diff options
author | Starla Insigna <hatkirby@fourisland.com> | 2009-08-13 17:46:09 -0400 |
---|---|---|
committer | Starla Insigna <hatkirby@fourisland.com> | 2009-08-13 17:46:09 -0400 |
commit | b5736e3ad3830fa732dcbd1a518ec3dd6ea7b98a (patch) | |
tree | 0449277e94a42aa155995a90fd8a89cb3309e7ab /pages | |
parent | 6a1d5b60e6ec541a36727b84b71168f62221f7d7 (diff) | |
download | fourisland-b5736e3ad3830fa732dcbd1a518ec3dd6ea7b98a.tar.gz fourisland-b5736e3ad3830fa732dcbd1a518ec3dd6ea7b98a.tar.bz2 fourisland-b5736e3ad3830fa732dcbd1a518ec3dd6ea7b98a.zip |
Rewrote Admin panel
The following database changes must be made: * A TEXT column called "text" must be added to the end of "polloftheweek" * The transferPollRss.php script must be run * The "pollrss" table must be dropped Closes #113
Diffstat (limited to 'pages')
-rwxr-xr-x | pages/admin.php | 739 | ||||
-rwxr-xr-x | pages/poll.php | 53 | ||||
-rwxr-xr-x | pages/quotes.php | 16 | ||||
-rw-r--r-- | pages/viewPost.php | 62 |
4 files changed, 101 insertions, 769 deletions
diff --git a/pages/admin.php b/pages/admin.php deleted file mode 100755 index 326cbdd..0000000 --- a/pages/admin.php +++ /dev/null | |||
@@ -1,739 +0,0 @@ | |||
1 | <?php | ||
2 | /* | ||
3 | 444444444 | ||
4 | 4::::::::4 | ||
5 | 4:::::::::4 | ||
6 | 4::::44::::4 | ||
7 | 4::::4 4::::4 Four Island | ||
8 | 4::::4 4::::4 | ||
9 | 4::::4 4::::4 Written and maintained by Starla Insigna | ||
10 | 4::::444444::::444 | ||
11 | 4::::::::::::::::4 pages/admin.php | ||
12 | 4444444444:::::444 | ||
13 | 4::::4 Please do not use, reproduce or steal the | ||
14 | 4::::4 contents of this file without explicit | ||
15 | 4::::4 permission from Hatkirby. | ||
16 | 44::::::44 | ||
17 | 4::::::::4 | ||
18 | 4444444444 | ||
19 | */ | ||
20 | |||
21 | if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | ||
22 | |||
23 | require('headerproc.php'); | ||
24 | |||
25 | $pageCategory = 'panel'; | ||
26 | |||
27 | if (isLoggedIn()) | ||
28 | { | ||
29 | if (isAdmin()) | ||
30 | { | ||
31 | if (!isset($_GET['page'])) | ||
32 | { | ||
33 | $template = new FITemplate('admin/index'); | ||
34 | } else if ($_GET['page'] == 'writePost') | ||
35 | { | ||
36 | if (!isset($_GET['submit'])) | ||
37 | { | ||
38 | $template = new FITemplate('admin/write'); | ||
39 | } else { | ||
40 | $tags = explode(',', $_POST['tags']); | ||
41 | |||
42 | if ($_POST['type'] == 'draft') | ||
43 | { | ||
44 | $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; | ||
45 | $insdraft2 = mysql_query($insdraft); | ||
46 | |||
47 | $id = mysql_insert_id(); | ||
48 | addTags($id, $tags, 'draft'); | ||
49 | |||
50 | $template = new FITemplate('admin/draftSuccess'); | ||
51 | $template->add('ID', $id); | ||
52 | } else if ($_POST['type'] == 'instant') | ||
53 | { | ||
54 | $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']); | ||
55 | |||
56 | $getpost = "SELECT * FROM updates WHERE id = " . $id; | ||
57 | $getpost2 = mysql_query($getpost); | ||
58 | $getpost3 = mysql_fetch_array($getpost2); | ||
59 | |||
60 | $template = new FITemplate('admin/postSuccess'); | ||
61 | $template->add('ID', $id); | ||
62 | $template->add('CODED', $getpost3['slug']); | ||
63 | } else { | ||
64 | if ($_POST['type'] == 'normal') | ||
65 | { | ||
66 | $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; | ||
67 | $getpending2 = mysql_query($getpending); | ||
68 | $getpending3 = mysql_fetch_array($getpending2); | ||
69 | if (isset($getpending3['id']) === FALSE) | ||
70 | { | ||
71 | $id = 50; | ||
72 | } else { | ||
73 | $id = $getpending3['id']+1; | ||
74 | } | ||
75 | } else if ($_POST['type'] == 'priority') | ||
76 | { | ||
77 | $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; | ||
78 | $getpending2 = mysql_query($getpending); | ||
79 | $getpending3 = mysql_fetch_array($getpending2); | ||
80 | if (isset($getpending3['id']) === FALSE) | ||
81 | { | ||
82 | $id = 50; | ||
83 | } else { | ||
84 | $id = $getpending3['id']-1; | ||
85 | } | ||
86 | } else { | ||
87 | generateError(404); | ||
88 | } | ||
89 | |||
90 | $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; | ||
91 | $inspending2 = mysql_query($inspending); | ||
92 | |||
93 | addTags($id, $tags, 'pending'); | ||
94 | |||
95 | $template = new FITemplate('admin/pendingSuccess'); | ||
96 | $template->add('ID', $id); | ||
97 | } | ||
98 | } | ||
99 | } else if ($_GET['page'] == 'manageDrafts') | ||
100 | { | ||
101 | $template = new FITemplate('admin/manageDrafts'); | ||
102 | |||
103 | $getdrafts = "SELECT * FROM drafts ORDER BY id ASC"; | ||
104 | $getdrafts2 = mysql_query($getdrafts); | ||
