Location: PHPKode > projects > HB-NS > hb-ns/index.php
<?php
include("configuration.php");
include("functions.php");
require("lang/$language.php");

if ($rememberme == "1")
{
	$timespan = time()+(604800*52);// 1 year
	if ($poster_name != "") setcookie("poster_name", "$poster_name", $timespan, '/');
	if ($poster_email != "") setcookie("poster_email", "$poster_email", $timespan, '/');
	if ($poster_homepage != "" && preg_match("/^http/i", $poster_homepage)) setcookie("poster_homepage", "$poster_homepage", $timespan, '/');
	if (!empty($poster_password)) setcookie("poster_encr_password", md5($poster_password), $timespan, '/');
	setcookie("rememberme", "1", $timespan, '/');
}

include("head.php");

//
// see what action we should perform based on the action paramater in the url
//
switch($action)
{
	case "list":
		listing();
	break;
	case "normal":
		normal();
	break;
	case "topic":
		show_topic();
	break;
	case "comment":
		comment_article();
	break;
	case "edit_comment":
		edit_comment();
	break;
	case "calender":
		calender();
	break;
	case "day":
		day();
	break;
	default:
		$url = parse_url($REQUEST_URI);
		$title = $url[query];
		if ((!empty ($title)) && (empty ($article)) && (empty ($cur_page)) && ($cur_page != 0))
		{
			$query = "SELECT id, title, topic, poster, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate, text FROM $table WHERE title LIKE '%$title%'";
			$result = mysql_query($query);
			echo "<h2>" . SHORT_TITLE1 . " '$title' " . SHORT_TITLE2 . "</h2>\n";
			while($query_data = mysql_fetch_array($result))
			{
				$article = $query_data["id"];
				$title = htmlentities($query_data["title"]);
				$topic = $query_data["topic"];
				$poster = $query_data["poster"];
				$publicationdate = $query_data["publicationdate"];
				$text = $query_data["text"];
				$text = convertBBCode($text);

				show_article($article, $title, $topic, $poster, $publicationdate, $text);
			}
			if(!$article)
			{
				echo "<h4>" . NO_NEWS_TODAY . "!</h4>\n";
			}
			echo "<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
		}
		else if (!empty ($article))
		{
			listing($article);
		}
		else
		{
			normal();
		}
	break;
}


//
// default mode, presents a user-defined number of articles per page
//

function normal()
{
	global $PHP_SELF, $table, $cur_page, $now, $cur_page, $records_per_page;

	if ((!isset ($cur_page)) || ($cur_page == "0"))
	{
		echo "<h2>" . TITLE . "</h2>";
	}
	else
	{
		echo "<h2>" . TITLE_MORE . "</h2>\n";
	}

	// count the number of rows in the table

	$query = "SELECT count(*) FROM $table WHERE (expires >= '$now' OR expires = '00000000') AND push <= $now ";
	$result = mysql_query($query);
	$query_data = mysql_fetch_row($result);// get the data from the table
	$total_number_articles = $query_data[0];
	$page_num = $cur_page + 1;// page number counter
	$total_num_page = $last_page_num 
					= ceil($total_number_articles/$records_per_page);

	// if there are no news items to display we echo that
	// else we echo a statement saying how much items there are
	if(!$total_number_articles)
	{
		// no newsitems available
		echo "<h4>" . NO_NEWS_TODAY . "!</h4>\n";
	}
	else
	{
		// if we haven't been given a current page number we are the first
		if(empty($cur_page))
		{
			$cur_page = 0;
		}

		echo "<strong>$total_number_articles</strong> " . ITEMS_FOUND . ". " . PAGE . " <strong>$page_num</strong> " . OF . " <strong>$last_page_num</strong>.<br />\n";

		$limit_str = "LIMIT " .  $cur_page * $records_per_page . ", $records_per_page";
	$query = "SELECT text, title, topic, poster, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate, id FROM $table WHERE (expires >= '$now' OR expires = '00000000') AND push <= $now ORDER BY id DESC $limit_str";
	$result = mysql_query($query);

		while($query_data = mysql_fetch_array($result))
		{
			$article = $query_data["id"];
			$text = $query_data["text"];
			$title = htmlentities($query_data["title"]);
			$topic = $query_data["topic"];
			$poster = $query_data["poster"];
			$publicationdate = $query_data["publicationdate"];
			$text = convertBBCode($text);

			show_article($article, $title, $topic, $poster, $publicationdate, $text);
		}
	}

	navlinks($total_num_page);
}


//
// dynamic link stuff
// we make a navigationlink for all records
// except the current page, which gets displayed in bold
//

function navlinks($total_num_page)
{
	global $cur_page, $PHP_SELF, $news_base;

	if ($total_num_page > 1)
	{
		echo READ_MORE . ": ";

