[ PHPXref.com ] [ Generated: Sun Jul 20 19:57:11 2008 ] [ PHP-Update 2.7 ]
[ Index ]     [ Variables ]     [ Functions ]     [ Classes ]     [ Constants ]     [ Statistics ]

title

Body

[close]

/admin/ -> blogs.php (source)

   1  <?
   2  extract($HTTP_POST_VARS); 
   3  extract($HTTP_GET_VARS); 
   4  extract($HTTP_COOKIE_VARS); 
   5  $adminsect = 1;
   6  include  "protection.php";
   7  if(file_exists("languages/$language.php")) include "languages/$language.php";
   8  else {
   9  echo "<b>Critical error</b><br>Language file <i>$language</i> could not be found.<p>";
  10  exit;
  11  }
  12  if(!isset($txt_editcats)) $txt_editcats = "Edit categories";
  13  if(!isset($txt_entercats)) $txt_entercats = "Enter categories in the box below - one category per line:";
  14  $pagetitle = "$sitetitle $split $title_blogs";
  15  $thispagetitle = "$title_blogs";
  16  if(file_exists("../code/templates/$template}_h.php") && file_exists("../code/templates/$template}_f.php")) {
  17  $tempfilename = "../code/templates/$template}_h.php";
  18  $handle = fopen($tempfilename, "r");
  19  $temp = fread($handle, filesize ($tempfilename));
  20  fclose($handle);
  21  include  "../code/menucode.php";
  22  include  "../code/parsetemplate.php";
  23  parsetemplate($temp, $menucode, $thispagetitle, $pagetitle);
  24  if($rights[2] == "1") {
  25  echo "<b>$title_blogs $split ";
  26  
  27  if($edit == "cat") {
  28  echo "$txt_editcats</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>";
  29  
  30  if(isset($newcats)) {
  31  $catsarr = explode("\n", $newcats);
  32  if(!mysql_query("DELETE FROM $table_prefix}categories")) die(sql_error());
  33  
  34  for($i = 0; $i < count($catsarr); $i++) {
  35  if(!empty($catsarr[$i])) {
  36  $cats = "'', '$catsarr[$i]'";
  37  if(!mysql_query("INSERT INTO $table_prefix}categories VALUES ($cats)")) $err = 1;
  38  }
  39  }
  40  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  41  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  42  
  43  
  44  }
  45  else {
  46  echo "$txt_entercats<br>
  47  <form method=\"post\" action=\"blogs.php?edit=cat\">
  48  <textarea name=\"newcats\" cols=\"40\" rows=\"10\">";
  49  $catsq = mysql_query("SELECT category FROM $table_prefix}categories ORDER BY autono ASC");
  50  for($i = 0; $i < mysql_num_rows($catsq); $i++) {
  51  echo mysql_result($catsq, $i, category);
  52  echo "\n";
  53  }
  54  echo "</textarea><br>
  55  <input type=\"submit\" value=\"$txt_save\"/>
  56  </form>";
  57  }
  58  }
  59  else {
  60  
  61  if(isset($f)) {
  62  echo "$f</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>";
  63  $query = mysql_query("SELECT * FROM $table_prefix}blogdetails WHERE name='$f'");
  64  $set = mysql_num_rows($query);
  65  if(($set != "1" && $createblog != "1") || ($blogacc == "b" && stristr($blogs, "$f")) || ($blogacc == "a" && !stristr($blogs, "$f"))) $err = 1;
  66  if($err != "1") {
  67  
  68  if($set == 1 && $s != "e") {
  69  
  70  if($s == "c") {
  71  $query = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m' ORDER BY autono ASC");
  72  
  73  echo "<b>$txt_editcomm</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>";
  74  if(isset($c)) {
  75  
  76  if($a == "d") {
  77  
  78  if(!mysql_query("DELETE FROM $table_prefix}comments WHERE autono='$c'")) $err = 1;
  79  
  80  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  81  else echo "$txt_commgone<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  82  
  83  }
  84  else {
  85  
  86  if(isset($commmsg)) {
  87  $cquery = mysql_query("SELECT * FROM $table_prefix}comments WHERE autono='$c'");
  88  $ip = mysql_result($cquery, 0, "ip");
  89  $time = mysql_result($cquery, 0, "timestamp");
  90  
  91  $table_def = "'$c', '$f', '$m', '$commname', '$commmsg', '$ip', '$time'";
  92  if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1;
  93  
  94  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  95  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
  96  
  97  }
  98  else {
  99  $cquery = mysql_query("SELECT * FROM $table_prefix}comments WHERE autono='$c'");
 100  $name[$c] = mysql_result($cquery, 0, "name");
 101  $name[$c] = str_replace("\"", "&quot;", $name[$c]);
 102  $name[$c] = str_replace("<", "&lt;", $name[$c]);
 103  $name[$c] = str_replace(">", "&gt;", $name[$c]);
 104  $thecomm = mysql_result($cquery, 0, "message");
 105  $thecomm = str_replace("<", "&lt;", $thecomm);
 106  $thecomm = str_replace(">", "&gt;", $thecomm);
 107  
 108  echo "<head>
 109       <script language=\"javascript\">
 110       function storeCaret (textEl) {
 111         if (textEl.createTextRange) 
 112           textEl.caretPos = document.selection.createRange().duplicate();
 113       }
 114       function insertAtCaret (textEl, text) {
 115         if (textEl.createTextRange && textEl.caretPos) {
 116           var caretPos = textEl.caretPos;
 117           caretPos.text =
 118             caretPos.text.charAt(caretPos.text.length - 1) == ' ' ?
