Location: PHPKode > scripts > Tapps > tapps/admin.php
<?php

/************************************************************************
 *                                                                      *
 *      Tapps - admin.php                                               *
 *                                                                      *
 *      description     : advanced PHP poll system                      *
 *      copyright       : (c) 2001,2002 by Stephan Uhlman               *
 *      email           : hide@address.com                                *
 *                                                                      *
 ************************************************************************/

/************************************************************************
 *                                                                      *
 * This program is free software; you can redistribute it and/or modify *
 * it under the terms of the GNU General Public License as published by *
 * the Free Software Foundation; either version 2 of the License, or    *
 * (at your option) any later version.                                  *
 *                                                                      *
 ************************************************************************/


if (file_exists(dirname(__FILE__) . "/config_private.inc.php"))
        include(dirname(__FILE__) . "/config_private.inc.php");
else
        include(dirname(__FILE__) . "/config.inc.php");


include(dirname(__FILE__) . "/functions.inc.php");

function print_poll_edit_form($poll_id)
{
	global $user, $password;

	echo "<a href=\"admin.php\">back to main admin page</a><br><br>\n";

	$result = db_query("SELECT * FROM tapps_polls WHERE poll_id=$poll_id");
	$o = db_fetch_object($result);
	if (isset($o))
	{
		echo "<form action=\"".$tapps_dir."admin.php\" method=\"post\">\n";
		echo "<input type=\"hidden\" name=\"mode\" value=\"savepoll\">\n";
		echo "<input type=\"hidden\" name=\"poll_id\" value=\"$o->poll_id\">\n";
		echo "<table>\n";
		echo "<tr><td>Poll ID:</td><td><input type=\"text\" name=\"new_poll_id\" value=\"$o->poll_id\"></td></tr>\n";
		echo "<tr><td>Title:</td><td><input type=\"text\" name=\"title\" value=\"$o->title\"></td></tr>\n";
		echo "<tr><td>Valid until:</td><td><input type=\"text\" name=\"valid_until\" value=\"$o->valid_until\"></td></tr>\n";
		echo "<tr><td>Max. answers:</td><td><input type=\"text\" name=\"max_answers\" value=\"$o->max_answers\"></td></tr>\n";
		echo "<tr><td>Description:</td><td><input type=\"text\" name=\"description\" value=\"$o->description\"></td></tr>\n";
		echo "<tr><td>Enabled:</td><td><input type=\"text\" name=\"enabled\" value=\"$o->enabled\"></td></tr>\n";
		echo "</table>\n";
		echo "<input type=submit value=\"Save\"><br>\n";
		echo "</form>\n";

		// list options
		$result = db_query("SELECT * FROM tapps_votes WHERE poll_id=$poll_id");
		while ($o = db_fetch_object($result))
		{
			echo "<br><br>---------------------------------------------<br><br>\n";
			echo "<form action=\"".$tapps_dir."admin.php\" method=\"post\">\n";
			echo "<input type=\"hidden\" name=\"mode\" value=\"saveoption\">\n";
			echo "<input type=\"hidden\" name=\"poll_id\" value=\"$o->poll_id\">\n";
			echo "<input type=\"hidden\" name=\"option_id\" value=\"$o->option_id\">\n";
			echo "<table>\n";
			echo "<tr><td>Option ID:</td><td><input type=\"text\" name=\"new_option_id\" value=\"$o->option_id\"></td></tr>\n";
			echo "<tr><td>Option text:</td><td><input type=\"text\" name=\"option_text\" value=\"$o->option_text\"></td></tr>\n";
			echo "<tr><td>Counter:</td><td><input type=\"text\" name=\"counter\" value=\"$o->counter\"></td></tr>\n";
			echo "</table>\n";
			echo "<input type=submit value=\"Save\"><br>\n";
			echo "</form>\n";
		}
		echo "<br><br>\n";
		echo "<a href=\"admin.php?mode=newoption&amp;poll_id=$poll_id\">New option</a><br>\n";
	}
}

function print_poll_new_form()
{
	$result = db_query("SELECT MAX(poll_id) AS max_poll_id FROM tapps_polls");
	$o = db_fetch_object($result);
	if ($o != FALSE)
	{
		$new_poll_id = $o->max_poll_id + 1;
		$default_valid_until = date("Y-m-d H:i:s",time()); // current date plus one week
		echo "<form action=\"".$tapps_dir."admin.php\" method=\"post\">\n";
		echo "<input type=\"hidden\" name=\"mode\" value=\"savepoll\">\n";
		echo "<table>\n";
		echo "<tr><td>Poll ID:</td><td><input type=\"text\" name=\"new_poll_id\" value=\"$new_poll_id\"></td></tr>\n";
		echo "<tr><td>Title:</td><td><input type=\"text\" name=\"title\"></td></tr>\n";
		echo "<tr><td>Valid until:</td><td><input type=\"text\" name=\"valid_until\" value=\"$default_valid_until\"></td></tr>\n";
		echo "<tr><td>Max. answers:</td><td><input type=\"text\" name=\"max_answers\" value=\"1\"></td></tr>\n";
		echo "<tr><td>Description:</td><td><input type=\"text\" name=\"description\"></td></tr>\n";
		echo "<tr><td>Enabled:</td><td><input type=\"text\" name=\"enabled\" value=\"N\"></td></tr>\n";
		echo "</table>\n";
		echo "<input type=submit value=\"Save\"><br>\n";
		echo "</form>\n";
	}
}

