public function content()
{
global $dbh, $postvar, $getvar, $instance;
switch ($getvar['sub']) {
default:
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
$staff_query = $dbh->select("staff", array("user", "=", $postvar['user']), 0, "1", 1);
if (!check::email($postvar['email'])) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} elseif ($postvar['pass'] != $postvar['conpass']) {
main::errors("Passwords don't match!");
} elseif ($dbh->num_rows($staff_query) >= 1) {
main::errors("That account already exists!");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$salt = crypto::salt();
$password = crypto::passhash($postvar['pass'], $salt);
$staff_insert = array("user" => $postvar['user'], "name" => $postvar['name'], "email" => $postvar['email'], "password" => $password, "salt" => $salt, "perms" => $perms, "tzadjust" => $postvar['tzones']);
$dbh->insert("staff", $staff_insert);
main::errors("Account added!");
}
}
}
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$add_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" /></td></tr>';
}
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" /></td></tr>';
$add_staff_member_array['PAGES'] .= "</table>";
$add_staff_member_array['TZADJUST'] = main::tzlist();
echo style::replaceVar("tpl/admin/staff/add-staff-member.tpl", $add_staff_member_array);
break;
case "edit":
if (isset($getvar['do'])) {
$staff_data = $dbh->select("staff", array("id", "=", $getvar['do']));
if (!$staff_data["user"]) {
echo "That account doesn't exist!";
} else {
if ($_POST) {
check::empty_fields();
foreach ($postvar as $key => $value) {
$broke = explode("_", $key);
if ($broke[0] == "pages") {
$postvar['perms'][$broke[1]] = $value;
}
}
if (!main::errors()) {
if (!check::email($postvar['email'], $getvar['do'], "staff")) {
main::errors("Your email is the wrong format or is already in use by another staff member or client.");
} else {
if ($postvar['perms']) {
foreach ($postvar['perms'] as $key => $value) {
if ($n) {
$perms .= ",";
}
if ($value == "1") {
$perms .= $key;
}
$n++;
}
}
$staff_update = array("email" => $postvar['email'], "name" => $postvar['name'], "perms" => $perms, "tzadjust" => $postvar['tzones'], "user" => $postvar['user']);
$dbh->update("staff", $staff_update, array("id", "=", $getvar['do']));
//Staff account edit complete
main::done();
}
}
}
$edit_staff_member_array['USER'] = $staff_data['user'];
$edit_staff_member_array['EMAIL'] = $staff_data['email'];
$edit_staff_member_array['NAME'] = $staff_data['name'];
$edit_staff_member_array['TZADJUST'] = main::tzlist($staff_data['tzadjust']);
$acpnav_query = $dbh->select("acpnav", array("link", "!=", "home"), array("id", "ASC"), 0, 1);
$edit_staff_member_array['PAGES'] = '<table width="100%" border="0" cellspacing="0" cellpadding="1">';
while ($acpnav_data = $dbh->fetch_array($acpnav_query)) {
if (!main::checkPerms($acpnav_data['id'], $staff_data['id'])) {
$checked = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">' . $acpnav_data['visual'] . ':</td><td><input name="pages_' . $acpnav_data['id'] . '" id="pages_' . $acpnav_data['id'] . '" type="checkbox" value="1" ' . $checked . '/></td></tr>' . "\n";
$checked = NULL;
}
if (substr_count($staff_data['perms'], "paid") == '1') {
$paid_check = 'checked="checked"';
}
if (substr_count($staff_data['perms'], "p2h") == '1') {
$p2h_check = 'checked="checked"';
}
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">Paid Configuration:</td><td><input name="pages_paid" id="pages_paid" type="checkbox" value="1" ' . $paid_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= '<tr><td width="30%" align="left">P2H Forums:</td><td><input name="pages_p2h" id="pages_p2h" type="checkbox" value="1" ' . $p2h_check . '/></td></tr>' . "\n";
$edit_staff_member_array['PAGES'] .= "</table>";
echo style::replaceVar("tpl/admin/staff/edit-staff-member.tpl", $edit_staff_member_array);
}
} else {
$staff_query = $dbh->select("staff");
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=edit&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/pencil.png"></a>');
}
}
}
break;
case "delete":
$staff_query = $dbh->select("staff");
if ($getvar['do'] && $dbh->num_rows($staff_query) > 1) {
$dbh->delete("staff", array("id", "=", $getvar['do']));
main::errors("Staff Account Deleted!");
} elseif ($getvar['do']) {
main::errors("Theres only one staff account!");
}
if ($dbh->num_rows($staff_query) == 0) {
echo "There are no staff accounts to edit!";
} else {
$staff_query = $dbh->select("staff");
//This pulls the current staff list after deletion.
