<?php
// File: $Id: stories.php,v 1.53 2001/12/06 02:19:31 acm3 Exp $ $Name: $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file:
// Purpose of file:
// ----------------------------------------------------------------------
$myts = new MyTextSanitizer; // MyTextSanitizer object
global $typocode, $currentFile, $currentComponent, $opPrefix;
$myts->typeCoding = $typocode;
//added these variables to make copy & paste of this code
//easier (needed f.e. if you want to let users post articles
//from your_account module
$currentFile = "admin.php";
$storyComponent = "Stories::";
$catComponent = "Stories::Categories";
$opPrefix = "";
if (!eregi($currentFile, $PHP_SELF)) { die ("Access Denied"); }
modules_get_language();
//
// Story/News functions
//
/**
* Prints optionbox 'publish on homepage'
*
* This function prints two radio buttons, 'yes' or 'no', used to ask if the
* user wants to publish a certain story on the homepage. One of the two
* buttons can be selected; if none is indicated, 'yes' is selected.
*
* @param $ihome bool Select 'yes' (0 or empty) or 'no' (1)
* @return none
* @author FB
*/
function puthome($ihome)
{
echo "<br><b>"._PUBLISHINHOME."</b> ";
if (($ihome == 0) OR ($ihome == '')) {
$sel1 = ' checked';
$sel2 = '';
}
if ($ihome == 1) {
$sel1 = '';
$sel2 = ' checked';
}
echo "<input type=\"radio\" name=\"ihome\" value=\"0\"$sel1>"._YES." "
."<input type=\"radio\" name=\"ihome\" value=\"1\"$sel2>"._NO.""
." <font class=\"pn-normal\">[ "._ONLYIFCATSELECTED." ]</font><br>";
}
function withcomments($comm) {
echo "<br><b>"._ALLOWCOMMENTS."</b> ";
if (($comm == 0) OR ($comm == "")) {
$csel1 = "checked";
$csel2 = "";
}
if ($comm == 1) {
$csel1 = "";
$csel2 = "checked";
}
echo "<input type=\"radio\" name=\"comm\" value=\"0\" $csel1>"._YES." "
."<input type=\"radio\" name=\"comm\" value=\"1\" $csel2>"._NO."<br>";
}
/**
* Delete a story
*
* This function, given a queue id, deletes a story from the queue
*
* @param $qid int Queue id of the the story
* @return none
* @author FB
*/
function deleteStory($qid)
{
global $pntable, $dbconn, $currentFile, $opPrefix;
csrfcheck();
$result = $dbconn->Execute("DELETE FROM $pntable[queue]
WHERE {$pntable[queue_column][qid]}='$qid'");
if ($result === false) {
error_log("stories->deleteStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "Error accesing to the database");
}
pnRedirect($currentFile.'?op='.${opPrefix}.'submissions');
}
function SelectCategory($cat) {
global $pntable, $dbconn, $currentFile, $catComponent, $storyComponent, $opPrefix;
$column = &$pntable['stories_cat_column'];
$selcat = $dbconn->Execute("SELECT $column[catid], $column[title]
FROM $pntable[stories_cat]");
echo "<b>"._CATEGORY."</b> ";
echo "<select name=\"catid\">";
if ($cat == 0) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"catid\" value=\"0\" $sel>"._ARTICLES."</option>";
//FTO : Test EOF and database error
if (!$selcat) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $selcat->EOF) {
list($catid, $title) = $selcat->fields;
if ($catid == $cat) {
$sel = "selected";
} else {
$sel = "";
}
if (authorised(0, $storyComponent, ":$title:", ACCESS_ADD)) {
echo "<option name=\"catid\" value=\"$catid\" $sel>$title</option>";
}
$selcat->MoveNext();
}
echo "</select>";
if (authorised(0, $catComponent, '::', ACCESS_DELETE))
echo " [ <a href=\"$currentFile?op=${opPrefix}AddCategory\">"._ADD."</a> | <a href=\"$currentFile?op=${opPrefix}EditCategory\">"._EDIT."</a> | <a href=\"$currentFile?op=${opPrefix}DelCategory\">"._DELETE."</a> ]";
elseif (authorised(0, $catComponent, '::', ACCESS_ADD))
echo " [ <a href=\"$currentFile?op=${opPrefix}AddCategory\">"._ADD."</a> | <a href=\"$currentFile?op=${opPrefix}EditCategory\">"._EDIT."</a> ]";
elseif (authorised(0, $catComponent, '::', ACCESS_EDIT))
echo " [ <a href=\"$currentFile?op=${opPrefix}EditCategory\">"._EDIT."</a> ]";
}
function _admin_cat_theme_list($selectname, $defaulttheme)
{
$r = "<select name=\"${selectname}\">";
$r .= "<option value=\"\"";
if ($defaulttheme == "") {
$r .= " selected";
}
$r .= ">"._CATOVERRIDENONE."</option>";
$handle = opendir('themes');
$themelist = array();
while ($file = readdir($handle)) {
if ((!ereg("[.]", $file))) {
$themelist[] = $file;
}
}
closedir($handle);
sort($themelist);
for ($i = 0; $i < sizeof($themelist); ++$i) {
if (($themelist[$i] != "") && ($themelist[$i] != "CVS")) {
$r .= "<option value=\"${themelist[$i]}\"";
if ($defaulttheme == $themelist[$i]) {
$r .= " selected";
}
$r .= ">${themelist[$i]}</option>";
}
}
$r .= "</select>";
return ($r);
}
function AddCategory()
{
global $currentFile, $catComponent, $opPrefix;
csrfcheck();
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
if (!authorised(0, $catComponent, '::', ACCESS_ADD)) {
echo _STORIESADDCATNOAUTH;
include 'footer.php';
return;
}
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORYADD."</b></font><br><br><br>"
."<form action=\"$currentFile\" method=\"post\">"
."<b>"._CATNAME.":</b> "
."<input type=\"text\" name=\"title\" size=\"22\" maxlength=\"40\"> "
."<input type=\"hidden\" name=\"${opPrefix}op\" value=\"SaveCategory\">"
."<input type=\"submit\" value=\""._SAVE."\">"
."<br><b>"._CATOVERRIDE.":</b> " . _admin_cat_theme_list("themeoverride", "")
."</form></center>";
CloseTable();
include ("footer.php");
}
function EditCategory($catid)
{
global $pntable, $dbconn, $currentFile, $catComponent, $opPrefix;
csrfcheck();
$catid += 0;
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute( "SELECT $column[title], $column[themeoverride]
FROM $pntable[stories_cat]
WHERE $column[catid] = '$catid'");
list($title, $themeoverride) = $result->fields;
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
if (!authorised(0, $catComponent, "$title:$catid:", ACCESS_EDIT)) {
echo _STORIESEDITCATNOAUTH;
include 'footer.php';
return;
}
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._EDITCATEGORY."</b></font><br>";
if (!$catid) {
$column = &$pntable['stories_cat_column'];
$selcat = $dbconn->Execute("SELECT $column[catid], $column[title]
FROM $pntable[stories_cat]");
echo "<form action=\"$currentFile\" method=\"post\">";
echo "<b>"._ASELECTCATEGORY."</b>";
echo "<select name=\"catid\">";
echo "<option name=\"catid\" value=\"0\" $sel>Articles</option>";
//FTO : Test EOF and database error
if (!$selcat) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $selcat->EOF) {
list($catid, $title) = $selcat->fields;
echo "<option name=\"catid\" value=\"$catid\" $sel>$title</option>";
$selcat->MoveNext();
}
echo "</select>";
echo "<input type=\"hidden\" name=\"${opPrefix}op\" value=\"EditCategory\">";
echo "<input type=\"submit\" value=\""._EDIT."\"><br><br>";
echo ""._NOARTCATEDIT."";
} else {
echo "<form action=\"$currentFile\" method=\"post\">";
echo "<b>"._CATEGORYNAME.":</b> ";
echo "<input type=\"text\" name=\"title\" size=\"22\" maxlength=\"40\" value=\"$title\"> ";
echo "<br>" . _admin_cat_theme_list("themeoverride", $themeoverride);
echo "<input type=\"hidden\" name=\"catid\" value=\"$catid\">";
echo "<input type=\"hidden\" name=\"${opPrefix}op\" value=\"SaveEditCategory\">";
echo "<br><input type=\"submit\" value=\""._SAVECHANGES."\"><br><br>";
echo ""._NOARTCATEDIT."";
echo "</form>";
}
echo "</center>";
CloseTable();
include("footer.php");
}
function DelCategory($cat) {
global $pntable, $dbconn, $currentFile, $catComponent, $opPrefix;
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid]='$cat'");
list($title) = $result->fields;
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
if (!authorised(0, $catComponent, "$title:$cat:", ACCESS_DELETE)) {
echo _STORIESDELCATNOAUTH;
include 'footer.php';
return;
}
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._DELETECATEGORY."</b></font><br>";
if (!$cat) {
$column = &$pntable['stories_cat_column'];
$selcat = $dbconn->Execute("SELECT $column[catid], $column[title]
FROM $pntable[stories_cat]");
echo "<form action=\"$currentFile\" method=\"post\">"
."<b>"._SELECTCATDEL.": </b>"
."<select name=\"cat\">";
//FTO : Test EOF and database error
if (!$selcat) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $selcat->EOF) {
list($catid, $title) = $selcat->fields;
echo "<option name=\"cat\" value=\"$catid\">$title</option>";
$selcat->MoveNext();
}
echo "</select>"
."<input type=\"hidden\" name=\"${opPrefix}op\" value=\"DelCategory\">"
."<input type=\"submit\" value=\"Delete\">"
."</form>";
} else {
/* Get a quick count of the rows - Wandrer */
$column = &$pntable['stories_column'];
$result2 = $dbconn->Execute("SELECT COUNT(*) FROM $pntable[stories]