		// to do? Make "4" user-definable (???)
		// workaround for confusion between $total_num_page and $last_page (???)
		if ($cur_page >= 5)
		{
			echo "<a href=\"$PHP_SELF\" class=\"navlink\" title=\"" . GOTO_FIRST_PAGE . "\">&lt;&lt;</a>";
		}
		for ($i = 0; $i < $total_num_page; $i++)
		{
			// links lower than the current page (max. 4)
			if ($i < $cur_page && $i > $cur_page-5)
			{
				$url = "$PHP_SELF?cur_page=" . $i;
				$j = $i+1;
				echo " <a href=\"$url\" class=\"navlink\">$j</a> ";
			}
			if ($i == $cur_page)// current page, display in bold
			{
				$j = $i+1;
				echo " <span class=\"navlinkactive\">$j</span> ";
			}
			// links higher than the current page (max. 4)
			if ($i > $cur_page && $i <= $cur_page+4)
			{
				$url = "$PHP_SELF?cur_page=" . $i;
				$j = $i+1;
				echo " <a href=\"$url\" class=\"navlink\">$j</a> ";
			}
		}
		if ($cur_page < $total_num_page-5)
		{
			$last_page = $total_num_page-1;// workaround because cur_page=0 is first page
			echo " <a href=\"$PHP_SELF?cur_page=$last_page\" class=\"navlink\" title=\"" . GOTO_LAST_PAGE . "\">&gt;&gt;</a>";
		}
	}
	echo "<br />\n";
	echo "<a href=\"$news_base?action=list\">" . SHOW_ALL . "</a> | <a href=\"$news_base?action=topic\">" . SHOW_TOPICS . "</a>";
}


//
// listingmode
// presents all article-titles on one page
// allowing the user to choose one to view
// this mode is also used for sidebar.php
//

function listing()
{
	global $PHP_SELF, $table, $article, $now, $sort_by, $sort_order, $action, $date_format;

	// if we don't have an article number we present a list with all non-expired items
	if (empty($article))
	{
		// first process the sorting options
		if (empty ($sort_by))
		{
			$sort_by = "id";
		}
		if ((empty ($sort_order)) || $sort_order == "DESC")
		{
			$sort_order = "DESC";
			$order = "descending";// HB: te doen: l8n
			$reverse_sort = "ASC";
		}
		else
		{
			$sort_order = "ASC";
			$order = "ascending";// HB: te doen: l8n
			$reverse_sort = "DESC";
		}
		if ($sort_by == "id")
		{
			$sort_name = "date - " . $order;
		}
		else
		{
			$sort_name = $sort_by . " - " . $order;
		}
		$query = "SELECT id, title, topic, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate FROM $table WHERE (expires >= '$now' OR expires = '00000000') AND push <= '$now' ORDER BY $sort_by $sort_order";
		$result = mysql_query($query);
		// check if the amount of records is 0
		$num_rows = mysql_affected_rows();
		if($num_rows == "0")
		{
			echo NO_NEWS_TODAY . ".<br />\n";
		}
		// we have at least 1 item to show
		else
		{
			echo "<h2>" . AVAILABLE . ":</h2>\n";
			// HB: te doen: l8n
			echo "<table border=\"0\" cellspacing=\"2\" cellpadding=\"2\" summary=\"A list of all the articles that are available. Sorted by $sort_name. Click on a header to change the sort order.\">\n<tr>\n";

			echo "<th align=\"left\"><a href=\"$PHP_SELF?action=list&amp;sort_by=title&amp;sort_order=$reverse_sort\" class=\"listsortlink\">" . SORT_TITLE . "</a></th>";
			echo "<th align=\"left\" width=\"25%\"><a href=\"$PHP_SELF?action=list&amp;sort_by=id&amp;sort_order=$reverse_sort\" class=\"listsortlink\">" . SORT_PUBLISHED . "</a></th>";
			echo "<th align=\"center\" width=\"20%\"><a href=\"$PHP_SELF?action=list&amp;sort_by=topic&amp;sort_order=$reverse_sort\" class=\"listsortlink\">" . SORT_TOPIC . "</a></th></tr>\n";

			echo "<tr><td colspan=\"3\">&nbsp;</td></tr>\n";
			while($query_data = mysql_fetch_array($result))
			{
				$article = $query_data["id"];
				$title = $query_data["title"];
				$topic = $query_data["topic"];
				$publicationdate = $query_data["publicationdate"];
				$urlencoded_topic = urlencode($topic);
				if ($publicationdate == "00-00-0000 00:00:00") $publicationdate = DATE_UNKNOWN;
				else if ($date_format == "american")
				{
					// mangle publicationdate here
					$arrDateTime = explode("-", $publicationdate);
					$day = $arrDateTime[0];
					$month = $arrDateTime[1];
					$year = $arrDateTime[2];
					$publicationdate = "$month/$day/$year";
				}

				echo "<tr><td><a href=\"$PHP_SELF?article=$article\">$title</a></td><td>$publicationdate</td><td align=\"center\"><a href=\"$PHP_SELF?action=topic&amp;topic=$urlencoded_topic\">$topic</a></td></tr>\n";
			}
			echo "</table>\n";
		}
		echo "<br />\n<a href=\"$PHP_SELF?action=calender\">". SHOW_CALENDAR ."</a>";