 119               text + ' ' : text;
 120         }
 121         else
 122           textEl.value  = text;
 123       }
 124  
 125  function smiley (smileycode) {
 126  insertAtCaret(msgform.commmsg, smileycode);
 127  msgform.commmsg.focus();
 128  }
 129  </script>
 130  </head>";
 131  echo "<table border=0 cellspacing=1 cellpadding=2><form method=post name=\"msgform\" action=\"blogs.php?f=$f&s=$s&m=$m&c=$c\">
 132  <tr><td align=right>$txt_name:</td><td><input type=text name=commname value=\"$name[$c]\"></td></tr>
 133  <tr><td align=right valign=top>$txt_message:</td><td><textarea name=commmsg rows=15 cols=50 onselect=\"storeCaret(this);\" onclick=\"storeCaret(this);\" onkeyup=\"storeCaret(this);\" ondblclick=\"storeCaret(this);\">$thecomm</textarea></td>
 134  <td valign=\"top\"><a href=\"javascript:smiley(':) ');\"><img src=\"../gfx/smileys/smile.gif\" border=0 alt=\":)\"></a> 
 135  <a href=\"javascript:smiley(':( ');\"><img src=\"../gfx/smileys/sad.gif\" border=0 alt=\":(\"></a> 
 136  <a href=\"javascript:smiley(';) ');\"><img src=\"../gfx/smileys/wink.gif\" border=0 alt=\";)\"></a> 
 137  <a href=\"javascript:smiley(':\'( ');\"><img src=\"../gfx/smileys/cry.gif\" border=0 alt=\":'(\"></a><br>
 138  <a href=\"javascript:smiley(':D ');\"><img src=\"../gfx/smileys/grin.gif\" border=0 alt=\":D\"></a> 
 139  <a href=\"javascript:smiley(':P ');\"><img src=\"../gfx/smileys/tongue.gif\" border=0 alt=\":P\"></a> 
 140  <a href=\"javascript:smiley(':S ');\"><img src=\"../gfx/smileys/confused.gif\" border=0 alt=\":S\"></a> 
 141  <a href=\"javascript:smiley('8) ');\"><img src=\"../gfx/smileys/cool.gif\" border=0 alt=\"8)\"></a><br>
 142  <a href=\"javascript:smiley(':$ ');\"><img src=\"../gfx/smileys/blush.gif\" border=0 alt=\":$\"></a> 
 143  <a href=\"javascript:smiley(':| ');\"><img src=\"../gfx/smileys/line.gif\" border=0 alt=\":|\"></a> 
 144  <a href=\"javascript:smiley(':@ ');\"><img src=\"../gfx/smileys/angry.gif\" border=0 alt=\":@\"></a> 
 145  <a href=\"javascript:smiley(':O ');\"><img src=\"../gfx/smileys/shock.gif\" border=0 alt=\":O\"></a>
 146  </td></tr>
 147  <tr><td align=center colspan=2><input type=submit value=\"$txt_editcomm\"></td></tr>
 148  </form></table>
 149  
 150  $title_content_files: <a href=\"javascript:window.open('files.php?s=files','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">files/</a> $split <a href=\"javascript:window.open('files.php?s=gfx','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">gfx/</a>";
 151  }
 152  }
 153  }
 154  else {
 155  
 156  echo "<table border=0 cellspacing=1 cellpadding=2 class=filebg>
 157  <tr><td class=filelist width=20%><i>$txt_name</i></td><td class=filelist width=45%><i>$txt_message</i></td><td class=filelist width=15%><i>$txt_ip</i></td><td class=filelist width=20% colspan=2>&nbsp;</td></tr>";
 158  for($i = 0; $i < mysql_num_rows($query); $i++) {
 159  $entries = 1;
 160  $autono[$i] = mysql_result($query, $i, "autono");
 161  $name[$i] = mysql_result($query, $i, "name");
 162  $comment[$i] = mysql_result($query, $i, "message");
 163  $ip[$i] = mysql_result($query, $i, "ip");
 164  $comment[$i] = str_replace("\n", "<br>", $comment[$i]);
 165  echo "<tr><td align=right valign=top class=filelist>$name[$i]:</td><td class=filelist>$comment[$i]</td><td valign=top class=filelist>$ip[$i]</td><td valign=top class=filelist><a href=\"blogs.php?f=$f&s=c&m=$m&c=$autono[$i]\">$txt_edit</a></td><td valign=top class=filelist><a href=\"blogs.php?f=$f&s=c&m=$m&c=$autono[$i]&a=d\">$txt_delete</a></td></tr>";
 166  }
 167  if(!isset($entries)) echo "<tr><td colspan=5 align=center class=filelist><i>$txt_empty</i></td></tr>";
 168  echo "</table>";
 169  }
 170  }
 171  elseif($s == "d") {
 172  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'");