WHERE $column[catid]='$cat'");
list($numrows) = $result2->fields;
if ($numrows == 0) {
$result = $dbconn->Execute("DELETE FROM $pntable[stories_cat]
WHERE {$pntable[stories_cat_column][catid]}='$cat'");
if ($result === false) {
error_log("stories->DelCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->DelCategory: Error accesing to the database");
}
echo "<br><br>"._CATDELETED."<br><br>"._GOTOADMIN."";
} else {
echo "<br><br><b>"._WARNING.":</b> "._THECATEGORY." <b>$title</b> "._HAS." <b>$numrows</b> "._STORIESINSIDE."<br>"
.""._DELCATWARNING1."<br>"
.""._DELCATWARNING2."<br><br>"
.""._DELCATWARNING3."<br><br>"
."<b>[ <a href=\"$currentFile?op=${opPrefix}YesDelCategory&catid=$cat\">"._YESDEL."</a> | "
."<a href=\"$currentFile?op=${opPrefix}NoMoveCategory&catid=$cat\">"._NOMOVE."</a> ]</b>";
}
}
echo "</center>";
CloseTable();
include("footer.php");
}
function YesDelCategory($catid) {
global $pntable, $dbconnm, $currentFile, $catComponent;
csrfcheck();
if (!authorised(0, $catComponent, "$title:$catid:", ACCESS_DELETE)) {
echo _STORIESDELCATNOAUTH;
include 'footer.php';
return;
}
$result = $dbconn->Execute("DELETE FROM $pntable[stories_cat]
WHERE {$pntable[stories_cat_column][catid]}='$catid'");
if ($result === false) {
error_log("stories->YesDelCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->YesDelCategory: Error accesing to the database");
}
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("SELECT $column[sid]
FROM $pntable[stories]
WHERE $column[catid]='$catid'");
//FTO : Test EOF and database error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $result->EOF) {
list($sid) = $result->fields;
$result = $dbconn->Execute("DELETE FROM $pntable[stories]
WHERE {$pntable[stories_column][catid]}='$catid'");
if ($result === false) {
error_log("stories->YesDelCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->YesDelCategory: Error accesing to the database");
}
$result = $dbconn->Execute("DELETE FROM $pntable[comments]
WHERE {$pntable[comments_column][sid]}='$sid'");
if ($result === false) {
error_log("stories->YesDelCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->YesDelCategory: Error accesing to the database");
}
$result->MoveNext();
}
pnRedirect($currentFile);
}
function NoMoveCategory($catid, $newcat) {
global $pntable, $dbconn, $currentFile, $storyComponent, $catComponent, $opPrefix;
csrfcheck();
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid]='$catid'");
list($title) = $result->fields;
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
if (!authorised(0, $catComponent, "$title:$catid:", ACCESS_DELETE)) {
echo _STORIESMOVECATNOAUTH;
include 'footer.php';
return;
}
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._MOVESTORIES."</b></font><br><br>";
if (!$newcat) {
echo ""._ALLSTORIES." <b>$title</b> "._WILLBEMOVED."<br><br>";
$column = &$pntable['stories_cat_column'];
$selcat = $dbconn->Execute("SELECT $column[catid], $column[title]
FROM $pntable[stories_cat]");
echo "<form action=\"$currentFile\" method=\"post\">";
echo "<b>"._SELECTNEWCAT.":</b> ";
echo "<select name=\"newcat\">";
echo "<option name=\"newcat\" value=\"0\">"._ARTICLES."</option>";
//FTO : Test EOF and database error
if (!$selcat) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $selcat->EOF) {
list($newcat, $title) = $selcat->fields;
if (authorised(0, $storyComponent, ":$title:", ACCESS_ADD))
echo "<option name=\"newcat\" value=\"$newcat\">$title</option>";
$selcat->MoveNext();
}
echo "</select>";
echo "<input type=\"hidden\" name=\"catid\" value=\"$catid\">";
echo "<input type=\"hidden\" name=\"${opPrefix}op\" value=\"NoMoveCategory\">";
echo "<input type=\"submit\" value=\""._OK."\">";
echo "</form>";
} else {
$column = &$pntable['stories_column'];
$resultm = $dbconn->Execute("SELECT $column[sid]
FROM $pntable[stories]
WHERE $column[catid]='$catid'");
//FTO : Test EOF and database error
if (!$resultm) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $resultm->EOF) {
list($sid) = $resultm->fields;
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("UPDATE $pntable[stories]
SET $column[catid]='$newcat'
WHERE $column[sid]='$sid'");
if ($result === false) {
error_log("stories->NoMoveCategoryt: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->NoMoveCategoryt: Error accesing to the database");
}
$resultm->MoveNext();
}
$result = $dbconn->Execute("DELETE FROM $pntable[stories_cat]
WHERE {$pntable[stories_cat_column][catid]}='$catid'");
if ($result === false) {
error_log("stories->NoMoveCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->NoMoveCategory: Error accesing to the database");
}
echo ""._MOVEDONE."";
}
CloseTable();
include("footer.php");
}
function SaveEditCategory($catid, $title, $themeoverride) {
global $pntable, $dbconn, $currentFile, $catComponent;
csrfcheck();
if (!authorised(0, $catComponent, "$title:$catid:", ACCESS_EDIT)) {
include 'header.php';
echo _STORIESEDITCATNOAUTH;
include 'footer.php';
return;
}
$title = addslashes($title);
$themeoverride = addslashes($themeoverride);
$catid += 0;
$column = &$pntable['stories_cat_column'];
$check = $dbconn->Execute("SELECT $column[catid]
FROM $pntable[stories_cat]
WHERE $column[title] = '${title}'
AND $column[themeoverride] = '${themeoverride}'");
if (!$check->EOF) {
$what1 = _CATEXISTS;
$what2 = _GOBACK;
} else {
$what1 = _CATSAVED;
$what2 = "[ <a href=\"$currentFile\">"._GOTOADMIN."</a> ]";
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("UPDATE $pntable[stories_cat]
SET $column[title] = '${title}',
$column[themeoverride] = '${themeoverride}'
WHERE $column[catid]='${catid}'");
if ($result === false) {
error_log("stories->SaveEditCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->SaveEditCategory: Error accesing to the database");
}
}
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><font class=\"pn-normal\"><b>$what1</b></font><br><br>";
echo "$what2</center>";
CloseTable();
include ("footer.php");
}
function SaveCategory($title, $themeoverride) {
global $pntable, $dbconn, $catComponent;
csrfcheck();
if (!authorised(0, $catComponent, "::", ACCESS_ADD)) {
include 'header.php';
echo _STORIESADDCATNOAUTH;
include 'footer.php';
return;
}
$title = addslashes($title);
$themeoverride = addslashes($themeoverride);
$column = &$pntable['stories_cat_column'];
$check = $dbconn->Execute("SELECT $column[catid]
FROM $pntable[stories_cat]
WHERE $column[title]='${title}'");
if (!$check->EOF) {
$what1 = _CATEXISTS;
$what2 = _GOBACK;
} else {
$what1 = _CATADDED;
$what2 = _GOTOADMIN;
$column = &$pntable['stories_cat_column'];
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextid = $dbconn->GenId("{$pntable['stories_cat']}_SEQ");
$result = $dbconn->Execute("INSERT INTO $pntable[stories_cat]
($column[catid], $column[title], $column[counter],
$column[themeoverride])
VALUES ($nextid, '${title}', '0', '${themeoverride}')");
if ($result === false) {
error_log("stories->SaveCategory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->SaveCategory: Error accesing to the database");
}
}
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._CATEGORIESADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><font class=\"pn-normal\"><b>$what1</b></font><br><br>";
echo "$what2</center>";
CloseTable();
include ("footer.php");
}
function autodelete($anid, $ok=0) {
global $pntable, $dbconn, $user, $currentFile, $storyComponent, $opPrefix;
$userinfo = getusrinfo($user);
$column = &$pntable['autonews_column'];
$result = $dbconn->Execute("SELECT $column[title], $column[aid], $column[catid]
FROM $pntable[autonews]
WHERE $column[anid]='$anid'");
list($titlean, $authid, $catid) = $result->fields;
$result->Close();
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid]='$catid'");
list($cattitle) = $result->fields;
$result->Close();
if (authorised(0, $storyComponent, "$authid:$cattitle:$anid", ACCESS_DELETE)) {
csrfcheck();
if($ok) {
$result = $dbconn->Execute("DELETE FROM $pntable[autonews]
WHERE {$pntable[autonews_column][anid]}='$anid'");
if ($result === false) {
error_log("stories->autodelete: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->autodelete: Error accesing to the database");
}
$column = &$pntable['users_column'];
$result = $dbconn->Execute("UPDATE $pntable[users]
SET $column[counter] = $column[counter] - 1
WHERE $column[uid]='$aid'");
if ($result === false) {
error_log("stories->autodelete: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->autodelete: Error accesing to the database");
}
pnRedirect($currentFile);
} else {