105 | $i=0; | ||
106 | while ($getdrafts3[$i] = mysql_fetch_array($getdrafts2)) | ||
107 | { | ||
108 | $template->adds_block('DRAFT', array( 'TITLE' => $getdrafts3[$i]['title'], | ||
109 | 'AUTHOR' => $getdrafts3[$i]['author'], | ||
110 | 'ID' => $getdrafts3[$i]['id'])); | ||
111 | $i++; | ||
112 | } | ||
113 | } else if ($_GET['page'] == 'editDraft') | ||
114 | { | ||
115 | $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; | ||
116 | $getdraft2 = mysql_query($getdraft); | ||
117 | $getdraft3 = mysql_fetch_array($getdraft2); | ||
118 | |||
119 | if ($getdraft3['id'] == $_GET['id']) | ||
120 | { | ||
121 | if (!isset($_GET['submit'])) | ||
122 | { | ||
123 | $template = new FITemplate('admin/editDraft'); | ||
124 | $template->add('ID', $_GET['id']); | ||
125 | $template->add('TEXT', $getdraft3['text']); | ||
126 | $template->add('TAGS', implode(',', getTags($getdraft3['id'], 'draft'))); | ||
127 | $template->add('TITLE', $getdraft3['title']); | ||
128 | } else { | ||
129 | $tags = explode(',', $_POST['tags']); | ||
130 | removeTags($_GET['id'], 'draft'); | ||
131 | |||
132 | if ($_POST['type'] == 'draft') | ||
133 | { | ||
134 | $setdraft = "UPDATE drafts SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
135 | $setdraft2 = mysql_query($setdraft); | ||
136 | |||
137 | addTags($_GET['id'], $tags, 'draft'); | ||
138 | |||
139 | $template = new FITemplate('admin/draftSuccess'); | ||
140 | $template->add('ID', $_GET['id']); | ||
141 | } else if ($_POST['type'] == 'instant') | ||
142 | { | ||
143 | $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']); | ||
144 | |||
145 | $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; | ||
146 | $deldraft2 = mysql_query($deldraft); | ||
147 | |||
148 | $getpost = "SELECT * FROM updates WHERE id = " . $id; | ||
149 | $getpost2 = mysql_query($getpost); | ||
150 | $getpost3 = mysql_fetch_array($getpost2); | ||
151 | |||
152 | $template = new FITemplate('admin/postSuccess'); | ||
153 | $template->add('ID', $id); | ||
154 | $template->add('CODED', $getpost3['slug']); | ||
155 | } else { | ||
156 | if ($_POST['type'] == 'normal') | ||
157 | { | ||
158 | $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; | ||
159 | $getpending2 = mysql_query($getpending); | ||
160 | $getpending3 = mysql_fetch_array($getpending2); | ||
161 | if (isset($getpending3['id']) === FALSE) | ||
162 | { | ||
163 | $id = 50; | ||
164 | } else { | ||
165 | $id = $getpending3['id']+1; | ||
166 | } | ||
167 | } else if ($_POST['type'] == 'priority') | ||
168 | { | ||
169 | $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; | ||
170 | $getpending2 = mysql_query($getpending); | ||
171 | $getpending3 = mysql_fetch_array($getpending2); | ||
172 | if (isset($getpending3['id']) === FALSE) | ||
173 | { | ||
174 | $id = 50; | ||
175 | } else { | ||
176 | $id = $getpending3['id']-1; | ||
177 | } | ||
178 | } else { | ||
179 | generateError(404); | ||
180 | } | ||
181 | |||
182 | $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; | ||
183 | $inspending2 = mysql_query($inspending); | ||
184 | |||
185 | addTags($id, $tags, 'pending'); | ||
186 | |||
187 | $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; | ||
188 | $deldraft2 = mysql_query($deldraft); | ||
189 | |||
190 | $template = new FITemplate('admin/pendingSuccess'); | ||
191 | $template->add('ID', $id); | ||
192 | } | ||
193 | } | ||
194 | } else { | ||
195 | $template = new FITemplate('msg'); | ||
196 | $template->add('BACK', 'the previous page'); | ||
197 | $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); | ||
198 | } | ||
199 | } else if ($_GET['page'] == 'deleteDraft') | ||
200 | { | ||
201 | $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; | ||
202 | $getdraft2 = mysql_query($getdraft); | ||
203 | $getdraft3 = mysql_fetch_array($getdraft2); | ||
204 | |||
205 | if ($getdraft3['id'] == $_GET['id']) | ||
206 | { | ||
207 | if (!isset($_GET['submit'])) | ||
208 | { | ||
209 | $template = new FITemplate('admin/deleteDraft'); | ||
210 | $template->add('ID', $_GET['id']); | ||
211 | } else { | ||
212 | $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; | ||
213 | $deldraft2 = mysql_query($deldraft); | ||
214 | |||
215 | removeTags($_GET['id'], 'draft'); | ||
216 | |||
217 | $template = new FITemplate('admin/deletedDraft'); | ||
218 | } | ||
219 | } else { | ||
220 | $template = new FITemplate('msg'); | ||
221 | $template->add('BACK', 'the previous page'); | ||
222 | $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); | ||
223 | } | ||
224 | } else if ($_GET['page'] == 'viewDraft') | ||
225 | { | ||
