Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Blocks/admin/modules/blocks.php
<?php
// File: $Id: blocks.php,v 1.35 2001/12/04 13:07:46 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Patrick Kellum
// Purpose of file: Advanced Blocks system, based on PHP-Nuke Block system
// ----------------------------------------------------------------------

if(!eregi('admin.php', $PHP_SELF)) {
    die('Access Denied');
}
$hlpfile = 'manual/advblocks.php';

modules_get_language();

/*********************************************************/
/* Blocks Functions                                      */
/*********************************************************/
        
function BlocksAdmin()
{
    global
        $blocks_modules,
        $hlpfile,
        $show_inactive,
        $pntable,
        $dbconn,
        $pntheme
    ;
    include 'header.php';
    GraphicAdmin($hlpfile);
    OpenTable();
    print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
    CloseTable();
    print '<br>';

    if (!authorised(0, 'Blocks::', '::', ACCESS_EDIT)) {
        echo _BLOCKSNOAUTH;
        include 'footer.php';
        return;
    }

    /* Blocks */
    $filter_inactive = '';
    if (!$show_inactive)
    {
        $filter_inactive = "{$pntable['blocks_column']['active']}=1";
    }
    OpenTable();
    print '<center class="pn-title">'._AB_BLOCKSLIST.'</center> <br>';
    print '<center>';
    if ($show_inactive)
    {
        print '<span class="pn-normal">[ <a href="admin.php?op=AdvBlocksAdmin" class="pn-normal">'._MOD_HIDEINACTIVE.'</a> <img src="images/global/green_dot.gif" border="0" alt=""></a> ]</span>';
    } else {
        print '<span class="pn-normal">[ <a href="admin.php?op=AdvBlocksAdmin&amp;show_inactive=1" class="pn-normal">'._MOD_SHOWINACTIVE.' <img src="images/global/green_dot.gif" border="0" alt=""><img src="images/global/red_dot.gif" border="0" alt=""></a> ]</span>';
    }
    print '</center><br><br><center>'
        .'<table width=\"80%\" border="1" cellpadding=\"3\"><tr>'
        ."<td align=\"center\" bgcolor=\"$pntheme[table_header]\" colspan=\"2\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._TITLE.'</b></td>'
        ."<td align=\"center\" bgcolor=\"$pntheme[table_header]\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._POSITION.'</b></td>'
        ."<td align=\"center\" bgcolor=\"$pntheme[table_header]\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._WEIGHT.'</b></td>'
        ."<td align=\"center\" bgcolor=\"$pntheme[table_header]\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._TYPE.'</b></td>'
        ."<td align=\"center\" bgcolor=\"$pntheme[table_header]\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._LANG.'</b></td>'
    ;
    print "<td align=\"center\" bgcolor=\"$pntheme[table_header]\" class=\"pn-normal\" style=\"color:$pntheme[table_header_text]; background-color:$pntheme[table_header]\"><b>"._DELETE.'</b></tr>';
    print "</tr>\n";
    //
    // block position images
    //
    $position['l'] = '<img src="images/global/left.gif" alt="'._LEFTBLOCK.'" hspace="5">';
    $position['r'] = '<img src="images/global/right.gif" alt="'._RIGHTBLOCK.'" hspace="5">';
    //
    // highest weight for each position (better to do it here then to keep doing it in the loop)
    //
    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT MAX($column[weight]) as weight FROM $pntable[blocks] WHERE $column[position]='l' AND $column[active]=1");
    $high['l'] = $result->GetRowAssoc(false);
    $result->MoveNext();
    $result = $dbconn->Execute("SELECT MAX($column[weight]) as weight FROM $pntable[blocks] WHERE $column[position]='r' AND $column[active]=1");
    $high['r'] = $result->GetRowAssoc(false);
    $result->MoveNext();

    $column = &$pntable['blocks_column'];
    $myquery = buildSimpleQuery ('blocks',
                                 array ('bid', 'bkey', 'title', 'url', 'position', 'weight', 'active', 'blanguage'),
                                 $filter_inactive,
                                 "$column[position], $column[weight], $column[title]");
    $result = $dbconn->Execute($myquery);
    //== chv - convert names to readable and translated form prepare
    $lang = languagelist();
    while(!$result->EOF) {
        $row = $result->GetRowAssoc(false);
        $result->MoveNext();

