function showSettingsGUI()
{
// adminpage, stop here if not logged in/right access-level
if (!isValidAdmin()) {
echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
return;
}
if (isset($_REQUEST['module'])) {
$module = $_REQUEST['module'];
} else {
$module = "";
}
if (isset($_REQUEST['key'])) {
$key = $_REQUEST['key'];
} else {
$key = "";
}
h3(getString("settings_header", "Innstillinger"));
// mulighet til å velge andre moduler:
showModulesDropDown($module);
if (isset($_REQUEST['save'])) {
if ($_REQUEST['save'] == true && $key != "") {
// check if we got a value, if we did not, it's a unchecked checkbox.'
// did we get a value to save?
if (isset($_REQUEST['setting'])) {
$value = $_REQUEST['setting'];
// "bugfix" kind of
if (getSettingType($key) == "boolean") {
// check if it is an checkbox, if so, its value is "on"
if ($value == "on") {
$value = "true";
}
}
} else {
// setting the value to false, as this probably is an unchecked checkbox.
$value = "false";
}
// save
$result = saveSetting($key, $value);
div_open();
// success? reset key.
if ($result == true) {
// reset
$key = "";
echo getString("settings_saved_setting", "Innstilling lagret!");
} else {
echo getString("settings_could_not_save_setting", "Greide ikke å lagre innstilling!");
}
div_close();
}
}
// if chosen, show the settings
if ($module) {
showModuleSettings($module, $key);
}
}
function module_admininput()
{
// adminpage, stop here if not logged in/right access-level
if (!isValidAdmin()) {
echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
return;
}
$inputaction = $_REQUEST['inputaction'];
if ($inputaction == "addarticle") {
save_form_article();
$title = $_REQUEST['title'];
$author = $_REQUEST['author'];
$author_username = $_REQUEST['author_username'];
$date_posted = $_REQUEST['year'] . "-" . $_REQUEST['month'] . "-" . $_REQUEST['day'];
$time_posted = $_REQUEST['hours'] . ":" . $_REQUEST['minutes'];
$comment_to = $_REQUEST['comment_to'];
$is_draft = $_REQUEST['is_draft'];
$body = $_REQUEST['body'];
if ($is_draft == "ON") {
$is_draft = 1;
$log_description .= "savedraft,";
} else {
$is_draft = 'NULL';
}
if (strlen($comment_to) < 1) {
$comment_to = "NULL";
$log_description .= "savenewarticle,";
} else {
$log_description .= "savenewcomment,";
}
$query = "INSERT INTO articles (title, author, author_username, body, date_posted, time_posted, comment_to, is_draft, view_count) VALUES(\"{$title}\", \"{$author}\", \"{$author_username}\", \"{$body}\", \"{$date_posted}\", \"{$time_posted}\", {$comment_to},{$is_draft},0);";
echo $query;
$result = DB_insert($query);
global $logtype;
if ($result) {
echo "Artikkel lagt inn med id: " . mysql_insert_id();
unset_form_article();
if ($comment_to != "NULL") {
$log_description .= "commentadded!,";
write_log_entry(mysql_insert_id(), $logtype['comment'], $log_description);
} else {
$log_description .= "articleadded!,";
write_log_entry(mysql_insert_id(), $logtype['article'], $log_description);
}
} else {
echo "Oops: " . mysql_error();
}
} else {
form_start_post();
echo '<table class="default_table">';
echo '<tr><td>Forfatter</td><td>';
form_textfield("author", stripslashes($_SESSION['author']));
echo '</td></tr>';
echo '<tr><td>Forfatter_brukernavn</td><td>';
form_textfield("author_username", stripslashes($_SESSION['author']));
