function showSettingsGUI() { // adminpage, stop here if not logged in/right access-level if (!isValidAdmin()) { echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her"); return; } if (isset($_REQUEST['module'])) { $module = $_REQUEST['module']; } else { $module = ""; } if (isset($_REQUEST['key'])) { $key = $_REQUEST['key']; } else { $key = ""; } h3(getString("settings_header", "Innstillinger")); // mulighet til å velge andre moduler: showModulesDropDown($module); if (isset($_REQUEST['save'])) { if ($_REQUEST['save'] == true && $key != "") { // check if we got a value, if we did not, it's a unchecked checkbox.' // did we get a value to save? if (isset($_REQUEST['setting'])) { $value = $_REQUEST['setting']; // "bugfix" kind of if (getSettingType($key) == "boolean") { // check if it is an checkbox, if so, its value is "on" if ($value == "on") { $value = "true"; } } } else { // setting the value to false, as this probably is an unchecked checkbox. $value = "false"; } // save $result = saveSetting($key, $value); div_open(); // success? reset key. if ($result == true) { // reset $key = ""; echo getString("settings_saved_setting", "Innstilling lagret!"); } else { echo getString("settings_could_not_save_setting", "Greide ikke å lagre innstilling!"); } div_close(); } } // if chosen, show the settings if ($module) { showModuleSettings($module, $key); } }
function module_admininput() { // adminpage, stop here if not logged in/right access-level if (!isValidAdmin()) { echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her"); return; } $inputaction = $_REQUEST['inputaction']; if ($inputaction == "addarticle") { save_form_article(); $title = $_REQUEST['title']; $author = $_REQUEST['author']; $author_username = $_REQUEST['author_username']; $date_posted = $_REQUEST['year'] . "-" . $_REQUEST['month'] . "-" . $_REQUEST['day']; $time_posted = $_REQUEST['hours'] . ":" . $_REQUEST['minutes']; $comment_to = $_REQUEST['comment_to']; $is_draft = $_REQUEST['is_draft']; $body = $_REQUEST['body']; if ($is_draft == "ON") { $is_draft = 1; $log_description .= "savedraft,"; } else { $is_draft = 'NULL'; } if (strlen($comment_to) < 1) { $comment_to = "NULL"; $log_description .= "savenewarticle,"; } else { $log_description .= "savenewcomment,"; } $query = "INSERT INTO articles (title, author, author_username, body, date_posted, time_posted, comment_to, is_draft, view_count) VALUES(\"{$title}\", \"{$author}\", \"{$author_username}\", \"{$body}\", \"{$date_posted}\", \"{$time_posted}\", {$comment_to},{$is_draft},0);"; echo $query; $result = DB_insert($query); global $logtype; if ($result) { echo "Artikkel lagt inn med id: " . mysql_insert_id(); unset_form_article(); if ($comment_to != "NULL") { $log_description .= "commentadded!,"; write_log_entry(mysql_insert_id(), $logtype['comment'], $log_description); } else { $log_description .= "articleadded!,"; write_log_entry(mysql_insert_id(), $logtype['article'], $log_description); } } else { echo "Oops: " . mysql_error(); } } else { form_start_post(); echo '<table class="default_table">'; echo '<tr><td>Forfatter</td><td>'; form_textfield("author", stripslashes($_SESSION['author'])); echo '</td></tr>'; echo '<tr><td>Forfatter_brukernavn</td><td>'; form_textfield("author_username", stripslashes($_SESSION['author'])); echo '</td></tr>'; echo '<tr><td>Tittel</td><td class="form_article_title">'; form_textfield("title", stripslashes(fix_quotes($_SESSION['title']))); echo '</td></tr>'; echo '<tr><td>Dato</td><td>'; form_datewidget($_SESSION['date_posted']); echo '</td></tr>'; echo '<tr><td>Tidspunkt</td><td>'; form_timewidget($_SESSION['time_posted']); echo '</td></tr>'; echo '<tr><td>Kommentar til</td><td>'; form_textfield("comment_to", $_SESSION['comment_to']); echo '</td></tr>'; if ($_SESSION['is_draft'] == "ON") { echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>'; form_checkbox("is_draft", "ON", "1"); echo '</td></tr>'; } else { echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>'; form_checkbox("is_draft", "ON", "0"); echo '</td></tr>'; } echo '<tr><td colspan=2 class="form_article_text">'; form_textarea("body", stripslashes($_SESSION['body']), 30, 10); echo '</td></tr>'; echo '<tr><td colspan=2>'; form_submit("Button", "Lagre artikkelen"); echo '</td></tr>'; echo '<tr><td colspan=2>'; form_submit("preview", "Forhåndsvis artikkel"); echo '</td></tr>'; form_hidden("m_c", "module_admininput"); form_hidden("inputaction", "addarticle"); form_hidden("articleid", $_SESSION['articleid']); if (isset($edit)) { form_hidden("editarticle", "editarticle"); } echo '</table>'; form_end(); } }
