adminfaq.php at ProNuke. Postnuke To Oracle

<?php
// File: $Id: adminfaq.php,v 1.16 2001/12/04 13:07:45 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Richard Tirtadji <hide@address.com>,
//                          Hutdik Hermawan <hide@address.com>
// Purpose of file: FAQ system, based on PHP-Nuke Add-On http://nukeaddon.com/
// ----------------------------------------------------------------------

global $dbconn, $pntable;

if (!eregi("admin.php", $PHP_SELF)) { die ("Access Denied"); }
$hlpfile = "manual/faqs.html";

if (authorised(0, 'FAQ::', '::', ACCESS_ADMIN)) {

modules_get_language();

/*********************************************************/
/* Faq Admin Function                                    */
/*********************************************************/

function FaqAdmin() {
    global $hlpfile, $admin, $bgcolor4,$bgcolor2, $bgcolor1,$bgcolor3, $pntable, $currentlang, $dbconn;
    include ("header.php");
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-pagetitle\">"._FAQADMIN."</font></center>";
    CloseTable();
    echo "<br>";
    $lang = languagelist();
    $column = &$pntable['faqcategories_column'];
    $result = $dbconn->Execute("SELECT count($column[id_cat])
                              FROM $pntable[faqcategories]");
    list($count) = $result->fields;
    if ($count > 0) {
        OpenTable();
        echo "<center><font class=\"pn-title\">"._ACTIVEFAQS."</font><br/><br/>"
        ."<font class=\"pn-normal\"><b>[<a href=\"admin.php?op=FaqCatUnanswered\">"._VIEWUNANSWERED."</a>]</b></font></center><br>"
        ."<table border=\"0\" width=\"100%\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr>"
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._ID."</b></td>"
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._CATEGORIES."</b></td>"
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._SUBCATEGORIES."</b></td>"
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._LANGUAGE."</b></td>"
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._FUNCTIONS."</b></td></tr><tr>";

        $column = &$pntable['faqcategories_column'];
        $result = $dbconn->Execute("SELECT $column[id_cat], $column[categories], $column[flanguage]
                                  FROM $pntable[faqcategories]
                                  WHERE $column[parent_id]=0
                                  ORDER BY $column[id_cat]");
        // FTO Check EOF and databse error
        if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

        while(!$result->EOF)
        {
           list($id_cat, $categories, $flanguage) = $result->fields;
           $result->MoveNext();

           echo "<tr>";
           echo "<td align=\"center\" bgcolor=\"$bgcolor3\">$id_cat</td>"
            ."<td bgcolor=\"$bgcolor3\" align=\"center\">$categories</td>"
            ."<td bgcolor=\"$bgcolor3\"></td>"
            ."<td bgcolor=\"$bgcolor3\" align=\"center\">$lang[$flanguage]</td>" /* ML */
            ."<td bgcolor=\"$bgcolor3\" align=\"center\">[ <a href=\"admin.php?op=FaqCatGo&amp;id_cat=$id_cat\">"._CONTENT."</a> | <a href=\"admin.php?op=FaqCatEdit&amp;id_cat=$id_cat\">"._EDIT."</a> | <a href=\"admin.php?op=FaqCatDel&amp;id_cat=$id_cat&amp;ok=0\">"._DELETE."</a> ]</td>";
            echo "</tr>";

            $column = &$pntable['faqcategories_column'];
            $subresult = $dbconn->Execute("SELECT $column[id_cat], $column[categories], $column[flanguage]
                                         FROM $pntable[faqcategories]
                                         WHERE $column[parent_id]=$id_cat
                                         ORDER BY $column[id_cat]");
             // FTO Check EOF and databse error

             if (!$subresult) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

             while(!$subresult->EOF)
             {
                list($sid_cat, $scategories, $flanguage) = $subresult->fields;
                $subresult->MoveNext();

