<?php
/*
#===========================================================================
#= Project: PluggedOut Blog
#= File : admin/lib/html.php
#= Version: 1.9.9i (2006-08-31)
#= Author : Jonathan Beckett
#= Email : hide@address.com
#= Website: http://www.pluggedout.com/index.php?pk=dev_blog
#= Support: http://www.pluggedout.com/development/forums/viewforum.php?f=26
#===========================================================================
#= Copyright (c) 2005 Jonathan Beckett
#= You are free to use and modify this script as long as this header
#= section stays intact. This file is part of PluggedOut Blog.
#=
#= This program is free software; you can redistribute it and/or modify
#= it under the terms of the GNU General Public License as published by
#= the Free Software Foundation; either version 2 of the License, or
#= (at your option) any later version.
#=
#= This program is distributed in the hope that it will be useful,
#= but WITHOUT ANY WARRANTY; without even the implied warranty of
#= MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#= GNU General Public License for more details.
#=
#= You should have received a copy of the GNU General Public License
#= along with CMS files; if not, write to the Free Software
#= Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#===========================================================================
*/
// Description : Provides the default page template for the administration
// interface - all other chunks get inserted in at the end
// of this script.
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_page(){
global $lang;
$version_number = "1.9.9h";
$html = "<html>\n"
."<head>\n"
."<title>".$lang["page_title"]." (".$_SERVER["HTTP_HOST"].")</title>\n"
."<style>\n"
.".banner_title {font-family:Verdana,Arial,Helvetica;font-size:13px;line-height:22px;font-weight:bold;}\n"
.".banner_smallprint {font-family:Verdana,Arial,Helvetica;font-size:10px;line-height:12px;font-weight:normal;color:#000;}\n"
.".menu_top {font-family:Verdana,Arial,Helvetica;font-size:11px;line-height:13px;font-weight:normal;}\n"
.".menu_side {font-family:Verdana,Arial,Helvetica;font-size:11px;line-height:13px;font-weight:normal;}\n"
.".menu_user {font-family:Verdana,Arial,Helvetica;font-size:16px;line-height:16px;}\n"
.".title {font-family:\"Trebuchet MS\",Tahoma,Verdana,Arial,Helvetica;font-size:28px;line-height:30px;font-weight:bold;}\n"
.".large {font-family:Verdana,Arial,Helvetica;font-size:13px;line-height:15px;}\n"
.".normal {font-family:Verdana,Arial,Helvetica;font-size:11px;line-height:13px;}\n"
.".small {font-family:Verdana,Arial,Helvetica;font-size:10px;line-height:12px;}\n"
.".footer {font-family:Verdana,Arial,Helvetica;font-size:10px;line-height:10px;color:#aaa;}\n"
."A {color:#0000aa;text-decoration:none;}\n"
."A:hover {color:#aa0000;text-decoration:underline}\n"
.".text {font-family:Verdana,Arial,Helvetica;font-size:12px;line-height:16px;}\n"
."</style>\n"
."<script src='scripts/menu.js' type='text/javascript'></script>\n"
."</head>\n"
."<body style='margin:0px;border:0px;padding:10px;' bgcolor='#eeeeee' text='#000000' onClick='hide_menus();'>\n";
// hidden menu
$html .= "<div id='menu' style='position:absolute;visibility:hidden;'><!--menu_side--></div>";
// start table holding the page
$html .= "<table border='0' cellspacing='1' cellpadding='0' width='770' align='center' bgcolor='#aaaaa'><tr><td bgcolor='#ffffff'>\n";
// start containing table for the content
$html .= "<table border='0' cellspacing='0' cellpadding='0' width='100%'>\n"
."<tr><td colspan='2'>"
."<table border='0' cellspacing='0' cellpadding='2' width='100%' bgcolor='#ffffff'>\n"
."<tr>\n"
."<td align='left' class='banner_title'> ".$lang["banner_title"]." (".$_SERVER["HTTP_HOST"].")</td>\n"
."<td align='right' class='normal'>";
// figure out if we are logged in and show the banner appropriately
if (isset($_SESSION["blog_userid"])){
$html .= "<table border='0' cellspacing='0' cellpadding='0'><tr>"
."<td class='normal'>Logged in as '".$_SESSION["blog_username"]."' </td>"
."<td class='normal'><a href='exec.php?action=user_logout'><img src='images/icon_logout_small.png' width='16' height='16' border='0' title='".$lang["logout"]."'></a></td>"
."<td class='normal'> <a href='exec.php?action=user_logout'>".$lang["logout"]."</a> </td>"
."</tr></table>";
} else {
$html .= " ";
}
$html .= "</td>\n"
."</tr>\n"
."</table>\n"
."</td></tr>\n";
// dividing line
$html .= "<tr><td colspan='2' bgcolor='#cccccc'><img src='images/pix1.gif' width='1' height='1'></td></tr>\n";
// version number
$html .= "<tr><td colspan='2' bgcolor='#cccccc' background='images/bg.gif'><div style='padding:1px;'>"
."<table width='100%' border='0' cellspacing='0' cellpadding='1'><tr><td class='banner_smallprint' align='left'>"
." <b><a href='index.php' onMouseOver='show_menu(this);'>".$lang["main_menu"]."</a></b>"
."</td><td class='banner_smallprint' align='right'>Version ".$version_number." © <a href='http://www.pluggedout.com/index.php?pk=dev_blog' title='".$lang["visit"]."'>PluggedOut</a>, 2006 </td></tr></table>\n"
."</div></td></tr>\n";
// dividing line
$html .= "<tr><td colspan='2' bgcolor='#cccccc'><img src='images/pix1.gif' width='1' height='1'></td></tr>\n";
// content row
$html .= "<tr><td colspan='2' valign='top'><div style='padding:20px;'><!--content--></div></td></tr>\n";
// gap & copyright
$html .= "<tr><td colspan='2' class='small' align='center'><br><div style='padding:5px;text-align:center;border-top:1px solid #ccc;'><a href='http://www.pluggedout.com'>Powered by PluggedOut Blog</a> ".$version_number.", © <a href='http://www.pluggedout.com/wiki/wikka.php?wakka=JonathanBeckett'>Jonathan Beckett</a>, 2006, All Rights Reserved</div></td></tr>\n";
// end the containing tables and the page
$html .= "</table>\n"
."</td></tr></table>\n"
."</body>\n"
."</html>\n";
return $html;
}
// Description : Provides the banner across the top of the admin interface
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_banner(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2' width='100%' bgcolor='#ffffff'>\n"
."<tr>\n"
."<td align='left' class='banner_title'> ".$lang["banner_title"]."</td>\n"
."<td align='right' class='normal'>";
if (isset($_SESSION["blog_userid"])){
$html .= "<table border='0' cellspacing='0' cellpadding='0'><tr><td class='normal'><a href='exec.php?action=user_logout'><img src='images/icon_logout_small.png' width='16' height='16' border='0' title='".$lang["logout"]."'></a></td><td class='normal'> <a href='exec.php?action=user_logout'>".$lang["logout"]."</a> </td></tr></table>\n";
} else {
$html .= " \n";
}
$html .= "</td>\n"
."</tr>\n"
."</table>\n";
return $html;
}
// Description : Provides the menu bar across the top of the admin interface
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_menu_top(){
global $lang;
$html = "<table width='100%' border='0' cellspacing='0' cellpadding='1'><tr><td class='banner_smallprint' align='left'> ".$_SERVER["HTTP_HOST"]."</td><td class='banner_smallprint' align='right'>Version 1.9.9f © <a href='http://www.pluggedout.com/index.php?pk=dev_blog' title='".$lang["visit"]."'>PluggedOut</a>, 2006 </td></tr></table>\n";
return $html;
}
// Description : Provides the menu down the left side of the admin interface
// Some sections are filtered according to your user role
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_menu_side(){
global $lang;
if (isset($_SESSION["blog_userid"])){
$html = "<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc' width='150'>\n"
."<tr><td bgcolor='#ffffff' class='menu_side'>"
." <table border='0' cellspacing='0' cellpadding='2'>\n";
// construct the menu according to the user role setting
// (admin, author or contributor)
$role = get_user_role($_SESSION["blog_userid"]);
$html .= "<tr><td colspan='4' class='normal'><b>".$lang["general"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_home_small.png' width='16' height='16' title='".$lang["home"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php'>".$lang["home"]."</a></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_view_small.png' width='16' height='16' title='".$lang["view_blog"]."'></td><td class='normal'> </td><td class='normal'><a href='../index.php'>".$lang["view_blog"]."</a></td></tr>\n"
."<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["entries"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_entry_small.png' width='16' height='16' title='".$lang["add_entry"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=entry_add'>".$lang["add_entry"]."</a></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_entry_small.png' width='16' height='16' title='".$lang["list_entries"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=entry_list'>".$lang["list_entries"]."</a></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_entry_small.png' width='16' height='16' title='".$lang["list_comments"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=comment_list'>".$lang["list_comments"]."</a></td></tr>\n";
// admin only sections
if ($role=="admin"){
$html .= "<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["users"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_user_small.png' width='16' height='16' title='".$lang["add_user"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=user_add'>".$lang["add_user"]."</a></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_users_small.png' width='16' height='16' title='".$lang["list_users"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=user_list'>".$lang["list_users"]."</a></td></tr>\n"
