<?php
/**************************************************************************
* *
* 4images - A Web Based Image Gallery Management System *
* ---------------------------------------------------------------- *
* *
* File: categories.php *
* Copyright: (C) 2002-2012 Jan Sorgalla *
* Email: hide@address.com *
* Web: http://www.4homepages.de *
* Scriptversion: 1.7.11 *
* *
* Never released without support from: Nicky (http://www.nicky.net) *
* *
**************************************************************************
* *
* Dieses Script ist KEINE Freeware. Bitte lesen Sie die Lizenz- *
* bedingungen (Lizenz.txt) für weitere Informationen. *
* --------------------------------------------------------------- *
* This script is NOT freeware! Please read the Copyright Notice *
* (Licence.txt) for further information. *
* *
*************************************************************************/
define('IN_CP', 1);
define('ROOT_PATH', './../');
require('admin_global.php');
$show_all_subcats = false;
$open_cat_link = '<img src="./images/plus.gif" border="0">';
$close_cat_link = '<img src="./images/minus.gif" border="0">';
$show_cat_order_dropdown = true;
include(ROOT_PATH.'includes/search_utils.php');
if ($action == "") {
$action = "modifycats";
}
$access_field_array = array(
"auth_viewcat" => AUTH_ALL,
"auth_viewimage" => AUTH_ALL,
"auth_download" => AUTH_USER,
"auth_upload" => AUTH_USER,
"auth_directupload" => AUTH_ADMIN,
"auth_vote" => AUTH_ALL,
"auth_sendpostcard" => AUTH_ALL,
"auth_readcomment" => AUTH_ALL,
"auth_postcomment" => AUTH_USER
);
$access_array = array(
AUTH_ALL => $lang['all'],
AUTH_USER => $lang['userlevel_registered'],
AUTH_ACL => $lang['private'],
AUTH_ADMIN => $lang['userlevel_admin']
);
function show_access_select($title = "", $type, $status) {
global $access_array, $HTTP_POST_VARS;
if (isset($HTTP_POST_VARS[$type])) {
$status = $HTTP_POST_VARS[$type];
}
echo "<tr class=\"".get_row_bg()."\" valign=\"top\">\n<td><p class=\"rowtitle\">".$title."</p></td>\n";
echo "<td>\n<select name=\"".$type."\">\n";
foreach ($access_array as $key => $val) {
echo "<option value=\"".$key."\"";
if ($status == $key) {
echo " selected=\"selected\"";
}
echo ">".$val."</option>\n";
}
echo "</select>\n</td>\n</tr>\n";
}
function create_cat_folder($path, $mode) {
if (@is_dir($path)) {
@chmod($path, $mode);
return true;
}
else {
$oldumask = umask(0);
$result = mkdir($path, $mode);
umask($oldumask);
if (!@is_dir($path) || !$result) {
$result = mkdir($path, 0755);
@chmod($path, $mode);
}
return $result;
}
}
function remove_cat_folder($path) {
$ok = 1;
if (@is_dir($path)) {
$handle = opendir($path);
while ($file = @readdir($handle)) {
if ($file != "." && $file != "..") {
$ok = (!remove_cat_folder($path."/".$file)) ? 0 : $ok;
}
}
closedir($handle);
$ok = (!rmdir($path)) ? 0 : $ok;
}
else {
$ok = (!unlink($path)) ? 0 : $ok;
}
return $ok;
}
function remove_subcategories($cid = 0, $depth = 1) {
global $site_db, $error_log, $lang, $category_cache;
if (!isset($category_cache[$cid])) {
return false;
}
foreach ($category_cache[$cid] as $key => $cats) {
echo "<table border=\"0\" cellpadding=\"2\" cellspacing=\"0\"><tr><td>\n";
if ($depth > 1) {
echo str_repeat(" ", $depth - 1)."\n";
}
echo "</td><td>\n";
$sql = "DELETE FROM ".GROUP_ACCESS_TABLE."
WHERE cat_id = ".$cats['cat_id'];
$site_db->query($sql);
$sql = "DELETE FROM ".CATEGORIES_TABLE."
