Location: PHPKode > projects > raSMP > rasmp/admin/pages.php
<?php

/*******************************************************************

 Name		: raSMP 2.0
 Copyright	: 2002, Adam Alkins
 Website	: http://www.rasmp.com
 email		: hide@address.com

 $Id: pages.php,v 1.51 2003/03/26 01:21:44 rasadam Exp $: 

*******************************************************************/

/*******************************************************************

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the 
Free Software Foundation Inc., 59 Temple Place, Suite 330,
Boston, MA  02111-1307  USA

*******************************************************************/

/*

Pages Admin Module

[Copy] - [Create] - [Delete] - [Edit]

*/

define('RASMP',true);
define('RASMP_ADMIN',true);
define('SCRIPT_PATH','../');
include SCRIPT_PATH.'common/extension.inc';

// Include functions et all
include SCRIPT_PATH.'common/admin_common.'.FILE_EXT;

// Check authentication
check_auth('pages');

// Set mode to lower case
$_GET['mode'] = strtolower($_GET['mode']);

function do_header($title)
{
  	display_header($title);
	display_menu();
	display_body();
}

function display_menu()
{
?>

<table width="98%" border="0" cellspacing="0" cellpadding="0" align="center">
  <tr>
    <td bgcolor="#0066CC">
      <div align="center"><a class="menulink" href="<?php echo attach_sid("pages.".FILE_EXT."?mode=create"); ?>">Create</a> | <a class="menulink" href="<?php echo attach_sid("pages.".FILE_EXT."?mode=copy"); ?>">Copy</a> | <a class="menulink" href="<?php echo attach_sid("pages.".FILE_EXT."?mode=delete"); ?>">Delete</a> | <a class="menulink" href="<?php echo attach_sid("pages.".FILE_EXT."?mode=edit"); ?>">Edit</a> | <a class="menulink" href="<?php echo attach_sid("pages.".FILE_EXT."?mode=index"); ?>">Index</a></div>
    </td>
  </tr>
</table>

<?php

}

//
// Main switch statement, all the functions of the Pages module are here
//

switch($_GET['mode'])
{
	case 'create':
		// If button is not pressed
		if(isset($_POST['docreate']))
		{								 
			// If one of the fields don't exist
			if( (!isset($_POST['page_name']))||(!isset($_POST['cat_id']))||(!isset($_POST['page_title']))||(!isset($_POST['page_content']))||(!isset($_POST['template_id'])||(!isset($_POST['use_php']))) )
			{
				redirect_page('Missing Data Field to Create Page',attach_sid("pages.".FILE_EXT."?mode=create&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}

			$_POST['cat_id'] = intval($_POST['cat_id']);
			$_POST['template_id'] = intval($_POST['template_id']);
			$_POST['use_php'] = intval($_POST['use_php']);
			
			// If page name is empty
			if(empty($_POST['page_name']))
			{
		        redirect_page('Page name is not valid',attach_sid("pages.".FILE_EXT."?mode=create&page_title=".urlencode($_POST['page_title'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// use_php must be 1 or 0, for true or false
			if( ($_POST['use_php']!=0)&&($_POST['use_php']!=1) )
			{
				redirect_page('PHP Setting Incorrect',attach_sid("pages.".FILE_EXT."?mode=create&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']));				
			}
			
			// Check if the template exists	
			$query = "SELECT template_id FROM ".TEMPLATES_TABLE." WHERE template_id = ".$_POST['template_id']." LIMIT 1";

			if( (db_numrows('',$query,'Could not select template ID from the Templates table')==0)&&($_POST['template_id']!=0) )
			{
				redirect_page('Template ID incorrect',attach_sid("pages.".FILE_EXT."?mode=create&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&use_php=".$_POST['use_php']));
			}
			
			// Check if category exists	
			$query = "SELECT cat_id FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_POST['cat_id']." LIMIT 1";

			if(db_numrows('',$query,'Could not select category ID from the Category table')==0)
			{
		        redirect_page('Category does not exist',attach_sid("pages.".FILE_EXT."?mode=create&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// clean up page_name
			$_POST['page_name'] = clean_public($_POST['page_name']);
			
			// Check if the page already exists	
			$query = "SELECT page_name FROM ".PAGES_TABLE." WHERE page_name = '".$_POST['page_name']."' AND cat_id = ".$_POST['cat_id']." LIMIT 1";
				
			if(db_numrows('',$query,'Could not select page name from Page table')!=0)
			{
		        redirect_page('Page name already exists in the Selected Category',attach_sid("pages.".FILE_EXT."?mode=create&cat_id=".$_POST['cat_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// Clean up title, makes < > characters (No need to use striptags as it won't be evaluated as PHP, save processing time	
			$_POST['page_title'] = addslashes($_POST['page_title']);
			$_POST['page_title'] = htmlentities($_POST['page_title']);
			
			$contents = $_POST['page_content'];
			
			if(ini_get('file_uploads')==1)
			{
				if(is_uploaded_file($_FILES['uploaded_page']['tmp_name'])&&$_FILES['uploaded_page']['size']!=0)
				{
					$fp = fopen($_FILES['uploaded_page']['tmp_name'],'r');
					
					$contents = fread($fp, $_FILES['uploaded_page']['size']);

					fclose($fp);
				}
			}			
			
			// Add slashes to characters than can break the query
			$contents = addslashes($contents);
			
			// Insert page	
			$query = "INSERT INTO ".PAGES_TABLE." (page_name, cat_id, date, page_title, page_content, template_id, use_php) VALUES('".$_POST['page_name']."',".$_POST['cat_id'].",".date("U").",'".$_POST['page_title']."','".$contents."',".$_POST['template_id'].",".$_POST['use_php'].")";
			db_query($query,'Could not insert new page into the pages table');
			
