Location: PHPKode > projects > LySite > lysite/categories.php
<?php
/*----------------------------------------------------------

       LySite
       Brad Landis (hide@address.com)

   Copyright (C) 2005 Brad Landis

   This program is free software; you can redistribute it
   and/or modify it under the terms of the GNU General
   Public License as published by the Free Software
   Foundation; either version 2 of the License, or (at your
   option) any later version.

   This program is distributed in the hope that it will be
   useful, but WITHOUT ANY WARRANTY; without even the
   implied warranty of MERCHANTABILITY or FITNESS FOR A
   PARTICULAR PURPOSE.  See the GNU General Public License
   for more details.
   
   You should have received a copy of the GNU General Public
   License along with this program; if not, write to the
   Free Software Foundation, Inc., 51 Franklin Street, Fifth
   Floor, Boston, MA  02110-1301, USA.

----------------------------------------------------------*/
require("includes.php");


if(isset($_POST['delete_cat']) && is_admin_user()) {
	$query = "DELETE FROM category_link WHERE cat_id='$_POST[delete_cat]' LIMIT 1";
	if(mysql_query($query)) {
		if(mysql_affected_rows()) {
			$notice .= "Success!<br>\n";
			log_event("Category Deleted",NULL,null);
		} else {
			$notice .= "No rows changed!<br>\n";
		}
	} else {
		trigger_error(mysql_error());
	}
	header("Location: songs.php?song=$_POST[lid]&notice=".urlencode($notice));
} else if(isset($_POST['new_category']) && can_post()) {
	if($_POST['avail_cat_names'] == "NEW") {
		//verify it's not already in the database
		$query = "SELECT cat_names_id FROM category_names WHERE cat_name='$_POST[cat_name]' LIMIT 1";
		if($results = mysql_query($query)) {
			if(mysql_num_rows($results) > 0) {
				$line = mysql_fetch_assoc($results);
				$cat_names_id = $line['cat_names_id'];
			} else {
				$query = "INSERT INTO category_names SET cat_name='".htmlspecialchars($_POST['cat_name'])."',user_id='".get_user_id()."'".(can_post_without_approval()?",approved='y'":"");
				if(mysql_query($query)) {
					$cat_names_id = mysql_insert_id();
					log_event("Category Name Submitted",NULL,"categories.php?cat_names_id=$cat_names_id");
				} else {
					trigger_error(mysql_error());
				}
			}
		} else {
			trigger_error(mysql_error());
		}
	} else {
		$query = "SELECT cat_names_id FROM category_names WHERE cat_name='$_POST[avail_cat_names]' LIMIT 1";
		if($results = mysql_query($query)) {
			$line = mysql_fetch_assoc($results);
			$cat_names_id = $line['cat_names_id'];
		} else {
			trigger_error(mysql_error());
		}
	}
	
	if(isset($cat_names_id)) {
		//verify it's not already in the database
		$query = "SELECT * FROM category_link WHERE cat_names_id='$cat_names_id' AND lid='$_POST[lid]'";
		if($results = mysql_query($query)) {
			if(mysql_num_rows($results) > 0) {
				$_GET['notice'] == "This song is already in this category.";
			} else {
				$query = "INSERT INTO category_link SET cat_names_id='$cat_names_id',lid='$_POST[lid]',user_id='".get_user_id()."'";
				if(mysql_query($query)) {
					log_event("Category Submitted",NULL,"categories.php?cat_names_id=$cat_names_id");
					header("Location: songs.php?song=$_POST[lid]&notice=".urlencode("Succesfully added a song to the category."));
				} else {
					trigger_error(mysql_error());
				}
			}
		}
	}
} else if(isset($_POST['delete']) && is_admin_user()) {
	$query[] = "DELETE FROM category_names WHERE cat_names_id='$_POST[cat_names_id]' LIMIT 1";
	$query[] = "DELETE FROM category_link WHERE cat_names_id='$_POST[cat_names_id]'";
	foreach($query as $q) {
		if(mysql_query($q)) {
			if(mysql_affected_rows() == 1) {
				log_event("Category Name Deleted",NULL,null);
				header("Location: categories.php?notice=".urlencode("Song successfully deleted."));
			} else if(mysql_affected_rows() > 1) {
				header("Location: categories.php?notice=".urlencode("Error: ".mysql_affected_rows()." rows were effected."));
			} else {
				$_GET['notice'] = "Error: No rows affected.";
			}
		} else {
			trigger_error(mysql_error());
		}
	}
} else if(isset($_POST['approve']) && is_admin_user()) {
	$query = "UPDATE category_names SET approved='y' WHERE cat_names_id='$_POST[cat_names_id]' LIMIT 1";
	if(mysql_query($query)) {
		if(mysql_affected_rows() == 1) {
			log_event("Category Approved",NULL,"categories.php?cat_name=$_POST[cat_names_id]");
			header("Location: categories.php?cat_names_id=$_POST[cat_names_id]&notice=".urlencode("Category Approved."));
		} else if(mysql_affected_rows() > 1) {
			header("Location: categories.php?notice=".urlencode("Error: ".mysql_affected_rows()." rows were effected."));
		} else {
			$_GET['notice'] = "Error: No rows affected.";
		}
	}
}

ob_start();