        if (!authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_READ)) {
            continue;
        }
        if ($row['active'])
        {
            $active = _ACTIVE;
            $active_img = 'images/global/red_dot.gif';
            $change = _DEACTIVATE;
            $change_img = 'images/global/green_dot.gif';
        } else {
            $active = _INACTIVE;
            $active_img = 'images/global/green_dot.gif';
            $change = _ACTIVATE;
            $change_img = 'images/global/red_dot.gif';
        }
        $type = $blocks_modules[$row['bkey']]['text_type'];
        //
        // weight
        //
        $prev_pos = $row['position'];
        $move_up = '';
        $move_down = '';
        $move_space = '';
        if ($row['position'] == $prev_pos)
        {
            $move_up = myImageForm("admin.php?op=AdvBlocksOrder&amp;bid=$row[bid]&amp;position=$row[position]&amp;new_weight=" . ($row['weight'] - 1.5)
            , "images/global/up_thin.gif", _BLOCKUP);
        }
        if ($row['weight'] != $high[$row['position']]['weight'])
        {
            $move_down = myImageForm("admin.php?op=AdvBlocksOrder&amp;bid=$row[bid]&amp;position=$row[position]&amp;new_weight=" . ($row['weight'] + 1.5)
            , "images/global/down_thin.gif", _BLOCKDOWN);
        }
        if ($row['position'] == $prev_pos && $row['weight'] != $high[$row['position']]['weight'])
        {
            // $move_space = '&nbsp;';
        }
        //
        // start table row
        //
        if ($row['title'] == "")
        {
            $row['title'] = '- no title -';
        }
        echo "<tr><td>"
            . myImageForm("admin.php?op=AdvBlocksChangeStatus&amp;bid=$row[bid]", $change_img, $change)
            ."</td>";
        if (authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_EDIT)) {
            echo "<td align=\"left\" style=\"text-align:left\">&nbsp;<a href=\"admin.php?op=AdvBlocksEdit&amp;bid=$row[bid]\" class=\"pn-normal\">$row[title]</a>&nbsp;</td>"
                .'<td align="center" class="pn-normal" style="text-align:center">' . $position[$row['position']] . '</font></td>';
            if ($row['active']) {
                echo "<td>$move_up$move_down</td>";
            } else {
                echo "<td>&nbsp;</td>";
            }
        } else {
            echo "<td align=\"left\" style=\"text-align:left\">$row[title]</td>"
                .'<td align="center" class="pn-normal" style="text-align:center">' . $position[$row['position']] . '</font></td>'
                .'<td>&nbsp;</td>';
        }
        print "<td align=\"center\" class=\"pn-normal\" style=\"text-align:center\">&nbsp;$type&nbsp;</td>";
        if ($row['blanguage'] == "")
        {
            print "<td align=\"center\" class=\"pn-normal\" style=\"text-align:center\">&nbsp;"._ALL."&nbsp;</td>";
        } else {
           //== chv - convert names to readable and translated form
           $langcurr=$row[blanguage];
           $langname=$lang[$langcurr];
           print "<td align=\"center\" class=\"pn-normal\" style=\"text-align:center\">&nbsp;$langname&nbsp;</td>";
        }
        if (authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_DELETE)) {
            echo "<td align=\"center\" style=\"text-align:center\"><a href=\"admin.php?op=AdvBlocksDelete&amp;bid=$row[bid]\"><img src=\"images/global/delete.gif\" border=\"0\" alt=\"Delete Block\"></a></td>";
        } else {
            echo "<td>&nbsp;</td>";
        }
        echo "</tr>\n";
        $prev_pos = $row['position'];
    }
    
    print '</table></center>';
    CloseTable();
    print '<br>';

    // Add new block
    if (authorised(0, 'Blocks::', '::', ACCESS_ADD)) {
        OpenTable();
        print '<center class="pn-title">' . _ADDNEWBLOCK . '</center><br>'
            .'<span class="pn-normal">'
            .'<form action="admin.php" method="post">'
            ._TITLE . '&nbsp;&nbsp;<input type="text" name="title" size="20" maxlength="75" class="pn-normal">&nbsp;&nbsp;'
            .'<select name="bkey" size="1" class="pn-normal">'
        ;
        uasort($blocks_modules, 'advblock_sorting');
        foreach ($blocks_modules as $k=>$v)
        {
            if (!$v['allow_multiple'])
            {
                $column = &$pntable['blocks_column'];
                $myquery = buildSimpleQuery ('blocks', array ('bid'), "$column[bkey]='$k'");
                $result = $dbconn->Execute($myquery);
                $row = $result->GetRowAssoc(false);
                $result->MoveNext();
                if ($row['bid'])
                {
                    continue;
                }
            }
            if (authorised(0, 'Blocks::', "$v::", ACCESS_ADD)) {
                print "<option name=\"bkey\" value=\"$k\">$v[text_type_long]</option>\n";
            }
        }
        print '</select>&nbsp;&nbsp;'
            .'<input type="submit" value="' . _CREATEBLOCK . '" class="pn-normal" style="text-align:center">'
            .'<input type="hidden" name="op" value="AdvBlocksAdd"></form>'
            .'</span>'
        ;
        CloseTable();
        echo "<br/>";
    }
    include 'footer.php';
}

function BlocksAdd()
{
    global
        $blocks_modules,
        $pntable,
        $dbconn
    ;

    csrfcheck();

    $vars = $GLOBALS[HTTP_POST_VARS];

    if (!authorised(0, 'Blocks::', '::', ACCESS_ADD)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSADDNOAUTH;
        include 'footer.php';
        return;
    }

    if (!$blocks_modules[$vars['bkey']]['allow_multiple']) // if this block type already exists, edit it, otherwise, create it.
    {
        $column = &$pntable['blocks_column'];
        $sql = buildQuery(array('blocks'), array("$column[bid] as bid"), "$column[bkey]='$vars[bkey]'", '');
        $result = $dbconn->SelectLimit($sql,1);
        $row = $result->GetRowAssoc(false);
        $result->MoveNext();
        if ($row['bid'])
        {
            pnRedirect('admin.php?op=AdvBlocksEdit&bid='.$row[bid]);
        }
    }
    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT MAX($column[weight]) FROM $pntable[blocks] WHERE $column[position]='l'");
    list($high) = $result->fields;
    $vars['title'] = stripslashes(FixQuotes($vars['title']));
    $vars['content'] = stripslashes(FixQuotes($vars['content']));
    $vars['active'] = 1;
    $vars['position'] = 'l';
    $vars['weight'] = $high[weight] + 1;
    $vars['refresh'] = 3600;
    if ($blocks_modules[$vars['bkey']]['func_add']) // let the module do any block-specific changes before adding
    {
        $vars = $blocks_modules[$vars['bkey']]['func_add']($vars);
    }
// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $bid = $dbconn->GenId("{$pntable['blocks']}_SEQ");
    
