<?php
/*
*****************************************************************
PageManagement.php
*****************************************************************
LSP: Lunabyte Systems Portal
Open-Source Project Inspired by Zef Hemel (hide@address.com)
*****************************************************************
Software Version: LSP 2.0 "Enigma 2"
Software by: Lunabyte Systems (http://www.lunabyte.net)
Copyright 2002-2005 by: Lunabyte Systems (http://www.lunabyte.net)
Support, News, Updates at: http://www.lunabyte.net
*****************************************************************
This program is free software; you may redistribute it and/or modify it
under the terms of the provided license as published by Lunabyte Systems.
This program is distributed in the hope that it is and will be useful,
but WITHOUT ANY WARRANTIES; without even any implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the "LSP_license.txt" file for details of the LSP license.
The latest version can always be found at http://www.lunabyte.net.
*****************************************************************
*/
if (!defined('ENIGMA'))
die('<b>Access Violation</b><br />Direct Access to this location is not allowed.');
function Pagehub()
{
global $context;
isAllowedTo('manage_pages');
// Load the common admin stuff... select 'Page_Management'.
adminIndex('Page_Management');
loadPLanguage('PageManagement');
$sa = (empty($_REQUEST['sa']) && !empty($_POST['sa'])) ? $_POST['sa'] :
empty($_REQUEST['sa']) ? 'PageManagement' : $_REQUEST['sa'];
$subActions = array(
'PageManagement',
'AddPage',
'EditPage',
'EditPage2',
'DeletePage',
'delpfolder',
'delpfolder2',
'editpfolder',
'AddFolder',
'editpfolder2',
);
if (in_array($sa, $subActions))
$sa();
elseif (isset($subActions[$sa]))
$subActions[$sa]();
else
PageManagement();
unset($subActions);
}
function PageManagement()
{
global $db_prefix, $context, $scripturl, $txt;
if (!isset($context['page_title']))
$context['page_title'] = $txt['pm37'];
$sub = (int) (!isset($_REQUEST['sub']) || $_REQUEST['sub'] == '') ? '0' : $_REQUEST['sub'];
// Lets get the folders!
$folders = db_query("
SELECT id, name, isSub
FROM {$db_prefix}page_folders
WHERE (isSub='$sub')
ORDER BY name", __FILE__, __LINE__);
if (mysql_num_rows($folders) > 0)
{
while ($curr_folder = mysql_fetch_assoc($folders))
$context['curr_folder']['subs'][] = array(
'id' => $curr_folder['id'],
'name' => $curr_folder['name'],
'sub' => $curr_folder['isSub']
);
} mysql_free_result($folders);
// how about pages?
$pages = db_query("
SELECT *
FROM {$db_prefix}pages
WHERE (folder='$sub')
ORDER BY title", __FILE__, __LINE__);
if (mysql_num_rows($pages) > 0)
{
while ($curr_page = mysql_fetch_assoc($pages))
$context['curr_pages'][] = array(
'memberGroups' => permissionlist($curr_page['memberGroup']),
'stitle' => $curr_page['stitle'],
'title' => $curr_page['title'],
'id' => $curr_page['id']
);
} mysql_free_result($pages);
// building the dropdown menu list of folders
$get_folders = db_query("
SELECT id, name
FROM {$db_prefix}page_folders", __FILE__, __LINE__);
while ($folder = mysql_fetch_assoc($get_folders))
{
$selected = ($folder['id'] == $sub) ? ' selected' :'';
$context['folder_op'][] = '<option value="' . $folder['id'] . '"' . $selected . '>' . $folder['name'] . '</option>';
}
mysql_free_result($get_folders);
// If we're inside a folder structure, build the tree
$myfolder = isset($sub) ? $sub : 0;
while($myfolder > 0) {
$get_folder = db_query("
SELECT *
FROM {$db_prefix}page_folders
WHERE id = '$myfolder'
LIMIT 1",__FILE__,__LINE__);
$row = mysql_fetch_assoc($get_folder);
mysql_free_result($get_folder);
$myfolders[] = array($myfolder,$row['name']);
$myfolder = $row['isSub'];
}
// Update foldertree accordingly
if (isset($sub) && $sub > 0) {
krsort($myfolders);
while (list($key,$val) = each($myfolders)) {
$context['foldertree'][] = array(