226 | $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; | ||
227 | $getdraft2 = mysql_query($getdraft); | ||
228 | $getdraft3 = mysql_fetch_array($getdraft2); | ||
229 | |||
230 | if ($getdraft3['id'] == $_GET['id']) | ||
231 | { | ||
232 | $template = new FITemplate('post'); | ||
233 | $template->adds_block('INTERNAL',array('exi'=>1)); | ||
234 | $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'], | ||
235 | 'YEARID' => ((date('Y')-2006) % 4), | ||
236 | 'DATE' => date('F jS Y \a\\t g:i:s a'), | ||
237 | 'MONTH' => date('M'), | ||
238 | 'DAY' => date('d'), | ||
239 | 'CODED' => $getdraft3['slug'], | ||
240 | 'TITLE' => $getdraft3['title'], | ||
241 | 'AUTHOR' => $getdraft3['author'], | ||
242 | 'RATING' => 0, | ||
243 | 'TEXT' => parseText($getdraft3['text']))); | ||
244 | |||
245 | $tags = getTags($getdraft3['id'], 'draft'); | ||
246 | foreach ($tags as $tag) | ||
247 | { | ||
248 | $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); | ||
249 | } | ||
250 | } else { | ||
251 | $template = new FITemplate('msg'); | ||
252 | $template->add('BACK', 'the previous page'); | ||
253 | $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); | ||
254 | } | ||
255 | } else if ($_GET['page'] == 'managePending') | ||
256 | { | ||
257 | $template = new FITemplate('admin/managePending'); | ||
258 | |||
259 | $getpending = "SELECT * FROM pending ORDER BY id ASC"; | ||
260 | $getpending2 = mysql_query($getpending); | ||
261 | $i=0; | ||
262 | while ($getpending3[$i] = mysql_fetch_array($getpending2)) | ||
263 | { | ||
264 | $template->adds_block('PENDING', array( 'TITLE' => $getpending3[$i]['title'], | ||
265 | 'AUTHOR' => $getpending3[$i]['author'], | ||
266 | 'ID' => $getpending3[$i]['id'])); | ||
267 | $i++; | ||
268 | } | ||
269 | } else if ($_GET['page'] == 'editPending') | ||
270 | { | ||
271 | $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; | ||
272 | $getpending2 = mysql_query($getpending); | ||
273 | $getpending3 = mysql_fetch_array($getpending2); | ||
274 | |||
275 | if ($getpending3['id'] == $_GET['id']) | ||
276 | { | ||
277 | if (!isset($_GET['submit'])) | ||
278 | { | ||
279 | $template = new FITemplate('admin/editPending'); | ||
280 | $template->add('ID', $_GET['id']); | ||
281 | $template->add('TEXT', $getpending3['text']); | ||
282 | $template->add('TAGS', implode(',', getTags($getpending3['id'], 'pending'))); | ||
283 | $template->add('TITLE', $getpending3['title']); | ||
284 | } else { | ||
285 | $tags = explode(',', $_POST['tags']); | ||
286 | |||
287 | $setpending = "UPDATE pending SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
288 | $setpending2 = mysql_query($setpending); | ||
289 | |||
290 | removeTags($_GET['id'], 'pending'); | ||
291 | addTags($_GET['id'], $tags, 'pending'); | ||
292 | |||
293 | $template = new FITemplate('admin/pendingSuccess'); | ||
294 | $template->add('ID', $_GET['id']); | ||
295 | } | ||
296 | } else { | ||
297 | $template = new FITemplate('msg'); | ||
298 | $template->add('BACK', 'the previous page'); | ||
299 | $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); | ||
300 | } | ||
301 | } else if ($_GET['page'] == 'deletePending') | ||
302 | { | ||
303 | $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; | ||
304 | $getpending2 = mysql_query($getpending); | ||
305 | $getpending3 = mysql_fetch_array($getpending2); | ||
306 | |||
307 | if ($getpending3['id'] == $_GET['id']) | ||
308 | { | ||
309 | if (!isset($_GET['submit'])) | ||
310 | { | ||
311 | $template = new FITemplate('admin/deletePending'); | ||
312 | $template->add('ID', $_GET['id']); | ||
313 | } else { | ||
314 | $delpending = "DELETE FROM pending WHERE id = " . $_GET['id']; | ||
315 | $delpending2 = mysql_query($delpending); | ||
316 | |||
317 | removeTags($_GET['id'], 'pending'); | ||
318 | |||
319 | $template = new FITemplate('admin/deletedPending'); | ||
320 | } | ||
321 | } else { | ||
322 | $template = new FITemplate('msg'); | ||
323 | $template->add('BACK', 'the previous page'); | ||
324 | $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); | ||
325 | } | ||
326 | } else if ($_GET['page'] == 'viewPending') | ||
327 | { | ||
328 | $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; | ||
329 | $getpending2 = mysql_query($getpending); | ||
330 | $getpending3 = mysql_fetch_array($getpending2); | ||
331 | |||
332 | if ($getpending3['id'] == $_GET['id']) | ||
333 | { | ||
334 | $template = new FITemplate('post'); | ||
335 | $template->adds_block('INTERNAL',array('exi'=>1)); | ||
336 | $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'], | ||
337 | 'YEARID' => ((date('Y')-2006) % 4), | ||
