home *** CD-ROM | disk | FTP | other *** search
/ PC World 2008 April (DVD) / PCWorld_2008-04_DVD.iso / temadvd / phpbb / phpBB-2.0.22.exe / phpBB2 / admin / admin_ranks.php < prev    next >
Encoding:
PHP Script  |  2006-12-19  |  9.7 KB  |  350 lines
  1. <?php
  2. /***************************************************************************
  3.  *                              admin_ranks.php
  4.  *                            -------------------
  5.  *   begin                : Thursday, Jul 12, 2001
  6.  *   copyright            : (C) 2001 The phpBB Group
  7.  *   email                : support@phpbb.com
  8.  *
  9.  *   $Id: admin_ranks.php,v 1.13.2.8 2006/04/13 09:56:48 grahamje Exp $
  10.  *
  11.  ***************************************************************************/
  12.  
  13. /***************************************************************************
  14.  *
  15.  *   This program is free software; you can redistribute it and/or modify
  16.  *   it under the terms of the GNU General Public License as published by
  17.  *   the Free Software Foundation; either version 2 of the License, or
  18.  *   (at your option) any later version.
  19.  *
  20.  ***************************************************************************/
  21.  
  22. if( !empty($setmodules) )
  23. {
  24.     $file = basename(__FILE__);
  25.     $module['Users']['Ranks'] = $file;
  26.     return;
  27. }
  28.  
  29. define('IN_PHPBB', 1);
  30.  
  31. //
  32. // Let's set the root dir for phpBB
  33. //
  34. $phpbb_root_path = "./../";
  35. require($phpbb_root_path . 'extension.inc');
  36.  
  37. $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
  38. $no_page_header = $cancel;
  39.  
  40. require('./pagestart.' . $phpEx);
  41.  
  42. if ($cancel)
  43. {
  44.     redirect('admin/' . append_sid("admin_ranks.$phpEx", true));
  45. }
  46.  
  47. if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
  48. {
  49.     $mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
  50.     $mode = htmlspecialchars($mode);
  51. }
  52. else 
  53. {
  54.     //
  55.     // These could be entered via a form button
  56.     //
  57.     if( isset($HTTP_POST_VARS['add']) )
  58.     {
  59.         $mode = "add";
  60.     }
  61.     else if( isset($HTTP_POST_VARS['save']) )
  62.     {
  63.         $mode = "save";
  64.     }
  65.     else
  66.     {
  67.         $mode = "";
  68.     }
  69. }
  70.  
  71. // Restrict mode input to valid options
  72. $mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
  73.  
  74. if( $mode != "" )
  75. {
  76.     if( $mode == "edit" || $mode == "add" )
  77.     {
  78.         //
  79.         // They want to add a new rank, show the form.
  80.         //
  81.         $rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
  82.         
  83.         $s_hidden_fields = "";
  84.         
  85.         if( $mode == "edit" )
  86.         {
  87.             if( empty($rank_id) )
  88.             {
  89.                 message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
  90.             }
  91.  
  92.             $sql = "SELECT * FROM " . RANKS_TABLE . "
  93.                 WHERE rank_id = $rank_id";
  94.             if(!$result = $db->sql_query($sql))
  95.             {
  96.                 message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql);
  97.             }
  98.             
  99.             $rank_info = $db->sql_fetchrow($result);
  100.             $s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
  101.  
  102.         }
  103.         else
  104.         {
  105.             $rank_info['rank_special'] = 0;
  106.         }
  107.  
  108.         $s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
  109.  
  110.         $rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
  111.         $rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
  112.         
  113.         $template->set_filenames(array(
  114.             "body" => "admin/ranks_edit_body.tpl")
  115.         );
  116.  
  117.         $template->assign_vars(array(
  118.             "RANK" => $rank_info['rank_title'],
  119.             "SPECIAL_RANK" => $rank_is_special,
  120.             "NOT_SPECIAL_RANK" => $rank_is_not_special,
  121.             "MINIMUM" => ( $rank_is_special ) ? "" : $rank_info['rank_min'],
  122.             "IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
  123.             "IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : "",
  124.             