."<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["categories"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_categories_small.png' width='16' height='16' title='".$lang["add_category"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=category_add'>".$lang["add_category"]."</a></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_categories_small.png' width='16' height='16' title='".$lang["list_categories"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=category_list'>".$lang["list_categories"]."</a></td></tr>\n"
."<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["themes"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_themes_small.png' width='16' height='16' title='".$lang["theme_list"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=theme_list'>".$lang["theme_list"]."</a></td></tr>\n"
."<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["settings"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_settings_small.png' width='16' height='16' title='".$lang["edit_settings"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=settings_edit'>".$lang["edit_settings"]."</a></td></tr>\n"
."<tr><td colspan='4' class='small'> </td></tr>\n"
."<tr><td colspan='4' class='normal'><b>".$lang["files"]."</b></td></tr>\n"
."<tr><td class='normal'> </td><td><img src='images/icon_files_small.png' width='16' height='16' title='".$lang["browse_files"]."'></td><td class='normal'> </td><td class='normal'><a href='index.php?action=file_browse'>".$lang["browse_files"]."</a></td></tr>\n";
}
$html .= " </table>\n"
."</td></tr></table>\n";
} else {
$html .= " \n";
}
return $html;
}
// Description : Provides the home page of the admin interface
// Some areas are dependent on the user role
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_welcome(){
global $lang;
$html = "<div class='title'>".$lang["main_menu"]."</div>\n"
."<div class='small'> </div>\n"
."<div class='normal'>".$lang["menu_main_description"]."</div>\n"
."<div class='small'> </div>\n"
."<table width='100%' border='0' cellspacing='1' cellpadding='2' bgcolor='#cccccc'>\n"
."<tr>\n"
." <td class='normal' bgcolor='#cccccc' background='images/bg.gif' align='center' width='25%'><b>".$lang["entries"]."</b></td>\n"
." <td class='normal' bgcolor='#cccccc' background='images/bg.gif' align='center' width='25%'><b>".$lang["users"]."</b></td>\n"
." <td class='normal' bgcolor='#cccccc' background='images/bg.gif' align='center' width='25%'><b>".$lang["categories"]."</b></td>\n"
." <td class='normal' bgcolor='#cccccc' background='images/bg.gif' align='center' width='25%'><b>".$lang["misc"]."</b></td>\n"
."</tr>\n"
."<tr>\n"
." <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=entry_add&richedit=x'><img src='images/icon_entry.png' width='48' height='52' border='0' title='".$lang["add_entry"]."'><br>".$lang["add_entry"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=entry_list'><img src='images/icon_entry.png' width='48' height='52' border='0' title='".$lang["list_entries"]."'><br>".$lang["list_entries"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=comment_list'><img src='images/icon_entry.png' width='48' height='52' border='0' title='".$lang["list_comments"]."'><br>".$lang["list_comments"]."</a></div>\n"
." <div class='normal'> </div>\n"
." </td>\n";
if (get_user_role($_SESSION["blog_userid"])=="admin"){
$html .= " <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=user_add'><img src='images/icon_user.png' width='48' height='48' border='0' title='".$lang["add_user"]."'><br>".$lang["add_user"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=user_list'><img src='images/icon_users.png' width='47' height='48' border='0' title='".$lang["list_users"]."'><br>".$lang["list_users"]."</a></div>\n"
." <div class='normal'> </div>\n"
." </td>\n"
." <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=category_add'><img src='images/icon_categories.png' width='48' height='48' border='0' title='".$lang["add_category"]."'><br>".$lang["add_category"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=category_list'><img src='images/icon_categories.png' width='48' height='48' border='0' title='".$lang["list_categories"]."'><br>".$lang["list_categories"]."</a></div>\n"
." <div class='normal'> </div>\n"
." </td>\n"
." <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=theme_list'><img src='images/icon_themes.png' width='48' height='52' border='0' title='".$lang["themes"]."'><br>".$lang["themes"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=settings_edit'><img src='images/icon_search.png' width='48' height='47' border='0' title='".$lang["settings"]."'><br>".$lang["settings"]."</a></div>\n"
." <div class='normal'> </div>\n"
." <div class='normal'><a href='index.php?action=file_browse'><img src='images/icon_files.png' width='48' height='46' border='0' title='".$lang["files"]."'><br>".$lang["files"]."</a></div>\n"
." <div class='normal'> </div>\n"
." </td>\n"
."</tr>\n"
."</table>\n";
} else {
$html .= " <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." </td>\n"
." <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." </td>\n"
." <td class='normal' bgcolor='#ffffff' align='center' width='25%' valign='top'>"
." <div class='normal'> </div>\n"
." </td>\n"
."</tr>\n"
."</table>\n";
}
return $html;
}
// Description : Displays the blog entry list for the administration interface
// - allows searching, and category filtering
// Arguments : None (is uses _REQUEST parameters)
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_entry_list(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["entry_list"]."'></td>"
." <td class='title'>".$lang["entry_list"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["entry_list_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
if (isset($_REQUEST["list_from"])){
$list_from = $_REQUEST["list_from"];
} else {
$list_from = 0;
}
// Prepare Status Select
// (P = Published, U = Unpublished/Unapproved)
$html_status_select = "<select name='status' class='normal'><option value=''></option>\n";
if (isset($_REQUEST["status"])){
switch ($_REQUEST["status"]){
case "U":
$status = "U";
$html_status_select .= "<option value='P'>".$lang["published"]."</option><option value='U' selected>".$lang["unpublished"]."</option>\n";
break;
default:
$status = "P";
$html_status_select .= "<option value='P' selected>".$lang["published"]."</option><option value='U'>".$lang["unpublished"]."</option>\n";
}
} else {
$status = "P";
$html_status_select .= "<option value='P' selected>".$lang["published"]."</option><option value='U'>".$lang["unpublished"]."</option>\n";
}
$html_status_select .= "</select>\n";
// prepare category select
$html_category_select = "<select name='categoryid' class='normal'><option value=''></option>\n";
$sql = "SELECT * FROM ".$db_prefix."categories ORDER BY cCategoryName";
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
while ($row=@mysql_fetch_array($result)){
if (isset($_REQUEST["categoryid"])){
if ($_REQUEST["categoryid"]==$row["nCategoryId"]){
$selected = "selected";
} else {
$selected = "";
}
}
$html_category_select .= "<option value='".$row["nCategoryId"]."' ".$selected.">".stripslashes($row["cCategoryName"])."</option>\n";
}
} else {
$html_category_select .= "<option value=''>".$lang["not_found"]."</option>\n";
}
} else {
$html_category_select .= "<option value=''>".$lang["not_found"]."</option>\n";
}
$html_category_select .= "</select>\n";
// work out how we should filter the list
if (isset($_REQUEST["list_from"])){
$list_from=$_REQUEST["list_from"];
} else {
$list_from = 0;
}
$results_per_page = get_setting("results_per_page");
// construct SQL where clause
// handle search keywords
if (isset($_REQUEST["keywords"])){
$keywords=$_REQUEST["keywords"];
if ($keywords!=""){
$a_keywords = explode(" ",$keywords);
foreach ($a_keywords as $keyword){
$sql_keywords[] = "(ent.cBody LIKE '%".$keyword."%')";
}
$a_sql_where[] = "(".implode(" AND ",$sql_keywords).")";
}
}
// handle status
if (isset($_REQUEST["status"])){
$status = $_REQUEST["status"];
if ($status!=""){
$a_sql_where[] = "(ent.cStatus='".$status."')";
}
}
// handle category
if (isset($_REQUEST["categoryid"])){
$categoryid=$_REQUEST["categoryid"];
if ($categoryid!=""){
$a_sql_where[] = "(entcat.nCategoryId=".$categoryid.")";
}
}
// handle month and year
if (isset($_REQUEST["month"]) && isset($_REQUEST["year"])){
$month = $_REQUEST["month"];
$year = $_REQUEST["year"];
if ($month!="" && $year!=""){
$a_sql_where[] = "(ent.dAdded>'2001-01-01')";
}
}
// work out user role
$role = get_user_role($_SESSION["blog_userid"]);
// handle users that are not admins
if ($role!="admin"){
$a_sql_where[] = "(ent.nUserAdded=".$_SESSION["blog_userid"].")";
}
// construct the SQL
if (is_array($a_sql_where)){
$sql_where_clauses = implode(" AND ",$a_sql_where);
}
if ($sql_where_clauses!=""){
$sql_where = " WHERE ".$sql_where_clauses."\n";
}
$con = db_connect();
// start control output
$html .= "<form method='POST' action='index.php?action=entry_list'>\n"
."<input type='hidden' name='list_from' value='".$list_from."'>\n"
."<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' class='normal' bgcolor='#cccccc' background='images/bg.gif'><b>".$lang["entry_list"]."</b></td></tr>\n"
."<tr><td class='normal' bgcolor='#ffffff'>".$lang["keywords"]."</td><td bgcolor='#ffffff'><input type='text' name='keywords' class='text' size='20' value='".$_REQUEST["keywords"]."'></td></tr>\n"
."<tr><td class='normal' bgcolor='#ffffff'>".$lang["category"]."</td><td bgcolor='#ffffff'>".$html_category_select."</td></tr>\n"
."<tr><td class='normal' bgcolor='#ffffff'>".$lang["status"]."</td><td bgcolor='#ffffff'>".$html_status_select."</td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["submit"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
// form actual SQL
$sql_count = "SELECT DISTINCT ent.nEntryId,ent.nUserAdded,ent.cTitle,ent.dAdded,usr.cUsername,ent.cStatus,ent.nComments"
