* @link http://pioder.gim2przemysl.int.pl/ * @license GNU GPL v3 **/ define('IN_uF', true); //include files include('./../config.php'); include('./../includes/constants.php'); include('./../includes/db.php'); include('./../includes/errors.php'); //connect to database DataBase::db_connect(); include('./../includes/sessions.php'); include('./../includes/classes/class_user.php'); include('./../common.php'); include('./../includes/admin/class_main.php'); include('./../includes/classes/class_forum.php'); include('./../includes/admin/class_forum.php'); include('./../lngs/'.Admin_Over::DefaultLang().'/admin.php'); SessDelInvalid(); SessRegister(); SessDeleteOld(); if (User::UserInformation($_SESSION['uid'],'rank')!=2) { admin_message_forum($lng['yournotadmin'],'../index.php'); } function GenerateDefaultDisplay() { //cache forums --don't modify!!! $cache_id=1; $sql = "SELECT * FROM ".FORUMS_TABLE." ORDER BY `c_id`, `sort`"; $query = DataBase::sql_query($sql,CRITICAL,'Could not obtain forum information.'); while($result = DataBase::fetch($query)) { $forum[$cache_id]['f_id'] = $result['f_id']; $forum[$cache_id]['name'] = $result['name']; $forum[$cache_id]['desc'] = $result['desc']; $forum[$cache_id]['c_id'] = $result['c_id']; $forum[$cache_id]['sort'] = $result['sort']; $cache_id+=1; } global $lng; global $default_skin; global $forum_config; //add skin variables $skin = array( 'forums&cats'=>$lng['forums_and_cats'], 'here_write_name_forum'=>$lng['here_write_name_forum'], 'new_forum_submit'=>$lng['new_forum_submit'], ); Admin_Over::GenerateHeader(); include('./template/forums_beam_body.tpl'); //add forums and categories $sql = "SELECT * FROM `".CATS_TABLE."` ORDER BY `sort`"; $query = DataBase::sql_query($sql,CRITICAL,'Could not obtain categories information.'); while($result = DataBase::fetch($query)) { $skin = array( 'category' => $result['name'], 'c_id'=>$result['c_id'], 'edit_cat'=>$lng['edit_cat'], 'move_up'=>$lng['moveup'], 'move_down'=>$lng['movedown'], 'delete'=>$lng['delete'], 'del_cat'=>$lng['c_del_cat'] ); include('./template/forum_category_add.tpl'); for ($i=1; $i<=count($forum); $i++) { if ($forum[$i]['c_id']==$result['c_id']) { $skin = array( 'forum_name' => $forum[$i]['name'], 'forum_id' => $forum[$i]['f_id'], 'description' => $forum[$i]['desc'], 'move_up'=>$lng['moveup'], 'edit_forum'=>$lng['edit_forum'], 'del_forum'=>$lng['c_del_forum'], 'move_down'=>$lng['movedown'], 'delete'=>$lng['delete'] ); include('./template/forum_forum_add.tpl'); } } echo ' 
'; } $skin = array( 'here_write_name_cat'=>$lng['here_write_name_cat'], 'new_cat_submit'=>$lng['new_cat_submit'] ); include('./template/forums_view_end_body.tpl'); include('./template/overall_footer.tpl'); } if (!isset($_GET['mode'])) { header('Location: admin_forums.php?mode=view'); } switch($_GET['mode']) { case 'new': { switch($_GET['submode']) { case 'cat': { if (isset($_POST['cat_name'])) { if (strlen($_POST['cat_name'])>=5) { $cat_name = strip_tags($_POST['cat_name']); $sql = "SELECT `sort` FROM `".CATS_TABLE."` ORDER BY `sort` DESC LIMIT 1"; $last = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain last category sort id')); $sort = $last ['sort']; $sort = $sort+1; $sql = "SELECT `c_id` FROM `".CATS_TABLE."` ORDER BY `c_id` DESC LIMIT 1"; $last = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain last category id')); $last = $last['c_id']; $last = $last +1; $sql = "INSERT INTO `".CATS_TABLE."` VALUES ('$last','$cat_name','$sort')"; DataBase::sql_query($sql,GENERAL,'Could not add category'); $msg='./template/blank.tpl'; admin_message_forum($lng['cat_saved'],'admin_forums.php'); } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_cat_name']; } } else { $_POST['cat_name'] = ''; $msg='./../skins/'.