Esempio n. 1
0
function shownews($id)
{
    global $list_prefix, $NEWS, $MAIN;
    $sql = "SELECT * FROM " . $list_prefix . "news WHERE id = '" . $id . "';";
    $result = db_query($sql);
    $rows = db_num_rows($result);
    if ($rows != 0) {
        $row = db_fetch_array($result);
        $postedby = getuser($row['posted_by']);
        //lets insert the prayerrequest into our working copy of this template.
        $WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
        $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
        $WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
        $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
        $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
        $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
        $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
        $WORK = insert_into_template($WORK, "{NEWS}", stripslashes($row['news']));
        $i++;
        //now lets add this request to the CONTENT.
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, striphtml($row['news_title']));
        printf("%s", striptemplate($WORK));
    }
}
function showlist($perpage)
{
    global $list_prefix;
    $PRAYERLISTMOD = loadtmplate("prayerlist.mod");
    //lets set our content to be blank.
    $CONTENT = "";
    //lets setup our query
    $sql = "SELECT * FROM " . $list_prefix . "prayer_list WHERE `expired` = '0' LIMIT 0," . $perpage . ";";
    //now lets show the prayerlist entries.
    $result = db_query($sql);
    @($rows = db_num_rows($result));
    if ($rows != 0) {
        $j = 0;
        while ($j < $rows) {
            //lets fetch our prayer request from the database.
            $row = db_fetch_array($result);
            //lets insert the prayerrequest into our working copy of this template.
            $WORK = insert_into_template($PRAYERLISTMOD, "{REQUESTFOR}", striphtml($row['request_for']));
            $WORK = insert_into_template($WORK, "{REQUEST}", striphtml($row['request']));
            if ($admin == 1) {
                $WORK = insert_into_template($WORK, "{DELETE}", "<a href='prayerlist.php?delete=" . $row['id'] . "'>Delete</a>");
            }
            $j++;
            //now lets add this request to the CONTENT.
            $WORK = insert_into_template($WORK, "{REQUESTID}", $row['id']);
            $CONTENT .= $WORK;
        }
    } else {
        $CONTENT .= "There are no active prayer requests at this time.<BR>\r\n";
    }
    //when we output this lets make sure that the output is stripped of any template elements that are not used.
    return striptemplate($CONTENT);
}
Esempio n. 3
0
function modules()
{
    global $list_prefix;
    $MAIN = loadtmplate("main");
    //lets get our module list from the DB.
    $sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'indexmodule' ORDER BY `order`;";
    $result = db_query($sql);
    if ($result) {
        //lets see how many modules we have and initialize our variables.
        $rows = db_num_rows($result);
        $i = 0;
        $CONTENT = "";
        $perpage = 3;
        //lets read our modules, load them, add their content to our main content.
        while ($i < $rows) {
            $row = db_fetch_array($result);
            include_once $row['value'] . ".mod.php";
            $CONTENT .= "<H2>" . $MOD['title'] . "</H2><BR>\r\n";
            $CONTENT .= $MOD['content'];
            $i++;
        }
        //lets insert our content into the template.
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME}");
        //this is an ugly hack but it works.
        //when we output this lets make sure that the output is stripped of any template elements that are not used.
        printf("%s", striptemplate($WORK));
    }
}
Esempio n. 4
0
function content()
{
    $MAIN = loadadmintmplate("main");
    $CONTENT = "\r\n   <p>\r\n      For now there isn't much here in the way of content.  please keep in mind\r\n      that this project is still in its very early stages.\r\n   </p>\r\n   <p>\r\n      <a href='http://fishcms.com'>FishCMS</a> is intended to be a simple, clean,\r\n      and easy to use Content Management System targeted at Christian websites\r\n      such as <a href='http://believewith.us'>BelieveWith.US</a>.  FishCMS\r\n      started out as an extension of the prayerlist program used at BelieveWith.US\r\n   </p>\r\n   <p>\r\n      From this Admin Control Panel you will be able to edit, configure, and\r\n      control your FishCMS site.\r\n   </p>\r\n";
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
Esempio n. 5
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $TEMPLATES = loadadmintmplate("templates");
    if (isset($HTTP_GET_VARS['set'])) {
        //if we are supposed to set the template
        //set the template here
        $sql = "UPDATE `" . $list_prefix . "config` SET `value` = '" . $HTTP_POST_VARS['template'] . "' WHERE `key` = 'template';";
        $result = db_query($sql);
        if ($result) {
            $CONTENT = "The theme was successfully changed to " . $HTTP_POST_VARS['template'] . "<BR>\r\n";
        } else {
            $CONTENT = "ERROR: I was unable to change the theme!<BR>\r\n";
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } else {
        //else we will draw the form for the user to change the template.
