From b5736e3ad3830fa732dcbd1a518ec3dd6ea7b98a Mon Sep 17 00:00:00 2001 From: Starla Insigna Date: Thu, 13 Aug 2009 17:46:09 -0400 Subject: Rewrote Admin panel The following database changes must be made: * A TEXT column called "text" must be added to the end of "polloftheweek" * The transferPollRss.php script must be run * The "pollrss" table must be dropped Closes #113 --- pages/admin.php | 739 ----------------------------------------------------- pages/poll.php | 53 ++-- pages/quotes.php | 16 +- pages/viewPost.php | 62 +++++ 4 files changed, 101 insertions(+), 769 deletions(-) delete mode 100755 pages/admin.php create mode 100644 pages/viewPost.php (limited to 'pages') diff --git a/pages/admin.php b/pages/admin.php deleted file mode 100755 index 326cbdd..0000000 --- a/pages/admin.php +++ /dev/null @@ -1,739 +0,0 @@ -add('ID', $id); - } else if ($_POST['type'] == 'instant') - { - $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']); - - $getpost = "SELECT * FROM updates WHERE id = " . $id; - $getpost2 = mysql_query($getpost); - $getpost3 = mysql_fetch_array($getpost2); - - $template = new FITemplate('admin/postSuccess'); - $template->add('ID', $id); - $template->add('CODED', $getpost3['slug']); - } else { - if ($_POST['type'] == 'normal') - { - $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - if (isset($getpending3['id']) === FALSE) - { - $id = 50; - } else { - $id = $getpending3['id']+1; - } - } else if ($_POST['type'] == 'priority') - { - $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - if (isset($getpending3['id']) === FALSE) - { - $id = 50; - } else { - $id = $getpending3['id']-1; - } - } else { - generateError(404); - } - - $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; - $inspending2 = mysql_query($inspending); - - addTags($id, $tags, 'pending'); - - $template = new FITemplate('admin/pendingSuccess'); - $template->add('ID', $id); - } - } - } else if ($_GET['page'] == 'manageDrafts') - { - $template = new FITemplate('admin/manageDrafts'); - - $getdrafts = "SELECT * FROM drafts ORDER BY id ASC"; - $getdrafts2 = mysql_query($getdrafts); - $i=0; - while ($getdrafts3[$i] = mysql_fetch_array($getdrafts2)) - { - $template->adds_block('DRAFT', array( 'TITLE' => $getdrafts3[$i]['title'], - 'AUTHOR' => $getdrafts3[$i]['author'], - 'ID' => $getdrafts3[$i]['id'])); - $i++; - } - } else if ($_GET['page'] == 'editDraft') - { - $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; - $getdraft2 = mysql_query($getdraft); - $getdraft3 = mysql_fetch_array($getdraft2); - - if ($getdraft3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/editDraft'); - $template->add('ID', $_GET['id']); - $template->add('TEXT', $getdraft3['text']); - $template->add('TAGS', implode(',', getTags($getdraft3['id'], 'draft'))); - $template->add('TITLE', $getdraft3['title']); - } else { - $tags = explode(',', $_POST['tags']); - removeTags($_GET['id'], 'draft'); - - if ($_POST['type'] == 'draft') - { - $setdraft = "UPDATE drafts SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; - $setdraft2 = mysql_query($setdraft); - - addTags($_GET['id'], $tags, 'draft'); - - $template = new FITemplate('admin/draftSuccess'); - $template->add('ID', $_GET['id']); - } else if ($_POST['type'] == 'instant') - { - $id = postBlogPost($_POST['title'], getSessionUsername(), $tags, $_POST['text']); - - $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; - $deldraft2 = mysql_query($deldraft); - - $getpost = "SELECT * FROM updates WHERE id = " . $id; - $getpost2 = mysql_query($getpost); - $getpost3 = mysql_fetch_array($getpost2); - - $template = new FITemplate('admin/postSuccess'); - $template->add('ID', $id); - $template->add('CODED', $getpost3['slug']); - } else { - if ($_POST['type'] == 'normal') - { - $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - if (isset($getpending3['id']) === FALSE) - { - $id = 50; - } else { - $id = $getpending3['id']+1; - } - } else if ($_POST['type'] == 'priority') - { - $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - if (isset($getpending3['id']) === FALSE) - { - $id = 50; - } else { - $id = $getpending3['id']-1; - } - } else { - generateError(404); - } - - $inspending = "INSERT INTO pending (id,title,author,text,slug) VALUES (" . $id . ",\"" . mysql_real_escape_string($_POST['title']) . "\",\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; - $inspending2 = mysql_query($inspending); - - addTags($id, $tags, 'pending'); - - $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; - $deldraft2 = mysql_query($deldraft); - - $template = new FITemplate('admin/pendingSuccess'); - $template->add('ID', $id); - } - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); - } - } else if ($_GET['page'] == 'deleteDraft') - { - $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; - $getdraft2 = mysql_query($getdraft); - $getdraft3 = mysql_fetch_array($getdraft2); - - if ($getdraft3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/deleteDraft'); - $template->add('ID', $_GET['id']); - } else { - $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; - $deldraft2 = mysql_query($deldraft); - - removeTags($_GET['id'], 'draft'); - - $template = new FITemplate('admin/deletedDraft'); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); - } - } else if ($_GET['page'] == 'viewDraft') - { - $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; - $getdraft2 = mysql_query($getdraft); - $getdraft3 = mysql_fetch_array($getdraft2); - - if ($getdraft3['id'] == $_GET['id']) - { - $template = new FITemplate('post'); - $template->adds_block('INTERNAL',array('exi'=>1)); - $template->add_ref(0, 'POST', array( 'ID' => $getdraft3['id'], - 'YEARID' => ((date('Y')-2006) % 4), - 'DATE' => date('F jS Y \a\\t g:i:s a'), - 'MONTH' => date('M'), - 'DAY' => date('d'), - 'CODED' => $getdraft3['slug'], - 'TITLE' => $getdraft3['title'], - 'AUTHOR' => $getdraft3['author'], - 'RATING' => 0, - 'TEXT' => parseText($getdraft3['text']))); - - $tags = getTags($getdraft3['id'], 'draft'); - foreach ($tags as $tag) - { - $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); - } - } else if ($_GET['page'] == 'managePending') - { - $template = new FITemplate('admin/managePending'); - - $getpending = "SELECT * FROM pending ORDER BY id ASC"; - $getpending2 = mysql_query($getpending); - $i=0; - while ($getpending3[$i] = mysql_fetch_array($getpending2)) - { - $template->adds_block('PENDING', array( 'TITLE' => $getpending3[$i]['title'], - 'AUTHOR' => $getpending3[$i]['author'], - 'ID' => $getpending3[$i]['id'])); - $i++; - } - } else if ($_GET['page'] == 'editPending') - { - $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - - if ($getpending3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/editPending'); - $template->add('ID', $_GET['id']); - $template->add('TEXT', $getpending3['text']); - $template->add('TAGS', implode(',', getTags($getpending3['id'], 'pending'))); - $template->add('TITLE', $getpending3['title']); - } else { - $tags = explode(',', $_POST['tags']); - - $setpending = "UPDATE pending SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; - $setpending2 = mysql_query($setpending); - - removeTags($_GET['id'], 'pending'); - addTags($_GET['id'], $tags, 'pending'); - - $template = new FITemplate('admin/pendingSuccess'); - $template->add('ID', $_GET['id']); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'deletePending') - { - $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - - if ($getpending3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/deletePending'); - $template->add('ID', $_GET['id']); - } else { - $delpending = "DELETE FROM pending WHERE id = " . $_GET['id']; - $delpending2 = mysql_query($delpending); - - removeTags($_GET['id'], 'pending'); - - $template = new FITemplate('admin/deletedPending'); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'viewPending') - { - $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - - if ($getpending3['id'] == $_GET['id']) - { - $template = new FITemplate('post'); - $template->adds_block('INTERNAL',array('exi'=>1)); - $template->add_ref(0, 'POST', array( 'ID' => $getpending3['id'], - 'YEARID' => ((date('Y')-2006) % 4), - 'DATE' => date('F jS Y \a\\t g:i:s a'), - 