<?php
//
//start everything needed
//
$root = '../';
$page_name = 'Page managment';
$page_file = basename(__FILE__);
$admin = 1;
include($root . "includes/common.php");
$page_mode = (isset($_GET['mode'])) ? $_GET['mode'] : '';
check_admin('3');
//
//Start the page
//
//dbstart(); //start databse --- already started
//
//Start the output of the page
//
admin_header('normal');
if($page_mode == 'move')
{
move_item($_GET['id'], 'pages', $_GET['type']);
}
else if($page_mode == 'delete')
{
//first fix the order
$query1 = "SELECT * FROM " . $table['pages'] . " ORDER BY sort_id ASC";
$result1 = mysql_query($query1);
if (!$result1)
{
message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
}
while($row1 = mysql_fetch_assoc($result1))
{
if($after)
{
//ok we now need to bring the sort id down 1
$new_number = $row1['sort_id'] - 1;
$query2 = "UPDATE " . $table['pages'] . " SET sort_id = '" . $new_number . "' WHERE id = '" . $row1['id'] . "'";
$result2 = mysql_query($query2);
if (!$result2)
{
message("Could not successfully run query ($query2) from DB: " . mysql_error(), 'die');
}
}
if($row1['id'] == $_GET['id'])
{
//ok this must be the same entry as the one we are trying to delete
$after = 1;
}
}
//now delete
$query1 = "DELETE FROM " . $table['pages'] . " WHERE id = '" . $_GET['id'] . "'";
$result1 = mysql_query($query1);
if (!$result1)
{
message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
}
echo("Delete successful...");
unset($query1);
unset($result1);
}
else if($page_mode == 'submitedit')
{
$page_name = addslashes($_POST['page_name']);
$page_text = text_submit($_POST['page_text'], '0');
$special = addslashes($_POST['special']);
$page_file = addslashes($_POST['page_file']);
$extra_vars = addslashes($_POST['extra_vars']);
$auth = addslashes($_POST['auth']);
$log = addslashes($_POST['log']);
$query1 = "UPDATE " . $table['pages'] . " SET page_name = '" . $page_name . "', page_text = '" . $page_text . "', special = '" . $special . "', page_file = '" . $page_file . "', extra_vars = '" . $extra_vars . "', logged_in = '" . $log . "', auth = '" . $auth . "' WHERE id = '" . $_GET['id'] . "'";
$result1 = mysql_query($query1);
if (!$result1)
{
message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
}
echo("Updated...");
unset($query1);
unset($result1);
}
else if($page_mode == 'edit')
{
$query1 = "SELECT * FROM " . $table['pages'] . " WHERE id='". $_GET['id'] ."'";
$result1 = mysql_query($query1);
if (!$result1)
{
message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
}
$id1 = mysql_result($result1,0,"id");
$name1 = mysql_result($result1,0,"page_name");
$text1 = text_edit(mysql_result($result1,0,"page_text"));
$special1 = mysql_result($result1,0,"special");
$page1 = mysql_result($result1,0,"page_file");
$vars1 = mysql_result($result1,0,"extra_vars");
$log1 = mysql_result($result1,0,"logged_in");
$auth1 = mysql_result($result1,0,"auth");
if($auth1 == '0')
{
//all
$all_selected = "SELECTED=\"selected\"";
$user_selected = "";
$mod_selected = "";
$admin_selected = "";
}
else if($auth1 == '1')
{
$all_selected = "";
$user_selected = "SELECTED=\"selected\"";
$mod_selected = "";
$admin_selected = "";
}
else if($auth1 == '2')
{
$all_selected = "";
$user_selected = "";
$mod_selected = "SELECTED=\"selected\"";
$admin_selected = "";
}
else if($auth1 == '3')
{
$all_selected = "";
$user_selected = "";
$mod_selected = "";
$admin_selected = "SELECTED=\"selected\"";
}
?>
<form action="<?php echo(get_sid('pages.php?mode=submitedit&id='.$_GET['id'])); ?>" method="post">
<input type="text" value="<?php echo($name1); ?>" name="page_name"><br>
<textarea rows=20 cols=60 wrap="off" name="page_text"><?php echo($text1); ?></textarea><br>
<?php
if($special1 == '1')
{
?>
Special: <input type="radio" checked value="1" name="special"> - yes <input type="radio" value="0" name="special"> - no<br>
<?php
}
else
{
?>
