Esempio n. 1
0
function checkadminlogin()
{
    global $table_prefix, $HTTP_COOKIE_VARS;
    //lets see if we are logged in already.
    $admin = admincookie();
    if (0 != strcmp($admin['username'], "anonymous") && $admin['admin'] == 1) {
        return 1;
    } else {
        return 0;
    }
}
Esempio n. 2
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $ARTICLES = loadadmintmplate("articles");
    $WORK = $ARTICLES;
    if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
        //if we are to edit an article
        //lets get the article from the db
        $sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows == 0) {
            //lets make sure that the article exists
            $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
        } else {
            //if it does we will read it from the db and add it to our output.
            $row = db_fetch_array($result);
            $WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
            $WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
            $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
            $WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
            $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
        }
    } else {
        //if we are not editing an article lets prepare the form for a new article.
        $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
        $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
    }
    //lets delete an article if its selected
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
        $sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        $WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
    }
    if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        $user = admincookie();
        $posted_by = $user['user_id'];
        if (isset($HTTP_POST_VARS['newarticle'])) {
            //its a new article being saved.
            $sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
            $result = db_query($sql);
        } elseif (isset($HTTP_POST_VARS['articleid'])) {
            //its an old article being saved
            $sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
            $result = db_query($sql);
        } else {
            $WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
        }
    }
    //lets output our article cp.
    $WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}