<?php
ob_start();
include_once("functions.php");
include('config.php');
include("session.php");
// this setting activates tinyMCE for all textareas in the page
$set_mce = 1;
include("header.php");
$user = loadUser($_SESSION['login'],$link,$table_users);
if(!$_SESSION["loggedIn"] || !$user['admin']){ echo "You don't have enough privileges to view this page."; exit; }
$theid = 1; // if the parameter is not numeric (possible hacking attempt), the script defaults to 1
if(is_numeric($_GET['id'])){
$theid = $_GET['id'];
}
$query = "SELECT * FROM $table_pages WHERE id = '$theid'";
$result = mysql_query ($query, $link) or die("Died getting info from db. Error returned if any: ".mysql_error());
$entry = mysql_fetch_array($result);
if(!$_SESSION["loggedIn"]){
?>
You are not allowed to view this page, please log in first.
<?php
}
else
{
if($_POST['Submit']){
if(!$_POST[title])
{
$messages[]="$lang_enter_title";
}
// upload script
include("upload_files.php");
if(empty($messages)) {
foreach($HTTP_POST_VARS[deletefile] as $delete){
// delete images/files that belong to this post
$query = mysql_query("DELETE FROM $table_files WHERE id = $delete LIMIT 1");
}
if($_POST['mainpage']){
// make sure there's only one mainpage
$query="UPDATE $table_pages SET mainpage = '0'";
$result=mysql_query($query, $link) or die("Died inserting login info into db. Error returned if any: ".mysql_error());
}
$query="UPDATE $table_pages SET title = '$_POST[title]', text = '$_POST[text]', image = '$image', imagewidth = '$imagewidth', imageheight = '$imageheight', align = '$_POST[align]', use_form = '$_POST[use_form]', form_email = '$_POST[form_email]', mainpage = '$_POST[mainpage]' WHERE id = $entry[id]";
$result=mysql_query($query, $link) or die("Died inserting data into db. Error returned if any: ".mysql_error());
$query = "SELECT * FROM $table_pages ORDER BY id DESC LIMIT 1";
$result = mysql_query($query, $link);
$latestentry = mysql_fetch_array($result);
foreach ($aBestanden as $sFilename => $sFiletype)
{
if($sFiletype == 'image/jpeg' || $sFiletype == 'image/pjpeg' || $sFiletype == 'image/gif'){
$imgsize = getimagesize("../upload/$sFilename");
$query = "INSERT INTO $table_files (page_id, name, type, width, height) VALUES ('". $entry[id] . "', '". $sFilename . "', '". $sFiletype . "', '". $imgsize[0] . "', '". $imgsize[1] . "')";
$result=mysql_query($query, $link) or die("Died inserting login info into db. Error returned if any: ".mysql_error());
}
else
{
$query = "INSERT INTO $table_files (page_id, name, type) VALUES ('". $entry[id] . "', '". $sFilename . "', '". $sFiletype . "')";
$result=mysql_query($query, $link) or die("Died inserting login info into db. Error returned if any: ".mysql_error());
}
}
}
if($_POST[embed]){
$query = "UPDATE $table_files SET full_url = '$_POST[embed]', type = 'embed' WHERE page_id = '$entry[id]'";
$result=mysql_query($query, $link) or die("Died inserting login info into db. Error returned if any: ".mysql_error());
}
header("Location: editor_pages.php?id=$entry[id]&message=11");
ob_end_flush();
}
}
?>
<div id="submenu"><a href="newpage.php" class="sub"><?php echo "$lang_newpage"; ?></a> | <a href="page.php" class="sub"><?php echo "$lang_edit_delete_page"; ?></a></div>
<div id="side">
<div class="title"> </div>
<div class="box"><?php
if(!empty($messages)){
displayErrors($messages);
}
elseif($_GET[message] && empty($messages)){
displayMessage($_GET[message]);
}
else{
echo "$lang_message048";
}
?>
</div></div>
<div id="main">
<form name="editform" method="post" enctype="multipart/form-data">
<table width="100%" border="0" cellpadding="0" cellspacing="0" class="text">
<tr>
<td width="164"><h1><?php echo "$lang_edit"; ?></h1></td>
</tr>
<tr>
<td><input type="submit" name="Submit" value="<?php echo "$lang_submit"; ?>" id="button" /></td>
</tr>
<tr>
<td><input name="id" type="hidden" id="id" value="<?php echo "$_GET[id]"; ?>"></td>
</tr>
<tr>
<td valign="top">
<fieldset id="titlediv">
<legend><?php echo "$lang_title"; ?></legend>
<input name="title" type="text" value="<?php echo "$entry[title]"; ?>">
<?php if($entry[mainpage]){
?>
<input name="mainpage" type="checkbox" value="1" checked="checked" />
<?php
}
else
{
?>
<input name="mainpage" type="checkbox" value="1" />
<?php
}
echo "$lang_set_mainpage"; ?>
</fieldset></td>
</tr>
<tr>
<td valign="top"> </td>
</tr>
<tr>
<td valign="top">
<fieldset id="titlediv">
<legend><?php echo "$lang_text"; ?></legend>
<?php
// present safari users with a different editor
$a_browser_data = browser_detection('full');
if ( $a_browser_data[0] == 'saf' || !$settings[use_tinymce])
{
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="34%" class="title"> </td>
<td width="66%">
<input type="button" class="button" value="<?php echo"$lang_bold"; ?>" name="bold2" onmousedown="javascript:tag_construct('bold','text'); return false;"/>
<input type="button" class="button" value="<?php echo"$lang_italic"; ?>" name="italic2" onmousedown="javascript:tag_construct('italic','text'); return false;"/>
<input type="button" class="button" value="<?php echo"$lang_underline"; ?>" name="underline2" onmousedown="javascript:tag_construct('underline','text'); return false;"/>
<input type="button" class="button" value="<?php echo"$lang_url"; ?>" name="url2" onmousedown="javascript:tag_construct('link','text'); return false;"/>
<input type="button" class="button" value="<?php echo"$lang_img"; ?>" name="img2" onmousedown="javascript:tag_construct('image','text'); return false;"/>
<input type="button" class="button" value="<?php echo"$lang_email"; ?>" name="email2" onmousedown="javascript:tag_construct('email','text'); return false;"/>
</td>
</tr>
</table>
<?