 173  $theuser = mysql_result($query, 0, "user");
 174  if($theuser == $logincookie[user] || $adminuser == "1") {
 175  if(isset($con)) {
 176  if(!mysql_query("DELETE FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'")) $err = 1;
 177  
 178  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 179  else echo "<b>$txt_delete</b><br>$txt_gone<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 180  
 181  }
 182  else {
 183  echo "<b>$txt_confirm</b><br><a href=\"blogs.php?f=$f&s=d&m=$m&con=1\">$txt_confdel</a>";
 184  }
 185  }
 186  else echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 187  }
 188  
 189  elseif($s == "a" || $s == "m") {
 190  
 191  if(isset($newmessage)) {
 192  if(empty($nusticky)) $nusticky = "0";
 193  
 194  if($s == "a") {
 195  $prev = mysql_query("SELECT postid FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid DESC");
 196  $last = mysql_result($prev, 0, 0);
 197  $id = $last + 1;
 198  $table_def = "'', '$id', '$f', '$newentrytitle', '$newmessage', now(), '$logincookie[user]', '$nusticky', '$newcategory'";
 199  if(!mysql_query("INSERT INTO $table_prefix}blogs VALUES($table_def)")) die(sql_error());
 200  
 201  }
 202  elseif($s == "m") {
 203  if($logincookie[user] == $theuser[$m] || $adminuser == 1) {
 204  
 205  $table_def = "'', '$m', '$f', '$newentrytitle', '$newmessage', '$qtime', '$logincookie[user]', '$nusticky', '$newcategory'";
 206  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 207  
 208  }
 209  else $err = 1;
 210  }
 211  
 212  $mailsubject = "$sitetitle $split $newentrytitle";
 213  $mailmessage = "$newmessage\n\n-----\n$rooturl";
 214  
 215  if(!isset($txt_mailingsent)) $txt_mailingsent = "A copy of the post has also been sent to your mailing list.";
 216  
 217  if($mailout == 1) {
 218  $query = mysql_query("SELECT email FROM $table_prefix}mailing WHERE confirm='1'");
 219  for($i = 0; $i < mysql_num_rows($query); $i++) {
 220  $email = mysql_result($query, $i, 0);
 221  $listaddresses .= "$email, ";
 222  }
 223  if(!@mail($siteemail, $mailsubject, $mailmessage, "From: $siteemail\r\nBcc: $listaddresses")) $mailerr = 1;
 224  }
 225  
 226  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 227  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_blogchanged<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 228  if($mailout == 1 && $mailerr != 1) echo "<p>$txt_mailingsent<p>";
 229  
 230  }
 231  else {
 232  if($s == "m") {
 233  if($logincookie[user] == $theuser[$m] || $adminuser == "1") {
 234  $current = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'");
 235  $entrytitle = mysql_result($current, 0, "title");
 236  $entrytitle = str_replace("\"", "&quot;", $entrytitle);
 237  $category = mysql_result($current, 0, "category");
 238  $category = str_replace("\"", "&quot;", $category);
 239  $message = mysql_result($current, 0, "text");
 240  $message = str_replace("<", "&lt;", $message);
 241  $message = str_replace(">", "&gt;", $message);
 242  $qtime = mysql_result($current, 0, "time");
 243  $sticky = mysql_result($current, 0, "sticky");
 244  }
 245  else $err = 1;
 246  }
 247  if(!isset($m)) $m = "new";
 248  if($s == "a") $entrytitle = "";
 249  if($err != 1) {
 250  echo "<head>
 251       <script language=\"javascript\">
 252       function storeCaret (textEl) {
 253         if (textEl.createTextRange) 
 254           textEl.caretPos = document.selection.createRange().duplicate();
 255       }
 256       function insertAtCaret (textEl, text) {
 257         if (textEl.createTextRange && textEl.caretPos) {
 258           var caretPos = textEl.caretPos;
 259           caretPos.text =
 260             caretPos.text.charAt(caretPos.text.length - 1) == ' ' ?
