<?php
/*
   KISGB - a Guest Book script written in PHP.
   Copyright (C) 2001-2002 Gaylen Fraley
   hide@address.com

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   License file for more details.
*/
require("config.php");
$cgi_id = $HTTP_POST_VARS['cgi_id'];
$cgi_pw = $HTTP_POST_VARS['cgi_pw'];
$auth_id = $admin_id;
$auth_pw = $admin_pw;
require("functions.php");
$rmt_ip = $HTTP_SERVER_VARS["REMOTE_ADDR"];
$PHP_SELF  = $HTTP_SERVER_VARS['PHP_SELF'];
if ($HTTP_GET_VARS['tmp_theme']>'') $theme = $HTTP_GET_VARS['tmp_theme'];
if ($HTTP_GET_VARS['tmp_lang']>'') $language = $HTTP_GET_VARS['tmp_lang'];
$action = $HTTP_GET_VARS['action'];
require("$path_to_themes/$theme");
require("$path_to_languages/$language");
if ($use_filter_file) require("filters.inc.php");
require("authenticate.php");
metaTags();
?>
<html>
<head>
<? js_getPointer(); ?>
	<script type="text/javascript">
		function validate() {
			return true;
		}
	</script>
<?

if ($lock_admin_to_myIP && !whoami()) {
?>
	<style type="text/css">
		<?@include("style-sheet-view.php");?>
	</style>
</head>
<body>

<?
	echo "<table border=\"1\" align=\"center\"><tr><td>$not_authorized_msg</table><p><center><a href='javascript:history.go(-1)'>$label_back</a></center></p>";
	if ($use_footer) include_once 'footer.php';
	exit;
}
?>
	<style type="text/css">
		<?@include("style-sheet-view.php");?>
	</style>
	</head>
	<body>
<?

		echo "<p><center><a href='$root_document?action=view&tmp_theme=$theme&tmp_lang=$language'>".$label_back."</a></center></p>";
		include("versionclient.php");
		echo "<form action='upconfig.php?tmp_theme=$theme&tmp_lang=$language' method=post><p><center><input type=\"hidden\" name=\"cgi_id\" value=\"$cgi_id\" /><input type=\"hidden\" name=\"cgi_pw\" value=\"$cgi_pw\" /><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_themebuilder\" onClick=\"window.open('$path_to_themes/theme_builder/index.php','');\" />&nbsp;&nbsp;<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" name=\"submit\" value=\"$label_update $label_config\" /></center></p><br /></form>";
#		if ($use_footer) require("footer.php");
	$row = 0;
	$tmp_data = array();
	$fp = fopen("$path_to_gb","r") or die("$unable_to_access_file_msg $path_to_db");
	flock($fp,2);
	for ($i=0;$i<16;$i++) {
		$j = $i+1;
		$head_array[$i] = ${"col$j"};
	}
	$rn = 0;
	$entries = 0;
	while ($data = fgetcsv($fp,$csv_buffer_size,",")) {
		$row++;
		if ($row>2) {
			$rn++;
			$entries++;
			$num = count($data);
			if ($data[0]>10000) {
				$dateShift = dateShift($data[0]);
				$data[2] = date($date_format,$data[0]-$dateShift[1]);
				$data[3] = date($time_format,$data[0]-$dateShift[1]);
				if ($moderateEntries&&!$dateShift[0]) $entries--;
			}
			for ($c=0;$c<$num;$c++) {
				$tmp_data[$rn][$c] = $data[$c];
			}
		}
	}
	flock($fp,3);
	fclose($fp);
	unset($data);  #release memory;

	$handle=opendir("logs");
	$log_sb = "";
	$cnt = 0;
	while (($file = readdir($handle))!==false) {
		if ($file == '.'||$file == '..') continue;
		$log = explode('.',$file);
		if (chop($log[0]) == "default") continue;
		if (chop($log[1]) != "logdef") continue;
		$cnt++;
		$logfile = "logs/".chop($log[0]).".".chop($log[1]).".php";
		if ($cnt==1) {
			$log_sb = "<select name=\"log\" onChange=\"if (this.options[this.selectedIndex].value!='$label_select') window.open(this.options[this.selectedIndex].value)\">\n";
			$log_sb .= "<option value='$label_select' selected>- $label_select -</option>\n";
		}
		$log_sb .= "<option value=\"$logfile\">$log[0]</option>\n";
	}
	if ($cnt>0) $log_sb .= "</select>\n";
	closedir($handle);
	if ($cnt>0) echo "<p><center>$log_sb</center></p><br />";  //was <p><p>

