function showlist($perpage)
{
global $list_prefix;
$PRAYERLISTMOD = loadtmplate("prayerlist.mod");
//lets set our content to be blank.
$CONTENT = "";
//lets setup our query
$sql = "SELECT * FROM " . $list_prefix . "prayer_list WHERE `expired` = '0' LIMIT 0," . $perpage . ";";
//now lets show the prayerlist entries.
$result = db_query($sql);
@($rows = db_num_rows($result));
if ($rows != 0) {
$j = 0;
while ($j < $rows) {
//lets fetch our prayer request from the database.
$row = db_fetch_array($result);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($PRAYERLISTMOD, "{REQUESTFOR}", striphtml($row['request_for']));
$WORK = insert_into_template($WORK, "{REQUEST}", striphtml($row['request']));
if ($admin == 1) {
$WORK = insert_into_template($WORK, "{DELETE}", "<a href='prayerlist.php?delete=" . $row['id'] . "'>Delete</a>");
}
$j++;
//now lets add this request to the CONTENT.
$WORK = insert_into_template($WORK, "{REQUESTID}", $row['id']);
$CONTENT .= $WORK;
}
} else {
$CONTENT .= "There are no active prayer requests at this time.<BR>\r\n";
}
//when we output this lets make sure that the output is stripped of any template elements that are not used.
return striptemplate($CONTENT);
}
function modules()
{
global $list_prefix;
$MAIN = loadtmplate("main");
//lets get our module list from the DB.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'indexmodule' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
//lets see how many modules we have and initialize our variables.
$rows = db_num_rows($result);
$i = 0;
$CONTENT = "";
$perpage = 3;
//lets read our modules, load them, add their content to our main content.
while ($i < $rows) {
$row = db_fetch_array($result);
include_once $row['value'] . ".mod.php";
$CONTENT .= "<H2>" . $MOD['title'] . "</H2><BR>\r\n";
$CONTENT .= $MOD['content'];
$i++;
}
//lets insert our content into the template.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME}");
//this is an ugly hack but it works.
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
}
function shownews($id)
{
global $list_prefix, $NEWS, $MAIN;
$sql = "SELECT * FROM " . $list_prefix . "news WHERE id = '" . $id . "';";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows != 0) {
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$WORK = insert_into_template($WORK, "{NEWS}", stripslashes($row['news']));
$i++;
//now lets add this request to the CONTENT.
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, striphtml($row['news_title']));
printf("%s", striptemplate($WORK));
}
}
function content()
{
$MAIN = loadadmintmplate("main");
$CONTENT = "\r\n <p>\r\n For now there isn't much here in the way of content. please keep in mind\r\n that this project is still in its very early stages.\r\n </p>\r\n <p>\r\n <a href='http://fishcms.com'>FishCMS</a> is intended to be a simple, clean,\r\n and easy to use Content Management System targeted at Christian websites\r\n such as <a href='http://believewith.us'>BelieveWith.US</a>. FishCMS\r\n started out as an extension of the prayerlist program used at BelieveWith.US\r\n </p>\r\n <p>\r\n From this Admin Control Panel you will be able to edit, configure, and\r\n control your FishCMS site.\r\n </p>\r\n";
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$TEMPLATES = loadadmintmplate("templates");
if (isset($HTTP_GET_VARS['set'])) {
//if we are supposed to set the template
//set the template here
$sql = "UPDATE `" . $list_prefix . "config` SET `value` = '" . $HTTP_POST_VARS['template'] . "' WHERE `key` = 'template';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The theme was successfully changed to " . $HTTP_POST_VARS['template'] . "<BR>\r\n";
} else {
$CONTENT = "ERROR: I was unable to change the theme!<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//else we will draw the form for the user to change the template.
//first lets read the template from the configuration
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `Key` = 'template';";
$result = db_query($sql);
if (!$result) {
$template = "default";
} else {
$rows = db_num_rows($result);
if ($rows == 0) {
$template = "default";
} else {
$row = db_fetch_array($result);
$template = $row['value'];
}
}
$WORK = insert_into_template($TEMPLATES, "{TEMPLATE}", $template);
$WORK = insert_into_template($WORK, "{THEMELIST}", themelist($template));
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function getarticles($perpage)
{
global $list_prefix;
$ARTICLES = loadtmplate("articles.mod");
$CONTENT = "";
//lets calculate our query
$sql = "SELECT * FROM " . $list_prefix . "articles ORDER BY `date` DESC LIMIT 0," . $perpage . ";";
//now lets show the prayerlist entries.