function module_polladmin() { // adminpage, stop here if not logged in/right access-level if (!isValidAdmin()) { echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her"); return; } echo '<a href="http://localhost/avisCMS/index.php?m_c=module_polladmin&page_title=Polladmin">Tilbake til oversikt</a>'; $pollaction = $_REQUEST['pollaction']; if ($pollaction == 'addpoll') { if (strlen($_REQUEST['polltitle']) < 1) { echo "Husk tittel."; return; } echo '<div class="default_header">Avstemning opprettet.</div>'; $query = "INSERT INTO poll SET title='" . $_REQUEST['polltitle'] . "';"; $result = DB_insert($query); if ($result) { echo '<a href="index.php?m_c=module_polladmin&pollaction=editpoll&pollid=' . mysql_insert_id() . '">Rediger den nye pollen</a>'; } else { echo "Feilmelding: " . mysql_error(); } } else { if ($pollaction == 'delpoll') { $confirm = $_REQUEST['dc']; $pollid = $_REQUEST['pollid']; if ($confirm == "yes") { $query = "DELETE FROM poll WHERE pollid = " . $pollid . ";"; $result = DB_update($query); $num_results += DB_rows_affected($query); $query = "DELETE FROM pollquestion WHERE pollid = " . $pollid . ";"; $result = DB_update($query); $num_results += DB_rows_affected($query); $query = "DELETE FROM vote WHERE pollid = " . $pollid . ";"; $result = DB_update($query); $num_results += DB_rows_affected($query); if ($num_results < 1) { echo "<br/>Ingenting slettet - feilmelding: " . mysql_error(); } else { echo "<br/>Avstemningen med tilhørende stemmer og det hele aldeles pulverisert."; } } else { echo "<br/><br/>Sikker på at du vil slette avstemning med id " . $pollid . "? Dette medfører også sletting av alle tilknyttede spørsmål og avlagte stemmer!!<br/>"; echo '<a href="index.php?m_c=module_polladmin&pollaction=delpoll&dc=yes&pollid=' . $pollid . '">Ja!</a>'; } } else { if ($pollaction == 'editpoll') { $pollaction2 = $_REQUEST['pollaction2']; $pollid = $_REQUEST['pollid']; $question = $_REQUEST['question']; $description = $_REQUEST['description']; if ($pollaction2 == "changetime") { $query = "UPDATE poll SET description = '" . $description . "', time_opened='" . $_REQUEST['time_opened'] . "', time_closed='" . $_REQUEST['time_closed'] . "' WHERE pollid=" . $pollid . ";"; DB_update($query); if (!result) { echo 'mysql_error()'; } } if ($pollaction2 == "delquestion") { $altid = $_REQUEST['altid']; $query = "DELETE FROM pollquestion WHERE questionid=" . $altid . " AND pollid=" . $pollid . ";"; $result = DB_update($query); //echo $query; if (!$result) { echo mysql_error(); } } if ($pollaction2 == 'addquestion') { $querymax = "SELECT MAX(questionid) as maxid FROM pollquestion;"; $row = DB_search($querymax); $newid = $row['maxid'] + 1; $query = "INSERT INTO pollquestion SET pollid=" . $pollid . ", questionid='" . $newid . "', question='" . $question . "';"; //echo $query; $result = DB_insert($query); if (!result) { echo mysql_error(); } } $pollid = $_REQUEST['pollid']; $query = "SELECT * FROM poll WHERE pollid=" . $pollid . ";"; $row = DB_search($query); $query_questions = "SELECT * FROM pollquestion WHERE pollid=" . $pollid . ";"; $result = DB_get_table($query_questions); $pollid = $row['pollid']; echo '<table class="default_table">'; echo '<tr><td colspan=2><div class="default_header">Rediger spørreundersøkelse</div></td></tr>'; echo "<tr><td>Tittel</td><td>" . $row['title'] . "</td></tr>"; form_start_post(); form_hidden("pollid", $pollid); form_hidden("m_c", "module_polladmin"); form_hidden("pollaction", "editpoll"); form_hidden("pollaction2", "changetime"); echo "<tr><td>Beskrivelse (300 tegn)</td><td>" . $row['description'] . "</td><td>"; form_textarea("description", $row['description'], 10, 10); echo "</td></tr>"; echo "<tr><td>Dato start</td><td>" . $row['time_opened'] . "</td><td>"; form_textfield("time_opened", $row['time_opened']); echo "</td></tr>"; echo "<tr><td>Date slutt</td><td>" . $row['time_closed'] . "</td><td>"; form_textfield("time_closed", $row['time_closed']); echo "</td></tr>"; echo "<tr><td colspan=2>Datoformat: 2005-01-31 23:10<br/>Utelat tidspunkt og det settes til 00:00.