echo "<ERRORS>";
while ($staff_data = $dbh->fetch_array($staff_query)) {
echo main::sub("<strong>" . $staff_data['user'] . "</strong>", '<a href="?page=staff&sub=delete&do=' . $staff_data['id'] . '"><img src="' . URL . 'themes/icons/delete.png"></a>');
}
}
break;
}
}
function acp()
{
global $dbh, $postvar, $getvar, $instance;
ob_start();
if ($_SESSION['clogged'] || $_SESSION['cuser']) {
session_destroy();
main::redirect("?page=home");
}
if (!$getvar['page']) {
$getvar['page'] = "home";
}
$page = $dbh->select("acpnav", array("link", "=", $getvar['page']));
// "Hack" to get the credits and tickets page looking nicer
switch ($getvar["page"]) {
case "credits":
$header = "Credits";
break;
default:
if ($page['visual'] == "Tickets" && $getvar['mode'] == 'ticketsall') {
$header = "All Tickets";
} else {
$header = $page['visual'];
}
break;
}
$link = "pages/" . $getvar['page'] . ".php";
$staff_data = $dbh->select("staff", array("id", "=", $_SESSION['user']));
$user_perms = $staff_data['perms'];
if (substr_count($user_perms, "paid") == '1') {
$nopaid = '1';
}
if (substr_count($user_perms, "p2h") == '1') {
$nop2h = '1';
}
if (!file_exists($link)) {
$html = "<strong>THT Fatal Error:</strong> That page doesn't exist.";
} elseif (!main::checkPerms($page['id']) && !$nopaid && !$nop2h && $user_perms) {
$html = "You don't have access to this page.";
} elseif ($getvar['page'] == "type" && $getvar['type'] == "paid" && $nopaid) {
$html = "You don't have access to this page.";
} elseif ($getvar['page'] == "type" && $getvar['type'] == "p2h" && $nop2h) {
$html = "You don't have access to this page.";
} else {
include $link;
$content = new page();
// Main Side Bar HTML
$nav = "Sidebar Menu";
$sub = $dbh->select("acpnav", 0, array("id", "ASC"));
while ($row = $dbh->fetch_array($sub)) {
if (main::checkPerms($row['id'])) {
$sidebarlink_array['IMGURL'] = $row['icon'];
$sidebarlink_array['LINK'] = "?page=" . $row['link'];
$sidebarlink_array['VISUAL'] = $row['visual'];
$sidebar_array['LINKS'] .= style::replaceVar("tpl/sidebar-link.tpl", $sidebarlink_array);
}
}
// Types Navbar
/*
* When Working on the navbar, to make a spacer use this:
* $sidebar_array['LINKS'] .= style::replaceVar("tpl/spacer.tpl");
*/
foreach ($instance->packtypes as $key => $value) {
if ($key == "paid" && $nopaid != "1" || $key == "p2h" && $nop2h != "1" || $key != "paid" && $key != "p2h") {
if ($instance->packtypes[$key]->acpNav) {
foreach ($instance->packtypes[$key]->acpNav as $key2 => $value) {
$sidebarlink_array['IMGURL'] = $value[2];
$sidebarlink_array['LINK'] = "?page=type&type=" . $key . "&sub=" . $value[1];
$sidebarlink_array['VISUAL'] = $value[0];
$sidebar_array['LINKS'] .= style::replaceVar("tpl/sidebar-link.tpl", $sidebarlink_array);
if ($getvar['page'] == "type" && $getvar['type'] == $key && $getvar['sub'] == $value[1]) {
define("SUB", $value[3]);
$header = $value[3];
$getvar['myheader'] = $value[3];
}
}
}
}
}
$sidebarlink_array['IMGURL'] = "information.png";
$sidebarlink_array['LINK'] = "?page=credits";