    $column = &$pntable['blocks_column'];

    //FTO Use a php date time to stay compatible with
    //    all databases.
    $now=$dbconn->DBTimeStamp(mktime());

    $result = $dbconn->Execute("INSERT INTO $pntable[blocks] ($column[bid], $column[bkey], $column[title], $column[content], $column[url], $column[position], $column[weight], $column[active], $column[refresh], $column[last_update], $column[blanguage]) VALUES ($bid, '$vars[bkey]', '$vars[title]', '$vars[content]', '$vars[url]', '$vars[position]', $vars[weight], $vars[active], $vars[refresh], $now, '$vars[blanguage]')");
    if ($result === false) {
        error_log("DB Error: BlocksAdd: can not insert into blocks: " 
                  . $dbconn->ErrorMsg());
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB Error: BlocksAdd: can not insert into blocks: ");
    }
    $bid = $dbconn->PO_Insert_ID($pntable[blocks], $column[bid]);
    pnRedirect( 'admin.php?op=AdvBlocksEdit&bid='.$bid);
}

function BlocksEdit($bid) {
    global
        $blocks_modules,
        $hlpfile,
        $bgcolor2,
        $bgcolor4,
        $pntable,
        $dbconn,
        $pntheme
    ;

    csrfcheck();

    include 'header.php';
    GraphicAdmin($hlpfile);
    OpenTable();
    print '<center class="pn-pagetitle">'._EDITBLOCK.'</center>';
    CloseTable();
    print '<br>';
    $text_pos['l'] = _LEFT;
    $text_pos['r'] = _RIGHT;
    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT $column[bid] as bid, $column[bkey] as bkey, $column[title] as title, $column[content] as content, $column[url] as url, $column[position] as position, $column[weight] as weight, $column[active] as active, $column[refresh] as refresh, $column[last_update] as last_update, $column[blanguage] as blanguage FROM $pntable[blocks] WHERE $column[bid]=$bid");
    $row = $result->GetRowAssoc(false);
    $result->MoveNext();
    $position[$row['position']] = ' selected';
    $active[$row['active']] = ' checked';
    $refresh[$row['refresh']] = ' selected';

    if (!authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    OpenTable();
    print '<center class="pn-title">'._BLOCK.": $row[title] (".$blocks_modules[$row['bkey']]['text_type_long'].')</center><br><br>'
        .'<form action="admin.php" method="post">'
        .'<table border="0" width="100%">'
        .'<tr><td class="pn-normal">'._TITLE.':</td><td><input type="text" name="title" size="30" maxlength="60" value="'.htmlspecialchars($row['title']).'" class="pn-normal"></td></tr>'
    ;
    if ($blocks_modules[$row['bkey']]['func_edit'] && function_exists($blocks_modules[$row['bkey']]['func_edit']))
    {
        print $blocks_modules[$row['bkey']]['func_edit']($row);
    }
    if ($blocks_modules[$row['bkey']]['form_content'])
    {
        print '<tr><td class="pn-normal">'._CONTENT.':</td><td><textarea name="content" cols="50" rows="10" wrap="soft" class="pn-normal">'.htmlspecialchars($row[content]).'</textarea></td></tr>';
    }
    print '<tr><td class="pn-normal">'._POSITION.':</td><td><select name="position" size="1" class="pn-normal">'
        ."<option name=\"position\" value=\"l\"$position[l]>$text_pos[l]</option>"
        ."<option name=\"position\" value=\"r\"$position[r]>$text_pos[r]</option>"
        .'</select></td></tr>'
        .'<tr><td class="pn-normal">'._WEIGHT.':</td><td><select name="weight" size="1" class="pn-normal">'
        ."<option value=\"$row[weight]\" selected>"._MOD_CURRENT."</option>\n"
        .'<option value="0.5">'._AB_TOP.'</option>'
    ;
    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT $column[title] as title, $column[weight] as weight, $column[position] as position FROM $pntable[blocks] WHERE $column[bid]!=$bid AND $column[active]=1 ORDER BY $column[position], $column[weight]");
    while(!$result->EOF) {
        $weight_row = $result->GetRowAssoc(false);
        $result->MoveNext();