include("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center>"._REMOVEAUTOSTORY."<b> $anid - $titlean</b>";
echo "<table><tr><td>\n";
echo myTextForm($currentFile, _NO);
echo "</td><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}autoDelete&anid=$anid&ok=1", _YES);
echo "</td></tr></table>\n";
echo "</center>\n";
CloseTable();
include("footer.php");
}
} else {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>"._NOTAUTHORIZED1."</b><br><br>"
.""._GOBACK."";
CloseTable();
include("footer.php");
}
}
function autoEdit($anid) {
global $hlpfile, $tipath, $bgcolor1, $bgcolor2, $pntable, $HTTP_POST_VARS,
$dbconn, $user, $currentFile, $storyComponent, $opPrefix;
global $myts;
$ancolumn = &$pntable['autonews_column'];
$sccolumn = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $ancolumn[title], $sccolumn[title], $sccolumn[catid]
FROM $pntable[autonews], $pntable[stories_cat]
WHERE $ancolumn[anid]='$anid'
AND $ancolumn[catid]=$sccolumn[catid]");
list($title, $cattitle, $authid) = $result->fields;
$result->Close();
if (authorised(0, $storyComponent, "$authid:$cattitle:$anid", ACCESS_EDIT)) {
include ("header.php");
$column = &$pntable['autonews_column'];
$result = $dbconn->Execute("SELECT $column[catid], $column[aid], $column[title],
$column[time], $column[hometext],
$column[bodytext], $column[topic],
$column[informant], $column[notes],
$column[ihome], $column[alanguage],
$column[withcomm]
FROM $pntable[autonews]
WHERE $column[anid]=$anid");
list($catid, $aid, $title, $time, $hometext, $bodytext, $topic, $informant, $notes, $ihome, $alanguage, $comm) = $result->fields;
ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
$today = getdate();
$tday = $today[mday];
if ($tday < 10){
$tday = "0$tday";
}
$tmonth = $today[month];
$tyear = $today[year];
$thour = $today[hours];
if ($thour < 10){
$thour = "0$thour";
}
$tmin = $today[minutes];
if ($tmin < 10){
$tmin = "0$tmin";
}
$tsec = $today[seconds];
if ($tsec < 10){
$tsec = "0$tsec";
}
$date = "$tmonth $tday, $tyear @ $thour:$tmin:$tsec";
echo "<center><font class=\"pn-title\"><b>"._AUTOSTORYEDIT."</b></font></center><br><br>";
$title = stripslashes($title);
$hometext = stripslashes($hometext);
$bodytext = stripslashes($bodytext);
$notes = stripslashes($notes);
$column = &$pntable['topics_column'];
$result=$dbconn->Execute("SELECT $column[topicimage]
FROM $pntable[topics]
WHERE $column[topicid]=$topic");
list($topicimage) = $result->fields;
echo "<table border=\"0\" width=\"75%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\" align=\"center\"><tr><td>"
."<table border=\"0\" width=\"100%\" cellpadding=\"8\" cellspacing=\"1\" bgcolor=\"$bgcolor1\"><tr><td>"
."<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\">";
themepreview($myts->makeTboxData4Show($title), $myts->makeTboxData4Show($hometext), $myts->makeTboxData4Show($bodytext) );
$title = $myts->makeTboxData4Edit($title);
$hometext = $myts->makeTareaData4Edit($hometext);
$bodytext = $myts->makeTareaData4Edit($bodytext);
$notes = $myts->makeTareaData4Edit($notes);
echo "</td></tr></table></td></tr></table>"
."<form action=\"$currentFile\" method=\"post\">";
include('modules/NS-Wiki/typocode.inc.php');
echo "<br><br><b>"._TITLE."</b><br>";
echo "<input type=\"text\" name=\"title\" size=\"50\" value=\"$title\"><br><br>"
."<b>"._TOPIC."</b> <select name=\"topic\">";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics]
ORDER BY $column[topictext]");
echo "<option value=\"\">"._ALLTOPICS."</option>\n";
//FTO : Test EOF and database error
if (!$toplist) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $toplist->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid==$topic) { $sel = "selected "; }
echo "<option $sel value=\"$topicid\">$topics</option>\n";
$sel = "";
$toplist->MoveNext();
}
echo "</select><br><br>";
$cat = $catid;
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
//
$lang = languagelist();
if (!$alanguage)
{
$sel_lang[0] = ' selected';
} else {
$sel_lang[$alanguage] = ' selected';
}
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\" $sel_lang[0]>"._ALL.'</option>' ;
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
//
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"hometext\">$hometext</textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"bodytext\">$bodytext</textarea><br>"
."<font class=\"pn-normal\">"._ARESUREURL."</font><br><br>";
if ($aid != $informant) {
echo "<b>"._NOTES."</b><br>
<textarea wrap=\"virtual\" cols=\"50\" rows=\"4\" name=\"notes\">$notes</textarea><br><br>";
}
echo "<br><b>"._CHNGPROGRAMSTORY."</b><br><br>"
.""._NOWIS.": $date<br><br>";
$xday = 1;
echo ""._DAY.": <select name=\"day\">";
while ($xday <= 31) {
if ($xday == $datetime[3]) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"day\" $sel>$xday</option>";
$xday++;
}
echo "</select>";
$xmonth = 1;
echo ""._UMONTH.": <select name=\"month\">";
while ($xmonth <= 12) {
if ($xmonth == $datetime[2]) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"month\" $sel>$xmonth</option>";
$xmonth++;
}
echo "</select>";
echo ""._YEAR.": <input type=\"text\" name=\"year\" value=\"$datetime[1]\" size=\"5\" maxlength=\"4\">";
echo "<br>"._HOUR.": <select name=\"hour\">";
$xhour = 0;
$cero = "0";
while ($xhour <= 23) {
$dummy = $xhour;
if ($xhour < 10) {
$xhour = "$cero$xhour";
}
if ($xhour == $datetime[4]) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"hour\" $sel>$xhour</option>";
$xhour = $dummy;
$xhour++;
}
echo "</select>";
echo ": <select name=\"min\">";
$xmin = 0;
while ($xmin <= 59) {
if (($xmin == 0) OR ($xmin == 5)) {
$xmin = "0$xmin";
}
if ($xmin == $datetime[5]) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"min\" $sel>$xmin</option>";
$xmin = $xmin + 5;
}
echo "</select>";
echo ": 00<br><br>
<input type=\"hidden\" name=\"anid\" value=\"$anid\">
<input type=\"hidden\" name=\"${opPrefix}op\" value=\"autoSaveEdit\">
<input type=\"submit\" value=\""._SAVECHANGES."\">
</form>";
CloseTable();
include ('footer.php');
} else {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>"._NOTAUTHORIZED1."</b><br><br>"
.""._GOBACK."";
CloseTable();
include("footer.php");
}
}
function autoSaveEdit($anid, $year, $day, $month, $hour, $min, $title, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm, $myts) {
global $aid, $pntable, $dbconn, $currentFile, $storyComponent, $opPrefix;
$column = &$pntable['autonews_column'];
$result = $dbconn->Execute("SELECT $column[aid]
FROM $pntable[autonews]
WHERE $column[anid]='$anid'");
list($authid) = $result->fields;
$result->Close();
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid]='$catid'");
list($cattitle) = $result->fields;
$result->Close();
if (authorised(0, $storyComponent, '$authid:$cattitle:$anid', ACCESS_EDIT)) {
if ($day < 10) {
$day = "0$day";
}
if ($month < 10) {
$month = "0$month";
}
$sec = "00";
$date = "$year-$month-$day $hour:$min:$sec";
$title = $myts->makeTboxData4Save($title);
$hometext = $myts->makeTareaData4Save($hometext);
$bodytext = $myts->makeTareaData4Save($bodytext);
$notes = $myts->makeTareaData4Save($notes);
$column = &$pntable['autonews_column'];
$result = $dbconn->Execute("UPDATE $pntable[autonews]
SET $column[catid]='$catid',
$column[title]='$title', $column[time]='$date',
$column[hometext]='$hometext',
$column[bodytext]='$bodytext',
$column[topic]='$topic', $column[notes]='$notes',
$column[ihome]='$ihome',
$column[alanguage]='$alanguage',
$column[withcomm]='$comm'
WHERE $column[anid]=$anid");
if ($result === false) {
error_log("stories->autoSaveEdit: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->autoSaveEdit: Error accesing to the database");
}
pnRedirect($currentFile.'?op='.${opPrefix}.'adminMain');
} else {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>"._NOTAUTHORIZED1."</b><br><br>"
.""._GOBACK."";
CloseTable();
include("footer.php");
}
}
function displayStory($qid) {
global $user,
$subject,
$story,
$tipath,
$bgcolor1,
$bgcolor2,
$anonymous,
$pntable,
$myts,
$dbconn,
$currentFile,
$opPrefix;
csrfcheck();
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._SUBMISSIONSADMIN."</b></font></center>";
CloseTable();
echo "<br>";
$today = getdate();
$tday = $today[mday];
if ($tday < 10){
$tday = "0$tday";
}
$tmonth = $today[month];
$ttmon = $today[mon];
if ($ttmon < 10){
$ttmon = "0$ttmon";
}
$tyear = $today[year];
$thour = $today[hours];
if ($thour < 10){
$thour = "0$thour";
}
$tmin = $today[minutes];
if ($tmin < 10){
$tmin = "0$tmin";
}
$tsec = $today[seconds];
if ($tsec < 10){
$tsec = "0$tsec";
}
$date = "$tmonth $tday, $tyear @ $thour:$tmin:$tsec"; /* ML get the language from the queue table */