." FROM ".$db_prefix."entries ent"
." INNER JOIN ".$db_prefix."users usr ON ent.nUserAdded=usr.nUserId"
." LEFT OUTER JOIN ".$db_prefix."entry_categories entcat ON ent.nEntryId=entcat.nEntryId"
.$sql_where;
$sql = "SELECT DISTINCT ent.nEntryId,ent.nUserAdded,ent.cTitle,ent.dAdded,usr.cUsername,ent.cStatus,ent.nComments"
." FROM ".$db_prefix."entries ent"
." INNER JOIN ".$db_prefix."users usr ON ent.nUserAdded=usr.nUserId"
." LEFT OUTER JOIN ".$db_prefix."entry_categories entcat ON ent.nEntryId=entcat.nEntryId"
.$sql_where
." ORDER BY ent.dAdded DESC"
." LIMIT ".$list_from.",".$results_per_page;
$result_count = mysql_query($sql_count,$con);
$result = mysql_query($sql,$con);
if ($result!=false){
$count = mysql_num_rows($result_count);
$html_pagelinks = $lang["list_result_start"].$count.$lang["list_result_end"];
if ($count<$list_from){
$list_from = 0;
}
for($i=0;$i<$count;$i+=$results_per_page){
$start = $i;
if ($i>=($count-$results_per_page)){
$start = $i;
$end = $count-1;
} else {
$start = $i;
$end = $i+$results_per_page-1;
}
$html_link = "<a href='index.php?action=entry_list&list_from=".$start."'>".($start+1)." - ".($end+1)."</a>";
if ($i==$list_from){
$html_pagelinks .= "<b>".$html_link."</b> ";
} else {
$html_pagelinks .= $html_link." ";
}
}
$html .= "<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='6' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["entry_list"]."</b></td></tr>\n"
."<tr><td colspan='6' bgcolor='#ffffff' class='small'>".$html_pagelinks."</td></tr>\n"
."<tr>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["dateadded"]."</b></td>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["title"]."</b></td>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["comments"]."</b></td>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["author"]."</b></td>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["status"]."</b></td>"
."<td bgcolor='#dddddd' class='normal' background='images/bg.gif'><b>".$lang["controls"]."</b></td>"
."</tr>\n";
if (mysql_num_rows($result)>0){
while ($row=@mysql_fetch_array($result)){
$html .= "<tr>"
."<td bgcolor='#ffffff' class='normal'>".$row["dAdded"]."</td>"
."<td bgcolor='#ffffff' class='normal'><a href='index.php?action=entry_edit&entryid=".$row["nEntryId"]."' title='".$lang["edit"]."'>".stripslashes($row["cTitle"])."</a></td>"
."<td bgcolor='#ffffff' class='normal'><a href='index.php?action=entry_view&entryid=".$row["nEntryId"]."' title='".$lang["view"]."'>".$row["nComments"]."</a> (<a href='index.php?action=entry_view&entryid=".$row["nEntryId"]."' title='".$lang["view"]."'>".$lang["view"]."</a>)</td>"
."<td bgcolor='#ffffff' class='normal'>".stripslashes($row["cUsername"])."</td>"
."<td bgcolor='#ffffff' class='normal'>".stripslashes($row["cStatus"])."</td>"
."<td bgcolor='#ffffff' class='normal'>";
$html_edit = " <a href='index.php?action=entry_edit&entryid=".$row["nEntryId"]."' title='".$lang["edit"]."'>".$lang["edit"]."</a>";
$html_remove = " <a href='index.php?action=entry_remove&entryid=".$row["nEntryId"]."' title='".$lang["remove"]."'>".$lang["remove"]."</a>";
$html_publish = " <a href='exec.php?action=entry_publish&entryid=".$row["nEntryId"]."' title='".$lang["publish"]."'>".$lang["publish"]."</a>";
$html_unpublish = " <a href='exec.php?action=entry_unpublish&entryid=".$row["nEntryId"]."' title='".$lang["unpublish"]."'>".$lang["unpublish"]."</a>";
switch ($role){
case "admin":
// we are admin - we can do anything - including publish/unpublish
if ($row["cStatus"]=="P"){
// show unpublish button
$html .= $html_unpublish;
} else {
// show publish button
$html .= $html_publish;
}
$html .= $html_edit;
$html .= $html_remove;
break;
case "author":
// we are an author - we can publish our own work
// - we can edit our own work
// - we can remove our own work
if ($row["nUserAdded"]==$_SESSION["blog_userid"]){
if ($row["cStatus"]=="P"){
// show unpublish button
$html .= $html_unpublish;
} else {
// show publish button
$html .= $html_publish;
}
// show the edit and remove buttons
$html .= $html_edit;
$html .= $html_remove;
}
break;
case "contributor":
// we are a contributor - we can add entries as unpublished
// - we can edit unpublished work we wrote
// - we can remove unpublished work we wrote
if ($row["nUserAdded"]==$_SESSION["blog_userid"]){
if ($row["cStatus"]=="U"){
// show edit and remove buttons
$html .= $html_edit;
$html .= $html_remove;
}
}
break;
}
$html .= "</td>"
."</tr>\n";
}
} else {
$html .= "<tr><td colspan='6' bgcolor='#ffffff' class='normal' align='center'>".$lang["no_entries_returned"]."</td></tr>\n";
}
$html .= "</table>\n";
} else {
//report_problem(1,"html_entry_list ".$sql);
print $sql;
}
db_disconnect($con);
return $html;
}
// Description : Provides the comment list screen
// Arguments : None
// Returns : HTML
// Last Change : 2006-05-25
// Author : Jonathan Beckett (hide@address.com)
function html_comment_list(){
global $lang;
global $db_prefix;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["comment_list"]."'></td>"
." <td class='title'>".$lang["comment_list"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["comment_list_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$con = db_connect();
// construct SQL (remembering to take note of the user authentication level
// - admins can approve / reject / remove any comment
// - authors can see / approve / reject / remove comments on their own story
// - contributors can only see comments on their own story (not interact with them)
$role = get_user_role($_SESSION["blog_userid"]);
switch ($role){
case "admin":
$where_clause = "";
break;
case "author":
$where_clause = " WHERE e.nUserAdded=".$_SESSION["blog_userid"];
break;
case "contributor":
$where_clause = " WHERE e.nUserAdded=".$_SESSION["blog_userid"];
break;
}
// work out how we should filter the list
$results_per_page = get_setting("results_per_page");
if (isset($_REQUEST["list_from"])){
$list_from=$_REQUEST["list_from"];
} else {
$list_from = 0;
}
// find out how many comments there are in total
$sql = "SELECT *"
." FROM ".$db_prefix."comments c"
." INNER JOIN ".$db_prefix."entries e ON c.nEntryId=e.nEntryId"
.$where_clause;
$result = mysql_query($sql,$con);
if ($result!=false){
$count = mysql_num_rows($result);
}
// do the shortened query for display
$sql = "SELECT *"
." FROM ".$db_prefix."comments c"
." INNER JOIN ".$db_prefix."entries e ON c.nEntryId=e.nEntryId"
.$where_clause
." ORDER BY c.dAdded DESC"
." LIMIT ".$list_from.",".$results_per_page;
$result = mysql_query($sql,$con);
if ($result!=false){
$html .= "<form method='POST' action='exec.php?action=verify_comments'>\n"
."<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc' width='100%'>\n"
."<tr><td bgcolor='#cccccc' background='images/bg.gif' class='normal' colspan='4'><b>".$lang["comment_list"]."</b></td>\n";
if (mysql_num_rows($result)>0){
// use the record count to put the paging controls in place
$html .= "<tr><td colspan='4' bgcolor='#ffffff' class='normal'>";
for($i=0;$i<$count;$i+=$results_per_page){
$start = $i;
if ($i>=($count-$results_per_page)){
$start = $i;
$end = $count-1;
} else {
$start = $i;
$end = $i+$results_per_page-1;
}
$html_link = "<a href='index.php?action=comment_list&list_from=".$start."'>".($start+1)." - ".($end+1)."</a>";
if ($i==$list_from){
$html_pagelinks .= "<b>".$html_link."</b> ";
} else {
$html_pagelinks .= $html_link." ";
}
}
$html .= $html_pagelinks;
$html .= "</td></tr>\n";
// put the column headers in place
$html .= "<tr>"
."<td bgcolor='#dddddd' class='normal'>".$lang["comment"]."</td>"
."<td bgcolor='#dddddd' class='normal' width='50' align='center'>".$lang["approve"]."</td>"
."<td bgcolor='#dddddd' class='normal' width='50' align='center'>".$lang["reject"]."</td>"
."<td bgcolor='#dddddd' class='normal' width='50' align='center'>".$lang["remove"]."</td>"
."</tr>\n";
while ($row =@ mysql_fetch_array($result)){
$commentid = $row["nCommentId"];
$body = nl2br(htmlspecialchars(stripslashes($row["cComment"]),ENT_QUOTES));
$title = stripslashes($row["cTitle"]);
$entryid = $row["nEntryId"];
$name = stripslashes($row["cName"]);
$email = stripslashes($row["cEMail"]);
$url = $row["cURL"]!="" ? " (<a href='".stripslashes($row["cURL"])."'>".$lang["url"]."</a>)" : "";
// controls
$approve_checkbox = "";
$reject_checkbox = "";
if ($role!="contributor"){
// work out if we need an approve button
if (substr($body,0,8)=="pending:"){
$approve_checkbox = "<input type='radio' name='verify_".$commentid."' value='approve' checked>";
$reject_checkbox = "<input type='radio' name='verify_".$commentid."' value='reject'>";
}
$remove_checkbox = "<input type='checkbox' name='remove_".$commentid."' value='x'>";
}
if (substr($body,0,8)=="pending:"){
$bgcolor = "#eeeeee";
$body = str_replace("pending:","",$body);
} else {
$bgcolor = "#ffffff";
}
$html .= "<tr><td class='normal' bgcolor='".$bgcolor."'>".$body."<br><i>".$lang["by"]." <a href='mailto:".$email."'>".$name."</a>".$url." | <a href='index.php?action=entry_view&entryid=".$entryid."'>".$title."</a> | ".$row["dAdded"]." | <a href='index.php?action=comment_edit&commentid=".$commentid."'>".$lang["edit"]."</a></i></td>"
."<td class='normal' bgcolor='".$bgcolor."' align='center'>".$approve_checkbox."</td>"
."<td class='normal' bgcolor='".$bgcolor."' align='center'>".$reject_checkbox."</td>"
."<td class='normal' bgcolor='".$bgcolor."' align='center'>".$remove_checkbox."</td>"
."</tr>\n";
}
// put the submit buttons in place
if ($role!="contributor"){
$html .= "<tr><td colspan='4' align='right' bgcolor='#ffffff'><input type='submit' class='text' value='".$lang["submit"]."'></td></tr>\n";
}
} else {
$html .= "<tr><td bgcolor='#ffffff' class='normal' align='center'>".$lang["no_entries_returned"]."</td></tr>\n";
}
$html .= "</table>\n</form>\n";