338 | 'DATE' => date('F jS Y \a\\t g:i:s a'), | ||
339 | 'MONTH' => date('M'), | ||
340 | 'DAY' => date('d'), | ||
341 | 'CODED' => $getpending3['slug'], | ||
342 | 'TITLE' => $getpending3['title'], | ||
343 | 'AUTHOR' => $getpending3['author'], | ||
344 | 'RATING' => 0, | ||
345 | 'TEXT' => parseText($getpending3['text']))); | ||
346 | |||
347 | $tags = getTags($getpending3['id'], 'pending'); | ||
348 | foreach ($tags as $tag) | ||
349 | { | ||
350 | $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); | ||
351 | } | ||
352 | } else { | ||
353 | $template = new FITemplate('msg'); | ||
354 | $template->add('BACK', 'the previous page'); | ||
355 | $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); | ||
356 | } | ||
357 | } else if ($_GET['page'] == 'movePending') | ||
358 | { | ||
359 | $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; | ||
360 | $getpending2 = mysql_query($getpending); | ||
361 | $getpending3 = mysql_fetch_array($getpending2); | ||
362 | |||
363 | if ($getpending3['id'] == $_GET['id']) | ||
364 | { | ||
365 | if ($_GET['dir'] == 'up') | ||
366 | { | ||
367 | $get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " ORDER BY id DESC LIMIT 0,1"; | ||
368 | $get2pending2 = mysql_query($get2pending); | ||
369 | $get2pending3 = mysql_fetch_array($get2pending2); | ||
370 | |||
371 | if (isset($get2pending3['id'])) | ||
372 | { | ||
373 | $otherPending = $get2pending3; | ||
374 | } else { | ||
375 | $template = new FITemplate('msg2'); | ||
376 | $template->add('BACK', 'Back to the pending queue'); | ||
377 | $template->add('LINK', 'managePending.php'); | ||
378 | $template->add('MSG', 'I\'m sorry, that pending post is already the first.'); | ||
379 | } | ||
380 | } else if ($_GET['dir'] == 'down') | ||
381 | { | ||
382 | $get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " ORDER BY id ASC LIMIT 0,1"; | ||
383 | $get2pending2 = mysql_query($get2pending); | ||
384 | $get2pending3 = mysql_fetch_array($get2pending2); | ||
385 | |||
386 | if (isset($get2pending3['id'])) | ||
387 | { | ||
388 | $otherPending = $get2pending3; | ||
389 | } else { | ||
390 | $template = new FITemplate('msg2'); | ||
391 | $template->add('BACK', 'Back to the pending queue'); | ||
392 | $template->add('LINK', 'managePending.php'); | ||
393 | $template->add('MSG', 'I\'m sorry, that pending post is already the last.'); | ||
394 | } | ||
395 | } | ||
396 | |||
397 | if (isset($otherPending)) | ||
398 | { | ||
399 | $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id']; | ||
400 | $delpending2 = mysql_query($delpending); | ||
401 | |||
402 | $inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . mysql_real_escape_string($otherPending['text']) . "\",\"" . $otherPending['slug'] . "\")"; | ||
403 | $inspending2 = mysql_query($inspending); | ||
404 | |||
405 | $ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . mysql_real_escape_string($getpending3['text']) . "\",\"" . $getpending3['slug'] . "\")"; | ||
406 | $ins2pending2 = mysql_query($ins2pending) or die($ins2pending); | ||
407 | |||
408 | $tags1 = getTags($_GET['id'], 'pending'); | ||
409 | $tags2 = getTags($otherPending['id'], 'pending'); | ||
410 | removeTags($_GET['id'], 'pending'); | ||
411 | removeTags($otherPending['id'], 'pending'); | ||
412 | addTags($_GET['id'], $tags2, 'pending'); | ||
413 | addTags($otherPending['id'], $tags1, 'pending'); | ||
414 | |||
415 | header('Location: managePending.php'); | ||
416 | exit; | ||
417 | } | ||
418 | } else { | ||
419 | $template = new FITemplate('msg2'); | ||
420 | $template->add('BACK', 'Back to the pending queue'); | ||
421 | $template->add('LINK', 'managePending.php'); | ||
422 | $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); | ||
423 | } | ||
424 | } else if ($_GET['page'] == 'managePosts') | ||
425 | { | ||
426 | $template = new FITemplate('admin/managePosts'); | ||
427 | |||
428 | $getposts = "SELECT * FROM updates ORDER BY id ASC"; | ||
429 | $getposts2 = mysql_query($getposts); | ||
430 | $i=0; | ||
431 | while ($getposts3[$i] = mysql_fetch_array($getposts2)) | ||
432 | { | ||
433 | $template->adds_block('POST', array( 'TITLE' => $getposts3[$i]['title'], | ||
434 | 'AUTHOR' => $getposts3[$i]['author'], | ||
435 | 'ID' => $getposts3[$i]['id'], | ||
436 | 'CODED' => $getposts3[$i]['slug'])); | ||
437 | $i++; | ||
438 | } | ||
439 | } else if ($_GET['page'] == 'editPost') | ||
440 | { | ||
441 | $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; | ||
442 | $getpost2 = mysql_query($getpost); | ||
443 | $getpost3 = mysql_fetch_array($getpost2); | ||
444 | |||