			// Redirect on completion	
			redirect_page('Successfully Added Page',attach_sid('pages.'.FILE_EXT.'?mode=index'));				
		}
		else
		{
	 	 	// Show header	
			do_header('Admin Panel >> Pages Management >> Create');
			
			if(ini_get('file_uploads')==1)
			{
				$form_type = ' enctype="multipart/form-data"';
			}
			else
			{
				$form_type = '';	
			}
			// Show create screen
?>
<br />     <p align="center">Enter information to create a New page. Note: page name should not have any spaces (recommended), html is stripped for the title, select template "none" if you don't want the page to use any headers/footers, only Parse PHP if you're using PHP tags in this page (Improves Performance).</p>

        <table width="90%" border="0" cellspacing="0" cellpadding="0" align="center" valign="middle">
		<tr>
			<td width="50%"> 
              <div align="center"> 
			         <form name="create" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=create"); ?>"<?php echo $form_type; ?>>
                  Page name: 
                  <input type="text" name="page_name" size="20" maxlength="255" value="<?php echo htmlentities(urldecode($_GET['page_name'])); ?>" />
              </div>
            </td>
            <td width="50%"> 
              <div align="center"> 
                  Category: 
                  <select name="cat_id">
<?php
	 		// Get categories list		
			$query = "SELECT cat_id,cat_pname FROM ".CATEGORIES_TABLE." ORDER BY cat_pname";
			$result = db_query($query,'Could not select categories from categories table');
			
			//
			// category select box
			//
			
			// If cat_id is passed by the URL
			if(isset($_GET['cat_id']))
			{
		 	    while($cat_data = db_fetchassoc($result))
			    {
		 	        // Check if database row is the same as the URL passed ID
					if($cat_data['cat_id'] == $_GET['cat_id'])
					{
				 		echo "<option value=\"".$cat_data['cat_id']."\" selected>".$cat_data['cat_pname']."</option>";
					}
					else
					{
				 		echo "<option value=\"".$cat_data['cat_id']."\">".$cat_data['cat_pname']."</option>";
					}
				}
			}
			else 
			{  
		 	    while($cat_data = db_fetchassoc($result))
			    {
			 		echo "<option value=\"".$cat_data['cat_id']."\">".$cat_data['cat_pname']."</option>";
				}
			}
?>
				  </select>
              </div>
            </td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Page Title: 
                  <input type="text" name="page_title" size="75" maxlength="255" value="<?php echo htmlentities(urldecode($_GET['page_title'])); ?>" />
              </div>
            </td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Content:<br />
                  <textarea name="page_content" cols="80" rows="10"><?php echo htmlentities(urldecode($_GET['page_content'])); ?></textarea>
              </div>
            </td>
          </tr>
        </table>
<?php
			if(ini_get('file_uploads')==1)
			{
?>
		        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center"> Or upload file: 
          <input type="hidden" name="MAX_FILE_SIZE" value="30000000" /><input name="uploaded_page" type="file" id="uploaded_page" />
        <br />&nbsp;
      </div>
            </td>
          </tr>
        </table>				
<?php
			}
?>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Template: 
                  <select name="template_id">
<?php
			// Get template list
			$query = "SELECT template_id,template_name FROM ".TEMPLATES_TABLE." ORDER BY template_id ASC";
			$result = db_query($query,'Could not select templates from template table');
			
			// If template id is passed in the URL
			if(isset($_GET['template_id']))
			{
		 	    while($template_data = db_fetchassoc($result))
			    {
		 	        // Check if database row is the same as the URL passed ID
					if($template_data['template_id'] == $_GET['template_id'])
					{
				 		echo "<option value=\"".$template_data['template_id']."\" selected>".htmlentities(stripslashes($template_data['template_name']))."</option>";
					}
					else
					{
				 		echo "<option value=\"".$template_data['template_id']."\">".htmlentities(stripslashes($template_data['template_name']))."</option>";
					}
				}
			}
			else 
			{  
		 	    while($template_data = db_fetchassoc($result))
			    {
			 		echo "<option value=\"".$template_data['template_id']."\">".htmlentities(stripslashes($template_data['template_name']))."</option>";
				}
			}
?>
                  </select>
              </div>
            </td>
            <td>
              <div align="center">
                  Parse PHP?: 
                  <select name="use_php">
<?php
			// If use_php is sent via the URL
			if(isset($_GET['use_php']))
			{
				// If the URL var is true
		        if($_GET['use_php']==1)
				{
			        echo "<option value=\"1\" selected>Yes</option><option value=\"0\">No</option>";
				}
				else
				{
			        echo "<option value=\"1\">Yes</option><option value=\"0\">No</option selected>";
				}
			}
			else
			{
?>
                    <option value="1">Yes</option>
                    <option value="0" selected>No</option>
<?php
 			}
?>
                  </select>
              </div>
			<td>
				
			</td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  <input type="submit" name="docreate" value="Add Page" />
                </form>
              </div>
            </td>
          </tr>
        </table>
<?php
			// Footer
			display_footer();
		}
		break;
	case 'copy':
		if(db_rowcount(PAGES_TABLE)==0)
		{
			redirect_page('There are no Pages to Copy.',attach_sid("pages.".FILE_EXT."?mode=index"));
		}
		// if button was pressed
		if(isset($_POST['docopy']))
		{	
			// If any of the required values weren't set							 
			if( !isset($_POST['page_name'])||!isset($_POST['dest_page_name'])||!isset($_POST['cat_id'])||!isset($_POST['dest_cat_id']) )
			{
				redirect_page('Missing a field',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&cat_id=".$_POST['cat_id']."&dest_page_name=".$_POST['dest_page_name']."&dest_cat_id=".$POST['dest_cat_id']));
			}
			
