<?php
// =====================================================
//
// s-p-e - Content management system.
// Copyright (C) 2004, 2005, 2010, 2011 Vladimir B. Tsarkov
//
// This file is part of s-p-e.
//
// s-p-e is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// s-p-e is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with s-p-e. If not, see <http://www.gnu.org/licenses/>.
//
// ------
//
// You can contact me via e-mail: lipetsk-gnu-lug at bk period ru
//
// admin.php
//
// Abstract: Administrator's page.
//
// Revision History:
//
// 1 2004-03-27 - 2005-07-02 vbt
// 2 2005-07-22 vbt
// 3 2005-09-12 vbt
// 4 2010-06-21 vbt
// 5 2011-01-21 vbt
// 6 2011-11-16 vbt
// 7 2011-12-23 vbt
//
// =====================================================
header("Content-Type: text/html; charset=UTF-8");
include("configure/specfg.php");
include("../include/functions.php");
cache();
session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();
gc();
redirect(read(session_id()));
if(read(session_id()) == "administrator")
{
language($cfg["deflangadmin"]);
echo "<HTML>
<HEAD>
<TITLE>".(_("s-p-e Administrator's Panel"))."</TITLE>
<LINK rel='stylesheet' type='text/css' href='../skin/".($cfg["skin"])."/style.css'>
</HEAD>
<BODY class='admin'>
<div align='center'>
<table class='admin-table' border='1'>
<tr valign='middle'>
<td width='250'><font class='s-normal' id='w-bold'> ".(_("Sections"))."</font></td>
<td width='300'>
<font class='s-normal' id='w-bold'> ".(_("Creating and removing sections"))."</font>
</td>
<td width='250'><font class='s-normal' id='w-bold'> ".(_("Users' bindings"))."</font></td>
</tr>
<tr valign='top'>
<td class='admin' width='215'>
<div align='left'>
<hr width='100%'>
</div>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("News"))."</font></LEGEND>";
connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
$result = mysql_query("select partname
from ".($cfg["prefix"])."partition
where pnid regexp '^([0-9]){10}$'", $connector)
or die("error #102");
while($row = mysql_fetch_array($result, MYSQL_NUM))
{
echo "<p>
<font class='s-normal' id='w-normal'>
<b>»»</b> ".($row[0])."
</font>
</p>";
}
mysql_free_result($result);
echo "<br><br></FIELDSET><FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("Articles"))."</font></LEGEND>";
$result = mysql_query("select partname
from ".($cfg["prefix"])."partition
where pnid regexp '^([0-9]){11}$'", $connector)
or die("error #102");
while($row = mysql_fetch_array($result, MYSQL_NUM))
{
echo "<p>
<font class='s-normal' id='w-normal'>
<b>»»</b> ".($row[0])."
</font>
</p>";
}
mysql_free_result($result);
mysql_close($connector);
echo "<br><br>
</FIELDSET>
</td>
<td class='admin' width='300'>
<hr width='100%'><br>
<form action='bams.php' method='post'>
<table>
<tr>
<td align='right' id='bspace'>
<font class='s-normal' id='w-normal'>".(_("section")).":</font>
</td>
<td>
<INPUT class='admin-text' type='text' name='newpart' maxlength='50'>
</td>
</tr>
<tr>
<td align='right'>
<INPUT class='admin-radio' type='radio' name='type' value='1' id='news_sec' CHECKED>
</td>
<td>
<label for='news_sec'><font class='s-normal' id='w-normal'> ".(_("news section"))."</font></label>
</td>
</tr>
<tr>
<td align='right'>
<INPUT class='admin-radio' type='radio' name='type' value='0' id='articles_sec'>
</td>
<td>
<label for='articles_sec'><font class='s-normal' id='w-normal'> ".(_("articles section"))."</font></label>
</td>
</tr>
</table>
<br>
<table>
<tr>
<td align='center' id='bspace'>