}
?>
<textarea name="text" cols="75" rows="20" id="text"><?php echo "$entry[text]"; ?></textarea>
</fieldset></td>
</tr>
<tr>
<td> </td>
</tr>
<?php
$query = "SELECT * FROM $table_files WHERE page_id = '$entry[id]'";
$result = mysql_query($query, $link);
$numrows = mysql_num_rows($result);
if($numrows){
?>
<tr><td>
<fieldset id="titlediv">
<legend><?php echo "$lang_curr_img_file";?></legend>
<?php
echo '<table width="50%" border="0" cellspacing="0" cellpadding="0">';
while($row = mysql_fetch_array($result)){
if($row[type] == 'image/jpeg' || $row[type] == 'image/gif'){
echo " <tr><td><img src='../upload/thumbnail.php?gd=2&src=$row[name]&maxw=100' border='0'></td><td><a href='schredder.php?tablename=$table_files&fileid=$row[id]&pageid=$entry[id]'>$lang_delete</a></td></tr><tr><td> </td></tr>";
}
else
{
// fix to get the real name of the file
$name = substr($row[name],13);
$filename = urlencode($row[name]);
echo "<tr><td><a href='../upload/force_download.php?file=$filename&type=$row[type]'>$name</a></td><td><a href='schredder.php?tablename=$table_files&fileid=$row[id]&pageid=$entry[id]'>$lang_delete</a></td></tr><tr><td> </td></tr>";
}
}
?>
</fieldset>
</table>
<?php }
?>
<?php if($settings[use_upload]){ ?>
<tr>
<td><?php include("file_manager_include.php"); ?></td>
</tr>
<td colspan="2">
<fieldset id="titlediv">
<legend><?php echo "$lang_upload_img_file"; ?></legend>
<input id="my_file_element" type="file" value="1" name="file_1" \ />
<div id="files_list"></div>
<script>
<!-- Create an instance of the multiSelector class, pass it the output target and the max number of files -->
var multi_selector = new MultiSelector( document.getElementById( 'files_list' ), 20 );
<!-- Pass in the file element -->
multi_selector.addElement( document.getElementById( 'my_file_element' ) );
</script>
</fieldset></td></tr>
<tr>
<td><div class="text" onclick="expandcontent(this, 'sc3')" style="cursor:hand; cursor:pointer">
<div align="right"><a name="upload" id="upload"></a><a href="#upload"><span class="showstate"></span><?php echo "$lang_options"; ?></a></div>
</div>
<div id="sc3" class="switchcontent">
<p>
<table width="100%" style='border: #CCCCCC solid; border-width: 5px 1px 1px 1px; padding: 5px 5px 5px 5px;'>
<tr>
<td width="20%">
<?php echo "$lang_jpeg_gif"; ?></td><td><input name="thumbnail" type="checkbox" value="1" checked="checked" />
<?php echo "$lang_thumbnails"; ?></td></tr>
<tr>
<td colspan="3">
<?php
$query = "SELECT * FROM $table_files WHERE page_id = '$entry[id]'";
$result = mysql_query($query, $link);
$file = mysql_fetch_array($result);
//print_r($file);
if($file[type] == 'embed'){ ?>
<script type="text/javascript">
// insert embed code through javascript, otherwise the movie gets loaded
function ShowEmbed() { javascript:document.editform.embed.value='<?php echo $file[full_url]; ?>' }
</script>
<?php } ?>
<img src="icons/stats.jpg" onload="ShowEmbed();" style="display: none;" /> <?php // hackish, I know, but I can't get the javascript to load otherwise ?>
<input name="embed" type="text" size="70" /></td>
</tr>
</table>
</p>
</div></td>
</tr>
<?php } ?>
<tr>
<td> </td>
</tr>
<tr>
<td>
<fieldset id="titlediv">
<legend><?php echo "$lang_contactform"; ?></legend>
<?php echo "$lang_use_contactform"; ?>
<?php
if($entry[use_form]){
?>
<input name="use_form" type="checkbox" id="use_form" value="1" checked="checked" />
<?php
}
else
{
?>
<input name="use_form" type="checkbox" id="use_form" value="1" />
<?php
}
?>
<br /> <?php echo "$lang_form_email"; ?>
<input type="text" name="form_email" value="<?php echo "$entry[form_email]"; ?>" />
</fieldset> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td><input type="submit" name="Submit" value="<?php echo "$lang_submit"; ?>" id="button"></td>
</tr>
</table>
</form>
</div>
<?php
include ("footer.php");
?>