			// Set cat_id's to Integer, like it matters much though as this should be a secure area
			// but whatever
			$_POST['cat_id'] = intval($_POST['cat_id']);
			$_POST['dest_cat_id'] = intval($_POST['dest_cat_id']);			
	
			// If all the data is the same
			if( ($_POST['dest_cat_id']==$_POST['cat_id'])&&($_POST['page_name']==$_POST['dest_page_name']) )
			{
				redirect_page('Cannot copy to the same page!',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&cat_id=".$_POST['cat_id']."&dest_page_name=".$_POST['dest_page_name']."&dest_cat_id=".$POST['dest_cat_id']));
			}
			
			// If the source category doesn't exist. Granted if this wasn't here
			// the next check would produce an error, this provides a better error
			// message, well more precise anyway.
			$query = "SELECT cat_id FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_POST['cat_id'];
			if(db_numrows('',$query,'Could not lookup category data')==0)
			{
				redirect_page('Source Category is invalid',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&dest_page_name=".$_POST['dest_page_name']."&dest_cat_id=".$POST['dest_cat_id']));
			}			

			// clean up page_name
			$_POST['page_name'] = clean_public($_POST['page_name']);
						
			// If the source page doesn't exist..
			$query = "SELECT page_name,cat_id,page_title,page_content,template_id,use_php FROM ".PAGES_TABLE." WHERE page_name = '".clean($_POST['page_name'])."' AND cat_id = ".$_POST['cat_id'];
			$result = db_query($query,'Could not lookup page data');
			if(db_numrows($result)==0)
			{
				redirect_page('Source Page does not exist!',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&cat_id=".$_POST['cat_id']."&dest_page_name=".$_POST['dest_page_name']."&dest_cat_id=".$POST['dest_cat_id']));
			}
			else
			{
				$page_data = db_fetchassoc($result);
			}
			
			// If the destination category doesn't exist. Granted if this wasn't here
			// the next check would produce an error, this provides a better error
			// message, well more precise anyway.
			$query = "SELECT cat_id FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_POST['dest_cat_id'];
			if(db_numrows('',$query,'Could not lookup category data')==0)
			{
				redirect_page('Destination Category is invalid',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&cat_id=".$_POST['cat_id']."&dest_page_name=".$_POST['dest_page_name']));
			}			
			
			// clean up dest_page_name
			$_POST['dest_page_name'] = clean_public($_POST['dest_page_name']);
			
			// If the source page doesn't exist..
			$query = "SELECT page_name FROM ".PAGES_TABLE." WHERE page_name = '".$_POST['dest_page_name']."' AND cat_id = ".$_POST['dest_cat_id'];
			if(db_numrows('',$query,'Could not lookup page data')!=0)
			{
				redirect_page('Destination Page already exists!',attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".urlencode($_POST['page_name'])."&cat_id=".$_POST['cat_id']."&dest_page_name=".$_POST['dest_page_name']."&dest_cat_id=".$POST['dest_cat_id']));
			}
			
			$query = "INSERT INTO ".PAGES_TABLE." (page_name, cat_id, date, page_title, page_content, template_id, use_php) VALUES('".$_POST['dest_page_name']."',".$_POST['dest_cat_id'].",".date("U").",'".$page_data['page_title']."','".$page_data['page_content']."',".$page_data['template_id'].",".$page_data['use_php'].")";
			db_query($query,'Could not copy page');
			
			redirect_page('Successfully copied Page',attach_sid("pages.".FILE_EXT."?mode=index"));
		}
		else
		{
			// Show header
			do_header('Admin Panel >> Pages Management >> Copy page');

			// If page_id was posted, basically meaning the data came from the index page
			// NOTE: POST will override GET data (Look on...)
			if(isset($_POST['page_id']))
			{
				$query = "SELECT p.page_name, c.cat_pname FROM ".PAGES_TABLE." as p, ".CATEGORIES_TABLE." as c WHERE p.page_id = ".intval($_POST['page_id'])." AND c.cat_id = p.cat_id";
				$result = db_query($query,'Could not select Page and Category data');
				$page_data = db_fetchassoc($result);
				
				if(db_numrows($result)!=0)
				{
					$from_page_name = $page_data['page_name'];
					$from_cat_pname = $page_data['cat_pname'];
					$from_cat_id = intval($_POST['cat_id']);
				}
			}
			else
			// Covers URL passed variables
			{
				if(isset($_GET['page_name']))
				{
					$from_page_name = urldecode($_GET['page_name']);
				}
				unset($from_cat_pname);
				unset($from_cat_id);
				if(isset($_GET['cat_id']))
				{
					$_GET['cat_id'] = intval($_GET['cat_id']);
					
					$from_cat_id = $_GET['cat_id'];

					$query = "SELECT cat_pname FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_GET['cat_id'];
					$result = db_query($query,'Could not select Category data');
					$cat_data = db_fetchassoc($result);
				
					if(db_numrows($result)!=0)
					{
						$from_cat_pname = $cat_data['cat_pname'];
						$from_cat_id = intval($_GET['cat_id']);
					}
				}
				
				unset($to_page_name);
				unset($to_cat_id);
				// Note use of variables are different from the passed ones (variable names)
				// This is to prevent register_globals problems
				if( isset($_GET['dest_page_name']) )
				{
					$to_page_name = urldecode($_GET['dest_page_name']);
				}
				
				if( isset($_GET['dest_cat_id']) )
				{
					$_GET['dest_cat_id'] = intval($_GET['dest_cat_id']);
					