WHERE cat_id = ".$cats['cat_id'];
if ($site_db->query($sql)) {
echo $lang['cat_delete_success']." <b>".format_text($cats['cat_name'], 2)."</b> (ID: ".$cats['cat_id'].")<br />\n";
}
else {
$error_log[] = $lang['cat_delete_error']." <b>".format_text($cats['cat_name'], 2)."</b> (ID: ".$cats['cat_id'].")";
}
$sql = "SELECT image_id
FROM ".IMAGES_TABLE."
WHERE cat_id = ".$cats['cat_id'];
$img_result = $site_db->query($sql);
$image_ids_sql = 0;
while ($image_row = $site_db->fetch_array($img_result)) {
$image_ids_sql .= (($image_ids_sql != "") ? ", " : "").$image_row['image_id'];
}
$sql = "DELETE FROM ".IMAGES_TABLE."
WHERE image_id IN ($image_ids_sql)";
if ($site_db->query($sql)) {
echo "-» ".$lang['image_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['image_delete_error']." (".format_text($cats['cat_name'], 2).", ID: ".$cats['cat_id'].")";
}
if (!empty($cats['cat_id'])) {
if (remove_cat_folder(MEDIA_PATH."/".$cats['cat_id'])) {
echo "-» ".$lang['file_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['file_delete_error']." (".format_text($cats['cat_name'], 2).", ID: ".$cats['cat_id'].")";
}
if (remove_cat_folder(THUMB_PATH."/".$cats['cat_id'])) {
echo "-» ".$lang['thumb_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['thumb_delete_error']." (".format_text($cats['cat_name'], 2).", ID: ".$cats['cat_id'].")";
}
}
$sql = "DELETE FROM ".COMMENTS_TABLE."
WHERE image_id IN ($image_ids_sql)";
if ($site_db->query($sql)) {
echo "-» ".$lang['comments_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['comments_delete_error']." (".format_text($cats['cat_name'], 2).", ID: ".$cats['cat_id'].")";
}
remove_searchwords($image_ids_sql);
echo "<br /></td></tr></table>\n";
remove_subcategories($cats['cat_id'], $depth + 1);
}
unset($category_cache[$cid]);
return true;
}
function show_category_rows($cid = 0, $depth = 1) {
global $site_db, $site_sess, $lang, $category_cache, $cat_parent_cache;
if (!isset($category_cache[$cid])) {
return false;
}
foreach ($category_cache[$cid] as $key => $cats) {
$class = "tablerow2";
if ($cats['cat_parent_id'] == 0) {
$class = "tablerow";
}
echo "<tr class=\"$class\">\n";
if (!$GLOBALS['show_all_subcats']) {
if (!empty($cat_parent_cache[$cats['cat_id']])) {
$href = $site_sess->url("categories.php?action=modifycats");
if (isset($GLOBALS['map'][$cats['cat_id']]) || $GLOBALS['open_all']) {
$char = $GLOBALS['close_cat_link'];
$href .= "&closecat=".$cats['cat_id'];
} else {
$char = $GLOBALS['open_cat_link'];
$href .= "&opencat=".$cats['cat_id'];
}
$char = '<a href="'.$href.'">'.$char.'</a>';
} else {
$char = ' ';
}
echo "<td align=\"center\">".$char."</td>";
}
echo "<td>\n";
if ($depth > 1) {
echo str_repeat(" ", $depth - 1)."<img src=\"images/folder_path.gif\" alt=\"\">\n";
}
echo "<img src=\"".ROOT_PATH."admin/images/folder.gif\" alt=\"\"><b><a href=\"".$site_sess->url(ROOT_PATH."categories.php?cat_id=".$cats['cat_id'])."\" target=\"_blank\">".format_text($cats['cat_name'], 2)."</a>\n</b> (ID: ".$cats['cat_id'].") ";
show_text_link($lang['edit'], "categories.php?action=editcat&cat_id=".$cats['cat_id']);
show_text_link($lang['delete'], "categories.php?action=removecat&cat_id=".$cats['cat_id']);
show_text_link($lang['add_subcategory'], "categories.php?action=addcat&cat_parent_id=".$cats['cat_id']);
echo "\n</td>\n<td align=\"center\">";
echo "<a href=\"".$site_sess->url("categories.php?action=ordercat&move=up&cat_id=".$cats['cat_id'])."\"><img src=\"images/arrow_up.gif\" border=\"0\"></a>\n";
echo "<a href=\"".$site_sess->url("categories.php?action=ordercat&move=down&cat_id=".$cats['cat_id'])."\"><img src=\"images/arrow_down.gif\" border=\"0\"></a>\n";
echo "</td>\n</tr>\n";
show_category_rows($cats['cat_id'], $depth + 1);
}
unset($category_cache[$cid]);
}
function update_cat_order($parent_id = 0) {
global $site_db;
$sql = "SELECT cat_id
FROM ".CATEGORIES_TABLE."
