| [ PHPXref.com ] | [ Generated: Sun Jul 20 19:57:11 2008 ] | [ PHP-Update 2.7 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <? 2 extract($HTTP_POST_VARS); 3 extract($HTTP_GET_VARS); 4 extract($HTTP_COOKIE_VARS); 5 $adminsect = 1; 6 include "protection.php"; 7 if(file_exists("languages/$language.php")) include "languages/$language.php"; 8 else { 9 echo "<b>Critical error</b><br>Language file <i>$language</i> could not be found.<p>"; 10 exit; 11 } 12 if(!isset($txt_editcats)) $txt_editcats = "Edit categories"; 13 if(!isset($txt_entercats)) $txt_entercats = "Enter categories in the box below - one category per line:"; 14 $pagetitle = "$sitetitle $split $title_blogs"; 15 $thispagetitle = "$title_blogs"; 16 if(file_exists("../code/templates/$template}_h.php") && file_exists("../code/templates/$template}_f.php")) { 17 $tempfilename = "../code/templates/$template}_h.php"; 18 $handle = fopen($tempfilename, "r"); 19 $temp = fread($handle, filesize ($tempfilename)); 20 fclose($handle); 21 include "../code/menucode.php"; 22 include "../code/parsetemplate.php"; 23 parsetemplate($temp, $menucode, $thispagetitle, $pagetitle); 24 if($rights[2] == "1") { 25 echo "<b>$title_blogs $split "; 26 27 if($edit == "cat") { 28 echo "$txt_editcats</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>"; 29 30 if(isset($newcats)) { 31 $catsarr = explode("\n", $newcats); 32 if(!mysql_query("DELETE FROM $table_prefix}categories")) die(sql_error()); 33 34 for($i = 0; $i < count($catsarr); $i++) { 35 if(!empty($catsarr[$i])) { 36 $cats = "'', '$catsarr[$i]'"; 37 if(!mysql_query("INSERT INTO $table_prefix}categories VALUES ($cats)")) $err = 1; 38 } 39 } 40 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 41 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 42 43 44 } 45 else { 46 echo "$txt_entercats<br> 47 <form method=\"post\" action=\"blogs.php?edit=cat\"> 48 <textarea name=\"newcats\" cols=\"40\" rows=\"10\">"; 49 $catsq = mysql_query("SELECT category FROM $table_prefix}categories ORDER BY autono ASC"); 50 for($i = 0; $i < mysql_num_rows($catsq); $i++) { 51 echo mysql_result($catsq, $i, category); 52 echo "\n"; 53 } 54 echo "</textarea><br> 55 <input type=\"submit\" value=\"$txt_save\"/> 56 </form>"; 57 } 58 } 59 else { 60 61 if(isset($f)) { 62 echo "$f</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>"; 63 $query = mysql_query("SELECT * FROM $table_prefix}blogdetails WHERE name='$f'"); 64 $set = mysql_num_rows($query); 65 if(($set != "1" && $createblog != "1") || ($blogacc == "b" && stristr($blogs, "$f")) || ($blogacc == "a" && !stristr($blogs, "$f"))) $err = 1; 66 if($err != "1") { 67 68 if($set == 1 && $s != "e") { 69 70 if($s == "c") { 71 $query = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m' ORDER BY autono ASC"); 72 73 echo "<b>$txt_editcomm</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>"; 74 if(isset($c)) { 75 76 if($a == "d") { 77 78 if(!mysql_query("DELETE FROM $table_prefix}comments WHERE autono='$c'")) $err = 1; 79 80 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 81 else echo "$txt_commgone<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 82 83 } 84 else { 85 86 if(isset($commmsg)) { 87 $cquery = mysql_query("SELECT * FROM $table_prefix}comments WHERE autono='$c'"); 88 $ip = mysql_result($cquery, 0, "ip"); 89 $time = mysql_result($cquery, 0, "timestamp"); 90 91 $table_def = "'$c', '$f', '$m', '$commname', '$commmsg', '$ip', '$time'"; 92 if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1; 93 94 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 95 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 96 97 } 98 else { 99 $cquery = mysql_query("SELECT * FROM $table_prefix}comments WHERE autono='$c'"); 100 $name[$c] = mysql_result($cquery, 0, "name"); 101 $name[$c] = str_replace("\"", """, $name[$c]); 102 $name[$c] = str_replace("<", "<", $name[$c]); 103 $name[$c] = str_replace(">", ">", $name[$c]); 104 $thecomm = mysql_result($cquery, 0, "message"); 105 $thecomm = str_replace("<", "<", $thecomm); 106 $thecomm = str_replace(">", ">", $thecomm); 107 108 echo "<head> 109 <script language=\"javascript\"> 110 function storeCaret (textEl) { 111 if (textEl.createTextRange) 112 textEl.caretPos = document.selection.createRange().duplicate(); 113 } 114 function insertAtCaret (textEl, text) { 115 if (textEl.createTextRange && textEl.caretPos) { 116 var caretPos = textEl.caretPos; 117 caretPos.text = 118 caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? 119 text + ' ' : text; 120 } 121 else 122 textEl.value = text; 123 } 124 125 function smiley (smileycode) { 126 insertAtCaret(msgform.commmsg, smileycode); 127 msgform.commmsg.focus(); 128 } 129 </script> 130 </head>"; 131 echo "<table border=0 cellspacing=1 cellpadding=2><form method=post name=\"msgform\" action=\"blogs.php?f=$f&s=$s&m=$m&c=$c\"> 132 <tr><td align=right>$txt_name:</td><td><input type=text name=commname value=\"$name[$c]\"></td></tr> 133 <tr><td align=right valign=top>$txt_message:</td><td><textarea name=commmsg rows=15 cols=50 onselect=\"storeCaret(this);\" onclick=\"storeCaret(this);\" onkeyup=\"storeCaret(this);\" ondblclick=\"storeCaret(this);\">$thecomm</textarea></td> 134 <td valign=\"top\"><a href=\"javascript:smiley(':) ');\"><img src=\"../gfx/smileys/smile.gif\" border=0 alt=\":)\"></a> 135 <a href=\"javascript:smiley(':( ');\"><img src=\"../gfx/smileys/sad.gif\" border=0 alt=\":(\"></a> 136 <a href=\"javascript:smiley(';) ');\"><img src=\"../gfx/smileys/wink.gif\" border=0 alt=\";)\"></a> 137 <a href=\"javascript:smiley(':\'( ');\"><img src=\"../gfx/smileys/cry.gif\" border=0 alt=\":'(\"></a><br> 138 <a href=\"javascript:smiley(':D ');\"><img src=\"../gfx/smileys/grin.gif\" border=0 alt=\":D\"></a> 139 <a href=\"javascript:smiley(':P ');\"><img src=\"../gfx/smileys/tongue.gif\" border=0 alt=\":P\"></a> 140 <a href=\"javascript:smiley(':S ');\"><img src=\"../gfx/smileys/confused.gif\" border=0 alt=\":S\"></a> 141 <a href=\"javascript:smiley('8) ');\"><img src=\"../gfx/smileys/cool.gif\" border=0 alt=\"8)\"></a><br> 142 <a href=\"javascript:smiley(':$ ');\"><img src=\"../gfx/smileys/blush.gif\" border=0 alt=\":$\"></a> 143 <a href=\"javascript:smiley(':| ');\"><img src=\"../gfx/smileys/line.gif\" border=0 alt=\":|\"></a> 144 <a href=\"javascript:smiley(':@ ');\"><img src=\"../gfx/smileys/angry.gif\" border=0 alt=\":@\"></a> 145 <a href=\"javascript:smiley(':O ');\"><img src=\"../gfx/smileys/shock.gif\" border=0 alt=\":O\"></a> 146 </td></tr> 147 <tr><td align=center colspan=2><input type=submit value=\"$txt_editcomm\"></td></tr> 148 </form></table> 149 150 $title_content_files: <a href=\"javascript:window.open('files.php?s=files','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">files/</a> $split <a href=\"javascript:window.open('files.php?s=gfx','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">gfx/</a>"; 151 } 152 } 153 } 154 else { 155 156 echo "<table border=0 cellspacing=1 cellpadding=2 class=filebg> 157 <tr><td class=filelist width=20%><i>$txt_name</i></td><td class=filelist width=45%><i>$txt_message</i></td><td class=filelist width=15%><i>$txt_ip</i></td><td class=filelist width=20% colspan=2> </td></tr>"; 158 for($i = 0; $i < mysql_num_rows($query); $i++) { 159 $entries = 1; 160 $autono[$i] = mysql_result($query, $i, "autono"); 161 $name[$i] = mysql_result($query, $i, "name"); 162 $comment[$i] = mysql_result($query, $i, "message"); 163 $ip[$i] = mysql_result($query, $i, "ip"); 164 $comment[$i] = str_replace("\n", "<br>", $comment[$i]); 165 echo "<tr><td align=right valign=top class=filelist>$name[$i]:</td><td class=filelist>$comment[$i]</td><td valign=top class=filelist>$ip[$i]</td><td valign=top class=filelist><a href=\"blogs.php?f=$f&s=c&m=$m&c=$autono[$i]\">$txt_edit</a></td><td valign=top class=filelist><a href=\"blogs.php?f=$f&s=c&m=$m&c=$autono[$i]&a=d\">$txt_delete</a></td></tr>"; 166 } 167 if(!isset($entries)) echo "<tr><td colspan=5 align=center class=filelist><i>$txt_empty</i></td></tr>"; 168 echo "</table>"; 169 } 170 } 171 elseif($s == "d") { 172 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'"); 173 $theuser = mysql_result($query, 0, "user"); 174 if($theuser == $logincookie[user] || $adminuser == "1") { 175 if(isset($con)) { 176 if(!mysql_query("DELETE FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'")) $err = 1; 177 178 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 179 else echo "<b>$txt_delete</b><br>$txt_gone<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 180 181 } 182 else { 183 echo "<b>$txt_confirm</b><br><a href=\"blogs.php?f=$f&s=d&m=$m&con=1\">$txt_confdel</a>"; 184 } 185 } 186 else echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 187 } 188 189 elseif($s == "a" || $s == "m") { 190 191 if(isset($newmessage)) { 192 if(empty($nusticky)) $nusticky = "0"; 193 194 if($s == "a") { 195 $prev = mysql_query("SELECT postid FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid DESC"); 196 $last = mysql_result($prev, 0, 0); 197 $id = $last + 1; 198 $table_def = "'', '$id', '$f', '$newentrytitle', '$newmessage', now(), '$logincookie[user]', '$nusticky', '$newcategory'"; 199 if(!mysql_query("INSERT INTO $table_prefix}blogs VALUES($table_def)")) die(sql_error()); 200 201 } 202 elseif($s == "m") { 203 if($logincookie[user] == $theuser[$m] || $adminuser == 1) { 204 205 $table_def = "'', '$m', '$f', '$newentrytitle', '$newmessage', '$qtime', '$logincookie[user]', '$nusticky', '$newcategory'"; 206 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 207 208 } 209 else $err = 1; 210 } 211 212 $mailsubject = "$sitetitle $split $newentrytitle"; 213 $mailmessage = "$newmessage\n\n-----\n$rooturl"; 214 215 if(!isset($txt_mailingsent)) $txt_mailingsent = "A copy of the post has also been sent to your mailing list."; 216 217 if($mailout == 1) { 218 $query = mysql_query("SELECT email FROM $table_prefix}mailing WHERE confirm='1'"); 219 for($i = 0; $i < mysql_num_rows($query); $i++) { 220 $email = mysql_result($query, $i, 0); 221 $listaddresses .= "$email, "; 222 } 223 if(!@mail($siteemail, $mailsubject, $mailmessage, "From: $siteemail\r\nBcc: $listaddresses")) $mailerr = 1; 224 } 225 226 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 227 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_blogchanged<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 228 if($mailout == 1 && $mailerr != 1) echo "<p>$txt_mailingsent<p>"; 229 230 } 231 else { 232 if($s == "m") { 233 if($logincookie[user] == $theuser[$m] || $adminuser == "1") { 234 $current = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'"); 235 $entrytitle = mysql_result($current, 0, "title"); 236 $entrytitle = str_replace("\"", """, $entrytitle); 237 $category = mysql_result($current, 0, "category"); 238 $category = str_replace("\"", """, $category); 239 $message = mysql_result($current, 0, "text"); 240 $message = str_replace("<", "<", $message); 241 $message = str_replace(">", ">", $message); 242 $qtime = mysql_result($current, 0, "time"); 243 $sticky = mysql_result($current, 0, "sticky"); 244 } 245 else $err = 1; 246 } 247 if(!isset($m)) $m = "new"; 248 if($s == "a") $entrytitle = ""; 249 if($err != 1) { 250 echo "<head> 251 <script language=\"javascript\"> 252 function storeCaret (textEl) { 253 if (textEl.createTextRange) 254 textEl.caretPos = document.selection.createRange().duplicate(); 255 } 256 function insertAtCaret (textEl, text) { 257 if (textEl.createTextRange && textEl.caretPos) { 258 var caretPos = textEl.caretPos; 259 caretPos.text = 260 caretPos.text.charAt(caretPos.text.length - 1) == ' ' ? 261 text + ' ' : text; 262 } 263 else 264 textEl.value = text; 265 } 266 267 function smiley (smileycode) { 268 insertAtCaret(msgform.newmessage, smileycode); 269 msgform.newmessage.focus(); 270 } 271 </script> 272 </head>"; 273 if(!isset($txt_mailingsend)) $txt_mailingsend = "Send to mailing list?"; 274 if(!isset($txt_category)) $txt_category = "Category"; 275 if($s == "a") echo "<b>$txt_addmsg</b><br>"; 276 else echo "<b>$txt_editmsg</b><br>"; 277 echo "<img src=\"../gfx/blank.gif\" width=1 height=6><br> 278 <table border=0 cellspacing=1 cellpadding=2><form method=post name=\"msgform\" action=\"blogs.php?f=$f&s=$s&m=$m\"> 279 <tr><td align=right>$txt_entrytitle:</td><td><input type=text name=newentrytitle value=\"$entrytitle\"></td></tr>"; 280 if($usecats == 1) { 281 echo "<tr><td align=right>Category:</td><td><select name=newcategory>"; 282 $catsq = mysql_query("SELECT * FROM $table_prefix}categories ORDER BY autono ASC"); 283 for($i = 0; $i < mysql_num_rows($catsq); $i++) { 284 $cats[$i] = mysql_result($catsq, $i, "category"); 285 286 echo "<option value=\"$cats[$i]\""; 287 if($cats[$i] == $category) echo " selected=\"selected\""; 288 echo ">$cats[$i]</option>"; 289 } 290 291 echo "</select></td></tr>"; 292 } 293 echo "<tr><td align=right valign=top>$txt_message:</td><td><textarea name=newmessage cols=50 rows=15 onselect=\"storeCaret(this);\" onclick=\"storeCaret(this);\" onkeyup=\"storeCaret(this);\" ondblclick=\"storeCaret(this);\">$message</textarea></td> 294 <td valign=\"top\"><a href=\"javascript:smiley(':) ');\"><img src=\"../gfx/smileys/smile.gif\" border=0 alt=\":)\"></a> 295 <a href=\"javascript:smiley(':( ');\"><img src=\"../gfx/smileys/sad.gif\" border=0 alt=\":(\"></a> 296 <a href=\"javascript:smiley(';) ');\"><img src=\"../gfx/smileys/wink.gif\" border=0 alt=\";)\"></a> 297 <a href=\"javascript:smiley(':\'( ');\"><img src=\"../gfx/smileys/cry.gif\" border=0 alt=\":'(\"></a><br> 298 <a href=\"javascript:smiley(':D ');\"><img src=\"../gfx/smileys/grin.gif\" border=0 alt=\":D\"></a> 299 <a href=\"javascript:smiley(':P ');\"><img src=\"../gfx/smileys/tongue.gif\" border=0 alt=\":P\"></a> 300 <a href=\"javascript:smiley(':S ');\"><img src=\"../gfx/smileys/confused.gif\" border=0 alt=\":S\"></a> 301 <a href=\"javascript:smiley('8) ');\"><img src=\"../gfx/smileys/cool.gif\" border=0 alt=\"8)\"></a><br> 302 <a href=\"javascript:smiley(':$ ');\"><img src=\"../gfx/smileys/blush.gif\" border=0 alt=\":$\"></a> 303 <a href=\"javascript:smiley(':| ');\"><img src=\"../gfx/smileys/line.gif\" border=0 alt=\":|\"></a> 304 <a href=\"javascript:smiley(':@ ');\"><img src=\"../gfx/smileys/angry.gif\" border=0 alt=\":@\"></a> 305 <a href=\"javascript:smiley(':O ');\"><img src=\"../gfx/smileys/shock.gif\" border=0 alt=\":O\"></a> 306 </td></tr>\n"; 307 if($s == "a") echo "<tr><td align=\"right\">$txt_mailingsend</td><td><input type=checkbox name=\"mailout\" value=\"1\"></td></tr>\n"; 