} else {
// problem with sql
report_problem(1,"html_comment_list ".$sql);
}
return $html;
}
// Description : Shows the form to add a blog entry
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_entry_add(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["add_entry"]."'></td>"
." <td class='title'>".$lang["add_entry"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["entry_add_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
// build categorylist checkboxes
$sql = "SELECT * FROM ".$db_prefix."categories ORDER BY cCategoryName";
$result = mysql_query($sql,$con);
if ($result!=false){
$cat_count = mysql_num_rows($result);
if ($cat_count>0){
$html_categories = "<div class='normal' style='overflow:auto; height:150px;'>\n";
while ($row =@ mysql_fetch_array($result)){
$html_categories .= "<table border='0' cellspacing='0' cellpadding='0'><tr><td><input type='checkbox' name='cat".$row["nCategoryId"]."' value='x'></td><td class='normal'>".stripslashes($row["cCategoryName"])."</td></tr></table>\n";
}
$html_categories .= "</div>\n";
} else {
$html_categories = "<span class='normal'>".$lang["no_categories_defined"]."</span>";
}
} else {
report_problem(1,"html_entry_add ".$sql);
}
db_disconnect($con);
// use our role to determine the published status
$role = get_user_role($_SESSION["blog_userid"]);
if ($role!="contributor"){
$html_publish = "<select name='status' class='text'><option value='P'>".$lang["published"]."</option><option value='U'>".$lang["unpublished"]."</option></select>\n";
} else {
$html_publish = "<span class='normal'>".$lang["unpublished"]." (".$lang["contributor"].")</span>";
}
$html .= "<form method='POST' action='exec.php?action=entry_add'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc' width='100%'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["add_entry"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["title"]."</td><td bgcolor='#ffffff'><input type='text' name='title' size='60' class='text'></td>"
."</tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["date"]."</td><td bgcolor='#ffffff'><input type='text' name='dateadded' size='30' class='text' value='".date("Y-m-d H:i:s")."'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["status"]."</td><td bgcolor='#ffffff'>".$html_publish."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff'><textarea name='body' id='body' cols='100' rows='15' class='text'></textarea></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal' valign='top'>".$lang["categories"]."</td><td bgcolor='#ffffff'><input type='hidden' name='catcount' value='".$cat_count."'>".$html_categories."</td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' class='normal' align='right'><input type='submit' value='".$lang["add_entry"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the entry editing form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_entry_edit($entryid){
global $lang;
global $db_prefix;
$con = db_connect();
// get the existing entry
$sql = "SELECT * FROM ".$db_prefix."entries WHERE nEntryId=".$entryid;
$entry_result = mysql_query($sql,$con);
if ($entry_result!=false){
if (mysql_num_rows($entry_result)>0){
$entry_row = mysql_fetch_array($entry_result);
} else {
// could not find entry
}
} else {
// problem with sql
}
// get the existing categories the entry is filed against
$sql = "SELECT * FROM ".$db_prefix."entry_categories WHERE nEntryId=".$entryid;
$entcat_result = mysql_query($sql,$con);
if ($entcat_result!=false){
if (mysql_num_rows($entcat_result)>0){
while ($entcat_row=@mysql_fetch_array($entcat_result)){
$a_entry_categories[$entcat_row["nCategoryId"]]="x";
}
}
} else {
// problem with sql
}
// build categorylist checkboxes for the editing form
$sql = "SELECT * FROM ".$db_prefix."categories ORDER BY cCategoryName";
$cat_result = mysql_query($sql,$con);
if ($cat_result!=false){
$cat_count = mysql_num_rows($cat_result);
if ($cat_count>0){
$html_categories = "<div style='overflow:auto;height:150px;'>\n";
while ($cat_row =@ mysql_fetch_array($cat_result)){
// hilight the category if it is chosen in the entry_categories array we have already built
if ($a_entry_categories[$cat_row["nCategoryId"]]!=""){
$checked = "checked";
} else {
$checked = "";
}
$html_categories .= "<table border='0' cellspacing='0' cellpadding='0'><tr><td><input type='checkbox' name='cat".$cat_row["nCategoryId"]."' value='x' ".$checked."></td><td class='normal'>".stripslashes($cat_row["cCategoryName"])."</td></tr></table>\n";
}
$html_categories .= "</div>\n";
} else {
$html_categories = "<span class='normal'>".$lang["no_categories_defined"]."</span>";
}
} else {
report_problem(1,"html_entry_edit ".$sql);
}
db_disconnect($con);
// work out what role we are to set the publish field, and use the entry_row to default it
// (apart from contributor status, where changes cause unpublishing)
$role = get_user_role($_SESSION["blog_userid"]);
if ($entry_row["cStatus"]=="P"){
$select_published = "selected";
$select_unpublished = "";
} else {
$select_published = "";
$select_unpublished = "selected";
}
if ($role!="contributor"){
$html_publish = "<select name='status' class='text'><option value='P' ".$select_published.">".$lang["published"]."</option><option value='U' ".$select_unpublished.">".$lang["unpublished"]."</option></select>\n";
} else {
$html_publish = "<span class='normal'>".$lang["unpublished"]." (".$lang["contributor"].")</span>";
}
// build the html entry editing form
$role = get_user_role($_SESSION["blog_userid"]);
if ($_SESSION["blog_userid"]==$entry_row["nUserAdded"] || $role == "admin"){
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["edit_entry"]."'></td>"
." <td class='title'>".$lang["edit_entry"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["entry_edit_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$body = $entry_row["cBody"];
$html .= "<form method='POST' action='exec.php?action=entry_edit'>\n"
."<input type='hidden' name='entryid' value='".$entry_row["nEntryId"]."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc' width='100%'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["edit_entry"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["title"]."</td><td bgcolor='#ffffff'><input type='text' name='title' size='60' class='text' value='".htmlspecialchars(stripslashes($entry_row["cTitle"]),ENT_QUOTES)."'></td>"
."</tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["date"]."</td><td bgcolor='#ffffff'><input type='text' name='dateadded' size='30' class='text' value='".stripslashes($entry_row["dAdded"])."'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["status"]."</td><td bgcolor='#ffffff'>".$html_publish."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff'><textarea name='body' id='body' cols='100' rows='15' class='text'>".htmlspecialchars(stripslashes($body))."</textarea></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal' valign='top'>".$lang["categories"]."</td><td bgcolor='#ffffff'><input type='hidden' name='catcount' value='".$cat_count."'>".$html_categories."</td></tr>"
."<tr><td colspan='2' bgcolor='#ffffff' class='normal' align='right'><input type='submit' value='".$lang["make_changes"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
} else {
$html .= html_forbidden();
}
return $html;
}
// Description : Provides the entry removal form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_entry_remove($entryid){
global $lang;
global $db_prefix;
$con = db_connect();
// get the existing entry
$sql = "SELECT * FROM ".$db_prefix."entries WHERE nEntryId=".$entryid;
$entry_result = mysql_query($sql,$con);
if ($entry_result!=false){
if (mysql_num_rows($entry_result)>0){
$entry_row = mysql_fetch_array($entry_result);
} else {
// could not find entry
}
} else {
// problem with sql
}
// get the existing categories the entry is filed against
$sql = "SELECT entcat.nCategoryId,cat.cCategoryName FROM ".$db_prefix."entry_categories entcat"
." INNER JOIN ".$db_prefix."categories cat ON entcat.nCategoryId=cat.nCategoryId"
." WHERE entcat.nEntryId=".$entryid;
$entcat_result = mysql_query($sql,$con);
if ($entcat_result!=false){
if (mysql_num_rows($entcat_result)>0){
while ($entcat_row=@mysql_fetch_array($entcat_result)){
$html_catlist .= stripslashes($entcat_row["cCategoryName"])." ";
}
} else {
$html_catlist = $lang["not_filed_against_categories"];
}
} else {
// problem with sql
report_problem(1,"html_entry_remove ".$sql);
}
db_disconnect($con);
// build the html entry editing form
$role = get_user_role($_SESSION["blog_userid"]);
if (($_SESSION["blog_userid"]==$entry_row["nUserAdded"] && $role!="contributor") || $role=="admin"){
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["remove_entry"]."'></td>"
." <td class='title'>".$lang["remove_entry"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["entry_remove_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$html .= "<form method='POST' action='exec.php?action=entry_remove'>\n"
."<input type='hidden' name='entryid' value='".$entry_row["nEntryId"]."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='3' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["remove_entry"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["title"]."</td><td bgcolor='#ffffff' class='normal'>".stripslashes($entry_row["cTitle"])."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["date_added"]."</td><td bgcolor='#ffffff' class='normal'>".stripslashes($entry_row["dAdded"])."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["categories"]."</td><td bgcolor='#ffffff' class='normal'>".$html_catlist."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff' class='normal'>".nl2br(htmlspecialchars(stripslashes($entry_row["cBody"])))."</td></tr>\n"