					$query = "SELECT cat_pname FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_GET['dest_cat_id'];
					$result = db_query($query,'Could not select Category data');
					$cat_data = db_fetchassoc($result);
					
					if(db_numrows($result)!=0)
					{
						$to_cat_id = intval($_GET['dest_cat_id']);
						$to_cat_pname = $cat_data['cat_pname'];
					}
				}
			}			
?>
<form name="copypage" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=copy"); ?>">
  <div align="center">
    <p>Page name: 
      <input type="textfield" name="page_name" value="<?php echo $from_page_name; ?>" />
      in Category: 
      <select name="cat_id">
<?php
	$query_arguments = " ";	
	if( isset($from_cat_id)&&isset($from_cat_pname) )
	{
		echo "<option value=\"".$from_cat_id."\" selected>".$from_cat_pname."</option>";
		
		$query_arguments .= "WHERE cat_id <> '".$from_cat_id."' ";
	}
	
	$query = "SELECT cat_id, cat_pname FROM ".CATEGORIES_TABLE.$query_arguments."ORDER BY cat_pname";
	$result = db_query($query,'Could not select Categories data');
	
	while( $cat_data = db_fetchassoc($result) )
	{
		echo "<option value=\"".$cat_data['cat_id']."\">".$cat_data['cat_pname']."</option>";
	}
?>    
	  </select>
    </p>
    <p> <br />
      to</p>
    <p> <br />
      Page name: 
      <input type="text" name="dest_page_name" value="<?php echo $to_page_name; ?>" />
      in Category: 
      <select name="dest_cat_id">
<?php
	$query_arguments = " ";	
	if( isset($to_cat_id)&&isset($to_cat_pname) )
	{
		echo "<option value=\"".$to_cat_id."\" selected>".$to_cat_pname."</option>";
		
		$query_arguments .= "WHERE cat_id <> '".$to_cat_id."' ";
	}
	
	$query = "SELECT cat_id, cat_pname FROM ".CATEGORIES_TABLE.$query_arguments."ORDER BY cat_pname";
	$result = db_query($query,'Could not select Categories data');
	
	while( $cat_data = db_fetchassoc($result) )
	{
		echo "<option value=\"".$cat_data['cat_id']."\">".$cat_data['cat_pname']."</option>";
	}
?>  	  
      </select>
    </p>
       <input type="submit" name="docopy" value="Copy Page" />
  </div>
</form>
<?php			
			display_footer();
		}
		break;
	case 'delete':
		if(db_rowcount(PAGES_TABLE)==0)
		{
			redirect_page('There are no Pages to Delete.',attach_sid("pages.".FILE_EXT."?mode=index"));
		}
		unset($delete_id);
		if( !isset($_POST['dodelete'])&&!isset($_GET['page_id'])&&!isset($_POST['page_id']) )
		{								 
		 	do_header('Admin Panel >> Pages Management >> Delete');
?>

<form name="deletepage" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=delete"); ?>">
  <div align="center"><p>You can delete any page here. Important: If you delete a page which is the default page for a category, you should set a new default page immediately!</p>
    <p>Page name: 
      <input type="textfield" name="page_name" />
      in Category: 
      <select name="cat_id">
<?php
			// Make categories list
			$query = "SELECT cat_id, cat_pname FROM ".CATEGORIES_TABLE." ORDER BY cat_pname";
			$result = db_query($query,'Could not select categories data');
			
			while( $cat_data = db_fetchassoc($result) )
			{
				echo '<option value="'.$cat_data['cat_id'].'">'.$cat_data['cat_pname'].'</option>';
			}
?>
	</select>
    </p>
       <input type="submit" name="dodelete" value="Delete" />
  </div>
</form>
<?php
			display_footer();
		}
		else
		{
			// If page_id wasn't passed in the url
			if(isset($_GET['page_id']))
			{
				$delete_id = intval($_GET['page_id']);
				
				// If the id doesn't exist
				if(!find_id($delete_id))
				{
					redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=delete"));
				}
			}
			else if(isset($_POST['page_id']))
			{
				$delete_id = intval($_POST['page_id']);
				
				if(!find_id($delete_id))
				{
					redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=delete"));
				}
			}
			// If both the page_name and cat_id are posted
			else if( isset($_POST['page_name'])&&isset($_POST['cat_id']) )
			{
				// Select page
				$query = "SELECT page_id FROM ".PAGES_TABLE." WHERE page_name = '".clean($_POST['page_name'])."' AND cat_id = ".$_POST['cat_id'];
				$result = db_query($query,'Could not select page data');
				
				// if it doesn't exist
				if(db_numrows($result)==0)
				{
					redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=delete"));
				}
				else
				{
					$page_data = db_fetchassoc($result);
					
					$delete_id = $page_data['page_id'];
				}
			}
			else
			{
				// Shouldn't happen but its always good to have a backup
				redirect_page('Field Data Missing!',attach_sid("pages.".FILE_EXT."?mode=delete"));
			}
			
			// Check if page is the default of a category, and if it is, set the default to 0
			$query = "UPDATE ".CATEGORIES_TABLE." SET page_id = -1 WHERE page_id = $delete_id";
			db_query($query,'Could not fetch data from Categories table');			
			
			// Deletes page
			$query = "DELETE FROM ".PAGES_TABLE." WHERE page_id = ".$delete_id;
			db_query($query,'Could not delete page');
			
			redirect_page('Page successfully deleted.',attach_sid("pages.".FILE_EXT."?mode=index"));		
		}
		break;
	case 'edit':
		if(db_rowcount(PAGES_TABLE)==0)
		{
			redirect_page('There are no Pages to Edit.',attach_sid("pages.".FILE_EXT."?mode=index"));
		}
		unset($edit_id);
		if(isset($_POST['doedit']))
		{								 
			// if page id isn't there
			if(!isset($_POST['page_id']))
			{
				redirect_page('No Page to Edit',attach_sid("pages.".FILE_EXT."?mode=edit"));
			}
			