WHERE cat_parent_id = $parent_id
ORDER BY cat_order ASC";
$result = $site_db->query($sql);
$i = 10;
while ($row = $site_db->fetch_array($result)) {
$sql = "UPDATE ".CATEGORIES_TABLE."
SET cat_order = $i
WHERE cat_id = ".$row['cat_id'];
$site_db->query($sql);
$i += 10;
}
}
function get_cat_order_dropdown($parent_id = 0, $cat_order = 0) {
global $cat_cache, $cat_parent_cache, $lang, $HTTP_POST_VARS;
$category_list = "
<script language=\"JavaScript\" type=\"text/JavaScript\">
<!--
var group = new Array();
";
foreach ($cat_parent_cache as $key => $val) {
$i = 0;
$category_list .= "group[".$key."] = new Array();\n";
$category_list .= "group[".$key."][".$i++."] = new Option(\"".$lang['at_beginning']."\", \"5\");\n";
$category_list .= "group[".$key."][".$i++."] = new Option(\"".$lang['at_end']."\", \"0\");\n";
foreach ($val as $val2) {
$category_list .= "group[".$key."][".$i++."] = new Option(\"".$lang['after']." ".format_text($cat_cache[$val2]['cat_name'], 2)."\", \"".($cat_cache[$val2]['cat_order'] + 5)."\");\n";
}
$category_list .= "\n";
}
$category_list .= "
function update_order_select(x) {
for (i = document.cat_form.cat_order.length - 1; i > 0; i--) {
document.cat_form.cat_order.options[i] = null;
}
if (!group[x]) {
return;
}
for (i = 0; i < group[x].length; i++) {
document.cat_form.cat_order.options[i] = new Option(group[x][i].text, group[x][i].value);
}
document.cat_form.cat_order.options[0].selected = true;
}
//-->
</script>
";
$category_list .= "\n<select name=\"cat_order\" class=\"categoryselect\">\n";
$category_list .= "<option value=\"0\"";
if (isset($HTTP_POST_VARS['cat_order']) && $HTTP_POST_VARS['cat_order'] == 0) {
$category_list .= " selected";
}
$category_list .= ">".$lang['at_end']."</option>\n";
$category_list .= "<option value=\"5\"";
if (isset($HTTP_POST_VARS['cat_order']) && $HTTP_POST_VARS['cat_order'] == 5) {
$category_list .= " selected";
}
elseif (!isset($HTTP_POST_VARS['cat_order']) && $cat_order == 10) {
$category_list .= " selected";
}
$category_list .= ">".$lang['at_beginning']."</option>\n";
if (isset($cat_parent_cache[$parent_id])) {
foreach ($cat_parent_cache[$parent_id] as $key => $val) {
$category_list .= "<option value=\"".($cat_cache[$val]['cat_order'] + 5)."\"";
if (isset($HTTP_POST_VARS['cat_order']) && $HTTP_POST_VARS['cat_order'] == ($cat_cache[$val]['cat_order'] + 5)) {
$category_list .= " selected";
}
elseif (!isset($HTTP_POST_VARS['cat_order']) && $cat_cache[$val]['cat_order'] == $cat_order - 10) {
$category_list .= " selected";
}
$category_list .= ">".$lang['after']." ".format_text($cat_cache[$val]['cat_name'], 2)."</option>\n";
}
}
$category_list .= "</select>
<script language=\"JavaScript\" type=\"text/JavaScript\">
//update_order_select(".$parent_id.");
</script>
";
return $category_list;
}
function get_subcategories_id($cat_id = 0) {
global $subcat_ids, $cat_parent_cache;
if (!isset($cat_parent_cache[$cat_id])) {