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
$j = 0;
while ($j < $rows) {
//lets fetch our prayer request from the database.
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($ARTICLES, "{ARTICLETITLE}", stripslashes($row['article_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$j++;
//now lets add this request to the CONTENT.
$CONTENT .= $WORK;
}
} else {
$CONTENT .= "There are no active articles at this time.<BR>\r\n";
}
//when we output this lets make sure that the output is stripped of any template elements that are not used.
return striptemplate($CONTENT);
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$LINKS = loadadmintmplate("links");
$WORK = $LINKS;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit a link
//lets get the links from the db
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the news exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{LINKID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{LINKTITLE}", $row['title']);
$WORK = insert_into_template($WORK, "{LINKURL}", $row['url']);
}
} else {
//if we are not editing an news lets prepare the form for a new news.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete a link if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete a link.<br>\r\n" . $WORK;
}
//lets edit/add a link if thats our job.
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
if (isset($HTTP_POST_VARS['newlink'])) {
//we are adding a new link
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
if (isset($HTTP_POST_VARS['linktitle']) && isset($HTTP_POST_VARS['linkurl'])) {
$sql = "INSERT INTO " . $list_prefix . "links VALUES ('', '" . $HTTP_POST_VARS['category'] . "', '" . $HTTP_POST_VARS['linktitle'] . "', '" . $HTTP_POST_VARS['linkurl'] . "', '" . $order . "');";
$result = db_query($sql);
}
} else {
//we are editing an existing link
if (isset($HTTP_POST_VARS['linkid'])) {
//we must know the links linkid to work on it.
//lets get our existing db entry
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "' ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$row = db_fetch_array($result);
//lets figure out our order
$order = 1;
if (0 == strcmp($HTTP_POST_VARS['position'], "same")) {
//no change to the order.
$order = $row['order'];
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//it needs to move up
$sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "links` SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
// it needs to move down
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "links SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
}
}
//now we have the correct order, category, name, and url lets update the db
if ($row['category'] != $HTTP_POST_VARS['category']) {
//if we are moving to a NEW category lets make this the last link present.
$sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
}
//now lets save our changes
$sql = "UPDATE " . $list_prefix . "links SET `category` = '" . $HTTP_POST_VARS['category'] . "', `title` = '" . $HTTP_POST_VARS['linktitle'] . "', `url` = '" . $HTTP_POST_VARS['linkurl'] . "', `order` = '" . $order . "' WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "';";
$result = db_query($sql);
} else {
$WORK = "ERROR: you must check 'Save as a new link' to make a new link.<BR>\r\n" . $WORK;
}
}
catorder();
}
//lets output our news cp.
$WORK = insert_into_template($WORK, "{LINKSLIST}", linkslist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function processsubmission()
{
global $logged_in, $user, $HTTP_POST_VARS, $list_prefix, $MAIN;
//lets make sure anonymous requests are accepted as "logged in".
if (isset($HTTP_POST_VARS['anonymous'])) {
$logged_in = 1;
$email = 'anonymous';
$username = '******';
} else {
$email = $user['email'];
$username = $user['username'];
}
//lets accept request from users who are not cookied but are logging in.
if (!$logged_in && isset($HTTP_POST_VARS['user'])) {
$user = userlogin($HTTP_POST_VARS['user'], $HTTP_POST_VARS['pass'], $HTTP_POST_VARS['automatic']);
if (0 != strcmp($user['email'], "anonymous")) {
$logged_in = 1;
$email = $user['email'];
}
}
//lets see if our user is logged in
if (!$logged_in) {
//if our user is not logged in we will redo the form for them with the data pre-entered.
submissionform_redo();
} else {
//if they are logged in we will process the request.
$req_date = time();
switch ($HTTP_POST_VARS['expire_date']) {
case '1w':
$expire = $req_date + 60 * 60 * 24 * 7;
break;
case '2w':
$expire = $req_date + 2 * (60 * 60 * 24 * 7);
break;
case '30d':
$expire = $req_date + 60 * 60 * 24 * 30;
break;
case '90d':
$expire = $req_date + 60 * 60 * 24 * 90;
break;
case '1y':
$expire = $req_date + 60 * 60 * 24 * 365.25;
break;
}
//we need to find out what the next id number is, add one to it, and then add it to the sql insert.
