Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Quotes/admin/modules/qotd.php
<?php
// File: $Id: qotd.php,v 1.15 2001/12/04 23:53:46 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file:  Erik Slooff <hide@address.com> www.slooff.com
// Purpose of file: 
//   PHP-NUKE 5.0: Quote of the day Add-On
//   Copyright (c) 2000 by Erik Slooff (hide@address.com)
// ----------------------------------------------------------------------
// Changes for this admin module thanks to Heinz Hombergs
// (hide@address.com), http://www.kodewulf.za.net
// ----------------------------------------------------------------------

if (!eregi("admin.php", $PHP_SELF)) { die ("Access Denied"); }

modules_get_language();

// Default function to display the admin stuff for the Quote Add-on
function QotdAdmin() {
    global $hlpfile, $admin, $pntable;
    include(WHERE_IS_PERSO."config.php");
    $hlpfile = "manual/qotd.html";
    include ("header.php");
    GraphicAdmin($hlpfile);

    if (authorised(0, 'Quotes::', '::', ACCESS_ADD)) {
        OpenTable();
        echo "</center><font size=4><b>"._QOTDADDQ."</b><br><br>
              <font size=2>
              <form action=admin.php method=post>
              <table border=0 width=\"100%\"><tr><td>".
              _QTDQT.
             "</td><td><textarea class=pn-normal name=qquote cols=60 rows=5></textarea></td></tr><tr><td>".
              _AUTHOR.
             "</td><td><input class=pn-normal type=text name=qauthor size=31 maxlength=128></td></tr><tr><td>
              </td></tr></table>
              <input type=hidden name=op value=QotdAdd>
              <input type=submit value=".
             _ADD.
             "></form><br>";
        CloseTable();
    }

    if (authorised(0, 'Quotes::', '::', ACCESS_EDIT)) {
        echo "<a href =\"admin.php?op=QotdDisplay&page=1\">".
             _QOTDMODIFYQ.
             "</a></font><br><br>";
    }
    include("footer.php");
}

// function for adding new quotes
function QotdAdd($qquote, $qauthor) {
    global $pntable, $dbconn;

    csrfcheck();

    if (!(authorised(0, 'Quotes::', "$qauthor::", ACCESS_ADD))) {
        include 'header.php';
        echo _QUOTESADDNOAUTH;
        include 'footer.php';
        return;
    }

    $time = date("Y-m-d");
    $column = &$pntable['quotes_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
    $nextId = $dbconn->GenId("{$pntable['quotes']}_SEQ");

    $result = $dbconn->Execute("INSERT INTO $pntable[quotes] ($column[qid], 
                              $column[quote], $column[author]) 
                              VALUES ($nextId, '$qquote', '$qauthor')");
    if($dbconn->ErrorNo()<>0)
    {
        error_log("DB Error: Problem adding quote. " . $dbconn->ErrorMsg());
        error_log("INSERT INTO $pntable[quotes] ($column[qid], 
                               $column[quote], $column[author]) 
                               VALUES ($nextId, '$qquote', '$qauthor')");
    }
    pnRedirect('admin.php?op=QotdAdmin');
}

// function for displaying multiple quotes
function QotdDisplay($page) {
    global $hlpfile, $admin, $keyword, $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $pntable, $dbconn;
    include(WHERE_IS_PERSO."config.php");
    $hlpfile = "manual/qotd.html";
    include ("header.php");
    GraphicAdmin($hlpfile);

    if (!(authorised(0, 'Quotes::', '::', ACCESS_READ))) {
        include 'header.php';
        echo _QUOTESNOAUTH;
        include 'footer.php';
        return;
    }

    OpenTable();
    $column = &$pntable['quotes_column'];
    $keyword2 = ereg_replace(" ", "%", $keyword);
    $whereclause = "where $column[quote] like \"%".$keyword2."%\"";
    if ($keyword == "") $whereclause = "";
    $result = $dbconn->Execute("SELECT COUNT(*) FROM $pntable[quotes] $whereclause");
    list($numrecords) = $result->fields;
    $entriesperpage = 20;
    $totalpages = ceil($numrecords / $entriesperpage);
    if ($numrecords > 0) {
        echo "</center><font size=4><b>"._QOTDMODIFYQ."</b></font><br><br>
              <table><tr><td>
              <form action=admin.php method=post>
              "._QOTDSFK." <input class=pn-normal type=text name=keyword size=31 maxlength=128 value=\"$keyword\">
              <input type=hidden name=page value=1>
              <input type=hidden name=op value=QotdDisplay>
              <input type=submit value="._SEARCH.">
              </form></td><td><form action=admin.php method=post>
              <input type=hidden name=page value=1>
              <input type=hidden name=op value=QotdDisplay>
              <input type=submit value=\""._QOTDRSEARCH."\">
              </form></td></tr></table>
              <font size=2>
              <table border width=\"100%\">";
        echo "<tr bgcolor=\"$bgcolor4\"><td ><font class=\"pn-title\">" ._QOTDQ."</td><td><font class=\"pn-title\">" ._AUTHOR."</td><td><font class=\"pn-title\">" ._QOTDACT."</td></tr>";
        $start = $entriesperpage * ($page - 1);
        $column = &$pntable['quotes_column'];
        $sql = buildQuery(array('quotes'), array($column['qid'], $column['quote'], 
        $column['author']), '', array("$column[qid]"), $entriesperpage, $start);
        $result = $dbconn->Execute($sql);