	}
	// now we do have an id number and we can show a single newsitem
	else
	{
		$query = "SELECT text, title, topic, poster, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate, expires, push FROM $table WHERE id = '$article'";
		$result = mysql_query($query);

		while($query_data = mysql_fetch_array($result))
		{
			$title = htmlentities($query_data["title"]);
			$topic = $query_data["topic"];
			$poster = $query_data["poster"];
			$publicationdate = $query_data["publicationdate"];
			$expires = $query_data["expires"];
			$push = $query_data["push"];
			$text = $query_data["text"];
			$text = convertBBCode($text);

			// check for expiration and poush date, if the article isn't available (yet or anymore) hide it.
			if (($expires >= $now || $expires == 00000000) && $push <= $now)
			{
				show_article($article, $title, $topic, $poster, $publicationdate, $text);
			}
			else if ($push > $now) echo "<h4>" . ITEM_UNAVAILABLE_2 . "</h4>\n";
			else echo "<h4>" . ITEM_UNAVAILABLE_1 . "</h4>\n";
		}
		if ($action != "comment" && $action != "edit_comment") echo "<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
	}
}


//
// function that shows an article and a comment form
//
function comment_article()
{
	global $allow_comments, $PHP_SELF, $article, $comment_table, $comment_added, $poster_name, $poster_email, $poster_homepage, $poster_password, $comment, $submit, $pwd, $poster_encr_password, $rememberme;

	if ($allow_comments == "yes")
	{
		// if (get_magic_quotes_gpc() == "0") $comment = addslashes($comment);
		// $comment = addslashes($comment);
		if ($comment_added == "yes")
		{
			if (empty ($poster_name) || empty ($comment))
			{
				listing($article);
				echo "<h4>" . C_ERROR . "</h4>\n";
			}
			else if ($poster_homepage != "" && !preg_match("/^http/i", $poster_homepage))
			{
				listing($article);
				echo "<h4>" . C_ERROR2 . "</h4>\n";
			}
			else
			{
				$save_button = SAVE_BUTTON;
				if ($submit == "$save_button")
				{
					if (get_magic_quotes_gpc() == "0") $comment = addslashes($comment);

					$query = "SELECT pass FROM $comment_table WHERE approved = '1' AND pass != 'd41d8cd98f00b204e9800998ecf8427e' AND pass = md5('$poster_password') ORDER BY uniqueid LIMIT 0,1";
					$result = mysql_query($query);
					while($query_data = mysql_fetch_array($result))
					{
						$the_password = $query_data["pass"];
					}
					if ($the_password != "") $query = "INSERT INTO $comment_table (id, poster_name, poster_email, poster_homepage, comment, pass, approved) VALUES ('$article','$poster_name','$poster_email','$poster_homepage','$comment', md5('$poster_password'),'1')";
					else if ($poster_password != "") $query = "INSERT INTO $comment_table (id, poster_name, poster_email, poster_homepage, comment, pass) VALUES ('$article','$poster_name','$poster_email','$poster_homepage','$comment', md5('$poster_password'))";
					else $query = "INSERT INTO $comment_table (id, poster_name, poster_email, poster_homepage, comment, pass) VALUES ('$article','$poster_name','$poster_email','$poster_homepage','$comment', '')";
					
					$result = mysql_query($query);
					// check if the insert was successful
					$num_rows = mysql_affected_rows();
					// nope:
					if($num_rows == "0")
					{
						echo "<h4>" . UNKNOWN_ERROR . "</h4>\n";// possibly due to the fact that there were no changes, so no need to worry if that's the case
					}
					listing($article);
					echo "<a name=\"preview\"></a>";// HB todo!
					echo "<h5>" . C_MODERATED . "</h5>\n";
				}
				else
				{
					// preview code
					listing($article);
					echo "<div class=\"newscommentpreview\">\n";
					echo "<h4 id=\"preview\">" . PREVIEW_LEGEND . "</h4>\n";
					echo PREVIEW_NEXT . ".";
					if (get_magic_quotes_gpc() != "0") $comment = stripslashes($comment);
					// $comment = stripslashes($comment);
					$comment_pre = convertBBCode($comment);
					echo "<div class=\"newsitem\">\n<div class=\"newsbody\">";
					echo "$poster_name";
					if (!empty ($poster_homepage))
					{
						echo " - <a href=\"$poster_homepage\">$poster_homepage</a>";
					}
					echo "<br /><br />\n$comment_pre</div>\n</div>\n";
					echo "</div>\n";
					// end preview
				}
			}
		}
		else
		{
			listing($article);
		}

