function TPortalDLAdmin()
{
global $txt, $scripturl, $boarddir, $boardurl, $smcFunc, $context, $settings, $sourcedir;
// check permissions
if (isset($_POST['dl_useredit'])) {
checkSession('post');
} else {
isAllowedTo('tp_dlmanager');
}
// add visual options to this section
$dl_visual = explode(',', $context['TPortal']['dl_visual_options']);
$dv = array('left', 'right', 'center', 'top', 'bottom', 'lower');
foreach ($dv as $v => $val) {
if (in_array($val, $dl_visual)) {
$context['TPortal'][$val . 'panel'] = '1';
$context['TPortal']['dl_' . $val] = '1';
} else {
$context['TPortal'][$val . 'panel'] = '0';
}
}
if (in_array('showtop', $dl_visual)) {
$context['TPortal']['showtop'] = true;
$context['TPortal']['dl_top'] = true;
} else {
$context['TPortal']['showtop'] = false;
}
if ($context['TPortal']['hidebars_admin_only'] == '1') {
tp_hidebars();
}
// fetch membergroups so we can quickly set permissions
// dlmanager, dlupload, dlcreatetopic
$context['TPortal']['perm_all_groups'] = get_grps();
$context['TPortal']['perm_groups'] = tp_fetchpermissions(array('tp_dlmanager', 'tp_dlupload', 'tp_dlcreatetopic'));
$context['TPortal']['boards'] = tp_fetchboards();
$context['TPortal']['all_dlitems'] = array();
$request = $smcFunc['db_query']('', '
SELECT id, name FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
ORDER BY name ASC', array('type' => 'dlitem'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['all_dlitems'][] = array('id' => $row['id'], 'name' => $row['name']);
}
$smcFunc['db_free_result']($request);
}
// Add in BBC editor before we call in template so the headers are there
if ($context['TPortal']['dl_wysiwyg'] == 'bbc') {
if ($context['TPortal']['dlsub'] == 'adminaddcat') {
$context['TPortal']['editor_id'] = 'newdladmin_text';
TP_prebbcbox($context['TPortal']['editor_id']);
} else {
$context['TPortal']['editor_id'] = 'tp_dl_introtext';
TP_prebbcbox($context['TPortal']['editor_id'], $context['TPortal']['dl_introtext']);
}
}
// any items from the ftp screen?
if (!empty($_POST['ftpdlsend'])) {
// new category?
if (!empty($_POST['assign-ftp-newcat'])) {
$newcat = true;
$newcatname = $_POST['assign-ftp-newcat'];
if (isset($_POST['assign-ftp-cat']) && $_POST['assign-ftp-cat'] > 0) {
$newcatparent = $_POST['assign-ftp-cat'];
} else {
$newcatparent = 0;
}
if ($newcatname == '') {
$newcatname = '-no name-';
}
} else {
$newcat = false;
$newcatname = '';
$newcatnow = $_POST['assign-ftp-cat'];
$newcatparent = 0;
}
// if new category create it first.
if ($newcat) {
$request = $smcFunc['db_insert']('INSERT', '{db_prefix}tp_dlmanager', array('name' => 'string', 'description' => 'string', 'icon' => 'string', 'category' => 'int', 'type' => 'string', 'downloads' => 'int', 'views' => 'int', 'file' => 'string', 'created' => 'int', 'last_access' => 'int', 'filesize' => 'int', 'parent' => 'int', 'access' => 'string', 'link' => 'string', 'author_id' => 'int', 'screenshot' => 'string', 'rating' => 'string', 'voters' => 'string', 'subitem' => 'int'), array($newcatname, '', '', 0, 'dlcat', 0, 0, '', 0, 0, 0, $newcatparent, '', '', $context['user']['id'], '', '', '', 0), array('id'));
$newcatnow = $smcFunc['db_insert_id']($request);
}
// now go through each file and put it into the table.
foreach ($_POST as $what => $value) {
if (substr($what, 0, 19) == 'assign-ftp-checkbox') {
$name = $value;
$now = time();
$fsize = filesize($boarddir . '/tp-downloads/' . $value);
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_dlmanager', array('name' => 'string', 'description' => 'string', 'icon' => 'string', 'category' => 'int', 'type' => 'string', 'downloads' => 'int', 'views' => 'int', 'file' => 'string', 'created' => 'int', 'last_access' => 'int', 'filesize' => 'int', 'parent' => 'int', 'access' => 'string', 'link' => 'string', 'author_id' => 'int', 'screenshot' => 'string', 'rating' => 'string', 'voters' => 'string', 'subitem' => 'int'), array($name, '', '', $newcatnow, 'dlitem', 1, 1, $value, $now, $now, $fsize, 0, '', '', $context['user']['id'], '', '', '', 0), array('id'));
}
}
// done, set a value to make member aware of assigned category
redirectexit('action=tpmod;dl=adminftp;ftpcat=' . $newcatnow);
}
// check for new category
if (!empty($_POST['newdlsend'])) {
// get the items
$name = strip_tags($_POST['newdladmin_name']);
// no html here
if (empty($name)) {
$name = $txt['tp-dlnotitle'];
}
$text = $_POST['newdladmin_text'];
$parent = $_POST['newdladmin_parent'];
$icon = $boardurl . '/tp-downloads/icons/' . $_POST['newdladmin_icon'];
// special case, the access
$dlgrp = array();
foreach ($_POST as $what => $value) {
if (substr($what, 0, 16) == 'newdladmin_group') {
$vv = substr($what, 16);
if ($vv != '-2') {
$dlgrp[] = $vv;
}
}
}
$access = implode(',', $dlgrp);
// insert the category
$request = $smcFunc['db_insert']('INSERT', '{db_prefix}tp_dlmanager', array('name' => 'string', 'description' => 'string', 'icon' => 'string', 'category' => 'int', 'type' => 'string', 'downloads' => 'int', 'views' => 'int', 'file' => 'string', 'created' => 'int', 'last_access' => 'int', 'filesize' => 'int', 'parent' => 'int', 'access' => 'string', 'link' => 'string', 'author_id' => 'int', 'screenshot' => 'string', 'rating' => 'string', 'voters' => 'string', 'subitem' => 'int'), array($name, $text, $icon, 0, 'dlcat', 0, 0, '', 0, 0, 0, $parent, $access, '', $context['user']['id'], '', '', '', 0), array('id'));
$newcat = $smcFunc['db_insert_id']($request);
redirectexit('action=tpmod;dl=admineditcat' . $newcat);
}
$myid = 0;
// check if tag links are present
if (isset($_POST['dladmin_itemtags'])) {
$itemid = $_POST['dladmin_itemtags'];
// get title
$request = $smcFunc['db_query']('', '
SELECT name FROM {db_prefix}tp_dlmanager
WHERE id = {int:item} LIMIT 1', array('item' => $itemid));
$title = $smcFunc['db_fetch_row']($request);
// remove old ones first
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE value3 = {string:val3}
AND subtype2 = {int:sub}', array('val3' => 'dladmin_itemtags', 'sub' => $itemid));
$alltags = array();
foreach ($_POST as $what => $value) {
// a tag from edit items
if (substr($what, 0, 17) == 'dladmin_itemtags_') {
$tag = substr($what, 17);
$itemid = $value;
// insert new one
$href = '?action=tpmod;dl=item' . $itemid;
$tg = '<span style="background: url(' . $settings['tp_images_url'] . '/glyph_download.png) no-repeat;" class="taglink">' . $title[0] . '</span>';
if (!empty($tag)) {
$smcFunc['db_query']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($href, $tg, 'dladmin_itemtags', '', 0, $tag, '', '', $itemid), array('id'));
$alltags[] = $tag;
}
}
}
$tg = implode(',', $alltags);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET global_tag = {string:tag}
WHERE id = {int:item}', array('tag' => $tg, 'item' => $itemid));
$myid = $itemid;
$go = 2;
$newgo = 2;
}
// check if tag links are present -categories
if (isset($_POST['dladmin_cattags'])) {
$itemid = $_POST['dladmin_cattags'];
// get title
$request = $smcFunc['db_query']('', '
SELECT name FROM {db_prefix}tp_dlmanager
WHERE id = {int:item} LIMIT 1', array('item' => $itemid));
$title = $smcFunc['db_fetch_row']($request);
// remove old ones first
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE value3 = {string:val3}
AND subtype2 = {int:sub}', array('val3' => 'dladmin_cattags', 'sub' => $itemid));
foreach ($_POST as $what => $value) {
// a tag from edit category
if (substr($what, 0, 16) == 'dladmin_cattags_') {
$tag = substr($what, 16);
$itemid = $value;
// insert new one
$href = '?action=tpmod;dl=cat' . $itemid;
$title = $title[0] . ' [' . strtolower($txt['tp-downloads']) . '] ';
$smcFunc['db_query']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($href, $title, 'dladmin_cattags', '', 0, $tag, '', '', $itemid), array('id'));
}
}
$myid = $itemid;
$go = 3;
$newgo = 3;
}
// check for access value
if (!empty($_POST['dlsend'])) {
$admgrp = array();
$groupset = false;
$dlgrp = array();
$dlset = false;
$visual = array();
$visualset = false;
$creategrp = array();
$dlmanager_grp = array();
$dlupload_grp = array();
$dlcreatetopic_grp = array();
// Our settings array to send to updateTPSettings();
$changeArray = array();
foreach ($_POST as $what => $value) {
if (substr($what, 0, 13) == 'dladmin_group') {
$val = substr($what, 13);
if ($val != '-2') {
$admgrp[] = $val;
}
$groupset = true;
$id = $value;
} elseif (substr($what, 0, 8) == 'tp_group') {
if ($value != '-2') {
$dlgrp[] = $value;
}
$dlset = true;
} elseif (substr($what, 0, 20) == 'tp_dl_visual_options') {
if ($value != 'not') {
$visual[] = $value;
}
$visualset = true;
} elseif (substr($what, 0, 11) == 'tp_dlboards') {
$creategrp[] = $value;
}
}
if ($groupset) {
$dlaccess = implode(',', $admgrp);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET access = {string:access}
WHERE id = {int:item}', array('access' => $dlaccess, 'item' => $id));
}
if (!empty($_POST['dlsettings'])) {
$changeArray['dl_createtopic_boards'] = implode(',', $creategrp);
}
if ($dlset) {
$changeArray['dl_approve_groups'] = implode(',', $dlgrp);
}
if ($visualset) {
$changeArray['dl_visual_options'] = implode(',', $visual);
}
$go = 0;
if (!empty($_FILES['qup_dladmin_text']['tmp_name']) && (file_exists($_FILES['qup_dladmin_text']['tmp_name']) || is_uploaded_file($_FILES['qup_dladmin_text']['tmp_name']))) {
$name = TPuploadpicture('qup_dladmin_text', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
if (!empty($_FILES['qup_blockbody']['tmp_name']) && (file_exists($_FILES['qup_dladmin_text']['tmp_name']) || is_uploaded_file($_FILES['qup_dladmin_text']['tmp_name']))) {
$name = TPuploadpicture('qup_dladmin_text', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
// a screenshot from edit item screen?
if (!empty($_FILES['tp_dluploadpic_edit']['tmp_name']) && (file_exists($_FILES['tp_dluploadpic_edit']['tmp_name']) || is_uploaded_file($_FILES['tp_dluploadpic_edit']['tmp_name']))) {
$shot = true;
} else {
$shot = false;
}
if ($shot) {
$sid = $_POST['tp_dluploadpic_editID'];
$sfile = 'tp_dluploadpic_edit';
$uid = $context['user']['id'] . 'uid';
$dim = '1800';
$suf = 'jpg,gif,png';
$dest = 'tp-images/dlmanager';
$sname = TPuploadpicture($sfile, $uid, $dim, $suf, $dest);
$screenshot = $sname;
tp_createthumb($dest . '/' . $sname, $context['TPortal']['dl_screenshotsize'][0], $context['TPortal']['dl_screenshotsize'][1], $dest . '/thumb/' . $sname);
tp_createthumb($dest . '/' . $sname, $context['TPortal']['dl_screenshotsize'][2], $context['TPortal']['dl_screenshotsize'][3], $dest . '/listing/' . $sname);
tp_createthumb($dest . '/' . $sname, $context['TPortal']['dl_screenshotsize'][4], $context['TPortal']['dl_screenshotsize'][5], $dest . '/single/' . $sname);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET screenshot = {string:ss}
WHERE id = {int:item}', array('ss' => $screenshot, 'item' => $sid));
$uploaded = true;
} else {
$screenshot = '';
$uploaded = false;
}
if (isset($_POST['tp_dluploadpic_link']) && !$uploaded) {
$sid = $_POST['tp_dluploadpic_editID'];
$screenshot = $_POST['tp_dluploadpic_link'];
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET screenshot = {string:ss}
WHERE id = {int:item}', array('ss' => $screenshot, 'item' => $sid));
} else {
$screenshot = '';
}
// a new file uploaded?
