$_SESSION['dateline'] = $dateline;
$_SESSION['created'] = $created;
// Log the activity
$action = new activity();
$action->track_activity($userID, $action->saving_article, 'Saving the article ' . $_SESSION['title']);
$gotoURL = "../admin/my_articles2.php";
}
}
break;
case 'submit2editor':
if (isset($articletask)) {
$currenttime = time();
$sql = "select * from tasks where taskID = '{$articletask}' ";
$db->query($sql);
$gettask = array();
while ($gettask[] = $db->fetcharray()) {
}
$duedate = $gettask[0]->enddate;
if ($db->getnumrows() > 0) {
if ($currenttime > $duedate) {
echo '<script>alert("Sorry, the article is no longer accepted because you haven\'t met the deadline of this task which is ' . friendlydate5($duedate) . '. If you really want to submit the article kindly contact the editor.");</script>';
echo '<script>history.go(-1);</script>';
exit;
} else {
$sql = "update tasks set status = 'Completed' where taskID = '{$articletask}' ";
$db->query($sql);
}
}
}
if (isset($_SESSION['articleID'])) {
$created = $_SESSION['created'];
unset($_SESSION['title']);
unset($_SESSION['article_body']);
unset($_SESSION['dateline']);
unset($_SESSION['created']);
unset($_SESSION['edited_by']);
}
/**
* Get all the tasks
*/
$sql = " select * from tasks where assignedto = '{$userID}' \r\n\t\tand status != 'Completed' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
//echo $sql;
$tasks = array();
while ($row = $db->fetcharray()) {
$tasks[] = $row;
}
$db->freeresult();
$tasklist = '';
foreach ($tasks as $field => $data) {
$tasklist .= '<option value="' . $data->taskID . '">';
$tasklist .= $data->subject;
$tasklist .= '</option>';
}
/**
* Get all the news category
*/
$sql = " select * from category ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
case 6:
// whos yur daddy...
$sql = " select * from article_versions av ";
$sql .= " where av.stageID = " . $_SESSION['stageID'];
$sql .= " and av.isarchive = '1' ";
$sql .= " order by dateline DESC ";
$heading = "News Content Archive Manager";
break;
}
}
//print $sql;
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$my_articles = array();
while ($row = $db->fetcharray()) {
$my_articles[] = $row;
}
$n = $db->getnumrows();
$db->freeresult();
//print_r($my_articles);
$totalrows = count($my_articles);
$limit = 10;
$paging = ceil($totalrows / $limit);
$scroll = 1;
$scrollnumber = 5;
if (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
if ( !isset($_SESSION['login'])) {
header('Location: login.php');
}
if (isset($_SESSION['login'])) {
$userID = $_SESSION['userID'];
$usertype = $_SESSION['usertype'];
}
*/
$db = new database();
$sql = "select * from content_users ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$content_users = array();
while ($content_users[] = $db->fetcharray()) {
}
$db->freeresult();
for ($i = 0; $i < count($content_users) - 1; $i++) {
$i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5");
$row_data .= '<tr class="tdhover" bgcolor = "' . $bgcolor . '" align = "center">';
$row_data .= '<td align="left">';
$row_data .= $content_users[$i]->fullname;
$row_data .= '</td>';
$row_data .= '<td>';
$row_data .= $content_users[$i]->username;
$row_data .= '</td>';
$row_data .= '<td>';
$row_data .= '<label>';
$row_data .= $content_users[$i]->is_loggedin;
$row_data .= '</label>';
} else {
$ads148x300 .= '<p><a href="' . $PHP_SELF . '?bannerID=' . $bannerdata->bannerID . '">';
$ads148x300 .= '<img src="' . makeRelativePath($bannerdata->banner_imageurl, 7) . '" border="0" width="130" ></a>';
$ads148x300 .= '</p>';
}
}
/**
* Get the sponsored links.., esp. the active clients
*/
$sql = " select website from corporate_partners cp ";
$sql .= " where cp.status = '1' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$links = array();
while ($links[] = $db->fetcharray()) {
}
$db->freeresult();
$sponsoredlinks = '';
$n = count($links) - 1;
for ($i = 0; $i < $n; $i++) {
// Count the active banners
foreach ($links as $field => $values) {
if ($field == 'clientID') {
if (checkhttptext($links[$i]->website)) {
$url = splithttptext($links[$i]->website);
$sponsoredlinks .= '<li><a href="' . $links[$i]->website . '">' . $url[1] . '</a></li>';
} else {
$sponsoredlinks .= '<li><a href="http://' . $links[$i]->website . '">' . $links[$i]->website . '</a></li>';
}
}
$message = 'Successfully saved the tasks: ' . $_SESSION['title'];