        //FTO : Rewrite the condition loop clearly to test EOF

        if (!$result) {
            PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
            die();
        }

        while(!$result->EOF) {
            list($qqid, $qquote, $qauthor) = $result->fields;
            $result->MoveNext();
            if (authorised(0, 'Quotes::', "$qauthor::$qid", ACCESS_READ)) {
                echo "<tr><td bgcolor=\"$bgcolor4\"><font class=\"pn-normal\">".substr($qquote,0,50)."</td><td bgcolor=\"$bgcolor4\"><font class=\"pn-normal\">".substr($qauthor,0,50)."</td>";
                echo "<td bgcolor=\"$bgcolor4\"><font class=\"pn-normal\">";
                if (authorised(0, 'Quotes::', "$qauthor::$qid", ACCESS_EDIT)) {
                    echo "<a href=\"admin.php?op=QotdEdit&qid=$qqid&page=$page\">" ._EDIT."</a>";
                    if (authorised(0, 'Quotes::', "$qauthor::$qid", ACCESS_DELETE)) {
                        echo " | <a href=\"admin.php?op=QotdDelete&qid=$qqid&page=$page\">" ._DELETE."</a></td>";
                    } else {
                        echo "</td>";
                    }
                } else {
                    echo "&nbsp;";
                }
                echo "</tr>";
            }
        }
        echo "</table><br>";
        if ($page > 1) {
            $prevpage = $page - 1;
        } else {
            $prevpage = 0;
        }
        if ($page < $totalpages) {
            $nextpage = $page + 1;
        } else {
            $nextpage = 0;
        }
        echo "<table border=0 width=\"100%\"><tr><td align=\"center\" width=\"33%\">";
        if ($prevpage != 0) {
            echo "<a href=\"admin.php?op=QotdDisplay&page=$prevpage&keyword=$keyword\">" ._QOTDPP."</a>";
        } else {
            echo " ";
        }
        echo "</td><td align=\"center\" width=\"33%\">";
        echo "<a href=\"admin.php?op=QotdAdmin\">" ._QOTDBACK."</a>";
        echo "</td><td align=\"center\" width=\"33%\">";
        if ($nextpage !=0) {
            echo "<a href=\"admin.php?op=QotdDisplay&page=$nextpage&keyword=$keyword\">" ._QOTDNP."</a>";
        } else {
            echo " ";
        }
        echo "</td></tr></table>";
    } else {
        echo ""._QOTDNQ."";
    }
    CloseTable();
    include("footer.php");
}

// function for deletion of quotes
function QotdDelete($qid,$page) {
    global $hlpfile, $admin, $pntable, $dbconn;

    include(WHERE_IS_PERSO."config.php");
    $hlpfile = "manual/qotd.html";
    include ("header.php");
    GraphicAdmin($hlpfile);

    $column = &$pntable['quotes_column'];
    $result = $dbconn->Execute("SELECT $column[author]
                              FROM $pntable[quotes]
                              WHERE $column[qid] = $qid");
    list($author) = $result->fields;
    $result->Close();
    if (!(authorised(0, 'Quotes::', "$author::$qid", ACCESS_DELETE))) {
        echo _QUOTESDELNOAUTH;
        include 'footer.php';
        return;
    }

    OpenTable();
    echo "</center><font size=4><b>"._QOTDDELQ."</b><br><br>";
    echo "<center>";
    echo "<font size=3 color=Red>";
    echo "<b>"._QOTDDELQW."</b><br><br><font color=Black>";
    echo "[ <a href=admin.php?op=QotdDeleteOk&qid=$qid&page=$page>"._YES."</a> | <a href=admin.php?op=QotdDisplay&page=$page>"._NO."</a> ]<br><br>";
    CloseTable();
    include("footer.php");
}

