}
}
}
}
$message .= $avatarError;
//Avatar End
if (!isset($catid) || $catid == "") {
//at the top level
$parentcatid = "0";
} else {
$parentcatid = $catid;
}
if (!isNotNull($txtCategoryName)) {
$message .= "* Category Name is required! <br>";
} else {
if (categoryExists($txtCategoryName, $catid)) {
$message .= "Category Exists!";
}
}
if ($message != "") {
// error
$message = "<br>Please correct the following errors to continue!<br>" . $message;
} else {
// no error so insert category details
if ($parentcatid == "0") {
//top level category
$sqlinsertcat = "INSERT INTO " . $tableprefix . "categories(category_name,parent_id,route,avatar)\n\t\t\t\t\t\t\t \t\t\t\t\t VALUES ('" . addslashes($txtCategoryName) . "', '" . addslashes($parentcatid) . "','0','" . addslashes($catfilename) . "') ";
$resultinsertcat = mysql_query($sqlinsertcat);
$route_pr = mysql_insert_id();
$category_id = $route_pr;
$catOptArr = $_POST['category_options'];
function constructQuery()
{
global $smarty;
$query = array();
$query_select = "SELECT b.*, s.username FROM blog AS b, signup AS s WHERE b.UID = s.UID";
$query_count = "SELECT count(b.BID) AS total_blogs FROM blog AS b, signup AS s WHERE b.UID = s.UID";
$query_option = array();
$category = isset($_GET['CHID']) && is_numeric($_GET['CHID']) && categoryExists($_GET['CHID']) ? intval(trim($_GET['CHID'])) : NULL;
$option_orig = array('username' => '', 'title' => '', 'content' => '', 'category' => $category, 'status' => '', 'sort' => 'b.BID', 'order' => 'DESC', 'display' => 10);
$all = isset($_GET['all']) ? intval($_GET['all']) : 0;
if ($all == 1) {
unset($_SESSION['search_blogs_option']);
}
$option = isset($_SESSION['search_blogs_option']) ? $_SESSION['search_blogs_option'] : $option_orig;
if (isset($_POST['search_blogs'])) {
$option['username'] = trim($_POST['username']);
$option['title'] = trim($_POST['title']);
$option['content'] = trim($_POST['content']);
$option['category'] = intval(trim($_POST['category']));
$option['status'] = trim($_POST['status']);
$option['sort'] = trim($_POST['sort']);
$option['order'] = trim($_POST['order']);
$option['display'] = trim($_POST['display']);
if ($option['username'] != '' || isset($_GET['UID'])) {
if ($option['username'] != '') {
$UID = getUserID($option['username']);
} else {
$UID = isset($_GET['UID']) && is_numeric($_GET['UID']) ? $_GET['UID'] : 0;
}
$UID = $UID ? intval($UID) : 0;
$query_option[] = " AND b.UID = " . $UID;
}
if ($option['title'] != '') {
$query_option[] = " AND b.title LIKE '%" . mysql_real_escape_string($option['title']) . "%'";
}
if ($option['content'] != '') {
$query_option[] = " AND b.content LIKE '%" . mysql_real_escape_string($option['content']) . "%'";
}
if ($option['category'] != '') {
$query_option[] = " AND b.category = " . intval($option['category']);
}
if ($option['status'] == '1' || $option['status'] == '0') {
$query_option[] = " AND b.status = '" . $option['status'] . "'";
}
$_SESSION['search_blogs_option'] = $option;
}
$query_option[] = " ORDER BY " . $option['sort'] . " " . $option['order'];
$query['select'] = $query_select . implode(' ', $query_option);
$query['count'] = $query_count . implode(' ', $query_option);
$query['page_items'] = $option['display'];
$smarty->assign('option', $option);
return $query;
}
function constructQuery($module)
{
global $smarty;
$query_module = '';
if ($module == 'private' or $module == 'public') {
