<?php
//////////////////////////////////////////////////////////////////
// OrbitFAQ //
// --------- //
// //
// Orbit FAQ was solely written and developed by Orbit Services //
// http://www.orbitservices.net //
// //
// Access the Forum here: //
// http://forums.orbitservices.net/index.php?c=4 //
// //
// OrbitFAQ utilises the following opensource projects/classes; //
// + Fckeditor - http://www.fckeditor.net //
// + Smarty Template Engine - http://smarty.php.net //
// + Swift Email Class - http://www.swiftmailer.org/ //
// + OWASP PHP Filter Project - http://www.owasp.org //
// + MySQL Search Class by Stephen Bartholomew //
// //
//////////////////////////////////////////////////////////////////
$smarty->assign("OrbitFAQTitle","Category Management");
// Standard Functions
function ReOrderCAT($ca)
{
require('../incs/config.inc.php');
require('../incs/db.inc.php');
$new_order = '0';
$query_faq_order = "SELECT * from orbitfaq ORDER BY faq_order ASC";
$result_faq_order = $faqsql_query ($query_faq_order)OR DIE( "$sql_query_error $query_faq_order");
while ($row_faq_order = $faqsql_fetch_array ($result_faq_order)){
$faq_id_order = $row_faq_order[0];
$new_order = '0';
$query_cat_order = "SELECT * from orbitfaq_categories WHERE `f_id` = '$faq_id_order' ORDER BY cat_order ASC";
$result_cat_order = $faqsql_query ($query_cat_order)OR DIE( "$sql_query_error $query_cat_order");
while ($row_cat_order = $faqsql_fetch_array ($result_cat_order)){
$cat_id_order = $row_cat_order[0];
$new_order = $new_order+10;
$query_update_order = "UPDATE `orbitfaq_categories` SET `cat_order` = '$new_order' WHERE `id` = '$cat_id_order';";
$result_update_order = $faqsql_query ($query_update_order)OR DIE( "$sql_query_error $query_update_order");
}
}
}
if($action != '')
{
$smarty_template_file = "$AdminFullPath/skins/$AdminSkin/mod_". $mod ."_". $action .".tpl";
if($action == 'create')
{
if($posted == 'yes')
{
$posted_title = strip_tags($_POST['posted_title']);
$posted_desc = strip_tags($_POST['posted_desc']);
$posted_faq = sanitize_paranoid_string($_POST['posted_faq']);
if(!$posted_faq){ $error .= " » You did not select a <u>FAQ</u><br />"; }
if(!$posted_title){ $error .= " » You did not enter a <u>Title</u><br />"; }
if(!$posted_desc){ $error .= " » You did not enter a <u>Description</u><br />"; }
if(!$error)
{
$query_add = "INSERT INTO `orbitfaq_categories` (
`f_id`,
`title`,
`desc`
)VALUES(
'$posted_faq',
'$posted_title',
'$posted_desc'
);
";
$result_add = $faqsql_query ($query_add)OR DIE( "$sql_query_error $query_add");
$order = ReOrderCAT($ca);
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "New Category Was Successfully Created!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
else
{
$smarty->assign("posted_title","$posted_title");
$smarty->assign("posted_desc","$posted_desc");
$smarty->assign("posted_faq","$posted_faq");
$smarty->assign("Errors","$error");
}
}
// Lets get our Categories
$query_faq_pd = "SELECT * FROM orbitfaq WHERE `id` = ANY(SELECT f_id from orbitfaq_admins_ownership WHERE `admin_id` = '$orbitfaq_userid') ORDER BY faq_order ASC";
$result_faq_pd = $faqsql_query ($query_faq_pd)OR DIE( "$sql_query_error $query_faq_pd");
$count_faq_pd = $faqsql_count_rows($result_faq_pd);
while ($row_faq_pd = $faqsql_fetch_array ($result_faq_pd)){
$faq_pd_id = $row_faq_pd[0];
$faq_pd_title = $row_faq_pd[1];
if((!$posted_faq)AND($faq == $faq_pd_id))
{
$selected = " selected";
}
elseif(($posted_faq)AND($faq_pd_id == $posted_faq))
{
$selected = " selected";
}
else
{
$selected = "";
}
$build_faq_pulldown .= "<option value='$faq_pd_id' $selected>$faq_pd_title</option>\n";
}