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("SELECT $column[qid], $column[uid], $column[uname],
$column[subject], $column[story], $column[topic],
$column[alanguage], $column[bodytext]
FROM $pntable[queue] WHERE $column[qid]=$qid");
list($qid, $uid, $uname, $subject, $story, $topic, $alanguage, $bodytext) = $result->fields;
$result->Close();
$subject4edit = $myts->makeTboxData4Edit($subject);
$story4edit = $myts->makeTareaData4Edit($story);
$bodytext4edit = $myts->makeTareaData4Edit($bodytext);
$subject4show = $myts->makeTboxData4Show($subject);
$story4show = $myts->makeTareaData4Show($story);
$bodytext4show = $myts->makeTareaData4Show($bodytext);
OpenTable();
echo "<font class=\"pn-title\">"
."<form action=\"$currentFile\" method=\"post\">"
."<b>"._NAME."</b><br>"
."<input type=\"text\" NAME=\"author\" size=\"25\" value=\"$uname\">";
if ($uname != $anonymous) {
$column = &$pntable['users_column'];
$res = $dbconn->Execute("SELECT $column[email]
FROM $pntable[users]
WHERE $column[uname]='$uname'");
list($email) = $res->fields;
echo " <font class=\"pn-normal\">[ <a href=\"mailto:$email\">Email User</a> | <a href=\"modules.php?op=modload&name=Messages&file=replypmsg&send=1&uname=$uname\">Send Private Message</a> ]</font>";
}
echo "<br><br><b>"._TITLE."</b><br>"
."<input type=\"text\" name=\"subject\" size=\"50\" value=\"$subject4edit\"><br><br>";
if($topic=="") {
$topic = 1;
}
$column = &$pntable['topics_column'];
$result = $dbconn->Execute("SELECT $column[topicimage]
FROM $pntable[topics]
WHERE $column[topicid]=$topic");
list($topicimage) = $result->fields;
echo "<table border=\"0\" width=\"70%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\" align=\"center\"><tr><td>"
."<table border=\"0\" width=\"100%\" cellpadding=\"8\" cellspacing=\"1\" bgcolor=\"$bgcolor1\"><tr><td>"
."<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\" alt=\"\">";
themepreview($subject4show, $story4show, $bodytext4show);
echo "</td></tr></table></td></tr></table>"
."<br><b>"._TOPIC."</b> <select name=\"topic\">";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics] ORDER BY $column[topictext]");
echo "<option value=\"\">"._SELECTTOPIC."</option>\n";
//FTO : Test EOF and database error
if (!$toplist) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $toplist->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid==$topic) {
$sel = "selected ";
}
echo "<option $sel value=\"$topicid\">$topics</option>\n";
$sel = "";
$toplist->MoveNext();
}
echo "</select>";
echo "<br><br>";
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
$lang = languagelist();
if (!$alanguage)
{
$sel_lang[0] = ' selected';
} else {
$sel_lang[$alanguage] = ' selected';
}
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\" $sel_lang[0]>"._ALL.'</option>' ;
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"7\" name=\"hometext\">$story4edit</textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"8\" name=\"bodytext\">$bodytext4edit</textarea><BR>"
."<font class=\"pn-normal\">"._AREYOUSURE."</font><br><br>"
."<b>"._NOTES."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"4\" name=\"notes\"></textarea><br>"
."<input type=\"hidden\" NAME=\"qid\" size=\"50\" value=\"$qid\">"
."<input type=\"hidden\" NAME=\"uid\" size=\"50\" value=\"$uid\">"
."<br><b>"._PROGRAMSTORY."</b> "
."<input type=\"radio\" name=\"automated\" value=\"1\">"._YES." "
."<input type=\"radio\" name=\"automated\" value=\"0\" checked>"._NO."<br><br>"
.""._NOWIS.": $date<br><br>";
$day = 1;
echo ""._DAY.": <select name=\"day\">";
while ($day <= 31) {
if ($tday==$day) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"day\" $sel>$day</option>";
$day++;
}
echo "</select>";
$month = 1;
echo ""._UMONTH.": <select name=\"month\">";
while ($month <= 12) {
if ($ttmon==$month) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"month\" $sel>$month</option>";
$month++;
}
echo "</select>";
$date = getdate();
$year = $date[year];
echo ""._YEAR.": <input type=\"text\" name=\"year\" value=\"$year\" size=\"5\" maxlength=\"4\">";
echo "<br>"._HOUR.": <select name=\"hour\">";
$hour = 0;
$cero = "0";
while ($hour <= 23) {
$dummy = $hour;
if ($hour < 10) {
$hour = "$cero$hour";
}
echo "<option name=\"hour\">$hour</option>";
$hour = $dummy;
$hour++;
}
echo "</select>";
echo ": <select name=\"min\">";
$min = 0;
while ($min <= 59) {
if (($min == 0) OR ($min == 5)) {
$min = "0$min";
}
echo "<option name=\"min\">$min</option>";
$min = $min + 5;
}
echo "</select>";
echo ": 00<br><br>"
."<select name=\"${opPrefix}op\">"
."<option value=\"DeleteStory\">"._DELETESTORY."</option>"
."<option value=\"PreviewAgain\" selected>"._PREVIEWSTORY."</option>"
."<option value=\"PostStory\">"._POSTSTORY."</option>"
."</select>"
."<input type=\"submit\" value=\""._OK."\">"
."</form>";
CloseTable();
include ('footer.php');
}
function previewStory($automated, $year, $day, $month, $hour, $min, $qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm) {
global $user, $boxstuff, $tipath, $anonymous, $bgcolor1, $bgcolor2, $pntable, $myts, $dbconn, $currentFile, $opPrefix;
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
$today = getdate();
$tday = $today[mday];
if ($tday < 10){
$tday = "0$tday";
}
$tmonth = $today[month];
$tyear = $today[year];
$thour = $today[hours];
if ($thour < 10){
$thour = "0$thour";
}
$tmin = $today[minutes];
if ($tmin < 10){
$tmin = "0$tmin";
}
$tsec = $today[seconds];
if ($tsec < 10){
$tsec = "0$tsec";
}
$date = "$tmonth $tday, $tyear @ $thour:$tmin:$tsec";
$subject4form = $myts->makeTboxData4PreviewInForm($subject);
$hometext4form = $myts->makeTareaData4PreviewInForm($hometext);
$bodytext4form = $myts->makeTareaData4PreviewInForm($bodytext);
$notes4form = $myts->makeTareaData4PreviewInForm($notes);
$subject4pre = $myts->makeTboxData4Preview($subject);
$hometext4pre = $myts->makeTareaData4Preview($hometext);
$bodytext4pre = $myts->makeTareaData4Preview($bodytext);
$notes4pre = $myts->makeTareaData4Preview($notes);
OpenTable();
echo "<font class=\"pn-title\">"
."<form action=\"$currentFile\" method=\"post\">"
."<b>"._NAME."</b><br>"
."<input type=\"text\" name=\"author\" size=\"25\" value=\"$author\">";
if ($author != $anonymous) {
$column = &$pntable['users_column'];
$res = $dbconn->Execute("SELECT $column[email]
FROM $pntable[users]
WHERE $column[uname]='$author'");
list($email) = $res->fields;
echo " <font class=\"pn-normal\">[ <a href=\"mailto:$email\">Email User</a> | <a href=\"modules.php?op=modload&name=Messages&file=replypmsg&send=1&uname=$author\">Send Private Message</a> ]</font>";
}
echo "<br><br><b>"._TITLE."</b><br>"
// " . htmlspecialchars($subject4form) . "
."<input type=\"text\" name=\"subject\" size=\"50\" value=\"$subject4form\"><br><br>";
$column = &$pntable['topics_column'];
$result = $dbconn->Execute("SELECT $column[topicimage]
FROM $pntable[topics]
WHERE $column[topicid]=$topic");
list($topicimage) = $result->fields;
echo "<table width=\"70%\" bgcolor=\"$bgcolor2\" cellpadding=\"0\" cellspacing=\"1\" border=\"0\"align=\"center\"><tr><td>"
."<table width=\"100%\" bgcolor=\"$bgcolor1\" cellpadding=\"8\" cellspacing=\"1\" border=\"0\"><tr><td>"
."<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\">";
themepreview($subject4pre, $hometext4pre, $bodytext4pre, $notes4pre);
echo "</td></tr></table></td></tr></table>"
."<br><b>"._TOPIC."</b> <select name=\"topic\">";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics] ORDER BY $column[topictext]");
echo "<option value=\"\">"._ALLTOPICS."</option>\n";
//FTO : Test EOF and database error
if (!$selcat) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $selcat->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid==$topic) {
$sel = "selected ";
}
echo "<option $sel value=\"$topicid\">$topics</option>\n";
$sel = "";
$toplist->MoveNext();
}
echo "</select>";
echo "<br><br>";
$cat = $catid;
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
$lang = languagelist();
if (!$alanguage)
{
$sel_lang[0] = ' selected';
} else {
$sel_lang[$alanguage] = ' selected';
}
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\" $sel_lang[0]>"._ALL.'</option>'
;
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"7\" name=\"hometext\">$hometext4form</textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"bodytext\">$bodytext4form</textarea><br>"
."<font class=\"pn-normal\">"._AREYOUSURE."</font><br><br>"
."<b>"._NOTES."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"4\" name=\"notes\">$notes4form</textarea><br><br>"
