summary refs log tree commit diff stats
path: root/pages
diff options
context:
space:
mode:
Diffstat (limited to 'pages')
-rwxr-xr-xpages/admin.php739
-rwxr-xr-xpages/poll.php53
-rwxr-xr-xpages/quotes.php16
-rw-r--r--pages/viewPost.php62
4 files changed, 101 insertions, 769 deletions
diff --git a/pages/admin.php b/pages/admin.php deleted file mode 100755 index 326cbdd..0000000 --- a/pages/admin.php +++ /dev/null
@@ -1,739 +0,0 @@
1<?php
2/*
3 444444444
4 4::::::::4
5 4:::::::::4
6 4::::44::::4
7 4::::4 4::::4 Four Island
8 4::::4 4::::4
9 4::::4 4::::4 Written and maintained by Starla Insigna
104::::444444::::444
114::::::::::::::::4 pages/admin.php
124444444444:::::444
13 4::::4 Please do not use, reproduce or steal the
14 4::::4 contents of this file without explicit
15 4::::4 permission from Hatkirby.
16 44::::::44
17 4::::::::4
18 4444444444
19*/
20
21if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
22
23require('headerproc.php');
24
25$pageCategory = 'panel';
26
27if (isLoggedIn())
28{
29 if (isAdmin())
30 {
31 if (!isset($_GET['page']))
32 {
33 $template = new FITemplate('admin/index');
34 } else if ($_GET['page'] == 'writePost')
35 {
36 if (!isset($_GET['submit']))
37 {
38 $template = new FITemplate('admin/write');
39 } else {
40 $tags = explode(',', $_POST['tags']);
41
42 if ($_POST['type'] == 'draft')
43 {
44 $insdraft = "INSERT INTO drafts (title,author,text,slug) VALUES (\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
45 $insdraft2 = mysql_query($insdraft);
46
47 $id = mysql_insert_id();
48 addTags($id, $tags, 'draft');
49
50 $template = new FITemplate('admin/draftSuccess');
51 $template->add('ID', $id);
52 } else if ($_POST['type'] == 'instant')
53 {
54 $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
55
56 $getpost = "SELECT * FROM updates WHERE id = " . $id;
57 $getpost2 = mysql_query($getpost);
58 $getpost3 = mysql_fetch_array($getpost2);
59
60 $template = new FITemplate('admin/postSuccess');
61 $template->add('ID', $id);
62 $template->add('CODED', $getpost3['slug']);
63 } else {
64 if ($_POST['type'] == 'normal')
65 {
66 $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1";
67 $getpending2 = mysql_query($getpending);
68 $getpending3 = mysql_fetch_array($getpending2);
69 if (isset($getpending3['id']) === FALSE)
70 {
71 $id = 50;
72 } else {
73 $id = $getpending3['id']+1;
74 }
75 } else if ($_POST['type'] == 'priority')
76 {
77 $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1";
78 $getpending2 = mysql_query($getpending);
79 $getpending3 = mysql_fetch_array($getpending2);
80 if (isset($getpending3['id']) === FALSE)
81 {
82 $id = 50;
83 } else {
84 $id = $getpending3['id']-1;
85 }
86 } else {
87 generateError(404);
88 }
89
90 $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
91 $inspending2 = mysql_query($inspending);
92
93 addTags($id, $tags, 'pending');
94
95 $template = new FITemplate('admin/pendingSuccess');
96 $template->add('ID', $id);
97 }
98 }
99 } else if ($_GET['page'] == 'manageDrafts')
100 {
101 $template = new FITemplate('admin/manageDrafts');
102
103 $getdrafts = "SELECT * FROM drafts ORDER BY id ASC";
104 $getdrafts2 = mysql_query($getdrafts);
105 $i=0;
106 while ($getdrafts3[$i] = mysql_fetch_array($getdrafts2))
107 {
108 $template->adds_block('DRAFT', array( 'TITLE' => $getdrafts3[$i]['title'],
109 'AUTHOR' => $getdrafts3[$i]['author'],
110 'ID' => $getdrafts3[$i]['id']));
111 $i++;
112 }
113 } else if ($_GET['page'] == 'editDraft')
114 {
115 $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
116 $getdraft2 = mysql_query($getdraft);
117 $getdraft3 = mysql_fetch_array($getdraft2);
118
119 if ($getdraft3['id'] == $_GET['id'])
120 {
121 if (!isset($_GET['submit']))
122 {
123 $template = new FITemplate('admin/editDraft');