$sql = "SELECT * FROM " . $list_prefix . "prayer_list ORDER BY `id` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$idval = $row['id'] + 1;
} else {
$idval = 1;
}
//lets do the sql insert
$sql = "INSERT INTO " . $list_prefix . "prayer_list (id, request_for, request, postdate, expiredate, requested_by, username) VALUES ('" . $idval . "', '" . $HTTP_POST_VARS['request_for'] . "', '" . $HTTP_POST_VARS['request'] . "', '" . $req_date . "', '" . $expire . "', '" . addslashes($email) . "', '" . addslashes($username) . "');";
$result = db_query($sql);
if ($result) {
$WORK = "Your prayer request has been processed.<BR>\r\n";
} else {
$WORK = "ERROR: the server was unable to process your prayer request at this time.<BR>\r\n";
$WORK .= "The SQL query was: " . $sql . "<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "Submit a Prayer Request");
printf("%s", striptemplate($WORK));
}
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$GENERAL = loadadmintmplate("general");
$CONTENT = "";
//we will process changes here.
if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
//changes to the site info
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
$result = db_query($sql);
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
$result = db_query($sql);
$RESULT = "Changes to site configuration saved.<BR>\r\n";
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
//changes to the index page
if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
$sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now use the modules for content.";
} elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
//if we have checked the redirect
if (isset($HTTP_POST_VARS['redirect'])) {
//and if we know where to redirect the user to...
$sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
$result = db_query($sql);
$RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
} else {
$RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
}
}
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
//changes to the active modules
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to make the module inactive lets do it.
$sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
$result = db_query($sql);
$sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
$result = db_query($sql);
$RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
} else {
$RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
}
} else {
$RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
}
}
fixorder(1);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
//changes to the inactive modules
$sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
$order = 1;
}
$sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
$result = db_query($sql);
$RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
}
//output will be added to $CONTENT.
$CONTENT .= $RESULT . $GENERAL;
//We don't have to read the site info from the db and place it into the
//template because the filltemplate function will do it for us automagically.
//we will read and output the index page settings here.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
$result = db_query($sql);
if ($result) {
//if its in the db we will go with the db's configured value
$rows = db_num_rows($result);
$row = db_fetch_array($result);
$action = $row['value'];
} else {
$action = "modules";
}
if (strcmp($action, "modules") != 0) {
$CHECKED = "{REDIRCHECKED}";
} else {
$CHECKED = "{MODCHECKED}";
$action = "";
}
$CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
//This is backards to how we normally do things but it works!
$CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
//we will read and output the active index modules here
$CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
//we will read and output the inactive index modules here
$CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
//now we will output our work.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
$DAYS .= insert_into_template($WORK, "{YEAR}", $year);
} else {
$DAYS .= insert_into_template($DAY, "{DAY}", $iday);
}
if (6 == dayofweek($month, $iday, $year)) {
//we will append these DAYS to WEEKS and empty DAYS
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
$DAYS = "";
}
}
//now lets pad the last week of the calendar
$lastday = dayofweek($month, $iday, $year);
while ($lastday < 6) {
$DAYS .= $DAY;
$lastday++;
}
//now lets close out the calendar.
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
//lets add the month, year, prev/next month and year
$WORK = insert_into_template($MONTH, "{PREVMONTH}", $prevmonth);
$WORK = insert_into_template($WORK, "{PREVYEAR}", $prevyear);
$WORK = insert_into_template($WORK, "{NEXTMONTH}", $nextmonth);
$WORK = insert_into_template($WORK, "{NEXTYEAR}", $nextyear);
$WORK = insert_into_template($WORK, "{MONTH}", $monthname);
$WORK = insert_into_template($WORK, "{YEAR}", $year);
//lets add our weeks to the calendar
$WORK = insert_into_template($WORK, "{WEEKS}", $WEEKS);
//now lets output the calendar
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, $monthname);
printf("%s", striptemplate($WORK));
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$ARTICLES = loadadmintmplate("articles");
$WORK = $ARTICLES;
if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
//if we are to edit an article
//lets get the article from the db
$sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows == 0) {
//lets make sure that the article exists
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
} else {
//if it does we will read it from the db and add it to our output.