."<input type=\"hidden\" NAME=\"qid\" size=\"50\" value=\"$qid\">"
."<input type=\"hidden\" NAME=\"uid\" size=\"50\" value=\"$uid\">";
if ($automated == 1) {
$sel1 = "checked";
$sel2 = "";
} else {
$sel1 = "";
$sel2 = "checked";
}
echo "<b>"._PROGRAMSTORY."</b> "
."<input type=\"radio\" name=\"automated\" value=\"1\" $sel1>"._YES." "
."<input type=\"radio\" name=\"automated\" value=\"0\" $sel2>"._NO."<br><br>"
.""._NOWIS.": $date<br><br>";
$xday = 1;
echo ""._DAY.": <select name=\"day\">";
while ($xday <= 31) {
if ($xday == $day) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"day\" $sel>$xday</option>";
$xday++;
}
echo "</select>";
$xmonth = 1;
echo ""._UMONTH.": <select name=\"month\">";
while ($xmonth <= 12) {
if ($xmonth == $month) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"month\" $sel>$xmonth</option>";
$xmonth++;
}
echo "</select>";
echo ""._YEAR.": <input type=\"text\" name=\"year\" value=\"$year\" size=\"5\" maxlength=\"4\">";
echo "<br>"._HOUR.": <select name=\"hour\">";
$xhour = 0;
$cero = "0";
while ($xhour <= 23) {
$dummy = $xhour;
if ($xhour < 10) {
$xhour = "$cero$xhour";
}
if ($xhour == $hour) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"hour\" $sel>$xhour</option>";
$xhour = $dummy;
$xhour++;
}
echo "</select>";
echo ": <select name=\"min\">";
$xmin = 0;
while ($xmin <= 59) {
if (($xmin == 0) OR ($xmin == 5)) {
$xmin = "0$xmin";
}
if ($xmin == $min) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"min\" $sel>$xmin</option>";
$xmin = $xmin + 5;
}
echo "</select>";
echo ": 00<br><br>"
."<select name=\"${opPrefix}op\">"
."<option value=\"DeleteStory\">"._DELETESTORY."</option>"
."<option value=\"PreviewAgain\" selected>"._PREVIEWSTORY."</option>"
."<option value=\"PostStory\">"._POSTSTORY."</option>"
."</select>"
."<input type=\"submit\" value=\""._OK."\">"
."</form>";
CloseTable();
include ('footer.php');
}
function postStory($automated, $year, $day, $month, $hour, $min, $qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm) {
global $pntable, $myts, $dbconn, $user, $currentFile, $storyComponent, $opPrefix;
csrfcheck();
$userinfo = getusrinfo($user);
// Get category from catID - needed for authorisation
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid] = $catid");
if ($result === false) {
error_log("DB ERROR: can not get category" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB ERROR: can not get category");
}
if ($result->PO_RecordCount($pntable['stories_cat'], "$column[catid] = $catid")== 1) {
list($cattitle) = $result->fields;
} else {
$cattitle = "";
}
if (!authorised(0, $storyComponent, ":$cattitle:", ACCESS_ADD)) {
include 'header.php';
echo _STORIESADDNOAUTH;
include 'footer.php';
return;
}
if ($automated == 1) {
if ($day < 10) {
$day = "0$day";
}
if ($month < 10) {
$month = "0$month";
}
$sec = "00";
$date = "$year-$month-$day $hour:$min:$sec";
if ($hometext == $bodytext) $bodytext = "";
$subject = $myts->makeTboxData4Save($subject);
$hometext = $myts->makeTareaData4Save($hometext);
$bodytext = $myts->makeTareaData4Save($bodytext);
$notes = $myts->makeTareaData4Save($notes);
$column = &$pntable['autonews_column'];
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextid = $dbconn->GenId("{$pntable['autonews']}_SEQ");
$result = $dbconn->Execute("INSERT INTO $pntable[autonews]
($column[anid], $column[catid], $column[aid],
$column[title], $column[time], $column[hometext],
$column[bodytext], $column[topic],
$column[informant], $column[notes], $column[ihome],
$column[alanguage], $column[withcomm])
VALUES ($nextid, $catid, $userinfo[uid], '$subject', '$date',
'$hometext', '$bodytext', '$topic', '$author',
'$notes', '$ihome', '$alanguage', '$comm')");
if ($result === false) {
error_log("DB ERROR: can not add story " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB ERROR: can not add story ");
}
if (!empty($userinfo['uid'])) {
$column = &$pntable['users_column'];
$result = $dbconn->Execute("UPDATE $pntable[users]
SET $column[counter]=$column[counter]+1
WHERE $column[uid]=$userinfo[uid]");
if ($result === false) {
error_log("ERROR: addStory can not update users table" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "ERROR: addStory can not update users table");
}
}
$result = $dbconn->Execute("DELETE FROM $pntable[queue]
WHERE {$pntable[queue_column][qid]}=$qid");
if ($result === false) {
error_log("ERROR: addStory can not delete from queue" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "ERROR: addStory can not delete from queue");
}
pnRedirect($currentFile.'?op='.${opPrefix}.'submissions');
} else {
if ($hometext == $bodytext) $bodytext = "";
$subject = $myts->makeTboxData4Save($subject);
$hometext = $myts->makeTareaData4Save($hometext);
$bodytext = $myts->makeTareaData4Save($bodytext);
$notes = $myts->makeTareaData4Save($notes);
$column = &$pntable['stories_column'];
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextid = $dbconn->GenId("{$pntable['stories']}_SEQ");
//FTO Use a php date time to stay compatible with
// all databases.
$now=$dbconn->DBTimeStamp(mktime());
$result = $dbconn->Execute("INSERT INTO $pntable[stories] ($column[sid],
$column[catid], $column[aid], $column[title],
$column[time], $column[hometext], $column[bodytext],
$column[comments], $column[counter], $column[topic],
$column[informant], $column[notes], $column[ihome],
$column[themeoverride], $column[alanguage],
$column[withcomm])
VALUES ($nextid, $catid, $userinfo[uid], '$subject', $now,
'$hometext', '$bodytext', '0', '0', '$topic',
'$author', '$notes', '$ihome', '', '$alanguage',
'$comm')");
if ($result === false) {
error_log("ERROR: add Story, can not add story" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "ERROR: add Story, can not add story");
}
if (!empty($userinfo['uid'])) {
$column = &$pntable['users_column'];
$result = $dbconn->Execute("UPDATE $pntable[users]
SET $column[counter]=$column[counter]+1
WHERE $column[uid]=$userinfo[uid]");
if ($result === false) {
error_log("ERROR: add story can not update users" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "ERROR: add story can not update users");
}
}
deleteStory($qid);
}
}
function editStory($sid) {
global $user, $tipath, $bgcolor1, $bgcolor2, $aid, $pntable, $myts, $dbconn,
$currentFile, $storyComponent, $opPrefix;
$column = &$pntable['stories_column'];
$catcolumn = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[catid], $column[title],
$column[hometext], $column[bodytext],
$column[topic], $column[notes], $column[ihome],
$column[alanguage], $column[withcomm], $column[aid]
FROM $pntable[stories]
WHERE $column[sid]=$sid");
list($catid, $subject, $hometext, $bodytext, $topic, $notes, $ihome, $alanguage, $comm, $authid) = $result->fields;
$result->Close();
$result = $dbconn->Execute("SELECT $catcolumn[title]
FROM $pntable[stories_cat]
WHERE $catcolumn[catid] = $catid");
if ($result->PO_RecordCount($pntable['stories_cat'], "$catcolumn[catid] = $catid")== 1) {
list($cattitle) = $result->fields;
} else {
$cattitle = "";
}
$result->Close();
if (authorised(0, $storyComponent, "$authid:$cattitle:$sid", ACCESS_EDIT)) {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
$subject4edit = $myts->makeTboxData4Edit($subject);
$hometext4edit = $myts->makeTareaData4Edit($hometext);
$bodytext4edit = $myts->makeTareaData4Edit($bodytext);
$notes4edit = $myts->makeTareaData4Edit($notes);
$subject4show = $myts->makeTareaData4Show($subject);
$hometext4show = $myts->makeTareaData4Show($hometext);
$bodytext4show = $myts->makeTareaData4Show($bodytext);
$notes4show = $myts->makeTareaData4Show($notes);
$column = &$pntable['topics_column'];
$result2=$dbconn->Execute("SELECT $column[topicimage]
FROM $pntable[topics]
WHERE $column[topicid]=$topic");
list($topicimage) = $result2->fields;
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._EDITARTICLE."</b></font></center><br>"
."<table width=\"80%\" border=\"0\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\" align=\"center\"><tr><td>"
."<table width=\"100%\" border=\"0\" cellpadding=\"8\" cellspacing=\"1\" bgcolor=\"$bgcolor1\"><tr><td>"
."<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\">";
themepreview($subject4show, $hometext4show, $bodytext4show, $notes4show);
echo "</td></tr></table></td></tr></table><br><br>"
."<form action=\"$currentFile\" method=\"post\">";
include('modules/NS-Wiki/typocode.inc.php');
echo "<b>"._TITLE."</b><br>"
."<input type=\"text\" name=\"subject\" size=\"50\" value=\"$subject4edit\"><br><br>"
."<b>"._TOPIC."</b> <select name=\"topic\">";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics] ORDER BY $column[topictext]");