                echo "<tr>";
                echo "<td align=\"center\">$sid_cat</td>"
                ."<td></td>"
                ."<td bgcolor=\"$bgcolor4\" colspan=1 align=\"center\">$scategories</td>"
                ."<td align=\"center\">$lang[$flanguage]</td>" /* ML */
                ."<td align=\"center\">[ <a href=\"admin.php?op=FaqCatGo&amp;id_cat=$sid_cat\">"._CONTENT."</a> | <a href=\"admin.php?op=FaqCatEdit&amp;id_cat=$sid_cat\">"._EDIT."</a> | <a href=\"admin.php?op=FaqCatDel&amp;id_cat=$sid_cat&amp;ok=0\">"._DELETE."</a> ]</td>";
                echo "</tr>";
            }
        }

        echo "</td></tr></table>";
        CloseTable();
        echo "<br>";
    }
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._ADDCATEGORY."</b></font></center><br>"
    ."<form action=\"admin.php\" method=\"post\">"
    ."<table border=\"0\" width=\"100%\"><tr><td>"
    .""._CATEGORIES.":</td><td><input type=\"text\" name=\"categories\" size=\"30\"></td>"
    .'<tr><td>'._LANGUAGE.':</td><td>' /* ML language dropdown to give every cat a language */
    .'<select name="flanguage" size="1">';
    $sel_lang[$currentlang] = ' selected';
    print "<option value=\"\">"._ALL.'</option>';
    $handle = opendir('language');
    while ($f = readdir($handle))
    {
        if (is_dir("language/$f") && $lang[$f])
        {
            $langlist[$f] = $lang[$f];
        }
    }
    ksort($langlist);
    foreach ($langlist as $k=>$v)
    {
        print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
    }
    print '</select></td>';
    echo "<td>"._PARENT.": ";
    echo "<select name=parent_cat>";
    echo "<option value=0>"._NEWTOPCATEGORY."</option>";
    // fifers: is it just me or did we just do this query a bit ago?
    $result = $dbconn->Execute("SELECT $column[id_cat], $column[categories]
                              FROM $pntable[faqcategories]
                              WHERE $column[parent_id]=0
                              ORDER BY $column[id_cat]");

    // FTO Check EOF and database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
    while(!$result->EOF)
    {
        list($id_cat, $categories) = $result->fields;
        $result->MoveNext();

        echo "<option value=$id_cat>$categories</option>";
    }
    echo "</select>";
    echo "</td>";

    echo "</tr></table>"
    ."<input type=\"hidden\" name=\"op\" value=\"FaqCatAdd\">"
    ."<input type=\"submit\" value="._SAVE.">"
    ."</form>";
    CloseTable();
    include("footer.php");
}

function FaqCatGo($id_cat) {
    global $hlpfile, $admin, $bgcolor3, $bgcolor2, $pntable, $dbconn;
    include ("header.php");
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-pagetitle\">"._FAQADMIN."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"pn-title\">"._QUESTIONS."</font></center><br>"
    ."<table border=\"0\" width=\"100%\" cellpadding=\"3\" cellspacing=\"1\" align=\"center\"><tr>"
    ."<td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-normal\"><b>"._CONTENT."</b></font></td>"
    ."<td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-normal\"><b>"._FUNCTIONS."</b></font></td></tr>";
    $column = &$pntable['faqanswer_column'];
    $result = $dbconn->Execute("SELECT $column[id], $column[question], $column[answer]
                              FROM $pntable[faqanswer]
                              WHERE $column[id_cat]='$id_cat' and $column[answer]<>''
                              ORDER BY $column[id]");
    // FTO Check EOF and database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
    while(!$result->EOF)
    {

        list($id, $question, $answer) = $result->fields;