'MONTH' => date('M'), - 'DAY' => date('d'), - 'CODED' => $getpending3['slug'], - 'TITLE' => $getpending3['title'], - 'AUTHOR' => $getpending3['author'], - 'RATING' => 0, - 'TEXT' => parseText($getpending3['text']))); - - $tags = getTags($getpending3['id'], 'pending'); - foreach ($tags as $tag) - { - $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'movePending') - { - $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - - if ($getpending3['id'] == $_GET['id']) - { - if ($_GET['dir'] == 'up') - { - $get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " ORDER BY id DESC LIMIT 0,1"; - $get2pending2 = mysql_query($get2pending); - $get2pending3 = mysql_fetch_array($get2pending2); - - if (isset($get2pending3['id'])) - { - $otherPending = $get2pending3; - } else { - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the pending queue'); - $template->add('LINK', 'managePending.php'); - $template->add('MSG', 'I\'m sorry, that pending post is already the first.'); - } - } else if ($_GET['dir'] == 'down') - { - $get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " ORDER BY id ASC LIMIT 0,1"; - $get2pending2 = mysql_query($get2pending); - $get2pending3 = mysql_fetch_array($get2pending2); - - if (isset($get2pending3['id'])) - { - $otherPending = $get2pending3; - } else { - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the pending queue'); - $template->add('LINK', 'managePending.php'); - $template->add('MSG', 'I\'m sorry, that pending post is already the last.'); - } - } - - if (isset($otherPending)) - { - $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id']; - $delpending2 = mysql_query($delpending); - - $inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . mysql_real_escape_string($otherPending['text']) . "\",\"" . $otherPending['slug'] . "\")"; - $inspending2 = mysql_query($inspending); - - $ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . mysql_real_escape_string($getpending3['text']) . "\",\"" . $getpending3['slug'] . "\")"; - $ins2pending2 = mysql_query($ins2pending) or die($ins2pending); - - $tags1 = getTags($_GET['id'], 'pending'); - $tags2 = getTags($otherPending['id'], 'pending'); - removeTags($_GET['id'], 'pending'); - removeTags($otherPending['id'], 'pending'); - addTags($_GET['id'], $tags2, 'pending'); - addTags($otherPending['id'], $tags1, 'pending'); - - header('Location: managePending.php'); - exit; - } - } else { - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the pending queue'); - $template->add('LINK', 'managePending.php'); - $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'managePosts') - { - $template = new FITemplate('admin/managePosts'); - - $getposts = "SELECT * FROM updates ORDER BY id ASC"; - $getposts2 = mysql_query($getposts); - $i=0; - while ($getposts3[$i] = mysql_fetch_array($getposts2)) - { - $template->adds_block('POST', array( 'TITLE' => $getposts3[$i]['title'], - 'AUTHOR' => $getposts3[$i]['author'], - 'ID' => $getposts3[$i]['id'], - 'CODED' => $getposts3[$i]['slug'])); - $i++; - } - } else if ($_GET['page'] == 'editPost') - { - $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; - $getpost2 = mysql_query($getpost); - $getpost3 = mysql_fetch_array($getpost2); - - if ($getpost3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/editPost'); - $template->add('ID', $_GET['id']); - $template->add('TEXT', $getpost3['text']); - $template->add('TAGS', implode(',', getTags($getpost3['id']))); - $template->add('TITLE', $getpost3['title']); - } else { - $tags = explode(',', $_POST['tags']); - - $setpost = "UPDATE updates SET title = \"" . mysql_real_escape_string($_POST['title']) . "\", text = \"" . mysql_real_escape_string($_POST['text']) . "\" WHERE id = " . $_GET['id']; - $setpost2 = mysql_query($setpost); - - removeTags($_GET['id']); - addTags($_GET['id'], $tags); - - $template = new FITemplate('admin/postSuccess'); - $template->add('ID', $_GET['id']); - $template->add('CODED', $getpost3['slug']); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'deletePost') - { - $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; - $getpost2 = mysql_query($getpost); - $getpost3 = mysql_fetch_array($getpost2); - - if ($getpost3['id'] == $_GET['id']) - { - if (!isset($_GET['submit'])) - { - $template = new FITemplate('admin/deletePost'); - $template->add('ID', $_GET['id']); - } else { - $delpost = "DELETE FROM updates WHERE id = " . $_GET['id']; - $delpost2 = mysql_query($delpost); - - removeTags($_GET['id']); - - $template = new FITemplate('admin/deletedPost'); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); - } - } else if ($_GET['page'] == 'moderateComments') - { - $template = new FITemplate('admin/moderateComments'); - - $getcomments = "SELECT * FROM moderation ORDER BY id ASC"; - $getcomments2 = mysql_query($getcomments); - $i=0; - while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) - { - $comType = substr($getcomments3[$i]['page_id'],0,strpos($getcomments3[$i]['page_id'],'-')); - $comID = substr($getcomments3[$i]['page_id'],strpos($getcomments3[$i]['page_id'],'-')+1); - - if ($comType == 'updates') - { - $getpost = "SELECT * FROM updates WHERE id = " . $comID; - $getpost2 = mysql_query($getpost); - $getpost3 = mysql_fetch_array($getpost2); - $title = $getpost3['title']; - } else if ($comType = 'polloftheweek') - { - $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $comID; - $getpoll2 = mysql_query($getpoll); - $getpoll3 = mysql_fetch_array($getpoll2); - $title = $getpoll3['question']; - } else if ($comType = 'quotes') - { - $getquote = "SELECT * FROM rash_quotes WHERE id = " . $comID; - $getquote2 = mysql_query($getquote); - $getquote3 = mysql_fetch_array($getquote2); - $title = '#' . $getquote3['id']; - } - - $template->adds_block('COMMENT', array( 'TITLE' => $title, - 'AUTHOR' => $getcomments3[$i]['author'], - 'ID' => $getcomments3[$i]['id'])); - $i++; - } - } else if ($_GET['page'] == 'viewComment') - { - $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; - $getcomment2 = mysql_query($getcomment); - $getcomment3 = mysql_fetch_array($getcomment2); - - if ($getcomment3['id'] == $_GET['id']) - { - $template = new FITemplate('admin/viewComment'); - $template->add('ID', $_GET['id']); - $template->add('USERNAME', $getcomment3['author']); - $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); - $template->add('TEXT', parseText($getcomment3['comment'])); - $template->add('DATE', date("F jS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); - } - } else if ($_GET['page'] == 'actionComment') - { - $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; - $getcomment2 = mysql_query($getcomment); - $getcomment3 = mysql_fetch_array($getcomment2); - - if ($getcomment3['id'] == $_GET['id']) - { - if (isset($_GET['approve'])) - { - $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; - $insanon2 = mysql_query($insanon); - - $inscomment = "INSERT INTO comments (page_id,user_id,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\"," . mysql_insert_id() . ",\"" . $getcomment3['comment'] . "\",1)"; - $inscomment2 = mysql_query($inscomment); - - $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; - $delcomment2 = mysql_query($delcomment); - - $template = new FITemplate('msg'); - $template->add('BACK', 'Comment Moderation'); - $template->add('MSG', 'You\'ve successfully approved this comment.'); - } else if (isset($_GET['deny'])) - { - $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; - $delcomment2 = mysql_query($delcomment); - - $template = new FITemplate('msg'); - $template->add('BACK', 'Comment Moderation'); - $template->add('MSG', 'You\'ve successfully denied this comment.'); - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', "Um, what on earth are you doing?"); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); - } - } else if ($_GET['page'] == 'pollProcess') - { - if (!isset($_GET['step'])) - { - $template = new FITemplate('admin/pollrss'); - } else if ($_GET['step'] == 2) - { - $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . getSessionUsername() . "\",\"" . mysql_real_escape_string($_POST['text']) . "\")"; - $insrss2 = mysql_query($insrss); - - $template = new FITemplate('admin/newPoll'); - } else if ($_GET['step'] == 