		// comments here
		echo "<a name=\"comments\"></a>\n";
		$query = "SELECT * FROM $comment_table WHERE id=$article AND approved = '1' ORDER BY uniqueid ASC";
		$result = mysql_query($query);
		echo C_NAME . ":<br /><br />\n";
		while($query_data = mysql_fetch_array($result))
		{
			$uniqueid = $query_data["uniqueid"];
			$the_name = $query_data["poster_name"];
			$the_email = $query_data["poster_email"];
			$the_homepage = $query_data["poster_homepage"];
			$the_comment = convertBBCode($query_data["comment"]);
			$the_password = $query_data["pass"];

			echo "<div class=\"newsitem\">\n<div class=\"newsbody\">";
			echo "<span class=\"newscommentname\">$the_name</span>";
			if (!empty ($the_homepage))
			{
				echo " - <a href=\"$the_homepage\">$the_homepage</a>";
			}
			if (!empty ($pwd)) // link for admin
			{
				echo "<div class=\"newstopic\"><a href=\"$PHP_SELF?action=edit_comment&amp;article=$article&amp;uniqueid=$uniqueid#edit\">edit</a></div>\n";
			}
			else if (($poster_encr_password == "$the_password") && ($the_password !="")) // link for user with correct md5(password)
			{
				echo "<div class=\"newstopic\"><a href=\"$PHP_SELF?action=edit_comment&amp;article=$article&amp;uniqueid=$uniqueid#edit\">edit</a></div>\n";
			}
			echo "<br /><br />\n$the_comment</div>\n</div>\n<br />\n";
		}

		if(!$num_rows || $num_rows == "0")
		{
			echo "<form method=\"post\" action=\"$PHP_SELF?action=comment#preview\" name=\"theForm\">\n";
			echo "<fieldset><legend>" . C_LEGEND . "</legend>\n";
			echo "<input type=\"hidden\" name=\"article\" value=\"$article\" />\n";
			echo "<input type=\"hidden\" name=\"comment_added\" value=\"yes\" />\n";
			echo C_POSTER_NAME . REQUIRED . ":<br />\n<input type=\"text\" name=\"poster_name\" size=\"25\" maxlength=\"50\" value=\"$poster_name\" /><br />\n";
			echo C_POSTER_EMAIL . ":<br />\n<input type=\"text\" name=\"poster_email\" size=\"25\" maxlength=\"50\" value=\"$poster_email\" /><br />\n";
			echo C_POSTER_HOMEPAGE . ":<br />\n<input type=\"text\" name=\"poster_homepage\" size=\"25\" maxlength=\"50\" value=\"$poster_homepage\" /><br />\n";
			echo C_POSTER_PASSWORD . ":<br />\n<input type=\"password\" name=\"poster_password\" size=\"25\" maxlength=\"50\" value=\"$poster_password\" /><br />\n";

			echo "<input type='button' value='URL' title='" . TOOLTIP_URL . "' onclick='bbCodeUrl(\"message\");' />";
			echo "<input type='button' value='IMG' title='" . TOOLTIP_IMG . "' onclick='bbCodeImg(\"message\");' />";
			echo "<input type='button' value='EMAIL' title='" . TOOLTIP_EMAIL . "' onclick='bbCodeEmail(\"message\");' />";
			echo "<input type='button' value='ABBR' title='" . TOOLTIP_ABBR . "' onclick='bbCodeAbbr(\"message\");' />";
			echo "<input type='button' value='QUOTE' title='" . TOOLTIP_QUOTE . "' onclick='bbCodeQuote(\"message\");' />";
			echo "<input type='button' value='BOLD' title='" . TOOLTIP_BOLD . "' onclick='bbCodeBold(\"message\");' />";
			echo "<input type='button' value='ITALIC' title='" . TOOLTIP_ITALIC . "' onclick='bbCodeItalic(\"message\");' />";
			echo "<input type='button' value='CODE' title='" . TOOLTIP_CODE . "' onclick='bbCodePre(\"message\");' /><br />\n";

			echo C_NAME . REQUIRED . ":<br />\n<textarea name=\"comment\" id=\"message\" rows=\"10\" cols=\"45\">$comment</textarea><br />\n";
			echo "<input type=\"checkbox\" name=\"rememberme\" value=\"1\" id=\"rememberme\"";
			if ($rememberme == "1") echo " checked=\"checked\"";
			echo " /><label for=\"rememberme\">" . C_POSTER_REMEMBER . "</label>\n<br />\n";
			echo "<input type=\"submit\" name=\"submit\" value=\"" . PREVIEW_BUTTON . "\" />&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"submit\" value=\"" . SAVE_BUTTON . "\" />\n";
			echo "<br />\n" . C_POSTER_MODDED;
			echo "</fieldset>\n";
			echo "</form>\n";
		}
		echo "<a href=\"rss_comments.php\">" . COMMENTZ . " in RSS</a> | <a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
	}
	else echo "Comments are not allowed<br />\n";
}