 261               text + ' ' : text;
 262         }
 263         else
 264           textEl.value  = text;
 265       }
 266  
 267  function smiley (smileycode) {
 268  insertAtCaret(msgform.newmessage, smileycode);
 269  msgform.newmessage.focus();
 270  }
 271  </script>
 272  </head>";
 273  if(!isset($txt_mailingsend)) $txt_mailingsend = "Send to mailing list?";
 274  if(!isset($txt_category)) $txt_category = "Category";
 275  if($s == "a") echo "<b>$txt_addmsg</b><br>";
 276  else echo "<b>$txt_editmsg</b><br>";
 277  echo "<img src=\"../gfx/blank.gif\" width=1 height=6><br>
 278  <table border=0 cellspacing=1 cellpadding=2><form method=post name=\"msgform\" action=\"blogs.php?f=$f&s=$s&m=$m\">
 279  <tr><td align=right>$txt_entrytitle:</td><td><input type=text name=newentrytitle value=\"$entrytitle\"></td></tr>";
 280  if($usecats == 1) {
 281  echo "<tr><td align=right>Category:</td><td><select name=newcategory>";
 282  $catsq = mysql_query("SELECT * FROM $table_prefix}categories ORDER BY autono ASC");
 283  for($i = 0; $i < mysql_num_rows($catsq); $i++) {
 284  $cats[$i] = mysql_result($catsq, $i, "category");
 285  
 286  echo "<option value=\"$cats[$i]\"";
 287  if($cats[$i] == $category) echo " selected=\"selected\"";
 288  echo ">$cats[$i]</option>";
 289  }
 290  
 291  echo "</select></td></tr>";
 292  }
 293  echo "<tr><td align=right valign=top>$txt_message:</td><td><textarea name=newmessage cols=50 rows=15 onselect=\"storeCaret(this);\" onclick=\"storeCaret(this);\" onkeyup=\"storeCaret(this);\" ondblclick=\"storeCaret(this);\">$message</textarea></td>
 294  <td valign=\"top\"><a href=\"javascript:smiley(':) ');\"><img src=\"../gfx/smileys/smile.gif\" border=0 alt=\":)\"></a> 
 295  <a href=\"javascript:smiley(':( ');\"><img src=\"../gfx/smileys/sad.gif\" border=0 alt=\":(\"></a> 
 296  <a href=\"javascript:smiley(';) ');\"><img src=\"../gfx/smileys/wink.gif\" border=0 alt=\";)\"></a> 
 297  <a href=\"javascript:smiley(':\'( ');\"><img src=\"../gfx/smileys/cry.gif\" border=0 alt=\":'(\"></a><br>
 298  <a href=\"javascript:smiley(':D ');\"><img src=\"../gfx/smileys/grin.gif\" border=0 alt=\":D\"></a> 
 299  <a href=\"javascript:smiley(':P ');\"><img src=\"../gfx/smileys/tongue.gif\" border=0 alt=\":P\"></a> 
 300  <a href=\"javascript:smiley(':S ');\"><img src=\"../gfx/smileys/confused.gif\" border=0 alt=\":S\"></a> 
 301  <a href=\"javascript:smiley('8) ');\"><img src=\"../gfx/smileys/cool.gif\" border=0 alt=\"8)\"></a><br>
 302  <a href=\"javascript:smiley(':$ ');\"><img src=\"../gfx/smileys/blush.gif\" border=0 alt=\":$\"></a> 
 303  <a href=\"javascript:smiley(':| ');\"><img src=\"../gfx/smileys/line.gif\" border=0 alt=\":|\"></a> 
 304  <a href=\"javascript:smiley(':@ ');\"><img src=\"../gfx/smileys/angry.gif\" border=0 alt=\":@\"></a> 
 305  <a href=\"javascript:smiley(':O ');\"><img src=\"../gfx/smileys/shock.gif\" border=0 alt=\":O\"></a>
 306  </td></tr>\n";
 307  if($s == "a") echo "<tr><td align=\"right\">$txt_mailingsend</td><td><input type=checkbox name=\"mailout\" value=\"1\"></td></tr>\n";
 308  echo "<tr><td align=\"right\">$txt_sticky</td><td><input type=\"checkbox\" name=\"nusticky\" value=\"1\"";
 309  if($sticky == "1") echo " CHECKED";
 310  echo "></td></tr>\n
 311  <tr><td align=center colspan=2><input type=submit value=\"$txt_save\"></td></tr>
 312  <input type=\"hidden\" name=\"qtime\" value=\"$qtime\"></form></table>
 313  
 314  $title_content_files: <a href=\"javascript:window.open('files.php?s=files','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">files/</a> $split <a href=\"javascript:window.open('files.php?s=gfx','','status=no,width=300,height=400,left=20,top=20,scrollbars=yes');void('w');\">gfx/</a>";
