function module_delete_article()
{
    echo "<!-- start delete article -->";
    if (!$_SESSION['valid_user']) {
        echo "Du m&aring være innlogget for &aring f&aring tilgang til denne siden.";
    } else {
        $reallydelete = $_REQUEST['reallydelete'];
        $articleid = $_REQUEST['articleid'];
        // TODO: this smells like shit..
        if ($reallydelete) {
            $query = "select * from articles where articleid={$articleid}";
            $result = DB_get_table($query);
            $num_results = DB_rows_affected($result);
            if ($num_results == 1) {
                //$deletequery = "DELETE FROM articles WHERE articleid = $articleid;";
                $deletequery = "UPDATE articles SET is_deleted = 1 WHERE articleid = {$articleid};";
                $deleteresult = DB_update($deletequery);
                global $logtype;
                global $eventdesc;
                write_log_entry($articleid, $logtype['article'], "deletearticle,");
                echo "<h3>F&oslash;lgende artikkel er n&aring; slettet fra databasen</h3>";
                $row = DB_next_row($result);
                echo '<p><strong>' . ($i + 1) . '. Title: ';
                echo htmlspecialchars(stripslashes($row['title']));
                echo '</strong><br />Author: ';
                echo stripslashes($row['author']);
                echo '<br />Date: ';
                echo stripslashes($row['date']);
                echo '<br />Article ID: ';
                echo stripslashes($row['articleid']);
                echo '<br />Article priority: ';
                echo stripslashes($row['priority']);
                echo '<br />Text:<br/> ';
                echo stripslashes($row['body']);
                echo '</p>';
            } else {
                echo "<h3>Artikkelen fins ikke i databasen.</h3>";
            }
        } else {
            $query = "select * from articles where articleid={$articleid}";
            $row = searchDB($query);
            // lov til � slette?
            $ok = false;
            if (isset($_SESSION['valid_user'])) {
                if ($_SESSION['valid_user'] == $row['author_username']) {
                    $ok = true;
                }
            }
            if (isset($_SESSION['valid_admin'])) {
                if ($_SESSION['valid_admin']) {
                    $ok = true;
                }
            }
            if ($ok) {
                echo "Vil du virkelig slette " . stripslashes($row['title']) . "?";
                form_start_post();
                form_hidden("m_c", "module_delete_article");
                form_hidden("articleid", $articleid);
                form_hidden("reallydelete", "yes");
                form_submit("submit", "Ja, slett artikkelen.");
                form_end();
            } else {
                echo "Du må være forfatteren av denne teksten for å kunne slette den.";
            }
        }
    }
}
function deleteArticleService($articleid)
{
    // Array for storing i18n strings used by GUI
    $feedback = array();
    if (!article_exists($articleid)) {
        $feedback[] = "0";
        $feedback[] = "no_such_article";
        return $feedback;
    }
    if (daoDeleteArticle($articleid)) {
        $feedback[] = "1";
        $feedback[] = "article_deleted";
        // Log this deletion
        global $logtype;
        global $eventdesc;
        write_log_entry($articleid, $logtype['article'], "deletearticle,");
    } else {
        $feedback[] = "0";
        $feedback[] = "article_not_deleted";
    }
    return $feedback;
}
function module_admininput()
{
    // adminpage, stop here if not logged in/right access-level
    if (!isValidAdmin()) {
        echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
        return;
    }
    $inputaction = $_REQUEST['inputaction'];
    if ($inputaction == "addarticle") {
        save_form_article();
        $title = $_REQUEST['title'];
        $author = $_REQUEST['author'];
        $author_username = $_REQUEST['author_username'];
        $date_posted = $_REQUEST['year'] . "-" . $_REQUEST['month'] . "-" . $_REQUEST['day'];
        $time_posted = $_REQUEST['hours'] . ":" . $_REQUEST['minutes'];
        $comment_to = $_REQUEST['comment_to'];
        $is_draft = $_REQUEST['is_draft'];
        $body = $_REQUEST['body'];
        if ($is_draft == "ON") {
            $is_draft = 1;
            $log_description .= "savedraft,";
        } else {
            $is_draft = 'NULL';
        }
        if (strlen($comment_to) < 1) {
            $comment_to = "NULL";
            $log_description .= "savenewarticle,";
        } else {
            $log_description .= "savenewcomment,";
        }
        $query = "INSERT INTO articles (title, author, author_username, body, date_posted, time_posted, comment_to, is_draft, view_count) VALUES(\"{$title}\", \"{$author}\", \"{$author_username}\",  \"{$body}\", \"{$date_posted}\", \"{$time_posted}\", {$comment_to},{$is_draft},0);";
        echo $query;
        $result = DB_insert($query);
        global $logtype;
        if ($result) {