break;
case 'delete':
$message = 'Successfully delete the task(s) ';
break;
}
unset($_SESSION['task']);
}
$db = new database();
$created = simpledate(time());
$sql = "select * from tasks order by created_t desc";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$tasks = array();
while ($tasks[] = $db->fetcharray()) {
}
$totalrows = count($tasks);
$limit = 10;
$paging = ceil($totalrows / $limit);
$scroll = 0;
$scrollnumber = 5;
if (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
$start = $page * $limit - $limit;
$pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber);
$j = $start + 1;
for ($i = $start; $i < $start + $limit; $i++) {
break;
case 'add':
$message = 'Successfully saved client: ' . $_SESSION['title'];
break;
default:
$message = '';
break;
}
unset($_SESSION['task']);
}
$sql = " select * from corporate_partners order by registerDate desc ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$clients = array();
while ($clients[] = $db->fetcharray()) {
}
//print_r($clients);
$totalrows = count($clients);
$limit = 10;
$paging = ceil($totalrows / $limit);
$scroll = 1;
$scrollnumber = 5;
if (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
$start = $page * $limit - $limit;
$pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber);
$j = $start + 1;
session_start();
// if user is not login..redirect him to login page
if (!isset($_SESSION['login'])) {
header('Location: login.php');
}
if (isset($_SESSION['login'])) {
$userID = $_SESSION['userID'];
$usertype = $_SESSION['usertype'];
}
$db = new database();
$sql = " select * from user_log ";
if (!($result = $db->query($sql))) {
die('Error :' . $db->error());
}
$user_log = array();
while ($user_log[] = $db->fetcharray()) {
}
$db->freeresult();
for ($i = 0; $i < count($user_log) - 1; $i++) {
$i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5");
$row_data .= '<tr class="tdhover" id="tdata" bgcolor = "' . $bgcolor . '" align = "center">';
$row_data .= '<td align="left">';
$row_data .= '<a href="' . VIEW_PROFILE_URL . $user_log[$i]->userID . '">';
//$row_data .= '<input type="hidden" value = "' . $user_log[$i]->userID . '">';
$user_fullname = getUser_info($user_log[$i]->userID, 'fullname');
$row_data .= $user_fullname;
$row_data .= $user_log[$i]->fullname;
$row_data .= '</a>';
$row_data .= '</td>';
$row_data .= '<td>';
$username = getUser_info($user_log[$i]->userID, 'username');
$userID = $_SESSION['userID'];
$usertype = $_SESSION['usertype'];
}
if (isset($_SESSION['message'])) {
$message = $_SESSION['message'];
unset($_SESSION['message']);
}
$quotaID = $_GET['quotaID'];
$_SESSION['quotaID'] = $quotaID;
$db = new database();
$sql = " select * from quota where quotaID='{$quotaID}' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$quota = array();
if ($quota[] = $db->fetcharray()) {
}
$db->freeresult();
$myquota = $quota[0]->quota;
if ($quota[0]->isdefault) {
$optyesno .= '<input name="isdefault" type="radio" value="1" checked>Yes';
$optyesno .= '<input name="isdefault" type="radio" value="0" >No';
} else {
$optyesno .= '<input name="isdefault" type="radio" value="1" >Yes';
$optyesno .= '<input name="isdefault" type="radio" value="0" checked >No';
}
// Log the activity
$action = new activity();
$action->track_activity($userID, $action->creating_category, '-');
// ok baby, let start compiling the page now..go! go! go! {mh}
$tpl = new template_parser('../templates/edit_quota.tpl.php');
if ( $field == 'articleID' ) {
$other_headlines .= '<li><a href="view_article.php?articleID=' . $other_headlinenews[$i]->articleID . '">' . $other_headlinenews[$i]->title . '</a>';
$other_headlines .= '</li>';
}
}
}
*/
/**
* obtain list of the category
*/
$sql = "select * from category order by category_name ASC";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$categories = array();
while ($categories[] = $db->fetcharray()) {
}
$totalcategories = count($categories);
$categorylist = '';
for ($i = 0; $i < $totalcategories - 1; $i++) {
foreach ($categories as $field => $value) {
if ($field == 'category_name') {
$categorylist .= '<li><a href="' . VIEW_CATEGORY_URL . $categories[$i]->categoryID . '">' . $categories[$i]->category_name . '</a></li>';
}
}
}
/**
* Get the set of images of the article...( its better to have 1 image per article,, ok na!!)