445 | if ($getpost3['id'] == $_GET['id']) | ||
446 | { | ||
447 | if (!isset($_GET['submit'])) | ||
448 | { | ||
449 | $template = new FITemplate('admin/editPost'); | ||
450 | $template->add('ID', $_GET['id']); | ||
451 | $template->add('TEXT', $getpost3['text']); | ||
452 | $template->add('TAGS', implode(',', getTags($getpost3['id']))); | ||
453 | $template->add('TITLE', $getpost3['title']); | ||
454 | } else { | ||
455 | $tags = explode(',', $_POST['tags']); | ||
456 | |||
457 | $setpost = "UPDATE updates SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; | ||
458 | $setpost2 = mysql_query($setpost); | ||
459 | |||
460 | removeTags($_GET['id']); | ||
461 | addTags($_GET['id'], $tags); | ||
462 | |||
463 | $template = new FITemplate('admin/postSuccess'); | ||
464 | $template->add('ID', $_GET['id']); | ||
465 | $template->add('CODED', $getpost3['slug']); | ||
466 | } | ||
467 | } else { | ||
468 | $template = new FITemplate('msg'); | ||
469 | $template->add('BACK', 'the previous page'); | ||
470 | $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); | ||
471 | } | ||
472 | } else if ($_GET['page'] == 'deletePost') | ||
473 | { | ||
474 | $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; | ||
475 | $getpost2 = mysql_query($getpost); | ||
476 | $getpost3 = mysql_fetch_array($getpost2); | ||
477 | |||
478 | if ($getpost3['id'] == $_GET['id']) | ||
479 | { | ||
480 | if (!isset($_GET['submit'])) | ||
481 | { | ||
482 | $template = new FITemplate('admin/deletePost'); | ||
483 | $template->add('ID', $_GET['id']); | ||
484 | } else { | ||
485 | $delpost = "DELETE FROM updates WHERE id = " . $_GET['id']; | ||
486 | $delpost2 = mysql_query($delpost); | ||
487 | |||
488 | removeTags($_GET['id']); | ||
489 | |||
490 | $template = new FITemplate('admin/deletedPost'); | ||
491 | } | ||
492 | } else { | ||
493 | $template = new FITemplate('msg'); | ||
494 | $template->add('BACK', 'the previous page'); | ||
495 | $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); | ||
496 | } | ||
497 | } else if ($_GET['page'] == 'moderateComments') | ||
498 | { | ||
499 | $template = new FITemplate('admin/moderateComments'); | ||
500 | |||
501 | $getcomments = "SELECT * FROM moderation ORDER BY id ASC"; | ||
502 | $getcomments2 = mysql_query($getcomments); | ||
503 | $i=0; | ||
504 | while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | ||
505 | { | ||
506 | $comType = substr($getcomments3[$i]['page_id'],0,strpos($getcomments3[$i]['page_id'],'-')); | ||
507 | $comID = substr($getcomments3[$i]['page_id'],strpos($getcomments3[$i]['page_id'],'-')+1); | ||
508 | |||
509 | if ($comType == 'updates') | ||
510 | { | ||
511 | $getpost = "SELECT * FROM updates WHERE id = " . $comID; | ||
512 | $getpost2 = mysql_query($getpost); | ||
513 | $getpost3 = mysql_fetch_array($getpost2); | ||
514 | $title = $getpost3['title']; | ||
515 | } else if ($comType = 'polloftheweek') | ||
516 | { | ||
517 | $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $comID; | ||
518 | $getpoll2 = mysql_query($getpoll); | ||
519 | $getpoll3 = mysql_fetch_array($getpoll2); | ||
520 | $title = $getpoll3['question']; | ||
521 | } else if ($comType = 'quotes') | ||
522 | { | ||
523 | $getquote = "SELECT * FROM rash_quotes WHERE id = " . $comID; | ||
524 | $getquote2 = mysql_query($getquote); | ||
525 | $getquote3 = mysql_fetch_array($getquote2); | ||
526 | $title = '#' . $getquote3['id']; | ||
527 | } | ||
528 | |||
529 | $template->adds_block('COMMENT', array( 'TITLE' => $title, | ||
530 | 'AUTHOR' => $getcomments3[$i]['author'], | ||
531 | 'ID' => $getcomments3[$i]['id'])); | ||
532 | $i++; | ||
533 | } | ||
534 | } else if ($_GET['page'] == 'viewComment') | ||
535 | { | ||
536 | $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; | ||
537 | $getcomment2 = mysql_query($getcomment); | ||
538 | $getcomment3 = mysql_fetch_array($getcomment2); | ||
539 | |||
540 | if ($getcomment3['id'] == $_GET['id']) | ||
541 | { | ||
542 | $template = new FITemplate('admin/viewComment'); | ||
543 | $template->add('ID', $_GET['id']); | ||
544 | $template->add('USERNAME', $getcomment3['author']); | ||
545 | $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); | ||
546 | $template->add('TEXT', parseText($getcomment3['comment'])); | ||
547 | $template->add('DATE', date("F jS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); | ||
548 | } else { | ||
549 | $template = new FITemplate('msg'); | ||
550 | $template->add('BACK', 'the previous page'); | ||
551 | $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); | ||
552 | } | ||