if (!empty($_FILES['tp_dluploadfile_edit']['tmp_name']) && is_uploaded_file($_FILES['tp_dluploadfile_edit']['tmp_name'])) {
$shot = true;
} else {
$shot = false;
}
if ($shot) {
$sid = $_POST['tp_dluploadfile_editID'];
$shotname = $_FILES['tp_dluploadfile_edit']['name'];
$sname = strtr($shotname, 'ŠŽšžŸÀÁÂÃÄÅÇÈÉÊËÌÍÎÏÑÒÓÔÕÖØÙÚÛÜÝàáâãäåçèéêëìíîïñòóôõöøùúûüýÿ', 'SZszYAAAAAACEEEEIIIINOOOOOOUUUUYaaaaaaceeeeiiiinoooooouuuuyy');
$sname = strtr($sname, array('Þ' => 'TH', 'þ' => 'th', 'Ð' => 'DH', 'ð' => 'dh', 'ß' => 'ss', 'Œ' => 'OE', 'œ' => 'oe', 'Æ' => 'AE', 'æ' => 'ae', 'µ' => 'u'));
$sname = preg_replace(array('/\\s/', '/[^\\w_\\.\\-]/'), array('_', ''), $sname);
$sname = time() . $sname;
// check the size
$dlfilesize = filesize($_FILES['tp_dluploadfile_edit']['tmp_name']);
if ($dlfilesize > 1000 * $context['TPortal']['dl_max_upload_size']) {
unlink($_FILES['tp_dluploadfile_edit']['tmp_name']);
$error = $txt['tp-dlmaxerror'] . ' ' . $context['TPortal']['dl_max_upload_size'] . ' Kb<br /><br />' . $txt['tp-dlmaxerror2'] . ': ' . ceil($dlfilesize / 1000) . ' Kb';
fatal_error($error);
}
// check the extension
$allowed = explode(',', $context['TPortal']['dl_allowed_types']);
$match = false;
foreach ($allowed as $extension => $value) {
$ext = '.' . $value;
$extlen = strlen($ext);
if (substr($sname, strlen($sname) - $extlen, $extlen) == $ext) {
$match = true;
}
}
if (!$match) {
unlink($_FILES['tp_dluploadfile_edit']['tmp_name']);
$error = $txt['tp-dlexterror'] . ':<b> <br />' . $context['TPortal']['dl_allowed_types'] . '</b><br /><br />' . $txt['tp-dlexterror2'] . ': <b>' . $sname . '</b>';
fatal_error($error);
}
$success2 = move_uploaded_file($_FILES['tp_dluploadfile_edit']['tmp_name'], $boarddir . '/tp-downloads/' . $sname);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET file = {string:file}
WHERE id = {int:item}', array('file' => $sname, 'item' => $sid));
$new_upload = true;
// update filesize as well
$value = filesize($boarddir . '/tp-downloads/' . $sname);
if (!is_numeric($value)) {
$value = 0;
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET filesize = {int:size}
WHERE id = {int:item}', array('size' => $value, 'item' => $sid));
$myid = $sid;
$go = 2;
}
// get all values from forms
foreach ($_POST as $what => $value) {
if (substr($what, 0, 12) == 'dladmin_name') {
$id = substr($what, 12);
// no html here
$value = strip_tags($value);
if (empty($value)) {
$value = '-no title-';
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET name = {string:name}
WHERE id = {int:item}', array('name' => $value, 'item' => $id));
} elseif (substr($what, 0, 12) == 'dladmin_icon') {
$id = substr($what, 12);
if ($value != '') {
$val = $boardurl . '/tp-downloads/icons/' . $value;
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET icon = {string:icon}
WHERE id = {int:item}', array('icon' => $val, 'item' => $id));
}
} elseif (substr($what, 0, 12) == 'dladmin_text') {
$id = substr($what, 12);
if (is_numeric($id)) {
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST[$what . '_mode']) && isset($_REQUEST[$what])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST[$what] = html_to_bbc($_REQUEST[$what]);
// We need to unhtml it now as it gets done shortly.
$_REQUEST[$what] = un_htmlspecialchars($_REQUEST[$what]);
// We need this for everything else.
$value = $_POST[$what] = $_REQUEST[$what];
}
if (isset($_POST['dladmin_text' . $id . '_pure']) && isset($_POST['dladmin_text' . $id . '_choice'])) {
if ($_POST['dladmin_text' . $id . '_choice'] == 1) {
$value = $_POST['dladmin_text' . $id];
} else {
$value = $_POST['dladmin_text' . $id . '_pure'];
}
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET description = {string:desc}
WHERE id = {int:item}', array('desc' => $value, 'item' => $id));
}
} elseif (substr($what, 0, 14) == 'dladmin_delete') {
$id = substr($what, 14);
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}', array('item' => $id));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
if ($row['type'] == 'dlitem') {
$category = $row['category'];
if ($category > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET downloads = downloads - 1
WHERE id = {int:cat} LIMIT 1', array('cat' => $category));
}
// delete both screenshot and file
if (!empty($row['file']) && file_exists($boarddir . '/tp-downloads/' . $row['file'])) {
$succ = unlink($boarddir . '/tp-downloads/' . $row['file']);
if (!$succ) {
$err = $txt['tp-dlfilenotdel'] . ' (' . $row['file'] . ')';
}
}
if (!empty($row['screenshot']) && file_exists($boarddir . '/' . $row['screenshot'])) {
$succ2 = unlink($boarddir . '/' . $row['screenshot']);
if (!$succ2) {
$err .= '<br />' . $txt['tp-dlssnotdel'] . ' (' . $row['screenshot'] . ')';
}
}
}
$smcFunc['db_free_result']($request);
}
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}', array('item' => $id));
if (isset($err)) {
fatal_error($err);
}
redirectexit('action=tpmod;dl=admincat' . $category);
} elseif (substr($what, 0, 15) == 'dladmin_approve' && $value == 'ON') {
$id = abs(substr($what, 15));
$request = $smcFunc['db_query']('', '
SELECT category FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}', array('item' => $id));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$newcat = abs($row[0]);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET category = {int:cat}
WHERE id = {int:item}', array('cat' => $newcat, 'item' => $id));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE type = {string:type}
AND value5 = {int:val5}', array('type' => 'dl_not_approved', 'val5' => $id));
$smcFunc['db_free_result']($request);
}
} elseif (substr($what, 0, 16) == 'dl_admin_approve' && $value == 'ON') {
$id = abs(substr($what, 16));
$request = $smcFunc['db_query']('', '
SELECT category FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}', array('item' => $id));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$newcat = abs($row[0]);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET category = {int:cat}
WHERE id = {int:item}', array('cat' => $newcat, 'item' => $id));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE type = {string:type}
AND value5 = {int:val5}', array('type' => 'dl_not_approved', 'val5' => $id));
$smcFunc['db_free_result']($request);
}
} elseif (substr($what, 0, 16) == 'dladmin_category') {
$id = substr($what, 16);
// update, but not on negative values :)
if ($value > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET category = {int:cat}
WHERE id = {int:item}', array('cat' => $value, 'item' => $id));
}
} elseif (substr($what, 0, 14) == 'dladmin_parent') {
$id = substr($what, 14);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET parent = {int:parent}
WHERE id = {int:item}', array('parent' => $value, 'item' => $id));
} elseif (substr($what, 0, 15) == 'dladmin_subitem') {
$id = substr($what, 15);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET subitem = {int:sub}
WHERE id = {int:item}', array('sub' => $value, 'item' => $id));
} elseif (substr($what, 0, 11) == 'tp_dlcatpos') {
$id = substr($what, 11);
if (!empty($_POST['admineditcatval'])) {
$myid = $_POST['admineditcatval'];
$go = 4;
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET downloads = {int:down}
WHERE id = {int:item}', array('down' => $value, 'item' => $id));
} elseif (substr($what, 0, 18) == 'dladmin_screenshot') {
$id = substr($what, 18);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET screenshot = {string:ss}
WHERE id = {int:item}', array('ss' => $value, 'item' => $id));
} elseif (substr($what, 0, 12) == 'dladmin_link') {
$id = substr($what, 12);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET link = {string:link}
WHERE id = {int:item}', array('link' => $value, 'item' => $id));
} elseif (substr($what, 0, 12) == 'dladmin_file' && !isset($new_upload)) {
$id = substr($what, 12);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET file = {string:file}
WHERE id = {int:item}', array('file' => $value, 'item' => $id));
$myid = $id;
$go = 2;
} elseif (substr($what, 0, 12) == 'dladmin_size' && !isset($new_upload)) {
$id = substr($what, 12);
// check the actual size
$name = $_POST['dladmin_file' . $id];
$value = filesize($boarddir . '/tp-downloads/' . $name);
if (!is_numeric($value)) {
$value = 0;
}
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET filesize = {int:size}
WHERE id = {int:item}', array('size' => $value, 'item' => $id));
} elseif ($what == 'tp_dl_allowed_types') {
$changeArray['dl_allowed_types'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_usescreenshot') {
$changeArray['dl_usescreenshot'] = $value;
$go = 1;
} elseif (substr($what, 0, 20) == 'tp_dl_screenshotsize') {
// which one
$who = substr($what, 20);
$result = $smcFunc['db_query']('', '
SELECT value FROM {db_prefix}tp_settings
WHERE name = {string:name} LIMIT 1', array('name' => 'dl_screenshotsizes'));
$row = $smcFunc['db_fetch_assoc']($result);
$smcFunc['db_free_result']($result);
$all = explode(',', $row['value']);
$all[$who] = $value;
$changeArray['dl_screenshotsizes'] = implode(',', $all);
$go = 1;
} elseif ($what == 'tp_dl_showfeatured') {
$changeArray['dl_showfeatured'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_wysiwyg') {
$changeArray['dl_wysiwyg'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_showrecent') {
$changeArray['dl_showlatest'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_showstats') {
$changeArray['dl_showstats'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_showcategorytext') {
$changeArray['dl_showcategorylist'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_featured') {
$changeArray['dl_featured'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_introtext') {
if ($context['TPortal']['dl_wysiwyg'] == 'bbc') {
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST['tp_dl_introtext']) && isset($_REQUEST['tp_dl_introtext'])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST['tp_dl_introtext'] = html_to_bbc($_REQUEST['tp_dl_introtext']);
// We need to unhtml it now as it gets done shortly.
$_REQUEST['tp_dl_introtext'] = un_htmlspecialchars($_REQUEST['tp_dl_introtext']);
// We need this for everything else.