."<tr><td colspan='3' bgcolor='#ffffff' class='normal' align='right'><input type='submit' value='".$lang["remove_entry"]."'></td></tr>\n"
."</form>\n";
} else {
$html .= html_forbidden();
}
return $html;
}
// Description : Provides the entry view form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_entry_view($entryid){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["view_entry"]."'></td>"
." <td class='title'>".$lang["view_entry"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["entry_view_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
// get the existing entry
$sql = "SELECT * FROM ".$db_prefix."entries WHERE nEntryId=".$entryid;
$entry_result = mysql_query($sql,$con);
if ($entry_result!=false){
if (mysql_num_rows($entry_result)>0){
$entry_row = mysql_fetch_array($entry_result);
} else {
// could not find entry
}
} else {
// problem with sql
}
// get the existing categories the entry is filed against
$sql = "SELECT entcat.nCategoryId,cat.cCategoryName FROM ".$db_prefix."entry_categories entcat"
." INNER JOIN ".$db_prefix."categories cat ON entcat.nCategoryId=cat.nCategoryId"
." WHERE entcat.nEntryId=".$entryid;
$entcat_result = mysql_query($sql,$con);
if ($entcat_result!=false){
if (mysql_num_rows($entcat_result)>0){
while ($entcat_row=@mysql_fetch_array($entcat_result)){
$html_catlist .= stripslashes($entcat_row["cCategoryName"])." ";
}
} else {
$html_catlist = $lang["not_filed_against_categories"];
}
} else {
// problem with sql
report_problem(1,"html_entry_remove ".$sql);
}
// show the entry
$html .= "<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='4' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["view_entry"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["title"]."</td><td bgcolor='#ffffff' class='normal'>".stripslashes($entry_row["cTitle"])."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["date"]."</td><td bgcolor='#ffffff' class='normal'>".stripslashes($entry_row["dAdded"])."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["categories"]."</td><td bgcolor='#ffffff' class='normal'>".$html_catlist."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff' class='normal'>".nl2br(htmlspecialchars(stripslashes($entry_row["cBody"])))."</td></tr>\n"
."<tr><td colspan='4' bgcolor='#cccccc' class='normal'><b>".$lang["comments"]."</b></td></tr>\n";
$sql = "SELECT * FROM ".$db_prefix."comments WHERE nEntryId=".$entryid." ORDER BY dAdded";
$comment_result = mysql_query($sql,$con);
if ($comment_result!=false){
if (mysql_num_rows($comment_result)>0){
$html .= "<tr><td colspan='4' bgcolor='#ffffff' class='normal'>\n"
."<table border='0' cellspacing='1' cellpadding='3' width='100%' bgcolor='#cccccc'>\n";
while ($comment_row =@ mysql_fetch_array($comment_result)){
$comment = htmlspecialchars(stripslashes($comment_row["cComment"]));
$name = htmlspecialchars(stripslashes($comment_row["cName"]));
if ($comment_row["cEMail"]!=""){
$email = "(<a href='mailto:".htmlspecialchars(stripslashes($comment_row["cEMail"]))."'>".$lang["email"]."</a>) ";
} else {
$email = " ";
}
if ($comment_row["cURL"]!=""){
$url = "(<a href='".htmlspecialchars(stripslashes($comment_row["cURL"]))."'>".$lang["url"]."</a>) ";
} else {
$url = " ";
}
$date_added = htmlspecialchars(stripslashes($comment_row["dAdded"]));
$html .= "<tr><td bgcolor='#ffffff' class='small'>"
."<span class='normal'>".$comment."</span>"
."<br>".$lang["by"]." ".$name." ".$lang["on"]." ".$date_added." ".$email." ".$url
."</td><td bgcolor='#ffffff' class='small' align='center' width='75'>"
."<a href='index.php?action=comment_edit&commentid=".$comment_row["nCommentId"]."'>".$lang["edit"]."</a>"
."<br><a href='index.php?action=comment_remove&commentid=".$comment_row["nCommentId"]."'>".$lang["remove"]."</a>"
."</td></tr>\n";
}
$html .= "</table>\n"
."</td></tr>\n";
} else {
$html .= "<tr><td colspan='4' bgcolor='#ffffff' class='normal' align='center'>".$lang["no comments yet"]."</td></tr>\n";
}
} else {
report_problem(1,"html_view_entry ".$sql);
}
$html .= "</table>\n";
db_disconnect($con);
return $html;
}
// Description : Provides the Comment Edit form
// Arguments : comment_id - the id of the comment within the comments table
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_comment_edit($comment_id){
global $lang;
global $db_prefix;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["edit_comment"]."'></td>"
." <td class='title'>".$lang["edit_comment"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["comment_edit_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
// get the comment from the database
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."comments WHERE nCommentId=".$comment_id;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row = mysql_fetch_array($result);
$entry_id = $row["nEntryId"];
$name = stripslashes($row["cName"]);
$email = stripslashes($row["cEMail"]);
$url = stripslashes($row["cURL"]);
$body = stripslashes($row["cComment"]);
$html .= "<form method='POST' action='exec.php?action=comment_edit'>\n"
."<input type='hidden' name='entryid' value='".$entry_id."'>\n"
."<input type='hidden' name='commentid' value='".$comment_id."'>\n"
."<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["edit_comment"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["name"]."</td><td bgcolor='#ffffff'><input type='text' name='name' class='text' value='".$name."' size='30'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["email"]."</td><td bgcolor='#ffffff'><input type='text' name='email' class='text' value='".$email."' size='40'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["url"]."</td><td bgcolor='#ffffff'><input type='text' name='url' class='text' value='".$url."' size='50'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff'><textarea name='body' class='text' cols='50' rows='3'>".$body."</textarea></td></tr>\n"
."<tr><td bgcolor='#ffffff' colspan='2' align='right'><input type='submit' value='".$lang["make_changes"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
} else {
// no comment found
$html = "<p class='normal'>".$lang["no_comment_found"]."</p>\n";
}
} else {
// problem with SQL
report_problem(1,"html_comment_edit ".$sql);
}
return $html;
}
// Description : Provides the Comment Remove form
// Arguments : comment_id - the id of the comment within the comments table
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_comment_remove($comment_id){
global $lang;
global $db_prefix;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_entry.png' width='48' height='52' title='".$lang["remove_comment"]."'></td>"
." <td class='title'>".$lang["remove_comment"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["comment_remove_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
// get the comment from the database
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."comments WHERE nCommentId=".$comment_id;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row = mysql_fetch_array($result);
$entry_id = $row["nEntryId"];
$name = stripslashes($row["cName"]);
$email = stripslashes($row["cEMail"]);
$url = stripslashes($row["cURL"]);
$body = stripslashes($row["cComment"]);
$html .= "<form method='POST' action='exec.php?action=comment_remove'>\n"
."<input type='hidden' name='entryid' value='".$entry_id."'>\n"
."<input type='hidden' name='commentid' value='".$comment_id."'>\n"
."<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["remove_comment"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["name"]."</td><td bgcolor='#ffffff' class='normal'>".$name."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["email"]."</td><td bgcolor='#ffffff' class='normal'>".$email."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["url"]."</td><td bgcolor='#ffffff' class='normal'>".$url."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["body"]."</td><td bgcolor='#ffffff' class='normal'>".$body."</td></tr>\n"
."<tr><td bgcolor='#ffffff' colspan='2' align='right'><input type='submit' value='".$lang["remove_comment"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
} else {
// no comment found
$html = "<p class='normal'>No comment found.</p>\n";
}
} else {
// problem with SQL
report_problem(1,"html_comment_edit ".$sql);
}
return $html;
}
// Description : Provides the Login form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_login(){
if (isset($_REQUEST["login_failure"])){
if ($_REQUEST["login_failure"]!=""){
$failure = "<p><b>".$lang["login_failure"]."</b></p>";
}
}
global $lang;
$html = "<br>\n"
."<div align='center'><img src='images/blog_logo.png' width='213' height='212' title='PluggedOut Blog'></div>\n"
."<br><br>\n"
.$failure
."<form method='POST' action='exec.php?action=user_login'>\n"
."<table align='center' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["login"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["username"]."</td><td bgcolor='#ffffff'><input type='text' name='username' class='text'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["password"]."</td><td bgcolor='#ffffff'><input type='password' name='password' class='text'></td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["login"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the theme list form, from which the
// admin user can choose the default theme
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_themes_list(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_themes.png' width='48' height='52' title='".$lang["theme_list"]."'></td>"
." <td class='title'>".$lang["theme_list"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["theme_list_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$html .= "<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='3' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["themes"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#dddddd' class='normal'>".$lang["name"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["selected"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["controls"]."</td>"
