function catorder()
{
global $list_prefix;
fixorder(1, 0);
$sql = "SELECT * from `" . $list_prefix . "category` WHERE 1;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
$i = 0;
while ($i < $rows) {
$row = db_fetch_array($result);
fixorder(1, $row['id']);
$i++;
}
if ($rows == 0) {
$CATLELIST .= "<option value='0 '>SYSTEM</option>\r\n";
}
$CATLIST .= "</select>\r\n";
return $CATLIST;
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$GENERAL = loadadmintmplate("general");
$CONTENT = "";
//we will process changes here.
if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
//changes to the site info
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
$result = db_query($sql);
$RESULT = "Changes to site configuration saved.<BR>\r\n";
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
//changes to the index page
if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
$sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now use the modules for content.";
} elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
//if we have checked the redirect
if (isset($HTTP_POST_VARS['redirect'])) {
//and if we know where to redirect the user to...
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
} else {
$RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
}
}
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
//changes to the active modules
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to make the module inactive lets do it.
$sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
}
fixorder(1);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
//changes to the inactive modules
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
$sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
}
//output will be added to $CONTENT.
$CONTENT .= $RESULT . $GENERAL;
//We don't have to read the site info from the db and place it into the
//template because the filltemplate function will do it for us automagically.
//we will read and output the index page settings here.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
$result = db_query($sql);
if ($result) {
//if its in the db we will go with the db's configured value
$rows = db_num_rows($result);
$row = db_fetch_array($result);
$action = $row['value'];
} else {
$action = "modules";
}
if (strcmp($action, "modules") != 0) {
$CHECKED = "{REDIRCHECKED}";
} else {
$CHECKED = "{MODCHECKED}";
$action = "";
}
$CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
//This is backards to how we normally do things but it works!
$CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
//we will read and output the active index modules here
$CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
//we will read and output the inactive index modules here
$CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
//now we will output our work.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function modlabelsetanswers($lid)
{
global $dbprefix, $connect, $clang, $labelsoutput, $databasetype, $filterxsshtml,$postsortorder;
$qulabelset = "SELECT * FROM ".db_table_name('labelsets')." WHERE lid='$lid'";
$rslabelset = db_execute_assoc($qulabelset) or safe_die($connect->ErrorMsg());
$rwlabelset=$rslabelset->FetchRow();
$lslanguages=explode(" ", trim($rwlabelset['languages']));
if (!isset($_POST['method'])) {
$_POST['method'] = $clang->gT("Save");
}
switch($_POST['method'])
{
case $clang->gT("Add new label", "unescaped"):
if (isset($_POST['insertcode']) && $_POST['insertcode']!='')
{
$_SESSION['nextlabelcode']=getNextCode($_POST['insertcode']);
$_POST['insertcode'] = db_quoteall($_POST['insertcode'],true);
// check that the code doesn't exist yet
$query = "SELECT code FROM ".db_table_name('labels')." WHERE lid='$lid' AND code=".$_POST['insertcode'];
$result = $connect->Execute($query);
$codeoccurences=$result->RecordCount();
if ($codeoccurences == 0)
{
$query = "select max(sortorder) as maxorder from ".db_table_name('labels')." where lid='$lid'";
$result = $connect->Execute($query);
$newsortorder=sprintf("%05d", $result->fields['maxorder']+1);
if ($filterxsshtml)
{
require_once("../classes/inputfilter/class.inputfilter_clean.php");
$myFilter = new InputFilter('','',1,1,1);
$_POST['inserttitle']=$myFilter->process($_POST['inserttitle']);
}
else
{
$_POST['inserttitle'] = html_entity_decode($_POST['inserttitle'], ENT_QUOTES, "UTF-8");
}
// Fix bug with FCKEditor saving strange BR types
$_POST['inserttitle']=fix_FCKeditor_text($_POST['inserttitle']);
$_POST['inserttitle'] = db_quoteall($_POST['inserttitle'],true);
$_POST['insertassessmentvalue']=(int)$_POST['insertassessmentvalue'];
foreach ($lslanguages as $lslanguage)
{
db_switchIDInsert('labels',true);
$query = "INSERT INTO ".db_table_name('labels')." (lid, code, title, sortorder,language, assessment_value) VALUES ($lid, {$_POST['insertcode']}, {$_POST['inserttitle']}, '$newsortorder','$lslanguage',{$_POST['insertassessmentvalue']})";
if (!$result = $connect->Execute($query))
{
$labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to insert label", "js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
}
db_switchIDInsert('labels',false);
}
}
else
{
$labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("This label code is already used in this labelset. Please choose another code or rename the existing one.", "js")."\")\n //-->\n</script>\n";
}
}
break;
// Save all labels with one button
case $clang->gT("Save Changes", "unescaped"):
//Determine autoids by evaluating the hidden field
$sortorderids=explode(' ', trim($_POST['sortorderids']));
$codeids=explode(' ', trim($_POST['codeids']));
$count=0;
// Quote each code_codeid first
foreach ($codeids as $codeid)
{
$_POST['code_'.$codeid] = db_quoteall($_POST['code_'.$codeid],true);
if (isset($_POST['oldcode_'.$codeid])) $_POST['oldcode_'.$codeid] = db_quoteall($_POST['oldcode_'.$codeid],true);
// Get the code values to check for duplicates
$codevalues[] = $_POST['code_'.$codeid];
}
// Check that there is no code duplicate
if (count(array_unique($codevalues)) == count($codevalues))
{
if ($filterxsshtml)
{
require_once("../classes/inputfilter/class.inputfilter_clean.php");
