Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Admin_Messages/admin/modules/messages.php
<?php
// File: $Id: messages.php,v 1.21 2001/12/04 13:07:45 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: 
// Purpose of file: 
// ----------------------------------------------------------------------

if (!eregi("admin.php", $PHP_SELF)) { die ("Access Denied"); }
$myts = new MyTextSanitizer; // MyTextSanitizer object

$hlpfile = "manual/message.html";

modules_get_language();

/*********************************************************/
/* Messages Functions                                    */
/*********************************************************/

function MsgDeactive($mid) {
    global $pntable, $dbconn;

    $column = &$pntable['message_column'];

    $result = $dbconn->Execute("SELECT $column[title]
                              FROM $pntable[message]
                              WHERE $column[mid] = $mid");
    if($dbconn->ErrorNo()<>0) {
        error_log("Error: " . $dbconn->ErrorMsg());
    }
    list($title) = $result->fields;
    if (!authorised(0, 'Messages::', "$title::$mid", ACCESS_EDIT)) {
        include 'header.php';
        echo _MESSAGESDEACTIVATENOAUTH;
        include 'footer.php';
        return;
    }

    $result = $dbconn->Execute("UPDATE $pntable[message] 
                              SET $column[active]=0 
                              WHERE $column[mid]=$mid");
    if($dbconn->ErrorNo()<>0) {
        error_log("Error: " . $dbconn->ErrorMsg());
    }
    pnRedirect('admin.php?op=messages');
}

function messages() {
    global $hlpfile, $admin, $currentlang, $bgcolor1, $bgcolor2, $pntable, $dbconn, $myts;
    include ("header.php");
    $hlpfile = "manual/messages.html";
    $lang = languagelist();
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._MESSAGESADMIN."</b></font></center>";
    CloseTable();
    echo "<br>";
    $column = &$pntable['message_column'];
    $result = $dbconn->Execute("SELECT $column[title], $column[content], $column[date], 
                                $column[expire], $column[active], $column[view] 
                              FROM $pntable[message]");
    // FTO Check EOF and database error
    if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();
    }
    list($title, $content, $mdate, $expire, $active, $view) = $result->fields;
    $title = $myts->makeTareaData4Show($title);

    // Current messages
    if (authorised(0, 'Messages::', '::', ACCESS_EDIT)) {
        OpenTable();
        echo "<center><font class=\"pn-title\"><b>"._ALLMESSAGES."</b></font><br><br><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._ID."</b></td>"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\"><b>"._TITLE."</b></td>"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;<b>"._LANGUAGE."</b>&nbsp;</td>"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;<b>"._VIEW."</b>&nbsp;</td>"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;<b>"._ACTIVE."</b>&nbsp;</td>"
            ."<td bgcolor=\"$bgcolor2\" align=\"center\">&nbsp;<b>"._FUNCTIONS."</b>&nbsp;</td></tr>";
        $column = &$pntable['message_column'];
        $result = $dbconn->Execute("SELECT $column[mid], $column[title], $column[content], 
                                    $column[date], $column[expire], $column[active], 
                                    $column[view], $column[mlanguage] 
                                  FROM $pntable[message] ");
// FTO Check EOF and database error
        if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();
            }
        while(!$result->EOF) {

            list($mid, $title, $content, $mdate, $expire, $active, $view, $mlanguage) = $result->fields;

            $result->MoveNext();