function edit_comment()
{
	global $allow_comments, $PHP_SELF, $pwd, $poster_encr_password, $uniqueid, $article, $comment_table, $comment_added, $poster_name, $poster_email, $poster_homepage, $comment, $submit, $remove;

	if ($allow_comments == "yes")
	{
		$query = "SELECT pass FROM $comment_table WHERE uniqueid=$uniqueid";
		$result = mysql_query($query);
		while($query_data = mysql_fetch_array($result))
		{
			$the_password = $query_data["pass"];
		}
	
		// remove comment code
		if (((isset ($pwd)) || ($poster_encr_password == "$the_password")) && ($remove == "remove_comment"))
		{
			delete_comment($uniqueid);
			comment_article();
		}
		else if (((isset ($pwd)) || ($poster_encr_password == "$the_password")) && ($remove != "remove_comment"))
		{
			if (get_magic_quotes_gpc() != "0") $comment = stripslashes($comment);
			if ($comment_added == "yes")
			{
				if (empty ($poster_name) || empty ($comment))
				{
					listing($article);
					echo "<h4>" . C_ERROR . "</h4>\n";
				}
				else if ($poster_homepage != "" && !preg_match("/^http/i", $poster_homepage))
				{
					listing($article);
					echo "<h4>" . C_ERROR2 . "</h4>\n";
				}
				else
				{
					$save_button = SAVE_BUTTON;
					if ($submit == "$save_button")
					{
						if (get_magic_quotes_gpc() != "0") $comment = addslashes($comment);
						$query = "UPDATE $comment_table SET poster_name='$poster_name', poster_email='$poster_email', poster_homepage='$poster_homepage', comment='$comment' WHERE uniqueid='$uniqueid'";
						$result = mysql_query($query);
						// check if the insert was successful
						$num_rows = mysql_affected_rows();
						// nope:
						if($num_rows == "0")
						{
							echo "<h4>" . UNKNOWN_ERROR . "</h4>\n";// possibly due to the fact that there were no changes, so no need to worry if that's the case
						}
						else
						{
							listing($article);
							if (get_magic_quotes_gpc() != "0") $comment = stripslashes($comment);
							$comment_pre = convertBBCode($comment);
							echo "<div class=\"newsitem\">\n<div class=\"newsbody\">";
							echo "$poster_name";
							if (!empty ($poster_homepage))
							{
								echo " - <a href=\"$poster_homepage\">$poster_homepage</a>";
							}
							echo "<br /><br />\n$comment_pre</div>\n</div>\n<br />\n";
							echo "<a href=\"$PHP_SELF?action=comment&amp;article=$article#comments\">" . C_EDITED . "</a>";
						}
					}
					else
					{
						// preview code
						// if (get_magic_quotes_gpc() != "0") $comment = stripslashes($comment);
						listing($article);
						echo "<div class=\"newscommentpreview\">\n";
						echo "<h4 id=\"preview\">" . PREVIEW_LEGEND . "</h4>\n";
						echo PREVIEW_NEXT . ".";
						$comment_pre = convertBBCode($comment);
						echo "<div class=\"newsitem\">\n<div class=\"newsbody\">";
						echo "$poster_name";
						if (!empty ($poster_homepage))
						{
							echo " - <a href=\"$poster_homepage\">$poster_homepage</a>";
						}
						echo "<br /><br />\n$comment_pre</div>\n</div>\n";
						echo "</div>\n";
						// end preview
					}
				}
			}
			else
			{
				listing($article);
			}
			if(!$num_rows || $num_rows == "0")// checkchecks
			{
				if (isset ($uniqueid) && $comment_added != "yes")// checkchecks
				{
					$query = "SELECT * FROM $comment_table WHERE uniqueid=$uniqueid AND approved = '1'";
					$result = mysql_query($query);
	
