Location: PHPKode > projects > raSMP > rasmp/admin/modules.php
<?php

/*******************************************************************

 Name		: raSMP 2.0
 Copyright	: 2002, Adam Alkins
 Website	: http://www.rasmp.com
 email		: hide@address.com

 $Id: modules.php,v 1.11 2003/03/16 21:45:17 rasadam Exp $: 

*******************************************************************/

/*******************************************************************

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the 
Free Software Foundation Inc., 59 Temple Place, Suite 330,
Boston, MA  02111-1307  USA

*******************************************************************/

/*

Module Management

*/

define('RASMP',true);
define('RASMP_ADMIN',true);
define('SCRIPT_PATH','../');
include SCRIPT_PATH.'common/extension.inc';
include SCRIPT_PATH.'common/admin_common.'.FILE_EXT;

// Check authentication
check_auth('modules');

function do_header($title)
{
  	display_header($title);
	display_menu();
	display_body();
}

function display_menu()
{
?>

<table width="98%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#0066CC">
      <div align="center"><a class="menulink" href="<?php echo attach_sid("modules.".FILE_EXT."?mode=create"); ?>">Create New Category</a></div>
    </td>
  </tr>
</table>

<?php

}

switch($_GET['mode'])
{
	case 'create':
		if(!isset($_POST['docreate']))
		{
			do_header("Admin Panel >> Module Management >> Create");
?>
<div align="center">
  <p>Enter a name in the text field and press the button to create a new Module 
    Category</p>
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("modules.".FILE_EXT."?mode=create"); ?>">
    <p>Category Name: 
      <input name="cat_name" type="text" id="cat_name" size="25" maxlength="255" value="<?php echo urldecode($_GET['cat_name']); ?>" />
    </p>
    <p>
	  <input type="submit" name="docreate" value="Create" />
    </p>
  </form>
  <p>&nbsp; </p>
</div>
<?php		
			display_footer();
		}
		else
		{
			if(!isset($_POST['cat_name'])||$_POST['cat_name']=='')
			{
				redirect_page("Invalid Category Name",attach_sid("modules.".FILE_EXT."?mode=create"));
			}
			
			// Does this module category exist?
			$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE." WHERE category_name = '".addslashes(strip_tags($_POST['cat_name']))."'";
			$row = db_fetchassoc('',$query,'Could not check category name');
			
			if($row['numrows']!=0)
			{
				redirect_page("Category Name already exists",attach_sid("modules.".FILE_EXT."?mode=create&cat_name=".urlencode($_POST['cat_name'])));
			}
			
			// Find out the last number in the sort order
			$query = "SELECT MAX(category_order) as maxvalue FROM ".ADMIN_CATS_TABLE;
			$row = db_fetchassoc('',$query,'Could not select maximum value');
			
			// Increment it because a new category will be placed at the bottom
			$order = $row['maxvalue'] + 1;
			
			$query = "INSERT INTO ".ADMIN_CATS_TABLE." (category_name, category_order) VALUES('".addslashes(strip_tags($_POST['cat_name']))."',$order)";
			db_query($query,'Could not insert new category');
			
			redirect_page("Successfully created Category",attach_sid("modules.".FILE_EXT));		
		}
		break;
	case 'editcat':
		if(!isset($_GET['id']))
		{
			redirect_page("No Category to edit",attach_sid("modules.".FILE_EXT));
		}
		
		$catid = intval($_GET['id']);
		
		$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$catid;
		$row = db_fetchassoc('',$query,'Could not check category data');
		
		if($row['numrows']==0)
		{
			redirect_page("No Category to edit",attach_sid("modules.".FILE_EXT));
		}
		
		$query = "SELECT category_name FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$catid;
		$row_data = db_fetchassoc('',$query,'Could not select category data');
		
		if(!isset($_POST['dosave']))
		{
			if(isset($_GET['cat_name']))
			{
				$cat_name = urldecode($_GET['cat_name']);
			}
			else
			{
				$cat_name = stripslashes($row_data['category_name']);
			}			
			do_header("Admin Panel >> Module Management >> Edit Category");
?>
<div align="center">
  <p>Change the name in the text field and press the button to modify this Module 
    Category</p>
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("modules.".FILE_EXT."?mode=editcat&id=".$catid); ?>">
    <p>Category Name: 
      <input name="cat_name" type="text" id="cat_name" size="25" maxlength="255" value="<?php echo $cat_name; ?>" />
    </p>
    <p>
	  <input type="submit" name="dosave" value="Modify Category" />
    </p>
  </form>
  <p>&nbsp; </p>
</div>
<?php		
			display_footer();
		}
		else
		{
			if(!isset($_POST['cat_name'])||$_POST['cat_name']=='')
			{
				redirect_page("Invalid Category Name",attach_sid("modules.".FILE_EXT."?mode=editcat&id=".$catid));
			}
			