$smarty->assign("FAQPulldown","$build_faq_pulldown");
} // End Create
elseif($action == 'modify')
{
if($ca != '')
{
// Lets check that this user has access to this faq
$SuperAdmin = CheckAdminAccess($faq, $ca, $qn, $accesslvl, $orbitfaq_userid);
if($SuperAdmin == '0')
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You do not have access to modify this Category because it is assigned to a FAQ you do not have access to!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
if($posted == 'yes')
{
$posted_title = strip_tags($_POST['posted_title']);
$posted_desc = strip_tags($_POST['posted_desc']);
$posted_faq = sanitize_paranoid_string($_POST['posted_faq']);
if(!$posted_faq){ $error .= " » You did not select a <u>FAQ</u><br />"; }
if(!$posted_title){ $error .= " » You did not enter a <u>Title</u><br />"; }
if(!$posted_desc){ $error .= " » You did not enter a <u>Description</u><br />"; }
if(!$error)
{
$query_update = "UPDATE `orbitfaq_categories` SET
`f_id` = '$posted_faq',
`title` = '$posted_title',
`desc` = '$posted_desc'
WHERE `id` = '$ca'
;
";
$result_update = $faqsql_query ($query_update)OR DIE( "$sql_query_error $query_update");
// Update our Question FAQ Reference too
$query_update_qn = "UPDATE `orbitfaq_questions` SET `f_id` = '$posted_faq' WHERE `c_id` = '$ca';";
$result_update_qn = $faqsql_query ($query_update_qn)OR DIE( "$sql_query_error $query_update_qn");
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "Category Was Successfully Modified!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
else
{
$smarty->assign("posted_title","$posted_title");
$smarty->assign("posted_desc","$posted_desc");
$smarty->assign("posted_allowuserposts","$posted_allowuserposts");
$smarty->assign("posted_faq","$posted_faq");
$smarty->assign("Errors","$error");
}
}
else
{
$query_cat = "SELECT * from orbitfaq_categories WHERE `id` = '$ca' ORDER BY cat_order ASC";
$result_cat = $faqsql_query ($query_cat)OR DIE( "$sql_query_error $query_cat");
while ($row_cat = $faqsql_fetch_array ($result_cat)){
$cat_id = $row_cat[0];
$cat_f_id = $row_cat[1];
$cat_title = $row_cat[2];
$cat_desc = $row_cat[3];
// Assign our smarty details
$smarty->assign("posted_id","$cat_id");
$smarty->assign("posted_title","$cat_title");
$smarty->assign("posted_desc","$cat_desc");
$smarty->assign("posted_faq","$cat_f_id");
}
}
// Lets get our FAQs
$query_faq_pd = "SELECT * FROM orbitfaq WHERE `id` = ANY(SELECT f_id from orbitfaq_admins_ownership WHERE `admin_id` = '$orbitfaq_userid') ORDER BY faq_order ASC";
$result_faq_pd = $faqsql_query ($query_faq_pd)OR DIE( "$sql_query_error $query_faq_pd");
$count_faq_pd = $faqsql_count_rows($result_faq_pd);
while ($row_faq_pd = $faqsql_fetch_array ($result_faq_pd)){
$faq_pd_id = $row_faq_pd[0];
$faq_pd_title = $row_faq_pd[1];
if((!$posted_faq)AND($cat_f_id == $faq_pd_id))
{
$selected = " selected";
}
elseif(($posted_faq)AND($faq_pd_id == $posted_faq))
{
$selected = " selected";
}
else
{
$selected = "";
}
$build_faq_pulldown .= "<option value='$faq_pd_id' $selected>$faq_pd_title</option>\n";
}
$smarty->assign("FAQPulldown","$build_faq_pulldown");
}
else
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Did Not Enter a Valid Category Id!";
header("Location: index.php?mod=$mod&message=$message");
}
} // End Modify
elseif($action == 'delete')
{
if($ca != '')
{
// Lets check that this user has access to this faq
$SuperAdmin = CheckAdminAccess($faq, $ca, $qn, $accesslvl, $orbitfaq_userid);
if($SuperAdmin == '0')
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You do not have access to delete this Category because it is assigned to a FAQ you do not have access to!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