        print '<option value="'.($weight_row['weight'] + 0.5).'">'._MOD_AFTER." $weight_row[title] (".$text_pos[$weight_row['position']].")</option>\n";
    }
    print '</select></td></tr>'
        .'<tr><td class="pn-normal">'._ACTIVATE2."</td><td class=\"pn-normal\"><input type=\"checkbox\" name=\"active\" value=\"1\"$active[1]></td></tr>"
    ;
    if($blocks_modules[$row['bkey']]['form_refresh']) {
        print '<tr><td class="pn-normal">'._REFRESHTIME.':</td><td><select name="refresh" size="1" class="pn-normal">'
            .'<option value="1800"' . $refresh[1800] . '>1/2 ' . _HOUR . '</option>'
            .'<option value="3600"' . $refresh[3600] . '>1 ' . _HOUR . '</option>'
            .'<option value="18000"' . $refresh[18000] . '>5 ' . _HOURS . '</option>'
            .'<option value="36000"' . $refresh[36000] . '>10 ' . _HOURS . '</option>'
            .'<option value="86400"' . $refresh[86400] . '>24 ' . _HOURS . '</option>'
            .'</select>'
            .'</td></tr>'
        ;
    }
    $lang = languagelist();
    if (!$row['blanguage'])
    {
        $row['blanguage'] = 0;
    }
    $sel_lang[$row['blanguage']] = ' selected';
    print '<tr><td class="pn-normal">'._LANGUAGE.":</td><td><select name=\"blanguage\" size=\"1\" class=\"pn-normal\"><option value=\"\"$sel_lang[0]>"._ALL.'</option>';
    $handle = opendir('language');
    while ($f = readdir($handle))
    {
        if (is_dir("language/$f") && $lang[$f])
        {
            $langlist[$f] = $lang[$f];
        }
    }
    asort($langlist);
    foreach ($langlist as $k=>$v)
    {
        print "<option value=\"$k\"$sel_lang[$k]>$v</option>\n";
    }
    print '</select></td></tr>';
    print '</table>'
        ."<input type=\"hidden\" name=\"bid\" value=\"$row[bid]\">"
        ."<input type=\"hidden\" name=\"bkey\" value=\"$row[bkey]\">"
        .'<input type="hidden" name="op" value="AdvBlocksEditSave">'
        .'<input type="submit" value="'._SAVEBLOCK.'" class="pn-normal" style="text-align:center">'
        .'</form>'
    ;
    CloseTable();
    include 'footer.php';
}

function BlocksEditSave()
{
    global
        $blocks_modules,
        $HTTP_POST_VARS,
        $pntable,
        $dbconn
    ;

    csrfcheck();

    $vars = $HTTP_POST_VARS;
    if (!$vars[refresh])
    {
        $vars[refresh] = 0;
    }
	// this musn't be '' 0 will fit
	if (!isset($vars['active'])){
	    $vars['active'] = 0;
	}
    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT $column[weight] as weight,
                                     $column[bkey] as bkey,
                                     $column[title] as title
                                     FROM $pntable[blocks]
                                     WHERE $column[bid]=$vars[bid]");
    $row = $result->GetRowAssoc(false);
    $result->MoveNext();

    if (!authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $vars[title] = stripslashes(FixQuotes($vars[title]));
    $vars[content] = stripslashes(FixQuotes($vars[content]));
    // let the module do any block-specific changes before updating
    if ($blocks_modules[$vars[bkey]][func_update])
    {
        $vars = $blocks_modules[$vars[bkey]][func_update]($vars);
    }
    $column = &$pntable['blocks_column'];



    //FTO Use a php date time to stay compatible with
    //    all databases.

    $now=$dbconn->DBTimeStamp(mktime());

    $sql = "UPDATE $pntable[blocks] SET $column[title]='$vars[title]', $column[position]='$vars[position]', $column[weight]=$vars[weight], $column[active]=$vars[active], $column[refresh]=$vars[refresh], $column[last_update]=$now, $column[blanguage]='$vars[blanguage]'";
    if (isset ($vars[content]))
    {
        $sql .= ", $column[content]='$vars[content]'";
    }
    $sql .= ", $column[url]='$vars[url]'";
    $sql .= " WHERE $column[bid]=$vars[bid]";
    $result = $dbconn->Execute($sql);
    if ($result === false) {
        error_log("DB Error: BlocksEditSave: Can not update blocks: " . $dbconn->ErrorMsg());
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB Error: BlocksEditSave: Can not update blocks: ");
    }

    if ($vars['weight'] == $row['weight'])
    {
        pnRedirect('admin.php?op=AdvBlocksAdmin');
    } else {
        BlocksOrder($vars);
    }
}

function ChangeStatus($bid, $ok=0)
{
    global
        $blocks_modules,
        $pntable,
        $dbconn,
        $pntheme
    ;

    csrfcheck();

    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT $column[bid] as bid, $column[bkey] as bkey, $column[title] as title, $column[content] as content, $column[url] as url, $column[position] as position, $column[weight] as weight, $column[active] as active, $column[refresh] as refresh, $column[last_update] as last_update, $column[blanguage] as blanguage FROM $pntable[blocks] WHERE $column[bid]=$bid");
    $row = $result->GetRowAssoc(false);
    $result->MoveNext();

    if (!authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    if(($ok || $row['active']))
    {
        if ($row['active'])
        {
            $active = 0;
        } else {
            $active = 1;
        }
        $column = &$pntable['blocks_column'];
        $result = $dbconn->Execute("UPDATE $pntable[blocks] SET $column[active]=$active WHERE $column[bid]=$bid");
        if ($result === false) {
            error_log ("problem activating block: " . $dbconn->ErrorMsg());
            PN_DBMsgError($dbconn, __FILE__, __LINE__, "problem activating block");
        }
        pnRedirect('admin.php?op=AdvBlocksAdmin');
    }
    include 'header.php';
    GraphicAdmin($hlpfile);
    print '<br>';
    OpenTable();
    print '<center class="pn-pagetitle">'._BLOCKACTIVATION.'</center>';
    CloseTable();
    print '<br>';
    OpenTable();
    if ($blocks_modules[$row['bkey']]['show_preview'])
    {
        print '<center class="pn-normal">'._BLOCKPREVIEW." <i>$row[title]</i><br><br>";
        $blocks_modules[$row['bkey']]['func_display']($row);
    } else {
        print "<center class=\"pn-normal\"><i>$row[title]</i><br><br>";
    }
    echo '<br>'._WANT2ACTIVATE.'<br><br>';
    echo "<table><tr><td>\n";
    echo myTextForm("admin.php?op=AdvBlocksAdmin", _NO);
    echo "</td><td>\n";
    echo myTextForm("admin.php?op=AdvBlocksChangeStatus&amp;bid=$bid&amp;ok=1", _YES);
    echo "</td></tr></table>\n";
    CloseTable();
    include 'footer.php';
}

function BlocksDelete($bid, $ok=0) {
    global
        $blocks_modules,
        $pntable,
        $dbconn
    ;

    csrfcheck();