$sidebarlink_array['VISUAL'] = "Credits";
$sidebar_array['LINKS'] .= style::replaceVar("tpl/sidebar-link.tpl", $sidebarlink_array);
$sidebarlink_array['IMGURL'] = "delete.png";
$sidebarlink_array['LINK'] = "?page=logout";
$sidebarlink_array['VISUAL'] = "Logout";
$sidebar_array['LINKS'] .= style::replaceVar("tpl/sidebar-link.tpl", $sidebarlink_array);
$sidebar = style::replaceVar("tpl/sidebar.tpl", $sidebar_array);
//Page Sidebar
if ($content->navtitle) {
$subnav = $content->navtitle;
foreach ($content->navlist as $key => $value) {
$sub_sidebarlink_array['IMGURL'] = $value[1];
$sub_sidebarlink_array['LINK'] = "?page=" . $getvar['page'] . "&sub=" . $value[2];
$sub_sidebarlink_array['VISUAL'] = $value[0];
$sub_sidebar_array['LINKS'] .= style::replaceVar("tpl/sidebar-link.tpl", $sub_sidebarlink_array);
}
$subsidebar = style::replaceVar("tpl/sidebar.tpl", $sub_sidebar_array);
}
if ($getvar['sub'] && $getvar['page'] != "type") {
foreach ($content->navlist as $key => $value) {
if ($value[2] == $getvar['sub']) {
if (!$value[0]) {
define("SUB", $getvar['page']);
$header = $getvar['page'];
} else {
define("SUB", $value[0]);
$header = $value[0];
}
}
}
}
if ($getvar['sub'] == "delete" && isset($getvar['do']) && !$_POST && !$getvar['confirm']) {
foreach ($postvar as $key => $value) {
$warning_array['HIDDEN'] .= '<input name="' . $key . '" type="hidden" value="' . $value . '" />';
}
$warning_array['HIDDEN'] .= " ";
$html = style::replaceVar("tpl/warning.tpl", $warning_array);
} elseif ($getvar['sub'] == "delete" && isset($getvar['do']) && $_POST && !$getvar['confirm']) {
if ($postvar['yes']) {
foreach ($getvar as $key => $value) {
if ($i) {
$i = "&";
} else {
$i = "?";
}
$url .= $i . $key . "=" . $value;
}
$url .= "&confirm=1";
main::redirect($url);
} elseif ($postvar['no']) {
main::done();
}
} else {
if (isset($getvar['sub'])) {
ob_start();
$content->content();
$html = ob_get_contents();
// Retrieve the HTML
ob_clean();
// Flush the HTML
} elseif ($content->navlist) {
$html .= $content->description();
// First, we gotta get the page description.
$html .= "<br /><br />";
// Break it up
// Now we should prepend some stuff here
$subsidebar2 .= "<strong>Page Submenu</strong><div class='break'></div>";
$subsidebar2 .= $subsidebar;
// Done, now output it in a sub() table
$html .= main::sub($subsidebar2, NULL);
// Initial implementation, add the SubSidebar(var) into the description, basically append it
} else {
ob_start();
$content->content();
$html = ob_get_contents();
// Retrieve the HTML
ob_clean();
// Flush the HTML
}
}
}
$staffuser = $dbh->staff($_SESSION['user']);
define("SUB", $header);
define("INFO", '<b>Welcome back, ' . strip_tags($staffuser['name']) . '</b><br />' . SUB);
echo '<div id="left">';
echo main::table($nav, $sidebar);
if ($content->navtitle) {
echo "<br />";
echo main::table($subnav, $subsidebar);
}
echo '</div>';
echo '<div id="right">';
echo main::table($header, $html);
echo '</div>';
$html_buff = ob_get_contents();
ob_clean();
return $html_buff;
}