124 $template->add('ID', $_GET['id']);
125 $template->add('TEXT', $getdraft3['text']);
126 $template->add('TAGS', implode(',', getTags($getdraft3['id'], 'draft')));
127 $template->add('TITLE', $getdraft3['title']);
128 } else {
129 $tags = explode(',', $_POST['tags']);
130 removeTags($_GET['id'], 'draft');
131
132 if ($_POST['type'] == 'draft')
133 {
134 $setdraft = "UPDATE drafts SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
135 $setdraft2 = mysql_query($setdraft);
136
137 addTags($_GET['id'], $tags, 'draft');
138
139 $template = new FITemplate('admin/draftSuccess');
140 $template->add('ID', $_GET['id']);
141 } else if ($_POST['type'] == 'instant')
142 {
143 $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']);
144
145 $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
146 $deldraft2 = mysql_query($deldraft);
147
148 $getpost = "SELECT * FROM updates WHERE id = " . $id;
149 $getpost2 = mysql_query($getpost);
150 $getpost3 = mysql_fetch_array($getpost2);
151
152 $template = new FITemplate('admin/postSuccess');
153 $template->add('ID', $id);
154 $template->add('CODED', $getpost3['slug']);
155 } else {
156 if ($_POST['type'] == 'normal')
157 {
158 $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1";
159 $getpending2 = mysql_query($getpending);
160 $getpending3 = mysql_fetch_array($getpending2);
161 if (isset($getpending3['id']) === FALSE)
162 {
163 $id = 50;
164 } else {
165 $id = $getpending3['id']+1;
166 }
167 } else if ($_POST['type'] == 'priority')
168 {
169 $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1";
170 $getpending2 = mysql_query($getpending);
171 $getpending3 = mysql_fetch_array($getpending2);
172 if (isset($getpending3['id']) === FALSE)
173 {
174 $id = 50;
175 } else {
176 $id = $getpending3['id']-1;
177 }
178 } else {
179 generateError(404);
180 }
181
182 $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")";
183 $inspending2 = mysql_query($inspending);
184
185 addTags($id, $tags, 'pending');
186
187 $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
188 $deldraft2 = mysql_query($deldraft);
189
190 $template = new FITemplate('admin/pendingSuccess');
191 $template->add('ID', $id);
192 }
193 }
194 } else {
195 $template = new FITemplate('msg');
196 $template->add('BACK', 'the previous page');
197 $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
198 }
199 } else if ($_GET['page'] == 'deleteDraft')
200 {
201 $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
202 $getdraft2 = mysql_query($getdraft);
203 $getdraft3 = mysql_fetch_array($getdraft2);
204
205 if ($getdraft3['id'] == $_GET['id'])
206 {
207 if (!isset($_GET['submit']))
208 {
209 $template = new FITemplate('admin/deleteDraft');
210 $template->add('ID', $_GET['id']);
211 } else {
212 $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id'];
213 $deldraft2 = mysql_query($deldraft);
214
215 removeTags($_GET['id'], 'draft');
216
217 $template = new FITemplate('admin/deletedDraft');
218 }
219 } else {
220 $template = new FITemplate('msg');
221 $template->add('BACK', 'the previous page');
222 $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
223 }
224 } else if ($_GET['page'] == 'viewDraft')
225 {
226 $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id'];
227 $getdraft2 = mysql_query($getdraft);
228 $getdraft3 = mysql_fetch_array($getdraft2);
229
230 if ($getdraft3['id'] == $_GET['id'])
231 {
232 $template = new FITemplate('post');
233 $template->adds_block('INTERNAL',array('exi'=>1));
234 $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'],
235 'YEARID' => ((date('Y')-2006) % 4),
236 'DATE' => date('F jS Y \a\\t g:i:s a'),
237 'MONTH' => date('M'),
238 'DAY' => date('d'),
239 'CODED' => $getdraft3['slug'],
240 'TITLE' => $getdraft3['title'],
241 'AUTHOR' => $getdraft3['author'],