    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT $column[bid] as bid, $column[bkey] as bkey, $column[title] as title, $column[content] as content, $column[url] as url, $column[position] as position, $column[weight] as weight, $column[active] as active, $column[refresh] as refresh, $column[last_update] as last_update, $column[blanguage] as blanguage FROM $pntable[blocks] WHERE $column[bid]=$bid");
    $row = $result->GetRowAssoc(false);
    $result->MoveNext();

    if (!authorised(0, 'Blocks::', "$row[bkey]:$row[title]:$row[bid]", ACCESS_DELETE)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSDELNOAUTH;
        include 'footer.php';
        return;
    }

    if($ok) {
        // let the module do any block-specific things before deleting
        if ($blocks_modules[$vars['bkey']]['func_delete'])
        {
            $vars = $blocks_modules[$vars['bkey']]['func_delete']($vars);
        }
        $column = &$pntable['blocks_column'];
        $result = $dbconn->Execute("DELETE FROM $pntable[blocks] WHERE $column[bid]=$bid");
        if ($result === false) {
            error_log ("couldn't delete block: " . $dbconn->ErrorMsg());
            PN_DBMsgError($dbconn, __FILE__, __LINE__, "couldn't delete block:");
        }
        pnRedirect('admin.php?op=AdvBlocksAdmin');
    }
    include 'header.php';
    GraphicAdmin($hlpfile);
    OpenTable();
    print '<center><font class="pn-title"><b>' . _AB_BLOCKSADMIN . '</b></font></center>';
    CloseTable();
    print '<br>';
    OpenTable();
    print '<center>' . _ARESUREDELBLOCK . ' <i>' . $row['title'] . '</i>?<br><br>';
    if($blocks_modules[$row['bkey']]['show_preview']) {
        if(function_exists('nukecode')) {
            if($blocks_modules[$row['bkey']]['support_nukecode']) {
                $row['content'] = nukecode($row['content']);
            }
        }
        $blocks_modules[$row['bkey']]['func_display']($row);
    }
    echo "<table><tr><td>\n";
    echo myTextForm("admin.php?op=AdvBlocksAdmin", _NO);
    echo "</td><td>\n";
    echo myTextForm("admin.php?op=AdvBlocksDelete&amp;bid=$bid&amp;ok=1", _YES);
    echo "</td></tr></table>\n";
    echo '</center>';
    CloseTable();
    include 'footer.php';
}

function BlocksOrder($vars)
{
    global
        $blocks_modules,
        $pntable,
        $dbconn
    ;

    csrfcheck();

    if (!authorised(0, 'Blocks::', '::', ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center class="pn-pagetitle">'._AB_BLOCKSADMIN.'</center>';
        CloseTable();
        print '<br>';
        echo _BLOCKSEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $column = &$pntable['blocks_column'];
    $result = $dbconn->Execute("SELECT MAX($column[weight]) FROM $pntable[blocks] WHERE $column[position]='$vars[position]' AND $column[active]=1");
    list($high) = $result->fields;
    if ($vars['new_weight'])
    {
        $result = $dbconn->Execute("UPDATE $pntable[blocks] SET $column[weight]=$vars[new_weight] WHERE $column[bid]=$vars[bid]");
        if ($result === false) {
            error_log("DB Error: BlocksOrder: Can not update blocks: " 
                . $dbconn->ErrorMsg());
            PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB Error: BlocksOrder: Can not update blocks");
        }
    }
    $result = $dbconn->Execute("SELECT $column[bid] as bid, $column[active] as active FROM $pntable[blocks] WHERE $column[position]='$vars[position]' ORDER BY $column[weight]");
    $c = 0;
    while(!$result->EOF) {
        $row = $result->GetRowAssoc(false);
        $result->MoveNext();

        if ($row['active'])
        {
            $c++;
            $upRes = $dbconn->Execute("UPDATE $pntable[blocks] SET $column[weight]=$c WHERE $column[bid]=$row[bid]");
            if ($upRes === false) {
                error_log("DB Error: BlocksOrder: Can not update blocks: " 
                    . $dbconn->ErrorMsg());
                PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB Error: BlocksOrder: Can not update blocks");
            }
        } else {
            $upRes = $dbconn->Execute("UPDATE $pntable[blocks] SET $column[weight]=".($high + 1)." WHERE $column[bid]=$row[bid]");
            if ($upRes === false) {
                error_log("DB Error: BlocksOrder: Can not update blocks: " 
                    . $dbconn->ErrorMsg());
                PN_DBMsgError($dbconn, __FILE__, __LINE__, "DB Error: BlocksOrder: Can not update blocks");
            }
        }
    }
    pnRedirect('admin.php?op=AdvBlocksAdmin');
}

function HeadlinesAdmin() {
    global
        $hlpfile,
        $bgcolor1,
        $bgcolor2,
        $textcolor1,
        $textcolor2,
        $pntable,
        $dbconn
    ;
    include 'header.php';
    GraphicAdmin($hlpfile);
    OpenTable();
    print '<center><font class="pn-title"><b>'._HEADLINESADMIN.'</b></font></center>';
    CloseTable();
    print '<br>';

    if (!authorised(0, 'Headlines::', '::', ACCESS_EDIT)) {
        echo _HEADLINESNOAUTH;
        include 'footer.php';
        return;
    }