$row = db_fetch_array($result);
$WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
$WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
$WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
}
} else {
//if we are not editing an article lets prepare the form for a new article.
$WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
$WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
}
//lets delete an article if its selected
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
$result = db_query($sql);
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
$WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
$user = admincookie();
$posted_by = $user['user_id'];
if (isset($HTTP_POST_VARS['newarticle'])) {
//its a new article being saved.
$sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
$result = db_query($sql);
} elseif (isset($HTTP_POST_VARS['articleid'])) {
//its an old article being saved
$sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
$result = db_query($sql);
} else {
$WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
}
}
//lets output our article cp.
$WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
$WORK = insert_into_template($LINK_DAY, "{MONTH}", $month);
$WORK = insert_into_template($WORK, "{DAY}", $iday);
$DAYS .= insert_into_template($WORK, "{YEAR}", $year);
} else {
$DAYS .= insert_into_template($DAY, "{DAY}", $iday);
}
if (6 == dayofweek($month, $iday, $year)) {
//we will append these DAYS to WEEKS and empty DAYS
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
$DAYS = "";
}
}
//now lets pad the last week of the calendar
$lastday = dayofweek($month, $iday, $year);
while ($lastday < 6) {
$DAYS .= $DAY;
$lastday++;
}
//now lets close out the calendar.
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
//lets add the month, year, prev/next month and year
$WORK = insert_into_template($MONTH, "{PREVMONTH}", $prevmonth);
$WORK = insert_into_template($WORK, "{PREVYEAR}", $prevyear);
$WORK = insert_into_template($WORK, "{NEXTMONTH}", $nextmonth);
$WORK = insert_into_template($WORK, "{NEXTYEAR}", $nextyear);
$WORK = insert_into_template($WORK, "{MONTH}", $monthname);
$WORK = insert_into_template($WORK, "{YEAR}", $year);
//lets add our weeks to the calendar
$BLOCK['title'] = "Calendar";
$BLOCK['content'] = insert_into_template($WORK, "{WEEKS}", $WEEKS);
//now lets output the calendar
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$BLOCKS = loadadmintmplate("blocks");
//we will process changes here
if (0 == strcmp($HTTP_GET_VARS['mode'], "ablocks")) {
//process active blocks
if (isset($HTTP_POST_VARS['disable'])) {
//if we are to disable the block
$sql = "DELETE FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
} else {
//otherwise we will process all the fields.
//lets read the db info for the block, we will set the default order also
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
$row = db_fetch_array($result);
$order = $row['order'];
$id = $row['id'];
} else {
$order = 1;
}
//we will default to order of 1.
//lets determine if there are any moves
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
//if it moves up
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` < '" . $order . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it up, but if there are rows we want to trade places with the one above.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
//if it doesn't move.
//now we will find the new value for $order to move to
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` > '" . $order . "' ORDER by `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows != 0) {
//if we have no rows we don't move it down, but if there are rows we want to trade places with the one below.
$row2 = db_fetch_array($result);
//now we will set $row2 to $row's order
$sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
if ($result) {
//if we succeeded we will now change $order to $row2's previous order
$order = $row2['order'];
}
}
}
//now lets see if we are moving the block to a new blockset
if (0 != strcmp($HTTP_POST_VARS['block_area'], "-")) {
//we are moving the blockset
$blockset = $HTTP_POST_VARS['block_area'];
//if we are moving to a new block set we need to make 100% sure that we don't break the order so we will put this on the end of that blockset.
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
} else {
//we are not moving the blockset
$blockset = $row['blockset'];
}
//here is where we will update the db with the new values for block.
$sql = "UPDATE " . $list_prefix . "blocks SET `blockset` = '" . $blockset . "', `order` = '" . $order . "' WHERE `id` = '" . $id . "';";
$result = db_query($sql);
}
//here we will run fix order to correct any issues in the order of the modules.
fixorder(1, 1);
fixorder(1, 2);
fixorder(1, 3);
fixorder(1, 4);
}
if (0 == strcmp($HTTP_GET_VARS['mode'], "iblocks")) {
//process inactive blocks
//lets figure out what our order and blockset are.
