add('ID', $getdraft3['id']); } else if ($_POST['type'] == 'instant') { postBlogPost($_POST['title'], sess_get('uname'), $_POST['tag1'], $_POST['tag2'], $_POST['tag3'], $_POST['text']); $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,1"; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); $template = new FITemplate('admin/postSuccess'); $template->add('ID', $getpost3['id']); $template->add('CODED', $getpost3['slug']); } else { if ($_POST['type'] == 'normal') { $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if (isset($getpending3['id']) === FALSE) { $id = 50; } else { $id = $getpending3['id']+1; } } else if ($_POST['type'] == 'priority') { $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if (isset($getpending3['id']) === FALSE) { $id = 50; } else { $id = $getpending3['id']-1; } } else { generateError(404); } $inspending = "INSERT INTO pending (id,title,author,text,tag1,tag2,tag3,slug) VALUES (" . $id . ",\"" . addslashes($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\",\"" . $_POST['tag1'] . "\",\"" . $_POST['tag2'] . "\",\"" . $_POST['tag3'] . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; $inspending2 = mysql_query($inspending); $template = new FITemplate('admin/pendingSuccess'); $template->add('ID', $id); } } } else if ($_GET['page'] == 'manageDrafts') { $template = new FITemplate('admin/manageDrafts'); $getdrafts = "SELECT * FROM drafts ORDER BY id ASC"; $getdrafts2 = mysql_query($getdrafts); $i=0; while ($getdrafts3[$i] = mysql_fetch_array($getdrafts2)) { $template->adds_block('DRAFT', array( 'TITLE' => $getdrafts3[$i]['title'], 'AUTHOR' => $getdrafts3[$i]['author'], 'ID' => $getdrafts3[$i]['id'])); $i++; } } else if ($_GET['page'] == 'editDraft') { $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; $getdraft2 = mysql_query($getdraft); $getdraft3 = mysql_fetch_array($getdraft2); if ($getdraft3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/editDraft'); $template->add('ID', $_GET['id']); $template->add('TEXT', $getdraft3['text']); $template->add('TAG1', $getdraft3['tag1']); $template->add('TAG2', $getdraft3['tag2']); $template->add('TAG3', $getdraft3['tag3']); $template->add('TITLE', $getdraft3['title']); } else { if ($_POST['type'] == 'draft') { $setdraft = "UPDATE drafts SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id']; $setdraft2 = mysql_query($setdraft); $template = new FITemplate('admin/draftSuccess'); $template->add('ID', $_GET['id']); } else if ($_POST['type'] == 'instant') { postBlogPost($_POST['title'], sess_get('uname'), $_POST['tag1'], $_POST['tag2'], $_POST['tag3'], $_POST['text']); $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; $deldraft2 = mysql_query($deldraft); $getpost = "SELECT * FROM updates ORDER BY id DESC LIMIT 0,1"; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); $template = new FITemplate('admin/postSuccess'); $template->add('ID', $getpost3['id']); $template->add('CODED', $getpost3['slug']); } else { if ($_POST['type'] == 'normal') { $getpending = "SELECT * FROM pending ORDER BY id DESC LIMIT 0,1"; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if (isset($getpending3['id']) === FALSE) { $id = 50; } else { $id = $getpending3['id']+1; } } else if ($_POST['type'] == 'priority') { $getpending = "SELECT * FROM pending ORDER BY id ASC LIMIT 0,1"; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if (isset($getpending3['id']) === FALSE) { $id = 50; } else { $id = $getpending3['id']-1; } } else { generateError(404); } $inspending = "INSERT INTO pending (id,title,author,text,tag1,tag2,tag3,slug) VALUES (" . $id . ",\"" . addslashes($_POST['title']) . "\",\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\",\"" . $_POST['tag1'] . "\",\"" . $_POST['tag2'] . "\",\"" . $_POST['tag3'] . "\",\"" . generateSlug($_POST['title'],'updates') . "\")"; $inspending2 = mysql_query($inspending); $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; $deldraft2 = mysql_query($deldraft); $template = new FITemplate('admin/pendingSuccess'); $template->add('ID', $id); } } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); } } else if ($_GET['page'] == 'deleteDraft') { $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; $getdraft2 = mysql_query($getdraft); $getdraft3 = mysql_fetch_array($getdraft2); if ($getdraft3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/deleteDraft'); $template->add('ID', $_GET['id']); } else { $deldraft = "DELETE FROM drafts WHERE id = " . $_GET['id']; $deldraft2 = mysql_query($deldraft); $template = new FITemplate('admin/deletedDraft'); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); } } else if ($_GET['page'] == 'viewDraft') { $getdraft = "SELECT * FROM drafts WHERE id = " . $_GET['id']; $getdraft2 = mysql_query($getdraft); $getdraft3 = mysql_fetch_array($getdraft2); if ($getdraft3['id'] == $_GET['id']) { $template = new FITemplate('post'); $template->adds_block('INTERNAL',array('exi'=>1)); $template->adds_block('POST', array( 'ID' => $getdraft3['id'], 'YEARID' => ((date('Y')-2006) % 4), 'DATE' => date('F dS Y \a\\t g:i:s a'), 'MONTH' => date('M'), 'DAY' => date('d'), 'CODED' => $getdraft3['slug'], 'TITLE' => $getdraft3['title'], 'AUTHOR' => $getdraft3['author'], 'TAG1' => $getdraft3['tag1'], 'TAG2' => $getdraft3['tag2'], 'TAG3' => $getdraft3['tag3'], 'RATING' => 0, 'TEXT' => parseBBCode($getdraft3['text']))); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that draft doesn\'t exist.'); } } else if ($_GET['page'] == 'managePending') { $template = new FITemplate('admin/managePending'); $getpending = "SELECT * FROM pending ORDER BY id ASC"; $getpending2 = mysql_query($getpending); $i=0; while ($getpending3[$i] = mysql_fetch_array($getpending2)) { $template->adds_block('PENDING', array( 'TITLE' => $getpending3[$i]['title'], 'AUTHOR' => $getpending3[$i]['author'], 'ID' => $getpending3[$i]['id'])); $i++; } } else if ($_GET['page'] == 'editPending') { $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if ($getpending3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/editPending'); $template->add('ID', $_GET['id']); $template->add('TEXT', $getpending3['text']); $template->add('TAG1', $getpending3['tag1']); $template->add('TAG2', $getpending3['tag2']); $template->add('TAG3', $getpending3['tag3']); $template->add('TITLE', $getpending3['title']); } else { $setpending = "UPDATE pending SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id']; $setpending2 = mysql_query($setpending); $template = new FITemplate('admin/pendingSuccess'); $template->add('ID', $_GET['id']); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); } } else if ($_GET['page'] == 'deletePending') { $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if ($getpending3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/deletePending'); $template->add('ID', $_GET['id']); } else { $delpending = "DELETE FROM pending WHERE id = " . $_GET['id']; $delpending2 = mysql_query($delpending); $template = new FITemplate('admin/deletedPending'); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); } } else if ($_GET['page'] == 'viewPending') { $getpending = "SELECT * FROM pending WHERE id = " . $_GET['id']; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if ($getpending3['id'] == $_GET['id']) { $template = new FITemplate('post'); $template->adds_block('INTERNAL',array('exi'=>1)); $template->adds_block('POST', array( 'ID' => $getpending3['id'], 'YEARID' => ((date('Y')-2006) % 4), 'DATE' => date('F dS Y \a\\t g:i:s a'), 'MONTH' => date('M'), 'DAY' => date('d'), 'CODED' => $getpending3['slug'], 'TITLE' => $getpending3['title'], 'AUTHOR' => $getpending3['author'], 'TAG1' => $getpending3['tag1'], 'TAG2' => $getpending3['tag2'], 'TAG3' => $getpending3['tag3'], 'RATING' => 0, 'TEXT' => parseBBCode($getpending3['text']))); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that pending post doesn\'t exist.'); } } else if ($_GET['page'] == 'managePosts') { $template = new FITemplate('admin/managePosts'); $getposts = "SELECT * FROM updates ORDER BY id ASC"; $getposts2 = mysql_query($getposts); $i=0; while ($getposts3[$i] = mysql_fetch_array($getposts2)) { $template->adds_block('POST', array( 'TITLE' => $getposts3[$i]['title'], 'AUTHOR' => $getposts3[$i]['author'], 'ID' => $getposts3[$i]['id'], 'CODED' => $getposts3[$i]['slug'])); $i++; } } else if ($_GET['page'] == 'editPost') { $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); if ($getpost3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/editPost'); $template->add('ID', $_GET['id']); $template->add('TEXT', $getpost3['text']); $template->add('TAG1', $getpost3['tag1']); $template->add('TAG2', $getpost3['tag2']); $template->add('TAG3', $getpost3['tag3']); $template->add('TITLE', $getpost3['title']); } else { $setpost = "UPDATE updates SET title = \"" . addslashes($_POST['title']) . "\", text = \"" . addslashes($_POST['text']) . "\", tag1 = \"" . $_POST['tag1'] . "\", tag2 = \"" . $_POST['tag2'] . "\", tag3 = \"" . $_POST['tag3'] . "\" WHERE id = " . $_GET['id']; $setpost2 = mysql_query($setpost); $template = new FITemplate('admin/postSuccess'); $template->add('ID', $_GET['id']); $template->add('CODED', $getpost3['slug']); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); } } else if ($_GET['page'] == 'deletePost') { $getpost = "SELECT * FROM updates WHERE id = " . $_GET['id']; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); if ($getpost3['id'] == $_GET['id']) { if (!isset($_GET['submit'])) { $template = new FITemplate('admin/deletePost'); $template->add('ID', $_GET['id']); } else { $delpost = "DELETE FROM updates WHERE id = " . $_GET['id']; $delpost2 = mysql_query($delpost); $template = new FITemplate('admin/deletedPost'); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that post doesn\'t exist.'); } } else if ($_GET['page'] == 'moderateComments') { $template = new FITemplate('admin/moderateComments'); $getcomments = "SELECT * FROM moderation ORDER BY id ASC"; $getcomments2 = mysql_query($getcomments); $i=0; while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) { $comType = substr($getcomments3[$i]['page_id'],0,strpos($getcomments3[$i]['page_id'],'-')); $comID = substr($getcomments3[$i]['page_id'],strpos($getcomments3[$i]['page_id'],'-')+1); if ($comType == 'updates') { $getpost = "SELECT * FROM updates WHERE id = " . $comID; $getpost2 = mysql_query($getpost); $getpost3 = mysql_fetch_array($getpost2); $title = $getpost3['title']; } else if ($comType = 'polloftheweek') { $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $comID; $getpoll2 = mysql_query($getpoll); $getpoll3 = mysql_fetch_array($getpoll2); $title = $getpoll3['question']; } else if ($comType = 'quotes') { $getquote = "SELECT * FROM rash_quotes WHERE id = " . $comID; $getquote2 = mysql_query($getquote); $getquote3 = mysql_fetch_array($getquote2); $title = '#' . $getquote3['id']; } $template->adds_block('COMMENT', array( 'TITLE' => $title, 'AUTHOR' => $getcomments3[$i]['author'], 'ID' => $getcomments3[$i]['id'])); $i++; } } else if ($_GET['page'] == 'viewComment') { $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; $getcomment2 = mysql_query($getcomment); $getcomment3 = mysql_fetch_array($getcomment2); if ($getcomment3['id'] == $_GET['id']) { $getuser = "SELECT * FROM users WHERE username = \"" . $getcomment3['author'] . "\""; $getuser2 = mysql_query($getuser); $getuser3 = mysql_fetch_array($getuser2); $template = new FITemplate('admin/viewComment'); $template->add('ID', $_GET['id']); $template->add('USERNAME', $getcomment3['author']); $template->add('CODEDEMAIL', md5(strtolower($getuser3['email']))); $template->add('TEXT', parseBBCode($getcomment3['comment'])); $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); $template->add('CODEDDEF',urlencode('http://www.fourisland.com/images/error404.png')); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); } } else if ($_GET['page'] == 'actionComment') { $getcomment = "SELECT * FROM moderation WHERE id = " . $_GET['id']; $getcomment2 = mysql_query($getcomment); $getcomment3 = mysql_fetch_array($getcomment2); if ($getcomment3['id'] == $_GET['id']) { if (isset($_GET['approve'])) { $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; $insanon2 = mysql_query($insanon); $inscomment = "INSERT INTO comments (page_id,username,comment) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\")"; $inscomment2 = mysql_query($inscomment); $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; $delcomment2 = mysql_query($delcomment); $template = new FITemplate('msg'); $template->add('BACK', 'Comment Moderation'); $template->add('MSG', 'You\'ve successfully approved this comment.'); } else if (isset($_GET['deny'])) { $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; $delcomment2 = mysql_query($delcomment); $template = new FITemplate('msg'); $template->add('BACK', 'Comment Moderation'); $template->add('MSG', 'You\'ve successfully denied this comment.'); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', "Um, what on earth are you doing?"); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, that comment doesn\'t exist.'); } } else if ($_GET['page'] == 'managePages') { $template = new FITemplate('admin/managePages'); $getpages = "SELECT wiki_pages.