function print_option_new_form($poll_id)
{
	$result = db_query("SELECT MAX(option_id) AS max_option_id FROM tapps_votes WHERE poll_id=$poll_id");
	$o = db_fetch_object($result);
	if ($o != FALSE)
	{
		$new_option_id = $o->max_option_id + 1;
		echo "<form action=\"".$tapps_dir."admin.php\" method=\"post\">\n";
		echo "<input type=\"hidden\" name=\"mode\" value=\"saveoption\">\n";
		echo "<input type=\"hidden\" name=\"poll_id\" value=\"$poll_id\">\n";
		echo "<table>\n";
		echo "<tr><td>Option ID:</td><td><input type=\"text\" name=\"new_option_id\" value=\"$new_option_id\"></td></tr>\n";
		echo "<tr><td>Option text:</td><td><input type=\"text\" name=\"option_text\"></td></tr>\n";
		echo "<tr><td>Counter:</td><td><input type=\"text\" name=\"counter\" value=\"0\"></td></tr>\n";
		echo "</table>\n";
		echo "<input type=submit value=\"Save\"><br>\n";
		echo "</form>\n";
	}
}

db_connect();


if ((!isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) || (!isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) ||
($HTTP_SERVER_VARS['PHP_AUTH_USER']!=$tapps_admin_user) || ($HTTP_SERVER_VARS['PHP_AUTH_PW']!=$tapps_admin_password))
{
	header("WWW-Authenticate: Basic realm=\"Tapps Admin Interface\"");
	Header("HTTP/1.0 401 Unauthorized");
        echo "You must authorize with the correct username and password.";
	exit;
}

if (substr($HTTP_SERVER_VARS['PHP_SELF'],-9) == "admin.php")
	include(dirname(__FILE__) . "/header.php");

$mode=getVar("mode","");
if ((is_string($mode)==FALSE) || (in_array($mode,array("","editpoll","newpoll","savepoll","newoption","saveoption"))==FALSE))
{
        die("Invalid mode.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}

$poll_id=0;
$s=getVar("poll_id","0");
if (is_numeric($s)==FALSE)
{
        die("Invalid poll_id.<br>(Don't mess with the input. I don't trust you!)<br>\n");
}
$poll_id = (int)$s;

if (($mode == "editpoll") && ($poll_id != 0))
{
	print_poll_edit_form($poll_id);
} else
if ($mode == "newpoll")
{
	print_poll_new_form();
} else
if ($mode == "savepoll")
{
	$result = db_query("SELECT COUNT(*) AS num FROM tapps_polls WHERE poll_id=$new_poll_id");
	$o = db_fetch_object($result);
	if ($o->num != 0)
	{
		$result = db_query("UPDATE tapps_polls SET poll_id=$new_poll_id, title='$title', valid_until='$valid_until', max_answers=$max_answers, description='$description', enabled='$enabled' WHERE poll_id=$poll_id");
	} else
	{
		$result = db_query("INSERT INTO tapps_polls (poll_id,title,valid_until,max_answers,description,enabled) VALUES ($new_poll_id, '$title', '$valid_until', $max_answers, '$description', '$enabled')");
	}
	if ($result != FALSE)
	{
		print_poll_edit_form($new_poll_id);
	}
} else
if (($mode == "newoption") && isset($poll_id))
{
	print_option_new_form($poll_id);
} else
if (($mode == "saveoption") && isset($poll_id))
{
	$result = db_query("SELECT COUNT(*) AS num FROM tapps_votes WHERE poll_id=$poll_id AND option_id=$new_option_id");
	$o = db_fetch_object($result);
	if ($o->num != 0)
	{
		$result = db_query("UPDATE tapps_votes SET option_id=$new_option_id, option_text='$option_text', counter=$counter WHERE poll_id=$poll_id AND option_id=$option_id");
	} else
	{
		$result = db_query("INSERT INTO tapps_votes (poll_id,option_id,option_text,counter) VALUES ($poll_id, $new_option_id, '$option_text', $counter)");
	}
	if ($result != FALSE)
	{
		print_poll_edit_form($poll_id);
	}
} else
{

	$result = db_query("SELECT * FROM tapps_polls");
	echo "<table border=1><tr><th>ID</th><th>Title</th><th>Valid until</th><th>Enabled</th></tr>\n";
	while ($o = db_fetch_object($result))
	{
		echo "<tr>\n";
		echo "<td>$o->poll_id</td>\n";
		echo "<td><a href=\"admin.php?mode=editpoll&amp;poll_id=$o->poll_id\">$o->title</a></td>\n";
		echo "<td>$o->valid_until</td>\n";
		echo "<td>$o->enabled</td>\n";
		echo "</tr>\n";
	}
	echo "</table>\n";
	echo "<br><br>\n";
	echo "<a href=\"admin.php?mode=newpoll\">New poll</a><br>\n";
}

if (substr($HTTP_SERVER_VARS['PHP_SELF'],-9) == "admin.php")
	include(dirname(__FILE__) . "/footer.php");

?>
Return current item: Tapps