$blockset = $HTTP_POST_VARS['block_area'];
$sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if (0 != $rows) {
$row = db_fetch_array($result);
$order = $row['order'] + 1;
} else {
//there are no blocks in this blockset so we will be the first.
$order = 1;
}
//now lets prepare our sql query
$sql = "INSERT INTO " . $list_prefix . "blocks VALUES ('', '" . $HTTP_POST_VARS['inactive_blocks'] . "', '" . $blockset . "', '" . $order . "');";
$result = db_query($sql);
}
//now we will handle our output.
$WORK = insert_into_template($BLOCKS, "{INACTIVE_BLOCK_LIST}", list_inactive_blocks());
$WORK = insert_into_template($WORK, "{ACTIVE_BLOCK_LIST}", list_active_blocks());
$WORK = insert_into_template($WORK, "{MOVE_AREA_LIST}", move_area_list());
$WORK = insert_into_template($WORK, "{AREA_LIST}", area_list());
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CALENDAR = loadadmintmplate("calendar");
$CONTENT = "";
//first lets see if we are deleting an event
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
//we are deleting this event.
if (isset($HTTP_POST_VARS['delete_yes'])) {
$sql = "DELETE FROM `" . $list_prefix . "calendar` WHERE `id` = '" . $HTTP_POST_VARS['deletelist'] . "';";
$result = db_query($sql);
} else {
$CONTENT .= "You must check the checkbox to confirm deleting this event.<BR>\r\n";
}
}
//lets see if we are adding a weekly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dow")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '" . $HTTP_POST_VARS['dow'] . "', '', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a monthly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "dom")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '" . $HTTP_POST_VARS['dom'] . "', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a yearly event
if (0 == strcmp($HTTP_GET_VARS['mode'], "moy")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '" . $HTTP_POST_VARS['moy'] . $HTTP_POST_VARS['domoy'] . "', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets see if we are adding a scheduled event
if (0 == strcmp($HTTP_GET_VARS['mode'], "norm")) {
//we are adding a event
$utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
$sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '', '" . $HTTP_POST_VARS['yearlist'] . $HTTP_POST_VARS['month'] . $HTTP_POST_VARS['day'] . "', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
$result = db_query($sql);
}
//lets draw our interface now.
$CONTENT .= insert_into_template($CALENDAR, "{DELETE_LIST}", listevents());
$CONTENT = insert_into_template($CONTENT, "{YEARMENU}", yearmenu());
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
function filltemplate($TEMPLATE, $TITLE)
{
//this function will consolidate code in most pages.
global $list_prefix;
//lets process the page title.
$WORK = insert_into_template($TEMPLATE, "{TITLE}", $TITLE);
//lets process the links
$WORK = insert_into_template($WORK, "{NAVLINKS}", GETNAVLINKS());
$WORK = insert_into_template($WORK, "{APPLINKS}", GETPLAPPLINKS(getuserinfo()));
//lets process the sitename
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'sitename';";
$result = db_query($sql);
$rows = db_num_rows($result);
if (isset($rows) && $rows > 0) {
$row = db_fetch_array($result);
$VALUE = $row['value'];
} else {
$VALUE = "localhost";
}
$WORK = insert_into_template($WORK, "{SITENAME}", $VALUE);
//lets process the site description
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'sitedescription';";
$result = db_query($sql);
$rows = db_num_rows($result);
if (isset($rows) && $rows > 0) {
$row = db_fetch_array($result);
$VALUE = $row['value'];
} else {
$VALUE = "Another FishCMS site.";
}
$WORK = insert_into_template($WORK, "{SITEDESCRIPTION}", $VALUE);
//lets process the site copyright notice.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'copyright';";
$result = db_query($sql);
$rows = db_num_rows($result);
if (isset($rows) && $rows > 0) {
$row = db_fetch_array($result);
$VALUE = $row['value'];
} else {
$VALUE = "FishCMS is licensed under the GNU Public License<BR>\n© 2005 by G.A. Heath and Michael Rice.";
}
$WORK = insert_into_template($WORK, "{COPYRIGHT}", $VALUE);
//lets process the site email address.
$sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'email';";
$result = db_query($sql);
$rows = db_num_rows($result);
if (isset($rows) && $rows > 0) {
$row = db_fetch_array($result);
$VALUE = $row['value'];
} else {
$VALUE = "FishCMS is licensed under the GNU Public License<BR>\n© 2005 by G.A. Heath and Michael Rice.";
}
$WORK = insert_into_template($WORK, "{EMAIL}", $VALUE);
//lets process the blocks
//for now we will support 4 sets of blocks in the templates, later this will be dynamic.
//block 1
$WORK = insert_into_template($WORK, "{BLOCKS1}", getblocks(1));
//block 2
$WORK = insert_into_template($WORK, "{BLOCKS2}", getblocks(2));
//block 3
$WORK = insert_into_template($WORK, "{BLOCKS3}", getblocks(3));
//block 4
$WORK = insert_into_template($WORK, "{BLOCKS4}", getblocks(4));
// $WORK=insert_into_template ($WORK, "", );
return $WORK;
}
function shownews($category)
{
global $HTTP_GET_VARS, $NEWS, $list_prefix, $MAIN;
$CONTENT = "";
if (isset($HTTP_GET_VARS['perpage']) && is_numeric($HTTP_GET_VARS['perpage'])) {
$perpage = $HTTP_GET_VARS['perpage'];
} else {
$perpage = 3;
}
//lets see if the user has specified to show all requests on a single page.
if (isset($HTTP_GET_VARS['onepage'])) {
$onepage = 1;
} else {
$onepage = 0;
}
//lets see what page we are on
if (!isset($HTTP_GET_VARS['page']) || !is_numeric($HTTP_GET_VARS['page'])) {
$page = 1;
} else {
$page = $HTTP_GET_VARS['page'];
}
//lets calculate our start position for our query if needed.
$start = ($page - 1) * $perpage;
//lets calculate our query
$sql = "SELECT * FROM " . $list_prefix . "news";
if ($category != 0) {
$sql .= " WHERE category = '" . $category . "'";
}
if ($onepage == 0) {
$sql .= " ORDER BY `date` DESC LIMIT " . $start . "," . $perpage . ";";
} else {
$sql .= " ORDER BY `date` DESC;";
}
//now lets show the prayerlist entries.
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows != 0) {
$i = 0;
while ($i < $rows) {
//lets fetch our prayer request from the database.
$row = db_fetch_array($result);
$postedby = getuser($row['posted_by']);
//lets insert the prayerrequest into our working copy of this template.
$WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
$WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
$WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
$WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
$WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
$WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
$WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
$i++;
//now lets add this request to the CONTENT.
$CONTENT .= $WORK;
}
$sql = "SELECT * FROM " . $list_prefix . "news;";
$result = db_query($sql);
$rows = db_num_rows($result);
$pages = ($rows - $rows % $perpage) / $perpage;
//this is the number of complete pages.
if ($rows % $perpage > 0) {
$pages++;
}
//this will take care of incomplete pages.
//lets list a previous page link if needed.
if ($pages > 1 && $onepage == 0) {
$i = 0;
if ($page != 1) {
$CONTENT .= "<a href='news.php?page" . ($page - 1) . "'>prev</a> \r\n";
}
//lets list all pages a user can click on.
while ($i < $pages) {
$i++;
if ($i != $page) {
$CONTENT .= "<a href='news.php?page=" . $i . "'>" . $i . "</a> \r\n";
} else {
$CONTENT .= $i . " ";
}
}
//lets create a next page link if needed
if ($page != $pages) {
$CONTENT .= "<a href='news.php?page=" . ($page + 1) . "'>next</a>\r\n";
}
$CONTENT .= "<div align=\"right\"><a href='news.php?onepage=1'>Show all requests on one page.</a></div><br />\r\n";
}
} else {
$CONTENT .= "There are no active news at this time.<BR>\r\n";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "News");
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
function content()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
$MAIN = loadadmintmplate("main");
$CATEGORIES = loadadmintmplate("categories");
//we can choose to edit, add, or delete a category.
if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
if (isset($HTTP_POST_VARS['delete_yes'])) {
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "DELETE FROM `" . $list_prefix . "category` WHERE `id` = " . $HTTP_POST_VARS['category'] . ";";
$result = db_query($sql);
if ($result) {
$CONTENT = "The selected category has been deleted.<BR><BR>";
} else {
$CONTENT = "The selected category could not be deleted.<BR><BR>";
}
} else {
$CONTENT = "You can not delete the SYSTEM category.<BR><BR>";
}
} else {
$CONTENT = "You must click the checkbox to delete a category.<BR><BR>";
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "add")) {
//we will do a search of the categories in the db in reverse sort on order.