			// See if there's a category with the same name (besides itself of course)
			$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE." WHERE category_name = '".addslashes(strip_tags($_POST['cat_name']))."' AND category_id <> $catid";
			$row = db_fetchassoc('',$query,'Could not check category name');
			
			if($row['numrows']!=0)
			{
				redirect_page("Category Name already exists",attach_sid("modules.".FILE_EXT."?mode=editcat&cat_name=".urlencode($_POST['cat_name'])));
			}
			
			$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_name = '".addslashes(strip_tags($_POST['cat_name']))."' WHERE category_id = $catid";
			db_query($query,'Could not change category name');
			
			redirect_page("Successfully changed Category name",attach_sid("modules.".FILE_EXT));	
		}
		break;
	case 'editmod':
		if(!isset($_GET['file']))
		{
			redirect_page("No Module to edit",attach_sid("modules.".FILE_EXT));
		}	
		
		$query = "SELECT COUNT(*) as numrows, module_name, module_file, admin_cat FROM ".ADMIN_TABLE." WHERE module_file = '".urldecode(addslashes($_GET['file']))."' GROUP BY module_file";
		$row_data = db_fetchassoc('',$query,'Could not select module data');
		
		if($row_data['numrows']==0)
		{
			redirect_page("Module does not exist",attach_sid("modules.".FILE_EXT));
		}
					
		if(!isset($_POST['dosave']))
		{
			if(isset($_GET['module_name']))
			{
				$module_name = urldecode($_GET['module_name']);
			}	
			else
			{
				$module_name = stripslashes($row_data['module_name']);
			}
			
			if(isset($_GET['admin_cat']))
			{
				$admin_cat = intval($_GET['admin_cat']);
			}
			else
			{
				$admin_cat = stripslashes($row_data['admin_cat']);
			}
					
			do_header("Admin Panel >> Module Management >> Edit Module");
?>
<div align="center">
  <p>Edit the text field to change the module name and/or select a Category from 
    the list to change its categorisation</p>
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row_data['module_file'])); ?>">
    <p>Module Name: 
      <input name="module_name" type="text" id="module_name" size="25" maxlength="255" value="<?php echo $module_name; ?>" />
    </p>
    <p>Category: 
      <select name="admin_cat">
<?php
			// Pull list of categories
			$query = "SELECT category_id, category_name FROM ".ADMIN_CATS_TABLE." ORDER BY category_name";
			$rowset = db_fetchrows('',$query,'Could not select categories');
			
			for($i=0;$i < count($rowset);$i++)
			{
				// Mark selected by default the category passed in the URL or the category it currently is in
				if($admin_cat == $rowset[$i]['category_id'])
				{
					echo '<option value="'.$rowset[$i]['category_id'].'" selected>'.stripslashes($rowset[$i]['category_name']).'</option>';
				}
				else
				{
					echo '<option value="'.$rowset[$i]['category_id'].'">'.stripslashes($rowset[$i]['category_name']).'</option>';
				}
			}
?>
      </select>
    </p>
    <p>
      <input type="submit" name="dosave" value="Save Changes" />
    </p>
  </form>
  <p>&nbsp; </p>
</div>
<?php
			display_footer();	
		}
		else
		{
			if(!isset($_POST['module_name'])||$_POST['module_name']=='')
			{
				redirect_page("Module Name Invalid",attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row_data['module_file'])."&admin_cat=".$_POST['admin_cat']));
			}
			
			if(!isset($_POST['admin_cat']))
			{
				redirect_page("Category Invalid",attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row_data['module_file'])."&module_name=".urlencode($_POST['module_name'])));
			}
			
			$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_TABLE." WHERE module_name = '".addslashes(strip_tags($_POST['module_name']))."' AND module_file <> '".$row_data['module_file']."'";
			$row = db_fetchassoc('',$query,'Could not select admin data');
			
			if($row['numrows']!=0)
			{
				redirect_page("Module Name already exists",attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row_data['module_file'])."&module_name=".urlencode($_POST['module_name'])."&admin_cat=".$_POST['admin_cat']));			
			}
			
			$_POST['admin_cat'] = intval($_POST['admin_cat']);
			
			$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$_POST['admin_cat'];
			$row = db_fetchassoc('',$query,'Could not select admin cat data');
			
			if($row['numrows']!=1)
			{
				redirect_page("Invalid Category",attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row_data['module_file'])."&module_name=".urlencode($_POST['module_name'])));			
			}
			