*/
$imagesets = getArticle_imageSets($view_article[0]->articleID);
if (count($imagesets) > 1) {
$db = new database();
$x = new online_tracker();
$x->tracker();
$gerger = new gerger_timer();
$gerger->start();
$gerger->setprecision(4);
/**
* obtain list of all client ads, images
*/
$sql = " select * from corporate_partners_imgs ";
$sql .= " where banner_show = '1' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$alladvertisements = array();
while ($alladvertisements[] = $db->fetcharray()) {
}
$ads = '';
for ($i = 0; $i < count($alladvertisements) - 1; $i++) {
foreach ($alladvertisements as $field => $value) {
if ($field == 'bannerID') {
if (checkhttptext($alladvertisements[$i]->banner_clickURL)) {
$ads .= '<div id= "banner_imgs" >';
$ads .= '<a href="' . $alladvertisements[$i]->banner_clickURL . '" >';
$ads .= '<img src= "' . makeRelativepath($alladvertisements[$i]->banner_imageurl, 7) . '" border="0" ></a>';
$ads .= '</div>';
} else {
$ads .= '<div id= "banner_imgs" >';
$ads .= '<a href="http://' . $alladvertisements[$i]->banner_clickURL . '" >';
$ads .= '<img src= "' . makeRelativepath($alladvertisements[$i]->banner_imageurl, 7) . '" border="0" ></a>';
$ads .= '</div>';
session_start();
// if user is not login..redirect him to login page
if (!isset($_SESSION['login'])) {
header('Location: ../index.php');
}
$bannerID = $_GET['bannerID'];
$_SESSION['bannerID'] = $bannerID;
$clientID = $_SESSION['clientID'];
//print_r($_SESSION);
$db = new database();
$sql = " select * from corporate_partners_imgs cp ";
$sql .= " where cp.bannerID=" . intval($bannerID);
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
while ($cpimages[] = $db->fetcharray()) {
}
$sql = " select * from corporate_partners_imgs cp , stockphotos s \r\n where cp.banner_clientID= {$clientID}\r\n and s.imageID=cp.imageID ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$ads = array();
while ($ads[] = $db->fetcharray()) {
}
/**
* Populate all the corporate partners into an array..
