<?
$dbhost = "localhost";
$dbuser = "root";
$dbpasswd = "";
$dbname = "dmguestbook";
$adminemail = "hide@address.com";
$siteurl = "http://www.yoursite.com/dmguestbook/";
######## DO NOT change anything below this line unless you know what you are doing :) ########
mysql_connect($dbhost,$dbuser,$dbpasswd);
mysql_select_db($dbname);
$date = date("Y-m-d");
function ftwhoisuser($u) {
$result = mysql_query("select username,emailaddress from member where userID = '$u'");
while ($row = mysql_fetch_array($result)) {
$output = "<a href=\"mailto:$row[emailaddress]\">$row[username]</a>";
}
return $output;
}
function ftwhoistopic($ti) {
$result = mysql_query("select title, categoryID from topic where topicID = '$ti'");
while ($row = mysql_fetch_array($result)) {
$output = "<a href=\"$PHP_SELF?t=$ti&c=$row[categoryID]\">$row[title]</a>";
}
return $output;
}
function ftwhoisusereemail($u) {
$result = mysql_query("select emailaddress from member where userID = '$u'");
while ($row = mysql_fetch_array($result)) {
$output = "$row[emailaddress]";
}
return $output;
}
function ftheader() {
global $cku, $ckr;
echo "
<tr bgcolor=\"#CCCCCC\">
<td colspan=\"4\" height=\"25\"><b>MENU:</b> <a href=\"$PHP_SELF?m=lg\">login</a> | <a href=\"$PHP_SELF?m=rg\">register</a>";
if ($cku) { echo "| <a href=\"$PHP_SELF?m=lo\">logout</a>";}
if ($ckr == "39912") { echo " | <a href=\"$PHP_SELF?m=adm\">manage members</a> | <a href=\"$PHP_SELF?m=adc\">new category</a>"; }
echo "</td>
</tr>
<tr bgcolor=\"#666666\">
<td width=\"300\" height=\"25\"><b>CATEGORY</b></td>
<td width=\"25\"><b>TOPICS</b></td>
<td width=\"75\"><b>UPDATED</b></td>
</tr> ";
}
function ftlistcategories() {
global $c,$ckr;
$result = mysql_query("select * from category order by sortorder asc");
while ($row = mysql_fetch_array($result)) {
if ($row[categoryID] == $c) {
echo "<tr bgcolor=\"#DDDDDD\"><td>";
} else {
echo "<tr bgcolor=\"#CCCCCC\"><td>";
}
$gettopics = mysql_query ("select topicID from topic where categoryID = '$row[categoryID]'");
$counttopic = mysql_num_rows($gettopics);
echo "<a href=\"$PHP_SELF?c=$row[categoryID]\"><b>$row[title]</b></a>";
if ($ckr == "39912") { echo " »»»»(<a href=\"$PHP_SELF?m=adc&c=$row[categoryID]&q=x\">edit</a>)";}
echo "<br />";
echo stripslashes(nl2br($row[description]))."</td><td>$counttopic</td><td>$row[lastupdate]</td>";
echo "</tr>";
}
}
function ftlisttopics($c) {
global $t,$ckr;
if ($c) {
$result = mysql_query("select * from topic where categoryID = '$c'");
echo "<tr bgcolor=\"#CCCCCC\"><td colspan=4 height=\"25\"><input type=\"button\" value=\"ADD NEW TOPIC\" onclick=\"location.href='$PHP_SELF?c=$c&q=nt'\"></td</tr>";
echo "
<tr bgcolor=\"#666666\">
<td width=\"350\" height=\"25\"><b>TOPICS</b></td>
<td width=\"90\"><b>POSTED BY</b></td>
<td width=\"70\"><b>DATE</></td>
<td width=\"40\"><b>REPLIES</b></td>
</tr>
";
while ($row = mysql_fetch_array($result)) {
$getreplies = mysql_query ( "select replyID from reply where topicID = '$row[topicID]'");
$countreply = mysql_num_rows($getreplies);
echo "<tr bgcolor=\"#CCCCCC\"><td height=\"20\"><a href=\"$PHP_SELF?c=$c&t=$row[topicID]\"><img align=left src=\"topicicon.gif\" alt=\"user's ip address: $row[ipaddress]\" border=0 width=12 height=13> <b>$row[title]</b></a>";
if ($ckr == "39912") { echo " »»»»(<a href=\"javascript:deletefile('$PHP_SELF?m=adt&c=$c&t=$row[topicID]')\">delete</a>)";}