            $title = $myts->makeTareaData4Show($title);

            if (!authorised(0, 'Message::', "$title::$mid", ACCESS_EDIT)) {
                contnue;
            }
            if ($active == 1) {
                $mactive = ""._YES."";
            } elseif ($active == 0) {
                $mactive = ""._NO."";
            }
            switch ($view) {
                case "1":
                    $mview = ""._MVALL."";
                    break;
                case "2":
                    $mview = ""._MVUSERS."";
                    break;
                case "3":
                    $mview = ""._MVANON."";
                    break;
                case "3":
                    $mview = ""._MVADMIN."";
                    break;
            }
            if ($mlanguage == "") {
                $mlanguage = ""._ALL."";
//FTO Remove warning
                $lang[$mlanguage]="";
            }
            echo "<tr><td align=\"right\"><b>$mid</b>"
                ."</td><td align=\"left\" width=\"100%\"><b>$title</b>"
                ."</td><td align=\"center\">$lang[$mlanguage]"
                ."</td><td align=\"center\" nowrap>$mview"
                ."</td><td align=\"center\">$mactive"
                ."</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=editmsg&mid=$mid\">"._EDIT."</a>";
            if (authorised(0, 'Messages::', "$title::$mid", ACCESS_DELETE)) {
                echo "-<a href=\"admin.php?op=deletemsg&mid=$mid\">"._DELETE."</a>)";
            } else {
                echo ")";
            }
            echo "</td></tr>";
        }
        echo "</table></center><br>";
    }
    CloseTable();
    echo "<br>";

    // New message
    if (authorised(0, 'Messages::', '::', ACCESS_ADD)) {
        OpenTable();
        echo "<center><font class=\"pn-title\"><b>"._ADDMSG."</b></font></center><br>";
        echo "<form action=\"admin.php\" method=\"post\">";

        include('modules/NS-Wiki/typocode.inc.php');

        echo "<b>"._MESSAGETITLE.":</b><br>"
            ."<input type=\"text\" name=\"add_title\" value=\"\" size=\"50\" maxlength=\"100\"><br><br>"
            ."<b>"._MESSAGECONTENT.":</b><br>"
            ."<textarea name=\"add_content\" rows=\"15\" wrap=\"virtual\" cols=\"50\"></textarea><br><br>"
            .'<b>'._LANGUAGE.': </b>'
            .'<select name="add_mlanguage" size="1">'
            .'<option value="">'._ALL.'</option>';

        $sel_lang[$currentlang] = ' selected';
        $handle = opendir('language');
        while ($f = readdir($handle)) {
            if (is_dir("language/$f") && $lang[$f]) {
                $langlist[$f] = $lang[$f];
            }
        }
        asort($langlist);
        foreach ($langlist as $k=>$v) {
            print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
        }
        print '</select><br><br>';
        $now = time();
        print '<b>'._EXPIRATION.':</b> <select name="add_expire">'
            ."<option value=\"86400\" >1 "._DAY."</option>"
            ."<option value=\"172800\" >2 "._DAYS."</option>"
            ."<option value=\"432000\" >5 "._DAYS."</option>"
            ."<option value=\"1296000\" >15 "._DAYS."</option>"
            ."<option value=\"2592000\" >30 "._DAYS."</option>"
            ."<option value=\"0\" >"._UNLIMITED."</option>"
            ."</select><br><br>"
            ."<b>"._ACTIVE."?</b> <input type=\"radio\" name=\"add_active\" value=\"1\" checked>"._YES." "
            ."<input type=\"radio\" name=\"add_active\" value=\"0\" >"._NO."";
        echo "<br><br><b>"._VIEWPRIV."</b> <select name=\"add_view\">"
            ."<option value=\"1\" >"._MVALL."</option>"
            ."<option value=\"2\" >"._MVUSERS."</option>"
            ."<option value=\"3\" >"._MVANON."</option>"
            ."<option value=\"4\" >"._MVADMIN."</option>"
            ."</select><br><br>"
            ."<input type=\"hidden\" name=\"op\" value=\"addmsg\">"
            ."<input type=\"hidden\" name=\"add_mdate\" value=\"$now\">"
            ."<input type=\"submit\" value=\""._ADDMSG."\">"
            ."</form>";
        CloseTable();
    }
    include ("footer.php");
}

function editmsg($mid) {
    global $hlpfile, $admin, $pntable, $myts, $dbconn;

    csrfcheck();