			// set as an integer
			$_POST['page_id'] = intval($_POST['page_id']);
			
			// if page doesn't exist
			if(!find_id($_POST['page_id']))
			{
				redirect_page('Page not found',attach_sid("pages.".FILE_EXT."?mode=edit"));
			}
						
			// If one of the fields don't exist
			if( (!isset($_POST['page_name']))||(!isset($_POST['cat_id']))||(!isset($_POST['page_title']))||(!isset($_POST['page_content']))||(!isset($_POST['template_id'])||(!isset($_POST['use_php']))) )
			{
				redirect_page('Missing Data Field to Field Page',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			$_POST['cat_id'] = intval($_POST['cat_id']);
			$_POST['template_id'] = intval($_POST['template_id']);
			$_POST['use_php'] = intval($_POST['use_php']);
			
			// If page name is empty
			if(empty($_POST['page_name']))
			{
				redirect_page('Page name invalid',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// use_php must be 1 or 0, for true or false
			if( ($_POST['use_php']!=0)&&($_POST['use_php']!=1) )
			{
				redirect_page('PHP Setting incorrect',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']));
			}
			
			// Check if the template exists	
			$query = "SELECT template_id FROM ".TEMPLATES_TABLE." WHERE template_id = ".$_POST['template_id']." LIMIT 1";

			if( (db_numrows('',$query,'Could not select template ID from the Templates table')==0)&&($_POST['template_id']!=0) )
			{
				redirect_page('Template does not exist',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&use_php=".$_POST['use_php']));
			}
			
			// Check if category exists	
			$query = "SELECT cat_id FROM ".CATEGORIES_TABLE." WHERE cat_id = ".$_POST['cat_id']." LIMIT 1";

			if(db_numrows('',$query,'Could not select category ID from the Category table')==0)
			{
				redirect_page('Category does not exist',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// clean up page_name
			$_POST['page_name'] = clean_public($_POST['page_name']);
			
			// Check if the page already exists (if changed)	
			$query = "SELECT page_name FROM ".PAGES_TABLE." WHERE page_name = '".$_POST['page_name']."' AND cat_id = ".$_POST['cat_id']." AND page_id <> ".$_POST['page_id']." LIMIT 1";
				
			if(db_numrows('',$query,'Could not select page name from Page table')!=0)
			{
				redirect_page('Page name already exists',attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$_POST['page_id']."&page_name=".urlencode($_POST['page_name'])."&page_title=".urlencode($_POST['page_title'])."&page_content=".urlencode($_POST['page_content'])."&cat_id=".$_POST['cat_id']."&page_content=".urlencode($_POST['page_content'])."&template=".$_POST['template_id']."&use_php=".$_POST['use_php']));
			}
			
			// Clean up title, makes < > characters (No need to use striptags as it won't be evaluated as PHP, save processing time	
			$_POST['page_title'] = addslashes($_POST['page_title']);
			$_POST['page_title'] = htmlentities($_POST['page_title']);
			
			$contents = $_POST['page_content'];
			
			if(ini_get('file_uploads')==1)
			{
				if(is_uploaded_file($_FILES['uploaded_page']['tmp_name'])&&$_FILES['uploaded_page']['size']!=0)
				{
					$fp = fopen($_FILES['uploaded_page']['tmp_name'],'r');
					
					$contents = fread($fp, $_FILES['uploaded_page']['size']);

					fclose($fp);
				}
			}			
			
			// Add slashes to characters than can break the query
			$contents = addslashes($contents);
		
			$query = "UPDATE ".PAGES_TABLE." SET page_name = '".$_POST['page_name']."', cat_id = ".$_POST['cat_id'].", date = ".date("U").", page_title = '".$_POST['page_title']."', page_content = '".$contents."', template_id = ".$_POST['template_id'].", use_php = ".$_POST['use_php']." WHERE page_id = ".$_POST['page_id'];
			db_query($query, 'Could not update page information');
			
			redirect_page('Page Successfully Edited',attach_sid("pages.".FILE_EXT."?mode=index"));
		}
		else
		{
		 	// If any of the possible var combinations aren't set, display screen to choose edit page	
			if( ( !isset($_POST['page_id'])&&!isset($_GET['page_id']) )&&( ( !isset($_POST['page_name'])||!isset($_POST['cat_id']) )&&( !isset($_GET['page_name'])||!isset($_GET['cat_id']) ) ) )
			{
				do_header('Admin Panel >> Pages Management >> Edit');	
?>
<form name="editpage" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=edit"); ?>">
  <div align="center"><p>Enter the page you'd like to make changes to</p>
    <p>Page name: 
      <input type="textfield" name="page_name" />
      in Category: 
      <select name="cat_id">
<?php
				// Get categories list
				$query = "SELECT cat_id, cat_pname FROM ".CATEGORIES_TABLE." ORDER BY cat_pname";
				$result = db_query($query,'Could not select categories data');
			
				while( $cat_data = db_fetchassoc($result) )
				{
					echo '<option value="'.$cat_data['cat_id'].'">'.$cat_data['cat_pname'].'</option>';
				}
?>
	</select>
    </p>
       <input type="submit" name="Submit" value="Edit" />
  </div>
</form>
<?php
				display_footer();
			}
			else
			{
				// If page_id to edit was posted
				if(isset($_POST['page_id']))
				{
					// set it as $edit_id
					$edit_id = intval($_POST['page_id']);
					