553 | } else if ($_GET['page'] == 'actionComment') | ||
554 | { | ||
555 | $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; | ||
556 | $getcomment2 = mysql_query($getcomment); | ||
557 | $getcomment3 = mysql_fetch_array($getcomment2); | ||
558 | |||
559 | if ($getcomment3['id'] == $_GET['id']) | ||
560 | { | ||
561 | if (isset($_GET['approve'])) | ||
562 | { | ||
563 | $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; | ||
564 | $insanon2 = mysql_query($insanon); | ||
565 | |||
566 | $inscomment = "INSERT INTO comments (page_id,user_id,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\"," . mysql_insert_id() . ",\"" . $getcomment3['comment'] . "\",1)"; | ||
567 | $inscomment2 = mysql_query($inscomment); | ||
568 | |||
569 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; | ||
570 | $delcomment2 = mysql_query($delcomment); | ||
571 | |||
572 | $template = new FITemplate('msg'); | ||
573 | $template->add('BACK', 'Comment Moderation'); | ||
574 | $template->add('MSG', 'You\'ve successfully approved this comment.'); | ||
575 | } else if (isset($_GET['deny'])) | ||
576 | { | ||
577 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; | ||
578 | $delcomment2 = mysql_query($delcomment); | ||
579 | |||
580 | $template = new FITemplate('msg'); | ||
581 | $template->add('BACK', 'Comment Moderation'); | ||
582 | $template->add('MSG', 'You\'ve successfully denied this comment.'); | ||
583 | } else { | ||
584 | $template = new FITemplate('msg'); | ||
585 | $template->add('BACK', 'the previous page'); | ||
586 | $template->add('MSG', "Um, what on earth are you doing?"); | ||
587 | } | ||
588 | } else { | ||
589 | $template = new FITemplate('msg'); | ||
590 | $template->add('BACK', 'the previous page'); | ||
591 | $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); | ||
592 | } | ||
593 | } else if ($_GET['page'] == 'pollProcess') | ||
594 | { | ||
595 | if (!isset($_GET['step'])) | ||
596 | { | ||
597 | $template = new FITemplate('admin/pollrss'); | ||
598 | } else if ($_GET['step'] == 2) | ||
599 | { | ||
600 | $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")"; | ||
601 | $insrss2 = mysql_query($insrss); | ||
602 | |||
603 | $template = new FITemplate('admin/newPoll'); | ||
604 | } else if ($_GET['step'] == 3) | ||
605 | { | ||
606 | $inspoll = "INSERT INTO polloftheweek (question,option1,option2,option3,option4) VALUES (\"" . mysql_real_escape_string($_POST['question']) . "\",\"" . $_POST['option1'] . "\",\"" . $_POST['option2'] . "\",\"" . $_POST['option3'] . "\",\"" . $_POST['option4'] . "\")"; | ||
607 | $inspoll2 = mysql_query($inspoll); | ||
608 | |||
609 | $cleardid = "TRUNCATE TABLE didpollalready"; | ||
610 | $cleardid2 = mysql_query($cleardid); | ||
611 | |||
612 | $template = new FITemplate('msg2'); | ||
613 | $template->add('BACK', 'Back to the Admin Panel'); | ||
614 | $template->add('LINK', '/admin/'); | ||
615 | $template->add('MSG', "You've successfully created a poll!"); | ||
616 | } else { | ||
617 | $template = new FITemplate('msg'); | ||
618 | $template->add('BACK', 'the previous page'); | ||
619 | $template->add('MSG', "Um, what on earth are you doing?"); | ||
620 | } | ||
621 | } else if ($_GET['page'] == 'managePendingQuotes') | ||
622 | { | ||
623 | $template = new FITemplate('admin/managePendingQuotes'); | ||
624 | |||
625 | $getpending = "SELECT * FROM rash_queue ORDER BY id ASC"; | ||
626 | $getpending2 = mysql_query($getpending); | ||
627 | $i=0; | ||
628 | while ($getpending3[$i] = mysql_fetch_array($getpending2)) | ||
629 | { | ||
630 | if ($i % 2 == 1) | ||
631 | { | ||
632 | $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'], | ||
633 | 'TEXT' => nl2br($getpending3[$i]['quote']), | ||
634 | 'EVEN' => 'even')); | ||
635 | } else { | ||
636 | $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'], | ||
637 | 'TEXT' => nl2br($getpending3[$i]['quote']))); | ||
638 | } | ||
639 | |||
640 | $i++; | ||
641 | } | ||
642 | } else if ($_GET['page'] == 'actionPendingQuotes') | ||
643 | { | ||
644 | $getpending = "SELECT * FROM rash_queue WHERE id = " . $_GET['id']; | ||
645 | $getpending2 = mysql_query($getpending); | ||
646 | $getpending3 = mysql_fetch_array($getpending2); | ||
647 | |||
648 | if ($getpending3['id'] == $_GET['id']) | ||
649 | { | ||
650 | if (isset($_GET['approve'])) | ||
651 | { | ||
652 | $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . time() . "\")"; | ||
653 | $insquote2 = mysql_query($insquote); | ||
654 | |||
655 | $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; | ||
656 | $delpending2 = mysql_query($delpending); | ||
657 | |||