return false;
}
foreach ($cat_parent_cache[$cat_id] as $key => $val) {
$subcat_ids[] = $val;
get_subcategories_id($val);
}
return $subcat_ids;
}
function forward_to_modify($msg) {
global $site_sess;
$site_sess->set_session_var('msg', $msg);
redirect("categories.php?action=modifycats");
}
if ($action == "ordercat") {
$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : intval($HTTP_GET_VARS['cat_id']);
$move = (isset($HTTP_POST_VARS['move'])) ? trim($HTTP_POST_VARS['move']) : trim($HTTP_GET_VARS['move']);
$number = ($move == "up") ? -15 : 15;
$sql = "UPDATE ".CATEGORIES_TABLE."
SET cat_order = cat_order + $number
WHERE cat_id = $cat_id";
$site_db->query($sql);
update_cat_order($cat_cache[$cat_id]['cat_parent_id']);
//$action = "modifycats";
forward_to_modify($msg);
}
if ($action == "deletecat") {
$error_log = array();
show_admin_header();
show_table_header($lang['main_category'], 1);
$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : intval($HTTP_GET_VARS['cat_id']);
$sql = "SELECT cat_id, cat_name, cat_parent_id
FROM ".CATEGORIES_TABLE."
ORDER BY cat_order, cat_name ASC";
$result = $site_db->query($sql);
$category_cache = array();
while ($row = $site_db->fetch_array($result)) {
$category_cache[$row['cat_parent_id']][$row['cat_id']] = $row;
}
echo "<tr><td class=\"tablerow\">\n";
echo "<table border=\"0\" cellpadding=\"2\" cellspacing=0><tr><td> </td><td>\n";
$sql = "DELETE FROM ".GROUP_ACCESS_TABLE."
WHERE cat_id = ".$cat_id;
$site_db->query($sql);
$sql = "DELETE FROM ".CATEGORIES_TABLE."
WHERE cat_id = ".$cat_id;
if ($site_db->query($sql)) {
echo $lang['cat_delete_success']." <b>".format_text($cat_cache[$cat_id]['cat_name'], 2)."</b> (ID: ".$cat_id.")<br />\n";
}
else {
$error_log[] = $lang['cat_delete_error']." <b>".format_text($cat_cache[$cat_id]['cat_name'], 2)."</b> (ID: ".$cat_id.")";
}
$sql = "SELECT image_id
FROM ".IMAGES_TABLE."
WHERE cat_id = ".$cat_id;
$img_result = $site_db->query($sql);
$image_ids_sql = 0;
while ($image_row = $site_db->fetch_array($img_result)) {
$image_ids_sql .= (($image_ids_sql != "") ? ", " : "").$image_row['image_id'];
}
$sql = "DELETE FROM ".IMAGES_TABLE."
WHERE image_id IN ($image_ids_sql)";
if ($site_db->query($sql)) {
echo "-» ".$lang['image_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['image_delete_error']." (".format_text($cat_cache[$cat_id]['cat_name'], 2).", ID: ".$cat_id.")";
}
if (!empty($cat_id)) {
if (remove_cat_folder(MEDIA_PATH."/".$cat_id)) {
echo "-» ".$lang['file_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['file_delete_error']." (".format_text($cat_cache[$cat_id]['cat_name'], 2).", ID: ".$cat_id.")";
}
if (remove_cat_folder(THUMB_PATH."/".$cat_id)) {
echo "-» ".$lang['thumb_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['thumb_delete_error']." (".format_text($cat_cache[$cat_id]['cat_name'], 2).", ID: ".$cat_id.")";
}
}
$sql = "DELETE FROM ".COMMENTS_TABLE."