'url' => $scripturl . '?op=PageManagement;sub=' . $val[0],
'name' => $val[1],
);
}
}
loadPTemplate('PageManagement');
$context['sub_template'] = 'page_management';
obExit();
}
function AddPage()
{
global $db_prefix, $sub, $scripturl, $context;
$add_page = db_query("
INSERT INTO {$db_prefix}pages
(title,stitle,contents,phpe,memberGroup,folder,list,yabbce)
VALUES (
'" . (!empty($_REQUEST['title']) ? $_REQUEST['title'] : '') . "',
'" . (!empty($_REQUEST['stitle']) ? $_REQUEST['stitle'] : '') . "',
'" . (!empty($_REQUEST['contents']) ? htmlspecialchars($_REQUEST['contents']) : '') . "',
'" . (!empty($_REQUEST['phpe']) ? (int) $_REQUEST['phpe'] : '') . "',
'" . (is_array($_REQUEST['pmemg']) ? implode(',',$_REQUEST['pmemg']) : '') . "',
'" . (!empty($_REQUEST['folder']) ? $_REQUEST['folder'] : '') . "',
'" . (!empty($_REQUEST['list']) ? $_REQUEST['list'] : '0') . "',
'" . (!empty($_REQUEST['yabbce']) ? $_REQUEST['yabbce'] : '') . "'
)", __FILE__, __LINE__);
if (!$add_page)
fatal_error(mysql_error());
redirectexit('op=PageManagement;sa=PageManagement;sub=' . $_REQUEST['folder']);
}
function EditPage()
{
global $db_prefix, $context, $txt, $scripturl;
$id = (int) $_REQUEST['id'];
$get_pte = db_query("
SELECT *
FROM {$db_prefix}pages
WHERE (id = '$id')", __FILE__, __LINE__);
$context['pte'] = mysql_fetch_assoc($get_pte);
mysql_free_result($get_pte);
if (!isset($context['page_title']))
$context['page_title'] = $txt['pm37'] . ': ' . $txt['pm42'];
//determine whether or not php is enabled for this page
$context['pte']['phpe'] = ($context['pte']['phpe']) ? 'checked' : '';
$context['pte']['yabbce'] = ($context['pte']['yabbce']) ? 'checked' : '';
// is it Visible in Page Listing?
$context['pte']['list'] = ($context['pte']['list']) ? 'checked' : '';
// tag fix - this line is left here just in case there was some < > leftover in previous data.
// a </textarea> or other html closing tag COULD cause form problems, so let's just make sure it doesn't.
$context['pte']['contents'] = str_replace(array('<','>'), array('<','>'), $context['pte']['contents']);
// building the dropdown menu list of folders
$get_folders = db_query("
SELECT id, name
FROM {$db_prefix}page_folders", __FILE__, __LINE__);
while ($folder = mysql_fetch_assoc($get_folders))
{
$selected = ($folder['id'] == $context['pte']['folder']) ? ' selected' :'';
$context['folder_op'][] = '<option value="' . $folder['id'] . '"' . $selected . '>' . $folder['name'] . '</option>';
}
mysql_free_result($get_folders);
// If we're inside a folder structure, build the tree
$myfolder = isset($context['pte']['folder']) ? $context['pte']['folder'] : 0;
while($myfolder > 0) {
$get_folder = db_query("
SELECT *
FROM {$db_prefix}page_folders
WHERE id = '$myfolder'
LIMIT 1",__FILE__,__LINE__);
$row = mysql_fetch_assoc($get_folder);
mysql_free_result($get_folder);
$myfolders[] = array($myfolder,$row['name']);
$myfolder = $row['isSub'];
}
// Update foldertree accordingly
if (isset($context['pte']['folder']) && $context['pte']['folder'] > 0) {
krsort($myfolders);
while (list($key,$val) = each($myfolders)) {
$context['foldertree'][] = array(
'url' => $scripturl . '?op=PageManagement;sub=' . $val[0],
'name' => $val[1],
);
}
}
loadPTemplate('PageManagement');
$context['sub_template'] = 'edit_page';
obExit();
}
function EditPage2()
{
global $db_prefix, $scripturl;
$id = (int) $_REQUEST['id'];
db_query("
UPDATE {$db_prefix}pages
SET title='" . (!empty($_REQUEST['title']) ? $_REQUEST['title'] : '') . "',
stitle='" . (!empty($_REQUEST['stitle']) ? $_REQUEST['stitle'] : '') . "',
contents='" . (!empty($_REQUEST['contents']) ? htmlspecialchars($_REQUEST['contents']) : '') . "',
phpe='" . (!empty($_REQUEST['phpe']) ? $_REQUEST['phpe'] : '') . "',
memberGroup='" . (is_array($_REQUEST['pmemg']) ? implode(',',$_REQUEST['pmemg']) : '') . "',
folder='" . (!empty($_REQUEST['folder']) ? $_REQUEST['folder'] : '') . "',