308 echo "<tr><td align=\"right\">$txt_sticky</td><td><input type=\"checkbox\" name=\"nusticky\" value=\"1\""; 309 if($sticky == "1") echo " CHECKED"; 310 echo "></td></tr>\n 311 <tr><td align=center colspan=2><input type=submit value=\"$txt_save\"></td></tr> 312 <input type=\"hidden\" name=\"qtime\" value=\"$qtime\"></form></table> 313 314 $title_content_files: <a href=\"javascript:window.open('files.php?s=files','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">files/</a> $split <a href=\"javascript:window.open('files.php?s=gfx','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">gfx/</a>"; 315 } 316 else echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 317 } 318 } 319 elseif($s == "up") { 320 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'"); 321 $qtitle = mysql_result($query, 0, "title"); 322 $qtext = mysql_result($query, 0, "text"); 323 $qtime = mysql_result($query, 0, "time"); 324 $quser = mysql_result($query, 0, "user"); 325 $qsticky = mysql_result($query, 0, "sticky"); 326 327 unset($cur); 328 unset($set); 329 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC"); 330 for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) { 331 $cur = mysql_result($query, $i, "postid"); 332 if($set == 1 && !isset($next)) $next = $cur; 333 if($cur == $m) $set = 1; 334 if(!isset($set)) $prev = $cur; 335 } 336 337 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$prev'"); 338 $qtitle2 = mysql_result($query, 0, "title"); 339 $qtext2 = mysql_result($query, 0, "text"); 340 $qtime2 = mysql_result($query, 0, "time"); 341 $quser2 = mysql_result($query, 0, "user"); 342 $qsticky2 = mysql_result($query, 0, "sticky"); 343 344 345 $table_def = "'', '$prev', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$qsticky'"; 346 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 347 $table_def = "'', '$m', '$f', '$qtitle2', '$qtext2', '$qtime2', '$quser2', '$qsticky2'"; 348 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 349 350 $commsmoveq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m'"); 351 $commsmoveq2 = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$prev'"); 352 for($i = 0; $i < mysql_num_rows($commsmoveq); $i++) { 353 $name[$i] = mysql_result($commsmoveq, $i, "name"); 354 $message[$i] = mysql_result($commsmoveq, $i, "message"); 355 $ip[$i] = mysql_result($commsmoveq, $i, "ip"); 356 $timestamp[$i] = mysql_result($commsmoveq, $i, "timestamp"); 357 358 $table_def = "'', '$f', '$prev', '$name[$i]', '$message[$i]', '$ip[$i]', '$timestamp[$i]'"; 359 if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1; 360 } 361 for($i = 0; $i < mysql_num_rows($commsmoveq2); $i++) { 362 $name2[$i] = mysql_result($commsmoveq, $i, "name"); 363 $message2[$i] = mysql_result($commsmoveq, $i, "message"); 364 $ip2[$i] = mysql_result($commsmoveq, $i, "ip"); 365 $timestamp2[$i] = mysql_result($commsmoveq, $i, "timestamp"); 366 367 $table_def2 = "'', '$f', '$m', '$name2[$i]', '$message2[$i]', '$ip2[$i]', '$timestamp2[$i]'"; 368 if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def2)")) $err = 1; 369 } 370 371 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 372 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 373 } 374 elseif($s == "dn") { 375 376 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'"); 377 $qtitle = mysql_result($query, 0, "title"); 378 $qtext = mysql_result($query, 0, "text"); 379 $qtime = mysql_result($query, 0, "time"); 380 $quser = mysql_result($query, 0, "user"); 381 $qsticky = mysql_result($query, 0, "sticky"); 382 383 unset($cur); 384 unset($set); 385 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC"); 