function shownews($id)
{
global $list_prefix, $NEWS, $MAIN;
$sql = "SELECT * FROM " . $list_prefix . "news WHERE id = '" . $id . "';";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows != 0) {
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$WORK = insert_into_template($WORK, "{NEWS}", stripslashes($row['news']));
$i++;
//now lets add this request to the CONTENT.
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, striphtml($row['news_title']));
printf("%s", striptemplate($WORK));
}
}
function modules()
{
global $list_prefix;
$MAIN = loadtmplate("main");
//lets get our module list from the DB.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'indexmodule' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
//lets see how many modules we have and initialize our variables.
$rows = db_num_rows($result);
$i = 0;
$CONTENT = "";
$perpage = 3;
//lets read our modules, load them, add their content to our main content.
while ($i < $rows) {
$row = db_fetch_array($result);
include_once $row['value'] . ".mod.php";
$CONTENT .= "<H2>" . $MOD['title'] . "</H2><BR>\r\n";
$CONTENT .= $MOD['content'];
$i++;
}
//lets insert our content into the template.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME}");
//this is an ugly hack but it works.
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
}
function content()
{
$MAIN = loadadmintmplate("main");
$CONTENT = "\r\n <p>\r\n For now there isn't much here in the way of content. please keep in mind\r\n that this project is still in its very early stages.\r\n </p>\r\n <p>\r\n <a href='http://fishcms.com'>FishCMS</a> is intended to be a simple, clean,\r\n and easy to use Content Management System targeted at Christian websites\r\n such as <a href='http://believewith.us'>BelieveWith.US</a>. FishCMS\r\n started out as an extension of the prayerlist program used at BelieveWith.US\r\n </p>\r\n <p>\r\n From this Admin Control Panel you will be able to edit, configure, and\r\n control your FishCMS site.\r\n </p>\r\n";
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$TEMPLATES = loadadmintmplate("templates");
if (isset($HTTP_GET_VARS['set'])) {
//if we are supposed to set the template
//set the template here
$sql = "UPDATE `" . $list_prefix . "config` SET `value` = '" . $HTTP_POST_VARS['template'] . "' WHERE `key` = 'template';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The theme was successfully changed to " . $HTTP_POST_VARS['template'] . "<BR>\r\n";
} else {
$CONTENT = "ERROR: I was unable to change the theme!<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//else we will draw the form for the user to change the template.
//first lets read the template from the configuration
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `Key` = 'template';";
$result = db_query($sql);
if (!$result) {
$template = "default";
} else {
$rows = db_num_rows($result);
if ($rows == 0) {
$template = "default";
} else {
$row = db_fetch_array($result);
$template = $row['value'];
}
}
$WORK = insert_into_template($TEMPLATES, "{TEMPLATE}", $template);
$WORK = insert_into_template($WORK, "{THEMELIST}", themelist($template));
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CATEGORIES = loadadmintmplate("categories");
//we can choose to edit, add, or delete a category.
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
if (isset($HTTP_POST_VARS['delete_yes'])) {
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "DELETE FROM `" . $list_prefix . "category` WHERE `id` = " . $HTTP_POST_VARS['category'] . ";";
$result = db_query($sql);
if ($result) {
$CONTENT = "The selected category has been deleted.<BR><BR>";
} else {
$CONTENT = "The selected category could not be deleted.<BR><BR>";
}
} else {
$CONTENT = "You can not delete the SYSTEM category.<BR><BR>";
}
} else {
$CONTENT = "You must click the checkbox to delete a category.<BR><BR>";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "add")) {
//we will do a search of the categories in the db in reverse sort on order.
$sql = "SELECT * FROM `" . $list_prefix . "category` ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$rows = db_num_rows($result);
//we will add +1 to that for the new entry's order.
if ($rows == 0) {
$order = 1;
} else {
//we will add +1 to that for the new entry's order.
$row = db_fetch_array($result);
$order = $row['order'] + 1;
}
//then we will insert the new category and its order value into the db.
