<?php
/*----------------------------------------------------------
LySite
Brad Landis (hide@address.com)
Copyright (C) 2005 Brad Landis
This program is free software; you can redistribute it
and/or modify it under the terms of the GNU General
Public License as published by the Free Software
Foundation; either version 2 of the License, or (at your
option) any later version.
This program is distributed in the hope that it will be
useful, but WITHOUT ANY WARRANTY; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License
for more details.
You should have received a copy of the GNU General Public
License along with this program; if not, write to the
Free Software Foundation, Inc., 51 Franklin Street, Fifth
Floor, Boston, MA 02110-1301, USA.
----------------------------------------------------------*/
require("includes.php");
if(isset($_POST['delete_cat']) && is_admin_user()) {
$query = "DELETE FROM category_link WHERE cat_id='$_POST[delete_cat]' LIMIT 1";
if(mysql_query($query)) {
if(mysql_affected_rows()) {
$notice .= "Success!<br>\n";
log_event("Category Deleted",NULL,null);
} else {
$notice .= "No rows changed!<br>\n";
}
} else {
trigger_error(mysql_error());
}
header("Location: songs.php?song=$_POST[lid]¬ice=".urlencode($notice));
} else if(isset($_POST['new_category']) && can_post()) {
if($_POST['avail_cat_names'] == "NEW") {
//verify it's not already in the database
$query = "SELECT cat_names_id FROM category_names WHERE cat_name='$_POST[cat_name]' LIMIT 1";
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
$line = mysql_fetch_assoc($results);
$cat_names_id = $line['cat_names_id'];
} else {
$query = "INSERT INTO category_names SET cat_name='".htmlspecialchars($_POST['cat_name'])."',user_id='".get_user_id()."'".(can_post_without_approval()?",approved='y'":"");
if(mysql_query($query)) {
$cat_names_id = mysql_insert_id();
log_event("Category Name Submitted",NULL,"categories.php?cat_names_id=$cat_names_id");
} else {
trigger_error(mysql_error());
}
}
} else {
trigger_error(mysql_error());
}
} else {
$query = "SELECT cat_names_id FROM category_names WHERE cat_name='$_POST[avail_cat_names]' LIMIT 1";
if($results = mysql_query($query)) {
$line = mysql_fetch_assoc($results);
$cat_names_id = $line['cat_names_id'];
} else {
trigger_error(mysql_error());
}
}
if(isset($cat_names_id)) {
//verify it's not already in the database
$query = "SELECT * FROM category_link WHERE cat_names_id='$cat_names_id' AND lid='$_POST[lid]'";
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
$_GET['notice'] == "This song is already in this category.";
} else {
$query = "INSERT INTO category_link SET cat_names_id='$cat_names_id',lid='$_POST[lid]',user_id='".get_user_id()."'";
if(mysql_query($query)) {
log_event("Category Submitted",NULL,"categories.php?cat_names_id=$cat_names_id");
header("Location: songs.php?song=$_POST[lid]¬ice=".urlencode("Succesfully added a song to the category."));
} else {
trigger_error(mysql_error());
}
}
}
}
} else if(isset($_POST['delete']) && is_admin_user()) {
$query[] = "DELETE FROM category_names WHERE cat_names_id='$_POST[cat_names_id]' LIMIT 1";
$query[] = "DELETE FROM category_link WHERE cat_names_id='$_POST[cat_names_id]'";
foreach($query as $q) {
if(mysql_query($q)) {
if(mysql_affected_rows() == 1) {
log_event("Category Name Deleted",NULL,null);
header("Location: categories.php?notice=".urlencode("Song successfully deleted."));
} else if(mysql_affected_rows() > 1) {
header("Location: categories.php?notice=".urlencode("Error: ".mysql_affected_rows()." rows were effected."));
} else {
$_GET['notice'] = "Error: No rows affected.";
}
} else {
trigger_error(mysql_error());
}
}
} else if(isset($_POST['approve']) && is_admin_user()) {
$query = "UPDATE category_names SET approved='y' WHERE cat_names_id='$_POST[cat_names_id]' LIMIT 1";
if(mysql_query($query)) {
if(mysql_affected_rows() == 1) {
log_event("Category Approved",NULL,"categories.php?cat_name=$_POST[cat_names_id]");
header("Location: categories.php?cat_names_id=$_POST[cat_names_id]¬ice=".urlencode("Category Approved."));
} else if(mysql_affected_rows() > 1) {
header("Location: categories.php?notice=".urlencode("Error: ".mysql_affected_rows()." rows were effected."));
} else {
$_GET['notice'] = "Error: No rows affected.";
}
}
}
ob_start();
if(isset($_GET['delete_cats']) && is_admin_user()) {