."</tr>\n";
$current_theme = get_setting("theme");
// look through the themes directory
$themes_dir = realpath("../themes");
if (is_dir($themes_dir)) {
if ($dh = opendir($themes_dir)) {
while (($file = readdir($dh)) !== false) {
if ($file!="." && $file!=".." && is_dir($themes_dir."/".$file)){
if ($current_theme == $file){
$selected = $lang["selected"];
} else {
$selected = " ";
}
$html .= "<tr>"
."<td bgcolor='#ffffff' class='normal'>".$file."</td>"
."<td bgcolor='#ffffff' class='normal'>".$selected."</td>"
."<td bgcolor='#ffffff' class='normal'><a href='exec.php?action=theme_set&theme=".$file."'>".$lang["select"]."</a> <a href='index.php?action=template_file_list&theme=".$file."'>".$lang["edit"]."</a> <a href='../index.php?theme=".$file."'>".$lang["preview"]."</a></td>"
."</tr>\n";
}
}
closedir($dh);
} else {
header("Location: problem.php?f=themes_list&p=cannot_read_themes_directory");
}
} else {
header("Location: problem.php?f=themes_list&p=cannot_find_themes_directory");
}
$html .= "</table>\n";
return $html;
}
// Description : Provides the category list form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_category_list(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_categories.png' width='48' height='52' title='".$lang["category_list"]."'></td>"
." <td class='title'>".$lang["category_list"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["category_list_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$html .= "<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["category_list"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#dddddd' class='normal'>".$lang["category_name"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["controls"]."</td>"
."</tr>\n";
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."categories ORDER BY cCategoryName";
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
while ($row=@mysql_fetch_array($result)){
$html .= "<tr>"
."<td bgcolor='#ffffff' class='normal'>".stripslashes($row["cCategoryName"])."</td>"
."<td bgcolor='#ffffff' class='normal'>"
."<a href='index.php?action=category_edit&categoryid=".$row["nCategoryId"]."'>".$lang["edit"]."</a>"
." <a href='index.php?action=category_remove&categoryid=".$row["nCategoryId"]."'>".$lang["remove"]."</a>"
."</td>"
."</tr>\n";
}
} else {
$html .= "<tr><td colspan='2' bgcolor='#ffffff' class='normal' align='center'>".$lang["no_categories_defined"]."</td></tr>\n";
}
} else {
report_problem(1,"html_category_list ".$sql);
}
db_disconnect($con);
$html .= "</table>\n";
return $html;
}
// Description : Provides the user list form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_user_list(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_users.png' width='48' height='52' title='".$lang["user_list"]."'></td>"
." <td class='title'>".$lang["user_list"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["user_list_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$html .= "<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='4' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["user_list"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#dddddd' class='normal'>".$lang["username"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["role"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["email"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["controls"]."</td>"
."</tr>\n";
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."users ORDER BY cUsername";
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
while ($row=@mysql_fetch_array($result)){
$html .= "<tr>"
."<td bgcolor='#ffffff' class='normal'>".stripslashes($row["cUsername"])."</td>"
."<td bgcolor='#ffffff' class='normal'>".stripslashes($row["cRole"])."</td>"
."<td bgcolor='#ffffff' class='normal'><a href='mailto:".stripslashes($row["cEMail"])."'>".stripslashes($row["cEMail"])."</a></td>"
."<td bgcolor='#ffffff' class='normal'>";
$html .= "<a href='index.php?action=user_edit&userid=".$row["nUserId"]."'>".$lang["edit"]."</a>";
if ($row["cUsername"]!="admin"){
$html .= " <a href='index.php?action=user_remove&userid=".$row["nUserId"]."'>".$lang["remove"]."</a>";
}
$html .= "</td>"
."</tr>\n";
}
} else {
$html .= "<tr><td colspan='4' bgcolor='#ffffff' class='normal' align='center'>".$lang["no_users_defined"]."</td></tr>\n";
}
} else {
report_problem(1,"html_user_list ".$sql);
}
$html .= "</table>";
db_disconnect($con);
return $html;
}
// Description : Provides the add user form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_user_add(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_user.png' width='48' height='52' title='".$lang["add_user"]."'></td>"
." <td class='title'>".$lang["add_user"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["add_user_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$html .= "<form method='POST' action='exec.php?action=user_add'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["add_user"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["username"]."</td><td bgcolor='#ffffff'><input type='text' name='username' class='text' size='20'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["password"]."</td><td bgcolor='#ffffff'><input type='password' name='password' class='text' size='20'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["email"]."</td><td bgcolor='#ffffff'><input type='text' name='email' class='text' size='50'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["role"]."</td><td bgcolor='#ffffff'><select name='role' class='text'><option value='admin'>Administrator</option><option value='author'>Author</option><option value='contributor'>Contributor</option></td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["add_user"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the user editing form
// Arguments : userid - the id of the user we want to edit
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_user_edit($userid){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_user.png' width='48' height='52' title='".$lang["edit_user"]."'></td>"
." <td class='title'>".$lang["edit_user"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["edit_user_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."users WHERE nUserId=".$userid;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row =@ mysql_fetch_array($result);
$username = htmlspecialchars(stripslashes($row["cUsername"]),ENT_QUOTES);
$password = stripslashes($row["cPassword"]);
$email = stripslashes($row["cEMail"]);
$role = stripslashes($row["cRole"]);
if ($username!="admin"){
switch($role){
case "administrator":
$select_administrator = "selected";
$select_author = "";
$select_contributor = "";
break;
case "author":
$select_administrator = "";
$select_author = "selected";
$select_contributor = "";
break;
case "contributor":
$select_administrator = "";
$select_author = "";
$select_contributor = "selected";
break;
}
$html_role_select = "<select name='role' class='text'><option value='admin' ".$select_administrator.">".$lang["administrator"]."</option><option value='author' ".$select_author.">".$lang["author"]."</option><option value='contributor' ".$select_contributor.">".$lang["contributor"]."</option></select>";
} else {
// this is the admin user
$html_role_select = "<span class='normal'>".$lang["administrator"]." <input type='hidden' name='role' value='admin'></span>";
}
} else {
report_problem(2,"html_user_edit");
}
} else {
report_problem(1,"html_user_edit ".$sql);
}
db_disconnect($con);
// prepare contents of form based - to except the admin username from being edited
if ($username=="admin"){
$html_username = "<input type='hidden' name='username' value='admin'><span class='normal'>admin</span>";
} else {
$html_username = "<input type='text' name='username' class='text' size='20' value='".$username."'>";
}
$html .= "<form method='POST' action='exec.php?action=user_edit'>\n"
."<input type='hidden' name='userid' value='".$userid."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["edit_user"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["username"]."</td><td bgcolor='#ffffff'>".$html_username."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["password"]."</td><td bgcolor='#ffffff' class='small'><input type='password' name='user_password' class='text' size='20' value=''> (enter a password to change)</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["email"]."</td><td bgcolor='#ffffff'><input type='text' name='email' class='text' size='50' value='".$email."'></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["role"]."</td><td bgcolor='#ffffff'>".$html_role_select."</td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["make_changes"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the user removal form
// Arguments : userid - the id of the user we want to remove
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_user_remove($userid){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_user.png' width='48' height='52' title='".$lang["remove_user"]."'></td>"
." <td class='title'>".$lang["remove_user"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["remove_user_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
// create a dropdown for the replaceid
$sql = "SELECT * FROM ".$db_prefix."users WHERE nUserId<>".$userid." ORDER BY cUsername";
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$html_replace = "<select name='replaceid' class='text'>\n";
while($row=@mysql_fetch_array($result)){
$html_replace .= "<option value='".$row["nUserId"]."'>".$row["cUsername"]."</option>\n";
}
$html_replace .= "</select>\n";
} else {
// problem!