//we will then report success or failure and draw the page.
if (isset($HTTP_POST_VARS['catname'])) {
$sql = "INSERT INTO " . $list_prefix . "category VALUES ('', '" . $HTTP_POST_VARS['catname'] . "', '" . $order . "');";
$result = db_query($sql);
if ($result) {
$CONTENT = "The category " . $HTTP_POST_VARS['catname'] . " has been added to the database<BR><BR>\r\n";
} else {
$CONTENT = "Sorry there was an ERROR while adding the category to the database.<BR><BR>\r\n";
}
} else {
$CONTENT = "Sorry but the category must have a name!<BR><BR>\r\n";
}
//lets output the results.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
//first we must make sure that our category is valid and not category 0
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "SELECT * FROM `" . $list_prefix . "category` WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
//lets figure out if we need to change the name or leave it the same.
if (isset($HTTP_POST_VARS['catname']) && $HTTP_POST_VARS['catname'] != "") {
$name = $HTTP_POST_VARS['catname'];
} else {
$name = $row['name'];
}
//lets figure out if there's a change to the order.
if (isset($HTTP_POST_VARS['position'])) {
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} else {
//the order will stay the same by default.
$order = $row['order'];
}
}
$sql = "UPDATE `" . $list_prefix . "category` SET ";
$sql .= "`name` = '" . $name . "', `order` = '" . $order . "' ";
$sql .= "WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The changes made have been saved.<BR><BR>\r\n";
} else {
$CONTENT = "ERROR: Unable to make the changes requested.<BR><BR>\r\n";
}
} else {
$CONTENT = "ERROR: Unable to alter a category that does not exist.<BR><BR>\r\n";
}
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//here we will read the categories from the db and let the user choose to delete or edit them.
//we will include a form to optionally add a category.
//category 0 is always present and can not be deleted.
//to delete a category the user must choose it from a list, enter the name in a box and click "Delete"
$CONTENT = "<select name='category'>";
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `id` > 0 ORDER BY `order`;";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows == 0) {
$CONTENT .= "<option value='-'>No categories found</option>";
} else {
$i = 0;
while ($i < $rows) {
$row = db_fetch_array($result);
$CONTENT .= "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
$i++;
}
}
$CONTENT .= "</select>";
//lets output the results.
$WORK = insert_into_template($CATEGORIES, "{CATLIST}", $CONTENT);
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function shownews($category)
{
global $HTTP_GET_VARS, $NEWS, $list_prefix, $MAIN;
$CONTENT = "";
if (isset($HTTP_GET_VARS['perpage']) && is_numeric($HTTP_GET_VARS['perpage'])) {
$perpage = $HTTP_GET_VARS['perpage'];
} else {
$perpage = 3;
}
//lets see if the user has specified to show all requests on a single page.
if (isset($HTTP_GET_VARS['onepage'])) {
$onepage = 1;
} else {
$onepage = 0;
}
//lets see what page we are on
if (!isset($HTTP_GET_VARS['page']) || !is_numeric($HTTP_GET_VARS['page'])) {
$page = 1;
} else {
$page = $HTTP_GET_VARS['page'];
}
//lets calculate our start position for our query if needed.
$start = ($page - 1) * $perpage;
//lets calculate our query
$sql = "SELECT * FROM " . $list_prefix . "news";
if ($category != 0) {
$sql .= " WHERE category = '" . $category . "'";
}
if ($onepage == 0) {
$sql .= " ORDER BY `date` DESC LIMIT " . $start . "," . $perpage . ";";
} else {
$sql .= " ORDER BY `date` DESC;";
}
//now lets show the prayerlist entries.
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows != 0) {
$i = 0;
while ($i < $rows) {
//lets fetch our prayer request from the database.
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$i++;
//now lets add this request to the CONTENT.