					while($query_data = mysql_fetch_array($result))
					{
						$article = $query_data["id"];
						$poster_name = $query_data["poster_name"];
						$poster_email = $query_data["poster_email"];
						$poster_homepage = $query_data["poster_homepage"];
						$comment = $query_data["comment"];
					}
				}
				// removal form
				echo "<a name=\"edit\"></a>";
				if ($pwd == "yes")
				{
					echo "<form method=\"post\" action=\"$PHP_SELF?action=edit_comment\">\n";
					echo "<input type=\"hidden\" name=\"remove\" value=\"remove_comment\" />\n";
					echo "<input type=\"hidden\" name=\"article\" value=\"$article\" />\n";
					echo "<input type=\"hidden\" name=\"uniqueid\" value=\"$uniqueid\" />\n";
					echo "<fieldset><legend>" . DELETE_ITEM . "</legend>\n";
					echo "<input type=\"submit\" value=\" Remove \" onclick=\"return confirm('" . DELETE_WARN . "');\" />\n";
					echo "</fieldset>\n";
					echo "</form>\n";
				}
				// update form
				echo "<form method=\"post\" action=\"$PHP_SELF?action=edit_comment#preview\" name=\"theForm\">\n";
				echo "<fieldset><legend>" . C_LEGEND2 . "</legend>\n";
				echo "<input type=\"hidden\" name=\"uniqueid\" value=\"$uniqueid\" />\n";
				echo "<input type=\"hidden\" name=\"article\" value=\"$article\" />\n";
				echo "<input type=\"hidden\" name=\"comment_added\" value=\"yes\" />\n";
				echo C_POSTER_NAME . REQUIRED . ":<br />\n<input type=\"text\" name=\"poster_name\" size=\"25\" maxlength=\"50\" value=\"$poster_name\" /><br />\n";
				echo C_POSTER_EMAIL . ":<br />\n<input type=\"text\" name=\"poster_email\" size=\"25\" maxlength=\"50\" value=\"$poster_email\" /><br />\n";
				echo C_POSTER_HOMEPAGE . ":<br />\n<input type=\"text\" name=\"poster_homepage\" size=\"25\" maxlength=\"50\" value=\"$poster_homepage\" /><br />\n";

				echo "<input type='button' value='URL' title='" . TOOLTIP_URL . "' onclick='bbCodeUrl(\"message\");' />";
				echo "<input type='button' value='IMG' title='" . TOOLTIP_IMG . "' onclick='bbCodeImg(\"message\");' />";
				echo "<input type='button' value='EMAIL' title='" . TOOLTIP_EMAIL . "' onclick='bbCodeEmail(\"message\");' />";
				echo "<input type='button' value='ABBR' title='" . TOOLTIP_ABBR . "' onclick='bbCodeAbbr(\"message\");' />";
				echo "<input type='button' value='QUOTE' title='" . TOOLTIP_QUOTE . "' onclick='bbCodeQuote(\"message\");' />";
				echo "<input type='button' value='BOLD' title='" . TOOLTIP_BOLD . "' onclick='bbCodeBold(\"message\");' />";
				echo "<input type='button' value='ITALIC' title='" . TOOLTIP_ITALIC . "' onclick='bbCodeItalic(\"message\");' />";
				echo "<input type='button' value='CODE' title='" . TOOLTIP_CODE . "' onclick='bbCodePre(\"message\");' /><br />\n";

				echo C_NAME . REQUIRED . ":<br />\n<textarea name=\"comment\" id=\"message\" rows=\"10\" cols=\"45\">$comment</textarea><br />\n";
				echo "<input type=\"submit\" name=\"submit\" value=\"" . PREVIEW_BUTTON . "\" />&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"submit\" value=\"" . SAVE_BUTTON . "\" />\n";
				echo "</fieldset>\n";
				echo "</form>\n";
			}
			// echo "<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
		}
		else
		{
			echo "<h4>" . NO_PERMISSION . "</h4>\n";
		}
	}
	else echo "Comments are not allowed<br />\n";
}


//
// remove the item with uniqueid=$uniqueid from the comments table
//

function delete_comment($uniqueid)
{
	global $comment_table, $pwd;

	if ($pwd = "yes")
	{
		$query = "DELETE FROM $comment_table where uniqueid='$uniqueid'";
		$result = mysql_query($query);
		$num_rows = mysql_affected_rows();
		if($num_rows == "0")
		{
			echo "<h4>" . NOTHING_REMOVED . ".</h4>\n";
		}
		else
		{
			echo "<strong>" . ITEM_REMOVED . ".</strong>\n";
		}
	}
}


//
// shows all the articles in the selected topic
//

function show_topic()
{
	global $PHP_SELF, $table, $now, $topic;

	if (!empty ($topic))
	{
		echo "<h2>" . ALL_ARTICLES . " $topic</h2>\n";
		$query = "SELECT id, text, title, topic, poster, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate FROM $table WHERE topic = '$topic' AND (expires >= '$now' OR expires = '00000000') AND push <= '$now' ORDER BY id DESC";
		$result = mysql_query($query);

		while($query_data = mysql_fetch_array($result))
		{
			$article = $query_data["id"];
			$title = htmlentities($query_data["title"]);
			$topic = $query_data["topic"];
			$poster = $query_data["poster"];
			$publicationdate = $query_data["publicationdate"];
			$text = $query_data["text"];
			$text = convertBBCode($text);

			show_article($article, $title, $topic, $poster, $publicationdate, $text);
		}
	}
	else
	{
		echo "<h2>" . ALL_ARTICLES . " $topic</h2>\n";
		$query = "SELECT count(*) AS counter, topic FROM $table WHERE (expires >= '$now' OR expires = '00000000') AND push <= '$now' GROUP BY topic ORDER  BY topic ASC";