echo" </td><td>".ftwhoisuser($row[userID])."</td><td>$row[datecreated]</td><td>$countreply</td></tr>";
if ($row[topicID] == $t) {
echo ftgettopic($t);
}
}
}
}
function ftgettopic($t) {
if ($t) {
$result = mysql_query("select * from topic where topicID = '$t'");
while ($row = mysql_fetch_array($result)) {
$output = "<tr bgcolor=\"#CCCCCC\"><td colspan=4>";
$output .= stripslashes(nl2br($row[content]));
$output .= ftlistreplies($t);
$output .= "</td></tr>";
$output .= "<tr bgcolor=\"#98a2b1\"><td colspan=4><input type=\"button\" value=\"ADD REPLY\" onclick=\"location.href='$PHP_SELF?c=$row[categoryID]&t=$t&q=nr'\"> <input type=\"button\" value=\"REPORT POST\" onclick=\"location.href='$PHP_SELF?c=$row[categoryID]&t=$t&q=rt'\"></td></tr>";
}
}
return $output;
}
function ftlistreplies($topicid) {
global $ckr;
$result = mysql_query("select * from reply where topicID = '$topicid'");
while ($row = mysql_fetch_array($result)) {
$output .= "<tr bgcolor=\"#98a2b1\"><td colspan=4><b>Reply</b> by ".ftwhoisuser($row[userID])." on $row[datecreated]";
if ($ckr == "39912") { $output .= " »»»»(<a href=\"javascript:deletefile('$PHP_SELF?m=adr&c=$c&t=$row[topicID]&r=$row[replyID]')\">delete</a>)";}
$output .= "<br />".stripslashes(nl2br($row[content]))."</td></tr>";
}
return $output;
}
function ftaddtopic($c) {
if ($c) {
echo "
<form name=\"addtopic\" method=\"post\" action=\"$PHP_SELF\">
<input type=\"hidden\" name=\"m\" value=\"mt\">
<input type=\"hidden\" name=\"c\" value=\"$c\">
<input type=\"hidden\" name=\"q\" value=\"\">
<tr bgcolor=\"#666666\"><td colspan=4 height=25>
<b>NEW TOPIC</b>
</td></tr>
<tr bgcolor=\"#98a2b1\"><td colspan=4> <br />";
echo "
Title*<br />
<input type=\"text\" name=\"title\" size=\"60\" maxlength=\"250\"><br />
Content*<br />
<textarea name=\"content\" rows=\"6\" cols=\"50\"></textarea><br /><br />
<input type=\"submit\" value=\" SAVE \"><br />
</td></tr>
</form>
";
} else {
echo "
<tr bgcolor=\"#98a2b1\"><td colspan=4>
Oops! something went wrong - use your browser's back button to return to the previous page
</td></tr>
";
}
}
function ftaddreply($c,$t) {
if ($c && $t) {
echo "
<form name=\"addreply\" method=\"post\" action=\"$PHP_SELF\">
<input type=\"hidden\" name=\"m\" value=\"mr\">
<input type=\"hidden\" name=\"c\" value=\"$c\">
<input type=\"hidden\" name=\"t\" value=\"$t\">
<input type=\"hidden\" name=\"q\" value=\"\">
<tr bgcolor=\"#666666\"><td colspan=4 height=25>
<b>NEW REPLY</b>
</td></tr>
<tr bgcolor=\"#98a2b1\"><td colspan=4> <br />";
echo "
Content*<br />
<textarea name=\"content\" rows=\"6\" cols=\"50\"></textarea><br /><br />
<input type=\"submit\" value=\" SAVE \"><br />
</td></tr>
</form>
";
} else {
echo "
<tr bgcolor=\"#98a2b1\"><td>
Oops! something went wrong - use your browser's back button to return to the previous page
</td></tr>
";
}
}
function ftwritekeyword($t,$tt,$ct,$c,$r) {
$sqlinsert = "insert into ksearch (topicID,title,content,categoryID,replyID) values ('$t','$tt','$ct','$c','$r')";
mysql_query($sqlinsert);
}
function fteditcategory($c) {
if ($c) {
$result = mysql_query("select * from category where categoryID = '$c'");
while ($row = mysql_fetch_array($result)) {
echo "
<form name=\"categoryform\" method=\"post\" action=\"$PHP_SELF\">
<input type=\"hidden\" name=\"m\" value=\"ade\">
<input type=\"hidden\" name=\"c\" value=\"$c\">
<input type=\"hidden\" name=\"q\" value=\"\">
<tr bgcolor=\"#666666\"><td colspan=4 height=25>
<b>EDIT CATEGORY</b>
</td></tr>
<tr bgcolor=\"#98a2b1\"><td colspan=4> <br />";
echo "
Title*<br />
<input type=\"text\" name=\"title\" size=\"60\" maxlength=\"250\" value=\"$row[title]\"><br />
Description*<br />
<textarea name=\"description\" rows=\"6\" cols=\"50\">$row[description]</textarea><br />
Sort Order (0-999)<br />
<input type=\"text\" name=\"sortorder\" size=\"60\" maxlength=\"250\" value=\"$row[sortorder]\"><br />
<br /><br />
<input type=\"submit\" value=\" SAVE \"> <input type=\"button\" value=\" DELETE \" onclick=\"javascript:deletefile('$PHP_SELF?c=$c&m=xxx')\"><br />
</td></tr></form>
";
}
} else {
echo "
<form name=\"categoryform\" method=\"post\" action=\"$PHP_SELF\">
<input type=\"hidden\" name=\"m\" value=\"adn\">
<input type=\"hidden\" name=\"q\" value=\"\">
<tr bgcolor=\"#666666\"><td colspan=4 height=25>
<b>NEW CATEGORY</b>
</td></tr>
<tr bgcolor=\"#98a2b1\"><td colspan=4> <br />";
echo "
Title*<br />
<input type=\"text\" name=\"title\" size=\"60\" maxlength=\"250\" value=\"\"><br />
Description*<br />
<textarea name=\"description\" rows=\"6\" cols=\"50\"></textarea><br />
Sort Order (0-999)<br />
<input type=\"text\" name=\"sortorder\" size=\"60\" maxlength=\"250\" value=\"\"><br />
<br /><br />
<input type=\"submit\" value=\" SAVE \"><br />
</td></tr>
</form>
";
}
}
function ftlistmembers() {
global $ckr;
if ($ckr == "39912") {
$result = mysql_query("select * from member");
echo "<tr bgcolor=\"#CCCCCC\"><td colspan=7 height=\"25\"><b>USER MANAGER</b></td</tr>";
echo "
<tr bgcolor=\"#666666\">
<td width=\"25\" height=\"25\"> </td>
<td width=\"100\"><b>USERNAME</b></td>
<td width=\"100\"><b>PASSWORD</b></td>
<td width=\"100\"><b>EMAIL ADDRESS</></td>
<td width=\"25\"><b>ACTIVE</b></td>
<td width=\"25\"><b>ADMIN</b></td>
<td width=\"175\"><b>ACTION</b></td>
</tr>
";
$counter = 1;
while ($row = mysql_fetch_array($result)) {
echo "<form name=\"updatemember\" action=\"$PHP_SELF\" method=\"post\">
<input type=\"hidden\" name=\"m\" value=\"mmm\">
<input type=\"hidden\" name=\"uid\" value=\"$row[userID]\">
<tr bgcolor=\"#CCCCCC\">
<td height=\"20\">$counter</td>
<td><input type=\"text\" name=\"username\" value=\"$row[username]\" size=\"15\" maxlength=\"50\"></td>
<td><input type=\"text\" name=\"passwd\" value=\"$row[passwd]\" size=\"15\" maxlength=\"50\"></td>
<td><input type=\"text\" name=\"emailaddress\" value=\"$row[emailaddress]\" size=\"15\" maxlength=\"50\"></td>
<td>";
if ($row[active] == "1") { echo "<input type=\"checkbox\" name=\"active\" value=\"$row[active]\" checked>"; }
else { echo "<input type=\"checkbox\" name=\"active\" value=\"1\">"; }
echo " <img src=\"ipicon.gif\" alt=\"user's ip address: $row[ipaddress]\" border=0 width=12 height=13></td><td>";
if ($row[role] == "39912") { echo "<input type=\"checkbox\" name=\"role\" value=\"$row[role]\" checked>"; }
else { echo "<input type=\"checkbox\" name=\"role\" value=\"39912\">"; }
echo "</td><td>";
echo "<input type=\"submit\" value=\"UPDATE\"> <input type=\"button\" value=\"DELETE\" onclick=\"javascript:deletefile('$PHP_SELF?uid=$row[userID]&m=nnn')\">";
echo "</td></tr></form>";
$counter++;
#if ($ckr == "39912") { echo " »»»»(<a href=\"javascript:deletefile('$PHP_SELF?m=adt&c=$c&t=$row[topicID]')\">delete</a>)";}
}
}
}
?>