$CONTENT .= $WORK;
}
$sql = "SELECT * FROM " . $list_prefix . "news;";
$result = db_query($sql);
$rows = db_num_rows($result);
$pages = ($rows - $rows % $perpage) / $perpage;
//this is the number of complete pages.
if ($rows % $perpage > 0) {
$pages++;
}
//this will take care of incomplete pages.
//lets list a previous page link if needed.
if ($pages > 1 && $onepage == 0) {
$i = 0;
if ($page != 1) {
$CONTENT .= "<a href='news.php?page" . ($page - 1) . "'>prev</a> \r\n";
}
//lets list all pages a user can click on.
while ($i < $pages) {
$i++;
if ($i != $page) {
$CONTENT .= "<a href='news.php?page=" . $i . "'>" . $i . "</a> \r\n";
} else {
$CONTENT .= $i . " ";
}
}
//lets create a next page link if needed
if ($page != $pages) {
$CONTENT .= "<a href='news.php?page=" . ($page + 1) . "'>next</a>\r\n";
}
$CONTENT .= "<div align=\"right\"><a href='news.php?onepage=1'>Show all requests on one page.</a></div><br />\r\n";
}
} else {
$CONTENT .= "There are no active news at this time.<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "News");
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$LINKS = loadadmintmplate("links");
$WORK = $LINKS;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit a link
//lets get the links from the db
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the news exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{LINKID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{LINKTITLE}", $row['title']);
$WORK = insert_into_template($WORK, "{LINKURL}", $row['url']);
}
} else {
//if we are not editing an news lets prepare the form for a new news.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete a link if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete a link.<br>\r\n" . $WORK;
}
//lets edit/add a link if thats our job.
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
if (isset($HTTP_POST_VARS['newlink'])) {
//we are adding a new link
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
if (isset($HTTP_POST_VARS['linktitle']) && isset($HTTP_POST_VARS['linkurl'])) {
$sql = "INSERT INTO " . $list_prefix . "links VALUES ('', '" . $HTTP_POST_VARS['category'] . "', '" . $HTTP_POST_VARS['linktitle'] . "', '" . $HTTP_POST_VARS['linkurl'] . "', '" . $order . "');";
$result = db_query($sql);
}
} else {
//we are editing an existing link
if (isset($HTTP_POST_VARS['linkid'])) {
//we must know the links linkid to work on it.
//lets get our existing db entry
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$row = db_fetch_array($result);
//lets figure out our order
$order = 1;
if (0 == strcmp($HTTP_POST_VARS['position'], "same")) {
//no change to the order.
$order = $row['order'];
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//it needs to move up
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "links` SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
// it needs to move down
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "links SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
}
//now we have the correct order, category, name, and url lets update the db
if ($row['category'] != $HTTP_POST_VARS['category']) {
//if we are moving to a NEW category lets make this the last link present.
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
}
//now lets save our changes
$sql = "UPDATE " . $list_prefix . "links SET `category` = '" . $HTTP_POST_VARS['category'] . "', `title` = '" . $HTTP_POST_VARS['linktitle'] . "', `url` = '" . $HTTP_POST_VARS['linkurl'] . "', `order` = '" . $order . "' WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "';";
$result = db_query($sql);
} else {
$WORK = "ERROR: you must check 'Save as a new link' to make a new link.<BR>\r\n" . $WORK;
}
}
catorder();
}
//lets output our news cp.
$WORK = insert_into_template($WORK, "{LINKSLIST}", linkslist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function processsubmission()
{
global $logged_in, $user, $HTTP_POST_VARS, $list_prefix, $MAIN;
//lets make sure anonymous requests are accepted as "logged in".
if (isset($HTTP_POST_VARS['anonymous'])) {
$logged_in = 1;
$email = 'anonymous';
$username = '******';
} else {
$email = $user['email'];
$username = $user['username'];
}
//lets accept request from users who are not cookied but are logging in.
if (!$logged_in && isset($HTTP_POST_VARS['user'])) {
$user = userlogin($HTTP_POST_VARS['user'], $HTTP_POST_VARS['pass'], $HTTP_POST_VARS['automatic']);
if (0 != strcmp($user['email'], "anonymous")) {
$logged_in = 1;
$email = $user['email'];
}
}
//lets see if our user is logged in
if (!$logged_in) {
//if our user is not logged in we will redo the form for them with the data pre-entered.
submissionform_redo();
} else {
//if they are logged in we will process the request.