		$result = mysql_query($query);
		while($query_data = mysql_fetch_array($result))
		{
			$topic = $query_data["topic"];
			$counter = $query_data["counter"];

			if ($topic == "") echo "<a href=\"$news_base?action=topic&amp;topic=$topic\">[BLANK_TOPIC]</a> ($counter ";
			else echo "<a href=\"$news_base?action=topic&amp;topic=$topic\">$topic</a> ($counter ";
			if ($counter == 1) echo ARTICLES_1;
			else echo ARTICLES_2;
			echo ")<br />\n";
		}
		echo "<br />\n";
	}
	echo "<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a> | <a href=\"$news_base?action=topic\">" . SHOW_TOPICS . "</a>";
}


//
// function that actually shows an article
// used in normal(), listing() and show_topic()
//

function show_article($article, $title, $topic, $poster, $publicationdate, $text)
{
	global $PHP_SELF, $show_poster, $google_headline, $allow_comments, $comment_table, $date_format;

	echo "<div class=\"newsitem\">\n";
	echo "<span class=\"newstitle\">$title";
	if ($show_poster == "yes" && $poster != "")
	{
		echo "<span class=\"newswritername\"> - $poster</span>";
	}
	echo "</span>\n";
	if (!empty ($topic))
	{
		$encoded_topic = urlencode($topic);
		echo "<div class=\"newstopic\"><a href=\"$PHP_SELF?action=topic&amp;topic=$encoded_topic\">$topic</a></div>\n";
	}
	echo "<div class=\"newsbody\">$text</div>\n";

	if ($publicationdate == "00-00-0000 00:00:00") $publicationdate = DATE_UNKNOWN_PLINK;
	else if ($date_format == "american")
	{
		// mangle publicationdate here
		$arrDateTime = explode("-", $publicationdate);
		$day = $arrDateTime[0];
		$month = $arrDateTime[1];
		$year = $arrDateTime[2];
		$publicationdate = "$month/$day/$year";
	}
	
	echo "<div class=\"newsfooter\"><a href=\"$PHP_SELF?article=$article\">$publicationdate</a>";
	if ($google_headline == "yes")
	{
		echo "&nbsp;&nbsp;&nbsp;<a href=\"http://www.google.com/search?q=" . urlencode($title) ."\">" . GOOGLE_HEADLINE . "</a>";
	}
	if ($allow_comments == "yes")
	{
		$query = "SELECT count(id) as counter FROM $comment_table WHERE id=$article AND approved = '1'";
		$result = mysql_query($query);
		while($query_data = mysql_fetch_array($result))
		{
			$number = $query_data["counter"];
			echo "&nbsp;&nbsp;&nbsp;<a href=\"$PHP_SELF?action=comment&amp;article=$article#comments\">" . COMMENTZ . "</a> ($number)";
		}
	}

	echo "</div>\n";
	echo "</div><br />\n";
	// flush();
	// sleep(1);
}


function calender()
{
	global $table, $PHP_SELF, $day, $month, $year;

	// calendar code adapted from
	// http://www.devarticles.com/c/a/PHP/A-Useful-Event-Calendar-Written-In-PHP
	// and a comment by nikhil at nikhilzkingdom dot com on
	// http://nl2.php.net/manual/en/function.date.php#53237

	// with additional logic to determine whether there's an event in the database that corresponds to a date on the calendar, crafted by Harold, http://www.haroldbakker.com/

	// Look out!
	// the code below is VERY complex
	// do not mess with the calendarcode unless you are REALLY sure of what you're doing+
	// and have created a backup :)

	if ($day == "") $day = date("j");
	if ($month == "") $month = date("m");
	if ($year == "") $year = date("Y");
	