echo '</td></tr>';
echo '<tr><td>Tittel</td><td class="form_article_title">';
form_textfield("title", stripslashes(fix_quotes($_SESSION['title'])));
echo '</td></tr>';
echo '<tr><td>Dato</td><td>';
form_datewidget($_SESSION['date_posted']);
echo '</td></tr>';
echo '<tr><td>Tidspunkt</td><td>';
form_timewidget($_SESSION['time_posted']);
echo '</td></tr>';
echo '<tr><td>Kommentar til</td><td>';
form_textfield("comment_to", $_SESSION['comment_to']);
echo '</td></tr>';
if ($_SESSION['is_draft'] == "ON") {
echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>';
form_checkbox("is_draft", "ON", "1");
echo '</td></tr>';
} else {
echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>';
form_checkbox("is_draft", "ON", "0");
echo '</td></tr>';
}
echo '<tr><td colspan=2 class="form_article_text">';
form_textarea("body", stripslashes($_SESSION['body']), 30, 10);
echo '</td></tr>';
echo '<tr><td colspan=2>';
form_submit("Button", "Lagre artikkelen");
echo '</td></tr>';
echo '<tr><td colspan=2>';
form_submit("preview", "Forhåndsvis artikkel");
echo '</td></tr>';
form_hidden("m_c", "module_admininput");
form_hidden("inputaction", "addarticle");
form_hidden("articleid", $_SESSION['articleid']);
if (isset($edit)) {
form_hidden("editarticle", "editarticle");
}
echo '</table>';
form_end();
}
}
function module_polladmin()
{
// adminpage, stop here if not logged in/right access-level
if (!isValidAdmin()) {
echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
return;
}
echo '<a href="http://localhost/avisCMS/index.php?m_c=module_polladmin&page_title=Polladmin">Tilbake til oversikt</a>';
$pollaction = $_REQUEST['pollaction'];
if ($pollaction == 'addpoll') {
if (strlen($_REQUEST['polltitle']) < 1) {
echo "Husk tittel.";
return;
}
echo '<div class="default_header">Avstemning opprettet.</div>';
$query = "INSERT INTO poll SET title='" . $_REQUEST['polltitle'] . "';";
$result = DB_insert($query);
if ($result) {
echo '<a href="index.php?m_c=module_polladmin&pollaction=editpoll&pollid=' . mysql_insert_id() . '">Rediger den nye pollen</a>';
} else {
echo "Feilmelding: " . mysql_error();
}
} else {
if ($pollaction == 'delpoll') {
$confirm = $_REQUEST['dc'];
$pollid = $_REQUEST['pollid'];
if ($confirm == "yes") {
$query = "DELETE FROM poll WHERE pollid = " . $pollid . ";";
$result = DB_update($query);
$num_results += DB_rows_affected($query);
$query = "DELETE FROM pollquestion WHERE pollid = " . $pollid . ";";
$result = DB_update($query);
$num_results += DB_rows_affected($query);
$query = "DELETE FROM vote WHERE pollid = " . $pollid . ";";
$result = DB_update($query);
$num_results += DB_rows_affected($query);
if ($num_results < 1) {
echo "<br/>Ingenting slettet - feilmelding: " . mysql_error();
} else {
echo "<br/>Avstemningen med tilhørende stemmer og det hele aldeles pulverisert.";
}
} else {
echo "<br/><br/>Sikker på at du vil slette avstemning med id " . $pollid . "? Dette medfører også sletting av alle tilknyttede spørsmål og avlagte stemmer!!<br/>";
echo '<a href="index.php?m_c=module_polladmin&pollaction=delpoll&dc=yes&pollid=' . $pollid . '">Ja!</a>';
}
} else {
if ($pollaction == 'editpoll') {
$pollaction2 = $_REQUEST['pollaction2'];
$pollid = $_REQUEST['pollid'];
$question = $_REQUEST['question'];
$description = $_REQUEST['description'];
