Example #1
0
File: ACP.php Project: exts/nab145
function manageboards()
{
    if (!isset($_GET['type'])) {
        $BODY = "";
        $cats = mysql_query("SELECT * FROM `categories` ORDER BY `order`");
        if (mysql_num_rows($cats) > 0) {
            $BODY .= "<table width='100%' cellspacing='3' cellpadding='0'>";
            while ($row = mysql_fetch_array($cats)) {
                $BODY .= "\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td width='80%'><strong>" . $row['title'] . "</strong></td>\n\t\t\t\t\t\t\t<td width='20%'><a href='acp.php?action=boards&type=cat&id=" . $row['id'] . "&edit'>Edit</a> <a href='acp.php?action=boards&type=cat&id=" . $row['id'] . "&delete'>Delete</a></td></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t";
                $forums = mysql_query("SELECT * FROM `forums` WHERE `cid` = '" . $row['id'] . "'");
                $forums_ = "";
                while ($forum = mysql_fetch_array($forums)) {
                    $forums_ .= "<a href='acp.php?action=boards&type=forum&id=" . $forum['id'] . "&edit'>" . $forum['title'] . "</a>, ";
                }
                $BODY .= "\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td colspan='2'>" . substr($forums_, 0, strlen($forums_) - 2) . "</td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t";
            }
            $BODY .= "</table>";
        } else {
            return "There aren't any categorys in the database, go create some.";
        }
        return $BODY;
    } else {
        switch ($_GET['type']) {
            case "cat":
                if (isset($_GET['edit']) and !isset($_GET['delete'])) {
                    $cid = intval(htmlspecialchars($_GET['id']));
                    $sql = mysql_query("SELECT * FROM `categories` WHERE `id` = '" . $cid . "'");
                    $row = mysql_fetch_array($sql);
                    if (!isset($_POST['submit'])) {
                        return "\n\t\t\t\t\t\t\t\t<form method='post' action=''>\n\t\t\t\t\t\t\t\t\t<table width='100%' cellspacing='3' cellpadding='0'>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='30%'>Category Name</td>\n\t\t\t\t\t\t\t\t\t\t\t<td width='70%'><input type='text' name='name' value='" . $row['title'] . "' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td colspan='2' align='center'><input type='submit' name='submit' value='Edit Category' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t";
                    } else {
                        if (!empty($_POST['name'])) {
                            $category = htmlspecialchars($_POST['name']);
                            $id = intval(htmlspecialchars($_GET['id']));
                            if (mysql_query("UPDATE `categories` SET `title` = '" . $category . "' WHERE `id` = '" . $id . "'")) {
                                return "Category was updated successfully.";
                            } else {
                                return "There was a problem updating category, please contact Nevux Ability Boards Tech Support.";
                            }
                        } else {
                            return "You left a field blank please go back and make sure all fields are filled.";
                        }
                    }
                } elseif (isset($_GET['delete']) and !isset($_GET['edit'])) {
                    if (!isset($_POST['delete'])) {
                        return "\n\t\t\t\t\t\t\t\t<form method='post' action=''>\n\t\t\t\t\t\t\t\t\t<table width='100%'>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='50%'>Are you Sure you want to delete this Category?</td><td width='50%'><input type='submit' name='delete' value='Delete' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t";
                    } else {
                        $id = intval(htmlspecialchars($_GET['id']));
                        if (mysql_query("DELETE FROM `categories` WHERE `id` = '" . $id . "'")) {
                            return "Category was deleted successfully.";
                        } else {
                            return "There was an error deleteing categorys from Database.";
                        }
                    }
                } else {
                    return "Error action.";
                }
                break;
            case "forum":
                if (isset($_GET['edit']) and !isset($_GET['delete'])) {
                    $id = intval(htmlspecialchars($_GET['id']));
                    $sql = mysql_query("SELECT * FROM `forums` WHERE `id` = '" . $id . "'");
                    $row = mysql_fetch_array($sql);
                    $sub = "";
                    $sub_ = mysql_query("SELECT * FROM `forums` WHERE `sid` = '" . $row['id'] . "'");
                    if (mysql_num_rows($sub_) > 0) {
                        while ($rows = mysql_fetch_array($sub_)) {
                            $sub .= "<a href='acp.php?action=boards&type=forum&id=" . $rows['id'] . "&edit'>" . $rows['title'] . "</a>, ";
                        }
                    }
                    if (!isset($_POST['submit'])) {