$value = $_POST['tp_dl_introtext'] = $_REQUEST['tp_dl_introtext'];
}
}
$changeArray['dl_introtext'] = trim($value);
$go = 1;
} elseif ($what == 'tp_dluploadsize') {
$changeArray['dl_max_upload_size'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_approveonly') {
$changeArray['dl_approve'] = $value;
$go = 1;
} elseif ($what == 'tp_dlallowupload') {
$changeArray['dl_allow_upload'] = $value;
$go = 1;
} elseif ($what == 'tp_dl_fileprefix') {
$changeArray['dl_fileprefix'] = $value;
$go = 1;
} elseif ($what == 'tp_dltheme') {
$changeArray['dlmanager_theme'] = $value;
$go = 1;
}
}
// Update all the changes settings finally
updateTPSettings($changeArray);
// if we came from useredit screen..
if (isset($_POST['dl_useredit'])) {
redirectexit('action=tpmod;dl=useredit' . $_POST['dl_useredit']);
}
if (!empty($newgo)) {
$go = $newgo;
}
// guess not, admin screen then
if ($go == 1) {
redirectexit('action=tpmod;dl=adminsettings');
} elseif ($go == 2) {
redirectexit('action=tpmod;dl=adminitem' . $myid);
} elseif ($go == 3) {
redirectexit('action=tpmod;dl=admineditcat' . $myid);
} elseif ($go == 4) {
redirectexit('action=tpmod;dl=admincat' . $myid);
}
}
// ****************
TP_dlgeticons();
// get all themes
$context['TPthemes'] = array();
$request = $smcFunc['db_query']('', '
SELECT value AS name, id_theme as ID_THEME
FROM {db_prefix}themes
WHERE variable = {string:var}
AND id_member = {int:id_mem}
ORDER BY value ASC', array('var' => 'name', 'id_mem' => 0));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPthemes'][] = array('id' => $row['ID_THEME'], 'name' => $row['name']);
}
$smcFunc['db_free_result']($request);
}
// fetch all files from tp-downloads
$context['TPortal']['tp-downloads'] = array();
$count = 1;
if ($handle = opendir($boarddir . '/tp-downloads')) {
while (false !== ($file = readdir($handle))) {
if ($file != '.' && $file != '..' && $file != '.htaccess' && $file != 'icons') {
$size = floor(filesize($boarddir . '/tp-downloads/' . $file) / 102.4) / 10;
$context['TPortal']['tp-downloads'][$count] = array('id' => $count, 'file' => $file, 'size' => $size);
$count++;
}
}
closedir($handle);
}
// get all membergroups for permissions
$context['TPortal']['dlgroups'] = get_grps(true, true);
//fetch all categories
$sorted = array();
$context['TPortal']['linkcats'] = array();
$srequest = $smcFunc['db_query']('', '
SELECT id, name, description, icon, access, parent
FROM {db_prefix}tp_dlmanager
WHERE type = {string:type} ORDER BY downloads ASC', array('type' => 'dlcat'));
if ($smcFunc['db_num_rows']($srequest) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($srequest)) {
// for the linktree
$context['TPortal']['linkcats'][$row['id']] = array('id' => $row['id'], 'name' => $row['name'], 'parent' => $row['parent']);
$sorted[$row['id']] = array('id' => $row['id'], 'parent' => $row['parent'], 'name' => $row['name'], 'text' => $row['description'], 'icon' => $row['icon']);
}
$smcFunc['db_free_result']($srequest);
}
// sort them
if (count($sorted) > 1) {
$context['TPortal']['admuploadcats'] = chain('id', 'parent', 'name', $sorted);
} else {
$context['TPortal']['admuploadcats'] = $sorted;
}
$context['TPortal']['dl_admcats'] = array();
$context['TPortal']['dl_admcats2'] = array();
$context['TPortal']['dl_admitems'] = array();
$context['TPortal']['dl_admcount'] = array();
$context['TPortal']['dl_admsubmitted'] = array();
$context['TPortal']['dl_allitems'] = array();
// count items in each category
$request = $smcFunc['db_query']('', '
SELECT file, category
FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}', array('type' => 'dlitem'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if ($row['category'] < 0) {
if (isset($context['TPortal']['dl_admsubmitted'][abs($row['category'])])) {
$context['TPortal']['dl_admsubmitted'][abs($row['category'])]++;
} else {
$context['TPortal']['dl_admsubmitted'][abs($row['category'])] = 1;
}
} else {
if (isset($context['TPortal']['dl_admcount'][$row['category']])) {
$context['TPortal']['dl_admcount'][$row['category']]++;
} else {
$context['TPortal']['dl_admcount'][$row['category']] = 1;
}
}
$context['TPortal']['dl_allitems'][] = $row['file'];
}
$smcFunc['db_free_result']($request);
}
// fetch all categories
$admsub = substr($context['TPortal']['dlsub'], 5);
if ($admsub == '') {
$context['TPortal']['dl_title'] = $txt['tp-dladmin'];
// fetch all categories with subcats
$req = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
ORDER BY downloads ASC', array('type' => 'dlcat'));
if ($smcFunc['db_num_rows']($req) > 0) {
while ($brow = $smcFunc['db_fetch_assoc']($req)) {
if (isset($context['TPortal']['dl_admcount'][$brow['id']])) {
$items = $context['TPortal']['dl_admcount'][$brow['id']];
} else {
$items = 0;
}
if (isset($context['TPortal']['dl_admsubmitted'][$brow['id']])) {
$sitems = $context['TPortal']['dl_admsubmitted'][$brow['id']];
} else {
$sitems = 0;
}
$context['TPortal']['admcats'][] = array('id' => $brow['id'], 'name' => $brow['name'], 'icon' => $brow['icon'], 'access' => $brow['access'], 'parent' => $brow['parent'], 'description' => $brow['description'], 'shortname' => $brow['link'], 'items' => $items, 'submitted' => $sitems, 'total' => $items + $sitems, 'href' => $scripturl . '?action=tpmod;dl=admincat' . $brow['id'], 'href2' => $scripturl . '?action=tpmod;dl=admineditcat' . $brow['id'], 'href3' => $scripturl . '?action=tpmod;dl=admindelcat' . $brow['id'], 'pos' => $brow['downloads']);
}
$smcFunc['db_free_result']($req);
}
} elseif (substr($admsub, 0, 3) == 'cat') {
$cat = substr($admsub, 3);
// get the parent first
$request = $smcFunc['db_query']('', '
SELECT parent, name, link
FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
AND id = {int:item}', array('type' => 'dlcat', 'item' => $cat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$catparent = abs($row['parent']);
$catname = $row['name'];
$catshortname = $row['link'];
$smcFunc['db_free_result']($request);
}
// fetch items within a category
$request = $smcFunc['db_query']('', '
SELECT dl.*, dl.author_id as authorID,m.real_name as realName
FROM ({db_prefix}tp_dlmanager AS dl, {db_prefix}members AS m)
WHERE abs(dl.category) = {int:cat}
AND dl.type = {string:type}
AND dl.subitem = {int:sub}
AND dl.author_id = m.id_member
ORDER BY dl.id DESC', array('cat' => $cat, 'type' => 'dlitem', 'sub' => 0));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['dl_admitems'][] = array('id' => $row['id'], 'name' => $row['name'], 'icon' => $row['icon'], 'category' => abs($row['category']), 'file' => $row['file'], 'filesize' => floor($row['filesize'] / 1024), 'views' => $row['views'], 'authorID' => $row['authorID'], 'author' => '<a href="' . $scripturl . '?action=profile;u=' . $row['authorID'] . '">' . $row['realName'] . '</a>', 'created' => timeformat($row['created']), 'last_access' => timeformat($row['last_access']), 'description' => $row['description'], 'downloads' => $row['downloads'], 'sshot' => $row['screenshot'], 'link' => $row['link'], 'href' => $scripturl . '?action=tpmod;dl=adminitem' . $row['id'], 'approved' => $row['category'] < 0 ? '0' : '1', 'approve' => $scripturl . '?action=tpmod;dl=adminapprove' . $row['id']);
}
$smcFunc['db_free_result']($request);
}
// fetch all categories with subcats
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
ORDER BY name ASC', array('type' => 'dlcat'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if (isset($context['TPortal']['dl_admcount'][$row['id']])) {
$items = $context['TPortal']['dl_admcount'][$row['id']];
} else {
$items = 0;
}
if (isset($context['TPortal']['dl_admsubmitted'][$row['id']])) {
$sitems = $context['TPortal']['dl_admsubmitted'][$row['id']];
} else {
$sitems = 0;
}
$context['TPortal']['admcats'][] = array('id' => $row['id'], 'name' => $row['name'], 'pos' => $row['downloads'], 'icon' => $row['icon'], 'shortname' => $row['link'], 'access' => $row['access'], 'parent' => $row['parent'], 'description' => $row['description'], 'items' => $items, 'submitted' => $sitems, 'total' => $items + $sitems, 'href' => $scripturl . '?action=tpmod;dl=admincat' . $row['id'], 'href2' => $scripturl . '?action=tpmod;dl=admineditcat' . $row['id'], 'href3' => $scripturl . '?action=tpmod;dl=admindelcat' . $row['id']);
}
$smcFunc['db_free_result']($request);
}
// check to see if its child
$parents = array();
while ($catparent > 0) {
$parents[$catparent] = array('id' => $catparent, 'name' => $context['TPortal']['linkcats'][$catparent]['name'], 'parent' => $context['TPortal']['linkcats'][$catparent]['parent']);
$catparent = $context['TPortal']['linkcats'][$catparent]['parent'];
}
// make the linktree
TPadd_linktree($scripturl . '?action=tpmod;dl=admin', $txt['tp-dladmin']);
if (isset($parents)) {
$parts = array_reverse($parents, TRUE);
// add to the linktree
foreach ($parts as $parent) {
TPadd_linktree($scripturl . '?action=tpmod;dl=admincat' . $parent['id'], $parent['name']);
}
}
// add to the linktree
TPadd_linktree($scripturl . '?action=tpmod;dl=admincat' . $cat, $catname);
} elseif ($context['TPortal']['dlsub'] == 'adminsubmission') {
// check any submissions if admin
$submitted = array();
isAllowedTo('tp_dlmanager');
$context['TPortal']['dl_admitems'] = array();
$request = $smcFunc['db_query']('', '
SELECT dl.id, dl.name, dl.file, dl.created, dl.filesize, dl.author_id as authorID, m.real_name as realName
FROM ({db_prefix}tp_dlmanager AS dl, {db_prefix}members AS m)
WHERE dl.type = {string:type}
AND dl.category < 0
AND dl.author_id = m.id_member', array('type' => 'dlitem'));
if ($smcFunc['db_num_rows']($request) > 0) {
$rows = $smcFunc['db_num_rows']($request);
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['dl_admitems'][] = array('id' => $row['id'], 'name' => $row['name'], 'file' => $row['file'], 'filesize' => floor($row['filesize'] / 1024), 'href' => $scripturl . '?action=tpmod;dl=adminitem' . $row['id'], 'author' => '<a href="' . $scripturl . '?action=profile;u=' . $row['authorID'] . '">' . $row['realName'] . '</a>', 'date' => timeformat($row['created']));
$submitted[] = $row['id'];
}
$smcFunc['db_free_result']($request);
}
// check that submissions link to downloads
$request = $smcFunc['db_query']('', '
SELECT id,value5 FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'dl_not_approved'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$what = $row['id'];
if (!in_array($row['value5'], $submitted)) {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE id = {int:item}', array('item' => $what));
}
}
$smcFunc['db_free_result']($request);
}
} elseif (substr($admsub, 0, 7) == 'editcat') {
$context['TPortal']['dl_title'] = '<a href="' . $scripturl . '?action=tpmod;dl=admin">' . $txt['tp-dladmin'] . '</a>';
$cat = substr($admsub, 7);
// edit category
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}
AND type = {string:type} LIMIT 1', array('item' => $cat, 'type' => 'dlcat'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['admcats'][] = array('id' => $row['id'], 'name' => $row['name'], 'access' => $row['access'], 'shortname' => $row['link'], 'description' => $row['description'], 'icon' => $row['icon'], 'parent' => $row['parent']);
}
$smcFunc['db_free_result']($request);
}
if ($context['TPortal']['dl_wysiwyg'] == 'bbc') {
$context['TPortal']['editor_id'] = 'dladmin_text' . $context['TPortal']['admcats'][0]['id'];
TP_prebbcbox($context['TPortal']['editor_id'], $context['TPortal']['admcats'][0]['description']);
}
} elseif (substr($admsub, 0, 6) == 'delcat') {
$context['TPortal']['dl_title'] = '<a href="' . $scripturl . '?action=tpmod;dl=admin">' . $txt['tp-dladmin'] . '</a>';
$cat = substr($admsub, 6);
// delete category and all item it's in
$request = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
AND category = {int:cat}', array('type' => 'dlitem', 'cat' => $cat));
$request = $smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_dlmanager
WHERE id = {int:cat} LIMIT 1', array('cat' => $cat));
redirectexit('action=tpmod;dl=admin');
} elseif (substr($admsub, 0, 8) == 'settings') {
$context['TPortal']['dl_title'] = $txt['tp-dlsettings'];
} elseif (substr($admsub, 0, 4) == 'item') {
$item = substr($admsub, 4);
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_dlmanager
WHERE id = {int:item}
AND type = {string:type} LIMIT 1', array('item' => $item, 'type' => 'dlitem'));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
// is it actually a subitem?
if ($row['subitem'] > 0) {
redirectexit('action=tpmod;dl=adminitem' . $row['subitem']);
}
// Add in BBC editor before we call in template so the headers are there
if ($context['TPortal']['dl_wysiwyg'] == 'bbc') {
$context['TPortal']['editor_id'] = 'dladmin_text' . $item;
TP_prebbcbox($context['TPortal']['editor_id'], $row['description']);
}
// get all items for a list
$context['TPortal']['admitems'] = array();
$itemlist = $smcFunc['db_query']('', '
SELECT id, name FROM {db_prefix}tp_dlmanager
WHERE id != {int:item}
AND type = {string:type}
AND subitem = 0
ORDER BY name ASC', array('item' => $item, 'type' => 'dlitem'));
if ($smcFunc['db_num_rows']($itemlist) > 0) {
while ($ilist = $smcFunc['db_fetch_assoc']($itemlist)) {
$context['TPortal']['admitems'][] = array('id' => $ilist['id'], 'name' => $ilist['name']);
}
}
// Any additional files then..?