					// try to find id
					if(!find_id($edit_id))
					{
						redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=edit"));
					}
				}
				// see if it was passed in the url
				else if(isset($_GET['page_id']))
				{
					$edit_id = intval($_GET['page_id']);

					if(!find_id($edit_id))
					{
						redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=edit"));
					}
				}
				// see if we got the page name and category id instead
				else if( isset($_POST['page_name'])&&isset($_POST['cat_id']) )
				{
					// get page id from name and cat
					$query = "SELECT page_id FROM ".PAGES_TABLE." WHERE page_name = '".clean(urldecode($_POST['page_name']))."' AND cat_id = ".$_POST['cat_id'];
					$result = db_query($query,'Could not fetch page id');
					
					// not found
					if(db_numrows($result)==0)
					{
						redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=edit"));
					}
					else
					{
						$page_data = db_fetchassoc($result);
						$edit_id = $page_data['page_id'];
					}
				}
				// if the page_name or cat_id was passed in the url
				else if( isset($_GET['page_name'])&&isset($_GET['cat_id']) )
				{
					$query = "SELECT page_id FROM ".PAGES_TABLE." WHERE page_name = '".clean(urldecode($_GET['page_name']))."' AND cat_id = ".$_GET['cat_id'];
					$result = db_query($query,'Could not fetch page id');
					
					if(db_numrows($result)==0)
					{
						redirect_page('Page could not be found',attach_sid("pages.".FILE_EXT."?mode=edit"));
					}
					else
					{
						$page_data = db_fetchassoc($result);
						$edit_id = $page_data['page_id'];
					}
				}
				else
				{
					// Shouldn't happen but good to have
					redirect_page('Missing field',attach_sid("pages.".FILE_EXT."?mode=edit"));
				}				
				
				// Show header as we have a valid page to edit
	 	 		do_header('Admin Panel >> Pages Management >> Edit');
				
				// Get all the page data
				$query = "SELECT p.page_id,p.page_name,p.page_title,p.cat_id,p.page_content,p.template_id,p.use_php,c.cat_pname,t.template_name FROM ".PAGES_TABLE." as p, ".CATEGORIES_TABLE." as c, ".TEMPLATES_TABLE." as t WHERE p.page_id = $edit_id AND c.cat_id = p.cat_id AND t.template_id = p.template_id";
				$result = db_query($query,'Could get fetch page data');
				
				if(db_numrows($result)==0)
				{
					// shouldn't happen also based on above checks
					redirect_page('Invalid Edit Id',attach_sid("pages.".FILE_EXT."?mode=edit"));
				}
				else
				{
					if(ini_get('file_uploads')==1)
					{
						$form_type = ' enctype="multipart/form-data"';
					}
					else
					{
						$form_type = '';	
					}

					// assign the var
					$page_data = db_fetchassoc($result);
					
					// unset vars to be used for security
					unset($page_name);
					unset($cat_id);
					unset($cat_pname);
					unset($template_id);
					unset($template_name);
					unset($page_title);
					unset($page_content);
					unset($use_php);
							
					// if passed in the url meaning the edit failed so we fill with the edited values
					if( isset($_GET['page_name']) )
					{
						$page_name = htmlentities(urldecode($_GET['page_name']));
					}
					else
					{
						// else we take the data from the db
						$page_name = htmlentities($page_data['page_name']);
					}
					
					// get from the url
					if( isset($_GET['cat_id']) )
					{
						// make an integer
						$cat_id = intval($_GET['cat_id']);
						
						// get the category name for this id
						$query = "SELECT cat_pname FROM ".CATEGORIES_TABLE." WHERE cat_id = $cat_id";
						$result = db_query($query,'Could not query categories table');
						
						// if the category wasn't found..
						if(db_numrows('',$query,'')==0)
						{
							// get from the original values
							$cat_id = $page_data['cat_id'];
							$cat_pname = htmlentities(stripslashes($page_data['cat_pname']));
						}
						else
						{
							// get from the passed values
							$cat_data = db_fetchassoc($result);
							$cat_pname = htmlentities(stripslashes($cat_data['cat_pname']));
						}
					}
					else
					{
						// get from the original values
						$cat_id = $page_data['cat_id'];
						$cat_pname = htmlentities(stripslashes($page_data['cat_pname']));
					}
					
					// if title was passed
					if( isset($_GET['page_title']) )
					{
						$page_title = htmlentities(urldecode($_GET['page_title']));
					}
					else
					{
						// clean up data if from the original
						$page_title = htmlentities(stripslashes($page_data['page_title']));
					}
					
					// if passed in the url
					if( isset($_GET['page_content']) )
					{
						$page_content = htmlentities(urldecode($_GET['page_content']));
					}
					else
					{
						// clean up data from db
						$page_content = htmlentities(stripslashes($page_data['page_content']));
					}
					
					// check template id from url
					if( isset($_GET['template_id']) )
					{
						// set as integer
						$template_id = intval($tempalte_id);
						
						// fetch data
						$query = "SELECT template_name FROM ".TEMPLATES_TABLE." WHERE template_id = $template_id";
						$result = db_query($query,'Could not query Template information');
						
						// if it isn't there
						if(db_numrows($result)==0)
						{
							$template_id = $page_data['template_id'];
							$template_name = htmlentities(stripslashes($page_data['template_name']));
						}
						else
						{
							$template_data = db_fetchassoc($result);
							$template_name = htmlentities(stripslashes($template_data['template_name']));
						}
					}
					else
					{
						$template_id = $page_data['template_id'];
						$template_name = htmlentities(stripslashes($page_data['template_name']));
					}
					