658 | $template = new FITemplate('msg2'); | ||
659 | $template->add('BACK', 'Back to the Admin Panel'); | ||
660 | $template->add('LINK', '/admin/'); | ||
661 | $template->add('MSG', "You've successfully approved this quote."); | ||
662 | } else if (isset($_GET['deny'])) | ||
663 | { | ||
664 | $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; | ||
665 | $delpending2 = mysql_query($delpending); | ||
666 | |||
667 | $template = new FITemplate('msg2'); | ||
668 | $template->add('BACK', 'Back to the Admin Panel'); | ||
669 | $template->add('LINK', '/admin/'); | ||
670 | $template->add('MSG', "You've successfully denied this quote."); | ||
671 | } else { | ||
672 | $template = new FITemplate('msg'); | ||
673 | $template->add('BACK', 'the previous page'); | ||
674 | $template->add('MSG', "Um, what on earth are you doing?"); | ||
675 | } | ||
676 | } else { | ||
677 | $template = new FITemplate('msg'); | ||
678 | $template->add('BACK', 'the previous page'); | ||
679 | $template->add('MSG', 'I\'m sorry, but this pending quote doesn\'t exist.'); | ||
680 | } | ||
681 | } else if ($_GET['page'] == 'hgUpdate') | ||
682 | { | ||
683 | $template = new FITemplate('msg'); | ||
684 | $template->add('BACK', 'the Admin Panel'); | ||
685 | |||
686 | ob_start(); | ||
687 | system('hg update'); | ||
688 | $template->add('MSG', ob_get_contents()); | ||
689 | ob_end_clean(); | ||
690 | } else if ($_GET['page'] == 'maintenanceMode') | ||
691 | { | ||
692 | if (isset($_GET['submit'])) | ||
693 | { | ||
694 | if ($_POST['mode'] == 'on') | ||
695 | { | ||
696 | $set = 1; | ||
697 | } else if ($_POST['mode'] == 'off') | ||
698 | { | ||
699 | $set = 0; | ||
700 | } else { | ||
701 | $template = new FITemplate('msg'); | ||
702 | $template->add('MSG', 'You seem to have somehow messed up the form. That\'s weird.'); | ||
703 | $template->add('BACK', 'the Maintenance Mode form'); | ||
704 | } | ||
705 | |||
706 | if (isset($set)) | ||
707 | { | ||
708 | $setconfig = "UPDATE config SET value = \"" . $set . "\" WHERE name = \"maintenanceMode\""; | ||
709 | $setconfig2 = mysql_query($setconfig); | ||
710 | |||
711 | $template = new FITemplate('msg'); | ||
712 | $template->add('MSG', 'Maintenance Mode has successfully been set to "' . $_POST['mode'] . '"'); | ||
713 | $template->add('BACK', 'the Maintenance Mode form'); | ||
714 | } | ||
715 | } else { | ||
716 | $template = new FITemplate('admin/maintenanceMode'); | ||
717 | |||
718 | $getconfig = "SELECT * FROM config WHERE name = \"maintenanceMode\""; | ||
719 | $getconfig2 = mysql_query($getconfig); | ||
720 | $getconfig3 = mysql_fetch_array($getconfig2); | ||
721 | if ($getconfig3['value'] == '1') | ||
722 | { | ||
723 | $template->add('ON', ' checked="checked"'); | ||
724 | } else { | ||
725 | $template->add('OFF', ' checked="checked"'); | ||
726 | } | ||
727 | } | ||
728 | } else { | ||
729 | generateError(404); | ||
730 | } | ||
731 | @$template->display(); | ||
732 | } else { | ||
733 | generateError(404); | ||
734 | } | ||
735 | } else { | ||
736 | generateError(404); | ||
737 | } | ||
738 | |||
739 | ?> | ||
diff --git a/pages/poll.php b/pages/poll.php index 6582d90..6a87207 100755 --- a/pages/poll.php +++ b/pages/poll.php | |||
@@ -88,36 +88,37 @@ if (!isset($_GET['id'])) | |||
88 | $getpoll2 = mysql_query($getpoll); | 88 | $getpoll2 = mysql_query($getpoll); |
89 | $getpoll3 = mysql_fetch_array($getpoll2); | 89 | $getpoll3 = mysql_fetch_array($getpoll2); |
90 | 90 | ||
91 | $template->add('QUESTION', $getpoll3['question']); | 91 | if ($getpoll3['id'] == $_GET['id']) |
92 | |||
93 | $getrss = "SELECT * FROM pollrss WHERE id = " . $_GET['id']; | ||
94 | $getrss2 = mysql_query($getrss); | ||
95 | $getrss3 = mysql_fetch_array($getrss2); | ||
96 | |||
97 | if ($getrss3['id'] == $_GET['id']) | ||
98 | { | 92 | { |
99 | $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), | 93 | $template->add('QUESTION', $getpoll3['question']); |
100 | 'AUTHOR' => $getrss3['author'], | ||
101 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getrss3['date'])), | ||
102 | 'OPTION1' => $getpoll3['option1'], | ||
103 | 'OPTION2' => $getpoll3['option2'], | ||
104 | 'OPTION3' => $getpoll3['option3'], | ||
105 | 'OPTION4' => $getpoll3['option4'], | ||
106 | 'CLICKS1' => $getpoll3['clicks1'], | ||
107 | 'CLICKS2' => $getpoll3['clicks2'], | ||
108 | 'CLICKS3' => $getpoll3['clicks3'], | ||
109 | 'CLICKS4' => $getpoll3['clicks4'])); | ||
110 | } else { | ||
111 | $template->adds_block('INCOMPLETE', array('exi'=>1)); | ||
112 | } | ||
113 | 94 | ||
114 | $template->add('POTW', getPollOfTheWeek($_GET['id'])); | 95 | if ($getpoll3['text'] != '') |