3) - { - $inspoll = "INSERT INTO polloftheweek (question,option1,option2,option3,option4) VALUES (\"" . mysql_real_escape_string($_POST['question']) . "\",\"" . $_POST['option1'] . "\",\"" . $_POST['option2'] . "\",\"" . $_POST['option3'] . "\",\"" . $_POST['option4'] . "\")"; - $inspoll2 = mysql_query($inspoll); - - $cleardid = "TRUNCATE TABLE didpollalready"; - $cleardid2 = mysql_query($cleardid); - - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the Admin Panel'); - $template->add('LINK', '/admin/'); - $template->add('MSG', "You've successfully created a poll!"); - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', "Um, what on earth are you doing?"); - } - } else if ($_GET['page'] == 'managePendingQuotes') - { - $template = new FITemplate('admin/managePendingQuotes'); - - $getpending = "SELECT * FROM rash_queue ORDER BY id ASC"; - $getpending2 = mysql_query($getpending); - $i=0; - while ($getpending3[$i] = mysql_fetch_array($getpending2)) - { - if ($i % 2 == 1) - { - $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'], - 'TEXT' => nl2br($getpending3[$i]['quote']), - 'EVEN' => 'even')); - } else { - $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'], - 'TEXT' => nl2br($getpending3[$i]['quote']))); - } - - $i++; - } - } else if ($_GET['page'] == 'actionPendingQuotes') - { - $getpending = "SELECT * FROM rash_queue WHERE id = " . $_GET['id']; - $getpending2 = mysql_query($getpending); - $getpending3 = mysql_fetch_array($getpending2); - - if ($getpending3['id'] == $_GET['id']) - { - if (isset($_GET['approve'])) - { - $insquote = "INSERT INTO rash_quotes (quote,date) VALUES (\"" . mysql_real_escape_string($getpending3['quote']) . "\",\"" . time() . "\")"; - $insquote2 = mysql_query($insquote); - - $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; - $delpending2 = mysql_query($delpending); - - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the Admin Panel'); - $template->add('LINK', '/admin/'); - $template->add('MSG', "You've successfully approved this quote."); - } else if (isset($_GET['deny'])) - { - $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; - $delpending2 = mysql_query($delpending); - - $template = new FITemplate('msg2'); - $template->add('BACK', 'Back to the Admin Panel'); - $template->add('LINK', '/admin/'); - $template->add('MSG', "You've successfully denied this quote."); - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', "Um, what on earth are you doing?"); - } - } else { - $template = new FITemplate('msg'); - $template->add('BACK', 'the previous page'); - $template->add('MSG', 'I\'m sorry, but this pending quote doesn\'t exist.'); - } - } else if ($_GET['page'] == 'hgUpdate') - { - $template = new FITemplate('msg'); - $template->add('BACK', 'the Admin Panel'); - - ob_start(); - system('hg update'); - $template->add('MSG', ob_get_contents()); - ob_end_clean(); - } else if ($_GET['page'] == 'maintenanceMode') - { - if (isset($_GET['submit'])) - { - if ($_POST['mode'] == 'on') - { - $set = 1; - } else if ($_POST['mode'] == 'off') - { - $set = 0; - } else { - $template = new FITemplate('msg'); - $template->add('MSG', 'You seem to have somehow messed up the form. That\'s weird.'); - $template->add('BACK', 'the Maintenance Mode form'); - } - - if (isset($set)) - { - $setconfig = "UPDATE config SET value = \"" . $set . "\" WHERE name = \"maintenanceMode\""; - $setconfig2 = mysql_query($setconfig); - - $template = new FITemplate('msg'); - $template->add('MSG', 'Maintenance Mode has successfully been set to "' . $_POST['mode'] . '"'); - $template->add('BACK', 'the Maintenance Mode form'); - } - } else { - $template = new FITemplate('admin/maintenanceMode'); - - $getconfig = "SELECT * FROM config WHERE name = \"maintenanceMode\""; - $getconfig2 = mysql_query($getconfig); - $getconfig3 = mysql_fetch_array($getconfig2); - if ($getconfig3['value'] == '1') - { - $template->add('ON', ' checked="checked"'); - } else { - $template->add('OFF', ' checked="checked"'); - } - } - } else { - generateError(404); - } - @$template->display(); - } else { - generateError(404); - } -} else { - generateError(404); -} - -?