Imported sources

author: Starla Insigna <hatkirby@fourisland.com> 2008-11-19 17:27:03 -0500
committer: Starla Insigna <hatkirby@fourisland.com> 2008-11-19 17:27:03 -0500
commit: 24503e3abe705acde2df159aeae61be0d009f92e (patch)
tree: 8debbd53dcd0db2f5934c5e2af4e697e3787781d /pages/admin.php
download: fourisland-24503e3abe705acde2df159aeae61be0d009f92e.tar.gz
fourisland-24503e3abe705acde2df159aeae61be0d009f92e.tar.bz2
fourisland-24503e3abe705acde2df159aeae61be0d009f92e.zip
1 files changed, 661 insertions, 0 deletions
diff --git a/pages/admin.php b/pages/admin.php
new file mode 100644
index 0000000..ca7a7fa
--- /dev/null
+++ b/pages/admin.php

@@ -0,0 +1,661 @@
+<?php
+/*
+       444444444  
+      4::::::::4  
+     4:::::::::4  
+    4::::44::::4  
+   4::::4 4::::4   Four Island
+  4::::4  4::::4  
+ 4::::4   4::::4   Written and maintained by Starla Insigna
+4::::444444::::444
+4::::::::::::::::4  pages/admin.php
+4444444444:::::444
+          4::::4   Please do not use, reproduce or steal the
+          4::::4   contents of this file without explicit
+          4::::4   permission from Hatkirby.
+        44::::::44
+        4::::::::4
+        4444444444
+*/
+if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
+require('headerproc.php');
+$pageCategory = 'panel';
+if (isLoggedIn())
+{
+        if (getUserlevel() == 1)
+        {
+                if (!isset($_GET['page']))
+                {
+                        $template = new FITemplate('admin/index');
+                } else if ($_GET['page'] == 'writePost')
+                {
+                        if (!isset($_GET['submit']))
+                        {
+                                $template = new FITemplate('admin/write');
+                        } else {
+                                if ($_POST['type'] == 'draft')
+                                {
+                                        $insdraft = "INSERT INTO drafts (title,author,text,tag1,tag2,tag3,slug) VALUES (\"" . addslashes($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\",\"" . $_POST['tag1'] . "\",\"" . $_POST['tag2'] . "\",\"" . $_POST['tag3'] . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                        $insdraft2 = mysql_query($insdraft);
+                                        $getdraft = "SELECT * FROM drafts ORDER BY id DESC LIMIT 0,1";
+                                        $getdraft2 = mysql_query($getdraft);
+                                        $getdraft3 = mysql_fetch_array($getdraft2);
+                                        $template = new FITemplate('admin/draftSuccess');
+                                        $template->add('ID', $getdraft3['id']);
+                                } else if ($_POST['type'] == 'instant')
+                                {
+                                        postBlogPost($_POST['title'], sess_get('uname'), $_POST['tag1'], $_POST['tag2'], $_POST['tag3'], $_POST['text']);
+                                        $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,1";
+                                        $getpost2 = mysql_query($getpost);
+                                        $getpost3 = mysql_fetch_array($getpost2);
+                                        $template = new FITemplate('admin/postSuccess');
+                                        $template->add('ID', $getpost3['id']);
+                                        $template->add('CODED', $getpost3['slug']);
+                                } else {
+                                        if ($_POST['type'] == 'normal')
+                                        {
+                                                $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1";
+                                                $getpending2 = mysql_query($getpending);
+                                                $getpending3 = mysql_fetch_array($getpending2);
+                                                if (isset($getpending3['id']) === FALSE)
+                                                {
+                                                        $id = 50;
+                                                } else {
+                                                        $id = $getpending3['id']+1;
+                                                }
+                                        } else if ($_POST['type'] == 'priority')
+                                        {
+                                                $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1";
+                                                $getpending2 = mysql_query($getpending);
+                                                $getpending3 = mysql_fetch_array($getpending2);
+                                                if (isset($getpending3['id']) === FALSE)
+                                                {
+                                                        $id = 50;
+                                                } else {
+                                                        $id = $getpending3['id']-1;
+                                                }
+                                        } else {
+                                                generateError(404);
+                                        }
+                                        $inspending = "INSERT INTO pending (id,title,author,text,tag1,tag2,tag3,slug) VALUES (" . $id . ",\"" . addslashes($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\",\"" . $_POST['tag1'] . "\",\"" . $_POST['tag2'] . "\",\"" . $_POST['tag3'] . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                        $inspending2 = mysql_query($inspending);
+                                        $template = new FITemplate('admin/pendingSuccess');
+                                        $template->add('ID', $id);
+                                }
+                        }
+                } else if ($_GET['page'] == 'manageDrafts')
+                {
+                        $template = new FITemplate('admin/manageDrafts');
+                        $getdrafts = "SELECT * FROM drafts ORDER BY id ASC";
+                        $getdrafts2 = mysql_query($getdrafts);
+                        $i=0;
+                        while ($getdrafts3[$i] = mysql_fetch_array($getdrafts2))