if(isset($_GET['delete_cats']) && is_admin_user()) {
	$query = "SELECT title FROM lyrics WHERE lid='$_GET[lid]' LIMIT 1";
	if($results = mysql_query($query)) {
		if(mysql_num_rows($results) > 0) {
			$line = mysql_fetch_assoc($results);
			echo "<fieldset><legend>Deleting Categories From <a href='songs.php?song=$_GET[lid]'>$line[title]</a></legend>\n<input type='hidden' name='lid' value='$_GET[lid]'>\n";
			$query = "SELECT category_link.cat_id,category_names.cat_name FROM category_link LEFT JOIN category_names USING(cat_names_id) WHERE lid='$_GET[lid]' AND category_names.cat_names_id IS NOT NULL";
			if($results = mysql_query($query)) {
				if(mysql_num_rows($results) > 0) {
					while($line = mysql_fetch_assoc($results)) {
						echo "<form action='categories.php' method='post'>$line[cat_name] <input type='hidden' name='delete_cat' value='$line[cat_id]'><button type='submit' class='buttonimage'><img src='icon/small_delete.jpg'></button></form>\n";
					}
				} else {
					notice("This song has no categories listed");
				}
			}
			echo "</fieldset>\n";
		} else {
			notice("No song found");
		}
	} else {
		trigger_error(mysql_error());
	}
} else if($_GET['song'] && can_post()) {
	$query = "SELECT * FROM category_names ORDER BY cat_name";
	if($results = mysql_query($query)) {
		echo "<script language='JavaScript' type='text/javascript'>\n";
		
		echo "function new_categories_show() {
		if(document.category.avail_cat_names.value==\"NEW\") {
			document.category.cat_name.disabled = false;
			document.category.cat_name.value = '';
		} else {
			document.category.cat_name.disabled = true;
			document.category.cat_name.value = document.category.avail_cat_names.value;
		}
		}
		</script>\n";
		
		echo "<form action='categories.php' method='post' name='category'>\n<fieldset><legend>Add a category</legend>\n<input type='hidden' name='lid' value='$_GET[song]'>\n";
		echo "<p><label for='avail_cat_names'>Available Categories</label><br>\n<select name='avail_cat_names' onchange='new_categories_show()'>\n";
		while($line = mysql_fetch_assoc($results)) {
			echo "<option value=\"".str_replace("\"","&quot;",$line['cat_name'])."\">$line[cat_name]\n";
		}
		echo "<option>\n<option value='NEW' selected>New Category\n";
		echo "</select><br>\n";
		echo "<p><label for='cat_name'>Category Name</label><br>\n		<input type='text' name='cat_name'><br>\n";
		echo "<p><input type='submit' value='Add Category to Song' name='new_category'>\n";
		echo "</fieldset></form>\n";
	} else {
		trigger_error(mysql_error());
	}
} else if($_GET['cat_names_id']) {
	$query = "SELECT * FROM category_names WHERE cat_names_id='$_GET[cat_names_id]' LIMIT 1";
	if($results = mysql_query($query)) {
		if(mysql_num_rows($results) > 0) {
			$line = mysql_fetch_assoc($results);
			echo "<h2".($line['approved'] == 'n'?" class='unapproved'":"").">Category: $line[cat_name]</h2>\n";
			echo submitted_by($line['user_id']);
			
			if(is_admin_user()) {
				$iconlist[] = "<form action='categories.php' method='post'>\n<input type='hidden' name='cat_names_id' value='$_GET[cat_names_id]'>\n"
					."<button type='submit' name='delete'><img src='icon/cat_delete.jpg'><span>Delete Category</span></button>\n"
					.($line['approved'] != 'y'?"<button type='submit' name='approve' value='y'><img src='icon/cat_approve.jpg'></button>\n":"")
					."</form>\n";
			}
			
			$query = "SELECT lyrics.* FROM category_link LEFT JOIN lyrics USING(lid) WHERE cat_names_id='$_GET[cat_names_id]'".(!is_admin_user()?" AND (lyrics.approved='y' OR lyrics.user_id='".get_user_id()."')":" ORDER BY title");
			if($results = mysql_query($query)) {
				if(mysql_num_rows($results) > 0) {
					while($line = mysql_fetch_assoc($results)) {
						if($first !== false) {
							$first = false;
						}
						echo "<a href='songs.php?song=$line[lid]'>$line[title]</a><br>\n";
					}
				} else {
					echo "<p>No songs found in this category\n";
				}
			} else {
				trigger_error(mysql_error());
			}
		} else {
			notice("No category found");
		}
	} else {
		trigger_error(mysql_error());
	}
} else {
	$query = "SELECT * FROM category_names".(!is_admin_user()?" WHERE (approved='y' OR user_id='".get_user_id()."')":"")." ORDER BY cat_name";
	if($results = mysql_query($query)) {
		echo "<h2>Categories</h2>\n";
		if(mysql_num_rows($results)>0) {
			while($line = mysql_fetch_assoc($results)) {
				echo "<a href='categories.php?cat_names_id=$line[cat_names_id]'".($line['approved'] == 'n'?" class='unapproved'":"").">$line[cat_name]</a><br>\n";
			}
		}
	} else {
		trigger_error(mysql_error());
	}
}

$content = ob_get_contents();
ob_end_clean();
include('header.php');
echo $content;
include("footer.php");
?>
Return current item: LySite