home *** CD-ROM | disk | FTP | other *** search
- <?PHP
-
- ######################################################################
- # PHP-NUKE: Web Portal System
- # ===========================
- #
- # Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
- # http://phpnuke.org
- #
- # This modules is the main administration part
- #
- # This program is free software. You can redistribute it and/or modify
- # it under the terms of the GNU General Public License as published by
- # the Free Software Foundation; either version 2 of the License.
- ######################################################################
-
- if (!eregi("admin.php", $PHP_SELF)) { die ("Access Denied"); }
- $result = mysql_query("select radminarticle, radminsuper from authors where aid='$aid'");
- list($radminarticle, $radminsuper) = mysql_fetch_row($result);
- if (($radminsurvey==1) OR ($radminsuper==1)) {
-
- /*********************************************************/
- /* Story/News Functions */
- /*********************************************************/
-
- function deleteStory($qid) {
- $result = mysql_query("delete from queue where qid=$qid");
- if (!$result)
- {
- echo mysql_errno(). ": ".mysql_error(). "<br>";
- return;
- } Header("Location: admin.php?op=submissions");
- }
-
- function displayStory ($qid) {
- global $user, $subject, $story, $tipath;
- include ('header.php');
- GraphicAdmin($hlpfile);
- $result = mysql_query("SELECT qid, uid, uname, subject, story, topic FROM queue where qid=$qid");
- list($qid, $uid, $uname, $subject, $story, $topic) = mysql_fetch_row($result);
- mysql_free_result($result);
- $subject = stripslashes($subject);
- $story = stripslashes($story);
- OpenTable();
- ?>
- <font size=3>
- <form action="admin.php" method="post">
- <p><b><?php echo translate("Name"); ?></b><br>
- <input class=textbox type="text" NAME="author" SIZE=50 value="<?PHP echo "$uname"; ?>">
- <p><b><?php echo translate("Subject"); ?></b><br>
- <input class=textbox type=text name=subject size=50 value="<?PHP echo"$subject"; ?>">
- <?PHP
- if($topic=="") {
- $topic = 1;
- }
- $result = mysql_query("select topicimage from topics where topicid=$topic");
- list($topicimage) = mysql_fetch_row($result);
- echo "<br><br><center>
- <table border=0 width=70% cellpadding=0 cellspacing=1 bgcolor=000000><tr><td>
- <table border=0 width=100% cellpadding=8 cellspacing=1 bgcolor=FFFFFF><tr><td>
- <img src=$tipath$topicimage border=0 align=right>";
- themepreview($subject, $story);
- echo "</td></tr></table></td></tr></table></center>";
- ?>
- <p><b>Topic</b> <select name=topic>
- <?PHP
- $toplist = mysql_query("select topicid, topictext from topics order by topictext");
- echo "<OPTION VALUE=\"\">".translate("Select Topic")."</option>\n";
- while(list($topicid, $topics) = mysql_fetch_row($toplist)) {
- if ($topicid==$topic) { $sel = "selected "; }
- echo "<option $sel value=\"$topicid\">$topics</option>\n";
- $sel = "";
- }
- ?>
- </select>
- <p><b><?php echo translate("Intro Text"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=7 name=hometext><?PHP echo "$story"; ?></textarea>
- <p><b><?php echo translate("Full Text"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=8 name=bodytext></textarea><BR>
- <FONT size=2><?php echo translate("(Did you check URLs?)"); ?></FONT><P>
-
- <p><b><?php echo translate("Notes"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=4 name=notes></textarea><br>
-
- <input type="hidden" NAME="qid" SIZE=50 value="<?PHP echo "$qid"; ?>">
- <input type="hidden" NAME="uid" SIZE=50 value="<?PHP echo "$uid"; ?>">
- <select name="op">
- <option value="DeleteStory"><?php echo translate("DeleteStory"); ?></option>
- <option value="PreviewAgain" SELECTED><?php echo translate("PreviewAgain"); ?></option>
- <option value="PostStory"><?php echo translate("PostStory"); ?></option>
- </select>
- <INPUT type="submit" value="<?php echo translate("Go!"); ?>">
- </form></td></tr></table></td></tr></table>
- <?PHP
- include ('footer.php');
- }
-
- function previewStory($qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes) {
- global $user, $boxstuff, $tipath;
- include ('header.php');
- GraphicAdmin($hlpfile);