WHERE image_id IN ($image_ids_sql)";
if ($site_db->query($sql)) {
echo "-» ".$lang['comments_delete_success']."<br />\n";
}
else {
$error_log[] = $lang['comments_delete_error']." (".format_text($cat_cache[$cat_id]['cat_name'], 2).", ID: ".$cat_id.")";
}
remove_searchwords($image_ids_sql);
echo "<br /></td></tr></table>\n";
echo "</td></tr>\n";
show_table_separator($lang['sub_categories'], 1);
echo "<tr><td class=\"tablerow\">\n";
if (!remove_subcategories($cat_id)) {
echo $lang['no_subcategories'];
}
echo "</td></tr>\n";
show_table_footer();
if (!empty($error_log)) {
show_table_header("Error Log:", 1);
echo "<tr><td class=\"tablerow\">\n";
echo "<table border=\"0\" cellpadding=\"\"2 cellspacing=\"0\"><tr><td> </td><td>\n";
echo "<b>".$lang['error_log_desc']."</b>\n<ul>\n";
foreach ($error_log as $key => $val) {
printf ("<li>%s</li>\n", $val);
}
echo "</ul>\n</td></tr></table>\n";
echo "</td></tr>\n";
show_table_footer();
}
echo "<p>";
show_text_link($lang['back_overview'],"categories.php?action=modifycats");
}
if ($action == "removecat") {
$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : intval($HTTP_GET_VARS['cat_id']);
show_admin_header();
show_form_header("categories.php", "deletecat");
show_hidden_input("cat_id", $cat_id);
show_table_header($lang['delete'].": ".format_text($cat_cache[$cat_id]['cat_name'], 2), 2);
show_description_row($lang['delete_cat_confirm']);
show_form_footer($lang['yes'], "", 2, $lang['no']);
}
if ($action == "savecat") {
$error = array();
$cat_name = un_htmlspecialchars(trim($HTTP_POST_VARS['cat_name']));
$cat_description = un_htmlspecialchars(trim($HTTP_POST_VARS['cat_description']));
$cat_parent_id = intval($HTTP_POST_VARS['cat_parent_id']);
$cat_order = (isset($HTTP_POST_VARS['cat_order'])) ? intval($HTTP_POST_VARS['cat_order']) : 0;
$auth_viewcat = intval($HTTP_POST_VARS['auth_viewcat']);
$auth_viewimage = intval($HTTP_POST_VARS['auth_viewimage']);
$auth_download = intval($HTTP_POST_VARS['auth_download']);
$auth_upload = intval($HTTP_POST_VARS['auth_upload']);
$auth_directupload = intval($HTTP_POST_VARS['auth_directupload']);
$auth_vote = intval($HTTP_POST_VARS['auth_vote']);
$auth_sendpostcard = intval($HTTP_POST_VARS['auth_sendpostcard']);
$auth_readcomment = intval($HTTP_POST_VARS['auth_readcomment']);
$auth_postcomment = intval($HTTP_POST_VARS['auth_postcomment']);
if ($cat_name == "") {
$error['cat_name'] = 1;
}
if (empty($error)) {
if (!$cat_order) {
$sql = "SELECT cat_order
FROM ".CATEGORIES_TABLE."
WHERE cat_parent_id = $cat_parent_id
ORDER BY cat_order DESC
LIMIT 1";
$catorder = $site_db->query_firstrow($sql);
$cat_order = $catorder['cat_order'] + 10;
$do_update_cat_order = 0;
}
else {
$do_update_cat_order = 1;
}
$sql = "INSERT INTO ".CATEGORIES_TABLE."