386 for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) { 387 $cur = mysql_result($query, $i, "postid"); 388 if($set == 1 && !isset($next)) $next = $cur; 389 if($cur == $m) $set = 1; 390 if(!isset($set)) $prev = $cur; 391 } 392 393 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$next'"); 394 $qtitle2 = mysql_result($query, 0, "title"); 395 $qtext2 = mysql_result($query, 0, "text"); 396 $qtime2 = mysql_result($query, 0, "time"); 397 $quser2 = mysql_result($query, 0, "user"); 398 $qsticky2 = mysql_result($query, 0, "sticky"); 399 400 $table_def = "'', '$next', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$qsticky'"; 401 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 402 $table_def = "'', '$m', '$f', '$qtitle2', '$qtext2', '$qtime2', '$quser2', '$qsticky2'"; 403 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 404 405 $commsmoveq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m'"); 406 $commsmoveq2 = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$next'"); 407 for($i = 0; $i < mysql_num_rows($commsmoveq); $i++) { 408 $name[$i] = mysql_result($commsmoveq, $i, "name"); 409 $message[$i] = mysql_result($commsmoveq, $i, "message"); 410 $ip[$i] = mysql_result($commsmoveq, $i, "ip"); 411 $timestamp[$i] = mysql_result($commsmoveq, $i, "timestamp"); 412 413 $table_def = "'', '$f', '$next', '$name[$i]', '$message[$i]', '$ip[$i]', '$timestamp[$i]'"; 414 if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1; 415 } 416 for($i = 0; $i < mysql_num_rows($commsmoveq2); $i++) { 417 $name2[$i] = mysql_result($commsmoveq, $i, "name"); 418 $message2[$i] = mysql_result($commsmoveq, $i, "message"); 419 $ip2[$i] = mysql_result($commsmoveq, $i, "ip"); 420 $timestamp2[$i] = mysql_result($commsmoveq, $i, "timestamp"); 421 422 $table_def2 = "'', '$f', '$m', '$name2[$i]', '$message2[$i]', '$ip2[$i]', '$timestamp2[$i]'"; 423 if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def2)")) $err = 1; 424 } 425 426 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 427 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 428 } 429 elseif($s == "s") { 430 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'"); 431 $qtitle = mysql_result($query, 0, "title"); 432 $qtext = mysql_result($query, 0, "text"); 433 $qtime = mysql_result($query, 0, "time"); 434 $quser = mysql_result($query, 0, "user"); 435 $qsticky = mysql_result($query, 0, "sticky"); 436 if($qsticky == 1) $newsticky = "0"; 437 else $newsticky = "1"; 438 $table_def = "'', '$m', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$newsticky'"; 439 if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1; 440 441 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 442 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 443 } 444 else { 445 echo "<a href=\"blogs.php?f=$f&s=a\">$txt_addmsg</a> $split <a href=\"blogs.php?f=$f&s=e\">$txt_blogsetup</a><br><img src=\"../gfx/blank.gif\" width=1 height=6><br> 446 447 <table border=0 cellspacing=1 cellpadding=2 class=filebg><tr><td class=filelist><i>$txt_entrytitle</td><td class=filelist> </td></tr>"; 448 449 if(!isset($txt_sticky)) $txt_sticky = "Sticky"; 450 if(!isset($txt_sticky)) $txt_remsticky = "Remove sticky"; 451 452 $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC"); 453 for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) { 454 $post[$i] = mysql_result($query, $i, "postid"); 455 $sticky[$i] = mysql_result($query, $i, "sticky"); 456 $commq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' and postid='$post[$i]'"); 457 $title = mysql_result($query, $i, "title"); 458 $id = mysql_result($query, $i, "postid"); 