        //first lets read the template from the configuration
        $sql = "SELECT * FROM " . $list_prefix . "config WHERE `Key` = 'template';";
        $result = db_query($sql);
        if (!$result) {
            $template = "default";
        } else {
            $rows = db_num_rows($result);
            if ($rows == 0) {
                $template = "default";
            } else {
                $row = db_fetch_array($result);
                $template = $row['value'];
            }
        }
        $WORK = insert_into_template($TEMPLATES, "{TEMPLATE}", $template);
        $WORK = insert_into_template($WORK, "{THEMELIST}", themelist($template));
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    }
}
function getarticles($perpage)
{
    global $list_prefix;
    $ARTICLES = loadtmplate("articles.mod");
    $CONTENT = "";
    //lets calculate our query
    $sql = "SELECT * FROM " . $list_prefix . "articles ORDER BY `date` DESC LIMIT 0," . $perpage . ";";
    //now lets show the prayerlist entries.
    $result = db_query($sql);
    if ($result) {
        $rows = db_num_rows($result);
    } else {
        $rows = 0;
    }
    if ($rows != 0) {
        $j = 0;
        while ($j < $rows) {
            //lets fetch our prayer request from the database.
            $row = db_fetch_array($result);
            $postedby = getuser($row['posted_by']);
            //lets insert the prayerrequest into our working copy of this template.
            $WORK = insert_into_template($ARTICLES, "{ARTICLETITLE}", stripslashes($row['article_title']));
            $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
            $WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
            $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
            $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
            $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
            $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
            $j++;
            //now lets add this request to the CONTENT.
            $CONTENT .= $WORK;
        }
    } else {
        $CONTENT .= "There are no active articles at this time.<BR>\r\n";
    }
    //when we output this lets make sure that the output is stripped of any template elements that are not used.
    return striptemplate($CONTENT);
}
Esempio n. 7
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $LINKS = loadadmintmplate("links");
    $WORK = $LINKS;
    if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
        //if we are to edit a link
        //lets get the links from the db
        $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows == 0) {
            //lets make sure that the news exists
            $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
        } else {
            //if it does we will read it from the db and add it to our output.
            $row = db_fetch_array($result);
            $WORK = insert_into_template($WORK, "{LINKID}", $row['id']);
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
            $WORK = insert_into_template($WORK, "{LINKTITLE}", $row['title']);
            $WORK = insert_into_template($WORK, "{LINKURL}", $row['url']);
        }
    } else {
        //if we are not editing an news lets prepare the form for a new news.
        $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
        $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
    }
    //lets delete a link if its selected
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
        $sql = "DELETE FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['links'] . "';";
        $result = db_query($sql);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        $WORK = "You must check the confirmation box to delete a link.<br>\r\n" . $WORK;
    }
    //lets edit/add a link if thats our job.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        if (isset($HTTP_POST_VARS['newlink'])) {
            //we are adding a new link
            $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC limit 1;";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $order = $row['order'] + 1;
            } else {
                $order = 1;
            }
            if (isset($HTTP_POST_VARS['linktitle']) && isset($HTTP_POST_VARS['linkurl'])) {
                $sql = "INSERT INTO " . $list_prefix . "links VALUES ('', '" . $HTTP_POST_VARS['category'] . "', '" . $HTTP_POST_VARS['linktitle'] . "', '" . $HTTP_POST_VARS['linkurl'] . "', '" . $order . "');";
                $result = db_query($sql);
            }
        } else {
            //we are editing an existing link
            if (isset($HTTP_POST_VARS['linkid'])) {
                //we must know the links linkid to work on it.
                //lets get our existing db entry
                $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "' ORDER BY `order` DESC limit 1;";
                $result = db_query($sql);
                $row = db_fetch_array($result);
                //lets figure out our order
                $order = 1;
                if (0 == strcmp($HTTP_POST_VARS['position'], "same")) {
                    //no change to the order.
                    $order = $row['order'];
                } elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                    //it needs to move up
                    $sql = "SELECT * FROM `" . $list_prefix . "links` WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row2 = db_fetch_array($result);
                        $sql = "UPDATE `" . $list_prefix . "links` SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                        $result = db_query($sql);
                        $order = $row2['order'];
                    }
                } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                    // it needs to move down
                    $sql = "SELECT * FROM " . $list_prefix . "links WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row2 = db_fetch_array($result);
                        $sql = "UPDATE " . $list_prefix . "links SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                        $result = db_query($sql);
                        $order = $row2['order'];
                    }
                }
                //now we have the correct order, category, name, and url lets update the db
                if ($row['category'] != $HTTP_POST_VARS['category']) {
                    //if we are moving to a NEW category lets make this the last link present.
                    $sql = "SELECT * FROM " . $list_prefix . "links WHERE `category` = '" . $HTTP_POST_VARS['category'] . "' ORDER BY `order` DESC;";
                    $result = db_query($sql);
                    if ($result) {
                        $rows = db_num_rows($result);
                    } else {
                        $rows = 0;
                    }
                    if ($rows > 0) {
                        $row = db_fetch_array($result);
                        $order = $row['order'] + 1;
                    } else {
                        $order = 1;
                    }
                }
                //now lets save our changes
                $sql = "UPDATE " . $list_prefix . "links SET `category` = '" . $HTTP_POST_VARS['category'] . "', `title` = '" . $HTTP_POST_VARS['linktitle'] . "', `url` = '" . $HTTP_POST_VARS['linkurl'] . "', `order` = '" . $order . "' WHERE `id` = '" . $HTTP_POST_VARS['linkid'] . "';";
                $result = db_query($sql);
            } else {
                $WORK = "ERROR: you must check 'Save as a new link' to make a new link.<BR>\r\n" . $WORK;
            }
        }
        catorder();
    }
    //lets output our news cp.