        $result->MoveNext();
        echo "<tr><td bgcolor=\"$bgcolor3\" align=\"center\"><i>$question</i><br><br>$answer"
        ."</td><td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-normal\">
	    <b>[ <a href=\"admin.php?op=FaqCatGoEdit&amp;id=$id\">"._EDIT."</a> | <a href=\"admin.php?op=FaqCatGoDel&amp;id=$id&amp;ok=0\">"._DELETE."</a> ]</b>
	    </font></td></tr>"
        ."</td></tr>";
    }
    echo "</table>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._ADDQUESTION."</b></center><br>"
    ."<form action=\"admin.php\" method=\"post\">"
    ."<table border=\"0\" width=\"100%\"><tr><td>"
    .""._QUESTION.":</td><td><input type=\"text\" name=\"question\" size=\"40\"></td></tr><tr><td>"
    .""._ANSWER." </td><td><textarea name=\"answer\" cols=\"60\" rows=\"10\"></textarea>"
    ."</td></tr></table>"
    ."<input type=\"hidden\" name=\"id_cat\" value=\"$id_cat\">"
    ."<input type=\"hidden\" name=\"op\" value=\"FaqCatGoAdd\">"
    ."<input type=\"submit\" value="._SAVE."> "._GOBACK.""
    ."</form>";
    CloseTable();
    include("footer.php");
}

function FaqCatEdit($id_cat) {
    global $hlpfile, $admin,  $currentlang, $pntable, $dbconn;
    include(WHERE_IS_PERSO."config.php");
    include ("header.php");
    GraphicAdmin($hlpfile);
    OpenTable();
      echo "<center><font class=\"pn-pagetitle\">"._FAQADMIN."</font></center>";
    CloseTable();
    echo "<br>";
    $column = &$pntable['faqcategories_column'];
    $result = $dbconn->Execute("SELECT $column[categories], $column[flanguage]
                              FROM $pntable[faqcategories]
                              WHERE $column[id_cat]='$id_cat'");
    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    list($categories,$flanguage) = $result->fields;
    OpenTable();
    echo "<center><font class=\"pn-normal\"><b>"._EDITCATEGORY."</b></font></center>"
    ."<form action=\"admin.php\" method=\"post\">"
    ."<input type=\"hidden\" name=\"id_cat\" value=\"$id_cat\">"
    ."<table border=\"0\" width=\"100%\"><tr><td>"
    .""._CATEGORIES.":</td><td><input type=\"text\" name=\"categories\" size=\"31\" value=\"$categories\">"
    .'<tr><td>'._LANGUAGE.':</td><td>' /* ML language dropdown to give every cat a language */
    .'<select name="flanguage" size="1">';
    $sel_lang[$flanguage] = ' selected';
    $lang = languagelist();
    print "<option value=\"\">"._ALL.'</option>';
    $handle = opendir('language');
    while ($f = readdir($handle))
    {
        if (is_dir("language/$f") && $lang[$f])
        {
            $langlist[$f] = $lang[$f];
        }
    }
    ksort($langlist);
    foreach ($langlist as $k=>$v)
    {
        print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
    }
    print '</select>'
    ."</td></tr></table>"
    ."<input type=\"hidden\" name=\"op\" value=\"FaqCatSave\">"
    ."<input type=\"submit\" value=\""._SAVE."\"> "._GOBACK.""
    ."</form>";
    CloseTable();
    include("footer.php");
}

function FaqCatGoEdit($id) {
    global $hlpfile, $admin, $bgcolor2, $bgcolor4, $pntable, $dbconn;
    include ("header.php");
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-pagetitle\">"._FAQADMIN."</font></center>";
    CloseTable();
    echo "<br>";
    $column = &$pntable['faqanswer_column'];
    $result = $dbconn->Execute("SELECT $column[question], $column[answer], $column[id_cat]
                              FROM $pntable[faqanswer]
                              WHERE $column[id]='$id'");
    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    list($question, $answer, $id_cat) = $result->fields;
    OpenTable();
    echo "<center><font class=\"pn-normal\"><b>"._EDITQUESTIONS."</b></font></center>"
    ."<form action=\"admin.php\" method=\"post\">"
    ."<input type=\"hidden\" name=\"id\" value=\"$id\">"
    ."<table border=\"0\" width=\"100%\"><tr><td bgcolor=\"$bgcolor4\" >"
    .""._QUESTION.":</td><td><input type=\"text\" name=\"question\" size=\"31\" value=\"$question\"></td></tr><tr><td>"
    .""._ANSWER.":</td><td><textarea name=\"answer\" cols=\"60\" rows=\"5\">$answer</textarea>"
    ."</td></tr>"
    ."<tr><td>"
    ._CATEGORY
    ."</td><td>";

    echo "<select name=\"id_cat\">";
    $column = &$pntable['faqcategories_column'];
    $result = $dbconn->Execute("SELECT $column[id_cat], $column[categories]
                              FROM $pntable[faqcategories]
                              WHERE $column[parent_id] = 0
                              ORDER BY $column[id_cat]");