                        return "\n\t\t\t\t\t\t\t\t<form method='post' action=''>\n\t\t\t\t\t\t\t\t\t<table width='100%' cellspacing='3' cellpadding='0'>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='30%'>Forum Name</td>\n\t\t\t\t\t\t\t\t\t\t\t<td width='70%'><input type='text' name='name' value='" . $row['title'] . "' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='30%' valign='top'>Forum Description</td>\n\t\t\t\t\t\t\t\t\t\t\t<td width='70%'><textarea cols='20' rows='5' name='desc'>" . $row['description'] . "</textarea></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='30%'>Forum Parent</td>\n\t\t\t\t\t\t\t\t\t\t\t<td width='70%'>" . parents($row['cid'] != 0 ? $row['cid'] : $row['sid'], $row['cid'] != 0 ? "c" : "f") . "</td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='30%'>Forum Locked</td>\n\t\t\t\t\t\t\t\t\t\t\t<td width='70%'><input type='checkbox' " . ($row['locked'] == 't' ? 'checked="checked"' : '') . " name='locked' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td colspan='2'>\n\t\t\t\t\t\t\t\t\t\t\t\t" . forum_permissions(1, 2, $row['permissions']) . "\n\t\t\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td colspan='2' align='center'><input type='submit' name='submit' value='Edit Forum' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td colspan='2' width='100%'>" . ($sub == "" ? '' : '<strong>SubForums</strong>: ' . substr($sub, 0, strlen($sub) - 2)) . "</td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td colspan='2'><a href='acp.php?action=boards&type=forum&id=" . $_GET['id'] . "&delete'>Delete Forum</a></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t";
                    } else {
                        if (!empty($_POST['parent']) and !empty($_POST['name'])) {
                            $views = array();
                            $read = array();
                            $reply_p = array();
                            $reply_t = array();
                            if ($_POST['view']) {
                                foreach ($_POST['view'] as $v) {
                                    $views[$v] = 't';
                                }
                            }
                            if ($_POST['read']) {
                                foreach ($_POST['read'] as $b) {
                                    $read[$b] = 't';
                                }
                            }
                            if ($_POST['reply']) {
                                foreach ($_POST['reply'] as $w) {
                                    $reply_p[$w] = 't';
                                }
                            }
                            if ($_POST['topic']) {
                                foreach ($_POST['topic'] as $e) {
                                    $reply_t[$e] = 't';
                                }
                            }
                            $permissions = serialize(array('view' => $views, 'read' => $read, 'reply' => $reply_p, 'topic' => $reply_t));
                            $permissions = mysql_real_escape_string($permissions);
                            $id = intval(htmlspecialchars($_GET['id']));
                            $parent = explode("|", $_POST['parent']);
                            $parent_ = $parent[0] == 'cat' ? "`cid`" : "`sid`";
                            $parent2_ = $parent[0] == 'cat' ? "`sid`" : "`cid`";
                            $title = htmlspecialchars($_POST['name']);
                            $desc = htmlspecialchars($_POST['desc']);
                            $locked = isset($_POST['locked']) ? 't' : 'f';
                            if (mysql_query("UPDATE `forums` SET `permissions` = '" . $permissions . "', " . $parent2_ . " = '0', " . $parent_ . " = '" . $parent[1] . "', `title` = '" . $title . "',`description` = '" . $desc . "',`locked` = '" . $locked . "' WHERE `id` = '" . $id . "'")) {
                                return "Forum was successfully updated into database." . $parent[0];
                            } else {
                                return "Sorry, there was an sql error trying to update data into database.";
                            }
                        } else {
                            return "You either left a field blank, or you need to create a category before adding any forums.";
                        }
                    }
                } elseif (isset($_GET['delete']) and !isset($_GET['edit'])) {
                    $id = intval(htmlspecialchars($_GET['id']));
                    if (!isset($_POST['delete'])) {
                        return "\n\t\t\t\t\t\t\t\t<form method='post' action=''>\n\t\t\t\t\t\t\t\t\t<table width='100%'>\n\t\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t\t<td width='50%'>Are you Sure you want to delete this Forum?</td><td width='50%'><input type='submit' name='delete' value='Delete' /></td>\n\t\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t\t</form>\n\t\t\t\t\t\t\t";
                    } else {
                        $id = intval(htmlspecialchars($_GET['id']));
                        if (mysql_query("DELETE FROM `forums` WHERE `id` = '" . $id . "'")) {
                            return "Forum was deleted successfully.";
                        } else {
                            return "There was an error deleteing Forum from Database.";
                        }
                    }
                } else {
                    return "Error action.";
                }
                break;
        }
    }
}
function lca($n, $m)
{
    $LCA = 0;
    $arr1 = array();
    $arr2 = array();
    $arr1 = parents($n, 0);
    $arr2 = parents($m, 0);
    if (count($arr1) > count($arr2)) {
        $limit = count($arr2);
    } else {
        $limit = count($arr1);
    }
    for ($i = 0; $i < $limit; $i++) {
        if ($arr1[$i] == $arr2[$i]) {
            $LCA = $arr1[$i];
            break;
        }
    }
    return $LCA;
    //this is the index of the element in the tree
}