242 'RATING' => 0,
243 'TEXT' => parseText($getdraft3['text'])));
244
245 $tags = getTags($getdraft3['id'], 'draft');
246 foreach ($tags as $tag)
247 {
248 $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag));
249 }
250 } else {
251 $template = new FITemplate('msg');
252 $template->add('BACK', 'the previous page');
253 $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.');
254 }
255 } else if ($_GET['page'] == 'managePending')
256 {
257 $template = new FITemplate('admin/managePending');
258
259 $getpending = "SELECT * FROM pending ORDER BY id ASC";
260 $getpending2 = mysql_query($getpending);
261 $i=0;
262 while ($getpending3[$i] = mysql_fetch_array($getpending2))
263 {
264 $template->adds_block('PENDING', array( 'TITLE' => $getpending3[$i]['title'],
265 'AUTHOR' => $getpending3[$i]['author'],
266 'ID' => $getpending3[$i]['id']));
267 $i++;
268 }
269 } else if ($_GET['page'] == 'editPending')
270 {
271 $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
272 $getpending2 = mysql_query($getpending);
273 $getpending3 = mysql_fetch_array($getpending2);
274
275 if ($getpending3['id'] == $_GET['id'])
276 {
277 if (!isset($_GET['submit']))
278 {
279 $template = new FITemplate('admin/editPending');
280 $template->add('ID', $_GET['id']);
281 $template->add('TEXT', $getpending3['text']);
282 $template->add('TAGS', implode(',', getTags($getpending3['id'], 'pending')));
283 $template->add('TITLE', $getpending3['title']);
284 } else {
285 $tags = explode(',', $_POST['tags']);
286
287 $setpending = "UPDATE pending SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
288 $setpending2 = mysql_query($setpending);
289
290 removeTags($_GET['id'], 'pending');
291 addTags($_GET['id'], $tags, 'pending');
292
293 $template = new FITemplate('admin/pendingSuccess');
294 $template->add('ID', $_GET['id']);
295 }
296 } else {
297 $template = new FITemplate('msg');
298 $template->add('BACK', 'the previous page');
299 $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
300 }
301 } else if ($_GET['page'] == 'deletePending')
302 {
303 $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
304 $getpending2 = mysql_query($getpending);
305 $getpending3 = mysql_fetch_array($getpending2);
306
307 if ($getpending3['id'] == $_GET['id'])
308 {
309 if (!isset($_GET['submit']))
310 {
311 $template = new FITemplate('admin/deletePending');
312 $template->add('ID', $_GET['id']);
313 } else {
314 $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'];
315 $delpending2 = mysql_query($delpending);
316
317 removeTags($_GET['id'], 'pending');
318
319 $template = new FITemplate('admin/deletedPending');
320 }
321 } else {
322 $template = new FITemplate('msg');
323 $template->add('BACK', 'the previous page');
324 $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
325 }
326 } else if ($_GET['page'] == 'viewPending')
327 {
328 $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
329 $getpending2 = mysql_query($getpending);
330 $getpending3 = mysql_fetch_array($getpending2);
331
332 if ($getpending3['id'] == $_GET['id'])
333 {
334 $template = new FITemplate('post');
335 $template->adds_block('INTERNAL',array('exi'=>1));
336 $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'],
337 'YEARID' => ((date('Y')-2006) % 4),
338 'DATE' => date('F jS Y \a\\t g:i:s a'),
339 'MONTH' => date('M'),
340 'DAY' => date('d'),
341 'CODED' => $getpending3['slug'],
342 'TITLE' => $getpending3['title'],
343 'AUTHOR' => $getpending3['author'],
344 'RATING' => 0,
345 'TEXT' => parseText($getpending3['text'])));
346
347 $tags = getTags($getpending3['id'], 'pending');
348 foreach ($tags as $tag)
349 {
350 $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag));
351 }
352 } else {
353 $template = new FITemplate('msg');