// function for confirmation for deletion of quotes
function QotdDeleteOk($qid,$page) {
    global $pntable, $dbconn;

    csrfcheck();

    $column = &$pntable['quotes_column'];
    $result = $dbconn->Execute("SELECT $column[author]
                              FROM $pntable[quotes]
                              WHERE $column[qid] = $qid");
    list($author) = $result->fields;
    $result->Close();
    if (!(authorised(0, 'Quotes::', "$author::$qid", ACCESS_DELETE))) {
        echo _QUOTESDELNOAUTH;
        include 'footer.php';
        return;
    }

    $result = $dbconn->Execute("DELETE FROM $pntable[quotes] 
                              WHERE {$pntable[quotes_column][qid]}='$qid'");
    if($dbconn->ErrorNo()<>0)
    {
        error_log("Error: Deleting Quote" . $dbconn->ErrorMsg());
    }

    pnRedirect('admin.php?op=QotdDisplay&page='.$page);
}

// function for editing of quotes
function QotdEdit($qid,$page) {
    global $hlpfile, $admin, $pntable, $dbconn;
    include(WHERE_IS_PERSO."config.php");
    $hlpfile = "manual/qotd.html";
    include ("header.php");
    GraphicAdmin($hlpfile);

    $column = &$pntable['quotes_column'];
    $result = $dbconn->Execute("SELECT $column[author]
                              FROM $pntable[quotes]
                              WHERE $column[qid] = $qid");
    list($author) = $result->fields;
    $result->Close();
    if (!(authorised(0, 'Quotes::', "$author::$qid", ACCESS_EDIT))) {
        echo _QUOTESEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $result = $dbconn->Execute("SELECT $column[quote], $column[author] 
                              FROM $pntable[quotes] 
                              WHERE $column[qid] = '$qid'");
    list($quote,$author) = $result->fields;
    OpenTable();
    echo "</center><font size=4><b>" ._QOTDEQ."</b><br><br>
    <font size=2>
    <form action=admin.php?op=QotdAdmin method=post>
    <table border=0 width=\"100%\"><tr><td>
    " ._QTDQT." </td><td><textarea class=\"pn-normal\" name=\"qquote\" cols=\"60\" rows=\"5\">$quote</textarea></td></tr><tr><td>
    " ._AUTHOR.": </td><td><input class=\"pn-normal\" type=\"text\" name=\"qauthor\" size=\"31\" maxlength=\"128\" value=\"$author\"></td></tr><tr><td>
    </td></tr></table>
    <input type=hidden name=op value=QotdSave>
    <input type=hidden name=page value=$page>
    <input type=hidden name=qqid value=$qid>
    <input type=submit value=" ._SAVE.">
    </form>";
    CloseTable();
    include("footer.php");
}

// function for saving modified quotes
function QotdSave($qqid,$qquote,$qauthor,$page) {
    global $pntable, $dbconn;

    csrfcheck();

    if (!(authorised(0, 'Quotes::', "$qauthor::$qid", ACCESS_EDIT))) {
        include 'header.php';
        echo _QUOTESEDITNOAUTH;
        include 'footer.php';
        return;
    }

    $column = &$pntable['quotes_column'];
    $result = $dbconn->Execute("UPDATE $pntable[quotes] 
                              SET $column[quote]='$qquote', $column[author]='$qauthor' 
                              WHERE $column[qid]='$qqid'");
    if($dbconn->ErrorNo()<>0)
    {
        error_log("Error: Saving Quote" . $dbconn->ErrorMsg());
    }
    pnRedirect('admin.php?op=QotdDisplay&page='.$page);
}

if (!(authorised(0, 'Quotes::', '::', ACCESS_ADMIN))) {
    include 'header.php';
    echo _QUOTESNOAUTH;
    include 'footer.php';
} else {
    switch($op) {
        case "QotdAdmin":
            QotdAdmin();
            break;

        case "QotdAdd":
                QotdAdd($qquote, $qauthor);
            break;

        case "QotdSave":
                QotdSave($qqid,$qquote,$qauthor,$page);
            break;

        case "QotdDeleteOk":
                QotdDeleteOk($qid,$page);
            break;

        case "QotdDelete":
            QotdDelete($qid,$page);
            break;

        case "QotdDisplay":
            QotdDisplay($page);
            break;

        case "QotdEdit":
            QotdEdit($qid,$page);
            break;
    }
}

?>
Return current item: ProNuke. Postnuke To Oracle