            echo "Artikkel lagt inn med id: " . mysql_insert_id();
            unset_form_article();
            if ($comment_to != "NULL") {
                $log_description .= "commentadded!,";
                write_log_entry(mysql_insert_id(), $logtype['comment'], $log_description);
            } else {
                $log_description .= "articleadded!,";
                write_log_entry(mysql_insert_id(), $logtype['article'], $log_description);
            }
        } else {
            echo "Oops: " . mysql_error();
        }
    } else {
        form_start_post();
        echo '<table class="default_table">';
        echo '<tr><td>Forfatter</td><td>';
        form_textfield("author", stripslashes($_SESSION['author']));
        echo '</td></tr>';
        echo '<tr><td>Forfatter_brukernavn</td><td>';
        form_textfield("author_username", stripslashes($_SESSION['author']));
        echo '</td></tr>';
        echo '<tr><td>Tittel</td><td class="form_article_title">';
        form_textfield("title", stripslashes(fix_quotes($_SESSION['title'])));
        echo '</td></tr>';
        echo '<tr><td>Dato</td><td>';
        form_datewidget($_SESSION['date_posted']);
        echo '</td></tr>';
        echo '<tr><td>Tidspunkt</td><td>';
        form_timewidget($_SESSION['time_posted']);
        echo '</td></tr>';
        echo '<tr><td>Kommentar til</td><td>';
        form_textfield("comment_to", $_SESSION['comment_to']);
        echo '</td></tr>';
        if ($_SESSION['is_draft'] == "ON") {
            echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>';
            form_checkbox("is_draft", "ON", "1");
            echo '</td></tr>';
        } else {
            echo '<tr><td>Bare lagre, <br/>ikke publiser</td><td>';
            form_checkbox("is_draft", "ON", "0");
            echo '</td></tr>';
        }
        echo '<tr><td colspan=2 class="form_article_text">';
        form_textarea("body", stripslashes($_SESSION['body']), 30, 10);
        echo '</td></tr>';
        echo '<tr><td colspan=2>';
        form_submit("Button", "Lagre artikkelen");
        echo '</td></tr>';
        echo '<tr><td colspan=2>';
        form_submit("preview", "Forhåndsvis artikkel");
        echo '</td></tr>';
        form_hidden("m_c", "module_admininput");
        form_hidden("inputaction", "addarticle");
        form_hidden("articleid", $_SESSION['articleid']);
        if (isset($edit)) {
            form_hidden("editarticle", "editarticle");
        }
        echo '</table>';
        form_end();
    }
}
function module_user_admin()
{
    // adminpage, stop here if not logged in/right access-level
    if (!isValidAdmin()) {
        echo getString("not_valid_admin", "Administratorside, du må logge inn for å få tilgang her");
        return;
    }
    echo "<!-- start user admin -->";
    $all_ok = true;
    global $menu_files;
    if (isset($_REQUEST['edituser'])) {
        if (isset($_REQUEST['savechanges'])) {
            if (!($password1 == $password2)) {
                $all_ok = false;
                $error_msg .= " Passwords don't match!";
            }
            if ($all_ok) {
                $result = saveuser($_POST['username'], $_POST['password1'], $_POST['email'], $_POST['firstname'], $_POST['lastname'], $_POST['webpage'], $_POST['birthdate'], $_POST['description'], $_POST['admin'], $_POST['may_post']);
            } else {
                echo $error_msg;
            }
            if ($result) {
                echo "Changes saved. Jolly good.";
                global $logtype;
                write_log_entry($_POST['username'], $logtype['user'], "admin_useredit,");
            } else {
                echo "No changes were made.";
            }
        } else {
            $query = "SELECT * FROM user WHERE username=\"" . $_POST['edituser'] . "\";";
            $row = DB_search($query);
            form_start_post();
            echo '<table class="default_table">';
            echo '<tr><td>Brukernavn</td><td>';
            echo $row['username'];
            echo '</td></tr>';
            echo '<tr><td>E-post</td><td>';
            form_textfield("email", stripslashes($row['email']));
            echo ' (må ligne på en ordentlig adresse)</td></tr>';
            echo '<tr><td>Fornavn</td><td>';
            form_textfield("firstname", $row['firstname']);
            echo ' (det dine venner kaller deg)</td></tr>';
            echo '<tr><td>Etternavn</td><td>';
            form_textfield("lastname", stripslashes($row['lastname']));
            echo ' (det du het i militæret)</td></tr>';
            echo '<tr><td>Passord</td><td>';
            form_password("password1", "");
            echo ' (minst 6 tegn)</td></tr>';
            echo '<tr><td>Gjenta passord</td><td>';
            form_password("password2", "");
            echo ' (helst likt det i feltet over)</td></tr>';
            echo '<tr><td>Fødselsdato</td><td>';
            form_select_number("birthday", 0, 0, $birthday);
            form_select_number("birthmonth", 0, 0, $birthmonth);
            form_select_number("birthyear", 0, 0, $birthyear);
            echo '</td></tr>';