$default_skin.'/blank.tpl'; } $skin = array( 'here_write_name_forum'=>$lng['here_write_name_forum'], 'here_write_name_cat'=>$lng['here_write_name_cat'], 'new_forum_submit'=>$lng['new_forum_submit'], 'new_cat_submit'=>$lng['new_cat_submit'], 'L.save'=>$lng['submit'], 'L.reset'=>$lng['reset'], 'L.cat_name'=>$lng['cat_name'], 'forums&cats'=>$lng['forums_and_cats'], 'L.main_beam'=>$lng['new_cat'], 'action'=>'admin_forums.php?mode=new&submode=cat' ); Admin_Over::GenerateHeader(); include('./template/cat_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } case 'forum': { if (isset($_POST['forum_name'], $_POST['forum_desc'])) { if (strlen($_POST['forum_name'])>=5) { if (strlen($_POST['forum_desc'])>=5) { $forum_name = strip_tags($_POST['forum_name']); $forum_desc = strip_tags($_POST['forum_desc']); $forum_cat = $_POST['forum_cat']; $forum_lock = (isset($_POST['forum_locked'])) ? 1 : 0; $allow_moderate = (isset($_POST['allow_moderate'])) ? 1 : 0; $sql = "SELECT `sort`, `c_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$forum_cat' ORDER BY `sort` DESC LIMIT 1"; $last = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain last forum sort id')); $sort = $last ['sort']; $sort = $sort+1; $sql = "SELECT `f_id` FROM `".FORUMS_TABLE."` ORDER BY `f_id` DESC LIMIT 1"; $last = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain last forum id')); $last = $last['f_id']; $last = $last +1; $sql = "INSERT INTO `".FORUMS_TABLE."` VALUES ('$last','$forum_lock','$allow_moderate', '$forum_name', '$forum_desc', '0', '','$forum_cat','$sort')"; DataBase::sql_query($sql,GENERAL,'Could not add forum'); $msg='./../skins/'.$default_skin.'/blank.tpl'; admin_message_forum($lng['forum_saved'],'admin_forums.php'); } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_forum_desc']; } } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_forum_name']; } } else { if (!isset($_POST['forum_name'])) { $_POST['forum_name'] = ''; } if (!isset($_POST['forum_desc'])) { $_POST['forum_desc'] = ''; } $msg='./../skins/'.$default_skin.'/blank.tpl'; } $skin = array( 'here_write_name_forum'=>$lng['here_write_name_forum'], 'here_write_name_cat'=>$lng['here_write_name_cat'], 'new_forum_submit'=>$lng['new_forum_submit'], 'new_cat_submit'=>$lng['new_cat_submit'], 'L.save'=>$lng['submit'], 'L.reset'=>$lng['reset'], 'L.forum_name'=>$lng['forum_name'], 'L.change_cat'=>$lng['change_cat'], 'L.forum_locked'=>$lng['forum_locked'], 'on'=>$lng['allow'], 'OPTION.forum_locked'=> '', 'L.allow_moderate'=>$lng['moderate_posts'], 'forums&cats'=>$lng['forums_and_cats'], 'OPTION.allow_moderate'=>'', 'OPTIONS.forum_cat'=>Admin_Forum::AddCats(0), 'L.forum_desc'=>$lng['forum_desc'], 'L.main_beam'=>$lng['new_forum'], 'action'=>'admin_forums.php?mode=new&submode=forum' ); Admin_Over::GenerateHeader(); include('./template/forum_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } } break; } case 'moveup': { //temp variables $i1 = 0; $i2 = 0; $r1 = 0; $r2 = 0; //BEGIN switch - submode switch($_GET['submode']) { case 'cat': { if (isset($_GET['c'])) { $i1 = $_GET['c']; $sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `c_id`='$i1'"; $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain category information.')); $s1 = $s1['sort']; $s2 = $s1 -1; if ($s1>1) { $sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `sort`='$s2'"; $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain category information.')); $i2 = $s2['c_id']; $s2 = $s2['sort']; $sql = "UPDATE ".CATS_TABLE." SET `sort`='$s2' WHERE `c_id`='$i1'"; DataBase::sql_query($sql,GENERAL,'Could not update category position'); $sql = "UPDATE ".CATS_TABLE." SET `sort`='$s1' WHERE `c_id`='$i2'"; DataBase::sql_query($sql,GENERAL,'Could not update category position'); } } break; } case 