> diff --git a/pages/poll.php b/pages/poll.php index 6582d90..6a87207 100755 --- a/pages/poll.php +++ b/pages/poll.php @@ -88,36 +88,37 @@ if (!isset($_GET['id'])) $getpoll2 = mysql_query($getpoll); $getpoll3 = mysql_fetch_array($getpoll2); - $template->add('QUESTION', $getpoll3['question']); - - $getrss = "SELECT * FROM pollrss WHERE id = " . $_GET['id']; - $getrss2 = mysql_query($getrss); - $getrss3 = mysql_fetch_array($getrss2); - - if ($getrss3['id'] == $_GET['id']) + if ($getpoll3['id'] == $_GET['id']) { - $template->adds_block('COMPLETE', array( 'RSS' => parseText($getrss3['rss']), - 'AUTHOR' => $getrss3['author'], - 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getrss3['date'])), - 'OPTION1' => $getpoll3['option1'], - 'OPTION2' => $getpoll3['option2'], - 'OPTION3' => $getpoll3['option3'], - 'OPTION4' => $getpoll3['option4'], - 'CLICKS1' => $getpoll3['clicks1'], - 'CLICKS2' => $getpoll3['clicks2'], - 'CLICKS3' => $getpoll3['clicks3'], - 'CLICKS4' => $getpoll3['clicks4'])); - } else { - $template->adds_block('INCOMPLETE', array('exi'=>1)); - } + $template->add('QUESTION', $getpoll3['question']); - $template->add('POTW', getPollOfTheWeek($_GET['id'])); - $template->display(); + if ($getpoll3['text'] != '') + { + $template->adds_block('COMPLETE', array( 'RSS' => parseText($getpoll3['text']), + 'AUTHOR' => $getrss3['author'], + 'DATE' => date("F jS Y \a\\t g:i:s a",strtotime($getpoll3['week'])), + 'OPTION1' => $getpoll3['option1'], + 'OPTION2' => $getpoll3['option2'], + 'OPTION3' => $getpoll3['option3'], + 'OPTION4' => $getpoll3['option4'], + 'CLICKS1' => $getpoll3['clicks1'], + 'CLICKS2' => $getpoll3['clicks2'], + 'CLICKS3' => $getpoll3['clicks3'], + 'CLICKS4' => $getpoll3['clicks4'])); + } else { + $template->adds_block('INCOMPLETE', array('exi'=>1)); + } + + $template->add('POTW', getPollOfTheWeek($_GET['id'])); + $template->display(); - $page_id = 'polloftheweek-' . $getpoll3['id']; - include('includes/comments.php'); + $page_id = 'polloftheweek-' . $getpoll3['id']; + include('includes/comments.php'); - displayRelated($getpoll3['question']); + displayRelated($getpoll3['question']); + } else { + generateError('404'); + } } ?> diff --git a/pages/quotes.php b/pages/quotes.php index 4d0b46e..f1e0d65 100755 --- a/pages/quotes.php +++ b/pages/quotes.php @@ -168,11 +168,19 @@ if (isset($_GET['id']) && !(is_numeric($_GET['id']))) } } else if (is_numeric($_GET['act'])) { - $query = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; - quote_generation($query, "#" . $_GET['act'], -1); + $getquote = "SELECT * FROM rash_quotes WHERE id = " . $_GET['act']; + $getquote2 = mysql_query($getquote); + $getquote3 = mysql_fetch_array($getquote2); - $page_id = 'quote-' . $_GET['act']; - include('includes/comments.php'); + if ($getquote3['id'] == $_GET['act']) + { + quote_generation($getquote, "#" . $_GET['act'], -1); + + $page_id = 'quote-' . $_GET['act']; + include('includes/comments.php'); + } else { + generateError('404'); + } } else { generateError('404'); } diff --git a/pages/viewPost.php b/pages/viewPost.php new file mode 100644 index 0000000..1daca00 --- /dev/null +++ b/pages/viewPost.php @@ -0,0 +1,62 @@ +adds_block('INTERNAL',array('exi'=>1)); + + $getpost = "SELECT * FROM " . $_GET['type'] . " WHERE id = " . $_GET['id']; + $getpost2 = mysql_query($getpost); + $getpost3 = mysql_fetch_array($getpost2); + + if ($getpost3['id'] == $_GET['id']) + { + $template->add_ref(0, 'POST', array( 'ID' => $getpost3['id'], + 'YEARID' => ((date('Y')-2006) % 4), + 'DATE' => date('F jS Y \a\\t g:i:s a'), + 'MONTH' => date('M'), + 'DAY' => date('d'), + 'CODED' => $getpost3['slug'], + 'TITLE' => $getpost3['title'], + 'AUTHOR' => $getpost3['author'], + 'RATING' => $getpost3['rating'], + 'TEXT' => parseText($getpost3['text']))); + + $tags = getTags($getpost3['id']); + foreach ($tags as $tag) + { + $template->adds_ref_sub(0, 'TAGS', array('TAG' => $tag)); + } + + $template->adds_ref_sub(0, 'NOVOTE', array('exi'=>1)); + $template->display(); + } else { + generateError('404'); + } +} + +?> -- cgit 1.4.1