echo "<option value=\"\">"._ALLTOPICS."</option>\n";
//FTO : Test EOF and database error
if (!$toplist) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $toplist->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid==$topic) { $sel = "selected "; }
echo "<option $sel value=\"$topicid\">$topics</option>\n";
$sel = "";
$toplist->MoveNext();
}
echo "</select>";
echo "<br><br>";
$cat = $catid;
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
$lang = languagelist();
if (!$alanguage)
{
$sel_lang[0] = ' selected';
} else {
$sel_lang[$alanguage] = ' selected';
}
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\" $sel_lang[0]>"._ALL.'</option>' ;
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"7\" name=\"hometext\">$hometext4edit</textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"bodytext\">$bodytext4edit</textarea><br>"
."<font class=\"pn-normal\">"._AREYOUSURE."</font><br><br>"
."<b>"._NOTES."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"4\" name=\"notes\">$notes4edit</textarea><br><br>"
."<input type=\"hidden\" NAME=\"sid\" size=\"50\" value=\"$sid\">"
."<input type=\"hidden\" name=\"${opPrefix}op\" value=\"ChangeStory\">"
."<input type=\"submit\" value=\""._SAVECHANGES."\">"
."</form>";
CloseTable();
include ('footer.php');
} else {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>"._NOTAUTHORIZED1."</b><br><br>"
.""._GOBACK."";
CloseTable();
include("footer.php");
}
}
function removeStory($sid, $ok=0) {
global $pntable, $dbconn, $currentFile, $storyComponent, $opPrefix;
csrfcheck();
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("SELECT $column[aid], $column[catid]
FROM $pntable[stories]
WHERE $column[sid]='$sid'");
list($authid, $catid) = $result->fields;
$result->Close();
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid]='$catid'");
list($cattitle) = $result->fields;
$result->Close();
if (authorised(0, $storyComponent, '$authid:$cattitle:$sid', ACCESS_DELETE)) {
csrfcheck();
if($ok) {
$result = $dbconn->Execute("DELETE FROM $pntable[stories]
WHERE {$pntable[stories_column][sid]}=$sid");
if ($result === false) {
error_log("stories->removeStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->removeStory: Error accesing to the database");
}
$result = $dbconn->Execute("DELETE FROM $pntable[comments]
WHERE {$pntable[comments_column][sid]}=$sid");
if ($result === false) {
error_log("stories->removeStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->removeStory: Error accesing to the database");
}
/* Legacy Code to update the authors counter
$column = &$pntable['users_column'];
$result = $dbconn->Execute("UPDATE $pntable[users]
SET $column[counter]=$column[counter]-1
WHERE $column[uid]=$uid");
if ($result === false) {
error_log("stories->removeStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->removeStory: Error accesing to the database");
}
*/
pnRedirect($currentFile);
} else {
include("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center>"._REMOVESTORY."<b> $sid - $stitle</b> - "._ANDCOMMENTS."";
echo "<table><tr><td>\n";
echo myTextForm($currentFile, _NO);
echo "</td><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}RemoveStory&sid=$sid&ok=1", _YES);
echo "</td></tr></table>\n";
echo "</center>\n";
CloseTable();
include("footer.php");
}
} else {
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><b>"._NOTAUTHORIZED1."</b><br><br>"
.""._GOBACK."";
CloseTable();
include("footer.php");
}
}
function changeStory($sid, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm, $typocode) {
global $user, $pntable, $myts, $dbconn, $currentFile, $storyComponent, $opPrefix;
csrfcheck();
// jgm - need to get instance information here
$column = &$pntable['stories_cat_column'];
$result = $dbconn->Execute("SELECT $column[title]
FROM $pntable[stories_cat]
WHERE $column[catid] = $catid");
if ($result === false) {
error_log("DB ERROR: can not get category" . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB ERROR: can not get category");
}
if ($result->PO_RecordCount($pntable['stories_cat'], "$column[catid] = $catid")== 1) {
list($cattitle) = $result->fields;
} else {
$cattitle = "";
}
$result->Close();
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("SELECT $column[aid]
FROM $pntable[stories]
WHERE $column[sid]='$sid'");
list($authid) = $result->fields;
$result->Close();
if (authorised(0, $storyComponent, "$authid:$cattitle:$sid", ACCESS_EDIT)) {
$subject = $myts->makeTboxData4Save($subject);
$hometext = $myts->makeTareaData4Save($hometext);
$bodytext = $myts->makeTareaData4Save($bodytext);
$notes = $myts->makeTareaData4Save($notes);
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("UPDATE $pntable[stories]
SET $column[catid]='$catid', $column[title]='$subject',
$column[hometext]='$hometext',
$column[bodytext]='$bodytext',
$column[topic]='$topic', $column[notes]='$notes',
$column[ihome]='$ihome',
$column[alanguage]='$alanguage',
$column[withcomm]='$comm'
WHERE $column[sid]=$sid");
if ($result === false) {
error_log("stories->changeStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->changeStory: Error accesing to the database");
}
pnRedirect($currentFile.'?op='.${opPrefix}.'adminMain');
}
}
function adminStory() {
if (file_exists("modules/".'NAME_OF_CALENDAR'."/cal.api"))
{ Header("Location: modules/".NAME_OF_CALENDAR."/stories.php"); }
global $comm, $hlpfile, $pntable, $language, $currentlang, $ihome, $topic, $dbconn, $currentFile, $opPrefix;
$hlpfile = "manual/newarticle.html";
include ('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
echo "<br><center><font size=\"3\"> <b><a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}submissions\">"._NEWSUBMISSIONS."</a> </b></font></center>";
CloseTable();
echo "<br>";
$today = getdate();
$tday = $today['mday'];
if ($tday < 10){
$tday = "0$tday";
}
$tmonth = $today['month'];
$ttmon = $today['mon'];
if ($ttmon < 10){
$ttmon = "0$ttmon";
}
$tyear = $today['year'];
$thour = $today['hours'];
if ($thour < 10){
$thour = "0$thour";
}
$tmin = $today['minutes'];
if ($tmin < 10){
$tmin = "0$tmin";
}
$tsec = $today['seconds'];
if ($tsec < 10){
$tsec = "0$tsec";
}
$date = "$tmonth $tday, $tyear @ $thour:$tmin:$tsec";
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ADDARTICLE."</b></font></center><br><br>"
."<form action=\"$currentFile\" method=\"post\">";
include('modules/NS-Wiki/typocode.inc.php');
echo "<b>"._TITLE."</b><br>"
."<input type=\"text\" name=\"subject\" size=\"50\"><br><br>"
."<b>"._TOPIC."</b>";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics] ORDER BY $column[topictext]");
echo "<select name=\"topic\">";
echo "<option value=\"\">"._SELECTTOPIC."</option>\n";
//FTO : Test EOF and database error
if (!$toplist) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $toplist->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid == $topic) {
$sel="selected";
echo "<option value=\"$topicid\" $sel>$topics</option>\n";
} else {
echo "<option value=\"$topicid\">$topics</option>\n";
}
$sel="";
$toplist->MoveNext();
}
echo "</select><br><br>";
$cat = 0;
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
$lang = languagelist();
$sel_lang[$currentlang] = ' selected';
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\">"._ALL.'</option>'
;
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"hometext\"></textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"bodytext\"></textarea><br>"
."<font class=\"pn-normal\">"._ARESUREURL."</font>"
."<br><br><b>"._PROGRAMSTORY."</b> "
."<input type=radio name=automated value=1>"._YES." "
."<input type=radio name=automated value=0 checked>"._NO."<br><br>"
.""._NOWIS.": $date<br><br>";
$day = 1;
echo ""._DAY.": <select name=\"day\">";
while ($day <= 31) {
if ($tday==$day) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"day\" $sel>$day</option>";
$day++;
}
echo "</select>";
$month = 1;
echo ""._UMONTH.": <select name=\"month\">";
while ($month <= 12) {
if ($ttmon==$month) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"month\" $sel>$month</option>";
$month++;
}
echo "</select>";
$date = getdate();
$year = $date['year'];
echo ""._YEAR.": <input type=\"text\" name=\"year\" value=\"$year\" size=\"5\" maxlength=\"4\">"
."<br>"._HOUR.": <select name=\"hour\">";
$hour = 0;
$cero = "0";
while ($hour <= 23) {
$dummy = $hour;
if ($hour < 10) {
$hour = "$cero$hour";
}
echo "<option name=\"hour\">$hour</option>";
$hour = $dummy;
$hour++;
}
echo "</select>"
.": <select name=\"min\">";
$min = 0;
while ($min <= 59) {