    include ("header.php");
    $hlpfile = "manual/messages.html";
    GraphicAdmin($hlpfile);
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._MESSAGESADMIN."</b></font></center>";
    CloseTable();
    echo "<br>";
    $column = &$pntable['message_column'];
    $result = $dbconn->Execute("SELECT $column[title], $column[content], $column[date],
                                $column[expire], $column[active], $column[view], 
                                $column[mlanguage] 
                              FROM $pntable[message] WHERE $column[mid]=$mid");
// FTO Check EOF and database error
    if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();
    }
    list($title, $content, $mdate, $expire, $active, $view, $mlanguage) = $result->fields;

    if (!authorised(0, 'Messages::', "$title::$mid", ACCESS_EDIT)) {
        echo _MESSAGESEDITNOAUTH;
        include 'footer.php';
        return;
    }
    OpenTable();
    echo "<center><font class=\"pn-title\"><b>"._EDITMSG."</b></font></center>";
    if ($active == 1) {
        $asel1 = "checked";
        $asel2 = "";
    } elseif ($active == 0) {
        $asel1 = "";
        $asel2 = "checked";
    }
    if ($view == 1) {
        $sel1 = "selected";
        $sel2 = "";
        $sel3 = "";
        $sel4 = "";
    } elseif ($view == 2) {
        $sel1 = "";
        $sel2 = "selected";
        $sel3 = "";
        $sel4 = "";
    } elseif ($view == 3) {
        $sel1 = "";
        $sel2 = "";
        $sel3 = "selected";
        $sel4 = "";
    } elseif ($view == 4) {
        $sel1 = "";
        $sel2 = "";
        $sel3 = "";
        $sel4 = "selected";
    }
    if ($expire == 86400) {
        $esel1 = "selected";
        $esel2 = "";
        $esel3 = "";
        $esel4 = "";
        $esel5 = "";
        $esel6 = "";
    } elseif ($expire == 172800) {
        $esel1 = "";
        $esel2 = "selected";
        $esel3 = "";
        $esel4 = "";
        $esel5 = "";
        $esel6 = "";
    } elseif ($expire == 432000) {
        $esel1 = "";
        $esel2 = "";
        $esel3 = "selected";
        $esel4 = "";
        $esel5 = "";
        $esel6 = "";
    } elseif ($expire == 1296000) {
        $esel1 = "";
        $esel2 = "";
        $esel3 = "";
        $esel4 = "selected";
        $esel5 = "";
        $esel6 = "";
    } elseif ($expire == 2592000) {
        $esel1 = "";
        $esel2 = "";
        $esel3 = "";
        $esel4 = "";
        $esel5 = "selected";
        $esel6 = "";
    } elseif ($expire == 0) {
        $esel1 = "";
        $esel2 = "";
        $esel3 = "";
        $esel4 = "";
        $esel5 = "";
        $esel6 = "selected";
    }
    $title  = $myts->makeTboxData4Edit($title);
    $content = $myts->makeTareaData4Edit($content);

    echo "<form action=\"admin.php\" method=\"post\">";

	include('modules/NS-Wiki/typocode.inc.php');