<INPUT class='admin-button' type='submit' name='delpart' value='« ".(_("Remove"))."'>
<INPUT class='admin-button' type='submit' name='addpart' value='".(_("Create"))." »'>
</td>
</tr>
</table>
</form>
</td>
<td class='admin' width='250' valign='top'><hr width='100%'>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("Users' bindings"))."</font></LEGEND>
<form action='user.php' method='post'>
<table>
<tr>
<td>
<font class='s-normal' id='w-normal'>".(_("user")).":</font>
<br>
<input type='text' name='fuser' class='admin-text' maxlength='50'>
</td>
</tr>
</table>
<table>
<tr>
<td>
<INPUT class='admin-button' type='submit' name='view' value='".(_("View"))." »'>
</td>
</tr>
</table>
</form>
</FIELDSET>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("Bindings' Administration"))."</font></LEGEND>
<form action='bams.php' method='post'>
<table>
<tr><td colspan='2'>
<font class='s-normal' id='w-normal'> ".(_("section")).":</font>
<br>
<input type='text' name='part' class='admin-text' maxlength='50'>
</td></tr>
<tr><td colspan='2'>
<font class='s-normal' id='w-normal'> ".(_("user")).":</font>
<br>
<input type='text' name='userbind' class='admin-text' maxlength='50'>
</td></tr>
<tr><td>
<input type='radio' name='bind' value='1' id='add_bind' CHECKED>
</td><td>
<label for='add_bind'><font class='s-normal' id='w-normal'> ".(_("add binding"))."</font></label>
</td></tr>
<tr><td>
<input type='radio' name='bind' value='0' id='rm_bind'>
</td><td>
<label for='rm_bind'><font class='s-normal' id='w-normal'> ".(_("remove binding"))."</font></label>
</td></tr>
<tr><td>
<input type='radio' name='type' value='1' id='news_s' CHECKED>
</td><td>
<label for='news_s'><font class='s-normal' id='w-normal'> ".(_("news section"))."</font></label>
</td></tr>
<tr><td>
<input type='radio' name='type' value='0' id='article_s'>
</td><td>
<label for='article_s'><font class='s-normal' id='w-normal'> ".(_("articles section"))."</font></label>
</td></tr>
</table>
<br>
<table>
<tr><td>
<INPUT class='admin-button' type='submit' name='addbind' value='".(_("Apply"))." »'>
</td></tr>
</table>
</form>
</FIELDSET>
</td>
</tr>
</table>
</div>
<div align='center'>
<table class='admin-table' border='1'>
<tr valign='middle'>
<td width='250'>
<font class='s-normal' id='w-bold'> ".(_("Archiving"))."</font>
</td>
<td width='300'>
<font class='s-normal' id='w-bold'> ".(_("Creating and removing users"))."</font>
</td>
<td width='250'>
<font class='s-normal' id='w-bold'> ".(_("Updating users' information"))."</font>
</td>
</tr>
<tr valign='top'>
<td class='admin' width='215'>
<hr width='250'>
<br>
<font class='s-normal' id='w-bold'>»»</font>
<a href='arc.php?type=".(base64_encode("110"))."'>
<font class='s-normal' id='w-normal'><U>".(_("archive news"))."</U></font></a>
<br>
<font class='s-normal' id='w-bold'>»»</font>
<a href='arc.php?type=".(base64_encode("111"))."'>
<font class='s-normal' id='w-normal'><U>".(_("archive articles"))."</U></font></a>
<br><br>
<font class='s-normal' id='w-normal'> ".(_("Archives")).":</font><br>";
connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
$result = mysql_query("select partname
from ".($cfg["prefix"])."archive
where archiveid regexp '^.{12}$'", $connector)
or die("error #102");
while($row = mysql_fetch_array($result))
{
echo "<br>
<font class='s-normal' id='w-normal'>
<b>»»</b> ".($row["partname"])."</font>";
}
mysql_free_result($result);
mysql_close($connector);
echo "<div align='center'>
<hr width='100%'>
</div>
<form action='parc.php' method='post'>