}
}
$sql = "SELECT * FROM ".$db_prefix."users WHERE nUserId=".$userid;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row =@ mysql_fetch_array($result);
$username = stripslashes($row["cUsername"]);
$email = stripslashes($row["cEMail"]);
$role = stripslashes($row["cRole"]);
} else {
header("Location: problem.php?f=user_remove&p=no_records");
}
} else {
header("Location: problem.php?f=user_remove&p=sql_error");
}
db_disconnect($con);
$html .= "<form method='POST' action='exec.php?action=user_remove&userid=".$userid."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["remove_user"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["username"]."</td><td bgcolor='#ffffff' class='normal'>".$username."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["password"]."</td><td bgcolor='#ffffff' class='normal'>".$email."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["email"]."</td><td bgcolor='#ffffff' class='normal'>".$role."</td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["replace_with"]."</td><td bgcolor='#ffffff' class='normal'>".$html_replace."<span class='small'> (".$lang["replace_with_description"].")</span></td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='Remove User' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the category removal form
// Arguments : categoryid - the id of the category we want to remove
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_category_remove($categoryid){
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_categories.png' width='48' height='52' title='".$lang["remove_category"]."'></td>"
." <td class='title'>".$lang["remove_category"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["remove_category_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."categories WHERE nCategoryId=".$categoryid;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row =@ mysql_fetch_array($result);
$category_name = stripslashes($row["cCategoryName"]);
} else {
header("Location: problem.php?f=category_remove&p=no_records");
}
} else {
header("Location: problem.php?f=category_remove&p=sql_error");
}
db_disconnect($con);
$html .= "<form method='POST' action='exec.php?action=category_remove&categoryid=".$categoryid."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["remove_category"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["category"]."</td><td bgcolor='#ffffff' class='normal'>".$category_name."</td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["remove_category"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the category add form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_category_add(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_categories.png' width='48' height='52' title='".$lang["add_category"]."'></td>"
." <td class='title'>".$lang["add_category"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["add_category_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$html .= "<form method='POST' action='exec.php?action=category_add'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["add_category"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["category"]."</td><td bgcolor='#ffffff'><input type='text' name='category_name' class='text' size='30'></td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["add_category"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the category edit form
// Arguments : categoryid - the id of the category we want to edit
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_category_edit($categoryid){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_categories.png' width='48' height='52' title='".$lang["edit_category"]."'></td>"
." <td class='title'>".$lang["edit_category"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["edit_category_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
global $db_prefix;
// get the category record we are editing
$con = db_connect();
$sql = "SELECT * FROM ".$db_prefix."categories WHERE nCategoryId=".$categoryid;
$result = mysql_query($sql,$con);
if ($result!=false){
if (mysql_num_rows($result)>0){
$row =@ mysql_fetch_array($result);
$category_name = htmlspecialchars(stripslashes($row["cCategoryName"]),ENT_QUOTES);
$html .= "<form method='POST' action='exec.php?action=category_edit'>\n"
."<input type='hidden' name='categoryid' value='".$categoryid."'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["edit_category"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["category"]."</td><td bgcolor='#ffffff'><input type='text' name='category_name' class='text' size='30' value='".$category_name."'></td></tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["make_changes"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
} else {
// no record
header("Location: problem.php?f=category_edit&p=record_not_found");
}
}
db_disconnect($con);
return $html;
}
// Description : Provides the file browsing form
// Arguments : None (it uses GET and POST parameters)
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_filebrowse(){
global $lang;
$site_root = realpath("../.");
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_files.png' width='48' height='52' title='".$lang["browse_files"]."'></td>"
." <td class='title'>".$lang["browse_files"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["browse_files_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
// establish directory we want to show in format /var/html/uploads
if ($_GET["path"]!=""){
$path = $_GET["path"];
} else {
$path = $site_root."/uploads";
}
// clear the file state cache
clearstatcache();
if ($handle = opendir($path)) {
$path = realpath($path);
if (is_writable($path)){
// Create path in the format http://sitename/filename
$shortpath = "..".str_replace($site_root,"",$path);
$i=0;
while (($file = readdir($handle))!==false) {
if (is_dir($path."/".$file)){
// directory
// exclude path back out of site root
if ($path==$site_root && $file==".."){
// exclude
} else {
$i++;
$directories[$i] = $file;
}
} else {
// file
if ($file!="." && $file!=".."){
$j++;
$files[$j] = $file;
} else {
// for some reason '..' is detected as a file in safe mode
if ($path==$site_root && $file==".."){
// exclude
} else {
$i++;
$directories[$i] = $file;
}
}
}
}
//closedir($handle);
// sort the arrays
if (count($directories)>0){
sort($directories);
}
if (count($files)>0){
sort($files);
}
// output the list of directories, then the list of files
$html .= "<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
." <tr><td colspan='5' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>File Browse</b></td></tr>\n"
." <tr><td colspan='5' bgcolor='#ffffff' class='normal'>".$lang["path"]." : ".$path."</td></tr>\n"
." <tr><td colspan='5' bgcolor='#ffffff' class='normal'>".$lang["create_dir_here"]." : "
." <form action='exec.php?action=filebrowse_directory_create' method='POST'>\n"
." <input name='path' type='hidden' value='".$path."'>\n"
." <input name='shortpath' type='hidden' value='".$shortpath."'>\n"
." <input name='directory' type='text' class='text'>\n"
." <input class='button' type='submit' value='".$lang["create"]."'>\n"
." </form>\n"
." </td></tr>\n";
$html .= " <tr><td colspan='5' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["directories"]."</b></td></tr>\n";
for ($i=0;$i<count($directories);$i++){
// determine controls
if ($directories[$i]!="." && $directories[$i]!=".."){
$controls = "<a href='exec.php?action=filebrowse_directory_remove&directory=".$path."/".$directories[$i]."&path=".$path."' class='normal'>".$lang["remove"]."</a>";
} else {
$controls = "";
}
$html.="<tr>"
."<td bgcolor='#ffffff' width='16'><img src='images/file_icon_folder.png' width='16' height='16'></td>"
."<td bgcolor='#ffffff' class='normal' colspan='3'><a href='index.php?action=file_browse&path=".$path."/".$directories[$i]."' class='cms_link'>".$directories[$i]."</a></td>"
."<td bgcolor='#ffffff'>".$controls."</td>"
."</tr>\n";
}
// work out destination for uploads
$destination = $path;
$html .= " <tr><td colspan='5' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["files"]."</b> (<a href='".$_SERVER["REQUEST_URI"]."&showhtml=x'>".$lang["show_html"]."</a>)</td></tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal' colspan='5'>".$lang["upload_here"]
." <form enctype='multipart/form-data' action='exec.php?action=filebrowse_file_upload&destination=".$destination."' method='POST'>\n"
." <input type='hidden' name='MAX_FILE_SIZE' value='8388608'>\n"
." <input name='userfile' type='file' class='text'>\n"
." <input class='button' type='submit' value='".$lang["upload_file"]."'>\n"
." </form>\n"
."</td>"
."</tr>\n"
."<td width='16' bgcolor='#dddddd' class='cms_small'> </td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["filename"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["size_bytes"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["size_w_h"]."</td>"
."<td bgcolor='#dddddd' class='normal'>".$lang["controls"]."</td>"
."</tr>\n";
for ($i=0;$i<count($files);$i++){
// figure out which icon to use
$controls = "";
$icon = "";
switch (strtolower(substr($files[$i],strlen($files[$i])-3,3))){
case "php":
$icon = "images/file_icon_script.png";
$controls = " ";
break;
case "fnc":
$icon = "images/file_icon_script.png";
$controls = " ";
break;
case "css":
$icon = "images/file_icon_script.png";
$controls = " ";
break;
case ".js":
$icon = "images/file_icon_script.png";
$controls = " ";
break;
case "gif":
$icon = "images/file_icon_image.png";
$controls .= "<a href='exec.php?action=filebrowse_file_delete&file=".$path."/".$files[$i]."&path=".$path."' class='normal'>Remove</a>";
break;
case "jpg":
$icon = "images/file_icon_image.png";
$controls .= "<a href='exec.php?action=filebrowse_file_delete&file=".$path."/".$files[$i]."&path=".$path."' class='normal'>Remove</a>";
break;
case "png":
$icon = "images/file_icon_image.png";
$controls .= "<a href='exec.php?action=filebrowse_file_delete&file=".$path."/".$files[$i]."&path=".$path."' class='normal'>Remove</a>";
break;
case "inc":
$icon = "images/file_icon_config.png";
$controls .= "<a href='exec.php?action=filebrowse_file_delete&file=".$path."/".$files[$i]."&path=".$path."' class='normal'>Remove</a>";
break;
default:
$icon = "images/file_icon_script.png";
$controls .= "<a href='exec.php?action=filebrowse_file_delete&file=".$path."/".$files[$i]."&path=".$path."' class='normal'>Remove</a>";
}
// prepare filename (anchor or not)
if (substr($files[$i],strlen($files[$i])-3,3)=="php" || substr($files[$i],strlen($files[$i])-2,2)=="js"){
$filename = $files[$i];
} else {
$filename = "<a href='".$shortpath."/".$files[$i]."' class='normal'>".$files[$i]."</a>";
}
// prepare size if its an image
if ($files[$i]!="." && $files[$i]!=".."){
$asize =@ getimagesize($shortpath."/".$files[$i]);
} else {
$asize = false;
}
if ($asize!=false){
$size = $asize[0]." x ".$asize[1];
} else {
$size = " ";
}
$html.="<tr>"
."<td bgcolor='#ffffff' width='16'><img src='".$icon."' width='16' height='16'></td>"
."<td bgcolor='#ffffff' class='normal'>".$filename."</td>"
."<td bgcolor='#ffffff' class='normal'>".number_format(filesize($shortpath."/".$files[$i]))."</td>"
."<td bgcolor='#ffffff' class='normal'>".$size."</td>"
."<td bgcolor='#ffffff' class='normal'>".$controls."</td>"
."</tr>\n";
// if it was a graphic file, show the HTML
if ($_GET["showhtml"]=="x"){
$ext = substr($files[$i],strlen($files[$i])-3,3);
$spath = str_replace("../","",$shortpath);
$serverpath = str_replace("admin/index.php",$spath,$_SERVER["SCRIPT_URI"]);
//$serverpath = ."/".substr($shortpath,3,strlen($shortpath)-3);
if ($ext=="png" || $ext=="jpg" || $ext=="gif"){
$html .= "<tr><td colspan='5' bgcolor='#ffffff' class='small'><img src='".$serverpath."/".$files[$i]."' width='".$asize[0]."' height='".$asize[1]."' /></td></tr>\n";