+                        {
+                                $template->adds_block('DRAFT', array(   'TITLE' => $getdrafts3[$i]['title'],
+                                                                        'AUTHOR' => $getdrafts3[$i]['author'],
+                                                                        'ID' => $getdrafts3[$i]['id']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'editDraft')
+                {
+                        $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
+                        $getdraft2 = mysql_query($getdraft);
+                        $getdraft3 = mysql_fetch_array($getdraft2);
+                        if ($getdraft3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/editDraft');
+                                        $template->add('ID', $_GET['id']);
+                                        $template->add('TEXT', $getdraft3['text']);
+                                        $template->add('TAG1', $getdraft3['tag1']);
+                                        $template->add('TAG2', $getdraft3['tag2']);
+                                        $template->add('TAG3', $getdraft3['tag3']);
+                                        $template->add('TITLE', $getdraft3['title']);
+                                } else {
+                                        if ($_POST['type'] == 'draft')
+                                        {
+                                                $setdraft = "UPDATE drafts SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id'];
+                                                $setdraft2 = mysql_query($setdraft);
+                                                $template = new FITemplate('admin/draftSuccess');
+                                                $template->add('ID', $_GET['id']);
+                                        } else if ($_POST['type'] == 'instant')
+                                        {
+                                                postBlogPost($_POST['title'], sess_get('uname'), $_POST['tag1'], $_POST['tag2'], $_POST['tag3'], $_POST['text']);
+                                                $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
+                                                $deldraft2 = mysql_query($deldraft);
+                                                $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,1";
+                                                $getpost2 = mysql_query($getpost);
+                                                $getpost3 = mysql_fetch_array($getpost2);
+                                                $template = new FITemplate('admin/postSuccess');
+                                                $template->add('ID', $getpost3['id']);
+                                                $template->add('CODED', $getpost3['slug']);
+                                        } else {
+                                                if ($_POST['type'] == 'normal')
+                                                {
+                                                        $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1";
+                                                        $getpending2 = mysql_query($getpending);
+                                                        $getpending3 = mysql_fetch_array($getpending2);
+                                                        if (isset($getpending3['id']) === FALSE)
+                                                        {
+                                                                $id = 50;
+                                                        } else {
+                                                                $id = $getpending3['id']+1;
+                                                        }
+                                                } else if ($_POST['type'] == 'priority')
+                                                {
+                                                        $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1";
+                                                        $getpending2 = mysql_query($getpending);
+                                                        $getpending3 = mysql_fetch_array($getpending2);
+                                                        if (isset($getpending3['id']) === FALSE)
+                                                        {
+                                                                $id = 50;
+                                                        } else {
+                                                                $id = $getpending3['id']-1;
+                                                        }
+                                                } else {
+                                                        generateError(404);
+                                                }
+                                                $inspending = "INSERT INTO pending (id,title,author,text,tag1,tag2,tag3,slug) VALUES (" . $id . ",\"" . addslashes($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\",\"" . $_POST['tag1'] . "\",\"" . $_POST['tag2'] . "\",\"" . $_POST['tag3'] . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
+                                                $inspending2 = mysql_query($inspending);
+                                                $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
+                                                $deldraft2 = mysql_query($deldraft);
+                                                $template = new FITemplate('admin/pendingSuccess');
+                                                $template->add('ID', $id);
+                                        }
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'deleteDraft')
+                {
+                        $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
+                        $getdraft2 = mysql_query($getdraft);
+                        $getdraft3 = mysql_fetch_array($getdraft2);
+                        if ($getdraft3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/deleteDraft');
+                                        $template->add('ID', $_GET['id']);
+                                } else {