<table border='0'>
<tr><td id='bspace'>
<font class='s-normal' id='w-normal'>".(_("archive")).":</font>
</td><td>
<INPUT type='text' name='narc' class='admin-text' maxlength='50'>
</td></tr>
<tr><td id='bspace'>
<INPUT type='radio' name='arcn' value='0' id='n_arch' CHECKED>
</td><td id='sspace'>
<label for='n_arch'><font class='s-normal' id='w-normal'>".(_("news"))."</font></label>
</td></tr>
<tr><td id='bspace'>
<INPUT type='radio' name='arcn' id='art_arch' value='1'>
</td><td id='sspace'>
<label for='art_arch'><font class='s-normal' id='w-normal'>".(_("articles"))."</label>
</font></td></tr>
</table>
<br>
<table>
<tr><td>
<INPUT class='admin-button' type='submit' name='drop' value='".(_("Remove archive"))." »'>
</td></tr>
</table>
</form>
</td>
<td class='admin'>
<hr width='100%'><br>
<form action='muser.php' method='post'>
<table>
<tr>
<td id='bspace'>
<font class='s-normal' id='w-normal'>".(_("login")).":</font>
</td>
<td>
<input type='text' name='cuser' class='admin-text' maxlength='15'>
</td>
</tr>
<tr>
<td id='bspace'>
<font class='s-normal' id='w-normal'>".(_("password")).":</font>
</td>
<td>
<input type='password' name='upwd' class='admin-text' maxlength='15'>
</td>
</tr>
<tr>
<td id='bspace'>
<font class='s-normal' id='w-normal'>".(_("e-mail")).":</font>
</td>
<td>
<input type='text' name='umail' class='admin-text' maxlength='30'>
</td>
</tr>
<tr>
<td id='bspace'>
<input type='radio' name='use' value='0' id='reporter' CHECKED>
</td>
<td id='sspace'>
<label for='reporter'><font class='s-normal' id='w-normal'>".(_("reporter"))."</font></label>
</td>
</tr>
<tr>
<td id='bspace'>
<input type='radio' name='use' id='editor' value='1'>
</td>
<td id='sspace'>
<label for='editor'><font class='s-normal' id='w-normal'>".(_("editor"))."</font></label>
</td>
</tr>
</table>
<br>
<table>
<tr>
<td id='bspace'>
<INPUT class='admin-button' type='submit' name='del' value='« ".(_("Remove"))."'>
<INPUT class='admin-button' type='submit' name='add' value='".(_("Add"))." »'>
</td>
</tr>
</table>
</form>
</td>
<td class='admin' width='250' valign='top'><hr width='100%'>";
echo "<form action='update.php' method='post'>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("old data"))."</font></LEGEND>
<table>
<tr><td id='sspace'>
<font class='s-normal' id='w-normal'>".(_("login")).":</font>
</td><td>
<INPUT class='admin-text' type='text' name='olduser' maxlength='15'></td></tr>
<tr><td id='sspace'>
<font class='s-normal' id='w-normal'>".(_("password")).":</font>
</td><td>
<INPUT class='admin-text' type='password' name='oldpwd' maxlength='15'>
</td></tr>
<tr><td id='bspace'>
<INPUT class='admin-radio' type='radio' name='red' value='0' id='rep_auth' CHECKED>
</td><td id='sspace'>
<label for='rep_auth'><font class='s-normal' id='w-normal'>".(_("reporter"))."</font></label>
</td></tr>
<tr><td id='bspace'>
<INPUT class='admin-radio' type='radio' name='red' id='ed_auth' value='1'>
</td><td id='sspace'>
<label for='ed_auth'><font class='s-normal' id='w-normal'>".(_("editor"))."</font></label>
</td></tr>
<tr><td id='bspace'>
<INPUT class='admin-radio' type='radio' name='red' id='admin_auth' value='2'>
</td><td id='sspace'>
<label for='admin_auth'><font class='s-normal' id='w-normal'>".(_("administrator"))."</font></label>
</td></tr>
</table>
</FIELDSET>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("new data"))."</font></LEGEND>
<table>
<tr><td id='sspace'>
<font class='s-normal' id='w-normal'>".(_("password")).":</font>
</td><td>