*/
$bannerurl = '';
for ($i = 0; $i < count($ads); $i++) {
foreach ($ads as $field => $data) {
if ($field == 'bannerID') {
<?php
require 'admin/coreclass.php';
$db = new database();
$x = new online_tracker();
$x->tracker();
$gerger = new gerger_timer();
$gerger->start();
$gerger->setprecision(4);
$sql = " select * from other_site_content where status='Published' and id=2 order by created desc ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$about = array();
while ($about[] = $db->fetcharray()) {
}
$db->freeresult();
$title = $about[0]->title;
$body = $about[0]->body;
/*
* Get the default stylesheets
*/
include 'admin/template.configuration.php';
$stylesheet = ' themes/' . $default_template_name . '/' . $default_template_stylesheet;
$db->close();
$gerger->stop();
$pagegenerated = $gerger->display();
// Generate the page now
$tpl = new template_parser('themes/templates/aboutus2.tpl.php');
$tags = array('{TITLE}' => $title, '{BODY}' => $body, '{PAGE_GENERATED}' => ' ' . $pagegenerated, '{FOOTER}' => 'themes/templates/footer.tpl.php', '{STYLESHEET}' => $stylesheet);
$tpl->parse_template($tags);
case 'add':
$message = 'Successfully saved the quota: ' . $_SESSION['title'];
break;
case 'delete':
$message = 'Successfully delete the quota(s)';
break;
}
unset($_SESSION['task']);
}
$db = new database();
$sql = " select * from quota order by quota asc";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$quota = array();
while ($quota[] = $db->fetcharray()) {
}
$totalrows = count($quota);
$limit = 10;
$paging = ceil($totalrows / $limit);
$scroll = 1;
$scrollnumber = 5;
if (isset($_GET['page'])) {
$page = $_GET['page'];
} else {
$page = 1;
}
$start = $page * $limit - $limit;
$pagelink = new paging($page, $totalrows, $limit, $paging, $scroll, $scrollnumber);
$j = $start + 1;
for ($i = $start; $i < $start + $limit; $i++) {
if (!isset($_SESSION['login'])) {
header('Location: ../index.php');
}
//print_r($_SESSION);
//print_r($_POST);
unset($_SESSION['imageID']);
// remove pre-existing sessions
unset($_SESSION['bannerID']);
$clientID = $_SESSION['clientID'];
$db = new database();
$sql = " select * from corporate_partners_imgs cp , stockphotos s \r\n where cp.banner_clientID= {$clientID}\r\n and s.imageID=cp.imageID ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$ads = array();
while ($ads[] = $db->fetcharray()) {
}
/**
* Populate all the corporate partners into an array..
*/
$bannerurl = '';
for ($i = 0; $i < count($ads); $i++) {
foreach ($ads as $field => $data) {
if ($field == 'bannerID') {
$imgurl = $ads[$i]->banner_imageurl;
$bannerurl .= '<option value="' . $imgurl . '">';
//$bannerurl .= '<option value="' . $ads[$i]->imageID . '">';
$bannerurl .= makeRelativePath($imgurl, 9);
$bannerurl .= '</option>';
}
}
switch ($viewby) {
case 'uploads':
$sql = " select * from stockphotos";
break;
case 'cpartners':
$sql = " select * from corporate_partners_imgs ";
$sql .= " where banner_clientID= " . intval($clientID);
break;
default:
break;
}
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$cpimgs = array();
while ($cpimgs[] = $db->fetcharray()) {
}
// display images by uploads...
if ($viewby == 'uploads') {
for ($i = 0; $i < count($cpimgs) - 1; $i++) {
foreach ($cpimgs as $imageID => $imagename) {
if ($imageID == 'imageID') {
$dir_images .= '<div class = "xpthumbnail2">';
$dir_images .= '<a href="' . $cpimgs[$i]->imageID . '">';
$imageurl = makeRelativePath($cpimgs[$i]->image_filename, 4);
$imageID = $cpimgs[$i]->imageID;
$dir_images .= "<a href = \"javascript:openPopup('preview_image_details.php?imageID={$imageID}' ,'1024x768','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,width=200,height=200')\">";