 315  }
 316  else echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 317  }
 318  }
 319  elseif($s == "up") {
 320  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'");
 321  $qtitle = mysql_result($query, 0, "title");
 322  $qtext = mysql_result($query, 0, "text");
 323  $qtime = mysql_result($query, 0, "time");
 324  $quser = mysql_result($query, 0, "user");
 325  $qsticky = mysql_result($query, 0, "sticky");
 326  
 327  unset($cur);
 328  unset($set);
 329  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC");
 330  for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) {
 331  $cur = mysql_result($query, $i, "postid");
 332  if($set == 1 && !isset($next)) $next = $cur;
 333  if($cur == $m) $set = 1;
 334  if(!isset($set)) $prev = $cur;
 335  }
 336  
 337  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$prev'");
 338  $qtitle2 = mysql_result($query, 0, "title");
 339  $qtext2 = mysql_result($query, 0, "text");
 340  $qtime2 = mysql_result($query, 0, "time");
 341  $quser2 = mysql_result($query, 0, "user");
 342  $qsticky2 = mysql_result($query, 0, "sticky");
 343  
 344  
 345  $table_def = "'', '$prev', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$qsticky'";
 346  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 347  $table_def = "'', '$m', '$f', '$qtitle2', '$qtext2', '$qtime2', '$quser2', '$qsticky2'";
 348  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 349  
 350  $commsmoveq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m'");
 351  $commsmoveq2 = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$prev'");
 352  for($i = 0; $i < mysql_num_rows($commsmoveq); $i++) {
 353  $name[$i] = mysql_result($commsmoveq, $i, "name");
 354  $message[$i] = mysql_result($commsmoveq, $i, "message");
 355  $ip[$i] = mysql_result($commsmoveq, $i, "ip");
 356  $timestamp[$i] = mysql_result($commsmoveq, $i, "timestamp");
 357  
 358  $table_def = "'', '$f', '$prev', '$name[$i]', '$message[$i]', '$ip[$i]', '$timestamp[$i]'";
 359  if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1;
 360  }
 361  for($i = 0; $i < mysql_num_rows($commsmoveq2); $i++) {
 362  $name2[$i] = mysql_result($commsmoveq, $i, "name");
 363  $message2[$i] = mysql_result($commsmoveq, $i, "message");
 364  $ip2[$i] = mysql_result($commsmoveq, $i, "ip");
 365  $timestamp2[$i] = mysql_result($commsmoveq, $i, "timestamp");
 366  
 367  $table_def2 = "'', '$f', '$m', '$name2[$i]', '$message2[$i]', '$ip2[$i]', '$timestamp2[$i]'";
 368  if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def2)")) $err = 1;
 369  }
 370  
 371  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 372  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 373  }
 374  elseif($s == "dn") {
 375  
 376  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'");
 377  $qtitle = mysql_result($query, 0, "title");
 378  $qtext = mysql_result($query, 0, "text");
 379  $qtime = mysql_result($query, 0, "time");
 380  $quser = mysql_result($query, 0, "user");
 381  $qsticky = mysql_result($query, 0, "sticky");
 382  
 383  unset($cur);
 384  unset($set);
 385  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC");
 386  for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) {
 387  $cur = mysql_result($query, $i, "postid");
 388  if($set == 1 && !isset($next)) $next = $cur;
 389  if($cur == $m) $set = 1;
 390  if(!isset($set)) $prev = $cur;
 391  }
 392  
 393  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$next'");
 394  $qtitle2 = mysql_result($query, 0, "title");
 395  $qtext2 = mysql_result($query, 0, "text");
 396  $qtime2 = mysql_result($query, 0, "time");
 397  $quser2 = mysql_result($query, 0, "user");