			$query = "UPDATE ".ADMIN_TABLE." SET module_name = '".addslashes(strip_tags($_POST['module_name']))."', admin_cat = ".$_POST['admin_cat']." WHERE module_file = '".$row_data['module_file']."'";
			db_query($query,'Could not update Admin table');
			
			redirect_page("Module Successfully Edited",attach_sid("modules.".FILE_EXT));					
		}
	case 'delete':
		if(!isset($_GET['id']))
		{
			redirect_page("No Category to delete",attach_sid("modules.".FILE_EXT));
		}
		
		$catid = intval($_GET['id']);
		
		$query = "SELECT COUNT(*) as numrows, category_name, category_order FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$catid." GROUP BY category_id";
		$row_data = db_fetchassoc('',$query,'Could not check category data');
		
		if($row_data['numrows']==0)
		{
			redirect_page("Invalid Category",attach_sid("modules.".FILE_EXT));
		}
		
		$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE;
		$row = db_fetchassoc('',$query,'Could not check admin cats table');
		
		
		if($row['numrows']==1)
		{
			redirect_page("This is the only Category and cannot be deleted",attach_sid("modules.".FILE_EXT));
		}
		
		$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_TABLE." WHERE admin_cat = ".$catid;
		$row = db_fetchassoc('',$query,'Could not check admin table');
		
		// If there are modules in this category, lets allow the user to recategorise them
		if($row['numrows']!=0)
		{
			if(!isset($_POST['dodelete']))
			{
				do_header("Admin Panel >> Module Management >> Delete");
?>
<div align="center">
  <p>Select a Category to move modules to</p>
  <form name="form1" id="form1" method="post" action="<?php echo attach_sid("modules.".FILE_EXT."?mode=delete&id=".$catid); ?>">
    <p>Category: 
      <select name="cat_id" id="cat_id">
<?php
				// Display a list
				$query = "SELECT category_id, category_name FROM ".ADMIN_CATS_TABLE." WHERE category_id <> $catid ORDER BY category_name";
				$rowset = db_fetchrows('',$query,'Could not select categories');
			
				for($i=0;$i < count($rowset);$i++)
				{
					echo '<option value="'.$rowset[$i]['category_id'].'">'.stripslashes($rowset[$i]['category_name']).'</option>';
				}
?>
      </select>
    </p>
    <p>
      <input type="submit" name="dodelete" value="Delete" />
    </p>
  </form>
  <p>&nbsp; </p>
</div>
<?php
				display_footer();
			}
			else
			{
				if(!isset($_POST['cat_id']))
				{
					redirect_page("Invalid Destination Category",attach_sid("modules.".FILE_EXT."?mode=delete&id=".$catid));				
				}
				
				$_POST['cat_id'] = intval($_POST['cat_id']);
				
				$query = "SELECT COUNT(*) as numrows FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$_POST['cat_id'];
				$row = db_fetchassoc('',$query,'Could not check admin cats table');
				
				if($row['numrows']==0)
				{
					redirect_page("Destination Category does not exist",attach_sid("modules.".FILE_EXT."?mode=delete&id=".$catid));				
				}
				
				$query = "UPDATE ".ADMIN_TABLE." SET admin_cat = ".$_POST['cat_id']." WHERE admin_cat = ".$catid;
				db_query($query,'Could not update module categories');
			}		
		}
		
		//
		// Now we need to adjust the order of categories if there's a missing row
		//
		
		// Find out the last category order
		$query = "SELECT MAX(category_order) as maxvalue FROM ".ADMIN_CATS_TABLE;
		$max = db_fetchassoc('',$query,'Could not select maximum value');
		
		// if the one we are deleting isn't the last, then we know we have some 
		// work to do
		if($row_data['category_order']!=$max['maxvalue'])
		{
			// Select all the categories after the one we want to delete
			$query = "SELECT category_id FROM ".ADMIN_CATS_TABLE." WHERE category_order > ".$row_data['category_order'];
			$rowset = db_fetchrows('',$query,'Could not select other categories');
			
			for($i=0;$i<count($rowset);$i++)
			{
				// Bring them up a notch
				$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_order = category_order - 1 WHERE category_id = ".$rowset[$i]['category_id'];
				db_query($query,'Could not adjust category placements');
			}
		}
		
		// Now lets delete this baby
		$query = "DELETE FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$catid;
		db_query($query,'Could not delete category');
		
		redirect_page("Successfully Delete Category",attach_sid("modules.".FILE_EXT));
		
		break;		
	case 'move':
		if(isset($_GET['direction'])&&isset($_GET['id']))
		{
			if($_GET['direction']=='up'||$_GET['direction']=='down')
			{
				$cat_id = intval($_GET['id']);
				
				$query = "SELECT category_order FROM ".ADMIN_CATS_TABLE." WHERE category_id = ".$cat_id;
				$result = db_query($query,'Could not select category');
				
				if(db_numrows($result)==1)
				{
					$cat_data = db_fetchassoc($result);
					
					if($_GET['direction']=='up'&&$cat_data['category_order']!=0)
					{
						$move = $cat_data['category_order'] - 1;
						