$dir_images .= '<div class="center"><img src="' . $imageurl . '" width="50" height="65" border="0" alt ="' . $file . '"></div>';
$dir_images .= '</a>';
$dir_images .= '<br>' . makeRelativePath($imageurl, 6);
$dir_images .= '<br><a href="delete_image.php?imageID=' . $cpimgs[$i]->imageID . '" ><img src="../admin/images/edit_trash.gif" border="0"></a>';
$phoneno = $_POST['phoneno'];
$faxno = $_POST['faxno'];
$extrainfo = $_POST['extrainfo'];
$registerDate = $_SESSION['registerDate'];
$address = $_POST['address'];
}
$db = new database();
if (isset($_POST['task'])) {
switch ($_POST['task']) {
case 'add':
$sql = "";
break;
case 'edit':
$sql = "select * from corporate_partners where username = '******' and clientID !=" . $_SESSION['clickclientID'];
$db->query($sql);
$db->fetcharray();
if ($db->getnumrows() > 0) {
echo '<script>alert("Username is already taken by someone, Please choose another username.");history.go(-2);</script>';
exit;
}
$sql = "select * from corporate_partners where emailadd = '{$emailadd}' and clientID !=" . $_SESSION['clickclientID'];
$db->query($sql);
$db->fetcharray();
if ($db->getnumrows() > 0) {
echo '<script>alert("This email is already registered. If you forgot the password click on Lost your Password and new password will be sent to you.");window.history.go(-2);</script>';
exit;
}
break;
}
}
/*if ( $password != $password2 ) {
} else {
$sql .= " av.status = 'approved' or av.status = 'published' ";
}
}
if ($rejected) {
if ($approved) {
$sql .= " or av.status = 'rejected' ";
} else {
$sql .= " and av.status = 'rejected' ";
}
}
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$reports = array();
while ($reports[] = $db->fetcharray()) {
}
$_SESSION['report_newsdirector_articles'] = $reports;
//print_r($reports);
if (!($db->getnumrows() > 0)) {
$no_records_found = true;
}
if ($no_records_found) {
$result_msg = 'No Records Found';
} else {
for ($i = 0; $i < count($reports); $i++) {
if ($reports[$i]->article_versionID) {
$i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5");
$row_data .= '<tr class="tdhover" id= "tdata" bgcolor = "' . $bgcolor . '">';
$row_data .= '<td>';
$row_data .= $i + 1;
include 'configuration.php';
require 'coreclass.php';
session_start();
if (!isset($_SESSION['login'])) {
header('Location: login.php');
}
if (isset($_SESSION['login'])) {
$userID = $_SESSION['userID'];
$usertype = $_SESSION['usertype'];
}
$db = new database();
$id = $_GET['id'];
$sql = " select * from other_site_content \r\n\t\twhere id = '{$id}' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
while ($content[] = $db->fetcharray()) {
}
$db->freeresult();
$category = $content[0]->category;
$datecreated = friendlydate($content[0]->created);
$author = getUser_info($content[0]->author, 'fullname');
// start generating page
$tpl = new template_parser('../templates/preview_sitecontent.tpl.php');
$tags = array('{CATEGORY}' => $category, '{AUTHOR}' => $author, '{DATE_CREATED}' => $datecreated, '{TITLE}' => $content[0]->title, '{BODY}' => $content[0]->body);
$tpl->parse_template($tags);
print $tpl->display();
?>
require 'admin/coreclass.php';
$db = new database();
$x = new online_tracker();
$x->tracker();
$gerger = new gerger_timer();
$gerger->start();
$gerger->setprecision(4);
$articleID = $_GET['articleID'];
$sql = " select * from article_versions av ";
$sql .= " where av.articleID =" . intval($articleID);
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$view_article = array();
while ($view_article[] = $db->fetcharray()) {
}
$dateline = $view_article[0]->dateline;
// get the dateline of the headline news..