    // FTO Check EOF and database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
    while(!$result->EOF)
    {
        list($nid_cat, $ncategories) = $result->fields;

        $result->MoveNext();

        if( $nid_cat == $id_cat )
         {
            echo "<option value=\"$nid_cat\" selected=\"true\">$ncategories</option>";
         } else
         {
            echo "<option value=\"$nid_cat\">$ncategories</option>";
         }

        $column = &$pntable['faqcategories_column'];
        $cresult = $dbconn->Execute("SELECT $column[id_cat], $column[categories]
                                   FROM $pntable[faqcategories]
                                   WHERE $column[parent_id]=$nid_cat");
        // FTO Check database error
        if (!$cresult) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        while(!$cresult->EOF)
        {
            list($cid_cat, $ccategories) = $cresult->fields;

            $cresult->MoveNext();

            if( $cid_cat == $id_cat )
            {
                echo "<option value=\"$cid_cat\" selected> $ncategories --> $ccategories</option>";
            } else {
                echo "<option value=\"$cid_cat\"> $ncategories --> $ccategories</option>";
            }
        }
    }
    echo "</select>";

    echo "</td></tr></table>"
    ."<input type=\"hidden\" name=\"op\" value=\"FaqCatGoSave\">"
    ."<input type=\"submit\" value="._SAVE."> "._GOBACK.""
    ."</form>";
    CloseTable();
    include("footer.php");
}

function FaqCatSave($id_cat, $categories, $flanguage) { /* ML added flanguage */
    global $pntable, $dbconn;

    csrfcheck();

    $categories = stripslashes(FixQuotes($categories));

    $column = &$pntable['faqcategories_column'];
    $result=$dbconn->Execute("UPDATE $pntable[faqcategories] SET $column[categories]='$categories', $column[flanguage]='$flanguage'  where $column[id_cat]='$id_cat'");
    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");


    pnRedirect("/admin.php?op=FaqAdmin");
}

function FaqCatGoSave($id, $question, $answer, $id_cat) {
    global $pntable, $dbconn;

    csrfcheck();

    $question = stripslashes(FixQuotes($question));
    $answer = stripslashes(FixQuotes($answer));
    $column = &$pntable ['faqanswer_column'];
    $result=$dbconn->Execute("UPDATE $pntable[faqanswer]
                    SET $column[question]='$question', $column[answer]='$answer', $column[id_cat]='$id_cat'
                    WHERE $column[id]='$id'");

    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    pnRedirect("admin.php?op=FaqAdmin");
}

function FaqCatAdd($categories, $flanguage, $parent_cat=0) { /* ML added flanguage */
    global $pntable, $dbconn;

    csrfcheck();

    $categories = stripslashes(FixQuotes($categories));
    $column = &$pntable['faqcategories_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $newid = $dbconn->GenId("{$pntable['faqcategories']}_SEQ");
    $result=$dbconn->Execute("INSERT INTO $pntable[faqcategories] ($column[id_cat], $column[parent_id], $column[categories], $column[flanguage] ) VALUES ($newid, $parent_cat, '$categories', '$flanguage')");

    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    pnRedirect("admin.php?op=FaqAdmin");
}

function FaqCatGoAdd($id_cat, $question, $answer) {
    global $pntable, $dbconn;

    csrfcheck();

    $question = stripslashes(FixQuotes($question));
    $answer = stripslashes(FixQuotes($answer));
    $column = &$pntable ['faqanswer_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $newid = $dbconn->GenId("{$pntable['faqanswer']}_SEQ");
    