						$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_order = ".$cat_data['category_order']." WHERE category_order = ".$move;
						db_query($query,'Could not move category');

						$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_order = $move WHERE category_id = ".$cat_id;
						db_query($query,'Could not move category');
					}
					
					if($_GET['direction']=='down')
					{
						$query = "SELECT MAX(category_order) as maxvalue FROM ".ADMIN_CATS_TABLE;
						$rowdata = db_fetchassoc('',$query,'Could not select maximum value');
						
						if($rowdata['maxvalue']!=$cat_data['category_order'])
						{
							$move = $cat_data['category_order'] + 1;
						
							$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_order = ".$cat_data['category_order']." WHERE category_order = ".$move;
							db_query($query,'Could not move category');

							$query = "UPDATE ".ADMIN_CATS_TABLE." SET category_order = $move WHERE category_id = ".$cat_id;
							db_query($query,'Could not move category');
						}
					}
				}
			}
		}									 
	case 'index':
	default:
		do_header("Admin Panel >> Module Management");
?>
<div align="center">
  <p>&nbsp;</p>
  <p>Use the links on the right to reshift modules and categories.</p>
</div>
<?php
		$query = "SELECT category_id, category_name, category_order FROM ".ADMIN_CATS_TABLE." ORDER BY category_order ASC";
		$result = db_query($query,'Could not select category data');
		
		$category_rows = db_fetchrows($result);
			
		for($i = 0;$i < count($category_rows);$i++)
		{
?>
<table width="95%" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#004B97" bgcolor="#CCCCCC">
  <tr> 
    <td bgcolor="0066cc"><font color="#CCCCCC"><?php echo stripslashes($category_rows[$i]['category_name']); ?></font></td>
    <td width="40" bgcolor="0066cc"><div align="center"><font color="#FFFFFF"><a class="menulink" href="<?php echo attach_sid("modules.".FILE_EXT."?mode=editcat&id=".$category_rows[$i]['category_id']); ?>">Edit</a></font></div></td>
	<td width="70" bgcolor="0066cc"><div align="center"><font color="#FFFFFF">
<?php
			// If its the first (first in the order) it can't move up no? so why give them a link to do so?
			if($i == 0)
			{
				echo '-';
			}
			else
			{
?>
    <a class="menulink" href="<?php echo attach_sid("modules.".FILE_EXT."?mode=move&direction=up&id=".$category_rows[$i]['category_id']); ?>">Move 
        up</a>
<?php
			}
?>		
		</font></div></td>
    <td width="80" bgcolor="0066cc"><div align="center"><font color="#FFFFFF">
<?php
			// Same thing if the last
			if($i == (count($category_rows) - 1))
			{
				echo '-';
			}
			else
			{
?>
	<a class="menulink" href="<?php echo attach_sid("modules.".FILE_EXT."?mode=move&direction=down&id=".$category_rows[$i]['category_id']); ?>">Move 
        down</a>
<?php
			}
?>
		</font></div></td>
    <td width="70" bgcolor="0066cc"><div align="center"><font color="#FFFFFF">
<?php
			// If there is only one category, then we shouldn't display a delete link. You need
			// atleast one category.
			if(count($category_rows)==1)
			{
				echo '-';
			}
			else
			{
?>
	<a class="menulink" href="<?php echo attach_sid("modules.".FILE_EXT."?mode=delete&id=".$category_rows[$i]['category_id']); ?>">Delete</a>
<?php
			}
?>
</font></div></td>
  </tr>
</table>
<?php
			$query = "SELECT module_name, module_file FROM ".ADMIN_TABLE." WHERE admin_cat = ".$category_rows[$i]['category_id']." ORDER BY module_name ASC";
			$result = db_query($query,'Could not select modules');
			
			if(db_numrows($result)!=0)
			{
?>			
<table width="95%" border="0" align="center" cellpadding="0" cellspacing="1" bgcolor="#EFEFEF">
<?php
				while($row = db_fetchassoc($result))
				{
?>
  <tr>
    <td><div align="left"><font color="#000000"><?php echo stripslashes($row['module_name']); ?></font></div></td>
    <td width="70"><div align="center"><font color="#000000"><a href="<?php echo attach_sid("modules.".FILE_EXT."?mode=editmod&file=".urlencode($row['module_file'])); ?>">Edit</a></font></div></td>
  </tr>
<?php
				}
?>
</table>
<?php
			}
?>			
<p>&nbsp;</p>
<?php
		}
?>
<p align="center"><a href="<?php echo attach_sid("modules.".FILE_EXT."?mode=create"); ?>">Create new Category</a></p>
<p>&nbsp;</p>
<?php
		display_footer();
}


?>
Return current item: raSMP