list='" . (!empty($_REQUEST['list']) ? $_REQUEST['list'] : '') . "',
yabbce='" . (!empty($_REQUEST['yabbce']) ? $_REQUEST['yabbce'] : '') . "'
WHERE id='$id'", __FILE__, __LINE__);
redirectexit('op=PageManagement;sa=PageManagement;sub=' . $_REQUEST['sub']);
}
function DeletePage()
{
global $db_prefix;
$id = (int) $_REQUEST['id'];
db_query("
DELETE FROM
{$db_prefix}pages
WHERE (id = '$id')", __FILE__, __LINE__);
redirectexit('op=PageManagement;sa=PageManagement;sub=' . $_REQUEST['sub']);
}
function delpfolder()
{
global $db_prefix, $context, $txt;
if (!isset($context['page_title']))
$context['page_title'] = $txt['pm37'] . ': ' . $txt['pm43'];
$context['dfolder'] = array(
'ftd' => $_REQUEST['ftd'],
'sub' => $_REQUEST['sub']
);
loadPTemplate('PageManagement');
$context['sub_template'] = 'delete_folder';
obExit();
}
function delpfolder2()
{
global $db_prefix;
$ftd = (int) $_REQUEST['ftd'];
$sub = (int) $_REQUEST['sub'];
$request = db_query("
SELECT *
FROM {$db_prefix}page_folders
WHERE (isSub='$ftd')", __FILE__, __LINE__);
$tmp = array();
while ($result = mysql_fetch_assoc($request))
{
db_query("
DELETE FROM {$db_prefix}page_folders
WHERE (id='$result[id]')", __FILE__, __LINE__);
$tmp[] = $result[id];
}
mysql_free_result($request);
for($i=0; $i < count($tmp); $i++)
{
db_query("
DELETE FROM {$db_prefix}pages
WHERE (id='$tmp[$i]')", __FILE__, __LINE__);
}
$request2 = db_query("
SELECT *
FROM {$db_prefix}pages
WHERE (folder='$ftd')", __FILE__, __LINE__);
while ($result2 = mysql_fetch_array($request2))
{
db_query("
DELETE FROM {$db_prefix}pages
WHERE (id='$result2[id]')", __FILE__, __LINE__);
}
mysql_free_result($request2);
db_query("
DELETE FROM {$db_prefix}page_folders
WHERE (id='$ftd')", __FILE__, __LINE__);
redirectexit('op=PageManagement;sa=PageManagement');
}
function editpfolder()
{
global $db_prefix, $context, $txt;
$fte = (int) $_REQUEST['fte'];
if (!isset($context['page_title']))
$context['page_title'] = $txt['pm37'] . ': ' . $txt['pm44'];
$request = db_query("
SELECT *
FROM {$db_prefix}page_folders
WHERE (id='$fte')", __FILE__, __LINE__);
$folder_main = mysql_fetch_assoc($request);
mysql_free_result($request);
$context['folder_stuff'] = array(
'name' => $folder_main['name'],
'fte' => $folder_main['id'],
'sub' => $folder_main['isSub']
);
$get_folders = db_query("
SELECT *
FROM {$db_prefix}page_folders", __FILE__, __LINE__);
while ($folder = mysql_fetch_assoc($get_folders))
$context['folders'][] = array(
'id' => $folder['id'],
'sel' => (($folder['id'] == $folder_main['isSub']) ? 'selected': ''),
'name' => $folder['name']
);
mysql_free_result($get_folders);
// If we're inside a folder structure, build the tree
$myfolder = isset($fte) ? $fte : 0;
while($myfolder > 0) {
$get_folder = db_query("
SELECT *
FROM {$db_prefix}page_folders
WHERE id = '$myfolder'
LIMIT 1",__FILE__,__LINE__);
$row = mysql_fetch_assoc($get_folder);
mysql_free_result($get_folder);
$myfolders[] = array($myfolder,$row['name']);
$myfolder = $row['isSub'];
}
// Update foldertree accordingly
if (isset($fte) && $fte > 0) {
krsort($myfolders);
while (list($key,$val) = each($myfolders)) {
$context['foldertree'][] = array(
'url' => $scripturl . '?op=PageManagement;sub=' . $val[0],
'name' => $val[1],
);
}
}
loadPTemplate('PageManagement');
$context['sub_template'] = 'edit_folder';
obExit();
}
function AddFolder()
{
global $db_prefix, $sub, $scripturl;
$sub = (int) ($_REQUEST['isSub'] == '')? 0 : $_REQUEST['isSub'];
db_query("
INSERT INTO {$db_prefix}page_folders
(name,isSub)
VALUES ('$_REQUEST[name]', $sub)", __FILE__, __LINE__);
redirectexit('op=PageManagement;sa=PageManagement');
}
function editpfolder2()
{
global $db_prefix, $sub;
$sub = (int) ($_REQUEST['isSub'] == '') ? 0 : $_REQUEST['isSub'];
db_query("
UPDATE {$db_prefix}page_folders
SET name='$_REQUEST[name]',isSub='$sub'
WHERE (id='$_REQUEST[id]')", __FILE__, __LINE__);
redirectexit('op=PageManagement;sa=PageManagement');
}
?>