if ($pollaction2 == "changetime") {
$query = "UPDATE poll SET description = '" . $description . "', time_opened='" . $_REQUEST['time_opened'] . "', time_closed='" . $_REQUEST['time_closed'] . "' WHERE pollid=" . $pollid . ";";
DB_update($query);
if (!result) {
echo 'mysql_error()';
}
}
if ($pollaction2 == "delquestion") {
$altid = $_REQUEST['altid'];
$query = "DELETE FROM pollquestion WHERE questionid=" . $altid . " AND pollid=" . $pollid . ";";
$result = DB_update($query);
//echo $query;
if (!$result) {
echo mysql_error();
}
}
if ($pollaction2 == 'addquestion') {
$querymax = "SELECT MAX(questionid) as maxid FROM pollquestion;";
$row = DB_search($querymax);
$newid = $row['maxid'] + 1;
$query = "INSERT INTO pollquestion SET pollid=" . $pollid . ", questionid='" . $newid . "', question='" . $question . "';";
//echo $query;
$result = DB_insert($query);
if (!result) {
echo mysql_error();
}
}
$pollid = $_REQUEST['pollid'];
$query = "SELECT * FROM poll WHERE pollid=" . $pollid . ";";
$row = DB_search($query);
$query_questions = "SELECT * FROM pollquestion WHERE pollid=" . $pollid . ";";
$result = DB_get_table($query_questions);
$pollid = $row['pollid'];
echo '<table class="default_table">';
echo '<tr><td colspan=2><div class="default_header">Rediger spørreundersøkelse</div></td></tr>';
echo "<tr><td>Tittel</td><td>" . $row['title'] . "</td></tr>";
form_start_post();
form_hidden("pollid", $pollid);
form_hidden("m_c", "module_polladmin");
form_hidden("pollaction", "editpoll");
form_hidden("pollaction2", "changetime");
echo "<tr><td>Beskrivelse (300 tegn)</td><td>" . $row['description'] . "</td><td>";
form_textarea("description", $row['description'], 10, 10);
echo "</td></tr>";
echo "<tr><td>Dato start</td><td>" . $row['time_opened'] . "</td><td>";
form_textfield("time_opened", $row['time_opened']);
echo "</td></tr>";
echo "<tr><td>Date slutt</td><td>" . $row['time_closed'] . "</td><td>";
form_textfield("time_closed", $row['time_closed']);
echo "</td></tr>";
echo "<tr><td colspan=2>Datoformat: 2005-01-31 23:10<br/>Utelat tidspunkt og det settes til 00:00.</td><td>";
form_submit("submit", "Lagre endringer");
form_end();
echo "</tr>";
while ($row = DB_next_row($result)) {
echo '<tr>';
echo '<td>' . $row['questionid'] . '</td>';
echo '<td>' . $row['question'] . '</td>';
echo '<td>';
form_start_post();
form_submit("submit", "Slett");
form_hidden("m_c", "module_polladmin");
form_hidden("pollaction2", "delquestion");
form_hidden("altid", $row['questionid']);
form_hidden("pollaction", "editpoll");
form_hidden("pollid", $pollid);
form_end();
echo '</td>';
echo '</tr>';
}
echo '</table><br/><br/>';
echo '<table class="default_table">';
echo '<tr><td colspan=2>Legg til et alternativ</td></tr>';
form_start_post();
echo '<tr><td>Alternativnavn</td><td>';
form_textfield("question", $_SESSION['question']);
echo '</td></tr>';
echo '<tr><td colspan=2>';
form_submit("submit", "Legg til");
echo '</td></tr>';
form_hidden("pollaction", "editpoll");
form_hidden("pollaction2", "addquestion");
form_hidden("pollid", $pollid);
form_hidden("m_c", "module_polladmin");
form_end();
echo '</table>';
} else {
echo '<table class="default_table">';
echo '<tr><td colspan=4><div class="default_header">Polladmin</div></td></tr>';
echo "<tr><td colspan=4>Lag en ny</td></tr>";
form_start_post();