459 $theuser[$i] = mysql_result($query, $i, "user"); 460 if($theuser[$i] == $logincookie[user] || $adminuser == "1") { 461 echo "<tr><td class=filelist>$title} </td><td class=filelist><a href=\"blogs.php?f=$f&s=m&m=$id\">$txt_editmsg</a> $split "; 462 if(mysql_num_rows($commq) > 0) echo "<a href=\"blogs.php?f=$f&s=c&m=$id\">$txt_editcomm</a> $split "; 463 if($sticky[$i] == 1) echo "<a href=\"blogs.php?f=$f&s=s&m=$id\">$txt_remsticky</a> $split "; 464 else echo "<a href=\"blogs.php?f=$f&s=s&m=$id\">$txt_sticky</a> $split "; 465 if($i != mysql_num_rows($query)- 1) echo "<a href=\"blogs.php?f=$f&s=up&m=$id\">$txt_moveup</a> $split "; 466 else echo "<i>$txt_moveup</i> $split "; 467 if($i != 0) echo "<a href=\"blogs.php?f=$f&s=dn&m=$id\">$txt_movedn</a> $split "; 468 else echo "<i>$txt_movedn</i> $split "; 469 470 echo "<a href=\"blogs.php?f=$f&s=d&m=$id\">$txt_delete</a></td></tr>"; 471 } 472 } 473 if($entries == 1 && !isset($entrytitle[0])) echo "<tr><td colspan=2 align=center class=filelist><i>$txt_empty</i></td></tr>"; 474 echo "</table>"; 475 } 476 } 477 478 else { 479 $query = mysql_query("SELECT * FROM $table_prefix}blogdetails WHERE name='$f'"); 480 if(mysql_num_rows($query) > 0) { 481 $blogtitle = mysql_result($query, 0, "title"); 482 $accept = mysql_result($query, 0, "comments"); 483 $showuser = mysql_result($query, 0, "showuser"); 484 $showtime = mysql_result($query, 0, "showtime"); 485 $perma = mysql_result($query, 0, "perma"); 486 $smile = mysql_result($query, 0, "smile"); 487 $swear = mysql_result($query, 0, "swear"); 488 $blogshow = mysql_result($query, 0, "blogshow"); 489 $newsshow = mysql_result($query, 0, "newsshow"); 490 } 491 492 if(isset($newblogtitle)) { 493 $newblogtitle = stripslashes($newblogtitle); 494 $newblogtitle = str_replace("'", "\'", $newblogtitle); 495 $newblogtitle = str_replace('"', '"', $newblogtitle); 496 497 $table_def = "'', '$f', '$newblogtitle', '$newaccept', '$newshowuser', '$newshowtime', '$newperma', '$newsmile', '$newswear', '$newblogshow', '$newnewsshow'"; 498 if(!mysql_query("REPLACE INTO $table_prefix}blogdetails VALUES($table_def)")) $err = 1; 499 500 if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 501 else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home"; 502 503 } 504 else { 505 if(!isset($txt_permaon)) $txt_permaon = "Enable permalinks?"; 506 if(!isset($txt_smile)) $txt_smile = "Enable smileys?"; 507 if(!isset($txt_swear)) $txt_swear = "Enable swearword filtering?"; 508 echo "<b>$txt_blogsetup</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br> 509 <table border=0 cellspacing=1 cellpadding=2><form method=\"post\" action=\"blogs.php?f=$f&s=e\"> 510 <tr><td align=right>$txt_blogtitle:</td><td><input type=text name=newblogtitle value=\"$blogtitle\"></td></tr> 511 <tr><td align=right>$txt_accept</td><td><input type=radio name=newaccept value=1"; 512 if($accept == 1 || !isset($accept)) echo " CHECKED"; 513 echo "> $txt_yes <input type=radio name=newaccept value=0"; 514 if($accept == "0") echo " CHECKED"; 515 echo "> $txt_no</td></tr> 516 <tr><td align=right>$txt_showuser</td><td><input type=radio name=newshowuser value=1"; 517 if($showuser == 1 || !isset($accept)) echo " CHECKED"; 518 echo "> $txt_yes <input type=radio name=newshowuser value=0"; 519 if($showuser == "0") echo " CHECKED"; 520 echo "> $txt_no</td></tr> 521 <tr><td align=right>$txt_showtime</td><td><input type=radio name=newshowtime value=1"; 522 if($showtime == 1 || !isset($accept)) echo " CHECKED"; 523 echo "> $txt_yes <input type=radio name=newshowtime value=0"; 524 if($showtime == "0") echo " CHECKED"; 525 