+                                        $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
+                                        $deldraft2 = mysql_query($deldraft);
+                                        $template = new FITemplate('admin/deletedDraft');
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'viewDraft')
+                {
+                        $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
+                        $getdraft2 = mysql_query($getdraft);
+                        $getdraft3 = mysql_fetch_array($getdraft2);
+                        if ($getdraft3['id'] == $_GET['id'])
+                        {
+                                $template = new FITemplate('post');
+                                $template->adds_block('INTERNAL',array('exi'=>1));
+                                $template->adds_block('POST', array(    'ID' => $getdraft3['id'],
+                                                                        'YEARID' => ((date('Y')-2006) % 4),
+                                                                        'DATE' => date('F dS Y \a\\t g:i:s a'),
+                                                                        'MONTH' => date('M'),
+                                                                        'DAY' => date('d'),
+                                                                        'CODED' => $getdraft3['slug'],
+                                                                        'TITLE' => $getdraft3['title'],
+                                                                        'AUTHOR' => $getdraft3['author'],
+                                                                        'TAG1' => $getdraft3['tag1'],
+                                                                        'TAG2' => $getdraft3['tag2'],
+                                                                        'TAG3' => $getdraft3['tag3'],
+                                                                        'RATING' => 0,
+                                                                        'TEXT' => parseBBCode($getdraft3['text'])));    
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'managePending')
+                {
+                        $template = new FITemplate('admin/managePending');
+                        $getpending = "SELECT * FROM pending ORDER BY id ASC";
+                        $getpending2 = mysql_query($getpending);
+                        $i=0;
+                        while ($getpending3[$i] = mysql_fetch_array($getpending2))
+                        {
+                                $template->adds_block('PENDING', array( 'TITLE' => $getpending3[$i]['title'],
+                                                                        'AUTHOR' => $getpending3[$i]['author'],
+                                                                        'ID' => $getpending3[$i]['id']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'editPending')
+                {
+                        $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
+                        $getpending2 = mysql_query($getpending);
+                        $getpending3 = mysql_fetch_array($getpending2);
+                        if ($getpending3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/editPending');
+                                        $template->add('ID', $_GET['id']);
+                                        $template->add('TEXT', $getpending3['text']);
+                                        $template->add('TAG1', $getpending3['tag1']);
+                                        $template->add('TAG2', $getpending3['tag2']);
+                                        $template->add('TAG3', $getpending3['tag3']);
+                                        $template->add('TITLE', $getpending3['title']);
+                                } else {
+                                        $setpending = "UPDATE pending SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id'];
+                                        $setpending2 = mysql_query($setpending);
+                                        $template = new FITemplate('admin/pendingSuccess');
+                                        $template->add('ID', $_GET['id']);
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'deletePending')
+                {
+                        $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
+                        $getpending2 = mysql_query($getpending);
+                        $getpending3 = mysql_fetch_array($getpending2);
+                        if ($getpending3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/deletePending');
+                                        $template->add('ID', $_GET['id']);
+                                } else {
+                                        $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'];
+                                        $delpending2 = mysql_query($delpending);
+                                        $template = new FITemplate('admin/deletedPending');
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'viewPending')
+                {
+                        $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
+                        $getpending2 = mysql_query($getpending);
+                        $getpending3 = mysql_fetch_array($getpending2);
+                        if ($getpending3['id'] == $_GET['id'])
+                        {
+                                $template = new FITemplate('post');
+                                $template->adds_block('INTERNAL',array('exi'=>1));
+                                $template->adds_block('POST', array(    'ID' => $getpending3['id'],
+                                                                        'YEARID' => ((date('Y')-2006) % 4),
+                                                                        'DATE' => date('F dS Y \a\\t g:i:s a'),
+                                                                        'MONTH' => date('M'),
+                                                                        'DAY' => date('d'),
+                                                                        'CODED' => $getpending3['slug'],
+                                                                        'TITLE' => $getpending3['title'],
