HTTP_POST_VARS['position'])) {
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} else {
//the order will stay the same by default.
$order = $row['order'];
}
}
$sql = "UPDATE `" . $list_prefix . "category` SET ";
$sql .= "`name` = '" . $name . "', `order` = '" . $order . "' ";
$sql .= "WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The changes made have been saved.<BR><BR>\r\n";
} else {
$CONTENT = "ERROR: Unable to make the changes requested.<BR><BR>\r\n";
}
} else {
$CONTENT = "ERROR: Unable to alter a category that does not exist.<BR><BR>\r\n";
}
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//here we will read the categories from the db and let the user choose to delete or edit them.
//we will include a form to optionally add a category.
//category 0 is always present and can not be deleted.
//to delete a category the user must choose it from a list, enter the name in a box and click "Delete"
$CONTENT = "<select name='category'>";
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `id` > 0 ORDER BY `order`;";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows == 0) {
$CONTENT .= "<option value='-'>No categories found</option>";
} else {
$i = 0;
while ($i < $rows) {
$row = db_fetch_array($result);
$CONTENT .= "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
$i++;
}
}
$CONTENT .= "</select>";
//lets output the results.
$WORK = insert_into_template($CATEGORIES, "{CATLIST}", $CONTENT);
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$LINKS = loadadmintmplate("links");
$WORK = $LINKS;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit a link
//lets get the links from the db
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the news exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{LINKID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{LINKTITLE}", $row['title']);
$WORK = insert_into_template($WORK, "{LINKURL}", $row['url']);
}
} else {
//if we are not editing an news lets prepare the form for a new news.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete a link if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete a link.<br>\r\n" . $WORK;
}
//lets edit/add a link if thats our job.
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
if (isset($HTTP_POST_VARS['newlink'])) {
//we are adding a new link
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
if (isset($HTTP_POST_VARS['linktitle']) && isset($HTTP_POST_VARS['linkurl'])) {
$sql = "INSERT INTO " . $list_prefix . "links VALUES ('', '" . $HTTP_POST_VARS['category'] . "', '" . $HTTP_POST_VARS['linktitle'] . "', '" . $HTTP_POST_VARS['linkurl'] . "', '" . $order . "');";
$result = db_query($sql);
}
} else {
//we are editing an existing link
if (isset($HTTP_POST_VARS['linkid'])) {
//we must know the links linkid to work on it.
//lets get our existing db entry
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$row = db_fetch_array($result);
//lets figure out our order
$order = 1;
if (0 == strcmp($HTTP_POST_VARS['position'], "same")) {
//no change to the order.
$order = $row['order'];
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//it needs to move up
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "links` SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
// it needs to move down
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "links SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
}
//now we have the correct order, category, name, and url lets update the db
if ($row['category'] != $HTTP_POST_VARS['category']) {
//if we are moving to a NEW category lets make this the last link present.
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
}
//now lets save our changes
$sql = "UPDATE " . $list_prefix . "links SET `category` = '" . $HTTP_POST_VARS['category'] . "', `title` = '" . $HTTP_POST_VARS['linktitle'] . "', `url` = '" . $HTTP_POST_VARS['linkurl'] . "', `order` = '" . $order . "' WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "';";
$result = db_query($sql);
} else {
$WORK = "ERROR: you must check 'Save as a new link' to make a new link.<BR>\r\n" . $WORK;
}
}
catorder();
}
//lets output our news cp.
$WORK = insert_into_template($WORK, "{LINKSLIST}", linkslist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$GENERAL = loadadmintmplate("general");
$CONTENT = "";
//we will process changes here.
if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
//changes to the site info
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
$result = db_query($sql);
$RESULT = "Changes to site configuration saved.<BR>\r\n";
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
//changes to the index page
if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
$sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now use the modules for content.";
} elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
//if we have checked the redirect
if (isset($HTTP_POST_VARS['redirect'])) {
//and if we know where to redirect the user to...
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
} else {
$RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
}
}
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
//changes to the active modules
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to make the module inactive lets do it.
$sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
}
fixorder(1);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
//changes to the inactive modules
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
$sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
}
//output will be added to $CONTENT.
$CONTENT .= $RESULT . $GENERAL;
//We don't have to read the site info from the db and place it into the
//template because the filltemplate function will do it for us automagically.
//we will read and output the index page settings here.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
$result = db_query($sql);
if ($result) {
//if its in the db we will go with the db's configured value
$rows = db_num_rows($result);
$row = db_fetch_array($result);
$action = $row['value'];
} else {
$action = "modules";
}
if (strcmp($action, "modules") != 0) {
$CHECKED = "{REDIRCHECKED}";
} else {
$CHECKED = "{MODCHECKED}";
$action = "";
}
$CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
//This is backards to how we normally do things but it works!
$CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
//we will read and output the active index modules here
$CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
//we will read and output the inactive index modules here
$CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
//now we will output our work.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$ARTICLES = loadadmintmplate("articles");
$WORK = $ARTICLES;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit an article
//lets get the article from the db
$sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the article exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
}
} else {
//if we are not editing an article lets prepare the form for a new article.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete an article if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
$user = admincookie();
$posted_by = $user['user_id'];
if (isset($HTTP_POST_VARS['newarticle'])) {
//its a new article being saved.
$sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
$result = db_query($sql);
} elseif (isset($HTTP_POST_VARS['articleid'])) {
//its an old article being saved
$sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
$result = db_query($sql);
} else {
$WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
}
}
//lets output our article cp.
$WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$BLOCKS = loadadmintmplate("blocks");
//we will process changes here
if (0 == strcmp($HTTP_GET_VARS['mode'], "ablocks")) {
//process active blocks
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to disable the block
$sql = "DELETE FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
} else {
//otherwise we will process all the fields.
//lets read the db info for the block, we will set the default order also
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
$row = db_fetch_array($result);
$order = $row['order'];
$id = $row['id'];
} else {
$order = 1;
}
//we will default to order of 1.
//lets determine if there are any moves
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//if it moves up
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` < '" . $order . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it up, but if there are rows we want to trade places with the one above.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
//if it doesn't move.
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` > '" . $order . "' ORDER by `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it down, but if there are rows we want to trade places with the one below.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
}
//now lets see if we are moving the block to a new blockset
if (0 != strcmp($HTTP_POST_VARS['block_area'], "-")) {
//we are moving the blockset
$blockset = $HTTP_POST_VARS['block_area'];
//if we are moving to a new block set we need to make 100% sure that we don't break the order so we will put this on the end of that blockset.
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
} else {
//we are not moving the blockset
$blockset = $row['blockset'];
}
//here is where we will update the db with the new values for block.
$sql = "UPDATE " . $list_prefix . "blocks SET `blockset` = '" . $blockset . "', `order` = '" . $order . "' WHERE `id` = '" . $id . "';";
$result = db_query($sql);
}
//here we will run fix order to correct any issues in the order of the modules.
fixorder(1, 1);
fixorder(1, 2);
fixorder(1, 3);
fixorder(1, 4);
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "iblocks")) {
//process inactive blocks
//lets figure out what our order and blockset are.
$blockset = $HTTP_POST_VARS['block_area'];
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
//now lets prepare our sql query
$sql = "INSERT INTO " . $list_prefix . "blocks VALUES ('', '" . $HTTP_POST_VARS['inactive_blocks'] . "', '" . $blockset . "', '" . $order . "');";
$result = db_query($sql);
}
//now we will handle our output.
$WORK = insert_into_template($BLOCKS, "{INACTIVE_BLOCK_LIST}", list_inactive_blocks());
$WORK = insert_into_template($WORK, "{ACTIVE_BLOCK_LIST}", list_active_blocks());
$WORK = insert_into_template($WORK, "{MOVE_AREA_LIST}", move_area_list());
$WORK = insert_into_template($WORK, "{AREA_LIST}", area_list());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CALENDAR = loadadmintmplate("calendar");
$CONTENT = "";
//first lets see if we are deleting an event
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
//we are deleting this event.
if (isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "calendar` WHERE `id` = '" . $HTTP_POST_VARS['deletelist'] . "';";
$result = db_query($sql);
} else {
$CONTENT .= "You must check the checkbox to confirm deleting this event.<BR>\r\n";
}
}
//lets see if we are adding a weekly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dow")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '" . $HTTP_POST_VARS['dow'] . "', '', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a monthly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dom")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '" . $HTTP_POST_VARS['dom'] . "', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a yearly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "moy")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '" . $HTTP_POST_VARS['moy'] . $HTTP_POST_VARS['domoy'] . "', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a scheduled event
if (0 == strcmp($HTTP_GET_VARS['mode'], "norm")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '', '" . $HTTP_POST_VARS['yearlist'] . $HTTP_POST_VARS['month'] . $HTTP_POST_VARS['day'] . "', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets draw our interface now.
$CONTENT .= insert_into_template($CALENDAR, "{DELETE_LIST}", listevents());
$CONTENT = insert_into_template($CONTENT, "{YEARMENU}", yearmenu());
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}