$day = $view_article[0]->published_day;
$month = $view_article[0]->published_month;
$year = $view_article[0]->published_year;
$articleID = $view_article[0]->articleID;
/**
* Get the other news on this category
*/
$categoryID = getArticle_category_info($articleID, 'categoryID');
$sql = " select * from article_versions av , ";
$sql .= " article_category ac ";
$sql .= " where av.stageID = '6' ";
$sql .= " and ac.articleID = av.articleID ";
$x = new online_tracker();
$x->tracker();
$gerger = new gerger_timer();
$gerger->start();
$gerger->setprecision(4);
/**
* retrieve all the news articles on live
*/
$sql = " select * from article_versions av ";
$sql .= " where av.stageID = '6' ";
$sql .= " order by av.dateline DESC ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$allarticles = array();
while ($row = $db->fetcharray()) {
$allarticles[] = $row;
}
$totalarticles = count($allarticles);
/**
* Get the headline news
*/
$sql = " select * from article_versions av , ";
$sql .= " article_frontpage af ";
$sql .= " where af.frontpage_sectionID = 1 ";
$sql .= " and av.stageID = 6 ";
$sql .= " and af.articleID = av.articleID";
//$sql .= " and av.isarchive = 1 ";
$sql .= " group by av.articleID ";
$sql .= " order by av.dateline desc limit 1 ";
//echo $sql;
<?php
require 'admin/coreclass.php';
$articleID = $_GET['articleID'];
$db = new database();
$sql = "select * from article_versions ";
$sql .= " where articleID=" . intval($articleID);
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
while ($article[] = $db->fetcharray()) {
}
$db->freeresult();
$title = $article[0]->title;
$author = getArticle_authors_info($article[0]->articleID, 'fullname');
$dateline = friendlyDate3($article[0]->dateline);
$body = strip_tags($article[0]->article_body, '');
$doc = new document_generator('templates/preview.rtf');
$tags = array('<TITLE>' => $title, '<AUTHOR>' => $author, '<DATELINE>' => $dateline, '<BODY>' => $body);
$doc->doc_tags($tags);
echo $doc->display();
/**
* Get current active quota
*/
function getActiveQuota()
{
$sql = "select * from quota where isdefault=1 ";
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$quota = array();
if ($quota[] = $db->fetcharray()) {
}
return $quota[0]->quota;
}
$set_template = "../templates/edit_article.tpl.php";
}
break;
}
$n = $db->getnumrows();
$db->freeresult();
/**
* Get all the tasks
*/
$sql = " select * from tasks where assignedto = '{$userID}' and status != 'Completed' ";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
//echo $sql;
$tasks = array();
while ($row = $db->fetcharray()) {
$tasks[] = $row;
}
$sql = "select * from article_tasks where articleID = " . $_SESSION['articleID'];
$db->query($sql);
$currenttask[] = $db->fetcharray();
$db->freeresult();
$tasklist = '';
foreach ($tasks as $field => $data) {
if ($data->taskID == $currenttask[0]->taskID) {
$tasklist .= '<option value="' . $data->taskID . '" selected >';
$tasklist .= $data->subject;
$tasklist .= '</option>';
} else {
$tasklist .= '<option value="' . $data->taskID . '">';
$tasklist .= $data->subject;
/**
* This function will send a query to the table user_stage then, retrieve the
* stages that the user has been assign..
* return the recordset in array()
*/
function query_data($userID)
{
// get this user stages of this user...
$sql = "select * from user_stage us\r\n\t\twhere us.userID = " . intval($userID) . " order by us.stageID ASC ";
// sort the STAGES accordingly..
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$user_stages = array();
while ($row = $db->fetcharray()) {
$user_stages[] = $row;
}
$db->freeresult();
// simply free the result..
print 'USERNAME='******'username'];
// ok pepol,, lets chek his user stages..
$sql = " select * from ";
// if the user has been assign with SOME workflows...
$state = 0;
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// if the user is on writing stage, retrieve his articles
$sql .= " articles a ,";
$sql .= " article_author aa ";
$state = 1;
// we assume that there was another stages been assign..
break;
case 2:
// the user is assign on editing stage..
$editing_stage = 1;
break;
case 3:
// ..proofreading stage..
$proofreading_stage = 1;
break;
case 4:
// ..publishinng stage..
$publishing_stage = 1;
break;
}
}
}
// if this user has been assign with these stages..editing, proofreading ..etc...
if ($editing_stage == 1 || $proofreading_stage == 1 || $publishing_stage == 1) {
if (count($user_stages) > 1) {
// this user is assign with SOME WORKFLOWS..
if ($state) {
//
$sql .= " ,article_versions av ";
} else {
// simply, first call of the article versions..
$sql .= " article_versions av ";
}
} else {
// this user has been set with one workflows..
$sql .= " article_versions av ";
}
}
$sql .= " where ";
// WHERE CLAUSE HERE..very important!!!!