+                                                                        'AUTHOR' => $getpending3['author'],
+                                                                        'TAG1' => $getpending3['tag1'],
+                                                                        'TAG2' => $getpending3['tag2'],
+                                                                        'TAG3' => $getpending3['tag3'],
+                                                                        'RATING' => 0,
+                                                                        'TEXT' => parseBBCode($getpending3['text'])));  
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'managePosts')
+                {
+                        $template = new FITemplate('admin/managePosts');
+                        $getposts = "SELECT * FROM updates ORDER BY id ASC";
+                        $getposts2 = mysql_query($getposts);
+                        $i=0;
+                        while ($getposts3[$i] = mysql_fetch_array($getposts2))
+                        {
+                                $template->adds_block('POST', array(    'TITLE' => $getposts3[$i]['title'],
+                                                                        'AUTHOR' => $getposts3[$i]['author'],
+                                                                        'ID' => $getposts3[$i]['id'],
+                                                                        'CODED' => $getposts3[$i]['slug']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'editPost')
+                {
+                        $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id'];
+                        $getpost2 = mysql_query($getpost);
+                        $getpost3 = mysql_fetch_array($getpost2);
+                        if ($getpost3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/editPost');
+                                        $template->add('ID', $_GET['id']);
+                                        $template->add('TEXT', $getpost3['text']);
+                                        $template->add('TAG1', $getpost3['tag1']);
+                                        $template->add('TAG2', $getpost3['tag2']);
+                                        $template->add('TAG3', $getpost3['tag3']);
+                                        $template->add('TITLE', $getpost3['title']);
+                                } else {
+                                        $setpost = "UPDATE updates SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id'];
+                                        $setpost2 = mysql_query($setpost);
+                                        $template = new FITemplate('admin/postSuccess');
+                                        $template->add('ID', $_GET['id']);
+                                        $template->add('CODED', $getpost3['slug']);
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'deletePost')
+                {
+                        $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id'];
+                        $getpost2 = mysql_query($getpost);
+                        $getpost3 = mysql_fetch_array($getpost2);
+                        if ($getpost3['id'] == $_GET['id'])
+                        {
+                                if (!isset($_GET['submit']))
+                                {
+                                        $template = new FITemplate('admin/deletePost');
+                                        $template->add('ID', $_GET['id']);
+                                } else {
+                                        $delpost = "DELETE FROM updates WHERE id = " . $_GET['id'];
+                                        $delpost2 = mysql_query($delpost);
+                                        $template = new FITemplate('admin/deletedPost');
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'moderateComments')
+                {
+                        $template = new FITemplate('admin/moderateComments');
+                        $getcomments = "SELECT * FROM moderation ORDER BY id ASC";
+                        $getcomments2 = mysql_query($getcomments);
+                        $i=0;
+                        while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
+                        {
+                                $comType = substr($getcomments3[$i]['page_id'],0,strpos($getcomments3[$i]['page_id'],'-'));
+                                $comID = substr($getcomments3[$i]['page_id'],strpos($getcomments3[$i]['page_id'],'-')+1);
+                                if ($comType == 'updates')
+                                {
+                                        $getpost = "SELECT * FROM updates WHERE id = " . $comID;
+                                        $getpost2 = mysql_query($getpost);
+                                        $getpost3 = mysql_fetch_array($getpost2);
+                                        $title = $getpost3['title'];
+                                } else if ($comType = 'polloftheweek')
+                                {
+                                        $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $comID;
+                                        $getpoll2 = mysql_query($getpoll);
+                                        $getpoll3 = mysql_fetch_array($getpoll2);
+                                        $title = $getpoll3['question'];
+                                } else if ($comType = 'quotes')
+                                {
+                                        $getquote = "SELECT * FROM rash_quotes WHERE id = " . $comID;
+                                        $getquote2 = mysql_query($getquote);
+                                        $getquote3 = mysql_fetch_array($getquote2);
+                                        $title = '#' . $getquote3['id'];
+                                }
+                                $template->adds_block('COMMENT', array( 'TITLE' => $title,
+                                                                        'AUTHOR' => $getcomments3[$i]['author'],
+                                                                        'ID' => $getcomments3[$i]['id']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'viewComment')
+                {