$query_module = " AND a.type = '" . $module . "'";
}
$query = array();
$query_select = "SELECT a.*, s.username FROM albums AS a, signup AS s WHERE a.UID = s.UID" . $query_module;
$query_count = "SELECT count(a.AID) AS total_albums FROM albums AS a WHERE a.AID != ''" . $query_module;
$query_add = $query_module != '' ? " AND" : " WHERE";
$query_option = array();
$category = isset($_GET['CHID']) && is_numeric($_GET['CHID']) && categoryExists($_GET['CHID']) ? intval(trim($_GET['CHID'])) : NULL;
$option = array('username' => '', 'name' => '', 'tags' => '', 'category' => $category, 'status' => '', 'sort' => 'a.AID', 'order' => 'DESC', 'display' => 10);
if (isset($_POST['search_albums'])) {
$option['username'] = trim($_POST['username']);
$option['name'] = trim($_POST['name']);
$option['tags'] = trim($_POST['tags']);
$option['category'] = intval(trim($_POST['category']));
$option['status'] = intval(trim($_POST['status']));
$option['sort'] = trim($_POST['sort']);
$option['order'] = trim($_POST['order']);
$option['display'] = intval(trim($_POST['display']));
}
if ($option['username'] != '' || isset($_GET['UID'])) {
if ($option['username'] != '') {
$UID = getUserID($option['username']);
} else {
$UID = isset($_GET['UID']) && is_numeric($_GET['UID']) ? $_GET['UID'] : 0;
}
$UID = $UID ? intval($UID) : 0;
$query_option[] = " AND a.UID = " . $UID;
}
if ($option['name'] != '') {
$query_option[] = " AND a.name LIKE '%" . mysql_real_escape_string($option['name']) . "%'";
}
if ($option['tags'] != '') {
$query_option[] = " AND a.tags LIKE '%" . mysql_real_escape_string($option['tags']) . "%'";
}
if ($option['category'] != '') {
$query_option[] = " AND a.category = " . intval($option['category']);
}
if ($option['status'] === 0 || $option['status'] === 1) {
$query_option[] = " AND a.status = " . $option['status'];
}
$query_option[] = " ORDER BY " . $option['sort'] . " " . $option['order'];
$query['select'] = $query_select . implode(' ', $query_option);
$query['count'] = $query_count . implode(' ', $query_option);
$query['page_items'] = $option['display'];
$smarty->assign('option', $option);
return $query;
}
function verifyArticle($articleArray)
{
$feedback = array();
if ($articleArray['comment_to'] == "NULL") {
if (strlen($articleArray['title']) < 2) {
$feedback[] = getString("title_is_required", "Tittelen mangler.");
}
}
if (strlen($articleArray['body']) < 2) {
$feedback[] = getString("body_is_required", "Teksten mangler.");
}
if (!justTextAndNumbers($articleArray['author'])) {
$feedback[] = "author_just_text_and_numbers";
}
if (!isLoggedIn($articleArray['author_username'])) {
$feedback[] = "user_does_not_exist";
}
if (!mayCreateArticles($articleArray['author_username'])) {
$feedback[] = "user_cannot_post_article";
}
if (!categoryExists($articleArray['category'])) {
$feedback[] = "category_does_not_exist";
}
if (!validDate($articleArray['date_posted'])) {
$feedback[] = "invalid_date";
}
if (!validTime($articleArray['time_posted'])) {
$feedback[] = "invalid_time";
}
//if (!isBoolean($articleArray['is_draft']))
//$feedback[] = "isdraft_must_be_boolean";
if (!validURL($articleArray['picture_url'])) {
$feedback[] = "invalid_url";
}
// More than 0 errors, return now
// First element in array must be -1 to signal error
if (count($feedback) > 0) {
array_push($feedback, "-1");
return array_reverse($feedback);
}
$feedback[] = "1";
return $feedback;
}