					// if use_php is set and its either 1 or 0
					if( isset($_GET['use_php'])&&($_GET['use_php']==0||$_GET['use_php']==1) )
					{
						$use_php = $_GET['use_php']; 
					}
					else
					{
						$use_php = $page_data['use_php'];
					}					
?>
<br />     <p align="center">Change the values of this page. Note: Same rules apply as to when creating a page, i.e. page name should not have any spaces (recommended), html is stripped for the title, select template "none" if you don't want the page to use any headers/footers, only Parse PHP if you're using PHP tags in this page (Improves Performance).</p>

        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr> 
            <td width="50%"> 
              <div align="center"> 
                <form name="create" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=edit"); ?>"<?php echo $form_type; ?>>
                  Page name: 
                  <input type="text" name="page_name" size="20" maxlength="255" value="<?php echo $page_name; ?>" />
              </div>
            </td>
            <td width="50%"> 
              <div align="center"> 
                  Category: 
                  <select name="cat_id">
<?php
					// show the selected one first
	 				echo '<option value="'.$cat_id.'" selected="selected">'.$cat_pname.'</option>';
					
					// get list
					$query = "SELECT cat_id,cat_pname FROM ".CATEGORIES_TABLE." WHERE cat_id <> $cat_id ORDER BY cat_pname";
					$result = db_query($query,'Could not select categories from categories table');
					
					while($cat_data = db_fetchassoc($result))
		    		{
	 	        		echo "<option value=\"".$cat_data['cat_id']."\">".$cat_data['cat_pname']."</option>";
					}
?>
				  </select>
              </div>
            </td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Page Title: 
                  <input type="text" name="page_title" size="75" maxlength="255" value="<?php echo $page_title; ?>" />
              </div>
            </td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Content:<br />
                  <textarea name="page_content" cols="80" rows="10"><?php echo $page_content; ?></textarea>
              </div>
            </td>
          </tr>
        </table>
<?php
			if(ini_get('file_uploads')==1)
			{
?>
		        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center"> Or upload file: 
          <input type="hidden" name="MAX_FILE_SIZE" value="30000000" /><input name="uploaded_page" type="file" id="uploaded_page" />
        <br />&nbsp;
      </div>
            </td>
          </tr>
        </table>				
<?php
			}
?>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                  Template: 
                  <select name="template_id">
<?php
					// show selected
					echo '<option value="'.$template_id.'" selected>'.$template_name.'</option>';
		
					// get list
					$query = "SELECT template_id,template_name FROM ".TEMPLATES_TABLE." WHERE template_id <> $template_id ORDER BY template_name";
					$result = db_query($query,'Could not select template data');
					
					while($template_data = db_fetchassoc($result))
					{
						echo '<option value="'.$template_data['template_id'].'">'.stripslashes($template_data['template_name']).'</option>';
					}
?>
                  </select>
              </div>
            </td>
            <td>
              <div align="center">
                  Parse PHP?: 
                  <select name="use_php">
<?php
			        if($use_php==1)
					{
				        echo "<option value=\"1\" selected>Yes</option><option value=\"0\">No</option>";
					}
					else
					{
			    	    echo "<option value=\"1\">Yes</option><option value=\"0\" selected>No</option>";
					}
?>
                  </select>
              </div>
			<td>
				
			</td>
          </tr>
        </table>
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
			  	  <input type="hidden" name="page_id" value="<?php echo $edit_id; ?>" />
                  <input type="submit" name="doedit" value="Make Changes" />
                </form>
              </div>
            </td>
          </tr>
        </table>
<?php
					display_footer();
				}
			}
		}
		break;
	case 'index':
	default:
		unset($order_by);
		unset($sort_by);
		unset($o_sort_by);
		unset($o_order_by);
		unset($cat_query);
		unset($cat_url);
		unset($selected_cat);
		unset($query_arguments);
		unset($url_arguments);
		unset($define);
		unset($define_name);
		do_header('Admin Panel >> Pages');	
		 
		$_GET['orderby'] = strtolower($_GET['orderby']);
		 
		if(($_GET['orderby']=='page_id')||($_GET['orderby']=='page_name')||($_GET['orderby']=='page_title'))
		{
		    $order_by = $_GET['orderby'];
		}
		else
		{
		 	$order_by = 'page_id';
		}
		 
		$_GET['sortby'] = strtoupper($_GET['sortby']);
		 
		if($_GET['sortby']=='ASC')
		{
			$sort_by = 'ASC';
			$o_sort_by = 'DESC';
		}
		else if($_GET['sortby']=='DESC')
		{
			$sort_by = 'DESC';
			$o_sort_by = 'ASC';		  	    
		}
		else
		{
		 	$sort_by = 'ASC';
			$o_sort_by = 'DESC';
		}
		 
		if( (!isset($_POST['cat_id']) && (!isset($_GET['cat_id']))||($_GET['cat_id']=='all' || $_POST['cat_id']=='all') ) )
		{
			$cat_query = '';
			$cat_url = '';
		}
		else
		{
			if(isset($_POST['cat_id']))
			{
				$_POST['cat_id'] = intval($_POST['cat_id']);
				$selected_cat = $_POST['cat_id'];
				$cat_query = "WHERE cat_id = ".$_POST['cat_id']." ";
				$cat_url = "&cat_id=".$_POST['cat_id'];
			}
			else
			{
				$_GET['cat_id'] = intval($_GET['cat_id']);
				$selected_cat = $_GET['cat_id'];
				$cat_query = "WHERE cat_id = ".$_GET['cat_id']." ";
				$cat_url = "&cat_id=".$_GET['cat_id'];
			}				
		}
		 