$subitem = $row['id'];
$fdata = array();
$fetch = $smcFunc['db_query']('', '
SELECT id, name, file, downloads, filesize, created
FROM {db_prefix}tp_dlmanager
WHERE type = {string:type}
AND subitem = {int:sub}', array('type' => 'dlitem', 'sub' => $subitem));
if ($smcFunc['db_num_rows']($fetch) > 0) {
while ($frow = $smcFunc['db_fetch_assoc']($fetch)) {
if ($context['TPortal']['dl_fileprefix'] == 'K') {
$ffs = ceil($row['filesize'] / 1000) . ' Kb';
} elseif ($context['TPortal']['dl_fileprefix'] == 'M') {
$ffs = ceil($row['filesize'] / 1000) / 1000 . ' Mb';
} elseif ($context['TPortal']['dl_fileprefix'] == 'G') {
$ffs = ceil($row['filesize'] / 1000000) / 1000 . ' Gb';
}
$fdata[] = array('id' => $frow['id'], 'name' => $frow['name'], 'file' => $frow['file'], 'href' => $scripturl . '?action=tpmod;dl=item' . $frow['id'], 'downloads' => $frow['downloads'], 'created' => $frow['created'], 'filesize' => $ffs);
}
$smcFunc['db_free_result']($fetch);
}
if (!empty($row['screenshot'])) {
if (substr($row['screenshot'], 0, 10) == 'tp-images/') {
$sshot = $boardurl . '/' . $row['screenshot'];
} else {
$sshot = $boardurl . '/tp-images/dlmanager/listing/' . $row['screenshot'];
}
}
$context['TPortal']['dl_admitems'][] = array('id' => $row['id'], 'name' => $row['name'], 'icon' => $row['icon'], 'category' => $row['category'], 'file' => $row['file'], 'views' => $row['views'], 'authorID' => $row['author_id'], 'description' => $row['description'], 'created' => timeformat($row['created']), 'last_access' => timeformat($row['last_access']), 'filesize' => substr($row['file'], 14) != '- empty item -' ? floor(filesize($boarddir . '/tp-downloads/' . $row['file']) / 1024) : '0', 'downloads' => $row['downloads'], 'sshot' => !empty($sshot) ? $sshot : '', 'screenshot' => $row['screenshot'], 'link' => $row['link'], 'href' => $scripturl . '?action=tpmod;dl=adminitem' . $row['id'], 'approved' => $row['category'] < 0 ? '0' : '1', 'approve' => $scripturl . '?action=tpmod;dl=adminitem' . $row['id'], 'subitem' => $fdata);
$authorID = $row['author_id'];
$catparent = $row['category'];
$itemname = $row['name'];
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT mem.real_name as realName
FROM {db_prefix}members as mem
WHERE mem.id_member = {int:id_mem}', array('id_mem' => $authorID));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['admcurrent']['member'] = $row['realName'];
$smcFunc['db_free_result']($request);
} else {
$context['TPortal']['admcurrent']['member'] = '-' . $txt['guest_title'] . '-';
}
}
// check to see if its child
$parents = array();
while ($catparent > 0) {
$parents[$catparent] = array('id' => $catparent, 'name' => $context['TPortal']['linkcats'][$catparent]['name'], 'parent' => $context['TPortal']['linkcats'][$catparent]['parent']);
$catparent = $context['TPortal']['linkcats'][$catparent]['parent'];
}
// make the linktree
TPadd_linktree($scripturl . '?action=tpmod;dl=admin', $txt['tp-dldownloads']);
if (isset($parents)) {
$parts = array_reverse($parents, TRUE);
// add to the linktree
foreach ($parts as $parent) {
TPadd_linktree($scripturl . '?action=tpmod;dl=admincat' . $parent['id'], $parent['name']);
}
}
// add to the linktree
TPadd_linktree($scripturl . '?action=tpmod;dl=adminitem' . $item, $itemname);
}
loadTemplate('TPdladmin');
if (loadLanguage('TPmodules') == false) {
loadLanguage('TPmodules', 'english');
}
if (loadLanguage('TPortalAdmin') == false) {
loadLanguage('TPortalAdmin', 'english');
}
// setup admin tabs according to subaction
$context['admin_area'] = 'tp_dlmanager';
$context['admin_tabs'] = array('title' => $txt['tp-dlheader1'], 'help' => $txt['tp-dlheader2'], 'description' => $txt['tp-dlheader3'], 'tabs' => array());
if (allowedTo('tp_dlmanager')) {
$context['TPortal']['subtabs'] = array('admin' => array('text' => 'tp-dltabs4', 'url' => $scripturl . '?action=tpmod;dl=admin', 'active' => substr($context['TPortal']['dlsub'], 0, 5) == 'admin' && $context['TPortal']['dlsub'] != 'adminsettings' && $context['TPortal']['dlsub'] != 'adminaddcat' && $context['TPortal']['dlsub'] != 'adminftp' && $context['TPortal']['dlsub'] != 'adminsubmission'), 'settings' => array('text' => 'tp-dltabs1', 'url' => $scripturl . '?action=tpmod;dl=adminsettings', 'active' => $context['TPortal']['dlsub'] == 'adminsettings'), 'addcategory' => array('text' => 'tp-dltabs2', 'url' => $scripturl . '?action=tpmod;dl=adminaddcat', 'active' => $context['TPortal']['dlsub'] == 'adminaddcat'), 'upload' => array('text' => 'tp-dltabs3', 'url' => $scripturl . '?action=tpmod;dl=upload', 'active' => $context['TPortal']['dlsub'] == 'upload'), 'submissions' => array('text' => 'tp-dlsubmissions', 'url' => $scripturl . '?action=tpmod;dl=adminsubmission', 'active' => $context['TPortal']['dlsub'] == 'adminsubmission'), 'ftp' => array('text' => 'tp-dlftp', 'url' => $scripturl . '?action=tpmod;dl=adminftp', 'active' => $context['TPortal']['dlsub'] == 'adminftp'));
}
$context['template_layers'][] = 'tpadm';
$context['template_layers'][] = 'subtab';
TPadminIndex('');
$context['current_action'] = 'admin';
}
function do_articles()
{
global $context, $txt, $settings, $boardurl, $scripturl, $smcFunc;
// do an update of stray articles and categories
$acats = array();
$request = $smcFunc['db_query']('', '
SELECT id FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$acats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
}
if (count($acats) > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_variables
SET value2 = {int:val2}
WHERE type = {string:type}
AND value2 NOT IN ({array_string:value2})', array('val2' => 0, 'type' => 'category', 'value2' => $acats));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET category = {int:cat}
WHERE category NOT IN({array_int:category})
AND category > 0', array('cat' => 0, 'category' => $acats));
}
// first check any ajax stuff
if (isset($_GET['arton'])) {
checksession('get');
$what = is_numeric($_GET['arton']) ? $_GET['arton'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET off = IF(off = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artlock'])) {
checksession('get');
$what = is_numeric($_GET['artlock']) ? $_GET['artlock'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET locked = IF(locked = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artsticky'])) {
checksession('get');
$what = is_numeric($_GET['artsticky']) ? $_GET['artsticky'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET sticky = IF(sticky = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artfront'])) {
checksession('get');
$what = is_numeric($_GET['artfront']) ? $_GET['artfront'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET frontpage = IF(frontpage = 0 , 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
} else {
return;
}
} elseif (isset($_GET['artfeat'])) {
checksession('get');
$what = is_numeric($_GET['artfeat']) ? $_GET['artfeat'] : '0';
if ($what > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET featured = IF(featured = 0, 1, 0)
WHERE id = {int:artid}', array('artid' => $what));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET featured = {int:featured}
WHERE id != {int:artid}', array('featured' => 0, 'artid' => $what));
} else {
return;
}
} elseif (isset($_GET['catdelete'])) {
checksession('get');
$what = is_numeric($_GET['catdelete']) ? $_GET['catdelete'] : '0';
if ($what > 0) {
// first get info
$request = $smcFunc['db_query']('', '
SELECT id, value2 FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $what));
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$newcat = !empty($row['value2']) ? $row['value2'] : 0;
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_variables
SET value2 = {int:val2}
WHERE value2 = {int:varid}', array('val2' => $newcat, 'varid' => $what));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $what));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET category = {int:cat}
WHERE category = {int:catid}', array('cat' => $newcat, 'catid' => $what));
redirectexit('action=tpadmin;sa=categories');
} else {
redirectexit('action=tpadmin;sa=categories');
}
} elseif (isset($_GET['artdelete'])) {
checksession('get');
$what = is_numeric($_GET['artdelete']) ? $_GET['artdelete'] : '0';
$cu = is_numeric($_GET['cu']) ? $_GET['cu'] : '';
if ($cu == -1) {
$strays = true;
$cu = '';
}
if ($what > 0) {
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_articles
WHERE id = {int:artid}', array('artid' => $what));
$smcFunc['db_query']('', '
DELETE FROM {db_prefix}tp_variables
WHERE value5 = {int:artid}', array('artid' => $what));
}
redirectexit('action=tpadmin' . (!empty($cu) ? ';cu=' . $cu : '') . (isset($strays) ? ';sa=strays' . $cu : ';sa=articles'));
}
// for the non-category articles, do a count.