$state = 0;
if (count($user_stages) > 1) {
// this user has been assign with SOME WORKFLOWS
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
$sql .= " and aa.userID = {$userID} ";
$state = 1;
break;
case 2:
// editor
// PROBLEM : concatenation of and..ex. editor+chef
if ($state) {
$sql .= " and av.stageID = 2 ";
} else {
$sql .= " av.stageID = 2 ";
}
break;
case 3:
// editor n chief
if ($state) {
$sql .= " and av.stageID = 3 ";
} else {
$sql .= " av.stageID = 3 ";
}
//$sql .= " and av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " and av.stageID = 4 ";
break;
}
}
}
} else {
foreach ($user_stages as $field => $user_stage) {
if ($user_stage->stageID) {
switch ($user_stage->stageID) {
case 1:
// writer
$sql .= " a.stageID = 1 ";
//$sql .= " and aa.userID = $userID ";
break;
case 2:
// editor
$sql .= " av.stageID = 2 ";
//$sql .= " and av.modified_by = $userID ";
break;
case 3:
// editor n chief
$sql .= " av.stageID = 3 ";
//$sql .= " or av.modified_by = $userID ";
break;
case 4:
// publisher
$sql .= " av.stageID = 4 ";
break;
}
}
}
}
print '[SQL=' . $sql;
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$query_data = array();
while ($query_data[] = $db->fetcharray()) {
}
print '[totalrec=' . $db->getnumrows();
//print_r($query_data );
return $query_data;
$db->close();
// close connection
}
<?php
require '../admin/coreclass.php';
session_start();
$db = new database();
if (isset($_POST['submit'])) {
$username = $_POST['username'];
$password = $_POST['password'];
$sql = " select * from corporate_partners ";
$sql .= " where username= '******'";
$sql .= " and password = '******' ";
//$sql .= " and status = '1' ";
$db->query($sql);
while ($result[] = $db->fetcharray()) {
}
if ($db->getNumRows() > 0) {
// the userlogin is found..saved his userdata.
if ($result[0]->status > 0) {
$_SESSION['login'] = true;
$_SESSION['username'] = $result[0]->username;
$_SESSION['clientID'] = $result[0]->clientID;
$_SESSION['clientname'] = $result[0]->clientname;
header('Location: client_window.php');
} else {
echo '<script>alert("Sorry, this account was blocked by the administrator. Please contact the administrator to enable the account. Thanks.");history.go(-1);</script>';
session_unset();
session_destroy();
exit;
}
} else {
echo '<script>alert("Incorrect username or password. Please try again.");history.go(-1);</script>';
for ($i = 1; $i <= 12; $i++) {
$optmonth .= '<option value ="' . date("M", mktime(0, 0, 0, $i, 1, 0)) . '">' . date("M", mktime(0, 0, 0, $i, 1, 0)) . '</option>';
}
for ($i = 1; $i <= 31; $i++) {
$optday .= '<option value ="' . $i . '">' . date("d", mktime(0, 0, 0, 0, $i, 0)) . '</option>';
}
// TODO: bai moi kindly change the year must be DYNAMIC!!
$optyear .= '<option value ="2006">' . date('Y') . '</option>';
$db = new database();
$sql = " select * from content_users where usertypeID=2 order by fullname asc";
//$sql = " select * from content_users order by fullname asc";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$contentwriters = array();
while ($contentwriters[] = $db->fetcharray()) {
}
$totalrows = count($contentwriters);
$j = 1;
$quota = getActiveQuota();
for ($i = 0; $i < $totalrows; $i++) {
if ($contentwriters[$i]->userID) {
$i % 2 == 0 ? $bgcolor = "" : ($bgcolor = "#F5F5F5");
$row_data .= '<tr class="tdhover" id= "tdata" bgcolor = "' . $bgcolor . '">';
$row_data .= '<td>';
$row_data .= $j++;
$row_data .= '</td>';
if ($contentwriters[$i]->userID == $assignedto) {
$row_data .= '<td>';
$row_data .= '<input type="radio" name="cid[]" id="cb' . $i . '" value="' . $contentwriters[$i]->userID . '" onClick="isChecked(this.checked)" checked/>';
$row_data .= '</td>';
*/
$sql = " select * from article_versions av , ";
$sql .= " article_frontpage af , ";
$sql .= " article_category ac ";
$sql .= " where av.stageID = 6 ";
//$sql .= " and af.frontpage_sectionID = 1 ";
//$sql .= " and af.articleID = av.articleID";
$sql .= " and ac.articleID = av.articleID ";
$sql .= " and ac.categoryID= " . intval($categoryID);
$sql .= " group by av.articleID ";
$sql .= " order by av.dateline desc limit 1";
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$headline = array();
while ($headline[] = $db->fetcharray()) {
}
$db->freeresult();
// get the dateline of the headline news..