    $WORK = insert_into_template($WORK, "{LINKSLIST}", linkslist());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
function processsubmission()
{
    global $logged_in, $user, $HTTP_POST_VARS, $list_prefix, $MAIN;
    //lets make sure anonymous requests are accepted as "logged in".
    if (isset($HTTP_POST_VARS['anonymous'])) {
        $logged_in = 1;
        $email = 'anonymous';
        $username = '******';
    } else {
        $email = $user['email'];
        $username = $user['username'];
    }
    //lets accept request from users who are not cookied but are logging in.
    if (!$logged_in && isset($HTTP_POST_VARS['user'])) {
        $user = userlogin($HTTP_POST_VARS['user'], $HTTP_POST_VARS['pass'], $HTTP_POST_VARS['automatic']);
        if (0 != strcmp($user['email'], "anonymous")) {
            $logged_in = 1;
            $email = $user['email'];
        }
    }
    //lets see if our user is logged in
    if (!$logged_in) {
        //if our user is not logged in we will redo the form for them with the data pre-entered.
        submissionform_redo();
    } else {
        //if they are logged in we will process the request.
        $req_date = time();
        switch ($HTTP_POST_VARS['expire_date']) {
            case '1w':
                $expire = $req_date + 60 * 60 * 24 * 7;
                break;
            case '2w':
                $expire = $req_date + 2 * (60 * 60 * 24 * 7);
                break;
            case '30d':
                $expire = $req_date + 60 * 60 * 24 * 30;
                break;
            case '90d':
                $expire = $req_date + 60 * 60 * 24 * 90;
                break;
            case '1y':
                $expire = $req_date + 60 * 60 * 24 * 365.25;
                break;
        }
        //we need to find out what the next id number is, add one to it, and then add it to the sql insert.
        $sql = "SELECT * FROM " . $list_prefix . "prayer_list ORDER BY `id` DESC;";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows > 0) {
            $row = db_fetch_array($result);
            $idval = $row['id'] + 1;
        } else {
            $idval = 1;
        }
        //lets do the sql insert
        $sql = "INSERT INTO " . $list_prefix . "prayer_list (id, request_for, request, postdate, expiredate, requested_by, username) VALUES ('" . $idval . "', '" . $HTTP_POST_VARS['request_for'] . "', '" . $HTTP_POST_VARS['request'] . "', '" . $req_date . "', '" . $expire . "', '" . addslashes($email) . "', '" . addslashes($username) . "');";
        $result = db_query($sql);
        if ($result) {
            $WORK = "Your prayer request has been processed.<BR>\r\n";
        } else {
            $WORK = "ERROR: the server was unable to process your prayer request at this time.<BR>\r\n";
            $WORK .= "The SQL query was: " . $sql . "<BR>\r\n";
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "Submit a Prayer Request");
        printf("%s", striptemplate($WORK));
    }
}
Esempio n. 9
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $GENERAL = loadadmintmplate("general");
    $CONTENT = "";
    //we will process changes here.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "site")) {
        //changes to the site info
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitename'] . "' WHERE `key` = 'sitename';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['sitedescription'] . "' WHERE `key` = 'sitedescription';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['email'] . "' WHERE `key` = 'email';";
        $result = db_query($sql);
        $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['copyright'] . "' WHERE `key` = 'copyright';";
        $result = db_query($sql);
        $RESULT = "Changes to site configuration saved.<BR>\r\n";
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "index")) {
        //changes to the index page
        if (0 == strcmp($HTTP_POST_VARS['redir_mod'], "module")) {
            $sql = "UPDATE " . $list_prefix . "config SET `value` = 'modules' WHERE `key` = 'index';";
            $result = db_query($sql);
            $RESULT = "The index page will now use the modules for content.";
        } elseif (0 == strcmp($HTTP_POST_VARS['redir_mod'], "redirect")) {
            //if we have checked the redirect
            if (isset($HTTP_POST_VARS['redirect'])) {
                //and if we know where to redirect the user to...
                $sql = "UPDATE " . $list_prefix . "config SET `value` = '" . $HTTP_POST_VARS['redirect'] . "' WHERE `key` = 'index';";
                $result = db_query($sql);
                $RESULT = "The index page will now redirect users to <a href='" . $HTTP_POST_VARS['redirect'] . "'>" . $HTTP_POST_VARS['redirect'] . "</a>.<br>\r\n";
            } else {
                $RESULT = "<B>ERROR</B>: You must tell me where to redirect the user to!<BR>\r\n";
            }
        }
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "amodules")) {
        //changes to the active modules
        if (isset($HTTP_POST_VARS['disable'])) {
            //if we are to make the module inactive lets do it.