+                        $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
+                        $getcomment2 = mysql_query($getcomment);
+                        $getcomment3 = mysql_fetch_array($getcomment2);
+                        if ($getcomment3['id'] == $_GET['id'])
+                        {
+                                $getuser = "SELECT * FROM users WHERE username = \"" . $getcomment3['author'] . "\"";
+                                $getuser2 = mysql_query($getuser);
+                                $getuser3 = mysql_fetch_array($getuser2);
+                                $template = new FITemplate('admin/viewComment');
+                                $template->add('ID', $_GET['id']);
+                                $template->add('USERNAME', $getcomment3['author']);
+                                $template->add('CODEDEMAIL', md5(strtolower($getuser3['email'])));
+                                $template->add('TEXT', parseBBCode($getcomment3['comment']));
+                                $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate'])));
+                                $template->add('CODEDDEF',urlencode('http://www.fourisland.com/images/error404.png'));
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'actionComment')
+                {
+                        $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
+                        $getcomment2 = mysql_query($getcomment);
+                        $getcomment3 = mysql_fetch_array($getcomment2);
+                        if ($getcomment3['id'] == $_GET['id'])
+                        {
+                                if (isset($_GET['approve']))
+                                {
+                                        $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")";
+                                        $insanon2 = mysql_query($insanon);
+                                        $inscomment = "INSERT INTO comments (page_id,username,comment) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\")";
+                                        $inscomment2 = mysql_query($inscomment);
+                                        $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id'];
+                                        $delcomment2 = mysql_query($delcomment);
+                                        $template = new FITemplate('msg');
+                                        $template->add('BACK', 'Comment Moderation');
+                                        $template->add('MSG', 'You\'ve successfully approved this comment.');
+                                } else if (isset($_GET['deny']))
+                                {
+                                        $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id'];
+                                        $delcomment2 = mysql_query($delcomment);
+                                        $template = new FITemplate('msg');
+                                        $template->add('BACK', 'Comment Moderation');
+                                        $template->add('MSG', 'You\'ve successfully denied this comment.');
+                                } else {
+                                        $template = new FITemplate('msg');
+                                        $template->add('BACK', 'the previous page');
+                                        $template->add('MSG', "Um, what on earth are you doing?");
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'managePages')
+                {
+                        $template = new FITemplate('admin/managePages');
+                        $getpages = "SELECT wiki_pages.*, wiki_revisions.author FROM wiki_pages, wiki_revisions WHERE wiki_revisions.id = wiki_pages.revision ORDER BY id ASC";
+                        $getpages2 = mysql_query($getpages);
+                        $i=0;                           $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, but this page doesn\'t exist.');
+                        while ($getpages3[$i] = mysql_fetch_array($getpages2))
+                        {
+                                $template->adds_block('PAGE', array(    'TITLE' => $getpages3[$i]['title'],
+                                                                        'AUTHOR' => $getpages3[$i]['author'],
+                                                                        'ID' => $getpages3[$i]['id'],
+                                                                        'CODED' => $getpages3[$i]['slug']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'pageHistory')
+                {
+                        $getpage = "SELECT * FROM wiki_pages WHERE id = " . $_GET['id'] . " ORDER BY id ASC";
+                        $getpage2 = mysql_query($getpage);
+                        $getpage3 = mysql_fetch_array($getpage2);
+                        if ($getpage3['id'] == $_GET['id'])
+                        {
+                                $template = new FITemplate('admin/pageHistory');
+                                $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $getpage3['revision'];
+                                $getrev2 = mysql_query($getrev);
+                                $getrev3 = mysql_fetch_array($getrev2);
+                                $template->adds_block('REV', array(     'AUTHOR' => $getrev3['author'],
+                                                                        'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrev3['pubDate'])),
+                                                                        'ID' => $getrev3['id']));
+                                while ($getrev3['previous'] != 0)
+                                {
+                                        $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $getrev3['previous'];
+                                        $getrev2 = mysql_query($getrev);
+                                        $getrev3 = mysql_fetch_array($getrev2);
+                                        $template->adds_block('REV', array(     'AUTHOR' => $getrev3['author'],
+                                                                                'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrev3['pubDate'])),
+                                                                                'ID' => $getrev3['id']));