$sql = "SELECT * FROM `" . $list_prefix . "category` ORDER BY `order` DESC limit 1;";
$result = db_query($sql);
$rows = db_num_rows($result);
//we will add +1 to that for the new entry's order.
if ($rows == 0) {
$order = 1;
} else {
//we will add +1 to that for the new entry's order.
$row = db_fetch_array($result);
$order = $row['order'] + 1;
}
//then we will insert the new category and its order value into the db.
//we will then report success or failure and draw the page.
if (isset($HTTP_POST_VARS['catname'])) {
$sql = "INSERT INTO " . $list_prefix . "category VALUES ('', '" . $HTTP_POST_VARS['catname'] . "', '" . $order . "');";
$result = db_query($sql);
if ($result) {
$CONTENT = "The category " . $HTTP_POST_VARS['catname'] . " has been added to the database<BR><BR>\r\n";
} else {
$CONTENT = "Sorry there was an ERROR while adding the category to the database.<BR><BR>\r\n";
}
} else {
$CONTENT = "Sorry but the category must have a name!<BR><BR>\r\n";
}
//lets output the results.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} elseif (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
//first we must make sure that our category is valid and not category 0
if ($HTTP_POST_VARS['category'] > 0) {
$sql = "SELECT * FROM `" . $list_prefix . "category` WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row = db_fetch_array($result);
//lets figure out if we need to change the name or leave it the same.
if (isset($HTTP_POST_VARS['catname']) && $HTTP_POST_VARS['catname'] != "") {
$name = $HTTP_POST_VARS['catname'];
} else {
$name = $row['name'];
}
//lets figure out if there's a change to the order.
if (isset($HTTP_POST_VARS['position'])) {
if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
$result = db_query($sql);
if ($result) {
$rows = db_num_rows($result);
} else {
$rows = 0;
}
if ($rows > 0) {
$row2 = db_fetch_array($result);
$sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
$result = db_query($sql);
$order = $row2['order'];
} else {
$order = $row['order'];
}
} else {
//the order will stay the same by default.
$order = $row['order'];
}
}
$sql = "UPDATE `" . $list_prefix . "category` SET ";
$sql .= "`name` = '" . $name . "', `order` = '" . $order . "' ";
$sql .= "WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
$result = db_query($sql);
if ($result) {
$CONTENT = "The changes made have been saved.<BR><BR>\r\n";
} else {
$CONTENT = "ERROR: Unable to make the changes requested.<BR><BR>\r\n";
}
} else {
$CONTENT = "ERROR: Unable to alter a category that does not exist.<BR><BR>\r\n";
}
}
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
} else {
//here we will read the categories from the db and let the user choose to delete or edit them.
//we will include a form to optionally add a category.
//category 0 is always present and can not be deleted.
//to delete a category the user must choose it from a list, enter the name in a box and click "Delete"
$CONTENT = "<select name='category'>";
$sql = "SELECT * FROM " . $list_prefix . "category WHERE `id` > 0 ORDER BY `order`;";
$result = db_query($sql);
$rows = db_num_rows($result);
if ($rows == 0) {
$CONTENT .= "<option value='-'>No categories found</option>";
} else {
$i = 0;
while ($i < $rows) {
$row = db_fetch_array($result);
$CONTENT .= "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
$i++;
}
}
$CONTENT .= "</select>";
//lets output the results.
$WORK = insert_into_template($CATEGORIES, "{CATLIST}", $CONTENT);
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, "{SITENAME} Administration panel");
printf("%s", striptemplate($WORK));
}
}
function delete_request($id)
{
global $list_prefix;
$sql = "DELETE FROM " . $list_prefix . "prayer_list WHERE `id`=" . $id . ";";
$result = db_query($sql);
if ($result) {
$CONTENT = "The selected request has been deleted.<br /\r\n";
} else {
$CONTENT = "ERROR: unable to delete request.<br />\r\n";
}
//now lets output our prayer requests.
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, "Prayer List");
//when we output this lets make sure that the output is stripped of any template elements that are not used.
printf("%s", striptemplate($WORK));
}