if($posted == 'yes')
{
$posted_confirmation = sanitize_paranoid_string($_POST['posted_confirmation']);
$posted_cat = sanitize_paranoid_string($_POST['posted_cat']);
$smarty->assign("posted_cat","$cat_id");
if(($posted_confirmation == '0')AND(!$posted_cat)){ $error .= " » You did not select an appropriate <u>Confirmation</u> and <u>New Category</u><br />"; }
if(!$error)
{
if($posted_confirmation == '1')
{
// Get All Questions
// Check if the Answer is assigned to multiple Questions
$query_qn = "SELECT id FROM `orbitfaq_questions` WHERE c_id = '$ca'";
$result_qn = $faqsql_query ($query_qn)OR DIE( "$sql_query_error $query_qn");
while ($row_qn = $faqsql_fetch_array ($result_qn)){
$qn_id = $row_qn[0];
// Check if the Answer is assigned to multiple Questions
$query_ans = "SELECT COUNT(*) FROM `orbitfaq_questions` WHERE a_id = (SELECT id from orbitfaq_answers WHERE `id` = ANY(SELECT a_id from `orbitfaq_questions` WHERE `id` = '$qn_id'));";
$result_ans = $faqsql_query ($query_ans)OR DIE( "$sql_query_error $query_ans");
while ($row_ans = $faqsql_fetch_array ($result_ans)){
$answ_count = $row_ans[0];
if($answ_count <= '1')
{
$query_delete = "DELETE FROM orbitfaq_answers WHERE `id` = (SELECT a_id from `orbitfaq_questions` WHERE `id` = '$qn_id');";
$result_delete = $faqsql_query ($query_delete)OR DIE( "$sql_query_error $query_delete");
}
}
}
// Delete Questions
$query_delete = "DELETE FROM `orbitfaq_questions` WHERE `c_id` = '$ca';";
$result_delete = $faqsql_query ($query_delete)OR DIE( "$sql_query_error $query_delete");
$sub_message = ' as well as All Questions and Answers';
}
else
{
// Move our Categories
$query_update = "UPDATE `orbitfaq_questions` SET
`c_id` = '$posted_cat' WHERE `c_id` = '$ca';
";
$result_update = $faqsql_query ($query_update)OR DIE( "$sql_query_error $query_update");
$sub_message = ' and All Categories, Questions and Answers were moved';
}
// Delete Our Category
$query_delete = "DELETE FROM `orbitfaq_categories` WHERE `id` = '$ca';";
$result_delete = $faqsql_query ($query_delete)OR DIE( "$sql_query_error $query_delete");
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "Category was Successfully Deleted$sub_message!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
}
$query_cat = "SELECT * from orbitfaq_categories WHERE `id` = '$ca' ORDER BY cat_order ASC";
$result_cat = $faqsql_query ($query_cat)OR DIE( "$sql_query_error $query_cat");
while ($row_cat = $faqsql_fetch_array ($result_cat)){
$cat_id = $row_cat[0];
$cat_f_id = $row_cat[1];
$cat_title = $row_cat[2];
$cat_desc = $row_cat[3];
// Assign our smarty details
$smarty->assign("Errors","$error");
$smarty->assign("posted_id","$cat_id");
$smarty->assign("posted_title","$cat_title");
$smarty->assign("posted_desc","$cat_desc");
}
// Lets get our Categories
$query_cat_pd = "SELECT * from orbitfaq_categories WHERE `id` != '$ca' ORDER BY cat_order ASC";
$result_cat_pd = $faqsql_query ($query_cat_pd)OR DIE( "$sql_query_error $query_cat_pd");
$count_cat_pd = $faqsql_count_rows($result_cat_pd);
while ($row_cat_pd = $faqsql_fetch_array ($result_cat_pd)){
$cat_pd_id = $row_cat_pd[0];
$cat_pd_title = $row_cat_pd[2];
if((!$posted_cat)AND($ca == $cat_pd_id))
{
$selected = " selected";
}
elseif(($posted_cat)AND($cat_pd_id == $posted_cat))
{
$selected = " selected";
}
else
{
$selected = "";
}
$build_cat_pulldown .= "<option value='$cat_pd_id' $selected>$cat_pd_title</option>\n";
}
$smarty->assign("CATPulldown","$build_cat_pulldown");
}
else
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Did Not Enter a Valid Category Id!";
header("Location: index.php?mod=$mod&message=$message");