- $subject = stripslashes($subject);
- $hometext = stripslashes($hometext);
- $bodytext = stripslashes($bodytext);
- $notes = stripslashes($notes);
- OpenTable();
- ?>
- <font size=3>
- <form action="admin.php" method=post>
- <p><b><?php echo translate("Name"); ?></b><br>
- <input class=textbox type="text" NAME="author" SIZE=50 value="<?PHP echo"$author"; ?>">
- <p><b><?php echo translate("Subject"); ?></b><br>
- <input class=textbox type=text name=subject size=50 value="<?PHP echo"$subject"; ?>">
- <?PHP
- $result = mysql_query("select topicimage from topics where topicid=$topic");
- list($topicimage) = mysql_fetch_row($result);
- echo "<br><br><center><table width=70% bgcolor=000000 cellpadding=0 cellspacing=1 border=0><tr><td>";
- echo "<table width=100% bgcolor=FFFFFF cellpadding=8 cellspacing=1 border=0><tr><td>";
- echo "<img src=$tipath$topicimage border=0 align=right>";
- themepreview($subject, $hometext, $bodytext, $notes);
- echo "</td></tr></table></td></tr></table></center>";
- ?>
- <p><b><?php echo translate("Topic"); ?></b> <select name=topic>
- <?PHP
- $toplist = mysql_query("select topicid, topictext from topics order by topictext");
- echo "<OPTION VALUE=\"\">".translate("All Topics")."</option>\n";
- while(list($topicid, $topics) = mysql_fetch_row($toplist)) {
- if ($topicid==$topic) { $sel = "selected "; }
- echo "<option $sel value=\"$topicid\">$topics</option>\n";
- $sel = "";
- }
- ?>
- </select>
- <p><b><?php echo translate("Intro Text"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=7 name=hometext><?PHP echo"$hometext"; ?></textarea>
- <p><b><?php echo translate("Full Text"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=10 name=bodytext><?PHP echo"$bodytext"; ?></textarea><BR>
- <FONT size=2><?php echo translate("(Did you check URLs?)"); ?></FONT><P>
- <p><b><?php echo translate("Notes"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=4 name=notes><?PHP echo"$notes"; ?></textarea><br>
- <input type="hidden" NAME="qid" SIZE=50 value="<?PHP echo"$qid"; ?>">
- <input type="hidden" NAME="uid" SIZE=50 value="<?PHP echo "$uid"; ?>">
- <select name="op">
- <option value="DeleteStory"><?php echo translate("DeleteStory"); ?></option>
- <option value="PreviewAgain" SELECTED><?php echo translate("PreviewAgain"); ?></option>
- <option value="PostStory"><?php echo translate("PostStory"); ?></option>
- </select>
- <INPUT type="submit" value="<?php echo translate("Go!"); ?>"></FORM>
- </td></tr></table></td></tr></table>
- <?PHP
- include ('footer.php');
- }
-
- function postStory($qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes) {
- global $aid, $ultramode;
- if ($uid == -1) $author = "";
- if ($hometext == $bodytext) $bodytext = "";
- $subject = stripslashes(FixQuotes($subject));
- $hometext = stripslashes(FixQuotes($hometext));
- $bodytext = stripslashes(FixQuotes($bodytext));
- $notes = stripslashes(FixQuotes($notes));
- $result = mysql_query("insert into stories values (NULL, '$aid', '$subject', now(), '$hometext', '$bodytext', '0', '0', '$topic','$author', '$notes')");
- if (!$result) {
- echo mysql_errno(). ": ".mysql_error(). "<br>";
- return;
- }
- if ($uid == -1) {
- } else {
- mysql_query("update users set counter=counter+1 where uid='$uid'");
- }
- mysql_query("update authors set counter=counter+1 where aid='$aid'");
- if ($ultramode) {
- ultramode();
- }
- deleteStory($qid);
- }
-
- function editStory ($sid) {
- global $user, $tipath;
- include ('header.php');
- GraphicAdmin($hlpfile);
- $result = mysql_query("SELECT title, hometext, bodytext, topic, notes FROM stories where sid=$sid");
- list($subject, $hometext, $bodytext, $topic, $notes) = mysql_fetch_row($result);
- mysql_free_result($result);
-
- $subject = stripslashes($subject);
- $hometext = stripslashes($hometext);
- $bodytext = stripslashes($bodytext);
- $notes = stripslashes($notes);
-
- $result=mysql_query("select topicimage from topics where topicid=$topic");
- list($topicimage) = mysql_fetch_row($result);
- echo "<center><font size=4><b>".translate("Edit Article")."</b></center><br><br>";
- OpenTable();
- echo "<br><center><table width=80% border=0 cellpadding=0 cellspacing=1 bgcolor=000000><tr><td>
