index.php at Exero CMS - Free PHP Code

<?
/*========================================*\
|        News Module for Exero CMS        |
|       Copyright © 2006 Jack Polgar       |
|        http://www.jackpolgar.com         |
\*========================================*/

// Check if module is active
if(!moduleactive("news")) {
	$message = "This module is currently Deactiaved";
	include("themes/$ecms->theme/error.php");
	exit;
}
// News mod for ecms
if(empty($_REQUEST['q1'])) {
	$news['rowcount'] = 1;
	$getnews = $db->query("SELECT * FROM ".TABLE_PREFIX."news ORDER BY id DESC LIMIT ".$ecms->modulesettings['news']['postsvisible']);
	while($newsinfo = $db->fetch_array($getnews)) {
		$news[$news['rowcount']] = $newsinfo;
		$news[$news['rowcount']]['posterinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='".$newsinfo['poster']."' LIMIT 1");
		$news[$news['rowcount']]['comments'] = $db->num_rows($db->query("SELECT * FROM ".TABLE_PREFIX."news_comments WHERE newsid='".$newsinfo['id']."'"));
		$news[$news['rowcount']]['catinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."news_cats WHERE id='".$newsinfo['catid']."' LIMIT 1");
		$news['rowcount']++;
	}
	include("themes/$ecms->theme/news/index.php");
} else if($_REQUEST['q1'] == "archive") {
	$news['rowcount'] = 1;
	$getnews = $db->query("SELECT * FROM ".TABLE_PREFIX."news ORDER BY id DESC");
	while($newsinfo = $db->fetch_array($getnews)) {
		$news[$news['rowcount']] = $newsinfo;
		$news[$news['rowcount']]['posterinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='".$newsinfo['poster']."' LIMIT 1");
		$news[$news['rowcount']]['comments'] = $db->num_rows($db->query("SELECT * FROM news_comments WHERE newsid='".$newsinfo['id']."'"));
		$news[$news['rowcount']]['catinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."news_cats WHERE id='".$newsinfo['catid']."' LIMIT 1");
		$news['rowcount']++;
	}
	include("themes/$ecms->theme/news/index.php");
} else if($_REQUEST['q1'] == "view") {
	$newsinfo = $db->query_first("SELECT * FROM ".TABLE_PREFIX."news WHERE id='".$db->real_escape_string($_REQUEST['q2'])."' LIMIT 1");
	$newsinfo['posterinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='".$newsinfo['poster']."' LIMIT 1");
	$newsinfo['comments'] = $db->num_rows($db->query("SELECT * FROM ".TABLE_PREFIX."news_comments WHERE newsid='".$newsinfo['id']."'"));
	$newsinfo['catinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."news_cats WHERE id='".$newsinfo['catid']."' LIMIT 1");
	$comments['rowcount'] = 1;
	$getcomments = $db->query("SELECT * FROM ".TABLE_PREFIX."news_comments WHERE newsid='".$newsinfo['id']."' ORDER BY id DESC");
	while($commentsinfo = $db->fetch_array($getcomments)) {
		$comments[$comments['rowcount']] = $commentsinfo;
		$comments[$comments['rowcount']]['posterinfo'] = $db->query_first("SELECT * FROM ".TABLE_PREFIX."users WHERE uid='".$commentsinfo['posterid']."' LIMIT 1");
		$comments['rowcount']++;
	}
	include("themes/$ecms->theme/news/fullview.php");
} else if($_REQUEST['q1'] == "postcomment") {
	$newsinfo = $db->query_first("SELECT * FROM ".TABLE_PREFIX."news WHERE id='".$db->real_escape_string($_POST['newsid'])."' LIMIT 1");
	if($ecms->permissions("news","post_comments") && $ecms->modulesettings['news']['enablecomments'] && $newsinfo['allowcomments']) {
		if(!empty($_POST['comment'])) {
			$db->query("INSERT INTO ".TABLE_PREFIX."news_comments VALUES(
			'',
			'".$db->real_escape_string($_POST['newsid'])."',
			'".$user->userinfo['uid']."',
			'".$db->real_escape_string($_POST['comment'])."',
			'".time()."')");
			$message = "Comment Posted.";
			$module = "news";
			$array = array("view",$_POST['newsid']);
			include("themes/$ecms->theme/redirect.php");
		} else {
			$message = "Comment cannot be blank.";
			include("themes/$ecms->theme/error.php");
		}
	} else {
		include("themes/$ecms->theme/nopermission.php");
		exit;
	}
}
?>