$req_date = time();
switch ($HTTP_POST_VARS['expire_date']) {
case '1w':
$expire = $req_date + 60 * 60 * 24 * 7;
break;
case '2w':
$expire = $req_date + 2 * (60 * 60 * 24 * 7);
break;
case '30d':
$expire = $req_date + 60 * 60 * 24 * 30;
break;
case '90d':
$expire = $req_date + 60 * 60 * 24 * 90;
break;
case '1y':
$expire = $req_date + 60 * 60 * 24 * 365.25;
break;
}
//we need to find out what the next id number is, add one to it, and then add it to the sql insert.
$sql = "SELECT * FROM " . $list_prefix . "prayer_list ORDER BY `id` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$idval = $row['id'] + 1;
} else {
$idval = 1;
}
//lets do the sql insert
$sql = "INSERT INTO " . $list_prefix . "prayer_list (id, request_for, request, postdate, expiredate, requested_by, username) VALUES ('" . $idval . "', '" . $HTTP_POST_VARS['request_for'] . "', '" . $HTTP_POST_VARS['request'] . "', '" . $req_date . "', '" . $expire . "', '" . addslashes($email) . "', '" . addslashes($username) . "');";
$result = db_query($sql);
if ($result) {
$WORK = "Your prayer request has been processed.<BR>\r\n";
} else {
$WORK = "ERROR: the server was unable to process your prayer request at this time.<BR>\r\n";
$WORK .= "The SQL query was: " . $sql . "<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "Submit a Prayer Request");
printf("%s", striptemplate($WORK));
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$GENERAL = loadadmintmplate("general");
$CONTENT = "";
//we will process changes here.
if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
//changes to the site info
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
$result = db_query($sql);
$RESULT = "Changes to site configuration saved.<BR>\r\n";
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
//changes to the index page
if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
$sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now use the modules for content.";
} elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
//if we have checked the redirect
if (isset($HTTP_POST_VARS['redirect'])) {
//and if we know where to redirect the user to...
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
} else {
$RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
}
}
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
//changes to the active modules
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to make the module inactive lets do it.
$sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
}
fixorder(1);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
//changes to the inactive modules
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
$sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
}
//output will be added to $CONTENT.
$CONTENT .= $RESULT . $GENERAL;
//We don't have to read the site info from the db and place it into the
//template because the filltemplate function will do it for us automagically.
//we will read and output the index page settings here.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
$result = db_query($sql);
if ($result) {
//if its in the db we will go with the db's configured value
$rows = db_num_rows($result);
$row = db_fetch_array($result);
$action = $row['value'];
} else {
$action = "modules";
}
if (strcmp($action, "modules") != 0) {
$CHECKED = "{REDIRCHECKED}";
} else {
$CHECKED = "{MODCHECKED}";
$action = "";
}
$CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
//This is backards to how we normally do things but it works!
$CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
//we will read and output the active index modules here
$CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
//we will read and output the inactive index modules here
$CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
//now we will output our work.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
$DAYS .= insert_into_template($WORK, "{YEAR}", $year);
} else {
$DAYS .= insert_into_template($DAY, "{DAY}", $iday);
}
if (6 == dayofweek($month, $iday, $year)) {
//we will append these DAYS to WEEKS and empty DAYS
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
$DAYS = "";
}
}
//now lets pad the last week of the calendar
$lastday = dayofweek($month, $iday, $year);
while ($lastday < 6) {
$DAYS .= $DAY;
$lastday++;
}
//now lets close out the calendar.