$query = "SELECT title FROM lyrics WHERE lid='$_GET[lid]' LIMIT 1";
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
$line = mysql_fetch_assoc($results);
echo "<fieldset><legend>Deleting Categories From <a href='songs.php?song=$_GET[lid]'>$line[title]</a></legend>\n<input type='hidden' name='lid' value='$_GET[lid]'>\n";
$query = "SELECT category_link.cat_id,category_names.cat_name FROM category_link LEFT JOIN category_names USING(cat_names_id) WHERE lid='$_GET[lid]' AND category_names.cat_names_id IS NOT NULL";
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
while($line = mysql_fetch_assoc($results)) {
echo "<form action='categories.php' method='post'>$line[cat_name] <input type='hidden' name='delete_cat' value='$line[cat_id]'><button type='submit' class='buttonimage'><img src='icon/small_delete.jpg'></button></form>\n";
}
} else {
notice("This song has no categories listed");
}
}
echo "</fieldset>\n";
} else {
notice("No song found");
}
} else {
trigger_error(mysql_error());
}
} else if($_GET['song'] && can_post()) {
$query = "SELECT * FROM category_names ORDER BY cat_name";
if($results = mysql_query($query)) {
echo "<script language='JavaScript' type='text/javascript'>\n";
echo "function new_categories_show() {
if(document.category.avail_cat_names.value==\"NEW\") {
document.category.cat_name.disabled = false;
document.category.cat_name.value = '';
} else {
document.category.cat_name.disabled = true;
document.category.cat_name.value = document.category.avail_cat_names.value;
}
}
</script>\n";
echo "<form action='categories.php' method='post' name='category'>\n<fieldset><legend>Add a category</legend>\n<input type='hidden' name='lid' value='$_GET[song]'>\n";
echo "<p><label for='avail_cat_names'>Available Categories</label><br>\n<select name='avail_cat_names' onchange='new_categories_show()'>\n";
while($line = mysql_fetch_assoc($results)) {
echo "<option value=\"".str_replace("\"",""",$line['cat_name'])."\">$line[cat_name]\n";
}
echo "<option>\n<option value='NEW' selected>New Category\n";
echo "</select><br>\n";
echo "<p><label for='cat_name'>Category Name</label><br>\n <input type='text' name='cat_name'><br>\n";
echo "<p><input type='submit' value='Add Category to Song' name='new_category'>\n";
echo "</fieldset></form>\n";
} else {
trigger_error(mysql_error());
}
} else if($_GET['cat_names_id']) {
$query = "SELECT * FROM category_names WHERE cat_names_id='$_GET[cat_names_id]' LIMIT 1";
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
$line = mysql_fetch_assoc($results);
echo "<h2".($line['approved'] == 'n'?" class='unapproved'":"").">Category: $line[cat_name]</h2>\n";
echo submitted_by($line['user_id']);
if(is_admin_user()) {
$iconlist[] = "<form action='categories.php' method='post'>\n<input type='hidden' name='cat_names_id' value='$_GET[cat_names_id]'>\n"
."<button type='submit' name='delete'><img src='icon/cat_delete.jpg'><span>Delete Category</span></button>\n"
.($line['approved'] != 'y'?"<button type='submit' name='approve' value='y'><img src='icon/cat_approve.jpg'></button>\n":"")
."</form>\n";
}
$query = "SELECT lyrics.* FROM category_link LEFT JOIN lyrics USING(lid) WHERE cat_names_id='$_GET[cat_names_id]'".(!is_admin_user()?" AND (lyrics.approved='y' OR lyrics.user_id='".get_user_id()."')":" ORDER BY title");
if($results = mysql_query($query)) {
if(mysql_num_rows($results) > 0) {
while($line = mysql_fetch_assoc($results)) {
if($first !== false) {
$first = false;
}
echo "<a href='songs.php?song=$line[lid]'>$line[title]</a><br>\n";
}
} else {
echo "<p>No songs found in this category\n";
}
} else {
trigger_error(mysql_error());
}
} else {
notice("No category found");
}
} else {
trigger_error(mysql_error());
}
} else {
$query = "SELECT * FROM category_names".(!is_admin_user()?" WHERE (approved='y' OR user_id='".get_user_id()."')":"")." ORDER BY cat_name";
if($results = mysql_query($query)) {
echo "<h2>Categories</h2>\n";
if(mysql_num_rows($results)>0) {
while($line = mysql_fetch_assoc($results)) {
echo "<a href='categories.php?cat_names_id=$line[cat_names_id]'".($line['approved'] == 'n'?" class='unapproved'":"").">$line[cat_name]</a><br>\n";
}
}
} else {
trigger_error(mysql_error());
}
}
$content = ob_get_contents();
ob_end_clean();
include('header.php');
echo $content;
include("footer.php");
?>