<INPUT class='admin-text' type='password' name='newpwd' maxlength='15'>
</td></tr>
<tr><td id='sspace'>
<font class='s-normal' id='w-normal'>".(_("e-mail")).":</font>
</td><td>
<INPUT class='admin-text' type='text' name='newmail' maxlength='30'>
</td></tr>
</table>
</FIELDSET>
<table border='0'>
<tr><td>
<INPUT class='admin-button' type='submit' name='refresh' value='".(_("Update"))." »'>
</td></tr>
</table>
</form>
</td>
</tr>
</table>
</div>
<div align='center'>
<table class='admin-table' border='1'>
<tr valign='middle'>
<td width='250'><font class='s-normal' id='w-bold'> ".(_("Extra"))."</font></td>
<td width='300'><font class='s-normal' id='w-bold'> ".(_("Users' information"))."</font></td>
<td width='250'><font class='s-normal' id='w-bold'> ".(_("Information"))."</font></td>
</tr>
<tr valign='top'>
<td class='admin' width='210' align='center'><hr width='100%'>
<p>
<font class='s-normal' id='w-normal'>
<a href='robot.php'>".(_("search (indexing)"))."</a>
</font>
</p>
<p>
<font class='s-normal' id='w-normal'>
<a href='newest.php'>".(_("Newest publications"))."</a>
</font>
</p>
<p>
<font class='s-normal' id='w-normal'>
<a href='msaver.php'>".(_("message board"))."</a>
</font>
</p>
<p>
<font class='s-normal' id='w-normal'>
<a href='logout.php'>".(_("Log out"))."</a>
</font>
</p>
</td>
<td class='admin'><hr width='100%'>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("Details"))."</font></LEGEND>
<table>
<form action='admininfo.php' method='post'>
<tr><td valign='top'>
<font class='s-normal' id='w-normal'>".(_("login")).": </font>
</td><td valign='top'>
<INPUT class='admin-text' type='text' name='login' maxlength='15'><br><br>
<INPUT class='admin-button' type='submit' value='".(_("View"))."»'></td></tr>
</form>
</table>
</FIELDSET>
<FIELDSET>
<LEGEND><font class='s-normal' id='w-bold'>".(_("List of users"))."</font></LEGEND>
<table width='100%'>
<tr>
<td></td>
<td><font class='s-normal' id='w-bold'>".(_("login"))."</font></td>
<td></td>
<td><font class='s-normal' id='w-bold'>".(_("status"))."</font></td>
</tr>";
connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
$result = mysql_query("select login, addk
from ".($cfg["prefix"])."security
order by addk, date", $connector)
or die("error #102");
while($row = mysql_fetch_array($result, MYSQL_NUM))
{
echo "<tr>
<td><font class='s-normal' id='w-bold'>»»</font></td>
<td><font class='s-normal' id='w-normal'>".$row[0]."</font></td>
<td><font class='s-normal' id='w-bold'>-</font></td>
<td><font class='s-normal' id='w-normal'>".$row[1]."</font></td>
</tr>";
}
mysql_free_result($result);
mysql_close($connector);
echo "</table>
</FIELDSET>
</td>
<td class='admin' width='250' valign='top'>
<hr width='100%'>
<table cellpadding='5'>
<tr>
<td>
<p>
<font class='s-normal' id='w-normal'>
".(_("Newer versions of the script are available on the official web-site of the s-p-e project")).":
<a href='http://lipetsk.lug.ru/projects/index.html#sp'>http://lipetsk.lug.ru/projects/index.html#sp</a>.
</font>
</p>
<p>
<font class='s-normal' id='w-normal'>
".(_("Current version:"))." 0.3.0.
</p>
</td>
</tr>
</table>
</td>
</tr>
</table>
</div>
<p align='center'>
<a href='http://lipetsk.lug.ru/projects/index.html#sp'>
<img src='../skin/".$cfg["skin"]."/img/copy.jpg' border='0' height='40'>
</a>
</p>
<p align='center'>
<font class='s-normal' id='w-normal'>
s-p-e is Free Software released under the GNU General Public License.
</font>
</p>
</BODY>
</HTML>";
} else {
echo _("Access denied.");
}
?>