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE category = 0 OR category = 9999');
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['total_nocategory'] = $row['total'];
$smcFunc['db_free_result']($request);
// for the submissions too
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE approved = 0');
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['total_submissions'] = $row['total'];
$smcFunc['db_free_result']($request);
// we are on categories screen
if (in_array($context['TPortal']['subaction'], array('categories', 'addcategory'))) {
TPadd_linktree($scripturl . '?action=tpadmin;sa=categories', $txt['tp-categories']);
// first check if we simply want to copy or set as child
if (isset($_GET['cu']) && is_numeric($_GET['cu'])) {
$ccat = $_GET['cu'];
if (isset($_GET['copy'])) {
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$row['value1'] .= '__copy';
$smcFunc['db_free_result']($request);
$smcFunc['db_insert']('insert', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($row['value1'], $row['value2'], $row['value3'], $row['type'], $row['value4'], $row['value5'], $row['subtype'], $row['value7'], $row['value8'], $row['subtype2']), array('id'));
}
redirectexit('action=tpadmin;sa=categories');
} elseif (isset($_GET['child'])) {
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid}', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$row['value1'] .= '__copy';
$smcFunc['db_free_result']($request);
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int', 'subtype' => 'string', 'value7' => 'string', 'value8' => 'string', 'subtype2' => 'int'), array($row['value1'], $row['id'], $row['value3'], $row['type'], $row['value4'], $row['value5'], $row['subtype'], $row['value7'], $row['value8'], $row['subtype2']), array('id'));
}
redirectexit('action=tpadmin;sa=categories');
} else {
// get membergroups
get_grps();
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $ccat));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$o = explode('|', $row['value7']);
foreach ($o as $t => $opt) {
$b = explode('=', $opt);
if (isset($b[1])) {
$row[$b[0]] = $b[1];
}
}
$smcFunc['db_free_result']($request);
$check = array('layout', 'catlayout', 'toppanel', 'bottompanel', 'leftpanel', 'rightpanel', 'upperpanel', 'lowerpanel', 'showchild');
foreach ($check as $c => $ch) {
if (!isset($row[$ch])) {
$row[$ch] = 0;
}
}
$context['TPortal']['editcategory'] = $row;
}
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent, value3, value4,
value5, subtype, value7, value8, subtype2
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['editcats'] = array();
$allsorted = array();
$alcats = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$row['indent'] = 0;
$allsorted[$row['id']] = $row;
$alcats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['editcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['editcats'] = $allsorted;
}
}
TPadd_linktree($scripturl . '?action=tpadmin;sa=categories;cu=' . $ccat, $txt['tp-editcategory']);
}
return;
}
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent, value3, value4,
value5, subtype, value7, value8, subtype2
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['editcats'] = array();
$allsorted = array();
$alcats = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$row['indent'] = 0;
$allsorted[$row['id']] = $row;
$alcats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['editcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['editcats'] = $allsorted;
}
}
// get the filecount as well
if (count($alcats) > 0) {
$request = $smcFunc['db_query']('', '
SELECT art.category as id, COUNT(art.id) as files
FROM {db_prefix}tp_articles as art
WHERE art.category IN ({string:cats})
GROUP BY art.category', array('cats' => implode(',', $alcats)));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['cats_count'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['cats_count'][$row['id']] = $row['files'];
}
$smcFunc['db_free_result']($request);
}
}
if ($context['TPortal']['subaction'] == 'addcategory') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=addcategory', $txt['tp-addcategory']);
}
return;
}
TPadd_linktree($scripturl . '?action=tpadmin;sa=articles', $txt['tp-articles']);
// are we inside a category?
if (isset($_GET['cu']) && is_numeric($_GET['cu'])) {
$where = $_GET['cu'];
}
// show the no category articles?
if (isset($_GET['sa']) && $_GET['sa'] == 'strays') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=strays', $txt['tp-strays']);
$show_nocategory = true;
}
// submissions?
if (isset($_GET['sa']) && $_GET['sa'] == 'submission') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=submission', $txt['tp-submissions']);
$show_submission = true;
}
// single article?
if (isset($_GET['sa']) && substr($_GET['sa'], 0, 11) == 'editarticle') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=' . $_GET['sa'], $txt['tp-editarticle']);
$whatarticle = substr($_GET['sa'], 11);
}
// are we starting a new one?
if (isset($_GET['sa']) && substr($_GET['sa'], 0, 11) == 'addarticle_') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=' . $_GET['sa'], $txt['tp-addarticle']);
$context['TPortal']['editarticle'] = array('id' => '', 'date' => time(), 'body' => '', 'intro' => '', 'useintro' => 0, 'category' => !empty($_GET['cu']) ? $_GET['cu'] : 0, 'frontpage' => 1, 'author_id' => $context['user']['id'], 'subject' => '', 'author' => $context['user']['name'], 'frame' => 'theme', 'approved' => 0, 'off' => 1, 'options' => 'date,title,author,linktree,top,cblock,rblock,lblock,bblock,tblock,lbblock,category,catlist,comments,commentallow,commentupshrink,views,rating,ratingallow,avatar,inherit,social,nofrontsetting', 'parse' => 0, 'comments' => 0, 'comments_var' => '', 'views' => 0, 'rating' => 0, 'voters' => '', 'id_theme' => 0, 'shortname' => '', 'sticky' => 0, 'fileimport' => '', 'topic' => 0, 'locked' => 0, 'illustration' => '', 'headers' => '', 'type' => substr($_GET['sa'], 11), 'featured' => 0, 'realName' => $context['user']['name'], 'authorID' => $context['user']['id'], 'articletype' => substr($_GET['sa'], 11), 'ID_THEME' => 0, 'pub_start' => 0, 'pub_end' => 0);
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
// Add in BBC editor before we call in template so the headers are there
if (substr($_GET['sa'], 11) == 'bbc') {
$context['TPortal']['editor_id'] = 'tp_article_body';
TP_prebbcbox($context['TPortal']['editor_id']);
}
}
// fetch categories and subcategories
if (!isset($show_nocategory)) {
$request = $smcFunc['db_query']('', '
SELECT DISTINCT var.id as id, var.value1 as name, var.value2 as parent
FROM {db_prefix}tp_variables AS var
WHERE var.type = {string:type}
' . (isset($where) ? 'AND var.value2 = {int:whereval}' : '') . '
ORDER BY parent, id DESC', array('type' => 'category', 'whereval' => isset($where) ? $where : 0));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['basecats'] = isset($where) ? array($where) : array('0', '9999');
$cats = array();
$context['TPortal']['cats'] = array();
$sorted = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$sorted[$row['id']] = $row;
$cats[] = $row['id'];
}
$smcFunc['db_free_result']($request);
if (count($sorted) > 1) {
$context['TPortal']['cats'] = chain('id', 'parent', 'name', $sorted);
} else {
$context['TPortal']['cats'] = $sorted;
}
}
}
if (isset($show_submission) && $context['TPortal']['total_submissions'] > 0) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('date', 'id', 'author_id', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=submission;sort=' . $sort, $start, $context['TPortal']['total_submissions'], 15);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved,
art.sticky, art.type, art.featured, art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE art.approved = {int:approved}
ORDER BY art.{raw:col} {raw:sort}
LIMIT {int:start}, 15', array('approved' => 0, 'col' => $sort, 'start' => $start, 'sort' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC'));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts_submissions'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts_submissions'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
if (isset($show_nocategory) && $context['TPortal']['total_nocategory'] > 0) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('off', 'date', 'id', 'author_id', 'locked', 'frontpage', 'sticky', 'featured', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=articles;sort=' . $sort, $start, $context['TPortal']['total_nocategory'], 15);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved, art.sticky,
art.type, art.featured,art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE (art.category = 0 OR art.category = 9999)
ORDER BY art.{raw:col} {raw:sort}
LIMIT {int:start}, 15', array('col' => $sort, 'sort' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC', 'start' => $start));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts_nocat'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts_nocat'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
// ok, fetch single article
if (isset($whatarticle)) {
$request = $smcFunc['db_query']('', '
SELECT art.*, IFNULL(mem.real_name, art.author) as realName, art.author_id as authorID,
art.type as articletype, art.id_theme as ID_THEME
FROM {db_prefix}tp_articles as art
LEFT JOIN {db_prefix}members as mem ON (art.author_id = mem.id_member)
WHERE art.id = {int:artid}', array('artid' => is_numeric($whatarticle) ? $whatarticle : 0));
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['editarticle'] = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['editing_article'] = true;
$context['TPortal']['editarticle']['body'] = $smcFunc['htmlspecialchars']($context['TPortal']['editarticle']['body'], ENT_QUOTES);
$smcFunc['db_free_result']($request);
}
// Add in BBC editor before we call in template so the headers are there
if ($context['TPortal']['editarticle']['articletype'] == 'bbc') {
$context['TPortal']['editor_id'] = 'tp_article_body';
TP_prebbcbox($context['TPortal']['editor_id'], strip_tags($context['TPortal']['editarticle']['body']));
}
// fetch the WYSIWYG value
$request = $smcFunc['db_query']('', '
SELECT value1 FROM {db_prefix}tp_variables
WHERE subtype2 = {int:subtype}
AND type = {string:type} LIMIT 1', array('subtype' => $whatarticle, 'type' => 'editorchoice'));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['TPortal']['editorchoice'] = $row['value1'];
} else {
$context['TPortal']['editorchoice'] = 1;
}
$context['html_headers'] .= '
<script type="text/javascript"><!-- // --><![CDATA[
function changeIllu(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/illustrations/\' + name;
}
function changeIcon(node,name)
{
node.src = \'' . $boardurl . '/tp-files/tp-articles/icons/\' + name;
}
// ]]></script>';
}
// fetch article count for these
if (isset($cats)) {
$request = $smcFunc['db_query']('', '
SELECT art.category as id, COUNT(art.id) as files
FROM {db_prefix}tp_articles as art
WHERE art.category IN ({array_int:cat})
GROUP BY art.category', array('cat' => $cats));
$context['TPortal']['cats_count'] = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['cats_count'][$row['id']] = $row['files'];
}
$smcFunc['db_free_result']($request);
}
}
// get the icons needed
tp_collectArticleIcons();
// fetch all categories and subcategories
$request = $smcFunc['db_query']('', '
SELECT id, value1 as name, value2 as parent
FROM {db_prefix}tp_variables
WHERE type = {string:type}', array('type' => 'category'));
$context['TPortal']['allcats'] = array();
$allsorted = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$allsorted[$row['id']] = $row;
}
$smcFunc['db_free_result']($request);
if (count($allsorted) > 1) {
$context['TPortal']['allcats'] = chain('id', 'parent', 'name', $allsorted);
} else {
$context['TPortal']['allcats'] = $allsorted;
}
}
// not quite done yet lol, now we need to sort out if articles are to be listed
if (isset($where)) {
// check if we have any start values
$start = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('off', 'date', 'id', 'author_id', 'locked', 'frontpage', 'sticky', 'featured', 'type', 'subject', 'parse')) ? $_GET['sort'] : 'date';
$context['TPortal']['categoryID'] = $where;
// get the name
$request = $smcFunc['db_query']('', '
SELECT value1
FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $where));
$f = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
$context['TPortal']['categoryNAME'] = $f['value1'];
// get the total first
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) as total
FROM {db_prefix}tp_articles
WHERE category = {int:cat}', array('cat' => $where));
$row = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpadmin;sa=articles;sort=' . $sort . ';cu=' . $where, $start, $row['total'], 15);
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT art.id, art.date, art.frontpage, art.category, art.author_id as authorID,
IFNULL(mem.real_name, art.author) as author, art.subject, art.approved, art.sticky,
art.type, art.featured, art.locked, art.off, art.parse as pos
FROM {db_prefix}tp_articles AS art
LEFT JOIN {db_prefix}members AS mem ON (art.author_id = mem.id_member)
WHERE art.category = {int:cat}
ORDER BY art.{raw:sort} {raw:sorter}
LIMIT {int:start}, 15', array('cat' => $where, 'sort' => $sort, 'sorter' => in_array($sort, array('sticky', 'locked', 'frontpage', 'date', 'active')) ? 'DESC' : 'ASC', 'start' => $start));
TPadd_linktree($scripturl . '?action=tpadmin;sa=articles;cu=' . $where, $txt['tp-blocktype19']);
if ($smcFunc['db_num_rows']($request) > 0) {
$context['TPortal']['arts'] = array();
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['arts'][] = $row;
}
$smcFunc['db_free_result']($request);
}
}
$context['html_headers'] .= '
<script type="text/javascript" src="' . $settings['default_theme_url'] . '/scripts/editor.js?rc1"></script>
<script type="text/javascript"><!-- // --><![CDATA[
function getXMLHttpRequest()
{
if (window.XMLHttpRequest)
return new XMLHttpRequest;
else if (window.ActiveXObject)
return new ActiveXObject("MICROSOFT.XMLHTTP");
else
alert("Sorry, but your browser does not support Ajax");
}
window.onload = startToggle;
function startToggle()
{
var img = document.getElementsByTagName("img");
for(var i = 0; i < img.length; i++)
{
if (img[i].className == "toggleFront")
img[i].onclick = toggleFront;
else if (img[i].className == "toggleSticky")
img[i].onclick = toggleSticky;
else if (img[i].className == "toggleLock")
img[i].onclick = toggleLock;
else if (img[i].className == "toggleActive")
img[i].onclick = toggleActive;
else if (img[i].className == "toggleFeatured")
img[i].onclick = toggleFeatured;
}
}
function toggleActive(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleActive")
target = target.parentNode;
var id = target.id.replace("artActive", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;arton=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPactive2.gif" ? "' . $settings['tp_images_url'] . '/TPactive1.gif" : "' . $settings['tp_images_url'] . '/TPactive2.gif";
