Location: PHPKode > projects > Nitrotech > nitrotech/admin/pages.php
<?php

//
//start everything needed
//
$root = '../';
$page_name = 'Page managment';
$page_file = basename(__FILE__);

$admin = 1;

include($root . "includes/common.php");

$page_mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';

check_admin('3');

//
//Start the page
//

//dbstart();  //start databse     --- already started

//
//Start the output of the page
//

admin_header('normal');

if($page_mode == 'move')
{
	move_item($_GET['id'], 'pages', $_GET['type']);
}
else if($page_mode == 'delete')
{
	//first fix the order

	$query1 = "SELECT * FROM " . $table['pages'] . " ORDER BY sort_id ASC";
	$result1 = mysql_query($query1);
    if (!$result1)
	{
		message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
	}

	while($row1 = mysql_fetch_assoc($result1))
	{
		if($after)
        {
			//ok we now need to bring the sort id down 1
            $new_number = $row1['sort_id'] - 1;
	        $query2 = "UPDATE " . $table['pages'] . " SET sort_id = '" . $new_number . "' WHERE id = '" . $row1['id'] . "'";
	        $result2 = mysql_query($query2);
	        if (!$result2)
	        {
	        	message("Could not successfully run query ($query2) from DB: " . mysql_error(), 'die');
	        }
        }
    	if($row1['id'] == $_GET['id'])
		{
			//ok this must be the same entry as the one we are trying to delete
            $after = 1;
        }
    }

    //now delete
    $query1 = "DELETE FROM " . $table['pages'] . " WHERE id = '" . $_GET['id'] . "'";
	$result1 = mysql_query($query1);
    if (!$result1)
	{
		message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
	}
    echo("Delete successful...");
        unset($query1);
	    unset($result1);
}
else if($page_mode == 'submitedit')
{
	$page_name = addslashes($_POST['page_name']);
    $page_text = text_submit($_POST['page_text'], '0');
    $special = addslashes($_POST['special']);
    $page_file = addslashes($_POST['page_file']);
    $extra_vars = addslashes($_POST['extra_vars']);
    $auth = addslashes($_POST['auth']);
    $log = addslashes($_POST['log']);

    $query1 = "UPDATE " . $table['pages'] . " SET page_name = '" . $page_name . "', page_text = '" . $page_text . "', special = '" . $special . "', page_file = '" . $page_file . "', extra_vars = '" . $extra_vars . "', logged_in = '" . $log . "', auth = '" . $auth . "' WHERE id = '" . $_GET['id'] . "'";
	$result1 = mysql_query($query1);
    if (!$result1)
	{
		message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
	}

    echo("Updated...");
        unset($query1);
	    unset($result1);
}
else if($page_mode == 'edit')
{
	$query1 = "SELECT * FROM " . $table['pages'] . " WHERE id='". $_GET['id'] ."'";
	$result1 = mysql_query($query1);
    if (!$result1)
	{
		message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
	}

    $id1 = mysql_result($result1,0,"id");
	$name1 = mysql_result($result1,0,"page_name");
	$text1 = text_edit(mysql_result($result1,0,"page_text"));
	$special1 = mysql_result($result1,0,"special");
	$page1 = mysql_result($result1,0,"page_file");
	$vars1 = mysql_result($result1,0,"extra_vars");
	$log1 = mysql_result($result1,0,"logged_in");
	$auth1 = mysql_result($result1,0,"auth");

    	if($auth1 == '0')
        {
        	//all
            $all_selected = "SELECTED=\"selected\"";
            $user_selected = "";
            $mod_selected = "";
            $admin_selected = "";
 		}
        else if($auth1 == '1')
        {
            $all_selected = "";
            $user_selected = "SELECTED=\"selected\"";
            $mod_selected = "";
            $admin_selected = "";
        }
        else if($auth1 == '2')
		{
            $all_selected = "";
            $user_selected = "";
            $mod_selected = "SELECTED=\"selected\"";
            $admin_selected = "";
        }
        else if($auth1 == '3')
        {
            $all_selected = "";
            $user_selected = "";
            $mod_selected = "";
            $admin_selected = "SELECTED=\"selected\"";
        }