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
//lets add the month, year, prev/next month and year
$WORK = insert_into_template($MONTH, "{PREVMONTH}", $prevmonth);
$WORK = insert_into_template($WORK, "{PREVYEAR}", $prevyear);
$WORK = insert_into_template($WORK, "{NEXTMONTH}", $nextmonth);
$WORK = insert_into_template($WORK, "{NEXTYEAR}", $nextyear);
$WORK = insert_into_template($WORK, "{MONTH}", $monthname);
$WORK = insert_into_template($WORK, "{YEAR}", $year);
//lets add our weeks to the calendar
$WORK = insert_into_template($WORK, "{WEEKS}", $WEEKS);
//now lets output the calendar
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, $monthname);
printf("%s", striptemplate($WORK));
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$ARTICLES = loadadmintmplate("articles");
$WORK = $ARTICLES;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit an article
//lets get the article from the db
$sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the article exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
}
} else {
//if we are not editing an article lets prepare the form for a new article.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete an article if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
$user = admincookie();
$posted_by = $user['user_id'];
if (isset($HTTP_POST_VARS['newarticle'])) {
//its a new article being saved.
$sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
$result = db_query($sql);
} elseif (isset($HTTP_POST_VARS['articleid'])) {
//its an old article being saved
$sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
$result = db_query($sql);
} else {
$WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
}
}
//lets output our article cp.
$WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function delete_request($id)
{
global $list_prefix;
$sql = "DELETE FROM " . $list_prefix . "prayer_list WHERE `id`=" . $id . ";";
$result = db_query($sql);
if ($result) {
$CONTENT = "The selected request has been deleted.<br /\r\n";
} else {
$CONTENT = "ERROR: unable to delete request.<br />\r\n";
}
//now lets output our prayer requests.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "Prayer List");
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
} else {
$rows = 0;
}
$i = 0;
while ($i < $rows) {
$row = db_fetch_array($result);
$i++;
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $row['id'] . "' ORDER BY `order`;";
$result2 = db_query($sql);
if ($result2) {
//if its in the db we will go with the db's configured value.
$rows2 = db_num_rows($result2);
} else {
$rows2 = 0;
}
$j = 0;
if ($rows2 > 0) {
$WORK .= insert_into_template($CATEGORIES, "{CATEGORY}", $row['name']);
}
$CONTENT = "";
while ($j < $rows2) {
$row2 = db_fetch_array($result2);
$CONTENT .= insert_into_template($LINKS, "{LINKURL}", $row2['url']);
$CONTENT = insert_into_template($CONTENT, "{LINKTITLE}", $row2['title']);
$j++;
}
$WORK = insert_into_template($WORK, "{LINKS}", $CONTENT);
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "Links");
printf("%s", striptemplate($WORK));
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CALENDAR = loadadmintmplate("calendar");
$CONTENT = "";
//first lets see if we are deleting an event
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
//we are deleting this event.
if (isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "calendar` WHERE `id` = '" . $HTTP_POST_VARS['deletelist'] . "';";
$result = db_query($sql);
} else {
$CONTENT .= "You must check the checkbox to confirm deleting this event.<BR>\r\n";
}
}
//lets see if we are adding a weekly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dow")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '" . $HTTP_POST_VARS['dow'] . "', '', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a monthly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dom")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '" . $HTTP_POST_VARS['dom'] . "', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a yearly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "moy")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '" . $HTTP_POST_VARS['moy'] . $HTTP_POST_VARS['domoy'] . "', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a scheduled event
if (0 == strcmp($HTTP_GET_VARS['mode'], "norm")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '', '" . $HTTP_POST_VARS['yearlist'] . $HTTP_POST_VARS['month'] . $HTTP_POST_VARS['day'] . "', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets draw our interface now.
$CONTENT .= insert_into_template($CALENDAR, "{DELETE_LIST}", listevents());
$CONTENT = insert_into_template($CONTENT, "{YEARMENU}", yearmenu());
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