            echo '<tr><td>Webside</td><td>';
            form_textfield("webpage", stripslashes($row['webpage']));
            echo ' (gjerne en som fins)</td></tr>';
            echo '<tr><td>Er administrator</td><td>';
            form_textfield("admin", stripslashes($row['admin']));
            echo ' (er brukeren admin?)</td></tr>';
            echo '<tr><td>Kan skrive artikler</td><td>';
            form_textfield("may_post", stripslashes($row['may_post']));
            echo ' 0=nei, 1=ja</td></tr>';
            echo '<tr><td>Eventuelt tilknyttet bildes fil-id:</td><td>';
            echo $row['picture'];
            echo ' (fjernes via filadmin: ' . $menu_files . ')</td></tr>';
            echo '<tr><td colspan=2>Ymse visvas<br/>';
            form_textarea("description", stripslashes($row['description']), 30, 10);
            echo '<br/>(hvis det er noe mer vi bør vite om deg)<br/><br/></td></tr>';
            echo '<tr><td colspan=2>';
            form_submit("Button", "Lagre profilendringer");
            echo '</td></tr>';
            echo '<tr><td colspan=2>';
            form_submit("canceledit", "Avbryt profilendring");
            echo '</td></tr>';
            form_hidden("username", $row['username']);
            form_hidden("savechanges", "savechanges");
            form_hidden("edituser", "savechanges");
            form_hidden("m_c", "module_user_admin");
            echo '</table>';
            form_end();
        }
    } else {
        if ($_POST['deleteuser']) {
            if ($_POST['reallysure']) {
                $query = "DELETE FROM user WHERE username =\"" . $_POST['deleteuser'] . "\";";
                $result = DB_update($query);
                if ($result == 1) {
                    global $logtype;
                    write_log_entry($_POST['username'], $logtype['user'], "admin_deleteduser,");
                    echo "Bruker " . $_POST['deleteuser'] . " er slettet.";
                } else {
                    if ($result == 0) {
                        echo "Kunne ikke slette brukeren - fins fyren?";
                    } else {
                        if ($result > 1) {
                            echo "Du har prestert &aring slette flere eksemplarer av denne brukeren :p";
                        }
                    }
                }
            } else {
                echo "<div>Sikker på at du vil slette " . $_POST['deleteuser'] . "? <a href=\"index.php\">No, go back!</a></div>";
                form_start_post();
                form_hidden("m_c", "module_user_admin");
                form_hidden("reallysure", "yes");
                form_hidden("deleteuser", $_POST['deleteuser']);
                form_submit("submit", "Ja, slett!");
                form_end();
            }
        } else {
            $query = "SELECT * FROM user";
            $result = DB_get_table($query);
            $num_users = DB_rows_affected($result);
            echo '<table class="default_table">';
            for ($i = 0; $i < $num_users; $i++) {
                $row = DB_next_row($result);
                echo '<tr><td><b>Bruker</b></td><td><b>';
                echo $row['username'];
                echo '</b></td></tr><tr><td>Fornavn</td><td>';
                echo $row['firstname'];
                //echo '</td></tr><tr><td>Etternavn</td><td>';
                //echo $row['lastname'];
                echo '</td></tr><tr><td>E-post</td><td>';
                echo $row['email'];
                echo '</td></tr><tr><td>Fødselsdato</td><td>';
                echo date_nor_sql($row['birthdate']);
                echo '</td></tr><tr><td>Admin?</td><td>';
                if ($row['admin'] != "" && $row['admin'] != 0) {
                    echo 'Ja (' . $row['admin'] . ')';
                } else {
                    echo 'Nei (' . $row['admin'] . ')';
                }
                echo '</td></tr><tr><td>Kan poste?</td><td>';
                if ($row['may_post'] != "" && $row['may_post'] != 0) {
                    echo 'Ja (' . $row['may_post'] . ')';
                } else {
                    echo 'Nei (' . $row['may_post'] . ')';
                }
                echo '</td></tr><tr><td>Tilknyttet bilde, fil-id</td><td>';
                echo $row['picture'];
                echo '</td></tr><tr><td colspan=2>';
                ?>
			  	<form action="index.php" method="post">
			  	<input type="hidden" value="module_user_admin" name="m_c" />
				 <input type="submit" name="edit" value="Edit user" />
			     <input type="hidden" name="edituser" value=<?php 
                echo $row['username'];
                ?>
 />
				 </form>
			  	<form action="index.php" method="post">
			  	<input type="hidden" value="module_user_admin" name="m_c" />
				 <input type="submit" name="delete" value="Delete user" />
			     <input type="hidden" name="deleteuser" value=<?php 
                echo $row['username'];
                ?>
 />
				 </form>

			 	<?php 
                echo '</td></tr><tr><td colspan=2><hr/></td></tr>';
            }
            echo '</table>';
        }
    }
}