</td><td>"; form_submit("submit", "Lagre endringer"); form_end(); echo "</tr>"; while ($row = DB_next_row($result)) { echo '<tr>'; echo '<td>' . $row['questionid'] . '</td>'; echo '<td>' . $row['question'] . '</td>'; echo '<td>'; form_start_post(); form_submit("submit", "Slett"); form_hidden("m_c", "module_polladmin"); form_hidden("pollaction2", "delquestion"); form_hidden("altid", $row['questionid']); form_hidden("pollaction", "editpoll"); form_hidden("pollid", $pollid); form_end(); echo '</td>'; echo '</tr>'; } echo '</table><br/><br/>'; echo '<table class="default_table">'; echo '<tr><td colspan=2>Legg til et alternativ</td></tr>'; form_start_post(); echo '<tr><td>Alternativnavn</td><td>'; form_textfield("question", $_SESSION['question']); echo '</td></tr>'; echo '<tr><td colspan=2>'; form_submit("submit", "Legg til"); echo '</td></tr>'; form_hidden("pollaction", "editpoll"); form_hidden("pollaction2", "addquestion"); form_hidden("pollid", $pollid); form_hidden("m_c", "module_polladmin"); form_end(); echo '</table>'; } else { echo '<table class="default_table">'; echo '<tr><td colspan=4><div class="default_header">Polladmin</div></td></tr>'; echo "<tr><td colspan=4>Lag en ny</td></tr>"; form_start_post(); echo "<tr><td colspan=2>Tittel</td><td colspan=2>"; form_textfield("polltitle", $_SESSION['polltitle']); echo '</td></tr>'; echo '<tr><td colspan=4>'; form_submit("submit", "Opprett(rediger den for å fullføre)"); echo '</td></tr>'; form_hidden("pollaction", "addpoll"); form_hidden("m_c", "module_polladmin"); form_end(); echo '<tr><td colspan=2></td></tr>'; echo '<tr><td colspan=4><div class="default_header">Eksisterende polls</div></td></tr>'; $query = "SELECT * FROM poll"; $result = DB_get_table($query); echo '<tr><td>Tittel</td><td>Start</td><td>Slutt</td><td>Rediger</td></tr>'; while ($row = DB_next_row($result)) { echo '<tr><td>' . $row['title'] . '</td><td>' . $row['time_opened'] . '</td>'; echo '<td>' . $row['time_closed'] . '</td>'; echo '<td><a href="index.php?m_c=module_polladmin&pollaction=editpoll&pollid=' . $row['pollid'] . '">Rediger</a>'; echo '<br/><a href="index.php?m_c=module_polladmin&pollaction=delpoll&pollid=' . $row['pollid'] . '">Slett</a></td>'; echo '</tr>'; } echo '</table>'; } } } }
function module_user_admin() { // adminpage, stop here if not logged in/right access-level if (!isValidAdmin()) { echo getString("not_valid_admin", "Administratorside, du mÃ¥ logge inn for Ã¥ fÃ¥ tilgang her"); return; } echo "<!-- start user admin -->"; $all_ok = true; global $menu_files; if (isset($_REQUEST['edituser'])) { if (isset($_REQUEST['savechanges'])) { if (!($password1 == $password2)) { $all_ok = false; $error_msg .= " Passwords don't match!"; } if ($all_ok) { $result = saveuser($_POST['username'], $_POST['password1'], $_POST['email'], $_POST['firstname'], $_POST['lastname'], $_POST['webpage'], $_POST['birthdate'], $_POST['description'], $_POST['admin'], $_POST['may_post']); } else { echo $error_msg; } if ($result) { echo "Changes saved. Jolly good."; global $logtype; write_log_entry($_POST['username'], $logtype['user'], "admin_useredit,"); } else { echo "No changes were made."; } } else { $query = "SELECT * FROM user WHERE username=\"" . $_POST['edituser'] . "\";"; $row = DB_search($query); form_start_post(); echo '<table class="default_table">'; echo '<tr><td>Brukernavn</td><td>'; echo $row['username']; echo '</td></tr>'; echo '<tr><td>E-post</td><td>'; form_textfield("email", stripslashes($row['email'])); echo ' (må ligne på en ordentlig adresse)</td></tr>'; echo '<tr><td>Fornavn</td><td>'; form_textfield("firstname", $row['firstname']); echo ' (det dine venner kaller deg)</td></tr>'; echo '<tr><td>Etternavn</td><td>'; form_textfield("lastname", stripslashes($row['lastname'])); echo ' (det du het i militæret)</td></tr>'; echo '<tr><td>Passord</td><td>'; form_password("password1", ""); echo ' (minst 6 tegn)</td></tr>'; echo '<tr><td>Gjenta passord</td><td>'; form_password("password2", ""); echo ' (helst likt det i feltet over)</td></tr>'; echo '<tr><td>Fødselsdato</td><td>'; form_select_number("birthday", 0, 0, $birthday); form_select_number("birthmonth", 0, 0, $birthmonth); form_select_number("birthyear", 0, 0, $birthyear); echo '</td></tr>'; echo '<tr><td>Webside</td><td>'; form_textfield("webpage", stripslashes($row['webpage'])); echo ' (gjerne en som fins)</td></tr>'; echo '<tr><td>Er administrator</td><td>'; form_textfield("admin", stripslashes($row['admin'])); echo ' (er brukeren admin?)</td></tr>'; echo '<tr><td>Kan skrive artikler</td><td>'; form_textfield("may_post", stripslashes($row['may_post'])); echo ' 0=nei, 1=ja</td></tr>'; echo '<tr><td>Eventuelt tilknyttet bildes fil-id:</td><td>'; echo $row['picture']; echo ' (fjernes via filadmin: ' . $menu_files . ')</td></tr>'; echo '<tr><td colspan=2>Ymse visvas<br/>'; form_textarea("description", stripslashes($row['description']), 30, 10); echo '<br/>(hvis det er noe mer vi bør vite om deg)<br/><br/></td></tr>'; echo '<tr><td colspan=2>'; form_submit("Button", "Lagre profilendringer"); echo '</td></tr>'; echo '<tr><td colspan=2>'; form_submit("canceledit", "Avbryt profilendring"); echo '</td></tr>'; form_hidden("username", $row['username']); form_hidden("savechanges", "savechanges"); form_hidden("edituser", "savechanges"); form_hidden("m_c", "module_user_admin"); echo '</table>'; form_end(); } } else { if ($_POST['deleteuser']) { if ($_POST['reallysure']) { $query = "DELETE FROM user WHERE username =\"" . $_POST['deleteuser'] . "\";"; $result = DB_update($query); if ($result == 1) { global $logtype; write_log_entry($_POST['username'], $logtype['user'], "admin_deleteduser,"); echo "Bruker " . $_POST['deleteuser'] . " er slettet."; } else { if ($result == 0) { echo "Kunne ikke slette brukeren - fins fyren?"; } else { if ($result > 1) { echo "Du har prestert å slette flere eksemplarer av denne brukeren :p"; } } } } else { echo "<div>Sikker på at du vil slette " . $_POST['deleteuser'] . "? <a href=\"index.php\">No, go back!</a></div>"; form_start_post(); form_hidden("m_c", "module_user_admin"); form_hidden("reallysure", "yes"); form_hidden("deleteuser", $_POST['deleteuser']); form_submit("submit", "Ja, slett!"); form_end(); } } else { $query = "SELECT * FROM user"; $result = DB_get_table($query); $num_users = DB_rows_affected($result); echo '<table class="default_table">'; for ($i = 0; $i < $num_users; $i++) { $row = DB_next_row($result); echo '<tr><td><b>Bruker</b></td><td><b>'; echo $row['username']; echo '</b></td></tr><tr><td>Fornavn</td><td>'; echo $row['firstname']; //echo '</td></tr><tr><td>Etternavn</td><td>'; //echo $row['lastname']; echo '</td></tr><tr><td>E-post</td><td>'; echo $row['email']; echo '</td></tr><tr><td>Fødselsdato</td><td>'; echo date_nor_sql($row['birthdate']); echo '</td></tr><tr><td>Admin?</td><td>'; if ($row['admin'] != "" && $row['admin'] != 0) { echo 'Ja (' . $row['admin'] . ')'; } else { echo 'Nei (' . $row['admin'] . ')'; } echo '</td></tr><tr><td>Kan poste?</td><td>'; if ($row['may_post'] != "" && $row['may_post'] != 0) { echo 'Ja (' . $row['may_post'] . ')'; } else { echo 'Nei (' . $row['may_post'] . ')'; } echo '</td></tr><tr><td>Tilknyttet bilde, fil-id</td><td>'; echo $row['picture']; echo '</td></tr><tr><td colspan=2>'; ?> <form action="index.php" method="post"> <input type="hidden" value="module_user_admin" name="m_c" /> <input type="submit" name="edit" value="Edit user" /> <input type="hidden" name="edituser" value=<?php echo $row['username']; ?> /> </form> <form action="index.php" method="post"> <input type="hidden" value="module_user_admin" name="m_c" /> <input type="submit" name="delete" value="Delete user" /> <input type="hidden" name="deleteuser" value=<?php echo $row['username']; ?> /> </form> <?php echo '</td></tr><tr><td colspan=2><hr/></td></tr>'; } echo '</table>'; } } }