    echo "<b>"._MESSAGETITLE.":</b><br>"
    ."<input type=\"text\" name=\"title\" value=\"$title\" size=\"50\" maxlength=\"100\"><br><br>"
    ."<b>"._MESSAGECONTENT.":</b><br>"
    ."<textarea name=\"content\" rows=\"15\" wrap=\"virtual\" cols=\"50\">$content</textarea><br><br>"
    .'<b>'._LANGUAGE.': </b>'
    .'<select name="mlanguage" size="1">'
    .'<option value="">'._ALL.'</option>'
    ;
    $lang = languagelist();
    $sel_lang[$mlanguage] = ' selected';
    $handle = opendir('language');
    while ($f = readdir($handle))
    {
        if (is_dir("language/$f") && $lang[$f])
        {
            $langlist[$f] = $lang[$f];
        }
    }
    asort($langlist);
    foreach ($langlist as $k=>$v)
    {
        print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
    }
    print '</select><br><br>'
    ."<b>"._EXPIRATION.":</b> <select name=\"expire\">"
    ."<option name=\"expire\" value=\"86400\" $esel1>1 "._DAY."</option>"
    ."<option name=\"expire\" value=\"172800\" $esel2>2 "._DAYS."</option>"
    ."<option name=\"expire\" value=\"432000\" $esel3>5 "._DAYS."</option>"
    ."<option name=\"expire\" value=\"1296000\" $esel4>15 "._DAYS."</option>"
    ."<option name=\"expire\" value=\"2592000\" $esel5>30 "._DAYS."</option>"
    ."<option name=\"expire\" value=\"0\" $esel6>"._UNLIMITED."</option>"
    ."</select><br><br>"
    ."<b>"._ACTIVE."?</b> <input type=\"radio\" name=\"active\" value=\"1\" $asel1>"._YES." "
    ."<input type=\"radio\" name=\"active\" value=\"0\" $asel2>"._NO."";
    if ($active == 1) {
        echo "<br><br><b>"._CHANGEDATE."</b>"
            ."<input type=\"radio\" name=\"chng_date\" value=\"1\">"._YES." "
            ."<input type=\"radio\" name=\"chng_date\" value=\"0\" checked>"._NO."<br><br>";
    } elseif ($active == 0) {
        echo "<br><font class=\"pn-sub\">"._IFYOUACTIVE."</font><br><br>"
            ."<input type=\"hidden\" name=\"chng_date\" value=\"1\">";
    }
    echo "<b>"._VIEWPRIV."</b> <select name=\"view\">"
        ."<option name=\"view\" value=\"1\" $sel1>"._MVALL."</option>"
        ."<option name=\"view\" value=\"2\" $sel2>"._MVUSERS."</option>"
        ."<option name=\"view\" value=\"3\" $sel3>"._MVANON."</option>"
        ."<option name=\"view\" value=\"4\" $sel4>"._MVADMIN."</option>"
        ."</select><br><br>"
        ."<input type=\"hidden\" name=\"mdate\" value=\"$mdate\">"
        ."<input type=\"hidden\" name=\"mid\" value=\"$mid\">"
        ."<input type=\"hidden\" name=\"op\" value=\"savemsg\">"
        ."<input type=\"submit\" value=\""._SAVECHANGES."\">"
        ."</form>";
    CloseTable();
    include ("footer.php");
}

function savemsg($mid, $title, $content, $mdate, $expire, $active, $view, $chng_date, $mlanguage,$typocode) {
    global $pntable, $dbconn, $myts;

    csrfcheck();

    if (!authorised(0, 'Messages::', "$title::$mid", ACCESS_EDIT)) {
        include 'header.php';
        echo _MESSAGESEDITNOAUTH;
        include 'footer.php';
        return;
    }
    
    $title = $myts->makeTboxData4Save($title);
    $content = $myts->makeTareaData4Save($content);

    if (!(empty($title)))
            $title = $typocode.$title;
    if (!(empty($content)))
            $content = $typocode.$content;
    
    if ($chng_date == 1) {
        $newdate = time();
    } elseif ($chng_date == 0) {
        $newdate = $mdate;
    }
    $column = &$pntable['message_column'];
    $result = $dbconn->Execute("UPDATE $pntable[message] 
                              SET $column[title]='$title', 
                                $column[content]='$content', $column[date]='$newdate',
                                $column[expire]=$expire, $column[active]=$active,
                                $column[view]=$view, $column[mlanguage]='$mlanguage'
                              WHERE $column[mid]=$mid");
    if($dbconn->ErrorNo()<>0) {
        error_log("Error: " . $dbconn->ErrorMsg());
    }
    pnRedirect('admin.php?op=messages');
}

function addmsg($add_title, $add_content, $add_mdate, $add_expire, $add_active, $add_view, $add_mlanguage) {
    global $pntable, $myts, $dbconn;

    csrfcheck();

    if (!authorised(0, 'Messages::', "$add_title::", ACCESS_ADD)) {
        include 'header.php';
        echo _MESSAGESADDNOAUTH;
        include 'footer.php';
        return;
    }
    