    // Current headlines
    OpenTable();
    print '<form action="admin.php" method="post">'
        .'<table border="1" width="100%" align="center"><tr>'
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><font size=\"2\" color=\"$textcolor1\"><b>"._SITENAME.'</b></font></td>'
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><font size=\"2\" color=\"$textcolor1\"><b>"._URL.'</b></font></td>'
        ."<td bgcolor=\"$bgcolor2\" align=\"center\"><font size=\"2\" color=\"$textcolor1\"><b>"._FUNCTIONS.'</b></font></td><tr>'
    ;
    $column = &$pntable['headlines_column'];
    $result = $dbconn->Execute("SELECT $column[id] as id, $column[sitename] as sitename, $column[rssurl] as rssurl, $column[siteurl] as siteurl FROM $pntable[headlines] ORDER BY $column[sitename],$column[id]");
    while(!$result->EOF) {
        $row = $result->GetRowAssoc(false);
        $result->MoveNext();
        if($row['siteurl']) {
            print "<td bgcolor=\"$bgcolor1\" align=\"center\"><a href=\"$row[siteurl]\" target=\"_blank\"><font size=\"2\" color=\"$textcolor2\">$row[sitename]</font></a></td>";
        }
        else {
            print "<td bgcolor=\"$bgcolor1\" align=\"center\"><font size=\"2\" color=\"$textcolor2\">$row[sitename]</font></td>";
        }
        print "<td bgcolor=\"$bgcolor1\" align=\"center\"><a href=\"$row[rssurl]\" target=\"_blank\"><font size=\"2\" color=\"$textcolor2\">$row[rssurl]</font></a></td>";
        if (authorised(0, 'Headlines::', "$row[sitename]::$row[id]", ACCESS_EDIT)) {
            echo "<td bgcolor=\"$bgcolor1\" align=\"center\">[ <a href=\"admin.php?op=AdvHeadlinesEdit&amp;id=$row[id]\">"._EDIT."</a> ";
            if (authorised(0, 'Headlines::', "$row[sitename]::$row[id]", ACCESS_DELETE)) {
                echo "| <a href=\"admin.php?op=AdvHeadlinesDel&amp;id=$row[id]&amp;ok=0\">"._DELETE.'</a> ]</td>';
            } else {
                echo "]</td>";
            }
        } else {
            echo "<td>&nbsp;</td>";
        }
        echo "</tr>";
    }
    print '</form></td></tr></table>';
    CloseTable();
    print '<br>';

    // Add headline
    if (authorised(0, 'Headlines::', '::', ACCESS_ADD)) {
        OpenTable();
        $f = array();
        $f['headline'] = _ADDHEADLINE;

        $f['sitename'] = array("label"=>_SITENAME, "name"=>"sitename", "size"=>"31", "maxlength"=>"61");
        $f['siteurl']  = array("label"=>_SITEURL, "name"=>"siteurl", "size"=>"50", "maxlength"=>"255");
        $f['rssfile']  = array("label"=>_RSSFILE, "name"=>"rssurl", "size"=>"50", "maxlength"=>"255");
        $f['maxrows']  = array("label"=>_RSS_MAXROWS, "name"=>"maxrows", "size"=>"5", "maxlength"=>"5");

        $f['settings'] = array("label"=>"Settings", "image"=>"Show image", "descr"=>"Show descr.", "search"=>"Show search");
        $f['image']  = array("label"=>_RSS_IMG, "name"=>"options", "value"=>"I", "checked"=>false);
        $f['descr']  = array("label"=>_RSS_DESCR, "name"=>"options","value"=>"D",  "checked"=>false);
        $f['search']  = array("label"=>_RSS_SRCH, "name"=>"options", "value"=>"S", "checked"=>false);
        $f['proxy']  = array("label"=>_RSS_PROXY, "name"=>"options", "value"=>"P", "checked"=>false);
        $f['uname']  = array("label"=>_RSS_NAME, "name"=>"uname", "size"=>"10", "maxlength"=>"10");
        $f['pass']  = array("label"=>_RSS_PASS, "name"=>"pass", "size"=>"10", "maxlength"=>"10");

        $f['op'] = "AdvHeadlinesAdd";
        $f['button'] = _ADD;
    
        HTML_form($f);