354 $template->add('BACK', 'the previous page');
355 $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
356 }
357 } else if ($_GET['page'] == 'movePending')
358 {
359 $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id'];
360 $getpending2 = mysql_query($getpending);
361 $getpending3 = mysql_fetch_array($getpending2);
362
363 if ($getpending3['id'] == $_GET['id'])
364 {
365 if ($_GET['dir'] == 'up')
366 {
367 $get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " ORDER BY id DESC LIMIT 0,1";
368 $get2pending2 = mysql_query($get2pending);
369 $get2pending3 = mysql_fetch_array($get2pending2);
370
371 if (isset($get2pending3['id']))
372 {
373 $otherPending = $get2pending3;
374 } else {
375 $template = new FITemplate('msg2');
376 $template->add('BACK', 'Back to the pending queue');
377 $template->add('LINK', 'managePending.php');
378 $template->add('MSG', 'I\'m sorry, that pending post is already the first.');
379 }
380 } else if ($_GET['dir'] == 'down')
381 {
382 $get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " ORDER BY id ASC LIMIT 0,1";
383 $get2pending2 = mysql_query($get2pending);
384 $get2pending3 = mysql_fetch_array($get2pending2);
385
386 if (isset($get2pending3['id']))
387 {
388 $otherPending = $get2pending3;
389 } else {
390 $template = new FITemplate('msg2');
391 $template->add('BACK', 'Back to the pending queue');
392 $template->add('LINK', 'managePending.php');
393 $template->add('MSG', 'I\'m sorry, that pending post is already the last.');
394 }
395 }
396
397 if (isset($otherPending))
398 {
399 $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id'];
400 $delpending2 = mysql_query($delpending);
401
402 $inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . mysql_real_escape_string($otherPending['text']) . "\",\"" . $otherPending['slug'] . "\")";
403 $inspending2 = mysql_query($inspending);
404
405 $ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . mysql_real_escape_string($getpending3['text']) . "\",\"" . $getpending3['slug'] . "\")";
406 $ins2pending2 = mysql_query($ins2pending) or die($ins2pending);
407
408 $tags1 = getTags($_GET['id'], 'pending');
409 $tags2 = getTags($otherPending['id'], 'pending');
410 removeTags($_GET['id'], 'pending');
411 removeTags($otherPending['id'], 'pending');
412 addTags($_GET['id'], $tags2, 'pending');
413 addTags($otherPending['id'], $tags1, 'pending');
414
415 header('Location: managePending.php');
416 exit;
417 }
418 } else {
419 $template = new FITemplate('msg2');
420 $template->add('BACK', 'Back to the pending queue');
421 $template->add('LINK', 'managePending.php');
422 $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.');
423 }
424 } else if ($_GET['page'] == 'managePosts')
425 {
426 $template = new FITemplate('admin/managePosts');
427
428 $getposts = "SELECT * FROM updates ORDER BY id ASC";
429 $getposts2 = mysql_query($getposts);
430 $i=0;
431 while ($getposts3[$i] = mysql_fetch_array($getposts2))
432 {
433 $template->adds_block('POST', array( 'TITLE' => $getposts3[$i]['title'],
434 'AUTHOR' => $getposts3[$i]['author'],
435 'ID' => $getposts3[$i]['id'],
436 'CODED' => $getposts3[$i]['slug']));
437 $i++;
438 }
439 } else if ($_GET['page'] == 'editPost')
440 {
441 $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id'];
442 $getpost2 = mysql_query($getpost);
443 $getpost3 = mysql_fetch_array($getpost2);
444
445 if ($getpost3['id'] == $_GET['id'])
446 {
447 if (!isset($_GET['submit']))
448 {
449 $template = new FITemplate('admin/editPost');
450 $template->add('ID', $_GET['id']);
451 $template->add('TEXT', $getpost3['text']);
452 $template->add('TAGS', implode(',', getTags($getpost3['id'])));
453 $template->add('TITLE', $getpost3['title']);
454 } else {
455 $tags = explode(',', $_POST['tags']);
456