            $sql = "DELETE FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "';";
            $result = db_query($sql);
            $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " Has been deactivated.<BR>\r\n";
        } elseif (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
            $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` < '" . $row['order'] . "') ORDER BY `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows > 0) {
                    $row2 = db_fetch_array($result);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
                    $result = db_query($sql);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
                    $result = db_query($sql);
                    $RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
                } else {
                    $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the top.<BR>\r\n";
                }
            } else {
                $RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
            }
        } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
            $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `value` = '" . $HTTP_POST_VARS['active_modules'] . "');";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE (`key` = 'indexmodule' AND `order` > '" . $row['order'] . "') ORDER BY `order`;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows > 0) {
                    $row2 = db_fetch_array($result);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row2['value'] . "';";
                    $result = db_query($sql);
                    $sql = "UPDATE `" . $list_prefix . "config` SET `order` = '" . $row2['order'] . "' WHERE `key` = 'indexmodule' and `value` = '" . $row['value'] . "';";
                    $result = db_query($sql);
                    $RESULT = "All possible module positions have been changed as requested.<BR>\r\n";
                } else {
                    $RESULT = "The module " . $HTTP_POST_VARS['active_modules'] . " appears to already be at the bottom.<BR>\r\n";
                }
            } else {
                $RESULT = "ERROR: Unable to change the modules position.<BR>\r\n";
            }
        }
        fixorder(1);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "imodules")) {
        //changes to the inactive modules
        $sql = "SELECT * FROM `" . $list_prefix . "config` WHERE `key` = 'indexmodule' ORDER BY `order` DESC;";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows > 0) {
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        } else {
            $order = 1;
        }
        $sql = "INSERT INTO " . $list_prefix . "config VALUES ('indexmodule', '" . $HTTP_POST_VARS['inactive_modules'] . "', '" . $order . "');";
        $result = db_query($sql);
        $RESULT = "The module " . $HTTP_POST_VARS['inactive_modules'] . " has been activated.<BR>\r\n";
    }
    //output will be added to $CONTENT.
    $CONTENT .= $RESULT . $GENERAL;
    //We don't have to read the site info from the db and place it into the
    //template because the filltemplate function will do it for us automagically.
    //we will read and output the index page settings here.
    $sql = "SELECT * FROM " . $list_prefix . "config WHERE `key` = 'index';";
    $result = db_query($sql);
    if ($result) {
        //if its in the db we will go with the db's configured value
        $rows = db_num_rows($result);
        $row = db_fetch_array($result);
        $action = $row['value'];
    } else {
        $action = "modules";
    }
    if (strcmp($action, "modules") != 0) {
        $CHECKED = "{REDIRCHECKED}";
    } else {
        $CHECKED = "{MODCHECKED}";
        $action = "";
    }
    $CONTENT = insert_into_template($CONTENT, $CHECKED, "checked");
    //This is backards to how we normally do things but it works!
    $CONTENT = insert_into_template($CONTENT, "{REDIRECT}", $action);
    //we will read and output the active index modules here
    $CONTENT = insert_into_template($CONTENT, "{MODULE_LIST}", list_active_modules());
    //we will read and output the inactive index modules here
    $CONTENT = insert_into_template($CONTENT, "{INACTIVE_MODULE_LIST}", list_inactive_modules());
    //now we will output our work.
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
Esempio n. 10
0
    } else {
        $DAYS .= insert_into_template($DAY, "{DAY}", $iday);
    }
    if (6 == dayofweek($month, $iday, $year)) {
        //we will append these DAYS to WEEKS and empty DAYS
        $WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
        $DAYS = "";
    }
}
//now lets pad the last week of the calendar
$lastday = dayofweek($month, $iday, $year);
while ($lastday < 6) {
    $DAYS .= $DAY;
    $lastday++;
}
//now lets close out the calendar.
$WEEKS .= insert_into_template($WEEK, "{DAYS}", $DAYS);
//lets add the month, year, prev/next month and year
$WORK = insert_into_template($MONTH, "{PREVMONTH}", $prevmonth);
$WORK = insert_into_template($WORK, "{PREVYEAR}", $prevyear);
$WORK = insert_into_template($WORK, "{NEXTMONTH}", $nextmonth);
$WORK = insert_into_template($WORK, "{NEXTYEAR}", $nextyear);
$WORK = insert_into_template($WORK, "{MONTH}", $monthname);
$WORK = insert_into_template($WORK, "{YEAR}", $year);
//lets add our weeks to the calendar
$WORK = insert_into_template($WORK, "{WEEKS}", $WEEKS);
//now lets output the calendar
$WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
$WORK = filltemplate($WORK, $monthname);
printf("%s", striptemplate($WORK));
Esempio n. 11
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $ARTICLES = loadadmintmplate("articles");
    $WORK = $ARTICLES;
    if (0 == strcmp($HTTP_GET_VARS['mode'], "select")) {
        //if we are to edit an article
        //lets get the article from the db
        $sql = "SELECT * FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if ($rows == 0) {
            //lets make sure that the article exists
            $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
        } else {
            //if it does we will read it from the db and add it to our output.
            $row = db_fetch_array($result);
            $WORK = insert_into_template($WORK, "{ARTICLEID}", $row['id']);
            $WORK = insert_into_template($WORK, "{CATLIST}", catlist($row['category']));
            $WORK = insert_into_template($WORK, "{ARTICLETITLE}", $row['article_title']);
            $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
            $WORK = insert_into_template($WORK, "{ARTICLE}", stripslashes($row['article']));
            $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
        }
    } else {
        //if we are not editing an article lets prepare the form for a new article.