    }

    CloseTable();
    include 'footer.php';
}

function HeadlinesEdit($id) {
    global
        $hlpfile,
        $pntable,
        $dbconn
    ;

    csrfcheck();

    include 'header.php';
    GraphicAdmin($hlpfile);
    OpenTable();
    print '<center><font class="pn-title"><b>'._HEADLINESADMIN.'</b></font></center>';
    CloseTable();
    print '<br>';
    $column = &$pntable['headlines_column'];
    $result = $dbconn->Execute("SELECT $column[id] as id, $column[sitename] as sitename, $column[rssuser] as rssuser, $column[rsspasswd] as rsspasswd, $column[use_proxy] as use_proxy, $column[rssurl] as rssurl, $column[maxrows] as maxrows, $column[siteurl] as siteurl, $column[options] as options FROM $pntable[headlines] WHERE $column[id]=$id");
    $row = $result->GetRowAssoc(false);
    $result->MoveNext();

    if (!authorised(0, 'Headlines::', "$row[sitename]::$row[id]", ACCESS_EDIT)) {
        echo _HEADLINESEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $row['sitename'] = htmlspecialchars($row['sitename']);
    OpenTable();

    $f = array();
    $f['headline'] = _EDITHEADLINE;

    $f['sitename'] = array("label"=>_SITENAME, "name"=>"sitename", "value"=>$row['sitename'],
                                "size"=>"31", "maxlength"=>"61");

    $f['siteurl']  = array("label"=>_SITEURL, "name"=>"siteurl", "value"=>$row['siteurl'],
                                "size"=>"50", "maxlength"=>"255");

    $f['rssfile']  = array("label"=>_RSSFILE, "name"=>"rssurl", "value"=>$row['rssurl'],
                                "size"=>"50", "maxlength"=>"255");

    $f['maxrows']  = array("label"=>_RSS_MAXROWS, "name"=>"maxrows", "value"=>$row['maxrows'],
                                "size"=>"5", "maxlength"=>"5");

    $f['settings'] = array("label"=>"Settings", "image"=>"Show image", "descr"=>"Show descr.", "search"=>"Show search");
    $f['image']  = array("label"=>_RSS_IMG, "name"=>"options", "value"=>"I", "checked"=>(stristr($row['options'],"I")));
    $f['descr']  = array("label"=>_RSS_DESCR, "name"=>"options","value"=>"D",  "checked"=>(stristr($row['options'],"D")));
    $f['search']  = array("label"=>_RSS_SRCH, "name"=>"options", "value"=>"S", "checked"=>(stristr($row['options'],"S")));
    $f['proxy']  = array("label"=>_RSS_PROXY, "name"=>"options", "value"=>"P", "checked"=>(stristr($row['options'],"P")));
    $f['uname']  = array("label"=>_RSS_NAME, "name"=>"uname", "value"=>$row['uname'], "size"=>"10", "maxlength"=>"10");
    $f['pass']  = array("label"=>_RSS_PASS, "name"=>"pass", "value"=>$row['pass'], "size"=>"10", "maxlength"=>"10");

    $f['id'] = $id;
    $f['op'] = "AdvHeadlinesSave";
    $f['button'] = _SAVECHANGES;

    HTML_form($f);

    CloseTable();
    include 'footer.php';
}

function HTML_textbox($a)
{
        return "<input type=\"text\" name=\"$a[name]\" value=\"$a[value]\" size=\"$a[size]\" maxlength=\"$a[maxlength]\">";
}

function HTML_checkbox($a)
{
        if($a[checked]) $a[checked] = "checked";
        return "<input type=\"checkbox\" name=\"$a[name][]\" value=\"$a[value]\" $a[checked]>";
}


function HTML_Form($f) {

    $str ="
        <font class=\"pn-title\"><b>$f[headline]</b></font><br><br>
        <form action=\"admin.php\" method=\"post\">
        <input type=\"hidden\" name=\"id\" value=\"$f[id]\">
        <table border=\"0\" width=\"100%\">
          <tr>
            <td>".$f[sitename][label].":</td>
            <td>".HTML_textbox($f[sitename])."</td>
          </tr>
          <tr>
            <td>".$f[siteurl][label].":</td>
            <td>".HTML_textbox($f[siteurl])."</td>
          </tr>
          <tr>
            <td>".$f[rssfile][label].":</td>
            <td>".HTML_textbox($f[rssfile])."</td>
          </tr>
          <tr>
            <td>".$f[maxrows][label].":</td>
            <td>".HTML_textbox($f[maxrows])."</td>
          </tr>
          <tr>
            <td>".$f[settings][label].":</td>
            <td>"
            .$f[settings][image].":".HTML_checkbox($f[image])."&nbsp;&nbsp;"
            .$f[settings][descr].":".HTML_checkbox($f[descr])."&nbsp;&nbsp;"
            .$f[settings][search].":".HTML_checkbox($f[search])."&nbsp;&nbsp;
            </td>
          </tr>
          <tr>
            <td>".$f[proxy][label].":</td>
            <td>".HTML_checkbox($f[proxy])."</td>
          </tr>
        </table>
        <input type=\"hidden\" name=\"op\" value=\"$f[op]\">
        <input type=\"submit\" value=\"$f[button]\">
        </form>";

    print $str;
}

function HeadlinesAdd($vars) {
    global $pntable, $dbconn;

    csrfcheck();

    $vars['sitename'] = addslashes($vars['sitename']);

    if (!authorised(0, 'Headlines::', "$vars[sitename]::", ACCESS_ADD)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center><font class="pn-title"><b>'._HEADLINESADMIN.'</b></font></center>';
        CloseTable();
        print '<br>';
        echo _HEADLINESADDNOAUTH;
        include 'footer.php';
        return;
    }
    $options = ""; 
    for($i=0; $i < count($vars['options']); $i++) {
        $options .= $vars['options'][$i];
    }

    $column = &$pntable['headlines_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $nextid = $dbconn->GenId("{$pntable['headlines']}_SEQ");