457 $setpost = "UPDATE updates SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id'];
458 $setpost2 = mysql_query($setpost);
459
460 removeTags($_GET['id']);
461 addTags($_GET['id'], $tags);
462
463 $template = new FITemplate('admin/postSuccess');
464 $template->add('ID', $_GET['id']);
465 $template->add('CODED', $getpost3['slug']);
466 }
467 } else {
468 $template = new FITemplate('msg');
469 $template->add('BACK', 'the previous page');
470 $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.');
471 }
472 } else if ($_GET['page'] == 'deletePost')
473 {
474 $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id'];
475 $getpost2 = mysql_query($getpost);
476 $getpost3 = mysql_fetch_array($getpost2);
477
478 if ($getpost3['id'] == $_GET['id'])
479 {
480 if (!isset($_GET['submit']))
481 {
482 $template = new FITemplate('admin/deletePost');
483 $template->add('ID', $_GET['id']);
484 } else {
485 $delpost = "DELETE FROM updates WHERE id = " . $_GET['id'];
486 $delpost2 = mysql_query($delpost);
487
488 removeTags($_GET['id']);
489
490 $template = new FITemplate('admin/deletedPost');
491 }
492 } else {
493 $template = new FITemplate('msg');
494 $template->add('BACK', 'the previous page');
495 $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.');
496 }
497 } else if ($_GET['page'] == 'moderateComments')
498 {
499 $template = new FITemplate('admin/moderateComments');
500
501 $getcomments = "SELECT * FROM moderation ORDER BY id ASC";
502 $getcomments2 = mysql_query($getcomments);
503 $i=0;
504 while ($getcomments3[$i] = mysql_fetch_array($getcomments2))
505 {
506 $comType = substr($getcomments3[$i]['page_id'],0,strpos($getcomments3[$i]['page_id'],'-'));
507 $comID = substr($getcomments3[$i]['page_id'],strpos($getcomments3[$i]['page_id'],'-')+1);
508
509 if ($comType == 'updates')
510 {
511 $getpost = "SELECT * FROM updates WHERE id = " . $comID;
512 $getpost2 = mysql_query($getpost);
513 $getpost3 = mysql_fetch_array($getpost2);
514 $title = $getpost3['title'];
515 } else if ($comType = 'polloftheweek')
516 {
517 $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $comID;
518 $getpoll2 = mysql_query($getpoll);
519 $getpoll3 = mysql_fetch_array($getpoll2);
520 $title = $getpoll3['question'];
521 } else if ($comType = 'quotes')
522 {
523 $getquote = "SELECT * FROM rash_quotes WHERE id = " . $comID;
524 $getquote2 = mysql_query($getquote);
525 $getquote3 = mysql_fetch_array($getquote2);
526 $title = '#' . $getquote3['id'];
527 }
528
529 $template->adds_block('COMMENT', array( 'TITLE' => $title,
530 'AUTHOR' => $getcomments3[$i]['author'],
531 'ID' => $getcomments3[$i]['id']));
532 $i++;
533 }
534 } else if ($_GET['page'] == 'viewComment')
535 {
536 $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
537 $getcomment2 = mysql_query($getcomment);
538 $getcomment3 = mysql_fetch_array($getcomment2);
539
540 if ($getcomment3['id'] == $_GET['id'])
541 {
542 $template = new FITemplate('admin/viewComment');
543 $template->add('ID', $_GET['id']);
544 $template->add('USERNAME', $getcomment3['author']);
545 $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email'])));
546 $template->add('TEXT', parseText($getcomment3['comment']));
547 $template->add('DATE', date("F jS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate'])));
548 } else {
549 $template = new FITemplate('msg');
550 $template->add('BACK', 'the previous page');
551 $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.');
552 }
553 } else if ($_GET['page'] == 'actionComment')
554 {
555 $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id'];
556 $getcomment2 = mysql_query($getcomment);
557 $getcomment3 = mysql_fetch_array($getcomment2);
558
559 if ($getcomment3['id'] == $_GET['id'])
560 {
561 if (isset($_GET['approve']))
562 {