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, but this page doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'viewRevision')
+                {
+                        $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $_GET['id'];
+                        $getrev2 = mysql_query($getrev);
+                        $getrev3 = mysql_fetch_array($getrev2);
+                        if ($getrev3['id'] == $_GET['id'])
+                        {
+                                $template = new FITemplate('admin/viewRevision');
+                                $template->add('TEXT', $getrev3['text']);
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, but this revision doesn\'t exist.');
+                        }
+                } else if ($_GET['page'] == 'pollProcess')
+                {
+                        if (!isset($_GET['step']))
+                        {
+                                $template = new FITemplate('admin/pollrss');
+                        } else if ($_GET['step'] == 2)
+                        {
+                                $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\")";
+                                $insrss2 = mysql_query($insrss);
+                                $template = new FITemplate('admin/newPoll');
+                        } else if ($_GET['step'] == 3)
+                        {
+                                $inspoll = "INSERT INTO polloftheweek (question,option1,option2,option3,option4) VALUES (\"" . addslashes($_POST['question']) . "\",\"" . $_POST['option1'] . "\",\"" . $_POST['option2'] . "\",\"" . $_POST['option3'] . "\",\"" . $_POST['option4'] . "\")";
+                                $inspoll2 = mysql_query($inspoll);
+                                $cleardid = "TRUNCATE TABLE didpollalready";
+                                $cleardid2 = mysql_query($cleardid);
+                                $template = new FITemplate('msg2');
+                                $template->add('BACK', 'Back to the Admin Panel');
+                                $template->add('LINK', '/admin/');
+                                $template->add('MSG', "You've successfully created a poll!");
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', "Um, what on earth are you doing?");
+                        }
+                } else if ($_GET['page'] == 'managePendingQuotes')
+                {
+                        $template = new FITemplate('admin/managePendingQuotes');
+                        $getpending = "SELECT * FROM rash_queue ORDER BY id ASC";
+                        $getpending2 = mysql_query($getpending);
+                        $i=0;
+                        while ($getpending3[$i] = mysql_fetch_array($getpending2))
+                        {
+                                $template->adds_block('QUOTE', array(   'ID' => $getpending3[$i]['id'],
+                                                                        'TEXT' => $getpending3[$i]['quote']));
+                                $i++;
+                        }
+                } else if ($_GET['page'] == 'actionPendingQuotes')
+                {
+                        $getpending = "SELECT * FROM rash_queue WHERE id = " . $_GET['id'];
+                        $getpending2 = mysql_query($getpending);
+                        $getpending3 = mysql_fetch_array($getpending2);
+                        if ($getpending3['id'] == $_GET['id'])
+                        {
+                                if (isset($_GET['approve']))
+                                {
+                                        $insquote = "INSERT INTO rash_quotes (quote) VALUES (\"" . addslashes($getpending3['quote']) . "\")";
+                                        $insquote2 = mysql_query($insquote);
+                                        $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id'];
+                                        $delpending2 = mysql_query($delpending);
+                                        $template = new FITemplate('msg2');
+                                        $template->add('BACK', 'Back to the Admin Panel');
+                                        $template->add('LINK', '/admin/');
+                                        $template->add('MSG', "You've successfully approved this quote.");
+                                } else if (isset($_GET['deny']))
+                                {
+                                        $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id'];
+                                        $delpending2 = mysql_query($delpending);
+                                        $template = new FITemplate('msg2');
+                                        $template->add('BACK', 'Back to the Admin Panel');
+                                        $template->add('LINK', '/admin/');
+                                        $template->add('MSG', "You've successfully denied this quote.");
+                                } else {
+                                        $template = new FITemplate('msg');
+                                        $template->add('BACK', 'the previous page');
+                                        $template->add('MSG', "Um, what on earth are you doing?");
+                                }
+                        } else {
+                                $template = new FITemplate('msg');
+                                $template->add('BACK', 'the previous page');
+                                $template->add('MSG', 'I\'m sorry, but this pending quote doesn\'t exist.');
+                        }
+                } else {
+                        generateError(404);
+                }
+                @$template->display();
+        } else {
+                generateError(404);
+        }
+} else {
+        generateError(404);
+}
+?>
author	Starla Insigna <hatkirby@fourisland.com>	2008-11-19 17:27:03 -0500
committer	Starla Insigna <hatkirby@fourisland.com>	2008-11-19 17:27:03 -0500
commit	24503e3abe705acde2df159aeae61be0d009f92e (patch)
tree	8debbd53dcd0db2f5934c5e2af4e697e3787781d /pages/admin.php
download	fourisland-24503e3abe705acde2df159aeae61be0d009f92e.tar.gz fourisland-24503e3abe705acde2df159aeae61be0d009f92e.tar.bz2 fourisland-24503e3abe705acde2df159aeae61be0d009f92e.zip