if (($min == 0) OR ($min == 5)) {
$min = "0$min";
}
echo "<option name=\"min\">$min</option>";
$min = $min + 5;
}
echo "</select>";
echo ": 00<br><br>";
// die("NC: ".NAME_OF_CALENDAR);
// modif SB add in calendar
if ( file_exists("modules/".NAME_OF_CALENDAR."/ajStories.php") )
{
global $currentlang;
include("modules/".NAME_OF_CALENDAR."/lang/".$currentlang."/global.php");
include("modules/".NAME_OF_CALENDAR."/ajStories.php") ;
}
// fin modif SB add in calendar
echo "<select name=\"${opPrefix}op\">"
."<option value=\"PreviewAdminStory\" selected>"._PREVIEWSTORY."</option>"
."<option value=\"PostAdminStory\">"._POSTSTORY."</option>"
."</select>"
."<input type=\"submit\" value=\""._OK."\">"
."</form>";
CloseTable();
include ('footer.php');
}
function previewAdminStory($automated, $year, $day, $month, $hour, $min, $subject, $hometext, $bodytext, $topic, $catid, $alanguage, $comm) {
global $user, $tipath, $bgcolor1, $bgcolor2, $pntable, $alanguage, $ihome, $hlpfile, $myts, $dbconn, $currentFile, $opPrefix;
csrfcheck();
include ('header.php');
if ($topic<1) {
$topic = 1;
}
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._ARTICLEADMIN."</b></font></center>";
CloseTable();
echo "<br>";
$today = getdate();
$tday = $today['mday'];
if ($tday < 10){
$tday = "0$tday";
}
$tmonth = $today['month'];
$tyear = $today['year'];
$thour = $today['hours'];
if ($thour < 10){
$thour = "0$thour";
}
$tmin = $today['minutes'];
if ($tmin < 10){
$tmin = "0$tmin";
}
$tsec = $today['seconds'];
if ($tsec < 10){
$tsec = "0$tsec";
}
$date = "$tmonth $tday, $tyear @ $thour:$tmin:$tsec";
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._PREVIEWSTORY."</b></font></center><br><br>"
."<form action=\"$currentFile\" method=\"post\">"
."<input type=\"hidden\" name=\"catid\" value=\"$catid\">";
$subject4form = $myts->makeTboxData4PreviewInForm($subject);
$hometext4form = $myts->makeTareaData4PreviewInForm($hometext);
$bodytext4form = $myts->makeTareaData4PreviewInForm($bodytext);
$subject4pre = $myts->makeTboxData4Preview($subject);
$hometext4pre = $myts->makeTareaData4Preview($hometext);
$bodytext4pre = $myts->makeTareaData4Preview($bodytext);
$column = &$pntable['topics_column'];
$result=$dbconn->Execute("SELECT $column[topicimage]
FROM $pntable[topics]
WHERE $column[topicid]=$topic");
list($topicimage) = $result->fields;
echo "<table border=\"0\" width=\"75%\" cellpadding=\"0\" cellspacing=\"1\" bgcolor=\"$bgcolor2\" align=\"center\"><tr><td>"
."<table border=\"0\" width=\"100%\" cellpadding=\"8\" cellspacing=\"1\" bgcolor=\"$bgcolor1\"><tr><td>"
."<img src=\"$tipath$topicimage\" border=\"0\" align=\"right\" alt=\"\">";
themepreview($subject4pre, $hometext4pre, $bodytext4pre);
echo "</td></tr></table></td></tr></table>"
."<br><br><b>"._TITLE."</b><br>"
."<input type=\"text\" name=\"subject\" size=\"50\" value=\"$subject4form\"><br><br>"
."<b>"._TOPIC."</b><select name=\"topic\">";
$column = &$pntable['topics_column'];
$toplist = $dbconn->Execute("SELECT $column[topicid], $column[topictext]
FROM $pntable[topics] ORDER BY $column[topictext]");
echo "<option value=\"\">"._ALLTOPICS."</option>\n";
//FTO : Test EOF and database error
if (!$toplist) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
while(! $toplist->EOF) {
list($topicid, $topics) = $toplist->fields;
if ($topicid==$topic) {
$sel = "selected ";
}
echo "<option $sel value=\"$topicid\">$topics</option>\n";
$sel = "";
$toplist->MoveNext();
}
echo "</select><br><br>";
$cat = $catid;
SelectCategory($cat);
echo "<br>";
puthome($ihome);
withcomments($comm);
$lang = languagelist();
if (!$alanguage)
{
$sel_lang[0] = ' selected';
} else {
$sel_lang[$alanguage] = ' selected';
}
print '<br><b>'._LANGUAGE.': </b>' /* ML Dropdown with available languages to update */
.'<select name="alanguage" size="1">'
."<option value=\"\" $sel_lang[0]>"._ALL.'</option>';
$handle = opendir('language');
while ($f = readdir($handle))
{
if (is_dir("language/$f") && $lang[$f])
{
$langlist[$f] = $lang[$f];
}
}
asort($langlist);
foreach ($langlist as $k=>$v)
{
print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
}
print '</select>';
echo "<br><br><b>"._STORYTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"hometext\">$hometext4form</textarea><br><br>"
."<b>"._EXTENDEDTEXT."</b><br>"
."<textarea wrap=\"virtual\" cols=\"50\" rows=\"12\" name=\"bodytext\">$bodytext4form</textarea><br><br>";
if ($automated == 1) {
$sel1 = "checked";
$sel2 = "";
} else {
$sel1 = "";
$sel2 = "checked";
}
echo "<br><b>"._PROGRAMSTORY."</b> "
."<input type=\"radio\" name=\"automated\" value=\"1\" $sel1>"._YES." "
."<input type=\"radio\" name=\"automated\" value=\"0\" $sel2>"._NO."<br><br>"
.""._NOWIS.": $date<br><br>";
$xday = 1;
echo ""._DAY.": <select name=\"day\">";
while ($xday <= 31) {
if ($xday == $day) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"day\" $sel>$xday</option>";
$xday++;
}
echo "</select>";
$xmonth = 1;
echo ""._UMONTH.": <select name=\"month\">";
while ($xmonth <= 12) {
if ($xmonth == $month) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"month\" $sel>$xmonth</option>";
$xmonth++;
}
echo "</select>";
echo ""._YEAR.": <input type=\"text\" name=\"year\" value=\"$year\" size=\"5\" maxlength=\"4\">";
echo "<br>"._HOUR.": <select name=\"hour\">";
$xhour = 0;
$cero = "0";
while ($xhour <= 23) {
$dummy = $xhour;
if ($xhour < 10) {
$xhour = "$cero$xhour";
}
if ($xhour == $hour) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"hour\" $sel>$xhour</option>";
$xhour = $dummy;
$xhour++;
}
echo "</select>";
echo ": <select name=\"min\">";
$xmin = 0;
while ($xmin <= 59) {
if (($xmin == 0) OR ($xmin == 5)) {
$xmin = "0$xmin";
}
if ($xmin == $min) {
$sel = "selected";
} else {
$sel = "";
}
echo "<option name=\"min\" $sel>$xmin</option>";
$xmin = $xmin + 5;
}
echo "</select>";
echo ": 00<br><br>";
// modif SB add in calendar
if (file_exists("modules/".NAME_OF_CALENDAR."/ajStories.php") )
{
global $currentlang;
include("modules/".NAME_OF_CALENDAR."/lang/".$currentlang."/global.php");
include("modules/".NAME_OF_CALENDAR."/ajStories.php") ;
}
// fin modif SB add in calendar
echo "<select name=\"${opPrefix}op\">"
."<option value=\"PreviewAdminStory\" selected>"._PREVIEWSTORY."</option>"
."<option value=\"PostAdminStory\">"._POSTSTORY."</option>"
."</select>"
."<input type=\"submit\" value=\""._OK."\">"
."</form>";
CloseTable();
include ('footer.php');
}
function postAdminStory($automated, $year, $day, $month, $hour, $min, $subject, $introstory, $fullstory, $topic, $catid, $ihome, $alanguage, $comm) {
global $user, $pntable, $myts, $dbconn, $pnconfig, $currentFile, $opPrefix;
$userinfo = getusrinfo($user);
if ($automated == 1) {
if ($day < 10) {
$day = "0$day";
}
if ($month < 10) {
$month = "0$month";
}
$sec = "00";
$date = "$year-$month-$day $hour:$min:$sec";
$notes = "";
$subject = $myts->makeTboxData4Save($subject);
$introstory = $myts->makeTareaData4Save($introstory);
$fullstory = $myts->makeTareaData4Save($fullstory);
$column = &$pntable['autonews_column'];
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextid = $dbconn->GenId("{$pntable['autonews']}_SEQ");
$result = $dbconn->Execute("INSERT INTO $pntable[autonews] ($column[anid],
$column[catid], $column[aid], $column[title],
$column[time], $column[hometext],
$column[bodytext], $column[topic],
$column[informant], $column[notes],
$column[ihome], $column[alanguage],
$column[withcomm])
VALUES ( $nextid, $catid, $userinfo[uid], '$subject', '$date',
'$introstory', '$fullstory', '$topic', '$userinfo[name]',
'$notes', '$ihome', '$alanguage', '$comm')");
if ($result === false) {
error_log("stories->postAdminStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->postAdminStory: Error accesing to the database");
}
/* Legacy code to update the author counter.
$column = &$pntable['stories_column'];
$result = $dbconn->Execute("UPDATE $pntable[stories]
SET $column[counter]=$column[counter]+1
WHERE $column[uid]=$aid");
if ($result === false) {
error_log("stories->postAdminStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->postAdminStory: Error accesing to the database");
}
*/
pnRedirect($currentFile.'?op='.${opPrefix}.'adminMain');
} else {
$subject = $myts->makeTboxData4Save($subject);
$introstory = $myts->makeTareaData4Save($introstory);
$fullstory = $myts->makeTareaData4Save($fullstory);
$column = &$pntable['stories_column'];
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
$nextid = $dbconn->GenId("{$pntable['stories']}_SEQ");
//FTO Use a php date time to stay compatible with
// all databases.