}
} // End Delete
elseif($action == 'move')
{
if($ca != '')
{
if($posted != '')
{ ////order + $move
$query_update_order = "UPDATE `orbitfaq_categories` SET cat_order = cat_order + $posted WHERE `id` = '$ca';";
$result_update_order = $faqsql_query ($query_update_order)OR DIE( "$sql_query_error $query_update_order");
}
$order = ReOrderCAT($ca);
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Have Successfully Moved the Category!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
else
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Did Not Enter a Valid Category Id!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
} // End Move
elseif($action == 'chstatus')
{
if($ca != '')
{
// Lets check that this user has access to this faq
$SuperAdmin = CheckAdminAccess($faq, $ca, $qn, $accesslvl, $orbitfaq_userid);
if($SuperAdmin == '0')
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You do not have access to change the status of this Category because it is assigned to a FAQ you do not have access to!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
if($posted != '')
{
$query_update_order = "UPDATE `orbitfaq_categories` SET status = $posted WHERE `id` = '$ca';";
$result_update_order = $faqsql_query ($query_update_order)OR DIE( "$sql_query_error $query_update_order");
}
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Have Successfully Change the Category Status!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
else
{
clearSmartyCompiled($SmartyCompileDir, $ClearSmartyCompiled);
$message = "You Did Not Enter a Valid Category Id!";
header("Location: index.php?mod=$mod&message=$message");
exit;
}
} // End Status
}
else
{
$smarty_template_file = "$AdminFullPath/skins/$AdminSkin/mod_". $mod .".tpl";
if($faq != '')
{
$faq_query = " AND `f_id` = '$faq'";
}
$query_cat = "SELECT * from orbitfaq_categories WHERE `f_id` = ANY(SELECT f_id from orbitfaq_admins_ownership WHERE `admin_id` = '$orbitfaq_userid') $faq_query ORDER BY f_id, cat_order ASC";
$result_cat = $faqsql_query ($query_cat)OR DIE( "$sql_query_error $query_cat");
while ($row_cat = $faqsql_fetch_array ($result_cat)){
$cat_id = $row_cat[0];
$cat_f_id = $row_cat[1];
$cat_title = $row_cat[2];
$cat_desc = $row_cat[3];
$cat_order = $row_cat[4];
$cat_status = $row_cat[5];
$query_faq = "SELECT title from orbitfaq WHERE `id` = '$cat_f_id'";
$result_faq = $faqsql_query ($query_faq)OR DIE( "$sql_query_error $query_faq");
while ($row_faq = $faqsql_fetch_array ($result_faq)){
$cat_faq_title = $row_faq[0];
}
if($cat_row == '1')
{
$cat_row = '0';
}
else
{
$cat_row = '1';
}
// Build Smarty Content Array
$smarty_cat_array[] = array(
"cat_id" => "$cat_id",
"cat_faq_id" => "$cat_f_id",
"cat_faq" => "$cat_faq_title",
"cat_title" => "$cat_title",
"cat_desc" => "$cat_desc",
"cat_order" => "$cat_order",
"cat_status" => "$cat_status",
"cat_row" => "$cat_row"
);
}
// Send our Smarty Data
$smarty->assign('CATListing',$smarty_cat_array);
//Filter By
$query_faq = "SELECT * FROM orbitfaq WHERE `id` = ANY(SELECT f_id from orbitfaq_admins_ownership WHERE `admin_id` = '$orbitfaq_userid') ORDER BY faq_order ASC";
$result_faq = $faqsql_query ($query_faq)OR DIE( "$sql_query_error $query_faq");
while ($row_faq = $faqsql_fetch_array ($result_faq)){
$faq_id = $row_faq[0];
$faq_title = $row_faq[1];
$faq_desc = $row_faq[2];
$faq_allow_user_posts = $row_faq[3];
$faq_public = $row_faq[4];
$faq_order = $row_faq[5];
// Build Smarty Content Array
$smarty_faq_filter_array[] = array(
"faq_pulldown_id" => "$faq_id",
"faq_pulldown_title" => "$faq_title"
);
}
$smarty->assign('FilterByListing',$smarty_faq_filter_array);
}
?>