*, wiki_revisions.author FROM wiki_pages, wiki_revisions WHERE wiki_revisions.id = wiki_pages.revision ORDER BY id ASC"; $getpages2 = mysql_query($getpages); $i=0; $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, but this page doesn\'t exist.'); while ($getpages3[$i] = mysql_fetch_array($getpages2)) { $template->adds_block('PAGE', array( 'TITLE' => $getpages3[$i]['title'], 'AUTHOR' => $getpages3[$i]['author'], 'ID' => $getpages3[$i]['id'], 'CODED' => $getpages3[$i]['slug'])); $i++; } } else if ($_GET['page'] == 'pageHistory') { $getpage = "SELECT * FROM wiki_pages WHERE id = " . $_GET['id'] . " ORDER BY id ASC"; $getpage2 = mysql_query($getpage); $getpage3 = mysql_fetch_array($getpage2); if ($getpage3['id'] == $_GET['id']) { $template = new FITemplate('admin/pageHistory'); $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $getpage3['revision']; $getrev2 = mysql_query($getrev); $getrev3 = mysql_fetch_array($getrev2); $template->adds_block('REV', array( 'AUTHOR' => $getrev3['author'], 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrev3['pubDate'])), 'ID' => $getrev3['id'])); while ($getrev3['previous'] != 0) { $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $getrev3['previous']; $getrev2 = mysql_query($getrev); $getrev3 = mysql_fetch_array($getrev2); $template->adds_block('REV', array( 'AUTHOR' => $getrev3['author'], 'DATE' => date("F dS Y \a\\t g:i:s a",strtotime($getrev3['pubDate'])), 'ID' => $getrev3['id'])); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, but this page doesn\'t exist.'); } } else if ($_GET['page'] == 'viewRevision') { $getrev = "SELECT * FROM wiki_revisions WHERE id = " . $_GET['id']; $getrev2 = mysql_query($getrev); $getrev3 = mysql_fetch_array($getrev2); if ($getrev3['id'] == $_GET['id']) { $template = new FITemplate('admin/viewRevision'); $template->add('TEXT', $getrev3['text']); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, but this revision doesn\'t exist.'); } } else if ($_GET['page'] == 'pollProcess') { if (!isset($_GET['step'])) { $template = new FITemplate('admin/pollrss'); } else if ($_GET['step'] == 2) { $insrss = "INSERT INTO pollrss (author,rss) VALUES (\"" . sess_get('uname') . "\",\"" . addslashes($_POST['text']) . "\")"; $insrss2 = mysql_query($insrss); $template = new FITemplate('admin/newPoll'); } else if ($_GET['step'] == 3) { $inspoll = "INSERT INTO polloftheweek (question,option1,option2,option3,option4) VALUES (\"" . addslashes($_POST['question']) . "\",\"" . $_POST['option1'] . "\",\"" . $_POST['option2'] . "\",\"" . $_POST['option3'] . "\",\"" . $_POST['option4'] . "\")"; $inspoll2 = mysql_query($inspoll); $cleardid = "TRUNCATE TABLE didpollalready"; $cleardid2 = mysql_query($cleardid); $template = new FITemplate('msg2'); $template->add('BACK', 'Back to the Admin Panel'); $template->add('LINK', '/admin/'); $template->add('MSG', "You've successfully created a poll!"); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', "Um, what on earth are you doing?"); } } else if ($_GET['page'] == 'managePendingQuotes') { $template = new FITemplate('admin/managePendingQuotes'); $getpending = "SELECT * FROM rash_queue ORDER BY id ASC"; $getpending2 = mysql_query($getpending); $i=0; while ($getpending3[$i] = mysql_fetch_array($getpending2)) { $template->adds_block('QUOTE', array( 'ID' => $getpending3[$i]['id'], 'TEXT' => $getpending3[$i]['quote'])); $i++; } } else if ($_GET['page'] == 'actionPendingQuotes') { $getpending = "SELECT * FROM rash_queue WHERE id = " . $_GET['id']; $getpending2 = mysql_query($getpending); $getpending3 = mysql_fetch_array($getpending2); if ($getpending3['id'] == $_GET['id']) { if (isset($_GET['approve'])) { $insquote = "INSERT INTO rash_quotes (quote) VALUES (\"" . addslashes($getpending3['quote']) . "\")"; $insquote2 = mysql_query($insquote); $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; $delpending2 = mysql_query($delpending); $template = new FITemplate('msg2'); $template->add('BACK', 'Back to the Admin Panel'); $template->add('LINK', '/admin/'); $template->add('MSG', "You've successfully approved this quote."); } else if (isset($_GET['deny'])) { $delpending = "DELETE FROM rash_queue WHERE id = " . $_GET['id']; $delpending2 = mysql_query($delpending); $template = new FITemplate('msg2'); $template->add('BACK', 'Back to the Admin Panel'); $template->add('LINK', '/admin/'); $template->add('MSG', "You've successfully denied this quote."); } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', "Um, what on earth are you doing?"); } } else { $template = new FITemplate('msg'); $template->add('BACK', 'the previous page'); $template->add('MSG', 'I\'m sorry, but this pending quote doesn\'t exist.'); } } else { generateError(404); } @$template->display(); } else { generateError(404); } } else { generateError(404); } ?>