		$query_arguments = $cat_query.'ORDER BY '.$order_by.' '.$sort_by;
		$url_arguments = $cat_url."&sortby=".$o_sort_by;
?>
<p align="center">Welcome to the Pages Administration. Navigate on top to modify and add pages. You can view the pages in your database below. Select a yellow coloured title to sort by the that column, and click it again to change the order of sorting (Ascending or Descending). You can also only show pages in a specific category.</p>
<table width="90%" border="1" cellspacing="0" cellpadding="0" align="center" bordercolor="#A8B9FF">
  <tr> 
    <td bgcolor="0066CC"> 
      <div align="center"><b><font color="#FFFFFF" size="3"><?php echo "<a class=\"sortlink\" href=\"".attach_sid("pages.".FILE_EXT."?mode=index&orderby=page_id".$url_arguments)."\">Page ID</a>"; ?></font></b></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b><?php echo "<a class=\"sortlink\" href=\"".attach_sid("pages.".FILE_EXT."?mode=index&orderby=page_name".$url_arguments)."\">Page Name</a>"; ?></b></font></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><font size="3" color="#FFFFFF"><b>Category Name</b></font></div>
    </td>
    <td bgcolor="0066CC"> 
      <div align="center"><b><font size="3" color="#FFFFFF"><?php echo "<a class=\"sortlink\" href=\"".attach_sid("pages.".FILE_EXT."?mode=index&orderby=page_title".$url_arguments)."\">Page Title</a>"; ?></font></b></div>
    </td>
    <td bgcolor="0066CC">&nbsp;</td>
    <td bgcolor="0066CC">&nbsp;</td>
    <td bgcolor="0066CC">&nbsp;</td>
	<td bgcolor="0066CC">&nbsp;</td>
  </tr>
  
<?php
		
		$query = "SELECT cat_id,cat_name,cat_pname FROM ".CATEGORIES_TABLE." ORDER BY cat_pname";
		$result = db_query($query,'Could not select category name');
        
		echo '<div align="center"><form name="catselect" method="post" action="'.attach_sid("pages.".FILE_EXT."?mode=index").'">';
		echo 'Show Pages in Category: <select name="cat_id">';
		echo '<option value="all" selected>All Categories</option>';
		while($catdata = db_fetchassoc($result))
		{	
			$cat_id = $catdata['cat_id'];
			$define[$cat_id] = $catdata['cat_pname'];
			$define_name[$cat_id] = $catdata['cat_name'];
			if($cat_id == $_POST['cat_id'])
			{
				echo '<option value="'.$cat_id.'" selected="selected">'.$catdata['cat_pname'].'</option>';
			}
			else
			{
				echo '<option value="'.$cat_id.'">'.$catdata['cat_pname'].'</option>';
			}
		}
		echo '</select> <input type="submit" name="Submit" value="Show" /></form></div>';
	    $query = "SELECT page_id,page_name,cat_id,page_title FROM ".PAGES_TABLE." ".$query_arguments;
		$result = db_query($query,'Could not select pages from page table');
 
		while($page_data = db_fetchassoc($result))
		{
			$cat_id = $page_data['cat_id'];
			$page_data['page_title'] = stripslashes($page_data['page_title']);
				
?>
  <tr>
    <td width="60"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $page_data['page_id']; ?></font></div>
    </td>
    <td width="100"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $page_data['page_name']; ?></font></div>
    </td>
    <td width="125"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $define[$cat_id]; ?></font></div>
    </td>
    <td>
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo $page_data['page_title']; ?></font></div>
    </td>
    <td width="50"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".attach_sid("pages.".FILE_EXT."?mode=edit&page_id=".$page_data['page_id'])."\">Edit</a>"; ?></font></div>
    </td>
    <td width="50"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".attach_sid("pages.".FILE_EXT."?mode=copy&page_name=".$page_data['page_name']."&cat_id=".$cat_id)."\">Copy</a>"; ?></font></div>
    </td>
    <td width="50"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".attach_sid("pages.".FILE_EXT."?mode=delete&page_id=".$page_data['page_id'])."\">Delete</a>"; ?></font></div>
    </td>
	<td width="50"> 
      <div align="center"><font size="3" face="Times New Roman, Times, serif"><?php echo "<a href=\"".SCRIPT_PATH."index.".FILE_EXT."?".CATEGORY_NAME."=".$define_name[$cat_id]."&".PAGE_NAME."=".$page_data['page_name']."\" target=\"_blank\">View</a>"; ?></font></div>
    </td>
  </tr>

<?php
		}
?>
</table>
        <br />
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr> 
            <td> 
              <div align="center"> 
                <form name="copypage" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=copy"); ?>">
                  <input type="text" name="page_id" value="Enter Page ID" size="20" maxlength="255" />
                  <input type="submit" name="Submit" value="Copy Page" />
                </form>
              </div>
            </td>
            <td> 
              <div align="center"> 
                <form name="edit" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=edit"); ?>">
                  <input type="text" name="page_id" value="Enter Page ID" size="20" maxlength="255" />
                  <input type="submit" name="Submit" value="Edit Page" />
                </form>
              </div>
            </td>
            <td> 
              <div align="center"> 
                <form name="delete" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=delete"); ?>">
                  <input type="text" name="page_id" value="Enter Page ID" size="20" maxlength="100" />
                  <input type="submit" name="Submit" value="Delete Page" />
                </form>
              </div>
            </td>
          </tr>
        </table>
        <br />
        <table width="90%" border="0" cellspacing="0" cellpadding="0">
          <tr>
            <td>
              <div align="center">
                <form name="create" method="post" action="<?php echo attach_sid("pages.".FILE_EXT."?mode=create"); ?>">
                  <input type="submit" name="Submit2" value="Create Page" />
                </form>
              </div>
            </td>
          </tr>
        </table>
<?php		 
		display_footer();
}
?>
Return current item: raSMP