<?
// Copyright (C) Bloggie Lite Written by : Sean
// http://www.mywebland.com , http://mybloggie.mywebland.com
// You are requested to retain this copyright notice in order to use
// this software.
//This program is free software; you can redistribute it and/or
//modify it under the terms of the GNU General Public License
//as published by the Free Software Foundation; either version 2
//of the License, or (at your option) any later version.
//This program is distributed in the hope that it will be useful,
//but WITHOUT ANY WARRANTY; without even the implied warranty of
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
//GNU General Public License for more details.
//You should have received a copy of the GNU General Public License
//along with this program; if not, write to the Free Software
//Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
if ( !defined('IN_BLOGGIE') )
{
die("You are not allowed to access this page directly !");
}
if (!authenticate()) {
error($lang['Error'], "Request terminated due to abnormal operations");
}
if ($userlevel==1){
if ( isset($_GET['action']) ) $action = $_GET['action'];
if (isset($_GET['cat_id'])) {$cat_id = intval($_GET['cat_id']);}
elseif (isset($_POST['cat_id'])) { $cat_id = intval($_POST['cat_id']); }
if (isset($_POST["add"])) {
if (isset($_POST["cat_desc"])) {
$cat_desc = htmlspecialchars($_POST['cat_desc']);
if( !isset($cat_desc) || $cat_desc == "" || empty($cat_desc)) {
$error_flag = true;
if(isset($errormsg)){
$errormsg = $errormsg. $lang['No_Cat']."<br />" ; }
else {$errormsg = $lang['No_Cat']."<br />";}
} else { $error_flag = false; }
if ($error_flag) error( $lang['Error'], "$errormsg");
$cat_desc = htmlspecialchars($_POST["cat_desc"]) ;
$sql = "SELECT cat_desc FROM ".CAT_TBL." WHERE cat_desc='$cat_desc'";
$result = $db->sql_query($sql);
if( $db->sql_numrows($result)> 0 ) {
error( $lang['Error'], $lang['Cat_Exist'] );
} else {
$cat_desc = trim($cat_desc);
$perm_cat= str_replace(" ","-",trim(ereg_replace("[^[:space:]a-zA-Z0-9]", " ", $cat_desc)));
$perm_cat =strtolower($perm_cat);
$perm_cat = sanitize_url_subject($perm_cat);
$sql = "INSERT INTO ".CAT_TBL." SET cat_desc='$cat_desc', cat_perma='$perm_cat'";
$result = $db->sql_query($sql);
$template->assign_vars(array(
//'CAT_ID' => $cat_id,
//'CAT_DESC' => $cat_name,
'FORMHEADER' => "Edit Category",
'CAT_HEAD' => $lang['Cat_head'],
'L_CAT_NAME' => $lang['Category'],
'L_CAT_ID' => $lang['Cat_id'],
));
$template->assign_block_vars('status', array(
'STATUS' => $lang['Cat_Added'],
));
}
}
}
if (isset($action) && !isset($_POST["add"] )) {
switch ($action) {
case "del":
$sql = "SELECT cat_id FROM ".CAT_TBL." WHERE cat_id='$cat_id'";
$result = $db->sql_query($sql);
if( $db->sql_numrows($result) > 0 ){
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
echo $sql_error['message'];
} else
{
$sql = "DELETE FROM ".CAT_TBL." WHERE cat_id=$cat_id";
$result = $db->sql_query($sql);
$template->assign_block_vars('addcat', array( ));
$template->assign_block_vars('status', array(
'STATUS' => $lang['Cat_Del_Info'].$cat_id,
));
}
} else {
$template->assign_block_vars('status', array(
'STATUS' => $lang['Error_1']." -> Cat ID : ".$cat_id,
));
}
break;
case "editcat":
if (!isset($_POST["add"])) {
$sql = "SELECT cat_id, cat_desc FROM ".CAT_TBL." WHERE cat_id=".$cat_id;
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result) ;
if( $db->sql_numrows($result) < 1 ) {
error( $lang['Error'], $lang['No_Cat'] );
}
else {
if (!isset($_POST["edit"])) {
$template->assign_block_vars('editcat', array( ));
$cat_id = $row['cat_id'];
$cat_name = $row['cat_desc'] ;
$template->assign_vars(array(
'CAT_ID' => $cat_id,
'CAT_DESC' => $cat_name,
'FORMHEADER' => "Edit Category",
'CAT_HEAD' => $lang['Cat_head'],
'L_CAT_NAME' => $lang['Category'],
'L_CAT_ID' => $lang['Cat_id'],
));
} elseif (isset($_POST["edit"])) {
if (isset($_POST["cat_desc"])) { $cat_desc = htmlspecialchars($_POST["cat_desc"]) ;}
$cat_desc = trim($cat_desc);
$perm_cat= str_replace(" ","-",trim(ereg_replace("[^[:space:]a-zA-Z0-9]", " ", $cat_desc)));
$perm_cat =strtolower($perm_cat);
$perm_cat = sanitize_url_subject($perm_cat);
$sql = "UPDATE ".CAT_TBL." SET cat_desc='$cat_desc', cat_perma='$perm_cat' where cat_id='$cat_id'";
$result = $db->sql_query($sql);
$template->assign_vars(array(
//'CAT_ID' => $cat_id,
//'CAT_DESC' => $cat_name,
'FORMHEADER' => "Edit Category",
'CAT_HEAD' => $lang['Cat_head'],
'L_CAT_NAME' => $lang['Category'],
'L_CAT_ID' => $lang['Cat_id'],
));
$template->assign_block_vars('status', array(
'STATUS' => $lang['Cat_Edited']." ID #".$cat_id,
));
$template->assign_block_vars('addcat', array( ));
}
}
}
break;
default:
$template->assign_vars(array(
'VERSION_INFO' => versioncheck($pref_data['version']),
));
$template->pparse('admincontent') ; break;
}
} elseif (!isset($action)) {
$template->assign_block_vars('addcat', array( ));
}
$template->set_filenames(array(
'catform' => 'admin/catform.tpl'));
$template->assign_vars(array(
'FORMHEADER' => $lang['Add']."/".$lang['Edit']." ".$lang['Category'],
'CAT_HEAD' => $lang['Cat_head'],
'L_CAT_NAME' => $lang['Category'],
'L_CAT_ID' => $lang['Cat_id'],
'L_ACTION' => $lang['Action'],
));
$sql = "SELECT cat_id, cat_desc FROM ".CAT_TBL." ORDER BY cat_id" ;
$result = $db->sql_query($sql);
$n=0;
while ($row = $db->sql_fetchrow($result)) {
if ( $n % 2 ) { $alt_clr =" class=\"whitebg\""; } else { $alt_clr = " class=\"greybg\""; }
$cat_id = $row['cat_id'];
$cat_name = $row['cat_desc'] ;
$template->assign_block_vars('parsecat', array(
'ALT_CLR' => $alt_clr,
'CAT_ID' => $cat_id,
'CAT_NAME' => $cat_name,
'SELF_URL' => $_SERVER['PHP_SELF'],
'DEL_CONF' => $lang['Delete_Confirmation'],
'CAT_EDIT' => "<a class=\"block\" href=\"".$_SERVER['PHP_SELF']."?mode=catadmin&action=editcat&cat_id=".$cat_id."\">".$lang['Edit']."</a>",
'CAT_DEL' => $lang['Del'],
));
$n++;
}
$template->pparse('catform');
} else {
message($lang['Error'], 'You are not allowed to access to this area.');
}
?>