?>
<form action="<?php echo(get_sid('pages.php?mode=submitedit&id='.$_GET['id'])); ?>" method="post">
<input type="text" value="<?php echo($name1); ?>" name="page_name"><br>
<textarea rows=20 cols=60 wrap="off" name="page_text"><?php echo($text1); ?></textarea><br>
<?php
if($special1 == '1')
{
?>
Special: <input type="radio" checked value="1" name="special"> - yes <input type="radio" value="0" name="special"> - no<br>
<?php
}
else
{
?>
Special: <input type="radio" value="1" name="special"> - yes <input type="radio" checked value="0" name="special"> - no<br>
<?php
}
?>
Reap page name (if special): <input type="text" value="<?php echo($page1); ?>" name="page_file"> Extra vars: <input type="text" value="<?php echo($vars1); ?>" name="extra_vars"><br>
Auth level: <select size="1" name="auth">
  <option value="0" <?php echo($all_selected); ?>>All</option>
  <option value="1" <?php echo($user_selected); ?>>User</option>
  <option value="2" <?php echo($mod_selected); ?>>MOD</option>
  <option value="3" <?php echo($admin_selected); ?>>Admin</option>
</select>  <br />
<?php
if($log1 == '0')
{
?>
Show: <input type="radio" value="0" checked name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only    <br />
<?php
}
else if($log1 == '1')
{
?>
Show: <input type="radio" value="0" name="log"> Always
<input type="radio" value="1" checked name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only    <br />
<?php
}
else
{
?>
Show: <input type="radio" value="0" name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" checked name="log"> Logged out only    <br />
<?php
}
?>
<input type="submit" value="Update Page">
</form>
<?php
        unset($query1);
	    unset($result1);
}
else if($page_mode == 'new')
{
	$page_name = addslashes($_POST['page_name']);
    $page_text = text_submit($_POST['page_text'], '0');
    $special = $_POST['special'];
    $page_file = addslashes($_POST['page_file']);
    $extra_vars = addslashes($_POST['extra_vars']);
    $log = $_POST['log'];
    $auth = addslashes($_POST['auth']);

	    @$query1 = "SELECT * FROM " . $table['pages'];
	    @$result1 = mysql_query($query1);
	    @$num1 = mysql_numrows($result1);
	        if(!$num1)
	        {
	            $sort_id = 1;
	        }
	        else
	        {
	            $sort_id = $num1 + 1;
	        }

	$query2 = "INSERT INTO " . $table['pages'] . " VALUES ('', '$page_name', '$page_text', '$special', '$page_file', '$extra_vars', '$log', '$auth', '$sort_id')";
	$result2 = mysql_query($query2);
    if (!$result2)
	{
		message("Could not successfully run query ($query2) from DB: " . mysql_error(), 'die');
	}
    else
    {
		echo("Page Created");
    }

	unset($query2);
    unset($result2);

    unset($query1);
    unset($result1);

}
else
{

	$query1 = "SELECT * FROM " . $table['pages'] . " ORDER BY sort_id ASC";
	$result1 = mysql_query($query1);
    if (!$result1)
	{
		message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
	}
?>
<ul>
<?php
	while ($row1 = mysql_fetch_assoc($result1))
	{
?>
<li><?php echo($row1['page_name']); ?> || <a href="<?php echo(get_sid('pages.php?mode=edit&id='.$row1['id'])); ?>">EDIT</a> || <a href="<?php echo(get_sid('pages.php?mode=delete&id='.$row1['id'])); ?>">DELETE!</a> || Move: <a href="<?php echo(get_sid('pages.php?mode=move&type=up&id='.$row1['id'])); ?>">UP</a> <a href="<?php echo(get_sid('pages.php?mode=move&type=down&id='.$row1['id'])); ?>">DOWN</a></li>
<?php
	}
?>

</ul>
<form action="pages.php?mode=new" method="post">
Page name: <input type="text" value="" name="page_name"><br>
Page Text: <textarea rows=20 cols=60 wrap="off" name="page_text">Everything in the page, HTML and smilies enabled</textarea><br>
Special: <input type="radio" value="1" name="special"> - yes <input type="radio" value="0" checked name="special"> - no<br>
If special, real page name (page.php): <input type="text" value="" name="page_file"> Extra vars: <input type="text" value="" name="extra_vars"><br>
Auth level: <select size="1" name="auth">
  <option value="0">All</option>
  <option value="1">User</option>
  <option value="2">MOD</option>
  <option value="3">Admin</option>
</select>  <br />
Show: <input type="radio" value="0" checked name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only<br />
<input type="submit" value="Create Page">
</form>

<?php
	unset($query1);
    unset($result1);
}

admin_footer('normal');

//
//End the page
//

dbend(); //end the database

?>
Return current item: Nitrotech