 398  $qsticky2 = mysql_result($query, 0, "sticky");
 399  
 400  $table_def = "'', '$next', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$qsticky'";
 401  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 402  $table_def = "'', '$m', '$f', '$qtitle2', '$qtext2', '$qtime2', '$quser2', '$qsticky2'";
 403  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 404  
 405  $commsmoveq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$m'");
 406  $commsmoveq2 = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' AND postid='$next'");
 407  for($i = 0; $i < mysql_num_rows($commsmoveq); $i++) {
 408  $name[$i] = mysql_result($commsmoveq, $i, "name");
 409  $message[$i] = mysql_result($commsmoveq, $i, "message");
 410  $ip[$i] = mysql_result($commsmoveq, $i, "ip");
 411  $timestamp[$i] = mysql_result($commsmoveq, $i, "timestamp");
 412  
 413  $table_def = "'', '$f', '$next', '$name[$i]', '$message[$i]', '$ip[$i]', '$timestamp[$i]'";
 414  if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def)")) $err = 1;
 415  }
 416  for($i = 0; $i < mysql_num_rows($commsmoveq2); $i++) {
 417  $name2[$i] = mysql_result($commsmoveq, $i, "name");
 418  $message2[$i] = mysql_result($commsmoveq, $i, "message");
 419  $ip2[$i] = mysql_result($commsmoveq, $i, "ip");
 420  $timestamp2[$i] = mysql_result($commsmoveq, $i, "timestamp");
 421  
 422  $table_def2 = "'', '$f', '$m', '$name2[$i]', '$message2[$i]', '$ip2[$i]', '$timestamp2[$i]'";
 423  if(!mysql_query("REPLACE INTO $table_prefix}comments VALUES($table_def2)")) $err = 1;
 424  }
 425  
 426  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 427  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 428  }
 429  elseif($s == "s") {
 430  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' AND postid='$m'");
 431  $qtitle = mysql_result($query, 0, "title");
 432  $qtext = mysql_result($query, 0, "text");
 433  $qtime = mysql_result($query, 0, "time");
 434  $quser = mysql_result($query, 0, "user");
 435  $qsticky = mysql_result($query, 0, "sticky");
 436  if($qsticky == 1) $newsticky = "0";
 437  else $newsticky = "1";
 438  $table_def = "'', '$m', '$f', '$qtitle', '$qtext', '$qtime', '$quser', '$newsticky'";
 439  if(!mysql_query("REPLACE INTO $table_prefix}blogs VALUES($table_def)")) $err = 1;
 440  
 441  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 442  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 443  }
 444  else {
 445  echo "<a href=\"blogs.php?f=$f&s=a\">$txt_addmsg</a> $split <a href=\"blogs.php?f=$f&s=e\">$txt_blogsetup</a><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>
 446  
 447  <table border=0 cellspacing=1 cellpadding=2 class=filebg><tr><td class=filelist><i>$txt_entrytitle</td><td class=filelist>&nbsp;</td></tr>";
 448  
 449  if(!isset($txt_sticky)) $txt_sticky = "Sticky";
 450  if(!isset($txt_sticky)) $txt_remsticky = "Remove sticky";
 451  
 452  $query = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$f' ORDER BY postid ASC");
 453  for($i = mysql_num_rows($query) - 1; $i >= 0; $i = $i - 1) {
 454  $post[$i] = mysql_result($query, $i, "postid");
 455  $sticky[$i] = mysql_result($query, $i, "sticky");
 456  $commq = mysql_query("SELECT * FROM $table_prefix}comments WHERE blogid='$f' and postid='$post[$i]'");
 457  $title = mysql_result($query, $i, "title");
 458  $id = mysql_result($query, $i, "postid");
 459  $theuser[$i] = mysql_result($query, $i, "user");
 460  if($theuser[$i] == $logincookie[user] || $adminuser == "1") {
 461  echo "<tr><td class=filelist>$title}&nbsp;</td><td class=filelist><a href=\"blogs.php?f=$f&s=m&m=$id\">$txt_editmsg</a> $split ";