        $WORK = insert_into_template($WORK, "{NEWCHECK}", "checked");
        $WORK = insert_into_template($WORK, "{CATLIST}", catlist(0));
    }
    //lets delete an article if its selected
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete") && isset($HTTP_POST_VARS['delete_yes'])) {
        $sql = "DELETE FROM `" . $list_prefix . "articles` WHERE `id` = '" . $HTTP_POST_VARS['article'] . "';";
        $result = db_query($sql);
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        $WORK = "You must check the confirmation box to delete an article.<br>\r\n" . $WORK;
    }
    if (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        $user = admincookie();
        $posted_by = $user['user_id'];
        if (isset($HTTP_POST_VARS['newarticle'])) {
            //its a new article being saved.
            $sql = "INSERT INTO " . $list_prefix . "articles VALUES ('', '" . addslashes($HTTP_POST_VARS['articletitle']) . "', '" . addslashes($HTTP_POST_VARS['teaser']) . "', '" . addslashes($HTTP_POST_VARS['article']) . "', '" . $posted_by . "', '" . addslashes($HTTP_POST_VARS['byline']) . "', '" . time() . "', '" . $HTTP_POST_VARS['category'] . "');";
            $result = db_query($sql);
        } elseif (isset($HTTP_POST_VARS['articleid'])) {
            //its an old article being saved
            $sql = "UPDATE `" . $list_prefix . "articles` SET `article_title` = '" . addslashes($HTTP_POST_VARS['articletitle']) . "', `teaser` = '" . addslashes($HTTP_POST_VARS['teaser']) . "', `article` = '" . addslashes($HTTP_POST_VARS['article']) . "', `byline` = '" . addslashes($HTTP_POST_VARS['byline']) . "', `category` = '" . $HTTP_POST_VARS['category'] . "' WHERE `id` = '" . $HTTP_POST_VARS['articleid'] . "';";
            $result = db_query($sql);
        } else {
            $WORK = "You must check the new article box to save a new article<br>\r\n" . $WORK;
        }
    }
    //lets output our article cp.
    $WORK = insert_into_template($WORK, "{ARTICLELIST}", articlelist());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
Esempio n. 12
0
            }
            $min = $time[2] . $time[3];
            if ($hour < 12) {
                //we are in the am.
                if ($hour == 0) {
                    $hour = "12";
                }
                $time = $hour . ":" . $min . "am";
            } else {
                //we are in the pm
                $hour -= 12;
                if ($hour == 0) {
                    $hour = "12";
                }
                $time = $hour . ":" . $min . "pm";
            }
            $WORK .= insert_into_template($EVENTS, "{TIME}", $time);
            $WORK = insert_into_template($WORK, "{DESCRIPTION}", $row['description']);
            $i++;
        }
        $WORK = insert_into_template($DAY, "{EVENTS}", $WORK);
        $CONTENT .= insert_into_template($WORK, "{EVENT_CLASS}", "Daily events");
    }
} else {
    $CONTENT = "<b>ERROR: A valid date was not presented to this program</b>";
}
//now lets output the content
$WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
$WORK = filltemplate($WORK, $monthname);
printf("%s", striptemplate(stripslashes($WORK)));
Esempio n. 13
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $BLOCKS = loadadmintmplate("blocks");
    //we will process changes here
    if (0 == strcmp($HTTP_GET_VARS['mode'], "ablocks")) {
        //process active blocks
        if (isset($HTTP_POST_VARS['disable'])) {
            //if we are to disable the block
            $sql = "DELETE FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
            $result = db_query($sql);
        } else {
            //otherwise we will process all the fields.
            //lets read the db info for the block, we will set the default order also
            $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `name` = '" . $HTTP_POST_VARS['active_blocks'] . "';";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows != 0) {
                $row = db_fetch_array($result);
                $order = $row['order'];
                $id = $row['id'];
            } else {
                $order = 1;
            }
            //we will default to order of 1.
            //lets determine if there are any moves
            if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                //if it moves up
                //now we will find the new value for $order to move to
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` < '" . $order . "' ORDER by `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows != 0) {
                    //if we have no rows we don't move it up, but if there are rows we want to trade places with the one above.
                    $row2 = db_fetch_array($result);
                    //now we will set $row2 to $row's order
                    $sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
                    $result = db_query($sql);
                    if ($result) {
                        //if we succeeded we will now change $order to $row2's previous order
                        $order = $row2['order'];
                    }
                }
            } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                //if it doesn't move.
                //now we will find the new value for $order to move to
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $row['blockset'] . "' AND `order` > '" . $order . "' ORDER by `order`;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if ($rows != 0) {
                    //if we have no rows we don't move it down, but if there are rows we want to trade places with the one below.
                    $row2 = db_fetch_array($result);
                    //now we will set $row2 to $row's order
                    $sql = "UPDATE " . $list_prefix . "blocks SET `order` = '" . $order . "' WHERE `id` = '" . $row2['id'] . "';";
                    $result = db_query($sql);
                    if ($result) {
                        //if we succeeded we will now change $order to $row2's previous order
                        $order = $row2['order'];
                    }
                }
            }
            //now lets see if we are moving the block to a new blockset
            if (0 != strcmp($HTTP_POST_VARS['block_area'], "-")) {
                //we are moving the blockset
                $blockset = $HTTP_POST_VARS['block_area'];
                //if we are moving to a new block set we need to make 100% sure that we don't break the order so we will put this on the end of that blockset.