$day = $headline[0]->published_day;
$month = $headline[0]->published_month;
$year = $headline[0]->published_year;
$articleID = $headline[0]->articleID;
$fullstory = '<p><a href="view_article.php?articleID=' . $articleID . '" >FULLSTORY >></a></p>';
/**
* Get the set of images of the article...( its better to have 1 image per article,, ok na!!)
*/
$imagesets = getArticle_imageSets($headline[0]->articleID);
if (count($imagesets) > 1) {
$photo = '';
$photo .= '<div id="column2">';
$articleID = $_SESSION['articleID'];
$title = addslashes($_SESSION['title']);
$article_body = addslashes($_SESSION['article_body']);
$created = $_SESSION['created'];
$d = $_SESSION['created_day'];
$m = $_SESSION['created_month'];
$y = $_SESSION['created_year'];
$dateline = $_SESSION['dateline'];
//$edited_by = $_SESSION['userID']; // MYSTERY BUG HERE...
//$edited_by = 0;
$stageID = $_SESSION['stageID'];
//print_r($_POST);
// print_r($_SESSION);
$sql = "select * from article_tasks where articleID = '{$articleID}' ";
$db->query($sql);
while ($articletask[] = $db->fetcharray()) {
}
if ($db->getnumrows() > 0) {
$articletaskID = $articletask[0]->taskID;
/* check if the article met the deadline */
$currenttime = time();
$sql = "select * from tasks where taskID = '{$articletaskID}' ";
$db->query($sql);
if ($db->getnumrows() > 0) {
$gettask = array();
while ($gettask[] = $db->fetcharray()) {
}
$duedate = $gettask[0]->enddate;
if ($currenttime > $duedate) {
echo '<script>alert("Sorry, the article is no longer accepted because you haven\'t met the deadline of this task which is ' . friendlydate5($duedate) . '. If you really want to submit the article kindly contact the editor.");</script>';
echo '<script>history.go(-1);</script>';
}
//print_r($topiclist );
//$db->freeresult();
//print_r($_POST);
if (isset($_POST['pol'])) {
$ptopicid = $_POST['pol'];
$date = date('Y-m-d');
$sql = "SELECT * FROM poll_topic";
$sql .= " WHERE topic_date = '{$date}' OR '{$date}' BETWEEN topic_date AND expiry_date and topic_id = '{$ptopicid}' ";
//echo $sql;
$db = new database();
if (!($result = $db->query($sql))) {
die('Error:' . $db->error());
}
$poll = array();
while ($poll[] = $db->fetcharray()) {
}
$topicid = $poll[0]->topic_id;
$topic = $poll[0]->topic;
$labels = $poll[0]->response_label;
$labels = explode(",", $labels);
foreach ($labels as $idx => $value) {
$optlabel .= '<input name="label" type="radio" value="' . $value . '">' . $value;
$optlabel .= '<br>';
}
$viewpollresult .= '<input type="button" class="button2" onClick=popupWindow("' . "admin/create_poll_graph.php?topic_id=" . $topicid . '","win1",530,350,"yes","yes"); name="submit" value="Results" class="button" />';
//$viewpollresult = '<a href="#" onClick=popupWindow("' . "admin/create_poll_graph.php?topic_id=" . $topicid . '","win100",530,350,"yes","yes");>';
//$viewpollresult .= ' <b class="whitetext">Results</b>';
$viewpollresult .= '</a>';
$polls .= '<form name="pollform" method="post" action="admin/save_poll_response2.php">';
$polls .= ' <input type="hidden" name="topicid" value="' . $ptopicid . '" >';