}
}
}
$html.="</table>\n";
} else {
header("Location: problem.php?f=filebrowse&p=uploads_dir_not_writable");
}
closedir($handle);
} else {
// cannot find uploads directory
header("Location: problem.php?f=filebrowse&p=uploads_dir_not_found");
}
return $html;
}
// Description : Provides the settings form
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_settings_edit(){
global $lang;
// get the settings
$theme = get_setting("theme");
$results_per_page = get_setting("results_per_page");
$entry_list_limit = get_setting("default_entry_list_limit");
$rich_editing = get_setting("rich_editing");
if ($rich_editing!=""){
$rich_editing = "checked";
}
$banned_words = get_setting("banned_words");
$rss_root_url = get_setting("rss_root_url");
$rss_title = get_setting("rss_title");
$rss_description = get_setting("rss_description");
$rss_language = get_setting("rss_language");
$rss_copyright = get_setting("rss_copyright");
$rss_editor = get_setting("rss_editor");
$rss_webmaster = get_setting("rss_webmaster");
$rss_category = get_setting("rss_category");
$rss_ttl = get_setting("rss_ttl"); // 60 = default
$rss_image = get_setting("rss_image");
// set the checked / unchecked status of parse smilies
$parse_smilies = get_setting("parse_smilies");
if ($parse_smilies!=""){
$parse_smilies = "checked";
}
// set the checked / unchecked status of notify comments
$notify_comments = get_setting("notify_comments");
if ($notify_comments!=""){
$notify_comments = "checked";
}
// construct HTML for the timezone option
$timedelta = get_setting("timedelta");
if ($timedelta==""){
$timedelta="0";
}
$timedeltas = Array("-11","-10","-9","-8","-7","-6","-5","-4","-3","-2","-1","0","+1","+2","+3","+4","+5","+6","+7","+8","+9","+10","+11");
// construct the timezone dropdown
$html_select_timedelta = "<select name='timedelta'>";
foreach($timedeltas as $td){
if ($timedelta == $td){
$sel = " selected ";
} else {
$sel = "";
}
$html_select_timedelta .= "<option value='".$td."' ".$sel.">".$td."</option>";
}
$html_select_timedelta .= "</select>\n";
// set the checked / unchecked status of parse carriage returns
$parse_crlf = get_setting("parse_crlf");
if ($parse_crlf!=""){
$parse_crlf = "checked";
}
// set the comment_code value
$comment_code = get_setting("comment_code");
if ($comment_code!=""){
$comment_code = "checked";
}
// set the verify_comments value
$verify_comments = get_setting("verify_comments");
if ($verify_comments!=""){
$verify_comments = "checked";
}
// set the comment_order contents
if (get_setting("comment_order")=="DESC"){
$comment_order_asc = "";
$comment_order_desc = "selected";
} else {
$comment_order_asc = "selected";
$comment_order_desc = "";
}
$comment_order = "<option value='' ".$comment_order_asc.">".$lang["ascending"]."</option>"
."<option value='DESC' ".$comment_order_desc.">".$lang["descending"]."</option>";
// start outputting the settings page
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_search.png' width='48' height='52' title='".$lang["settings"]."'></td>"
." <td class='title'>".$lang["settings"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["settings_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$html .= "<form method='POST' action='exec.php?action=settings_edit'>\n"
."<table align='left' border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["blog_settings"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["admin_results_per_page"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='text' name='results_per_page' class='text' size='10' value='".$results_per_page."'> (".$lang["admin_results_per_page_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["visitor_entries_per_page"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='text' name='entry_list_limit' class='text' size='10' value='".$entry_list_limit."'> (".$lang["visitor_entries_per_page_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["parse_smilies"]."</td>"
."<td bgcolor='#ffffff'><input type='checkbox' name='parse_smilies' value='x' ".$parse_smilies."></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["notify_comments"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='checkbox' name='notify_comments' value='x' ".$notify_comments."> (".$lang["notify_comments_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["parse_crlf"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='checkbox' name='parse_crlf' value='x' ".$parse_crlf."> (".$lang["parse_crlf_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["timedelta"]."</td>"
."<td bgcolor='#ffffff' class='small'>".$html_select_timedelta." (".$lang["timedelta_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["banned_words"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='text' name='banned_words' class='text' size='30' value='".$banned_words."'> (".$lang["banned_words_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["comment_code"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='checkbox' name='comment_code' value='x' ".$comment_code."> (".$lang["comment_code_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["comment_order"]."</td>"
."<td bgcolor='#ffffff' class='small'><select class='text' name='comment_order'>".$comment_order."</select></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["verify_comments"]."</td>"
."<td bgcolor='#ffffff' class='small'><input type='checkbox' name='verify_comments' value='x' ".$verify_comments."> (".$lang["verify_comments_description"].")</td>"
."</tr>\n"
;
$html .= "<tr><td colspan='2' bgcolor='#cccccc' class='normal' background='images/bg.gif'><b>".$lang["rss_settings"]."</b></td></tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["root_url"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_root_url' class='text' size='60' value='".$rss_root_url."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["blog_title"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_title' class='text' size='60' value='".$rss_title."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["description"]."</td>"
."<td bgcolor='#ffffff'><textarea name='rss_description' class='text' cols='50' rows='2'>".$rss_description."</textarea></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["language"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_language' class='text' size='10' value='".$rss_language."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["copyright"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_copyright' class='text' size='50' value='".$rss_copyright."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["editor"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_editor' class='text' size='50' value='".$rss_editor."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["webmaster"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_webmaster' class='text' size='50' value='".$rss_webmaster."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["category"]."</td>"
."<td bgcolor='#ffffff'><input type='text' name='rss_category' class='text' size='30' value='".$rss_category."'></td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["ttl"]."</td>"
."<td bgcolor='#ffffff' class='normal'><input type='text' name='rss_ttl' class='text' size='10' value='".$rss_ttl."'> (".$lang["ttl_description"].")</td>"
."</tr>\n"
."<tr>"
."<td bgcolor='#ffffff' class='normal'>".$lang["image_url"]."</td>"
."<td bgcolor='#ffffff' class='normal'><input type='text' name='rss_image' class='text' size='50' value='".$rss_image."'></td>"
."</tr>\n"
."<tr><td colspan='2' bgcolor='#ffffff' align='right' class='normal'><input type='submit' value='".$lang["make_changes"]."' class='button'></td></tr>\n"
."</table>\n"
."</form>\n";
return $html;
}
// Description : Provides the forbidden screen
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_forbidden(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_help.png' width='48' height='52' title='".$lang["forbidden"]."'></td>"
." <td class='title'>".$lang["forbidden"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["forbidden_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
return $html;
}
// Description : Provides a list of the files in a template
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_template_file_list(){
global $lang;
// show a list of the files in the template
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_files.png' width='48' height='52' title='".$lang["template_files"]."'></td>"
." <td class='title'>".$lang["template_files"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["template_files_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
// work out path to current theme
$path = "../themes/".$_GET["theme"];
$path = realpath($path);
// show files in theme
if ($handle = opendir($path)) {
// loop through files within path
while (($file = readdir($handle))!==false) {
if (is_dir($path."/".$file)){
// it's a directory
} else {
// it's a file
$afiles[] = $file;
$filedate[$file] = date ("F d Y H:i:s.",filemtime($path."/".$file));
$fsize[$file] = filesize($path."/".$file);
if (is_writeable($path."/".$file)){
$filewritable[$file] = "w";
} else {
$filewritable[$file] = "n";
}
}
}
// sort the filenames
asort($afiles);
$html .= "<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td colspan='2' bgcolor='#cccccc' background='images/bg.gif' class='normal'><b>".$lang["templates"]."</b></td></tr>\n";
foreach($afiles as $file){
if ($filewritable[$file]=="w"){
$edit_link_start = "<a href='index.php?action=template_file_edit&theme=".$_GET["theme"]."&file=".$file."'>";
$edit_link_end = "</a>";
} else {
$edit_link_start = "";
$edit_link_end = "";
}
$html .= "<tr><td class='normal' bgcolor='#ffffff'>".$edit_link_start.$file.$edit_link_end."</td><td class='normal' bgcolor='#ffffff'>".$filedate[$file]."</td></tr>\n";
}
$html .= "</table>\n";
} else {
// problem opening file handle
header("Location: problem.php?f=template_file_list");
}
return $html;
}
// Description : Provides a form to edit a tempalte file contents
// Arguments : None
// Returns : HTML
// Last Change : 2006-04-02
// Author : Jonathan Beckett (hide@address.com)
function html_template_file_edit(){
global $lang;
$html = "<table border='0' cellspacing='0' cellpadding='2'>\n"
."<tr>"
." <td rowspan='2'><img src='images/icon_files.png' width='48' height='52' title='".$lang["edit_template_file"]."'></td>"
." <td class='title'>".$lang["edit_template_file"]."</div>\n"
."</tr><tr>"
." <td class='normal'>".$lang["edit_template_file_description"]."</td>\n"
."</tr>\n"
."</table>\n"
."<br>\n";
$path = "../themes/".$_GET["theme"];
$path = realpath($path);
$file = $path."/".$_GET["file"];
if (file_exists($file)){
if (is_writeable($file)){
// get the contents of the file passed in
$text = file_get_contents($file);
$html .= "<form method='POST' action='exec.php?action=template_file_edit'>\n"
."<input type='hidden' name='file' value='".$file."'>\n"
."<input type='hidden' name='theme' value='".$_REQUEST["theme"]."'>\n"
."<table border='0' cellspacing='1' cellpadding='3' bgcolor='#cccccc'>\n"
."<tr><td bgcolor='#cccccc' background='images/bg.gif' class='normal'><b>".$lang["edit_template_file"]."</b></td></tr>\n"
."<tr><td bgcolor='#ffffff' class='normal'>".$lang["template_file"]." : ".$_GET["theme"]."/".$_GET["file"]."</td></tr>\n"
."<tr><td bgcolor='#ffffff'>"
."<textarea name='template' cols='80' rows='25' wrap='off'>".htmlspecialchars($text)."</textarea>"
."</td></tr>\n"
."<tr><td bgcolor='#ffffff' align='right'><input type='submit' value='".$lang["make_changes"]."'></td></tr>\n"
."</table>\n"
."</form>\n";
} else {
// file isnt writeable
header("Location: problem.php?f=template_file_edit");
}
} else {
$html .= "<p class='normal'>".$lang["template_file_not_found"]."</p>\n";
}
return $html;
}
?>