115 | $template->display(); | 96 | { |
97 | $template->adds_block('COMPLETE', array( 'RSS' => parseText($getpoll3['text']), | ||
98 | 'AUTHOR' => $getrss3['author'], | ||
99 | 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])), | ||
100 | 'OPTION1' => $getpoll3['option1'], | ||
101 | 'OPTION2' => $getpoll3['option2'], | ||
102 | 'OPTION3' => $getpoll3['option3'], | ||
103 | 'OPTION4' => $getpoll3['option4'], | ||
104 | 'CLICKS1' => $getpoll3['clicks1'], | ||
105 | 'CLICKS2' => $getpoll3['clicks2'], | ||
106 | 'CLICKS3' => $getpoll3['clicks3'], | ||
107 | 'CLICKS4' => $getpoll3['clicks4'])); | ||
108 | } else { | ||
109 | $template->adds_block('INCOMPLETE', array('exi'=>1)); | ||
110 | } | ||
111 | |||
112 | $template->add('POTW', getPollOfTheWeek($_GET['id'])); | ||
113 | $template->display(); | ||
116 | 114 | ||
117 | $page_id = 'polloftheweek-' . $getpoll3['id']; | 115 | $page_id = 'polloftheweek-' . $getpoll3['id']; |
118 | include('includes/comments.php'); | 116 | include('includes/comments.php'); |
119 | 117 | ||
120 | displayRelated($getpoll3['question']); | 118 | displayRelated($getpoll3['question']); |
119 | } else { | ||
120 | generateError('404'); | ||
121 | } | ||
121 | } | 122 | } |
122 | 123 | ||
123 | ?> | 124 | ?> |
diff --git a/pages/quotes.php b/pages/quotes.php index 4d0b46e..f1e0d65 100755 --- a/pages/quotes.php +++ b/pages/quotes.php | |||
@@ -168,11 +168,19 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id']))) | |||
168 | } | 168 | } |
169 | } else if (is_numeric($_GET['act'])) | 169 | } else if (is_numeric($_GET['act'])) |
170 | { | 170 | { |
171 | $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; | 171 | $getquote = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; |
172 | quote_generation($query, "#" . $_GET['act'], -1); | 172 | $getquote2 = mysql_query($getquote); |
173 | $getquote3 = mysql_fetch_array($getquote2); | ||
173 | 174 | ||
174 | $page_id = 'quote-' . $_GET['act']; | 175 | if ($getquote3['id'] == $_GET['act']) |
175 | include('includes/comments.php'); | 176 | { |
177 | quote_generation($getquote, "#" . $_GET['act'], -1); | ||
178 | |||
179 | $page_id = 'quote-' . $_GET['act']; | ||
180 | include('includes/comments.php'); | ||
181 | } else { | ||
182 | generateError('404'); | ||
183 | } | ||
176 | } else { | 184 | } else { |
177 | generateError('404'); | 185 | generateError('404'); |
178 | } | 186 | } |
diff --git a/pages/viewPost.php b/pages/viewPost.php new file mode 100644 index 0000000..1daca00 --- /dev/null +++ b/pages/viewPost.php | |||
@@ -0,0 +1,62 @@ | |||
1 | <?php | ||
2 | /* | ||
3 | 444444444 | ||
4 | 4::::::::4 | ||
5 | 4:::::::::4 | ||
6 | 4::::44::::4 | ||
7 | 4::::4 4::::4 Four Island | ||
8 | 4::::4 4::::4 | ||
9 | 4::::4 4::::4 Written and maintained by Starla Insigna | ||
10 | 4::::444444::::444 | ||
11 | 4::::::::::::::::4 pages/viewPost.php | ||
12 | 4444444444:::::444 | ||
13 | 4::::4 Please do not use, reproduce or steal the | ||
14 | 4::::4 contents of this file without explicit | ||
15 | 4::::4 permission from Hatkirby. | ||
16 | 44::::::44 | ||
17 | 4::::::::4 | ||
18 | 4444444444 | ||
19 | */ | ||
20 | |||
21 | if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);} | ||
22 | |||
23 | require('headerproc.php'); | ||
24 | |||
25 | if (!isAdmin()) | ||
26 | { | ||
27 | generateError('404'); | ||
28 | } else { | ||
29 | $template = new FITemplate('post'); | ||
30 | $template->adds_block('INTERNAL',array('exi'=>1)); | ||
31 | |||
32 | $getpost = "SELECT * FROM " . $_GET['type'] . " WHERE id = " . $_GET['id']; | ||
33 | $getpost2 = mysql_query($getpost); | ||
34 | $getpost3 = mysql_fetch_array($getpost2); | ||
35 | |||
36 | if ($getpost3['id'] == $_GET['id']) | ||
37 | { | ||
38 | $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'], | ||
39 | 'YEARID' => ((date('Y')-2006) % 4), | ||
40 | 'DATE' => date('F jS Y \a\\t g:i:s a'), | ||
41 | 'MONTH' => date('M'), | ||
42 | 'DAY' => date('d'), | ||
43 | 'CODED' => $getpost3['slug'], | ||
44 | 'TITLE' => $getpost3['title'], | ||
45 | 'AUTHOR' => $getpost3['author'], | ||
46 | 'RATING' => $getpost3['rating'], | ||
47 | 'TEXT' => parseText($getpost3['text']))); | ||
48 | |||
49 | $tags = getTags($getpost3['id']); | ||
50 | foreach ($tags as $tag) | ||
51 | { | ||
52 | $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); | ||
53 | } | ||
54 | |||
55 | $template->adds_ref_sub(0, 'NOVOTE', array('exi'=>1)); | ||
56 | $template->display(); | ||
57 | } else { | ||
58 | generateError('404'); | ||
59 | } | ||
60 | } | ||
61 | |||
62 | ?> | ||