(cat_name, cat_description, cat_parent_id, cat_order, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment)
VALUES
('$cat_name', '$cat_description', $cat_parent_id, $cat_order, $auth_viewcat, $auth_viewimage, $auth_download, $auth_upload, $auth_directupload, $auth_vote, $auth_sendpostcard, $auth_readcomment, $auth_postcomment)";
$result = $site_db->query($sql);
$cat_id = $site_db->get_insert_id();
if ($result && $cat_id) {
if ($do_update_cat_order) {
update_cat_order($cat_parent_id);
}
$msg = $lang['cat_add_success'];
create_cat_folder(MEDIA_PATH."/".$cat_id, CHMOD_DIRS);
create_cat_folder(THUMB_PATH."/".$cat_id, CHMOD_DIRS);
}
else {
$msg = $lang['cat_add_error'];
}
//$action = "modifycats";
forward_to_modify($msg);
}
else {
$msg = sprintf("<span class=\"marktext\">%s</span>", $lang['lostfield_error']);
$action = "addcat";
}
}
if ($action == "addcat") {
if ($msg != "") {
printf("<b>%s</b>\n", $msg);
}
show_admin_header();
show_form_header("categories.php", "savecat", "cat_form");
show_table_header($lang['nav_categories_add'], 2);
show_input_row($lang['field_category_name'], "cat_name", "", $textinput_size);
show_textarea_row($lang['field_description_ext'], "cat_description", "", $textarea_size);
$cat_parent_id = (isset($HTTP_GET_VARS['cat_parent_id'])) ? intval($HTTP_GET_VARS['cat_parent_id']) : 0;
$category = "\n<select name=\"cat_parent_id\" class=\"categoryselect\" onChange=\"update_order_select(this.options[this.selectedIndex].value)\">\n";
$category .= "<option value=\"0\">".$lang['main_category']."</option>\n";
$category .= "<option value=\"0\">--------------</option>\n";
$drop_down_cat_cache = array();
$drop_down_cat_cache = $cat_parent_cache;
$category .= get_category_dropdown_bits($cat_parent_id);
$category .= "</select>\n";
show_custom_row($lang['field_parent'], $category);
if ($show_cat_order_dropdown) {
show_custom_row($lang['cat_order'], get_cat_order_dropdown($cat_parent_id));
}
$permission_headline = $lang['permissions'];
if ($cat_parent_id != 0) {
$new_access_field_array = array();
$sql = "SELECT cat_name, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment
FROM ".CATEGORIES_TABLE."
WHERE cat_id = $cat_parent_id";
$row = $site_db->query_firstrow($sql);
foreach ($access_field_array as $key => $val) {
$new_access_field_array[$key] = $row[$key];
}
unset($access_field_array);
$access_field_array = $new_access_field_array;
$permission_headline .= "<span class=\"smalltext\"><br>".$lang['permissions_inherited']." (".format_text($row['cat_name'], 2).")</span>";
}
show_table_separator($permission_headline, 2);
foreach ($access_field_array as $key => $val) {
show_access_select($lang[$key], $key, $val);
}
show_form_footer($lang['add'], $lang['reset'], 2);
}
if ($action == "updatecat") {
$error = array();
$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : intval($HTTP_GET_VARS['cat_id']);
$cat_parent_id = intval($HTTP_POST_VARS['cat_parent_id']);
$cat_name = un_htmlspecialchars(trim($HTTP_POST_VARS['cat_name']));
$cat_description = un_htmlspecialchars(trim($HTTP_POST_VARS['cat_description']));
$cat_hits = intval(trim($HTTP_POST_VARS['cat_hits']));
$cat_order = (isset($HTTP_POST_VARS['cat_order'])) ? intval($HTTP_POST_VARS['cat_order']) : 0;
$auth_viewcat = intval($HTTP_POST_VARS['auth_viewcat']);
$auth_viewimage = intval($HTTP_POST_VARS['auth_viewimage']);
$auth_download = intval($HTTP_POST_VARS['auth_download']);
$auth_upload = intval($HTTP_POST_VARS['auth_upload']);
$auth_directupload = intval($HTTP_POST_VARS['auth_directupload']);
$auth_vote = intval($HTTP_POST_VARS['auth_vote']);
$auth_sendpostcard = intval($HTTP_POST_VARS['auth_sendpostcard']);
$auth_readcomment = intval($HTTP_POST_VARS['auth_readcomment']);
$auth_postcomment = intval($HTTP_POST_VARS['auth_postcomment']);
$subcat_ids = array();
get_subcategories_id($cat_id);
if ($cat_parent_id == $cat_id || in_array($cat_parent_id, $subcat_ids)) {
$msg .= sprintf("<span class=\"marktext\">%s</span><br />", $lang['parent_cat_error']);
$error['cat_parent_id'] = 1;
}
if ($cat_name == "") {
$error['cat_name'] = 1;
}
if (empty($error)) {
if (!$cat_order) {
$sql = "SELECT cat_order
FROM ".CATEGORIES_TABLE."