563 $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")";
564 $insanon2 = mysql_query($insanon);
565
566 $inscomment = "INSERT INTO comments (page_id,user_id,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\"," . mysql_insert_id() . ",\"" . $getcomment3['comment'] . "\",1)";
567 $inscomment2 = mysql_query($inscomment);
568
569 $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id'];
570 $delcomment2 = mysql_query($delcomment);
571
572 $template = new FITemplate('msg');
573 $template->add('BACK', 'Comment Moderation');
574 $template->add('MSG', 'You\'ve successfully approved this comment.');
575 } else if (isset($_GET['deny']))
576 {
577 $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id'];
578 $delcomment2 = mysql_query($delcomment);
579
580 $template = new FITemplate('msg');
581 $template->add('BACK', 'Comment Moderation');
582 $template->add('MSG', 'You\'ve successfully denied this comment.');
583 } else {
584 $template = new FITemplate('msg');
585 $template->add('BACK', 'the previous page');
586 $template->add('MSG', "Um, what on earth are you doing?");
587 }
588 } else {
589 $template = new FITemplate('msg');
590 $template->add('BACK', 'the previous page');
591 $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.');
592 }
593 } else if ($_GET['page'] == 'pollProcess')
594 {
595 if (!isset($_GET['step']))
596 {
597 $template = new FITemplate('admin/pollrss');
598 } else if ($_GET['step'] == 2)
599 {
600 $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")";
601 $insrss2 = mysql_query($insrss);
602
603 $template = new FITemplate('admin/newPoll');
604 } else if ($_GET['step'] == 3)
605 {
606 $inspoll = "INSERT INTO polloftheweek (question,option1,option2,option3,option4) VALUES (\"" . mysql_real_escape_string($_POST['question']) . "\",\"" . $_POST['option1'] . "\",\"" . $_POST['option2'] . "\",\"" . $_POST['option3'] . "\",\"" . $_POST['option4'] . "\")";
607 $inspoll2 = mysql_query($inspoll);
608
609 $cleardid = "TRUNCATE TABLE didpollalready";
610 $cleardid2 = mysql_query($cleardid);
611
612 $template = new FITemplate('msg2');
613 $template->add('BACK', 'Back to the Admin Panel');
614 $template->add('LINK', '/admin/');
615 $template->add('MSG', "You've successfully created a poll!");
616 } else {
617 $template = new FITemplate('msg');
618 $template->add('BACK', 'the previous page');
619 $template->add('MSG', "Um, what on earth are you doing?");
620 }
621 } else if ($_GET['page'] == 'managePendingQuotes')
622 {
623 $template = new FITemplate('admin/managePendingQuotes');
624
625 $getpending = "SELECT * FROM rash_queue ORDER BY id ASC";
626 $getpending2 = mysql_query($getpending);
627 $i=0;
628 while ($getpending3[$i] = mysql_fetch_array($getpending2))
629 {
630 if ($i % 2 == 1)
631 {
632 $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'],
633 'TEXT' => nl2br($getpending3[$i]['quote']),
634 'EVEN' => 'even'));
635 } else {
636 $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'],
637 'TEXT' => nl2br($getpending3[$i]['quote'])));
638 }
639
640 $i++;
641 }
642 } else if ($_GET['page'] == 'actionPendingQuotes')
643 {
644 $getpending = "SELECT * FROM rash_queue WHERE id = " . $_GET['id'];
645 $getpending2 = mysql_query($getpending);
646 $getpending3 = mysql_fetch_array($getpending2);
647
648 if ($getpending3['id'] == $_GET['id'])
649 {
650 if (isset($_GET['approve']))
651 {
652 $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . time() . "\")";
653 $insquote2 = mysql_query($insquote);
654
655 $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id'];
656 $delpending2 = mysql_query($delpending);
657
658 $template = new FITemplate('msg2');
659 $template->add('BACK', 'Back to the Admin Panel');
660 $template->add('LINK', '/admin/');