}
}
var params = "?action=tpadmin;arton=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleFront(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleFront")
target = target.parentNode;
var id = target.id.replace("artFront", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artfront=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPfront.gif" ? "' . $settings['tp_images_url'] . '/TPfront2.gif" : "' . $settings['tp_images_url'] . '/TPfront.gif";
}
}
var params = "?action=tpadmin;artfront=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleSticky(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleSticky")
target = target.parentNode;
var id = target.id.replace("artSticky", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artsticky=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPsticky1.gif" ? "' . $settings['tp_images_url'] . '/TPsticky2.gif" : "' . $settings['tp_images_url'] . '/TPsticky1.gif";
}
}
var params = "?action=tpadmin;artsticky=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleLock(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
while(target.className != "toggleLock")
target = target.parentNode;
var id = target.id.replace("artLock", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artlock=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPlock1.gif" ? "' . $settings['tp_images_url'] . '/TPlock2.gif" : "' . $settings['tp_images_url'] . '/TPlock1.gif";
}
}
var params = "?action=tpadmin;artlock=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
function toggleFeatured(e)
{
var e = e ? e : window.event;
var target = e.target ? e.target : e.srcElement;
var aP=document.getElementsByTagName(\'img\');
for(var i=0; i<aP.length; i++)
{
if(aP[i].className===\'toggleFeatured\' && aP[i] != target)
{
aP[i].src=\'' . $settings['tp_images_url'] . '/TPflag2.gif\';
}
}
while(target.className != "toggleFeatured")
target = target.parentNode;
var id = target.id.replace("artFeatured", "");
var Ajax = getXMLHttpRequest();
Ajax.open("POST", "?action=tpadmin;artfeat=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '");
Ajax.setRequestHeader("Content-type", "application/x-www-form-urlencode");
var source = target.src;
target.src = "' . $settings['tp_images_url'] . '/ajax.gif"
Ajax.onreadystatechange = function()
{
if(Ajax.readyState == 4)
{
target.src = source == "' . $settings['tp_images_url'] . '/TPflag.gif" ? "' . $settings['tp_images_url'] . '/TPflag2.gif" : "' . $settings['tp_images_url'] . '/TPflag.gif";
}
}
var params = "?action=tpadmin;artfeat=" + id + ";' . $context['session_var'] . '=' . $context['session_id'] . '";
Ajax.send(params);
}
// ]]></script>';
if ($context['TPortal']['subaction'] == 'artsettings') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=artsettings', $txt['tp-settings']);
} elseif ($context['TPortal']['subaction'] == 'articons') {
TPadd_linktree($scripturl . '?action=tpadmin;sa=articons', $txt['tp-adminicons']);
}
}
function TPmodules()
{
global $settings, $context, $scripturl, $txt, $user_info, $sourcedir, $boarddir, $smcFunc;
$ID_MEMBER = $context['user']['id'];
if (loadLanguage('TPmodules') == false) {
loadLanguage('TPmodules', 'english');
}
if (loadLanguage('TPortalAdmin') == false) {
loadLanguage('TPortalAdmin', 'english');
}
// get subaction
$tpsub = '';
if (isset($_GET['sa'])) {
$context['TPortal']['subaction'] = $_GET['sa'];
$tpsub = $_GET['sa'];
} elseif (isset($_GET['sub'])) {
$context['TPortal']['subaction'] = $_GET['sub'];
$tpsub = $_GET['sub'];
}
// for help pages
if (isset($_GET['p'])) {
$helpOptions = array('introduction', 'articles', 'frontpage', 'panels', 'blocks', 'modules', 'plugins');
if (in_array($_GET['p'], $helpOptions)) {
$context['TPortal']['helpsection'] = $_GET['p'];
} else {
$context['TPortal']['helpsection'] = 'introduction';
}
} else {
$context['TPortal']['helpsection'] = 'introduction';
}
// a switch to make it clear what is "forum" and not
$context['TPortal']['not_forum'] = true;
// call the editor setup
TPwysiwyg_setup();
require_once $sourcedir . '/TPcommon.php';
// download manager?
if (isset($_GET['dl'])) {
$context['TPortal']['dlsub'] = $_GET['dl'] == '' ? '0' : $_GET['dl'];
}
// fetch all extensions and compare
$result = $smcFunc['db_query']('', '
SELECT modulename, autoload_run, subquery
FROM {db_prefix}tp_modules WHERE active = {int:active}', array('active' => 1));
if ($smcFunc['db_num_rows']($result) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($result)) {
if (isset($_GET[$row['subquery']])) {
$tpmodule = $boarddir . '/tp-files/tp-modules/' . $row['modulename'] . '/Sources/' . $row['autoload_run'];
}
}
$smcFunc['db_free_result']($result);
}
// clear the linktree first
TPstrip_linktree();
// include source files in case of modules
if (isset($context['TPortal']['dlsub'])) {
require_once $sourcedir . '/TPdlmanager.php';
TPdlmanager_init();
} elseif (!empty($tpmodule)) {
require_once $tpmodule;
} elseif (isset($_GET['getsnippets'])) {
get_snippets_xml();
} elseif (isset($_GET['upshrink']) && isset($_GET['state'])) {
$blockid = $_GET['upshrink'];
$state = $_GET['state'];
if (isset($_COOKIE['tp-upshrinks'])) {
$shrinks = explode(',', $_COOKIE['tp-upshrinks']);
if ($state == 0 && !in_array($blockid, $shrinks)) {
$shrinks[] = $blockid;
} elseif ($state == 1 && in_array($blockid, $shrinks)) {
$spos = array_search($blockid, $shrinks);
if ($spos > -1) {
unset($shrinks[$spos]);
}
}
$newshrink = implode(',', $shrinks);
setcookie('tp-upshrinks', $newshrink, time() + 7776000);
} else {
if ($state == 0) {
setcookie('tp-upshrinks', $blockid, time() + 7776000);
}
}
// Don't output anything...
$tid = time();
redirectexit($settings['images_url'] . '/blank.gif?ti=' . $tid);
} elseif ($tpsub == 'comment' && isset($_POST['tp_article_type']) && $_POST['tp_article_type'] == 'article_comment') {
// check the session
checkSession('post');
if (!allowedTo('tp_artcomment')) {
fatal_error($txt['tp-nocomments']);
}
$commenter = $context['user']['id'];
$article = $_POST['tp_article_id'];
// check if the article indeed exists
$request = $smcFunc['db_query']('', '
SELECT comments FROM {db_prefix}tp_articles
WHERE id = {int:artid}', array('artid' => $article));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$num_comments = $row[0] + 1;
$smcFunc['db_free_result']($request);
$title = strip_tags($_POST['tp_article_comment_title']);
$comment = substr($smcFunc['htmlspecialchars']($_POST['tp_article_bodytext']), 0, 65536);
require_once $sourcedir . '/Subs-Post.php';
preparsecode($comment);
$time = time();
// insert the comment
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int'), array($title, $comment, $ID_MEMBER, 'article_comment', $time, $article), array('id'));
// count and increase the number of comments
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET comments = {int:com}
WHERE id = {int:artid}', array('com' => $num_comments, 'artid' => $article));
// go back to the article
redirectexit('page=' . $article . '#tp-comment');
}
} elseif ($tpsub == 'updatelog') {
$context['TPortal']['subaction'] = 'updatelog';
$request = $smcFunc['db_query']('', '
SELECT value1 FROM {db_prefix}tp_variables
WHERE type = {string:type} ORDER BY id DESC', array('type' => 'updatelog'));
if ($smcFunc['db_num_rows']($request) > 0) {
$check = $smcFunc['db_fetch_assoc']($request);
$context['TPortal']['updatelog'] = $check['value1'];
$smcFunc['db_free_result']($request);
} else {
$context['TPortal']['updatelog'] = "";
}
loadtemplate('TPmodules');
$context['sub_template'] = 'updatelog';
} elseif ($tpsub == 'showcomments') {
if (!empty($_GET['tpstart']) && is_numeric($_GET['tpstart'])) {
$tpstart = $_GET['tpstart'];
} else {
$tpstart = 0;
}
$mylast = 0;
$mylast = $user_info['last_login'];
$showall = false;
if (isset($_GET['showall'])) {
$showall = true;
}
$request = $smcFunc['db_query']('', '
SELECT COUNT(var.value1)
FROM ({db_prefix}tp_variables as var, {db_prefix}tp_articles as art)
WHERE var.type = {string:type}
' . (!$showall || $mylast == 0 ? 'AND var.value4 > ' . $mylast : '') . '
AND art.id = var.value5', array('type' => 'article_comment'));
$check = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$request = $smcFunc['db_query']('', '
SELECT art.subject, memb.real_name as author, art.author_id as authorID, var.value1, var.value3,
var.value5, var.value4, mem.real_name as realName,
' . ($user_info['is_guest'] ? '1' : '(IFNULL(log.item, 0) >= var.value4)') . ' AS isRead
FROM ({db_prefix}tp_variables as var, {db_prefix}tp_articles as art)
LEFT JOIN {db_prefix}members as memb ON (art.author_id = memb.id_member)
LEFT JOIN {db_prefix}members as mem ON (var.value3 = mem.id_member)
LEFT JOIN {db_prefix}tp_data as log ON (log.value = art.id AND log.type = 1 AND log.id_member = ' . $context['user']['id'] . ')
WHERE var.type = {string:type}
AND art.id = var.value5
' . (!$showall || $mylast == 0 ? 'AND var.value4 > {int:last}' : '') . '
ORDER BY var.value4 DESC LIMIT {int:start}, 15', array('type' => 'article_comment', 'last' => $mylast, 'start' => $tpstart));
$context['TPortal']['artcomments']['new'] = array();
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
$context['TPortal']['artcomments']['new'][] = array('page' => $row['value5'], 'subject' => $row['subject'], 'title' => $row['value1'], 'membername' => $row['realName'], 'time' => timeformat($row['value4']), 'author' => $row['author'], 'authorID' => $row['authorID'], 'member_id' => $row['value3'], 'is_read' => $row['isRead'], 'replies' => $check[0]);
}
$smcFunc['db_free_result']($request);
}
// construct the pages
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpmod;sa=showcomments', $tpstart, $check[0], 15);
$context['TPortal']['unreadcomments'] = true;
$context['TPortal']['showall'] = $showall;
$context['TPortal']['subaction'] = 'showcomments';
TPadd_linktree($scripturl . '?action=tpmod;sa=showcomments' . ($showall ? ';showall' : ''), $txt['tp-showcomments']);
loadtemplate('TPmodules');
} elseif ($tpsub == 'savesettings') {
// check the session
checkSession('post');
if (isset($_POST['item'])) {
$item = $_POST['item'];
} else {
$item = 0;
}
if (isset($_POST['memberid'])) {
$mem = $_POST['memberid'];
} else {
$mem = 0;
}
if (!isset($mem) || isset($mem) && !is_numeric($mem)) {
fatalerror('Member doesn\'t exist.');
}
foreach ($_POST as $what => $value) {
if ($what == 'tpwysiwyg' && $item > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_data
SET value = {int:val} WHERE id = {int:id}', array('val' => $value, 'id' => $item));
} elseif ($what == 'tpwysiwyg' && $item == 0) {
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_data', array('type' => 'int', 'id_member' => 'int', 'value' => 'int'), array(2, $mem, $value), array('id'));
}
}
// go back to profile page
redirectexit('action=profile;u=' . $mem . ';area=tparticles;sa=settings');
} elseif ((substr($tpsub, 0, 11) == 'killcomment' || substr($tpsub, 0, 11) == 'editcomment') && $context['user']['is_logged']) {
// check that you indeed can edit or delete
$comment = substr($tpsub, 11);
if (!is_numeric($comment)) {
fatal_error($txt['tp-noadmincomments']);
}
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_variables
WHERE id = {int:varid} LIMIT 1', array('varid' => $comment));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$smcFunc['db_free_result']($request);
if (allowedTo('tp_articles') || $row['value3'] == $ID_MEMBER) {
// deleting the comment
if (substr($tpsub, 0, 11) == 'killcomment') {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_variables
SET value5 = -value5
WHERE id = {int:varid}', array('varid' => $comment));
redirectexit('page=' . $row['value5']);
} elseif (substr($tpsub, 0, 11) == 'editcomment') {
$context['TPortal']['comment_edit'] = array('id' => $row['id'], 'title' => $row['value1'], 'body' => $row['value2']);
$context['TPortal']['subaction'] = 'editcomment';
loadtemplate('TPmodules');
}
}
fatal_error($txt['tp-notallowed']);
}
} elseif ($tpsub == 'rate_article' && isset($_POST['tp_article_rating_submit']) && $_POST['tp_article_type'] == 'article_rating') {
// check the session
checkSession('post');
$commenter = $context['user']['id'];
$article = $_POST['tp_article_id'];
// check if the article indeed exists
$request = $smcFunc['db_query']('', '
SELECT rating, voters FROM {db_prefix}tp_articles
WHERE id = {int:artid}', array('artid' => $article));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$voters = array();
$ratings = array();
$voters = explode(',', $row[1]);
$ratings = explode(',', $row[0]);
// check if we haven't rated anyway
if (!in_array($ID_MEMBER, $voters)) {
if ($row[0] != '') {
$new_voters = $row[1] . ',' . $ID_MEMBER;
$new_ratings = $row[0] . ',' . $_POST['tp_article_rating'];
} else {
$new_voters = $ID_MEMBER;
$new_ratings = $_POST['tp_article_rating'];
}
// update ratings and raters
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET rating = {string:rate} WHERE id = {int:artid}', array('rate' => $new_ratings, 'artid' => $article));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET voters = {string:vote}
WHERE id = {int:artid}', array('vote' => $new_voters, 'artid' => $article));
}
// go back to the article
redirectexit('page=' . $article);
}
} elseif ($tpsub == 'rate_dlitem' && isset($_POST['tp_dlitem_rating_submit']) && $_POST['tp_dlitem_type'] == 'dlitem_rating') {
// check the session
checkSession('post');
$commenter = $context['user']['id'];
$dl = $_POST['tp_dlitem_id'];
// check if the download indeed exists
$request = $smcFunc['db_query']('', '
SELECT rating, voters FROM {db_prefix}tp_dlmanager
WHERE id = {int:dlid}', array('dlid' => $dl));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_row']($request);
$smcFunc['db_free_result']($request);
$voters = array();
$ratings = array();
$voters = explode(',', $row[1]);
$ratings = explode(',', $row[0]);
// check if we haven't rated anyway
if (!in_array($ID_MEMBER, $voters)) {
if ($row[0] != '') {
$new_voters = $row[1] . ',' . $ID_MEMBER;
$new_ratings = $row[0] . ',' . $_POST['tp_dlitem_rating'];
} else {
$new_voters = $ID_MEMBER;
$new_ratings = $_POST['tp_dlitem_rating'];
}
// update ratings and raters
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET rating = {string:rate}
WHERE id = {int:dlid}', array('rate' => $new_ratings, 'dlid' => $dl));
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_dlmanager
SET voters = {string:vote}
WHERE id = {int:dlid}', array('vote' => $new_voters, 'dlid' => $dl));
}
// go back to the download
redirectexit('action=tpmod;dl=item' . $dl);
}
} elseif ($tpsub == 'help') {
$context['current_action'] = 'help';
require_once $sourcedir . '/TPhelp.php';
TPhelp_init();
} elseif ($tpsub == 'searcharticle') {
TPadd_linktree($scripturl . '?action=tpmod;sa=searcharticle', $txt['tp-searcharticles2']);
loadtemplate('TPmodules');
} elseif ($tpsub == 'tpattach') {
tpattach();
} elseif ($tpsub == 'searcharticle2') {
$start = 0;
checkSession('post');
// any parameters then?