    $add_title = $myts->makeTboxData4Save($add_title);
    $add_content = $myts->makeTareaData4Save($add_content);

    $column = &$pntable['message_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $nextid = $dbconn->GenId("{$pntable['message']}_SEQ");
    
    $result = $dbconn->Execute("INSERT INTO $pntable[message] ($column[mid], 
                                $column[title], $column[content], $column[date], 
                                $column[expire], $column[active], $column[view], 
                                $column[mlanguage]) 
                              VALUES ($nextid, '$add_title', '$add_content', 
                                '$add_mdate', $add_expire, $add_active, 
                                $add_view, '$add_mlanguage')");
/*
    if($dbconn->ErrorNo()<>0) {
        error_log("Error: " . $dbconn->ErrorMsg());
        echo $dbconn->ErrorNo(). ": ".$dbconn->ErrorMsg(). "<br>";
        exit();
*/

// FTO Check EOF and database error
    if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();

    }

    pnRedirect('admin.php?op=messages');
}

function deletemsg($mid, $ok=0) {
    global $pntable, $dbconn,$hlpfile;

    csrfcheck();

    $column = &$pntable['message_column'];
    $result = $dbconn->Execute("SELECT $column[title]
                              FROM $pntable[message]
                              WHERE $column[mid] = $mid");
    // FTO Check EOF and database error
    if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();
    }
    list($title) = $result->fields;
    $result->Close();
    if (!authorised(0, 'Messages::', "$title::$mid", ACCESS_DELETE)) {
        include 'header.php';
        echo _MESSAGESDELNOAUTH;
        include 'footer.php';
        return;
    }
    if($ok) {
        $result = $dbconn->Execute("DELETE FROM $pntable[message] WHERE $column[mid]=$mid");
        // FTO Check EOF and database error
        if (!$result) {
               PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
               die();
        }

        pnRedirect('admin.php?op=messages');
    } else {
        include("header.php");
        GraphicAdmin($hlpfile);
        OpenTable();
        echo "<center><font class=\"pn-title\"><b>"._MESSAGESADMIN."</b></font></center>";
        CloseTable();
        echo "<br>";
        OpenTable();
        echo "<center>"._REMOVEMSG." <b>$mid </b>";
        echo "<table><tr><td>\n";
        echo myTextForm("admin.php?op=messages", _NO);
        echo "</td><td>\n";
        echo myTextForm("admin.php?op=deletemsg&amp;mid=$mid&amp;ok=1", _YES);
        echo "</td></tr></table>\n";
        echo "</center>\n";
        CloseTable();
        include("footer.php");
    }
}
// End of Function


//FTO Remove warning
if (!isset($ok)) $ok=0;

if (!(authorised(0, 'Messages::', '::', ACCESS_EDIT))) {
    include 'header.php';
    echo _MESSAGESNOAUTH;
    include 'footer.php';
} else {
    switch ($op){

        case "messages":
            messages();
            break;

        case "editmsg":
//FTO             editmsg($mid, $title, $content, $mdate, $expire, $active, $view, $chng_date, $mlanguage);
// This was not corresponding to the function prototype
            editmsg($mid);
            break;

        case "addmsg":
                addmsg($add_title, $add_content, $add_mdate, $add_expire, $add_active, $add_view, $add_mlanguage);
            break;

        case "deletemsg":
                deletemsg($mid,$ok );
            break;

        case "savemsg":
                savemsg($mid, $title, $content, $mdate, $expire, $active, $view, $chng_date, $mlanguage,$typocode);
            break;
    }
}

?>
Return current item: ProNuke. Postnuke To Oracle