$myFilter = new InputFilter('','',1,1,1);
}
foreach ($sortorderids as $sortorderid)
{
$orderid=substr($sortorderid,strrpos($sortorderid,'_')+1,20);
foreach ($lslanguages as $langid)
{
$sortorderid = $langid . '_' . $orderid;
if ($filterxsshtml)
{
$_POST['title_'.$sortorderid]=$myFilter->process($_POST['title_'.$sortorderid]);
}
else
{
$_POST['title_'.$sortorderid] = html_entity_decode($_POST['title_'.$sortorderid], ENT_QUOTES, "UTF-8");
}
// Fix bug with FCKEditor saving strange BR types
$_POST['title_'.$sortorderid]=fix_FCKeditor_text($_POST['title_'.$sortorderid]);
$_POST['title_'.$sortorderid] = db_quoteall($_POST['title_'.$sortorderid],true);
$query = "UPDATE ".db_table_name('labels')." SET code=".$_POST['code_'.$codeids[$count]].", title={$_POST['title_'.$sortorderid]}, assessment_value={$_POST['assessmentvalue_'.$codeids[$count]]} WHERE lid=$lid AND sortorder=$orderid AND language='$langid'";
if (!$result = $connect->Execute($query))
// if update didn't work we assume the label does not exist and insert it
{
$query = "insert into ".db_table_name('labels')." (code,title,lid,sortorder,language) VALUES (".$_POST['code_'.$codeids[$count]].", {$_POST['title_'.$sortorderid]}, $lid , $orderid , '$langid')";
if (!$result = $connect->Execute($query))
{
$labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to update label","js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
}
}
}
$count++;
if ($count>count($codeids)-1) {$count=0;}
}
fixorder($lid);
}
else
{
$labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Can't update labels because you are using duplicated codes","js")."\")\n //-->\n</script>\n";
}
break;
// Pressing the Up button
case $clang->gT("Up", "unescaped"):
$newsortorder=$postsortorder-1;
$oldsortorder=$postsortorder;
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=-1 WHERE lid=$lid AND sortorder=$newsortorder";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=$newsortorder WHERE lid=$lid AND sortorder=$oldsortorder";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder='$oldsortorder' WHERE lid=$lid AND sortorder=-1";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
break;
// Pressing the Down button
case $clang->gT("Dn", "unescaped"):
$newsortorder=$postsortorder+1;
$oldsortorder=$postsortorder;
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=-1 WHERE lid=$lid AND sortorder='$newsortorder'";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder='$newsortorder' WHERE lid=$lid AND sortorder=$oldsortorder";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
$cdquery = "UPDATE ".db_table_name('labels')." SET sortorder=$oldsortorder WHERE lid=$lid AND sortorder=-1";
$cdresult=$connect->Execute($cdquery) or safe_die($connect->ErrorMsg());
break;
// Delete Button
case $clang->gT("Del", "unescaped"):
$query = "DELETE FROM ".db_table_name('labels')." WHERE lid=$lid AND sortorder='{$postsortorder}'";
if (!$result = $connect->Execute($query))
{
$labelsoutput.= "<script type=\"text/javascript\">\n<!--\n alert(\"".$clang->gT("Failed to delete label","js")." - ".$query." - ".$connect->ErrorMsg()."\")\n //-->\n</script>\n";
}
fixorder($lid);
break;
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$BLOCKS = loadadmintmplate("blocks");
//we will process changes here
if (0 == strcmp($HTTP_GET_VARS['mode'], "ablocks")) {
//process active blocks
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to disable the block
$sql = "DELETE FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
} else {
//otherwise we will process all the fields.
//lets read the db info for the block, we will set the default order also
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
$row = db_fetch_array($result);
$order = $row['order'];
$id = $row['id'];
} else {
$order = 1;
}
//we will default to order of 1.
//lets determine if there are any moves
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//if it moves up
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` < '" . $order . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it up, but if there are rows we want to trade places with the one above.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
//if it doesn't move.
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` > '" . $order . "' ORDER by `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it down, but if there are rows we want to trade places with the one below.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
}
//now lets see if we are moving the block to a new blockset
if (0 != strcmp($HTTP_POST_VARS['block_area'], "-")) {
//we are moving the blockset
$blockset = $HTTP_POST_VARS['block_area'];
//if we are moving to a new block set we need to make 100% sure that we don't break the order so we will put this on the end of that blockset.
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
} else {
//we are not moving the blockset
$blockset = $row['blockset'];
}
//here is where we will update the db with the new values for block.
$sql = "UPDATE " . $list_prefix . "blocks SET `blockset` = '" . $blockset . "', `order` = '" . $order . "' WHERE `id` = '" . $id . "';";
$result = db_query($sql);
}
//here we will run fix order to correct any issues in the order of the modules.
fixorder(1, 1);
fixorder(1, 2);
fixorder(1, 3);
fixorder(1, 4);
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "iblocks")) {
//process inactive blocks
//lets figure out what our order and blockset are.
$blockset = $HTTP_POST_VARS['block_area'];
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
//now lets prepare our sql query
$sql = "INSERT INTO " . $list_prefix . "blocks VALUES ('', '" . $HTTP_POST_VARS['inactive_blocks'] . "', '" . $blockset . "', '" . $order . "');";
$result = db_query($sql);
}
//now we will handle our output.
$WORK = insert_into_template($BLOCKS, "{INACTIVE_BLOCK_LIST}", list_inactive_blocks());
$WORK = insert_into_template($WORK, "{ACTIVE_BLOCK_LIST}", list_active_blocks());
$WORK = insert_into_template($WORK, "{MOVE_AREA_LIST}", move_area_list());
$WORK = insert_into_template($WORK, "{AREA_LIST}", area_list());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
printf("%s", striptemplate($WORK));
}