  125.             "L_RANKS_TITLE" => $lang['Ranks_title'],
  126.             "L_RANKS_TEXT" => $lang['Ranks_explain'],
  127.             "L_RANK_TITLE" => $lang['Rank_title'],
  128.             "L_RANK_SPECIAL" => $lang['Rank_special'],
  129.             "L_RANK_MINIMUM" => $lang['Rank_minimum'],
  130.             "L_RANK_IMAGE" => $lang['Rank_image'],
  131.             "L_RANK_IMAGE_EXPLAIN" => $lang['Rank_image_explain'],
  132.             "L_SUBMIT" => $lang['Submit'],
  133.             "L_RESET" => $lang['Reset'],
  134.             "L_YES" => $lang['Yes'],
  135.             "L_NO" => $lang['No'],
  136.             
  137.             "S_RANK_ACTION" => append_sid("admin_ranks.$phpEx"),
  138.             "S_HIDDEN_FIELDS" => $s_hidden_fields)
  139.         );
  140.         
  141.     }
  142.     else if( $mode == "save" )
  143.     {
  144.         //
  145.         // Ok, they sent us our info, let's update it.
  146.         //
  147.         
  148.         $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
  149.         $rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : "";
  150.         $special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
  151.         $min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
  152.         $rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : "";
  153.  
  154.         if( $rank_title == "" )
  155.         {
  156.             message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
  157.         }
  158.  
  159.         if( $special_rank == 1 )
  160.         {
  161.             $max_posts = -1;
  162.             $min_posts = -1;
  163.         }
  164.  
  165.         //
  166.         // The rank image has to be a jpg, gif or png
  167.         //
  168.         if($rank_image != "")
  169.         {
  170.             if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image))
  171.             {
  172.                 $rank_image = "";
  173.             }
  174.         }
  175.  
  176.         if ($rank_id)
  177.         {
  178.             if (!$special_rank)
  179.             {
  180.                 $sql = "UPDATE " . USERS_TABLE . " 
  181.                     SET user_rank = 0 
  182.                     WHERE user_rank = $rank_id";
  183.  
  184.                 if( !$result = $db->sql_query($sql) ) 
  185.                 {
  186.                     message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
  187.                 }
  188.             }
  189.             $sql = "UPDATE " . RANKS_TABLE . "
  190.                 SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "'
  191.                 WHERE rank_id = $rank_id";
  192.  
  193.             $message = $lang['Rank_updated'];
  194.         }
  195.         else
  196.         {
  197.             $sql = "INSERT INTO " . RANKS_TABLE . " (rank_title, rank_special, rank_min, rank_image)
  198.                 VALUES ('" . str_replace("\'", "''", $rank_title) . "', $special_rank, $min_posts, '" . str_replace("\'", "''", $rank_image) . "')";
  199.  
  200.             $message = $lang['Rank_added'];
  201.         }
  202.         
  203.         if( !$result = $db->sql_query($sql) )
  204.         {
  205.             message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql);
  206.         }
  207.  
  208.         $message .= "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
  209.  
  210.         message_die(GENERAL_MESSAGE, $message);
  211.  
  212.     }
  213.     else if( $mode == "delete" )
  214.     {
  215.         //
  216.         // Ok, they want to delete their rank
  217.         //
  218.         
  219.         if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
  220.         {
  221.             $rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
  222.         }
  223.         else
  224.         {
  225.             $rank_id = 0;
  226.         }
  227.  
  228.         $confirm = isset($HTTP_POST_VARS['confirm']);
  229.         
  230.         if( $rank_id && $confirm )
  231.         {
  232.             $sql = "DELETE FROM " . RANKS_TABLE . "
  233.                 WHERE rank_id = $rank_id";
  234.             
  235.             if( !$result = $db->sql_query($sql) )
  236.             {
  237.                 message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql);
  238.             }
  239.             