echo "<tr><td colspan=2>Tittel</td><td colspan=2>";
form_textfield("polltitle", $_SESSION['polltitle']);
echo '</td></tr>';
echo '<tr><td colspan=4>';
form_submit("submit", "Opprett(rediger den for å fullføre)");
echo '</td></tr>';
form_hidden("pollaction", "addpoll");
form_hidden("m_c", "module_polladmin");
form_end();
echo '<tr><td colspan=2></td></tr>';
echo '<tr><td colspan=4><div class="default_header">Eksisterende polls</div></td></tr>';
$query = "SELECT * FROM poll";
$result = DB_get_table($query);
echo '<tr><td>Tittel</td><td>Start</td><td>Slutt</td><td>Rediger</td></tr>';
while ($row = DB_next_row($result)) {
echo '<tr><td>' . $row['title'] . '</td><td>' . $row['time_opened'] . '</td>';
echo '<td>' . $row['time_closed'] . '</td>';
echo '<td><a href="index.php?m_c=module_polladmin&pollaction=editpoll&pollid=' . $row['pollid'] . '">Rediger</a>';
echo '<br/><a href="index.php?m_c=module_polladmin&pollaction=delpoll&pollid=' . $row['pollid'] . '">Slett</a></td>';
echo '</tr>';
}
echo '</table>';
}
}
}
}
function module_user_admin()
{
// adminpage, stop here if not logged in/right access-level
if (!isValidAdmin()) {
echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
return;
}
echo "<!-- start user admin -->";
$all_ok = true;
global $menu_files;
if (isset($_REQUEST['edituser'])) {
if (isset($_REQUEST['savechanges'])) {
if (!($password1 == $password2)) {
$all_ok = false;
$error_msg .= " Passwords don't match!";
}
if ($all_ok) {
$result = saveuser($_POST['username'], $_POST['password1'], $_POST['email'], $_POST['firstname'], $_POST['lastname'], $_POST['webpage'], $_POST['birthdate'], $_POST['description'], $_POST['admin'], $_POST['may_post']);
} else {
echo $error_msg;
}
if ($result) {
echo "Changes saved. Jolly good.";
global $logtype;
write_log_entry($_POST['username'], $logtype['user'], "admin_useredit,");
} else {
echo "No changes were made.";
}
} else {
$query = "SELECT * FROM user WHERE username=\"" . $_POST['edituser'] . "\";";
$row = DB_search($query);
form_start_post();
echo '<table class="default_table">';
echo '<tr><td>Brukernavn</td><td>';
echo $row['username'];
echo '</td></tr>';
echo '<tr><td>E-post</td><td>';
form_textfield("email", stripslashes($row['email']));
echo ' (må ligne på en ordentlig adresse)</td></tr>';
echo '<tr><td>Fornavn</td><td>';
form_textfield("firstname", $row['firstname']);
echo ' (det dine venner kaller deg)</td></tr>';
echo '<tr><td>Etternavn</td><td>';
form_textfield("lastname", stripslashes($row['lastname']));
echo ' (det du het i militæret)</td></tr>';
echo '<tr><td>Passord</td><td>';
form_password("password1", "");
echo ' (minst 6 tegn)</td></tr>';
echo '<tr><td>Gjenta passord</td><td>';
form_password("password2", "");
echo ' (helst likt det i feltet over)</td></tr>';
echo '<tr><td>Fødselsdato</td><td>';
form_select_number("birthday", 0, 0, $birthday);
form_select_number("birthmonth", 0, 0, $birthmonth);
form_select_number("birthyear", 0, 0, $birthyear);
echo '</td></tr>';
echo '<tr><td>Webside</td><td>';
form_textfield("webpage", stripslashes($row['webpage']));
echo ' (gjerne en som fins)</td></tr>';
echo '<tr><td>Er administrator</td><td>';
form_textfield("admin", stripslashes($row['admin']));
echo ' (er brukeren admin?)</td></tr>';
echo '<tr><td>Kan skrive artikler</td><td>';