- <table width=100% border=0 cellpadding=8 cellspacing=1 bgcolor=FFFFFF><tr><td>";
- echo "<img src=$tipath$topicimage border=0 align=right>";
- themepreview($subject, $hometext, $bodytext);
- echo "</td></tr></table></td></tr></table></center><br><br>";
- echo "<form action=admin.php method=post>";
- echo "<P><B>".translate("Subject")."</B><br>";
- ?>
- <input class=textbox type=text name=subject size=50 value="<?php echo "$subject"; ?>"><BR>
- <p><b><?php echo translate("Topic"); ?></b> <select name=topic>
- <?PHP
- $toplist = mysql_query("select topicid, topictext from topics order by topictext");
- echo "<OPTION VALUE=\"\">".translate("All Topics")."</option>\n";
- while(list($topicid, $topics) = mysql_fetch_row($toplist)) {
- if ($topicid==$topic) { $sel = "selected "; }
- echo "<option $sel value=\"$topicid\">$topics</option>\n";
- $sel = "";
- }
- ?>
- </select>
- <P><B><?php echo translate("Intro Text"); ?></B><br>
- <textarea class=textbox wrap=virtual cols=50 rows=7 name=hometext><?PHP echo"$hometext"; ?></textarea>
- <P><B><?php echo translate("Full Text"); ?></B><br>
- <textarea class=textbox wrap=virtual cols=50 rows=10 name=bodytext><?PHP echo"$bodytext"; ?></textarea><BR>
- <FONT size=2><?php echo translate("(Did you check URLs?)"); ?></FONT><P>
- <P><B><?php echo translate("Notes"); ?></B><br>
- <textarea class=textbox wrap=virtual cols=50 rows=4 name=notes><?php echo "$notes"; ?></textarea><br>
- <input type="hidden" NAME="sid" SIZE=50 value="<?PHP echo"$sid"; ?>">
- <INPUT type="hidden" name="op" value="ChangeStory">
- <INPUT type="submit" value="<?php echo translate("ChangeStory"); ?>">
- </form></td></tr></table></td></tr></table>
- <?PHP
- include ('footer.php');
- }
-
- function removeStory ($sid, $ok=0) {
- global $ultramode;
- if($ok) {
- mysql_query("DELETE FROM stories where sid=$sid");
- mysql_query("DELETE FROM comments where sid=$sid");
- if ($ultramode) {
- ultramode();
- }
- Header("Location: admin.php");
- } else {
- include("header.php");
- GraphicAdmin($hlpfile);
- echo "<center>".translate("Are you sure you want to remove Story ID #")." $sid ".translate("and all it's comments?")."";
- echo "<br><br>[ <a href=\"admin.php\">".translate("No")."</a> | <a href=\"admin.php?op=RemoveStory&sid=$sid&ok=1\">".translate("Yes")."</a> ]</center>";
- include("footer.php");
- }
- }
-
-
- function changeStory($sid, $subject, $hometext, $bodytext, $topic, $notes) {
- global $aid, $ultramode;
- $subject = stripslashes(FixQuotes($subject));
- $hometext = stripslashes(FixQuotes($hometext));
- $bodytext = stripslashes(FixQuotes($bodytext));
- $notes = stripslashes(FixQuotes($notes));
- mysql_query("update stories set title='$subject', hometext='$hometext', bodytext='$bodytext', topic='$topic', notes='$notes' where sid=$sid");
- if ($ultramode) {
- ultramode();
- }
- Header("Location: admin.php?op=adminMain");
- }
-
- function adminStory() {
- global $hlpfile, $admin;
- $hlpfile = "manual/newarticle.html";
- include ('header.php');
- GraphicAdmin($hlpfile);
- OpenTable();
- echo "
- <a name=new></a>
- <center><font size=4><b>".translate("New Article")."</b></font></center><br><br>"; ?>
- <form action="admin.php" method=post>
- <p><b><?php echo translate("Title"); ?></b><br>
- <input class=textbox type=text name=subject size=50 value=""><BR>
- <BR>
- <p><b><?php echo translate("Topic"); ?></b>
- <?php
- $toplist = mysql_query("select topicid, topictext from topics order by topictext");
- echo "<SELECT class=textbox NAME=\"topic\">";
- echo "<OPTION VALUE=\"\">".translate("Select Topic")."</option>\n";
- while(list($topicid, $topics) = mysql_fetch_row($toplist)) {
- if ($topicid==$topic) { $sel = "selected "; }
- echo "<option $sel value=\"$topicid\">$topics</option>\n";
- $sel = "";
- }
- echo "</SELECT>";
- ?>
- <P><B><?php echo translate("The Story"); ?></B><br>
- <textarea class=textbox wrap=virtual cols=70 rows=12 name=hometext></textarea><BR>
- <P><B><?php echo translate("Extended Text"); ?></B><br>
- <textarea class=textbox wrap=virtual cols=70 rows=12 name=bodytext></textarea><BR>
- <FONT size=2><?php echo translate("(Are you sure you included a URL? Did ya test them for typos?)"); ?></FONT><P>