echo "> $txt_no</td></tr> 526 <tr><td align=right>$txt_permaon</td><td><input type=radio name=newperma value=1"; 527 if($perma == 1) echo " CHECKED"; 528 echo "> $txt_yes <input type=radio name=newperma value=0"; 529 if($perma == "0" || !isset($perma)) echo " CHECKED"; 530 echo "> $txt_no</td></tr> 531 <tr><td align=right>$txt_smile</td><td><input type=radio name=newsmile value=1"; 532 if($smile == 1 || !isset($smile)) echo " CHECKED"; 533 echo "> $txt_yes <input type=radio name=newsmile value=0"; 534 if($smile == "0") echo " CHECKED"; 535 echo "> $txt_no</td></tr> 536 <tr><td align=right>$txt_swear</td><td><input type=radio name=newswear value=1"; 537 if($swear == 1 || !isset($swear)) echo " CHECKED"; 538 echo "> $txt_yes <input type=radio name=newswear value=0"; 539 if($swear == "0") echo " CHECKED"; 540 echo "> $txt_no</td></tr> 541 <tr><td align=right>$txt_blogperpage:</td><td><select name=newblogshow>"; 542 if(empty($blogshow)) $blogshow = $blogperpage; 543 if(empty($newsshow)) $newsshow = $newsperpage; 544 for($i = 1; $i <= 20; $i++) { 545 echo "<option value=$i"; 546 if($i == $blogshow) echo " SELECTED"; 547 echo ">$i</option>"; 548 } 549 echo "</select></td></tr> 550 <tr><td align=right>$txt_newsperpage:</td><td><select name=newnewsshow>"; 551 for($i = 1; $i <= 20; $i++) { 552 echo "<option value=$i"; 553 if($i == $newsshow) echo " SELECTED"; 554 echo ">$i</option>"; 555 } 556 echo "</select></td></tr> 557 <tr><td colspan=2 align=center><input type=submit value=\"$txt_save\"></td></tr> 558 </form></table>"; 559 } 560 } 561 } 562 else echo "<b>$txt_error</b><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home<p>"; 563 } 564 else { 565 echo "$title_content_files</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>"; 566 $query = mysql_query("SELECT * FROM $table_prefix}blogdetails ORDER BY name ASC"); 567 568 echo "<table border=0 cellspacing=1 cellpadding=2 class=filebg><tr><td class=filelist width=50%><i>$txt_filename</td><td class=filelist width=20%><i>$txt_entries</td></tr>"; 569 570 for($i = 0; $i < mysql_num_rows($query); $i++) { 571 $file = mysql_result($query, $i, "name"); 572 if(($blogacc == "b" && !stristr($blogs, $file)) || ($blogacc == "a" && stristr($blogs, $file))) $filename[] = $file; 573 } 574 575 if(count($filename) > 0) { 576 for($i = 0; $i < count($filename); $i++) { 577 $entryq = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$filename[$i]'"); 578 $entries = mysql_num_rows($entryq); 579 echo "<tr><td class=filelist><a href=\"blogs.php?f=$filename[$i]\">$filename[$i]</a></td><td class=filelist>$entries</td></tr>"; 580 } 581 } 582 else echo "<tr><td colspan=3 class=filelist align=center><i>$txt_empty</i></td></tr>"; 583 echo "</table>"; 584 585 if($createblog == 1) { 586 587 echo "<img src=\"../gfx/blank.gif\" width=1 height=6><br> 588 <table border=0 cellspacing=0 cellpadding=0><form method=get action=\"blogs.php\"><tr><td>$txt_create: <input type=text name=f> <input type=submit value=\"$txt_create\"></td></tr></form></table>"; 589 590 } 591 592 echo "<p><a href=\"comments.php\">$txt_editcomm</a> | <a href=\"blogs.php?edit=cat\">$txt_editcats</a>"; 593 } 594 } 595 } 596 else echo "<b>$txt_error</b><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home<p>"; 597 $tempfilename = "../code/templates/$template}_f.php"; 598 $handle = fopen($tempfilename, "r"); 599 $temp = fread($handle, filesize ($tempfilename)); 600 fclose($handle); 601 parsetemplate($temp, $menucode, $thispagetitle, $pagetitle); 602 } 603 else echo "<b>$txt_error</b><br>$txt_tempnofound<p>"; 604 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |