Location: PHPKode > projects > Gnew > Gnew-2013.1/admin/posts.php
<?php
// -----------------------------------------------------------------------------
// $Id: posts.php 682 2013-03-28 14:17:41Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['ADMIN_POSTS']);

// Administrator?
if ($users['user_level'] < 4)
{
    error_template($lang['ERROR_LEVEL_ACCESS']);
}
else
{
    // Edit?
    if (isset($_POST['edit_post']))
    {
        $error = '';
        if (!trim($_POST['post_subject']))
        {
            $error .= $lang['ERROR_NO_SUBJECT'];
        }
        if (!trim($_POST['post_text']))
        {
            $error .= $lang['ERROR_NO_TEXT'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            if ($settings['allow_html'])
            {
                $post_text = do_html($_POST['post_text']);
            }
            else
            {
                $post_text = utf8_entities($_POST['post_text']);
            }
            $post_text = make_clickable($post_text);
            $post_text = do_bbcodes($post_text);
            if ($settings['allow_emoticons'])
            {
                $post_text = do_emoticons($post_text);
            }
            $sql->query('SELECT post_id
                         FROM ' . TABLE_POSTS . '
                         WHERE thread_id = \'' . $_POST['thread_id'] . '\'');
            $num_posts = $sql->num_rows();
            // New category?
            if ($_POST['category_id'] != $_POST['category_id_old'])
            {
                $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                             SET category_posts = category_posts + ' . $num_posts . ', category_threads = category_threads + 1
                             WHERE category_id = \'' . $_POST['category_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                             SET category_posts = category_posts - ' . $num_posts . ', category_threads = category_threads - 1
                             WHERE category_id = \'' . $_POST['category_id_old'] . '\'');
                $GLOBALS['cache']->clean(TABLE_CATEGORIES);
            }
            if ($num_posts > 1)
            {
                $sql->query('UPDATE ' . TABLE_POSTS . '
                             SET category_id = \'' . $_POST['category_id'] . '\', post_active = \'' . $_POST['post_active'] . '\', post_sticky = \'' . $_POST['post_sticky'] . '\', post_subject = \'' . utf8_entities($_POST['post_subject']) . '\'
                             WHERE thread_id = \'' . $_POST['thread_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_POSTS . '
                             SET post_text = \'' . $post_text . '\', post_edition = \'' . time() . '\', edition_id = \'' . $_SESSION['user_id'] . '\', edition_name = \'' . $users['user_name'] . '\'
                             WHERE post_id = \'' . $_POST['post_id'] . '\'');
            }
            else
            {
                $sql->query('UPDATE ' . TABLE_POSTS . '
                             SET category_id = \'' . $_POST['category_id'] . '\', post_active = \'' . $_POST['post_active'] . '\', post_sticky = \'' . $_POST['post_sticky'] . '\', post_subject = \'' . utf8_entities($_POST['post_subject']) . '\', post_text = \'' . $post_text . '\', post_edition = \'' . time() . '\', edition_id = \'' . $_SESSION['user_id'] . '\', edition_name = \'' . $users['user_name'] . '\'
                             WHERE post_id = \'' . $_POST['post_id'] . '\'');
            }
            make_posts_feed();
            $GLOBALS['cache']->clean(TABLE_POSTS);
            success_template($lang['POST_EDITED'], './../posts/read.php?category_id=' . $_POST['category_id'] . '&thread_id=' . $_POST['thread_id']);
        }
    }
    // Delete?
    elseif (isset($_POST['delete_post']))
    {
        // First post in a thread?
        if ($_POST['thread_id'] == $_POST['post_id'])
        {
            $i = $posts_per_thread = 0;
            $queries = array();
            $sql->query('SELECT user_id, COUNT(*) AS posts_per_user
                         FROM ' . TABLE_POSTS . '
                         WHERE thread_id = \'' . $_POST['thread_id'] . '\'
                         GROUP BY user_id
                         ORDER BY user_id');
            while ($table_posts = $sql->fetch())
            {
                $posts_per_thread += $table_posts['posts_per_user'];
                $queries[$i] = 'UPDATE ' . TABLE_USERS . '
                                SET user_posts = user_posts - ' . $table_posts['posts_per_user'] . '
                                WHERE user_id = \'' . $table_posts['user_id'] . '\'';
                $i++;
            }
            for ($j = 0; $j < $i; $j++)
            {
                $sql->query($queries[$j]);
            }
            $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                         SET category_posts = category_posts - ' . $posts_per_thread . ', category_threads = category_threads - 1
                         WHERE category_id = \'' . $_POST['category_id'] . '\'');
            $sql->query('DELETE FROM ' . TABLE_POSTS . '
                         WHERE thread_id = \'' . $_POST['thread_id'] . '\'');
        }
        // Other post
        else
        {
            $sql->query('SELECT user_id
                         FROM ' . TABLE_POSTS . '
                         WHERE post_id = \'' . $_POST['post_id'] . '\'');
            $table_posts = $sql->fetch();
            $sql->query('UPDATE ' . TABLE_CATEGORIES . '
                         SET category_posts = category_posts - 1
                         WHERE category_id = \'' . $_POST['category_id'] . '\'');
            $sql->query('UPDATE ' . TABLE_USERS . '
                         SET user_posts = user_posts - 1
                         WHERE user_id = \'' . $table_posts['user_id'] . '\'');
            $sql->query('DELETE FROM ' . TABLE_POSTS . '
                         WHERE post_id = \'' . $_POST['post_id'] . '\'');
        }
        make_posts_feed();
        $GLOBALS['cache']->clean(TABLE_CATEGORIES);
        $GLOBALS['cache']->clean(TABLE_POSTS);
        $GLOBALS['cache']->clean(TABLE_USERS);
        // Redirect to category
        if ($_POST['thread_id'] == $_POST['post_id'])
        {
            success_template($lang['POST_DELETED'], './../posts/list.php?category_id=' . $_POST['category_id']);
        }
        // Redirect to thread in category
        else
        {
            success_template($lang['POST_DELETED'], './../posts/read.php?category_id=' . $_POST['category_id'] . '&thread_id=' . $_POST['thread_id']);
        }
    }
    // Edit form
    else
    {
        // Check query
        if (!empty($_GET['post_id']) && string_is_int($_GET['post_id']))
        {
            $sql->query('SELECT thread_id, category_id, post_active, post_sticky, post_subject, post_text
                         FROM ' . TABLE_POSTS . '
                         WHERE post_id = \'' . $_GET['post_id'] . '\'');
            $table_posts = $sql->fetch();
            // Check post
            if (!$table_posts['thread_id'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                // Close thread?
                if ($table_posts['post_active'])
                {
                    $post_active_options = '<option value="0">' . $lang['YES'] . '</option><option value="1" selected="selected">' . $lang['NO'] . '</option>';
                }
                else
                {
                    $post_active_options = '<option value="0" selected="selected">' . $lang['YES'] . '</option><option value="1">' . $lang['NO'] . '</option>';
                }
                // Sticky post?
                if ($table_posts['post_sticky'])
                {
                    $post_sticky_options = '<option value="0">' . $lang['NO'] . '</option><option value="1" selected="selected">' . $lang['YES'] . '</option>';
                }
                else
                {
                    $post_sticky_options = '<option value="0" selected="selected">' . $lang['NO'] . '</option><option value="1">' . $lang['YES'] . '</option>';
                }