// nothing to search for?
if (empty($_POST['tpsearch_what'])) {
fatal_error($txt['tp-nosearchentered']);
}
// clean the search
$what = strip_tags($_POST['tpsearch_what']);
if (!empty($_POST['tpsearch_title'])) {
$usetitle = true;
} else {
$usetitle = false;
}
if (!empty($_POST['tpsearch_body'])) {
$usebody = true;
} else {
$usebody = false;
}
if ($usetitle && !$usebody) {
$query = 'a.subject LIKE \'%' . $what . '%\'';
} elseif (!$usetitle && $usebody) {
$query = 'a.body LIKE \'%' . $what . '%\'';
} elseif ($usetitle && $usebody) {
$query = 'a.subject LIKE \'%' . $what . '%\' OR a.body LIKE \'%' . $what . '%\'';
} else {
$query = 'a.subject LIKE \'%' . $what . '%\'';
}
$context['TPortal']['searchresults'] = array();
$context['TPortal']['searchterm'] = $what;
$now = forum_time();
$request = $smcFunc['db_query']('', '
SELECT a.id, a.date, a.views, a.subject, LEFT(a.body, 100) as body, a.author_id as authorID, a.type, m.real_name as realName
FROM {db_prefix}tp_articles AS a
LEFT JOIN {db_prefix}members as m ON a.author_id = m.id_member
WHERE {raw:query}
AND ((a.pub_start = 0 AND a.pub_end = 0)
OR (a.pub_start != 0 AND a.pub_start < ' . $now . ' AND a.pub_end = 0)
OR (a.pub_start = 0 AND a.pub_end != 0 AND a.pub_end > ' . $now . ')
OR (a.pub_start != 0 AND a.pub_end != 0 AND a.pub_end > ' . $now . ' AND a.pub_start < ' . $now . '))
AND a.off = 0
ORDER BY a.date DESC LIMIT 20', array('query' => $query));
if ($smcFunc['db_num_rows']($request) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request)) {
if ($row['type'] == 'bbc') {
$row['body'] = parse_bbc($row['body']);
} elseif ($row['type'] == 'php') {
$row['body'] = '[PHP]';
} else {
$row['body'] = strip_tags($row['body']);
}
$row['subject'] = preg_replace('/' . $what . '/', '<span class="highlight">' . $what . '</span>', $row['subject']);
$row['body'] = preg_replace('/' . $what . '/', '<span class="highlight">' . $what . '</span>', $row['body']);
$context['TPortal']['searchresults'][] = array('id' => $row['id'], 'date' => $row['date'], 'views' => $row['views'], 'subject' => $row['subject'], 'body' => $row['body'], 'author' => '<a href="' . $scripturl . '?action=profile;u=' . $row['authorID'] . '">' . $row['realName'] . '</a>');
}
$smcFunc['db_free_result']($request);
}
TPadd_linktree($scripturl . '?action=tpmod;sa=searcharticle', $txt['tp-searcharticles2']);
loadtemplate('TPmodules');
} elseif (substr($tpsub, 0, 11) == 'editarticle') {
$what = substr($tpsub, 11);
if (!is_numeric($what)) {
fatal_error($txt['tp-notanarticle']);
}
// get one article
$context['TPortal']['subaction'] = 'editarticle';
$context['TPortal']['editarticle'] = array();
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_articles
WHERE id = {int:artid} LIMIT 1', array('artid' => $what));
if ($smcFunc['db_num_rows']($request)) {
$row = $smcFunc['db_fetch_assoc']($request);
// check permission
if (!allowedTo('tp_articles') && $ID_MEMBER != $row['author_id']) {
fatal_error($txt['tp-articlenotallowed']);
}
// can you edit your own then..?
isAllowedTo('tp_editownarticle');
if ($row['locked'] == 1) {
fatal_error($txt['tp-articlelocked']);
}
// Add in BBC editor before we call in template so the headers are there
if ($row['type'] == 'bbc') {
$context['TPortal']['editor_id'] = 'tp_article_body' . $row['id'];
TP_prebbcbox($context['TPortal']['editor_id'], strip_tags($row['body']));
}
$context['TPortal']['editarticle'] = array('id' => $row['id'], 'date' => array('timestamp' => $row['date'], 'day' => date("j", $row['date']), 'month' => date("m", $row['date']), 'year' => date("Y", $row['date']), 'hour' => date("G", $row['date']), 'minute' => date("i", $row['date'])), 'body' => $row['body'], 'intro' => $row['intro'], 'useintro' => $row['useintro'], 'category' => $row['category'], 'frontpage' => $row['frontpage'], 'subject' => $row['subject'], 'authorID' => $row['author_id'], 'author' => $row['author'], 'frame' => !empty($row['frame']) ? $row['frame'] : 'theme', 'approved' => $row['approved'], 'off' => $row['off'], 'options' => $row['options'], 'ID_THEME' => $row['id_theme'], 'shortname' => $row['shortname'], 'sticky' => $row['sticky'], 'locked' => $row['locked'], 'fileimport' => $row['fileimport'], 'topic' => $row['topic'], 'illustration' => $row['illustration'], 'headers' => $row['headers'], 'articletype' => $row['type']);
$smcFunc['db_free_result']($request);
} else {
fatal_error($txt['tp-notanarticlefound']);
}
if (loadLanguage('TPortalAdmin') == false) {
loadLanguage('TPortalAdmin', 'english');
}
loadtemplate('TPmodules');
} elseif ($tpsub == 'myarticles') {
// not for guests
if ($context['user']['is_guest']) {
fatal_error($txt['tp-noarticlesfound']);
}
// get all articles
$request = $smcFunc['db_query']('', '
SELECT COUNT(*) FROM {db_prefix}tp_articles
WHERE author_id = {int:author}', array('author' => $context['user']['id']));
$row = $smcFunc['db_fetch_row']($request);
$allmy = $row[0];
$mystart = !empty($_GET['p']) && is_numeric($_GET['p']) ? $_GET['p'] : 0;
// sorting?
$sort = $context['TPortal']['sort'] = !empty($_GET['sort']) && in_array($_GET['sort'], array('date', 'id', 'subject')) ? $_GET['sort'] : 'date';
$context['TPortal']['pageindex'] = TPageIndex($scripturl . '?action=tpmod;sa=myarticles;sort=' . $sort, $mystart, $allmy, 15);
$context['TPortal']['subaction'] = 'myarticles';
$context['TPortal']['myarticles'] = array();
$request2 = $smcFunc['db_query']('', '
SELECT id, subject, date, locked, approved, off FROM {db_prefix}tp_articles
WHERE author_id = {int:author}
ORDER BY {string:sort} DESC LIMIT {int:start}, 15', array('author' => $context['user']['id'], 'sort' => $sort, 'start' => $mystart));
if ($smcFunc['db_num_rows']($request2) > 0) {
while ($row = $smcFunc['db_fetch_assoc']($request2)) {
$context['TPortal']['myarticles'][] = $row;
}
$smcFunc['db_free_result']($request2);
}
if (loadLanguage('TPortalAdmin') == false) {
loadLanguage('TPortalAdmin', 'english');
}
loadtemplate('TPmodules');
} elseif (in_array($tpsub, array('submitarticle', 'addarticle_html', 'addarticle_bbc'))) {
global $sourcedir, $settings;
require_once $sourcedir . '/TPcommon.php';
// a BBC article?