	$currentTimeStamp = strtotime("$year-$month-$day");
	$numDays = date("t", $currentTimeStamp);
	$counter = 0;
	$monthnumber = date("n", $currentTimeStamp);
	$monthname = array(
		1 => 'January',
		2 => 'February',
		3 => 'March',
		4 => 'April',
		5 => "May",
		6 => 'June',
		7 => 'July',
		8 => 'August',
		9 => 'September',
		10 => 'October',
		11 => 'November',
		12 => 'December'	
	);
	?>
	<table width="250" border="0" cellspacing="0" cellpadding="0" class="calendar" align="center">
	<tr>
		<td align="center">&nbsp;<input type="button" value=" &lt; " onclick='goLastMonth(<?php echo $month . ", " . $year; ?>)' /></td>
		<td colspan="5" class="monthname" align="center"><?php echo $monthname[$monthnumber] . " " . $year; ?></td>
		<td align="center">
		<input type="button" value=" &gt; " onclick='goNextMonth(<?php echo $month . ", " . $year; ?>)' /></td>
	</tr>
	<tr>
		<th width="20">Sun</th>
		<th width="20">Mon</th>
		<th width="20">Tue</th>
		<th width="20">Wed</th>
		<th width="20">Thu</th>
		<th width="20">Fri</th>
		<th width="20">Sat</th>
	</tr>
	<tr>
	<?php
	$slot = 0; // end-padding counter that will be used to create empty cells at the end of the table if needed
	for($i = 1; $i < $numDays+1; $i++, $counter++)
	{
		$timeStamp = strtotime("$year-$month-$i");
	
		if ($i == 1)
		{
			// work out when the first day of the month is
			$firstDay = date("w", $timeStamp);
		
			for($j = 0; $j < $firstDay; $j++, $counter++)
			echo "	<td>&nbsp;</td>\n";// start the table with empty cells if appropriate
			$slot++;
		}
		if ($counter % 7 == 0) 
		{
			echo "</tr>\n<tr>\n";
			$slot = 0; // new row, restart end padding counter
		}
		if (date("w", $timeStamp) == 0 || date("w", $timeStamp) == 6) $class = "class=\"weekend\"";
		else if ($i == date("d") && $month == date("m") && $year == date("Y")) $class = "class=\"today\"";
		else $class = "class=\"normal\"";
	
		echo "	<td $class>";
	
		// ----------------------------------------------------------------
		// here is the logic that looks in the db to see whether there's an event this day
		// we then create a link so we can display more data
		$query = "SELECT DATE_FORMAT(publicationdate,'%d-%m-%Y') as publicationdate FROM $table";
		$result = mysql_query($query);
		while($query_data = mysql_fetch_array($result))
		{
			$publicationdate = $query_data["publicationdate"];
			// cursusdata staat in iets als: 7-10-2005, 14-10-2005, 28-10-2005
			$arrEventDate = explode("-", $publicationdate);// split date to component parts
			$dag = $arrEventDate[0];
			$maand = $arrEventDate[1];
			$jaar = $arrEventDate[2];

			if ($maand == $month && $jaar == $year)// if the event is in THIS month AND THIS year
			{
				if ($dag == $i)// .. AND THIS day
				{
					// .. we pop up a new window where we display all events for that day
					$arrLink1[$i] = "<a href=\"$PHP_SELF?action=day&amp;datum=$publicationdate\" class=\"hasevent\">";// open tag
					$arrLink2[$i] = "</a>";// close tag
				}
			}
		}
		// ----------------------------------------------------------------
	
		echo $arrLink1[$i] . $i . $arrLink2[$i];// if there aren't any events this day the two arrays are empty
		echo "</td>\n";
		$slot++;
	}
	if ($slot > 0)
	{
		while($slot < 7)// close the table with empty cells if appropriate
		{
			echo "    <td>&nbsp;</td>\n";
			$slot++;
		}
		echo "</tr>\n";
	}
	?>
	</table>
	<?php
	if (($month != date("m")) || ($year != date("Y"))) echo "&nbsp;&nbsp;<a href=\"$PHP_SELF?action=calender\">current month</a>";
	echo "<br />\n<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
}


// show items from a particular day
function day()
{
	global $table, $datum, $now;
	
	$query = "SELECT text, title, topic, poster, DATE_FORMAT(publicationdate,'%d-%m-%Y %H:%i:%s') as publicationdate, id FROM $table WHERE DATE_FORMAT(publicationdate,'%d-%m-%Y') = '$datum' AND (expires >= '$now' OR expires = '00000000') AND push <= $now ORDER BY id DESC";
	$result = mysql_query($query);
	while($query_data = mysql_fetch_array($result))
	{
		$article = $query_data["id"];
		$text = convertBBCode($query_data["text"]);
		$title = htmlentities($query_data["title"]);
		$topic = $query_data["topic"];
		$poster = $query_data["poster"];
		$publicationdate = $query_data["publicationdate"];

		show_article($article, $title, $topic, $poster, $publicationdate, $text);
	}
	echo "<br />\n<a href=\"$PHP_SELF?action=list\">" . SHOW_ALL . "</a> | <a href=\"$PHP_SELF?action=normal\">" . READ_ALL . "</a>";
}


echo "<br /><br />\n";
//echo "<a href=\"admin.php\">Administrative module.</a>";


include "foot.php";
mysql_close($conn);
?>
Return current item: HB-NS