Special: <input type="radio" value="1" name="special"> - yes <input type="radio" checked value="0" name="special"> - no<br>
<?php
}
?>
Reap page name (if special): <input type="text" value="<?php echo($page1); ?>" name="page_file"> Extra vars: <input type="text" value="<?php echo($vars1); ?>" name="extra_vars"><br>
Auth level: <select size="1" name="auth">
<option value="0" <?php echo($all_selected); ?>>All</option>
<option value="1" <?php echo($user_selected); ?>>User</option>
<option value="2" <?php echo($mod_selected); ?>>MOD</option>
<option value="3" <?php echo($admin_selected); ?>>Admin</option>
</select> <br />
<?php
if($log1 == '0')
{
?>
Show: <input type="radio" value="0" checked name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only <br />
<?php
}
else if($log1 == '1')
{
?>
Show: <input type="radio" value="0" name="log"> Always
<input type="radio" value="1" checked name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only <br />
<?php
}
else
{
?>
Show: <input type="radio" value="0" name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" checked name="log"> Logged out only <br />
<?php
}
?>
<input type="submit" value="Update Page">
</form>
<?php
unset($query1);
unset($result1);
}
else if($page_mode == 'new')
{
$page_name = addslashes($_POST['page_name']);
$page_text = text_submit($_POST['page_text'], '0');
$special = $_POST['special'];
$page_file = addslashes($_POST['page_file']);
$extra_vars = addslashes($_POST['extra_vars']);
$log = $_POST['log'];
$auth = addslashes($_POST['auth']);
@$query1 = "SELECT * FROM " . $table['pages'];
@$result1 = mysql_query($query1);
@$num1 = mysql_numrows($result1);
if(!$num1)
{
$sort_id = 1;
}
else
{
$sort_id = $num1 + 1;
}
$query2 = "INSERT INTO " . $table['pages'] . " VALUES ('', '$page_name', '$page_text', '$special', '$page_file', '$extra_vars', '$log', '$auth', '$sort_id')";
$result2 = mysql_query($query2);
if (!$result2)
{
message("Could not successfully run query ($query2) from DB: " . mysql_error(), 'die');
}
else
{
echo("Page Created");
}
unset($query2);
unset($result2);
unset($query1);
unset($result1);
}
else
{
$query1 = "SELECT * FROM " . $table['pages'] . " ORDER BY sort_id ASC";
$result1 = mysql_query($query1);
if (!$result1)
{
message("Could not successfully run query ($query1) from DB: " . mysql_error(), 'die');
}
?>
<ul>
<?php
while ($row1 = mysql_fetch_assoc($result1))
{
?>
<li><?php echo($row1['page_name']); ?> || <a href="<?php echo(get_sid('pages.php?mode=edit&id='.$row1['id'])); ?>">EDIT</a> || <a href="<?php echo(get_sid('pages.php?mode=delete&id='.$row1['id'])); ?>">DELETE!</a> || Move: <a href="<?php echo(get_sid('pages.php?mode=move&type=up&id='.$row1['id'])); ?>">UP</a> <a href="<?php echo(get_sid('pages.php?mode=move&type=down&id='.$row1['id'])); ?>">DOWN</a></li>
<?php
}
?>
</ul>
<form action="pages.php?mode=new" method="post">
Page name: <input type="text" value="" name="page_name"><br>
Page Text: <textarea rows=20 cols=60 wrap="off" name="page_text">Everything in the page, HTML and smilies enabled</textarea><br>
Special: <input type="radio" value="1" name="special"> - yes <input type="radio" value="0" checked name="special"> - no<br>
If special, real page name (page.php): <input type="text" value="" name="page_file"> Extra vars: <input type="text" value="" name="extra_vars"><br>
Auth level: <select size="1" name="auth">
<option value="0">All</option>
<option value="1">User</option>
<option value="2">MOD</option>
<option value="3">Admin</option>
</select> <br />
Show: <input type="radio" value="0" checked name="log"> Always
<input type="radio" value="1" name="log"> Logged in only
<input type="radio" value="2" name="log"> Logged out only<br />
<input type="submit" value="Create Page">
</form>
<?php
unset($query1);
unset($result1);
}
admin_footer('normal');
//
//End the page
//
dbend(); //end the database
?>