	$rows = $row;
	echo "<table align=center style=\"height:1%\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\" rules=\"none\">";
	echo "<tr><td style=\"text-align:left;\">$entries $label_entries_public</td><td style=\"text-align:right;\">$Vwindow_title</td></tr>";
	echo "</table>";
	for ($c=$rn;$c>0;$c--) {
	    echo "<form name=\"form$rn\" action=\"updategb.php?tmp_theme=$theme&tmp_lang=$language\" method=post>";
		echo "<input type=\"hidden\" name=\"cgi_id\" value=\"$cgi_id\" /><input type=\"hidden\" name=\"cgi_pw\" value=\"$cgi_pw\" />";
		echo "<table align=\"center\" rules=\"none\" cellpadding=\"$Vwindow_cellpadding\" cellspacing=\"$Vwindow_cellspacing\" border=\"$Vwindow_border\">";
		if ($rn%2) $id="td1"; else $id = "td2";
		echo "<tr><td id=\"$id\"><font size=2>".$head_array[4].":&nbsp;<input name=\"$head_array[4]\" value=\"".$tmp_data[$rn][4]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[12].":&nbsp;<input name=\"$head_array[12]\" value=\"".$tmp_data[$rn][12]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[5].":&nbsp;<input name=\"$head_array[5]\" value=\"".$tmp_data[$rn][5]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[6].":&nbsp;<input name=\"$head_array[6]\" value=\"".$tmp_data[$rn][6]."\" size=30 maxlength=75 /></td></tr>";
		echo "<tr><td id=\"$id\">".$head_array[7].":&nbsp;<input name=\"$head_array[7]\" value=\"".$tmp_data[$rn][7]."\" size=30 maxlength=75 /></td>";
		echo "<td id=\"$id\">".$head_array[8].":&nbsp;<input name=\"$head_array[8]\" value=\"".$tmp_data[$rn][8]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[9].":&nbsp;<input name=\"$head_array[9]\" value=\"".$tmp_data[$rn][9]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[10].":&nbsp;<input name=\"$head_array[10]\" value=\"".$tmp_data[$rn][10]."\" /></td></tr>";
		echo "<tr><td id=\"$id\">".$head_array[11].":&nbsp;<input name=\"$head_array[11]\" value=\"".$tmp_data[$rn][11]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[1].":&nbsp;<input name=\"$head_array[1]\" value=\"".$tmp_data[$rn][1]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[2].":&nbsp;<input name=\"$head_array[2]\" value=\"".$tmp_data[$rn][2]."\" /></td>";
		echo "<td id=\"$id\">".$head_array[3].":&nbsp;<input name=\"$head_array[3]\" value=\"".$tmp_data[$rn][3]."\" /></td></tr>";
		echo "<tr><td  id=\"$id\">".$head_array[14].":&nbsp;<input name=\"$head_array[14]\" size=5 value=\"".$tmp_data[$rn][14]."\" /></td>";
		echo "<td  id=\"$id\" colspan=3>".$head_array[15].":&nbsp;<input name=\"$head_array[15]\" size=15 maxlength=10 value=\"".$tmp_data[$rn][15]."\" /></td></tr>";
		$tmp_data[$rn][13] = stripslashes($tmp_data[$rn][13]);

		if ($tmp_data[$rn][14]=="on") $style = "style=\"background-color:$admin_private_message_color;\"";
		elseif (!substr($tmp_data[$rn][0],0,1)) $style = "style=\"background-color:$admin_moderate_message_color;\"";
		else $style = "";
		echo "<tr><td id=\"$id\" colspan=\"4\">".$head_array[13].":&nbsp;<textarea name=\"$head_array[13]\" rows=\"5\" cols=\"80\" $style>".$tmp_data[$rn][13]."</textarea></td></tr>";
		$time = time();
		$time_offset = ($hours_to_offset!=0) ? $hours_to_offset * 60 * 60 : 0;
		$time = $time + $time_offset;
		$date = date($date_format,$time);
		$time = date($time_format,$time);
		echo "<tr><td id=\"$id\"><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"$label_admin_comment\"  onClick=\"document.form$rn.$head_array[13].value=document.form$rn.$head_array[13].value+'<hr /><b>Web Master $label_comments_added $on ".$date." $at ".$time.":</b>&nbsp;&nbsp;';document.form$rn.$head_array[13].focus();\" />&nbsp;&nbsp;<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"button\" value=\"Smileys\" onClick=\"window.open('./showsmileys.php?tmp_theme=$theme&tmp_lang=$language&formname=form$rn','smileys','width=$smiley_window_width,height=$smiley_window_height,scrollbars,resizable');\" />&nbsp;&nbsp;<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_update\" name=\"update\" /><td id=\"$id\"><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_hold\" name=\"hold\" />&nbsp;&nbsp<input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_release\" name=\"release\" /></td><td id=\"$id\" colspan=\"2\"><input id=\"btn\" onMouseOver=\"this.style.cursor=get_pointer();\" type=\"submit\" value=\"$label_delete\" name=\"delete\" /></td><td id=\"$id\"></td></tr>";
		echo "</table></center>";
		echo "<input type=\"hidden\" name=\"msgid\" value=\"".$tmp_data[$rn][0]."\" />";
		$rn--;
	    echo "</form>";
	}
	unset($tmp_data); # release memory;
	if ($use_footer) require("footer.php");
	exit;
?>