661 $template->add('MSG', "You've successfully approved this quote.");
662 } else if (isset($_GET['deny']))
663 {
664 $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id'];
665 $delpending2 = mysql_query($delpending);
666
667 $template = new FITemplate('msg2');
668 $template->add('BACK', 'Back to the Admin Panel');
669 $template->add('LINK', '/admin/');
670 $template->add('MSG', "You've successfully denied this quote.");
671 } else {
672 $template = new FITemplate('msg');
673 $template->add('BACK', 'the previous page');
674 $template->add('MSG', "Um, what on earth are you doing?");
675 }
676 } else {
677 $template = new FITemplate('msg');
678 $template->add('BACK', 'the previous page');
679 $template->add('MSG', 'I\'m sorry, but this pending quote doesn\'t exist.');
680 }
681 } else if ($_GET['page'] == 'hgUpdate')
682 {
683 $template = new FITemplate('msg');
684 $template->add('BACK', 'the Admin Panel');
685
686 ob_start();
687 system('hg update');
688 $template->add('MSG', ob_get_contents());
689 ob_end_clean();
690 } else if ($_GET['page'] == 'maintenanceMode')
691 {
692 if (isset($_GET['submit']))
693 {
694 if ($_POST['mode'] == 'on')
695 {
696 $set = 1;
697 } else if ($_POST['mode'] == 'off')
698 {
699 $set = 0;
700 } else {
701 $template = new FITemplate('msg');
702 $template->add('MSG', 'You seem to have somehow messed up the form. That\'s weird.');
703 $template->add('BACK', 'the Maintenance Mode form');
704 }
705
706 if (isset($set))
707 {
708 $setconfig = "UPDATE config SET value = \"" . $set . "\" WHERE name = \"maintenanceMode\"";
709 $setconfig2 = mysql_query($setconfig);
710
711 $template = new FITemplate('msg');
712 $template->add('MSG', 'Maintenance Mode has successfully been set to "' . $_POST['mode'] . '"');
713 $template->add('BACK', 'the Maintenance Mode form');
714 }
715 } else {
716 $template = new FITemplate('admin/maintenanceMode');
717
718 $getconfig = "SELECT * FROM config WHERE name = \"maintenanceMode\"";
719 $getconfig2 = mysql_query($getconfig);
720 $getconfig3 = mysql_fetch_array($getconfig2);
721 if ($getconfig3['value'] == '1')
722 {
723 $template->add('ON', ' checked="checked"');
724 } else {
725 $template->add('OFF', ' checked="checked"');
726 }
727 }
728 } else {
729 generateError(404);
730 }
731 @$template->display();
732 } else {
733 generateError(404);
734 }
735} else {
736 generateError(404);
737}
738
739?>
diff --git a/pages/poll.php b/pages/poll.php index 6582d90..6a87207 100755 --- a/pages/poll.php +++ b/pages/poll.php
@@ -88,36 +88,37 @@ if (!isset($_GET['id']))
88 $getpoll2 = mysql_query($getpoll); 88 $getpoll2 = mysql_query($getpoll);
89 $getpoll3 = mysql_fetch_array($getpoll2); 89 $getpoll3 = mysql_fetch_array($getpoll2);
90 90
91 $template->add('QUESTION', $getpoll3['question']); 91 if ($getpoll3['id'] == $_GET['id'])
92
93 $getrss = "SELECT * FROM pollrss WHERE id = " . $_GET['id'];
94 $getrss2 = mysql_query($getrss);
95 $getrss3 = mysql_fetch_array($getrss2);
96
97 if ($getrss3['id'] == $_GET['id'])
98 { 92 {
99 $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), 93 $template->add('QUESTION', $getpoll3['question']);
100 'AUTHOR' => $getrss3['author'],
101 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getrss3['date'])),
102 'OPTION1' => $getpoll3['option1'],
103 'OPTION2' => $getpoll3['option2'],
104 'OPTION3' => $getpoll3['option3'],
105 'OPTION4' => $getpoll3['option4'],
106 'CLICKS1' => $getpoll3['clicks1'],
107 'CLICKS2' => $getpoll3['clicks2'],
108 'CLICKS3' => $getpoll3['clicks3'],
109 'CLICKS4' => $getpoll3['clicks4']));
110 } else {
111 $template->adds_block('INCOMPLETE', array('exi'=>1));
112 }
113 94
114 $template->add('POTW', getPollOfTheWeek($_GET['id'])); 95 if ($getpoll3['text'] != '')
115 $template->display(); 96 {