if (isset($_GET['bbc']) || $tpsub == 'addarticle_bbc') {
isAllowedTo('tp_submitbbc');
$context['TPortal']['submitbbc'] = 1;
$context['html_headers'] .= '
<script type="text/javascript" src="' . $settings['default_theme_url'] . '/scripts/editor.js?rc1"></script>';
// Add in BBC editor before we call in template so the headers are there
$context['TPortal']['editor_id'] = 'tp_article_body';
TP_prebbcbox($context['TPortal']['editor_id']);
} else {
isAllowedTo('tp_submithtml');
}
$context['TPortal']['subaction'] = 'submitarticle';
loadtemplate('TPmodules');
$context['sub_template'] = 'submitarticle';
} elseif ($tpsub == 'submitsuccess') {
$context['TPortal']['subaction'] = 'submitsuccess';
loadtemplate('TPmodules');
$context['sub_template'] = 'submitsuccess';
} elseif ($tpsub == 'dlsubmitsuccess') {
$context['TPortal']['subaction'] = 'dlsubmitsuccess';
loadtemplate('TPmodules');
$context['sub_template'] = 'dlsubmitsuccess';
} elseif ($tpsub == 'submitarticle2') {
require_once $sourcedir . '/TPcommon.php';
if (isset($_POST['tp_article_approved']) || allowedTo('tp_alwaysapproved')) {
$artpp = '0';
} else {
$artpp = '1';
}
$arttype = isset($_POST['submittedarticle']) ? $_POST['submittedarticle'] : '';
$arts = strip_tags($_POST['tp_article_title']);
$artd = $_POST['tp_article_date'];
$artimp = isset($_POST['tp_article_fileimport']) ? $_POST['tp_article_fileimport'] : '';
$artbb = $_POST['tp_article_body'];
$artu = isset($_POST['tp_article_useintro']) ? $_POST['tp_article_useintro'] : 0;
$arti = isset($_POST['tp_article_intro']) ? $_POST['tp_article_intro'] : '';
$artc = !empty($_POST['tp_article_category']) ? $_POST['tp_article_category'] : 0;
$artf = $_POST['tp_article_frontpage'];
$artframe = 'theme';
$artoptions = 'date,title,author,linktree,top,cblock,rblock,lblock,tblock,lbblock,views,rating,ratingallow,avatar';
$name = $user_info['name'];
$nameb = $ID_MEMBER;
if ($arts == '') {
$arts = $txt['tp-no_title'];
}
// escape any php code
if ($artu == -1 && !get_magic_quotes_gpc()) {
$artbb = addslashes($artbb);
}
$request = $smcFunc['db_insert']('INSERT', '{db_prefix}tp_articles', array('date' => 'int', 'body' => 'string', 'intro' => 'string', 'useintro' => 'int', 'category' => 'int', 'frontpage' => 'int', 'subject' => 'string', 'author_id' => 'int', 'author' => 'string', 'frame' => 'string', 'approved' => 'int', 'off' => 'int', 'options' => 'string', 'parse' => 'int', 'comments' => 'int', 'comments_var' => 'string', 'views' => 'int', 'rating' => 'string', 'voters' => 'string', 'id_theme' => 'int', 'shortname' => 'string', 'fileimport' => 'string', 'type' => 'string'), array($artd, $artbb, $arti, $artu, $artc, $artf, $arts, $nameb, $name, $artframe, $artpp, '0', $artoptions, 0, 0, '', 0, '', '', 0, '', $artimp, $arttype), array('id'));
$newitem = $smcFunc['db_insert_id']('{db_prefix}tp_articles', 'id');
// put this into submissions - id and type
$title = $arts;
$now = $artd;
if ($artpp == '0') {
$smcFunc['db_insert']('INSERT', '{db_prefix}tp_variables', array('value1' => 'string', 'value2' => 'string', 'value3' => 'string', 'type' => 'string', 'value4' => 'string', 'value5' => 'int'), array($title, $now, '', 'art_not_approved', '', $newitem), array('id'));
}
if (isset($_POST['pre_approved'])) {
redirectexit('action=tpmod;sa=addsuccess');
}
if (allowedTo('tp_editownarticle') && !allowedTo('tp_articles')) {
// did we get a picture as well?
if (isset($_FILES['qup_tp_article_body']) && file_exists($_FILES['qup_tp_article_body']['tmp_name'])) {
$name = TPuploadpicture('qup_tp_article_body', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
redirectexit('action=tpmod;sa=editarticle' . $newitem);
} elseif (allowedTo('tp_articles')) {
// did we get a picture as well?
if (isset($_FILES['qup_tp_article_body']) && file_exists($_FILES['qup_tp_article_body']['tmp_name'])) {
$name = TPuploadpicture('qup_tp_article_body', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
redirectexit('action=tpadmin;sa=editarticle' . $newitem);
} else {
redirectexit('action=tpmod;sa=submitsuccess');
}
} elseif (substr($tpsub, 0, 9) == 'editblock') {
$what = substr($tpsub, 9);
if (!is_numeric($what)) {
fatal_error($txt['tp-notablock']);
}
// get one block
$context['TPortal']['subaction'] = 'editblock';
$context['TPortal']['blockedit'] = array();
$request = $smcFunc['db_query']('', '
SELECT * FROM {db_prefix}tp_blocks
WHERE id = {int:blockid} LIMIT 1', array('blockid' => $what));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
$can_edit = !empty($row['editgroups']) ? get_perm($row['editgroups'], '') : false;
// check permission
if (allowedTo('tp_blocks') || $can_edit) {
$ok = true;
} else {
fatal_error($txt['tp-blocknotallowed']);
}
$context['TPortal']['editblock'] = array();
$context['TPortal']['blockedit']['id'] = $row['id'];
$context['TPortal']['blockedit']['title'] = $row['title'];
$context['TPortal']['blockedit']['body'] = $row['body'];
$context['TPortal']['blockedit']['frame'] = $row['frame'];
$context['TPortal']['blockedit']['type'] = $row['type'];
$context['TPortal']['blockedit']['var1'] = $row['var1'];
$context['TPortal']['blockedit']['var2'] = $row['var2'];
$context['TPortal']['blockedit']['visible'] = $row['visible'];
$context['TPortal']['blockedit']['editgroups'] = $row['editgroups'];
$smcFunc['db_free_result']($request);
} else {
fatal_error($txt['tp-notablock']);
}
// Add in BBC editor before we call in template so the headers are there
if ($context['TPortal']['blockedit']['type'] == '5') {
$context['TPortal']['editor_id'] = 'blockbody' . $context['TPortal']['blockedit']['id'];
TP_prebbcbox($context['TPortal']['editor_id'], strip_tags($context['TPortal']['blockedit']['body']));
}
if (loadLanguage('TPortalAdmin') == false) {
loadLanguage('TPortalAdmin', 'english');
}
loadtemplate('TPmodules');
} elseif ($tpsub == 'publish') {
if (!isset($_GET['t'])) {
redirectexit('action=forum');
}
$t = is_numeric($_GET['t']) ? $_GET['t'] : 0;
if (empty($t)) {
redirectexit('action=forum');
}
isAllowedTo('tp_settings');
$existing = explode(',', $context['TPortal']['frontpage_topics']);
if (in_array($t, $existing)) {
unset($existing[array_search($t, $existing)]);
} else {
$existing[] = $t;
}
$newstring = implode(',', $existing);
if (substr($newstring, 0, 1) == ',') {
$newstring = substr($newstring, 1);
}
updateTPSettings(array('frontpage_topics' => $newstring));
redirectexit('topic=' . $t . '.0');
} elseif (substr($tpsub, 0, 9) == 'saveblock') {
$whatID = substr($tpsub, 9);
if (!is_numeric($whatID)) {
fatal_error($txt['tp-notablock']);
}
$request = $smcFunc['db_query']('', '
SELECT editgroups FROM {db_prefix}tp_blocks
WHERE id = {int:blockid} LIMIT 1', array('blockid' => $whatID));
if ($smcFunc['db_num_rows']($request) > 0) {
$row = $smcFunc['db_fetch_assoc']($request);
// check permission
if (allowedTo('tp_blocks') || get_perm($row['editgroups'])) {
$ok = true;
} else {
fatal_error($txt['tp-blocknotallowed']);
}
$smcFunc['db_free_result']($request);
// loop through the values and save them
foreach ($_POST as $what => $value) {
if (substr($what, 0, 10) == 'blocktitle') {
// make sure special charachters can't be done
$value = strip_tags($value);
$value = preg_replace('~&#\\d+$~', '', $value);
$val = substr($what, 10);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET title = {string:title}
WHERE id = {int:blockid}', array('title' => $value, 'blockid' => $val));
} elseif (substr($what, 0, 9) == 'blockbody' && substr($what, -4) != 'mode') {
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST[$what . '_mode']) && isset($_REQUEST[$what])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST[$what] = html_to_bbc($_REQUEST[$what]);
// We need to unhtml it now as it gets done shortly.
$_REQUEST[$what] = un_htmlspecialchars($_REQUEST[$what]);
// We need this for everything else.
$value = $_POST[$what] = $_REQUEST[$what];
}
$val = (int) substr($what, 9);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET body = {string:body}
WHERE id = {int:blockid}', array('body' => $value, 'blockid' => $val));
} elseif (substr($what, 0, 10) == 'blockframe') {
$val = substr($what, 10);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET frame = {string:frame}
WHERE id = {int:blockid}', array('frame' => $value, 'blockid' => $val));
} elseif (substr($what, 0, 12) == 'blockvisible') {
$val = substr($what, 12);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET visible = {string:vis}
WHERE id = {int:blockid}', array('vis' => $value, 'blockid' => $val));
} elseif (substr($what, 0, 9) == 'blockvar1') {
$val = substr($what, 9);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET var1 = {string:var1}
WHERE id = {int:blockid}', array('var1' => $value, 'blockid' => $val));
} elseif (substr($what, 0, 9) == 'blockvar2') {
$val = substr($what, 9);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_blocks
SET var2 = {string:var2}
WHERE id = {int:blockid}', array('var2' => $value, 'blockid' => $val));
}
}
redirectexit('action=tpmod;sa=editblock' . $whatID);
} else {
fatal_error($txt['tp-notablock']);
}
} elseif ($tpsub == 'savearticle') {
if (isset($_REQUEST['send'])) {
foreach ($_POST as $what => $value) {
if (substr($what, 0, 16) == 'tp_article_title') {
$val = substr($what, 16);
if (is_numeric($val) && $val > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET subject = {string:subject}
WHERE id = {int:artid}', array('subject' => $value, 'artid' => $val));
}
} elseif (substr($what, 0, 15) == 'tp_article_body' && substr($what, -4) != 'mode') {
// If we came from WYSIWYG then turn it back into BBC regardless.
if (!empty($_REQUEST[$what . '_mode']) && isset($_REQUEST[$what])) {
require_once $sourcedir . '/Subs-Editor.php';
$_REQUEST[$what] = html_to_bbc($_REQUEST[$what]);
// We need to unhtml it now as it gets done shortly.
$_REQUEST[$what] = un_htmlspecialchars($_REQUEST[$what]);
// We need this for everything else.
$value = $_POST[$what] = $_REQUEST[$what];
}
$val = substr($what, 15);
if (is_numeric($val) && $val > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET body = {string:body}
WHERE id = {int:artid}', array('body' => $value, 'artid' => $val));
}
} elseif (substr($what, 0, 19) == 'tp_article_useintro') {
$val = substr($what, 19);
if (is_numeric($val) && $val > 0) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET useintro = {string:useintro}
WHERE id = {int:artid}', array('useintro' => $value, 'artid' => $val));
}
} elseif (substr($what, 0, 16) == 'tp_article_intro') {
$val = (int) substr($what, 16);
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_articles
SET intro = {string:intro}
WHERE id = {int:artid}', array('intro' => $value, 'artid' => $val));
} elseif ($what == 'tp_wysiwyg') {
$result = $smcFunc['db_query']('', '
SELECT id FROM {db_prefix}tp_data
WHERE type = {int:type}
AND id_member = {int:id_mem}', array('type' => 2, 'id_mem' => $ID_MEMBER));
if ($smcFunc['db_num_rows']($result) > 0) {
$row = $smcFunc['db_fetch_assoc']($result);
$wysid = $row['id'];
$smcFunc['db_free_result']($result);
}
if (isset($wysid)) {
$smcFunc['db_query']('', '
UPDATE {db_prefix}tp_data
SET value = {int:val}
WHERE id = {int:dataid}', array('val' => $value, 'dataid' => $wysid));
} else {
$smcFunc['db_query']('INSERT', '{db_prefix}tp_data}', array('type' => 'int', 'id_member' => 'int', 'value' => 'int', 'item' => 'int'), array(2, $ID_MEMBER, $value, 0), array('id'));
}
}
}
if (allowedTo('tp_editownarticle') && !allowedTo('tp_articles')) {
// did we get a picture as well?
if (isset($_FILES['qup_tp_article_body']) && file_exists($_FILES['qup_tp_article_body']['tmp_name'])) {
$name = TPuploadpicture('qup_tp_article_body', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
redirectexit('action=tpmod;sa=editarticle' . $val);
} elseif (allowedTo('tp_articles')) {
// did we get a picture as well?
if (isset($_FILES['qup_tp_article_body']) && file_exists($_FILES['qup_tp_article_body']['tmp_name'])) {
$name = TPuploadpicture('qup_tp_article_body', $context['user']['id'] . 'uid');
tp_createthumb('tp-images/' . $name, 50, 50, 'tp-images/thumbs/thumb_' . $name);
}
redirectexit('action=tpadmin;sa=editarticle' . $val);
} else {
fatal_error($txt['tp-notallowed']);
}
}
} elseif ($tpsub == 'credits') {
require_once $sourcedir . '/TPhelp.php';
TPCredits();
} else {
redirectexit('action=forum');
}
}