                $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
                $result = db_query($sql);
                if ($result) {
                    $rows = db_num_rows($result);
                } else {
                    $rows = 0;
                }
                if (0 != $rows) {
                    $row = db_fetch_array($result);
                    $order = $row['order'] + 1;
                } else {
                    //there are no blocks in this blockset so we will be the first.
                    $order = 1;
                }
            } else {
                //we are not moving the blockset
                $blockset = $row['blockset'];
            }
            //here is where we will update the db with the new values for block.
            $sql = "UPDATE " . $list_prefix . "blocks SET `blockset` = '" . $blockset . "', `order` = '" . $order . "' WHERE `id` = '" . $id . "';";
            $result = db_query($sql);
        }
        //here we will run fix order to correct any issues in the order of the modules.
        fixorder(1, 1);
        fixorder(1, 2);
        fixorder(1, 3);
        fixorder(1, 4);
    }
    if (0 == strcmp($HTTP_GET_VARS['mode'], "iblocks")) {
        //process inactive blocks
        //lets figure out what our order and blockset are.
        $blockset = $HTTP_POST_VARS['block_area'];
        $sql = "SELECT * FROM `" . $list_prefix . "blocks` WHERE `blockset` = '" . $blockset . "' ORDER by `order` DESC;";
        $result = db_query($sql);
        if ($result) {
            $rows = db_num_rows($result);
        } else {
            $rows = 0;
        }
        if (0 != $rows) {
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        } else {
            //there are no blocks in this blockset so we will be the first.
            $order = 1;
        }
        //now lets prepare our sql query
        $sql = "INSERT INTO " . $list_prefix . "blocks VALUES ('', '" . $HTTP_POST_VARS['inactive_blocks'] . "', '" . $blockset . "', '" . $order . "');";
        $result = db_query($sql);
    }
    //now we will handle our output.
    $WORK = insert_into_template($BLOCKS, "{INACTIVE_BLOCK_LIST}", list_inactive_blocks());
    $WORK = insert_into_template($WORK, "{ACTIVE_BLOCK_LIST}", list_active_blocks());
    $WORK = insert_into_template($WORK, "{MOVE_AREA_LIST}", move_area_list());
    $WORK = insert_into_template($WORK, "{AREA_LIST}", area_list());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
    printf("%s", striptemplate($WORK));
}
Esempio n. 14
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $CALENDAR = loadadmintmplate("calendar");
    $CONTENT = "";
    //first lets see if we are deleting an event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        //we are deleting this event.
        if (isset($HTTP_POST_VARS['delete_yes'])) {
            $sql = "DELETE FROM `" . $list_prefix . "calendar` WHERE `id` = '" . $HTTP_POST_VARS['deletelist'] . "';";
            $result = db_query($sql);
        } else {
            $CONTENT .= "You must check the checkbox to confirm deleting this event.<BR>\r\n";
        }
    }
    //lets see if we are adding a weekly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "dow")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '" . $HTTP_POST_VARS['dow'] . "', '', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a monthly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "dom")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '" . $HTTP_POST_VARS['dom'] . "', '', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a yearly event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "moy")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '" . $HTTP_POST_VARS['moy'] . $HTTP_POST_VARS['domoy'] . "', '', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets see if we are adding a scheduled event
    if (0 == strcmp($HTTP_GET_VARS['mode'], "norm")) {
        //we are adding a event
        $utime = usertime($HTTP_POST_VARS['hour'], $HTTP_POST_VARS['tmin'], $HTTP_POST_VARS['omin'], $HTTP_POST_VARS['$ampm']);
        $sql = "INSERT INTO `" . $list_prefix . "calendar` ( `id` , `weekly` , `monthly` , `yearly` , `date` , `time` , `description` ) VALUES ( '', '7', '', '', '" . $HTTP_POST_VARS['yearlist'] . $HTTP_POST_VARS['month'] . $HTTP_POST_VARS['day'] . "', '" . $utime . "', '" . $HTTP_POST_VARS['description'] . "' );";
        $result = db_query($sql);
    }
    //lets draw our interface now.
    $CONTENT .= insert_into_template($CALENDAR, "{DELETE_LIST}", listevents());
    $CONTENT = insert_into_template($CONTENT, "{YEARMENU}", yearmenu());
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
    printf("%s", striptemplate($WORK));
}
Esempio n. 15
0
function shownews($category)
{
    global $HTTP_GET_VARS, $NEWS, $list_prefix, $MAIN;
    $CONTENT = "";
    if (isset($HTTP_GET_VARS['perpage']) && is_numeric($HTTP_GET_VARS['perpage'])) {
        $perpage = $HTTP_GET_VARS['perpage'];
    } else {
        $perpage = 3;
    }
    //lets see if the user has specified to show all requests on a single page.
    if (isset($HTTP_GET_VARS['onepage'])) {
        $onepage = 1;
    } else {
        $onepage = 0;
    }
    //lets see what page we are on
    if (!isset($HTTP_GET_VARS['page']) || !is_numeric($HTTP_GET_VARS['page'])) {
        $page = 1;
    } else {
        $page = $HTTP_GET_VARS['page'];
    }
    //lets calculate our start position for our query if needed.