WHERE cat_parent_id = $cat_parent_id
ORDER BY cat_order DESC
LIMIT 1";
$catorder = $site_db->query_firstrow($sql);
$cat_order = $catorder['cat_order'] + 10;
$do_update_cat_order = 0;
}
else {
$do_update_cat_order = 1;
}
$sql = "UPDATE ".CATEGORIES_TABLE."
SET cat_name = '$cat_name', cat_description = '$cat_description', cat_parent_id = $cat_parent_id, cat_order = $cat_order, cat_hits = $cat_hits, auth_viewcat = $auth_viewcat, auth_viewimage = $auth_viewimage, auth_download = $auth_download, auth_upload = $auth_upload, auth_directupload = $auth_directupload, auth_vote = $auth_vote, auth_sendpostcard = $auth_sendpostcard, auth_readcomment = $auth_readcomment, auth_postcomment = $auth_postcomment
WHERE cat_id = $cat_id";
$result = $site_db->query($sql);
if ($result && $do_update_cat_order) {
update_cat_order($cat_parent_id);
}
$msg = ($result) ? $lang['cat_edit_success'] : $lang['cat_edit_error'];
//$action = "modifycats";
forward_to_modify($msg);
}
else {
$msg .= sprintf("<span class=\"marktext\">%s</span>", $lang['lostfield_error']);
$action = "editcat";
}
}
if ($action == "editcat") {
if ($msg != "") {
printf("<b>%s</b>\n", $msg);
}
$cat_id = (isset($HTTP_POST_VARS['cat_id'])) ? intval($HTTP_POST_VARS['cat_id']) : intval($HTTP_GET_VARS['cat_id']);
$sql = "SELECT cat_name, cat_description, cat_parent_id, cat_hits, cat_order, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment
FROM ".CATEGORIES_TABLE."
WHERE cat_id = $cat_id";
$cat_row = $site_db->query_firstrow($sql);
show_admin_header();
show_form_header("categories.php", "updatecat", "cat_form");
show_hidden_input("cat_id", $cat_id);
show_table_header($lang['nav_categories_edit'], 2);
show_input_row($lang['field_category_name'], "cat_name", $cat_row['cat_name'], $textinput_size);
show_textarea_row($lang['field_description_ext'], "cat_description", $cat_row['cat_description'], $textarea_size);
$cat_parent_id = $cat_row['cat_parent_id'];
$category = "\n<select name=\"cat_parent_id\" class=\"categoryselect\" onChange=\"update_order_select(this.options[this.selectedIndex].value)\">\n";
$category .= "<option value=\"0\">".$lang['main_category']."</option>\n";
$category .= "<option value=\"0\">--------------</option>\n";
$drop_down_cat_cache = array();
$drop_down_cat_cache = $cat_parent_cache;
$category .= get_category_dropdown_bits($cat_parent_id);
$category .= "</select>\n";
show_custom_row($lang['field_parent'], $category);
if ($show_cat_order_dropdown) {
show_custom_row($lang['cat_order'], get_cat_order_dropdown($cat_parent_id, $cat_row['cat_order']));
}
show_input_row($lang['field_hits'], "cat_hits", $cat_row['cat_hits'], 5);
show_table_separator($lang['permissions'], 2);
foreach ($access_field_array as $key => $val) {
show_access_select($lang[$key], $key, $cat_row[$key]);
}
show_form_footer($lang['save_changes'], $lang['reset'], 2, $lang['back']);
}
if ($action == "modifycats") {
$site_sess->set_session_var('back_url', $self_url);
show_admin_header();