$now=$dbconn->DBTimeStamp(mktime());
$result = $dbconn->Execute("INSERT INTO $pntable[stories]
($column[sid], $column[catid], $column[aid],
$column[title], $column[time], $column[hometext],
$column[bodytext], $column[comments],
$column[counter], $column[topic], $column[informant],
$column[notes], $column[ihome], $column[themeoverride],
$column[alanguage], $column[withcomm])
VALUES ($nextid, $catid, $userinfo[uid], '$subject', $now,
'$introstory', '$fullstory', '0', '0', '$topic',
'$userinfo[name]', '$notes', '$ihome', '', '$alanguage',
'$comm')");
if ($result === false) {
error_log("stories->postAdminStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->postAdminStory: Error accesing to the database");
}
/* Legacy Code to update the authors counter
$column = &$pntable['stories_column'];
$sql = "UPDATE $pntable[stories]
SET $column[counter]=$column[counter]+1
WHERE $column[uid]=$aid";
die($sql);
$result = $dbconn->Execute($sql);
if ($result === false) {
error_log("stories->postAdminStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->postAdminStory: Error accesing to the database");
}
*/
// modif SB in calendar
if ($GLOBALS["lincalendar"]) {
if ($GLOBALS["day"] < 10) {
$GLOBAL["day"] = "0".$GLOBALS['day'];
}
if ($GLOBALS["month"] < 10) {
$GLOBAL["month"] = "0".$GLOBALS['month'];
}
$sec = "00";
$min = "00";
$hour = "00";
$cLocation = "modules.php?op=modload&name=".NAME_OF_CALENDAR."&file=cal_ajoute&day=".$GLOBALS['add_day']."&month=".$GLOBALS['add_month']."&year=".$GLOBALS['add_year']."&event_title=".$GLOBALS['subject']."&event_text=".$introstory;
} else {
$cLocation = "$currentFile?op=${opPrefix}adminMain";
}
pnRedirect($cLocation);
// fin modif SB in calendar
}
}
function submissions() {
global $hlpfile, $admin, $bgcolor1, $bgcolor2, $pntable, $dbconn, $currentFile, $opPrefix;
$dummy = 0;
include ("header.php");
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\"><b>"._SUBMISSIONSADMIN."</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
$lang = languagelist();
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("SELECT $column[qid], $column[subject], $column[timestamp],
$column[alanguage]
FROM $pntable[queue]
WHERE $column[arcd]='0' ORDER BY $column[timestamp]");
//FTO : Test EOF and database error
if (!$result) {
PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
die();
}
if($result->EOF) {
echo "<table width=\"100%\"><tr><td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NOSUBMISSIONS."</b> [ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}ListArchive\">"._ARCHIVESUBS."</a> ]</td></tr></table>\n";
} else {
echo "<center><font class=\"pn-normal\"><b>"._NEWSUBMISSIONS."</b></font> [ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}ListArchive\">"._ARCHIVESUBS."</a> ]<table width=\"100%\" border=\"1\" bgcolor=\"$bgcolor2\">\n";
//FTO : Test EOF and database error
while(! $result->EOF) {
list($qid, $subject, $timestamp, $alanguage) = $result->fields;
echo "<tr>\n";
echo "<td align=\"center\">";
echo "<table><tr><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}DeleteStory&qid=$qid", _DELETE);
echo "</td><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}ArchiveStory&qid=$qid", _ARCHIVE);
echo "</td></tr></table>\n";
echo "<td width=\"100%\"><font class=\"pn-title\">\n";
if ($subject == "") {
echo " <a href=\"$currentFile?op=${opPrefix}DisplayStory&qid=$qid\">"._NOSUBJECT."</a></font>\n";
} else {
echo " <a href=\"$currentFile?op=${opPrefix}DisplayStory&qid=$qid\">$subject</a></font>\n";
}
echo "</td><td align=\"center\"><font class=\"pn-normal\">$lang[$alanguage]</font>\n"; /* ML added column to display the language */
$timestamp = ereg_replace(" ", "@", $timestamp);
echo "</td><td align=\"right\" nowrap><font class=\"pn-normal\"> $timestamp </font></td></tr>\n";
$dummy++;
$result->MoveNext();
}
if ($dummy < 1) {
echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._NOSUBMISSIONS."</b></form></td></tr></table>\n";
} else {
echo "</table></form>\n";
}
}
CloseTable();
include ("footer.php");
}
function ArchiveStory($qid) {
global $admin, $pntable, $dbconn, $currentFile, $opPrefix;
csrfcheck();
include('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\">"._ARCHIVE." "._FSTORY."</center></font>";
CloseTable();
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("SELECT $column[subject]
FROM $pntable[queue]
WHERE $column[qid]=$qid");
if ($result === false) {
error_log("stories->ArchiveStory: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->ArchiveStory: Error accesing to the database");
}
//FTO : Test EOF and database error
while(! $result->EOF) {
list($subject) = $result->fields;
echo "<p><font class=\"pn-normal\">"._ARCHIVECHOSE."</p>"
."<center>$subject</center></font>";
$result->MoveNext();
}
echo "<form action=\"$currentFile\" method=\"post\">"
."<p><font class=\"pn-normal\">"._LOOKSRIGHT."<p></font>"
."<input type=\"submit\" value=\""._YES."\">"
." "._GOBACK.""
."<input type=\"hidden\" name=\"qid\" value=\"$qid\">"
."<input type=\"hidden\" name=\"${opPrefix}op\" value=\"Archive\">"
."</form>";
include('footer.php');
}
function Archive($qid) {
global $admin, $pntable, $dbconn, $currentFile, $opPrefix;
csrfcheck();
include('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\">"._ARCHIVING."</center></font>";
CloseTable();
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("UPDATE $pntable[queue]
SET $column[arcd]='1'
WHERE $column[qid]=$qid");
if ($result === false) {
error_log("stories->Archive: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->Archive: Error accesing to the database");
}
echo "<p><font class=\"pn-normal\">"._ARCHIVESUCCESS."</p></font>";
echo "[ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}submissions\">"._SUBMISSIONS."</a> ]";
include('footer.php');
}
function ListArchive() {
global $admin,$pntable, $dbconn, $currentFile, $opPrefix;
include('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\">"._ARCHIVESUBS."</center></font>";
CloseTable();
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("SELECT $column[qid], $column[subject],
$column[timestamp], $column[alanguage]
FROM $pntable[queue]
WHERE $column[arcd]='1' ORDER BY $column[timestamp]");
if ($result === false) {
error_log("stories->ListArchive: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->ListArchive: Error accesing to the database");
}
//FTO : Test EOF and database error
while(! $result->EOF) {
list($qid,$subject,$timestamp,$alanguage) = $result->fields;
// echo "<p><font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}DisplayStory&qid=$qid\">$subject</a> ][ $alanguage ][ $timestamp ] -- [ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}DeleteStory&qid=$qid\">"._DELETE."</a>/<a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}Unarchive&qid=$qid\">"._UNARCHIVE."</a> ]</p></font>";
echo "<table><tr><td valign=\"top\">\n";
echo "<p><font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}DisplayStory&qid=$qid\">$subject</a> ][ $alanguage ][ $timestamp ] -- </p></font>";
echo "</td><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}DeleteStory&qid=$qid", _DELETE);
echo "</td><td>\n";
echo myTextForm("$currentFile?op=${opPrefix}Unarchive&qid=$qid", _UNARCHIVE);
echo "</td></tr></table>\n";
$result->MoveNext();
}
include('footer.php');
}
function Unarchive($qid) {
global $admin, $pntable, $dbconn, $currentFile, $opPrefix;
csrfcheck();
include('header.php');
GraphicAdmin($hlpfile);
OpenTable();
echo "<center><font class=\"pn-title\">"._ARCHIVESUBS."</center></font>";
CloseTable();
$column = &$pntable['queue_column'];
$result = $dbconn->Execute("UPDATE $pntable[queue]
SET $column[arcd]='0'
WHERE $column[qid]=$qid");
if ($result === false) {
error_log("stories->Unarchive: " . $dbconn->ErrorMsg());
PN_DBMsgError($dbconn, __FILE__, __LINE__, "stories->Unarchive: Error accesing to the database");
}
echo "<p><font class=\"pn-normal\">"._UNARCHIVESUCCESS."</p></font>";
echo "<a class=\"pn-normal\" href=\"$currentFile?op=${opPrefix}submissions\">"._SUBMISSIONS."</a>";
include('footer.php');
}
if (!authorised(0, $storyComponent, '::', ACCESS_EDIT)) {
include 'header.php';
echo _STORIESADDNOAUTH;
include 'footer.php';
} else {
switch($op) {
case $opPrefix."EditCategory":
EditCategory($catid);
break;
case $opPrefix."DelCategory":
DelCategory($cat);
break;
case $opPrefix."YesDelCategory":
YesDelCategory($catid);
break;
case $opPrefix."NoMoveCategory":
NoMoveCategory($catid, $newcat);
break;
case $opPrefix."SaveEditCategory":
SaveEditCategory($catid, $title, $themeoverride);
break;
case $opPrefix."SelectCategory":
SelectCategory($cat);
break;
case $opPrefix."AddCategory":
AddCategory();
break;
case $opPrefix."SaveCategory":
SaveCategory($title, $themeoverride);
break;
case $opPrefix."DisplayStory":
displayStory($qid);
break;
case $opPrefix."PreviewAgain":
previewStory($automated, $year, $day, $month, $hour, $min, $qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm);
break;
case $opPrefix."PostStory":
postStory($automated, $year, $day, $month, $hour, $min, $qid, $uid, $author, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm);
break;
case $opPrefix."EditStory":
editStory($sid);
break;
case $opPrefix."RemoveStory":
removeStory($sid, $ok);
break;
case $opPrefix."ChangeStory":
changeStory($sid, $subject, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm, $typocode);
break;
case $opPrefix."ArchiveStory":
ArchiveStory($qid);
break;
case $opPrefix."Archive":
Archive($qid);
break;
case $opPrefix."ListArchive":
ListArchive();
break;
case $opPrefix."Unarchive":
Unarchive($qid);
break;
case $opPrefix."DeleteStory":
deleteStory($qid);
break;
case $opPrefix."adminStory":
adminStory();
break;
case $opPrefix."PreviewAdminStory":
previewAdminStory($automated, $year, $day, $month, $hour, $min, $subject, $hometext, $bodytext, $topic, $catid, $ihome, $alanguage, $comm);
break;
case $opPrefix."PostAdminStory":
postAdminStory($automated, $year, $day, $month, $hour, $min, $subject, $hometext, $bodytext, $topic, $catid, $ihome, $alanguage, $comm);
break;
case $opPrefix."autoDelete":
autodelete($anid, $ok);
break;
case $opPrefix."autoEdit":
autoEdit($anid);
break;
case $opPrefix."autoSaveEdit":
autoSaveEdit($anid, $year, $day, $month, $hour, $min, $title, $hometext, $bodytext, $topic, $notes, $catid, $ihome, $alanguage, $comm, $myts);
break;
case $opPrefix."submissions":
submissions();
break;
}
}
?>