form_textfield("may_post", stripslashes($row['may_post']));
echo ' 0=nei, 1=ja</td></tr>';
echo '<tr><td>Eventuelt tilknyttet bildes fil-id:</td><td>';
echo $row['picture'];
echo ' (fjernes via filadmin: ' . $menu_files . ')</td></tr>';
echo '<tr><td colspan=2>Ymse visvas<br/>';
form_textarea("description", stripslashes($row['description']), 30, 10);
echo '<br/>(hvis det er noe mer vi bør vite om deg)<br/><br/></td></tr>';
echo '<tr><td colspan=2>';
form_submit("Button", "Lagre profilendringer");
echo '</td></tr>';
echo '<tr><td colspan=2>';
form_submit("canceledit", "Avbryt profilendring");
echo '</td></tr>';
form_hidden("username", $row['username']);
form_hidden("savechanges", "savechanges");
form_hidden("edituser", "savechanges");
form_hidden("m_c", "module_user_admin");
echo '</table>';
form_end();
}
} else {
if ($_POST['deleteuser']) {
if ($_POST['reallysure']) {
$query = "DELETE FROM user WHERE username =\"" . $_POST['deleteuser'] . "\";";
$result = DB_update($query);
if ($result == 1) {
global $logtype;
write_log_entry($_POST['username'], $logtype['user'], "admin_deleteduser,");
echo "Bruker " . $_POST['deleteuser'] . " er slettet.";
} else {
if ($result == 0) {
echo "Kunne ikke slette brukeren - fins fyren?";
} else {
if ($result > 1) {
echo "Du har prestert å slette flere eksemplarer av denne brukeren :p";
}
}
}
} else {
echo "<div>Sikker på at du vil slette " . $_POST['deleteuser'] . "? <a href=\"index.php\">No, go back!</a></div>";
form_start_post();
form_hidden("m_c", "module_user_admin");
form_hidden("reallysure", "yes");
form_hidden("deleteuser", $_POST['deleteuser']);
form_submit("submit", "Ja, slett!");
form_end();
}
} else {
$query = "SELECT * FROM user";
$result = DB_get_table($query);
$num_users = DB_rows_affected($result);
echo '<table class="default_table">';
for ($i = 0; $i < $num_users; $i++) {
$row = DB_next_row($result);
echo '<tr><td><b>Bruker</b></td><td><b>';
echo $row['username'];
echo '</b></td></tr><tr><td>Fornavn</td><td>';
echo $row['firstname'];
//echo '</td></tr><tr><td>Etternavn</td><td>';
//echo $row['lastname'];
echo '</td></tr><tr><td>E-post</td><td>';
echo $row['email'];
echo '</td></tr><tr><td>Fødselsdato</td><td>';
echo date_nor_sql($row['birthdate']);
echo '</td></tr><tr><td>Admin?</td><td>';
if ($row['admin'] != "" && $row['admin'] != 0) {
echo 'Ja (' . $row['admin'] . ')';
} else {
echo 'Nei (' . $row['admin'] . ')';
}
echo '</td></tr><tr><td>Kan poste?</td><td>';
if ($row['may_post'] != "" && $row['may_post'] != 0) {
echo 'Ja (' . $row['may_post'] . ')';
} else {
echo 'Nei (' . $row['may_post'] . ')';
}
echo '</td></tr><tr><td>Tilknyttet bilde, fil-id</td><td>';
echo $row['picture'];
echo '</td></tr><tr><td colspan=2>';
?>
<form action="index.php" method="post">
<input type="hidden" value="module_user_admin" name="m_c" />
<input type="submit" name="edit" value="Edit user" />
<input type="hidden" name="edituser" value=<?php
echo $row['username'];
?>
/>
</form>
<form action="index.php" method="post">
<input type="hidden" value="module_user_admin" name="m_c" />
<input type="submit" name="delete" value="Delete user" />
<input type="hidden" name="deleteuser" value=<?php
echo $row['username'];
?>
/>
</form>
<?php
echo '</td></tr><tr><td colspan=2><hr/></td></tr>';
}
echo '</table>';
}
}
}