 462  if(mysql_num_rows($commq) > 0) echo "<a href=\"blogs.php?f=$f&s=c&m=$id\">$txt_editcomm</a> $split ";
 463  if($sticky[$i] == 1) echo "<a href=\"blogs.php?f=$f&s=s&m=$id\">$txt_remsticky</a> $split ";
 464  else echo "<a href=\"blogs.php?f=$f&s=s&m=$id\">$txt_sticky</a> $split ";
 465  if($i != mysql_num_rows($query)- 1) echo "<a href=\"blogs.php?f=$f&s=up&m=$id\">$txt_moveup</a> $split ";
 466  else echo "<i>$txt_moveup</i> $split ";
 467  if($i != 0) echo "<a href=\"blogs.php?f=$f&s=dn&m=$id\">$txt_movedn</a> $split ";
 468  else echo "<i>$txt_movedn</i> $split ";
 469  
 470  echo "<a href=\"blogs.php?f=$f&s=d&m=$id\">$txt_delete</a></td></tr>";
 471  }
 472  }
 473  if($entries == 1 && !isset($entrytitle[0])) echo "<tr><td colspan=2 align=center class=filelist><i>$txt_empty</i></td></tr>";
 474  echo "</table>";
 475  }
 476  }
 477  
 478  else {
 479  $query = mysql_query("SELECT * FROM $table_prefix}blogdetails WHERE name='$f'");
 480  if(mysql_num_rows($query) > 0) {
 481  $blogtitle = mysql_result($query, 0, "title");
 482  $accept = mysql_result($query, 0, "comments");
 483  $showuser = mysql_result($query, 0, "showuser");
 484  $showtime = mysql_result($query, 0, "showtime");
 485  $perma = mysql_result($query, 0, "perma");
 486  $smile = mysql_result($query, 0, "smile");
 487  $swear = mysql_result($query, 0, "swear");
 488  $blogshow = mysql_result($query, 0, "blogshow");
 489  $newsshow = mysql_result($query, 0, "newsshow");
 490  }
 491  
 492  if(isset($newblogtitle)) {
 493  $newblogtitle = stripslashes($newblogtitle);
 494  $newblogtitle = str_replace("'", "\'", $newblogtitle);
 495  $newblogtitle = str_replace('"', '&quot;', $newblogtitle);
 496  
 497  $table_def = "'', '$f', '$newblogtitle', '$newaccept', '$newshowuser', '$newshowtime', '$newperma', '$newsmile', '$newswear', '$newblogshow', '$newnewsshow'";
 498  if(!mysql_query("REPLACE INTO $table_prefix}blogdetails VALUES($table_def)")) $err = 1;
 499  
 500  if($err == 1) echo "<b>$txt_error</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_noaccess<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 501  else echo "$txt_saved<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home";
 502  
 503  }
 504  else {
 505  if(!isset($txt_permaon)) $txt_permaon = "Enable permalinks?";
 506  if(!isset($txt_smile)) $txt_smile = "Enable smileys?";
 507  if(!isset($txt_swear)) $txt_swear = "Enable swearword filtering?";
 508  echo "<b>$txt_blogsetup</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>
 509  <table border=0 cellspacing=1 cellpadding=2><form method=\"post\" action=\"blogs.php?f=$f&s=e\">
 510  <tr><td align=right>$txt_blogtitle:</td><td><input type=text name=newblogtitle value=\"$blogtitle\"></td></tr>
 511  <tr><td align=right>$txt_accept</td><td><input type=radio name=newaccept value=1";
 512  if($accept == 1 || !isset($accept)) echo " CHECKED";
 513  echo "> $txt_yes <input type=radio name=newaccept value=0";
 514  if($accept == "0") echo " CHECKED";
 515  echo "> $txt_no</td></tr>
 516  <tr><td align=right>$txt_showuser</td><td><input type=radio name=newshowuser value=1";
 517  if($showuser == 1 || !isset($accept)) echo " CHECKED";
 518  echo "> $txt_yes <input type=radio name=newshowuser value=0";
 519  if($showuser == "0") echo " CHECKED";
 520  echo "> $txt_no</td></tr>
 521  <tr><td align=right>$txt_showtime</td><td><input type=radio name=newshowtime value=1";
 522  if($showtime == 1 || !isset($accept)) echo " CHECKED";
 523  echo "> $txt_yes <input type=radio name=newshowtime value=0";
 524  if($showtime == "0") echo " CHECKED";
 525  echo "> $txt_no</td></tr>
 526  <tr><td align=right>$txt_permaon</td><td><input type=radio name=newperma value=1";