97 $template->adds_block('COMPLETE', array( 'RSS' => parseText($getpoll3['text']),
98 'AUTHOR' => $getrss3['author'],
99 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])),
100 'OPTION1' => $getpoll3['option1'],
101 'OPTION2' => $getpoll3['option2'],
102 'OPTION3' => $getpoll3['option3'],
103 'OPTION4' => $getpoll3['option4'],
104 'CLICKS1' => $getpoll3['clicks1'],
105 'CLICKS2' => $getpoll3['clicks2'],
106 'CLICKS3' => $getpoll3['clicks3'],
107 'CLICKS4' => $getpoll3['clicks4']));
108 } else {
109 $template->adds_block('INCOMPLETE', array('exi'=>1));
110 }
111
112 $template->add('POTW', getPollOfTheWeek($_GET['id']));
113 $template->display();
116 114
117 $page_id = 'polloftheweek-' . $getpoll3['id']; 115 $page_id = 'polloftheweek-' . $getpoll3['id'];
118 include('includes/comments.php'); 116 include('includes/comments.php');
119 117
120 displayRelated($getpoll3['question']); 118 displayRelated($getpoll3['question']);
119 } else {
120 generateError('404');
121 }
121} 122}
122 123
123?> 124?>
diff --git a/pages/quotes.php b/pages/quotes.php index 4d0b46e..f1e0d65 100755 --- a/pages/quotes.php +++ b/pages/quotes.php
@@ -168,11 +168,19 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id'])))
168 } 168 }
169} else if (is_numeric($_GET['act'])) 169} else if (is_numeric($_GET['act']))
170{ 170{
171 $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; 171 $getquote = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act'];
172 quote_generation($query, "#" . $_GET['act'], -1); 172 $getquote2 = mysql_query($getquote);
173 $getquote3 = mysql_fetch_array($getquote2);
173 174
174 $page_id = 'quote-' . $_GET['act']; 175 if ($getquote3['id'] == $_GET['act'])
175 include('includes/comments.php'); 176 {
177 quote_generation($getquote, "#" . $_GET['act'], -1);
178
179 $page_id = 'quote-' . $_GET['act'];
180 include('includes/comments.php');
181 } else {
182 generateError('404');
183 }
176} else { 184} else {
177 generateError('404'); 185 generateError('404');
178} 186}
diff --git a/pages/viewPost.php b/pages/viewPost.php new file mode 100644 index 0000000..1daca00 --- /dev/null +++ b/pages/viewPost.php
@@ -0,0 +1,62 @@
1<?php
2/*
3 444444444
4 4::::::::4
5 4:::::::::4
6 4::::44::::4
7 4::::4 4::::4 Four Island
8 4::::4 4::::4
9 4::::4 4::::4 Written and maintained by Starla Insigna
104::::444444::::444
114::::::::::::::::4 pages/viewPost.php
124444444444:::::444
13 4::::4 Please do not use, reproduce or steal the
14 4::::4 contents of this file without explicit
15 4::::4 permission from Hatkirby.
16 44::::::44
17 4::::::::4
18 4444444444
19*/
20
21if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
22
23require('headerproc.php');
24
25if (!isAdmin())
26{
27 generateError('404');
28} else {
29 $template = new FITemplate('post');
30 $template->adds_block('INTERNAL',array('exi'=>1));
31
32 $getpost = "SELECT * FROM " . $_GET['type'] . " WHERE id = " . $_GET['id'];
33 $getpost2 = mysql_query($getpost);
34 $getpost3 = mysql_fetch_array($getpost2);
35
36 if ($getpost3['id'] == $_GET['id'])
37 {
38 $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'],
39 'YEARID' => ((date('Y')-2006) % 4),
40 'DATE' => date('F jS Y \a\\t g:i:s a'),
41 'MONTH' => date('M'),
42 'DAY' => date('d'),
43 'CODED' => $getpost3['slug'],
44 'TITLE' => $getpost3['title'],
45 'AUTHOR' => $getpost3['author'],
46 'RATING' => $getpost3['rating'],
47 'TEXT' => parseText($getpost3['text'])));
48
49 $tags = getTags($getpost3['id']);
50 foreach ($tags as $tag)
51 {
52 $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag));
53 }
54
55 $template->adds_ref_sub(0, 'NOVOTE', array('exi'=>1));
56 $template->display();
57 } else {
58 generateError('404');
59 }
60}
61
62?>
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-06-29 11:21:54 +0000