if ($msg != "") {
printf("<b>%s</b>\n<p>", $msg);
} else {
$msg = $site_sess->get_session_var('msg');
if ($msg != "") {
printf("<b>%s</b>\n<p>", $msg);
}
$site_sess->drop_session_var('msg');
}
if ($ser_map = $site_sess->get_session_var('map')) {
$GLOBALS['map'] = unserialize($ser_map);
} else {
$GLOBALS['map'] = array();
}
if (isset($HTTP_GET_VARS['opencat'])) {
$opencat = intval($HTTP_GET_VARS['opencat']);
$GLOBALS['map'][$opencat] = $opencat;
}
if (isset($HTTP_GET_VARS['closecat'])) {
$closecat = intval($HTTP_GET_VARS['closecat']);
unset($GLOBALS['map'][$closecat]);
}
$open_all = false;
if (isset($HTTP_GET_VARS['openall'])) {
$open_all = true;
}
if (isset($HTTP_GET_VARS['closeall'])) {
$open_all = false;
$GLOBALS['map'] = array();
}
$sql = "SELECT cat_id, cat_name, cat_description, cat_parent_id, cat_hits, cat_order, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment
FROM ".CATEGORIES_TABLE."
WHERE cat_parent_id = 0
ORDER BY cat_order, cat_name ASC";
$result = $site_db->query($sql);
$category_cache = array();
while ($row = $site_db->fetch_array($result)) {
$category_cache[$row['cat_parent_id']][$row['cat_id']] = $row;
}
if ($show_all_subcats || $open_all || (!empty($GLOBALS['map']) && is_array($GLOBALS['map']))) {
$where_sql = "";
if (!$show_all_subcats && !$open_all) {
$where_sql = "WHERE cat_parent_id IN (".implode(", ", $GLOBALS['map']).")";
}
$sql = "SELECT cat_id, cat_name, cat_description, cat_parent_id, cat_hits, cat_order, auth_viewcat, auth_viewimage, auth_download, auth_upload, auth_directupload, auth_vote, auth_sendpostcard, auth_readcomment, auth_postcomment
FROM ".CATEGORIES_TABLE."
$where_sql
ORDER BY cat_order, cat_name ASC";
$result = $site_db->query($sql);
while ($row = $site_db->fetch_array($result)) {
$category_cache[$row['cat_parent_id']][$row['cat_id']] = $row;
if ($open_all) {
$GLOBALS['map'][$row['cat_id']] = $row['cat_id'];
}
}
}
echo "<table cellpadding=\"0\" cellspacing=\"0\" border=\"0\" width=\"100%\" align=\"center\"><tr><td class=\"tableborder\">\n<table cellpadding=\"3\" cellspacing=\"1\" border=\"0\" width=\"100%\">\n";
echo "<tr class=\"tableseparator\">\n";
if (!$GLOBALS['show_all_subcats']) {
echo "<td class=\"tableseparator\" width=\"30\">";
$href = $site_sess->url("categories.php?action=modifycats&openall=1");
echo '<a href="'.$href.'">'.$GLOBALS['open_cat_link'].'</a>';
$href = $site_sess->url("categories.php?action=modifycats&closeall=1");
echo '<a href="'.$href.'">'.$GLOBALS['close_cat_link'].'</a>';
echo "</td>";
}
echo "<td class=\"tableseparator\">".$lang['nav_categories_edit']."</td>\n<td class=\"tableseparator\" align=\"center\">".$lang['cat_order']."</td>\n</tr>\n";
if (sizeof($category_cache) == 0) {
echo "<tr class=\"".get_row_bg()."\">\n<td colspan=\"3\">".$lang['no_categories']."</td></tr>";
}
else {
show_category_rows();
}
show_table_footer();
$site_sess->set_session_var('map', serialize($GLOBALS['map']));
}
show_admin_footer();
?>