    $result = $dbconn->Execute("INSERT INTO $pntable[headlines]
                              ($column[id],
                               $column[sitename],
                               $column[rssurl],
                               $column[siteurl],
                               $column[maxrows],
                               $column[options])
                               VALUES
                              ($nextid,
                               '$vars[sitename]',
                               '$vars[rssurl]',
                               '$vars[siteurl]',
                               '$vars[maxrows]',
                               '$options')");
    if ($result === false) {
        error_log ("problem adding headline in blocks.php: " . $dbconn->ErrorMsg());
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "problem adding headline in blocks.php");
    }

    pnRedirect('admin.php?op=AdvHeadlinesAdmin');
}

function HeadlinesSave() {
    global $pntable, $dbconn;

    csrfcheck();

    $vars = $GLOBALS[HTTP_POST_VARS];
    $vars['sitename'] = addslashes($vars['sitename']);
   
    if (!authorised(0, 'Headlines::', "$vars[sitename]::$vars[id]", ACCESS_EDIT)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center><font class="pn-title"><b>'._HEADLINESADMIN.'</b></font></center>';
        CloseTable();
        print '<br>';
        echo _HEADLINESEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $options = ""; 
    for($i=0; $i < count($vars['options']); $i++) {
        $options .= $vars['options'][$i];
    }

    $column = &$pntable['headlines_column'];
    $result = $dbconn->Execute("UPDATE $pntable[headlines] SET $column[sitename]='$vars[sitename]',$column[rssurl]='$vars[rssurl]',$column[siteurl]='$vars[siteurl]', $column[maxrows]=$vars[maxrows], $column[options]='$options' WHERE $column[id]=$vars[id]");
    if ($result === false) {
        error_log ("problem saving headlines in blocks.php: " . $dbconn->ErrorMsg());
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "problem saving headlines in blocks.php");
    }
    pnRedirect('admin.php?op=AdvHeadlinesAdmin');
}

function HeadlinesDel($id, $ok=false) {
    global $pntable, $dbconn;

    csrfcheck();

    $column = &$pntable['headlines_column'];
    $result = $dbconn->Execute("SELECT $column[sitename]
                              FROM $pntable[headlines]
                              WHERE $column[id] = $id");
    list($sitename) = $result->fields;
    if (!authorised(0, 'Headlines::', "$sitename::$id", ACCESS_DELETE)) {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center><font class="pn-title"><b>'._HEADLINESADMIN.'</b></font></center>';
        CloseTable();
        print '<br>';
        echo _HEADLINESDELNOAUTH;
        include 'footer.php';
        return;
    }

    if($ok) {
        $column = &$pntable['headlines_column'];
        $result = $dbconn->Execute("DELETE FROM $pntable[headlines] WHERE $column[id]=$id");
        if ($result === false) {
            error_log ("problem deleting a headline in blocks.php: " . $dbconn->ErrorMsg());
            PN_DBMsgError($dbconn, __FILE__, __LINE__, "problem deleting a headline in blocks.php");
        }
        pnRedirect('admin.php?op=AdvHeadlinesAdmin');
    }
    else {
        include 'header.php';
        GraphicAdmin($hlpfile);
        OpenTable();
        print '<center><br>'
            .'<font class="pn-title">'
            .'<b>'._SURE2DELHEADLINE.'</b></font><br><br>'
            ."[ <a href=\"admin.php?op=AdvHeadlinesDel&amp;id=$id&amp;ok=1\">"._YES.'</a> | <a href="admin.php?op=AdvHeadlinesAdmin">'._NO.'</a> ]<br><br>'
        ;
        CloseTable();
        include 'footer.php';
    }
}

// built-in sorting functions wern't quite up to the task :-)
function advblock_sorting($left, $right)
{
    return strcasecmp($left['text_type_long'], $right['text_type_long']);
}

if ((!authorised(0, 'Blocks::', '::', ACCESS_EDIT)) && (!authorised(0, 'Headlines::', '::', ACCESS_EDIT))) {
    include 'header.php';
    echo _BLOCKSNOAUTH;
    include 'footer.php';
} else {
    switch ($op)
    {
        case 'AdvBlocksAdmin':
            BlocksAdmin();
            break;

        case 'AdvBlocksAdd':
            BlocksAdd();
            break;

        case 'AdvBlocksEdit':
            BlocksEdit($bid);
            break;

        case 'AdvBlocksEditSave':
            BlocksEditSave();
            break;

        case 'AdvBlocksChangeStatus':
            ChangeStatus($bid, $ok);
            break;

        case 'AdvBlocksDelete':
            BlocksDelete($bid, $ok);
            break;

        case 'AdvBlocksOrder':
            BlocksOrder($HTTP_GET_VARS);
            break;
            
        case 'AdvHeadlinesAdmin':
            HeadlinesAdmin();
            break;

        case 'AdvHeadlinesEdit':
            HeadlinesEdit($HTTP_GET_VARS[id]);
            break;

        case 'AdvHeadlinesAdd':
            HeadlinesAdd($HTTP_POST_VARS);
            break;

        case 'AdvHeadlinesSave':
            HeadlinesSave();
            break;

        case 'AdvHeadlinesDel':
            HeadlinesDel($HTTP_GET_VARS[id],$HTTP_GET_VARS[ok]);
            break;
    }
}
?>
Return current item: ProNuke. Postnuke To Oracle