- <select class=textbox name="op">
- <option value="PreviewAdminStory" SELECTED><?php echo translate("PreviewAdminStory"); ?></option>
- <option value="PostAdminStory"><?php echo translate("PostAdminStory"); ?></option>
- </select>
- <INPUT type="submit" value="<?php echo translate("Go!"); ?>">
- </form></td></tr></table></td></tr></table>
- <?PHP
- include ('footer.php');
- }
-
- function previewAdminStory($subject, $hometext, $bodytext, $topic) {
- global $user, $tipath;
- include ('header.php');
- if ($topic<1) {
- $topic = 1;
- }
- GraphicAdmin($hlpfile);
- OpenTable();
- echo "
- <font size=4><b><center>".translate("Preview Story")."</b></font><br><br><br>
- <form action=\"admin.php\" method=post>
- </b></center>
- ";
- $subject = stripslashes($subject);
- $hometext = stripslashes($hometext);
- $bodytext = stripslashes($bodytext);
- $result=mysql_query("select topicimage from topics where topicid=$topic");
- list($topicimage) = mysql_fetch_row($result);
- echo "<center><br>
- <table border=0 width=75% cellpadding=0 cellspacing=1 bgcolor=000000><tr><td>
- <table border=0 width=100% cellpadding=8 cellspacing=1 bgcolor=FFFFFF><tr><td>";
- echo "";
- echo "<img src=$tipath$topicimage border=0 align=right>";
- themepreview($subject, $hometext, $bodytext);
- echo "</td></tr></table></td></tr></table></center>";
- ?>
- <p><b><?php echo translate("Title"); ?></b><br>
- <input class=textbox type=text name=subject size=50 value="<?PHP echo"$subject"; ?>"><BR>
- <p><b><?php echo translate("Topic"); ?></b> <select name=topic>
- <?PHP
- $toplist = mysql_query("select topicid, topictext from topics order by topictext");
- echo "<OPTION VALUE=\"\">".translate("All Topics")."</option>\n";
- while(list($topicid, $topics) = mysql_fetch_row($toplist)) {
- if ($topicid==$topic) { $sel = "selected "; }
- echo "<option $sel value=\"$topicid\">$topics</option>\n";
- $sel = "";
- }
- ?>
- </select>
- <p><b><?php echo translate("The Story"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=12 name=hometext><?PHP echo "$hometext"; ?></textarea><BR><BR>
- <p><b><?php echo translate("Extended Text"); ?></b><br>
- <textarea class=textbox wrap=virtual cols=50 rows=12 name=bodytext><?PHP echo "$bodytext"; ?></textarea><BR>
- <select class=textbox name="op">
- <option value="PreviewAdminStory" SELECTED><?php echo translate("PreviewAdminStory"); ?></option>
- <option value="PostAdminStory"><?php echo translate("PostAdminStory"); ?></option>
- </select>
- <INPUT type="submit" value="<?php echo translate("Go!"); ?>">
- </form></td></tr></table></td></tr></table>
- <?PHP
- include ('footer.php');
-
- }
-
- function postAdminStory($subject, $introstory, $fullstory, $topic) {
- global $aid;
- $subject = stripslashes(FixQuotes($subject));
- $introstory = stripslashes(FixQuotes($introstory));
- $fullstory = stripslashes(FixQuotes($fullstory));
- $result = mysql_query("insert into stories values (NULL, '$aid', '$subject', now(), '$introstory', '$fullstory', '0', '0', '$topic', '$aid', '$notes')");
- if (!$result)
- {
- echo mysql_errno(). ": ".mysql_error(). "<br>";
- exit();
- }
- $result = mysql_query("update authors set counter=counter+1 where aid='$aid'");
- if ($ultramode) {
- ultramode();
- }
- Header("Location: admin.php?op=adminMain");
- }
-
- switch($op) {
-
- case "DisplayStory":
- displayStory($qid);
- break;
-
- case "PreviewAgain":
- previewStory($qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes);
- break;
-
- case "PostStory":
- postStory($qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes);
- break;
-
- case "EditStory":
- editStory($sid);
- break;
-
- case "RemoveStory":
- removeStory($sid, $ok);
- break;
-
- case "ChangeStory":
- changeStory($sid, $subject, $hometext, $bodytext, $topic, $notes);
- break;
-
- case "DeleteStory":
- deleteStory($qid);
- break;
-
- case "adminStory":
- adminStory($sid);
- break;
-
- case "PreviewAdminStory":
- previewAdminStory($subject, $hometext, $bodytext, $topic);
- break;
-
- case "PostAdminStory":
- postAdminStory($subject, $hometext, $bodytext, $topic);
- break;
-
- }
-
- } else {
- echo "Access Denied";
- }
-
- ?>