    $result=$dbconn->Execute("INSERT INTO $pntable[faqanswer]
                   ($column[id], $column[id_cat], $column[question], $column[answer] ) values ($newid, '$id_cat', '$question', '$answer')");

    // FTO Check database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    pnRedirect("admin.php?op=FaqCatGo&id_cat=$id_cat");
}

function FaqCatDel($id_cat, $ok=0) {
    global $pntable, $dbconn;

    csrfcheck();

    if($ok==1) {
        $dbconn->Execute("DELETE FROM $pntable[faqcategories] WHERE {$pntable['faqcategories_column']['id_cat']}=$id_cat");
        $dbconn->Execute("DELETE FROM $pntable[faqanswer] WHERE {$pntable['faqanswer_column']['id_cat']}=$id_cat");

        pnRedirect("admin.php?op=FaqAdmin");
    } else {
        include("header.php");
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<center><font class=\"pn-title\"><b>"._FAQADMIN."</b></font></center>";
        CloseTable();
        echo "<br>";
        OpenTable();
        echo "<br><center><b>"._FAQDELWARNING."</b><br><br>";
    }
    echo "[ <a href=\"admin.php?op=FaqCatDel&amp;id_cat=$id_cat&amp;ok=1\">"._YES."</a> | <a href=\"admin.php?op=FaqAdmin\">"._NO."</a> ]</center><br><br>";
    CloseTable();
    include("footer.php");
}

function FaqCatGoDel($id, $ok=0) {
    global $pntable, $dbconn;

    csrfcheck();

    if($ok==1) {
        $dbconn->Execute("DELETE FROM $pntable[faqanswer] WHERE {$pntable['faqanswer_column']['id']}=$id");
        pnRedirect("admin.php?op=FaqAdmin");
    } else {
        include("header.php");
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<center><font class=\"pn-title\"><b>"._FAQADMIN."</b></font></center>";
        CloseTable();
        echo "<br>";
        OpenTable();
        echo "<br><center><b>"._QUESTIONDEL."</b><br><br>";
    }
    echo "[ <a href=\"admin.php?op=FaqCatGoDel&amp;id=$id&amp;ok=1\">"._YES."</a> | <a href=\"admin.php?op=FaqAdmin\">"._NO."</a> ]</center><br><br>";
    CloseTable();
    include("footer.php");
}

function FaqCatUnanswered()
{
    global $hlpfile, $admin, $bgcolor1,$bgcolor2, $pntable, $dbconn;
    include ("header.php");
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._FAQADMIN."</b></font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"pn-normal\"><b>"._UNANSWEREDQUESTIONS."</b></font></center><br>"
    ."<table border=1 width=100% align=\"center\"><tr>"
    ."<td bgcolor=\"$bgcolor2\" align=\"center\">"._CONTENT."</td>"
    ."<td bgcolor=\"$bgcolor2\" align=\"center\">"._FUNCTIONS."</td></tr>";

    $column = &$pntable['faqanswer_column'];
//FTO Add IS NULL

    $result = $dbconn->Execute("SELECT $column[id], $column[question], $column[answer]
                              FROM $pntable[faqanswer]
                              WHERE $column[answer]='' OR $column[answer] IS NULL
                              ORDER BY $column[id]");
    // FTO Check EOF and database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    while(!$result->EOF)
    {


        list($id, $question, $answer) = $result->fields;

        $result->MoveNext();
    echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\"><i>$question</i>"
        ."</td><td align=\"center\">[ <a href=\"admin.php?op=FaqCatGoEdit&amp;id=$id\">"._ANSWER."</a> | <a href=\"admin.php?op=FaqCatGoDel&amp;id=$id&amp;ok=0\">"._DELETE."</a> ]</td></tr>"
        ."</td></tr>";
    }

    echo "</table>";
    CloseTable();
    echo "<br>";

    OpenTable();
    echo "<center>" . _GOBACK . "</center>";
    CloseTable();

    include("footer.php");
}

} else {
    echo "Access Denied";
}
?>