  240.             $sql = "UPDATE " . USERS_TABLE . " 
  241.                 SET user_rank = 0 
  242.                 WHERE user_rank = $rank_id";
  243.  
  244.             if( !$result = $db->sql_query($sql) ) 
  245.             {
  246.                 message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
  247.             }
  248.  
  249.             $message = $lang['Rank_removed'] . "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
  250.  
  251.             message_die(GENERAL_MESSAGE, $message);
  252.  
  253.         }
  254.         elseif( $rank_id && !$confirm)
  255.         {
  256.             // Present the confirmation screen to the user
  257.             $template->set_filenames(array(
  258.                 'body' => 'admin/confirm_body.tpl')
  259.             );
  260.  
  261.             $hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />';
  262.  
  263.             $template->assign_vars(array(
  264.                 'MESSAGE_TITLE' => $lang['Confirm'],
  265.                 'MESSAGE_TEXT' => $lang['Confirm_delete_rank'],
  266.  
  267.                 'L_YES' => $lang['Yes'],
  268.                 'L_NO' => $lang['No'],
  269.  
  270.                 'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"),
  271.                 'S_HIDDEN_FIELDS' => $hidden_fields)
  272.             );
  273.         }
  274.         else
  275.         {
  276.             message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
  277.         }
  278.     }
  279.  
  280.     $template->pparse("body");
  281.  
  282.     include('./page_footer_admin.'.$phpEx);
  283. }
  284.  
  285. //
  286. // Show the default page
  287. //
  288. $template->set_filenames(array(
  289.     "body" => "admin/ranks_list_body.tpl")
  290. );
  291.  
  292. $sql = "SELECT * FROM " . RANKS_TABLE . "
  293.     ORDER BY rank_min ASC, rank_special ASC";
  294. if( !$result = $db->sql_query($sql) )
  295. {
  296.     message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
  297. }
  298. $rank_count = $db->sql_numrows($result);
  299.  
  300. $rank_rows = $db->sql_fetchrowset($result);
  301.  
  302. $template->assign_vars(array(
  303.     "L_RANKS_TITLE" => $lang['Ranks_title'],
  304.     "L_RANKS_TEXT" => $lang['Ranks_explain'],
  305.     "L_RANK" => $lang['Rank_title'],
  306.     "L_RANK_MINIMUM" => $lang['Rank_minimum'],
  307.     "L_SPECIAL_RANK" => $lang['Rank_special'],
  308.     "L_EDIT" => $lang['Edit'],
  309.     "L_DELETE" => $lang['Delete'],
  310.     "L_ADD_RANK" => $lang['Add_new_rank'],
  311.     "L_ACTION" => $lang['Action'],
  312.     
  313.     "S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
  314. );
  315.  
  316. for($i = 0; $i < $rank_count; $i++)
  317. {
  318.     $rank = $rank_rows[$i]['rank_title'];
  319.     $special_rank = $rank_rows[$i]['rank_special'];
  320.     $rank_id = $rank_rows[$i]['rank_id'];
  321.     $rank_min = $rank_rows[$i]['rank_min'];
  322.     
  323.     if( $special_rank == 1 )
  324.     {
  325.         $rank_min = $rank_max = "-";
  326.     }
  327.  
  328.     $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
  329.     $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
  330.  
  331.     $rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
  332.     
  333.     $template->assign_block_vars("ranks", array(
  334.         "ROW_COLOR" => "#" . $row_color,
  335.         "ROW_CLASS" => $row_class,
  336.         "RANK" => $rank,
  337.         "SPECIAL_RANK" => $rank_is_special,
  338.         "RANK_MIN" => $rank_min,
  339.  
  340.         "U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&id=$rank_id"),
  341.         "U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&id=$rank_id"))
  342.     );
  343. }
  344.  
  345. $template->pparse("body");
  346.  
  347. include('./page_footer_admin.'.$phpEx);
  348.  
  349. ?>
  350.