                $category_id_options = '';
                $sql->query('SELECT category_id, category_name
                             FROM ' . TABLE_CATEGORIES . '
                             WHERE category_level IN (\'0\', \'3\', \'4\')
                             ORDER BY category_name');
                while ($table_categories = $sql->fetch())
                {
                    if ($table_categories['category_id'] == $table_posts['category_id'])
                    {
                        $category_id_old = $table_categories['category_id'];
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '" selected="selected">' . $table_categories['category_name'] . '</option>';
                    }
                    else
                    {
                        $category_id_options .= '<option value="' . $table_categories['category_id'] . '">' . $table_categories['category_name'] . '</option>';
                    }
                }
                $post_text = undo_emoticons($table_posts['post_text']);
                $post_text = undo_bbcodes($post_text);
                $template->set_file('admin', 'admin/posts/edit.htpl');
                $template->set_var(array('CATEGORY_ID_OLD' => $category_id_old,
                                         'CATEGORY_ID_OPTIONS' => $category_id_options,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'POST_ACTIVE_OPTIONS' => $post_active_options,
                                         'POST_ID' => $_GET['post_id'],
                                         'POST_STICKY_OPTIONS' => $post_sticky_options,
                                         'POST_SUBJECT' => $table_posts['post_subject'],
                                         'POST_TEXT' => $post_text,
                                         'THREAD_ID' => $table_posts['thread_id']));
                $template->parse('admin');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
}

page_footer();

?>
Return current item: Gnew