 527  if($perma == 1) echo " CHECKED";
 528  echo "> $txt_yes <input type=radio name=newperma value=0";
 529  if($perma == "0" || !isset($perma)) echo " CHECKED";
 530  echo "> $txt_no</td></tr>
 531  <tr><td align=right>$txt_smile</td><td><input type=radio name=newsmile value=1";
 532  if($smile == 1 || !isset($smile)) echo " CHECKED";
 533  echo "> $txt_yes <input type=radio name=newsmile value=0";
 534  if($smile == "0") echo " CHECKED";
 535  echo "> $txt_no</td></tr>
 536  <tr><td align=right>$txt_swear</td><td><input type=radio name=newswear value=1";
 537  if($swear == 1 || !isset($swear)) echo " CHECKED";
 538  echo "> $txt_yes <input type=radio name=newswear value=0";
 539  if($swear == "0") echo " CHECKED";
 540  echo "> $txt_no</td></tr>
 541  <tr><td align=right>$txt_blogperpage:</td><td><select name=newblogshow>";
 542  if(empty($blogshow)) $blogshow = $blogperpage;
 543  if(empty($newsshow)) $newsshow = $newsperpage;
 544  for($i = 1; $i <= 20; $i++) {
 545  echo "<option value=$i";
 546  if($i == $blogshow) echo " SELECTED";
 547  echo ">$i</option>";
 548  }
 549  echo "</select></td></tr>
 550  <tr><td align=right>$txt_newsperpage:</td><td><select name=newnewsshow>";
 551  for($i = 1; $i <= 20; $i++) {
 552  echo "<option value=$i";
 553  if($i == $newsshow) echo " SELECTED";
 554  echo ">$i</option>";
 555  }
 556  echo "</select></td></tr>
 557  <tr><td colspan=2 align=center><input type=submit value=\"$txt_save\"></td></tr>
 558  </form></table>";
 559  }
 560  }
 561  }
 562  else echo "<b>$txt_error</b><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home<p>";
 563  }
 564  else {
 565  echo "$title_content_files</b><br><img src=\"../gfx/blank.gif\" width=1 height=6><br>";
 566  $query = mysql_query("SELECT * FROM $table_prefix}blogdetails ORDER BY name ASC");
 567  
 568  echo "<table border=0 cellspacing=1 cellpadding=2 class=filebg><tr><td class=filelist width=50%><i>$txt_filename</td><td class=filelist width=20%><i>$txt_entries</td></tr>";
 569  
 570  for($i = 0; $i < mysql_num_rows($query); $i++) {
 571  $file = mysql_result($query, $i, "name");
 572  if(($blogacc == "b" && !stristr($blogs, $file)) || ($blogacc == "a" && stristr($blogs, $file))) $filename[] = $file;
 573  }
 574  
 575  if(count($filename) > 0) {
 576  for($i = 0; $i < count($filename); $i++) {
 577  $entryq = mysql_query("SELECT * FROM $table_prefix}blogs WHERE blog='$filename[$i]'");
 578  $entries = mysql_num_rows($entryq);
 579  echo "<tr><td class=filelist><a href=\"blogs.php?f=$filename[$i]\">$filename[$i]</a></td><td class=filelist>$entries</td></tr>";
 580  }
 581  }
 582  else echo "<tr><td colspan=3 class=filelist align=center><i>$txt_empty</i></td></tr>";
 583  echo "</table>";
 584  
 585  if($createblog == 1) {
 586  
 587  echo "<img src=\"../gfx/blank.gif\" width=1 height=6><br>
 588  <table border=0 cellspacing=0 cellpadding=0><form method=get action=\"blogs.php\"><tr><td>$txt_create: <input type=text name=f> <input type=submit value=\"$txt_create\"></td></tr></form></table>";
 589  
 590  }
 591  
 592  echo "<p><a href=\"comments.php\">$txt_editcomm</a> | <a href=\"blogs.php?edit=cat\">$txt_editcats</a>";
 593  }
 594  }
 595  }
 596  else echo "<b>$txt_error</b><br>$txt_norights<br><img src=\"../gfx/blank.gif\" width=1 height=6><br>$txt_home<p>";
 597  $tempfilename = "../code/templates/$template}_f.php";
 598  $handle = fopen($tempfilename, "r");
 599  $temp = fread($handle, filesize ($tempfilename));
 600  fclose($handle);
 601  parsetemplate($temp, $menucode, $thispagetitle, $pagetitle);
 602  }
 603  else echo "<b>$txt_error</b><br>$txt_tempnofound<p>";
 604  ?>


[ Powered by PHPXref - Served by Debian GNU/Linux ]