    $start = ($page - 1) * $perpage;
    //lets calculate our query
    $sql = "SELECT * FROM " . $list_prefix . "news";
    if ($category != 0) {
        $sql .= " WHERE category = '" . $category . "'";
    }
    if ($onepage == 0) {
        $sql .= " ORDER BY `date` DESC LIMIT " . $start . "," . $perpage . ";";
    } else {
        $sql .= " ORDER BY `date` DESC;";
    }
    //now lets show the prayerlist entries.
    $result = db_query($sql);
    $rows = db_num_rows($result);
    if ($rows != 0) {
        $i = 0;
        while ($i < $rows) {
            //lets fetch our prayer request from the database.
            $row = db_fetch_array($result);
            $postedby = getuser($row['posted_by']);
            //lets insert the prayerrequest into our working copy of this template.
            $WORK = insert_into_template($NEWS, "{NEWSTITLE}", stripslashes($row['news_title']));
            $WORK = insert_into_template($WORK, "{TEASER}", stripslashes($row['teaser']));
            $WORK = insert_into_template($WORK, "{NEWSID}", $row['id']);
            $WORK = insert_into_template($WORK, "{POSTEDBY}", $postedby);
            $WORK = insert_into_template($WORK, "{BYLINE}", $row['byline']);
            $WORK = insert_into_template($WORK, "{DATE}", date("m/d/Y", $row['date']));
            $WORK = insert_into_template($WORK, "{CATEGORY}", getcatname($row['category']));
            $i++;
            //now lets add this request to the CONTENT.
            $CONTENT .= $WORK;
        }
        $sql = "SELECT * FROM " . $list_prefix . "news;";
        $result = db_query($sql);
        $rows = db_num_rows($result);
        $pages = ($rows - $rows % $perpage) / $perpage;
        //this is the number of complete pages.
        if ($rows % $perpage > 0) {
            $pages++;
        }
        //this will take care of incomplete pages.
        //lets list a previous page link if needed.
        if ($pages > 1 && $onepage == 0) {
            $i = 0;
            if ($page != 1) {
                $CONTENT .= "<a href='news.php?page" . ($page - 1) . "'>prev</a> \r\n";
            }
            //lets list all pages a user can click on.
            while ($i < $pages) {
                $i++;
                if ($i != $page) {
                    $CONTENT .= "<a href='news.php?page=" . $i . "'>" . $i . "</a> \r\n";
                } else {
                    $CONTENT .= $i . " ";
                }
            }
            //lets create a next page link if needed
            if ($page != $pages) {
                $CONTENT .= "<a href='news.php?page=" . ($page + 1) . "'>next</a>\r\n";
            }
            $CONTENT .= "<div align=\"right\"><a href='news.php?onepage=1'>Show all requests on one page.</a></div><br />\r\n";
        }
    } else {
        $CONTENT .= "There are no active news at this time.<BR>\r\n";
    }
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "News");
    //when we output this lets make sure that the output is stripped of any template elements that are not used.
    printf("%s", striptemplate($WORK));
}
Esempio n. 16
0
function content()
{
    global $HTTP_POST_VARS, $HTTP_GET_VARS, $list_prefix;
    $MAIN = loadadmintmplate("main");
    $CATEGORIES = loadadmintmplate("categories");
    //we can choose to edit, add, or delete a category.
    if (0 == strcmp($HTTP_GET_VARS['mode'], "delete")) {
        if (isset($HTTP_POST_VARS['delete_yes'])) {
            if ($HTTP_POST_VARS['category'] > 0) {
                $sql = "DELETE FROM `" . $list_prefix . "category` WHERE `id` = " . $HTTP_POST_VARS['category'] . ";";
                $result = db_query($sql);
                if ($result) {
                    $CONTENT = "The selected category has been deleted.<BR><BR>";
                } else {
                    $CONTENT = "The selected category could not be deleted.<BR><BR>";
                }
            } else {
                $CONTENT = "You can not delete the SYSTEM category.<BR><BR>";
            }
        } else {
            $CONTENT = "You must click the checkbox to delete a category.<BR><BR>";
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "add")) {
        //we will do a search of the categories in the db in reverse sort on order.
        $sql = "SELECT * FROM `" . $list_prefix . "category` ORDER BY `order` DESC limit 1;";
        $result = db_query($sql);
        $rows = db_num_rows($result);
        //we will add +1 to that for the new entry's order.
        if ($rows == 0) {
            $order = 1;
        } else {
            //we will add +1 to that for the new entry's order.
            $row = db_fetch_array($result);
            $order = $row['order'] + 1;
        }
        //then we will insert the new category and its order value into the db.
        //we will then report success or failure and draw the page.
        if (isset($HTTP_POST_VARS['catname'])) {
            $sql = "INSERT INTO " . $list_prefix . "category VALUES ('', '" . $HTTP_POST_VARS['catname'] . "', '" . $order . "');";
            $result = db_query($sql);
            if ($result) {
                $CONTENT = "The category " . $HTTP_POST_VARS['catname'] . " has been added to the database<BR><BR>\r\n";
            } else {
                $CONTENT = "Sorry there was an ERROR while adding the category to the database.<BR><BR>\r\n";
            }
        } else {
            $CONTENT = "Sorry but the category must have a name!<BR><BR>\r\n";
        }
        //lets output the results.
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } elseif (0 == strcmp($HTTP_GET_VARS['mode'], "edit")) {
        //first we must make sure that our category is valid and not category 0
        if ($HTTP_POST_VARS['category'] > 0) {
            $sql = "SELECT * FROM `" . $list_prefix . "category` WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
            $result = db_query($sql);
            if ($result) {
                $rows = db_num_rows($result);
            } else {
                $rows = 0;
            }
            if ($rows > 0) {
                $row = db_fetch_array($result);
                //lets figure out if we need to change the name or leave it the same.
                if (isset($HTTP_POST_VARS['catname']) && $HTTP_POST_VARS['catname'] != "") {
                    $name = $HTTP_POST_VARS['catname'];
                } else {
                    $name = $row['name'];
                }
                //lets figure out if there's a change to the order.
                if (isset($HTTP_POST_VARS['position'])) {
                    if (0 == strcmp($HTTP_POST_VARS['position'], "up")) {
                        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` < '" . $row['order'] . "' ORDER BY `order` DESC;";
                        $result = db_query($sql);
                        if ($result) {
                            $rows = db_num_rows($result);
                        } else {
                            $rows = 0;
                        }
                        if ($rows > 0) {
                            $row2 = db_fetch_array($result);
                            $sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                            $result = db_query($sql);
                            $order = $row2['order'];
                        } else {
                            $order = $row['order'];
                        }
                    } elseif (0 == strcmp($HTTP_POST_VARS['position'], "down")) {
                        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `order` > '" . $row['order'] . "' ORDER BY `order`;";
                        $result = db_query($sql);
                        if ($result) {
                            $rows = db_num_rows($result);
                        } else {
                            $rows = 0;
                        }
                        if ($rows > 0) {
                            $row2 = db_fetch_array($result);
                            $sql = "UPDATE " . $list_prefix . "category SET `order` = '" . $row['order'] . "' WHERE `id` = '" . $row2['id'] . "';";
                            $result = db_query($sql);
                            $order = $row2['order'];
                        } else {
                            $order = $row['order'];
                        }
                    } else {
                        //the order will stay the same by default.
                        $order = $row['order'];
                    }
                }
                $sql = "UPDATE `" . $list_prefix . "category` SET ";
                $sql .= "`name` = '" . $name . "', `order` = '" . $order . "' ";
                $sql .= "WHERE `id` = '" . $HTTP_POST_VARS['category'] . "';";
                $result = db_query($sql);
                if ($result) {
                    $CONTENT = "The changes made have been saved.<BR><BR>\r\n";
                } else {
                    $CONTENT = "ERROR: Unable to make the changes requested.<BR><BR>\r\n";
                }
            } else {
                $CONTENT = "ERROR: Unable to alter a category that does not exist.<BR><BR>\r\n";
            }
        }
        $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    } else {
        //here we will read the categories from the db and let the user choose to delete or edit them.
        //we will include a form to optionally add a category.
        //category 0 is always present and can not be deleted.
        //to delete a category the user must choose it from a list, enter the name in a box and click "Delete"
        $CONTENT = "<select name='category'>";
        $sql = "SELECT * FROM " . $list_prefix . "category WHERE `id` > 0 ORDER BY `order`;";
        $result = db_query($sql);
        $rows = db_num_rows($result);
        if ($rows == 0) {
            $CONTENT .= "<option value='-'>No categories found</option>";
        } else {
            $i = 0;
            while ($i < $rows) {
                $row = db_fetch_array($result);
                $CONTENT .= "<option value='" . $row['id'] . "'>" . $row['name'] . "</option>";
                $i++;
            }
        }
        $CONTENT .= "</select>";
        //lets output the results.
        $WORK = insert_into_template($CATEGORIES, "{CATLIST}", $CONTENT);
        $WORK = insert_into_template($MAIN, "{CONTENT}", $WORK);
        $WORK = filltemplate($WORK, "{SITENAME} Administration panel");
        printf("%s", striptemplate($WORK));
    }
}
function delete_request($id)
{
    global $list_prefix;
    $sql = "DELETE FROM " . $list_prefix . "prayer_list WHERE `id`=" . $id . ";";
    $result = db_query($sql);
    if ($result) {
        $CONTENT = "The selected request has been deleted.<br /\r\n";
    } else {
        $CONTENT = "ERROR: unable to delete request.<br />\r\n";
    }
    //now lets output our prayer requests.
    $WORK = insert_into_template($MAIN, "{CONTENT}", $CONTENT);
    $WORK = filltemplate($WORK, "Prayer List");
    //when we output this lets make sure that the output is stripped of any template elements that are not used.
    printf("%s", striptemplate($WORK));
}