'forum': { if (isset($_GET['f'])) { $i1 = $_GET['f']; $sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `f_id`='$i1'"; $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain forum information.')); $cid = $s1['c_id']; $s1 = $s1['sort']; $s2 = $s1 -1; if ($s1>1) { $sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `sort`='$s2' AND `c_id`='$cid'"; $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not forum forum information.')); $i2 = $s2['f_id']; $s2 = $s2['sort']; $sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s2' WHERE `f_id`='$i1'"; DataBase::sql_query($sql,GENERAL,'Could not update forum position'); $sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s1' WHERE `f_id`='$i2'"; DataBase::sql_query($sql,GENERAL,'Could not update forum position'); } } break; } } //END switch - submode GenerateDefaultDisplay(); break; } case 'movedown': { //temp variables $i1 = 0; $i2 = 0; $r1 = 0; $r2 = 0; //BEGIN switch - submode switch($_GET['submode']) { case 'cat': { if (isset($_GET['c'])) { $i1 = $_GET['c']; $i2 = $i1 +1; $sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `c_id`='$i1'"; $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain category information.')); $s1 = $s1['sort']; $s2 = $s1 +1; $sql = "SELECT `c_id` FROM ".CATS_TABLE; $count = DataBase::num_rows(DataBase::sql_query($sql,CRITICAL,'Could not obtain category information.')); if ($s1<$count) { $sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `sort`='$s2'"; $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain category information.')); $i2 = $s2['c_id']; $s2 = $s2['sort']; $sql = "UPDATE ".CATS_TABLE." SET `sort`='$s2' WHERE `c_id`='$i1'"; DataBase::sql_query($sql,GENERAL,'Could not update category position'); $sql = "UPDATE ".CATS_TABLE." SET `sort`='$s1' WHERE `c_id`='$i2'"; DataBase::sql_query($sql,GENERAL,'Could not update category position'); } } break; } case 'forum': { if (isset($_GET['f'])) { $i1 = $_GET['f']; $i2 = $i1 +1; $sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `f_id`='$i1'"; $s1 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain forum information.')); $cid = $s1['c_id']; $s1 = $s1['sort']; $s2 = $s1 +1; $sql = "SELECT `f_id` FROM ".FORUMS_TABLE." WHERE `c_id`='$cid'"; $count = DataBase::num_rows(DataBase::sql_query($sql,CRITICAL,'Could not obtain forum information.')); if ($s1<$count) { $sql = "SELECT `sort`, `f_id` FROM ".FORUMS_TABLE." WHERE `sort`='$s2'"; $s2 = DataBase::fetch(DataBase::sql_query($sql,CRITICAL,'Could not obtain forum information.')); $i2 = $s2['f_id']; $s2 = $s2['sort']; $sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s2' WHERE `f_id`='$i1'"; DataBase::sql_query($sql,GENERAL,'Could not update forum position'); $sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s1' WHERE `f_id`='$i2'"; DataBase::sql_query($sql,GENERAL,'Could not update forum position'); } } break; } } //END switch - submode GenerateDefaultDisplay(); break; } case 'delete': { //BEGIN switch - submode switch($_GET['submode']) { case 'cat': { if (isset($_GET['c'])) { $cid = intval($_GET['c']); $sql = "SELECT * FROM `".CATS_TABLE."` WHERE `c_id`='$cid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain category information'); $result = DataBase::fetch($query); $sort = $result['sort']; $sql = "SELECT * FROM `".CATS_TABLE."` WHERE `sort`>'$sort'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain categories information'); while($item = DataBase::fetch($query)) { $new_sort = $item['sort']-1; $cid2 = $item['c_id']; $sql2 = "UPDATE `".CATS_TABLE."` SET `sort`='$new_sort' WHERE `c_id`='$cid2'"; DataBase::sql_query($sql,GENERAL,'Could not update category'); } $sql = "SELECT `f_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$cid'"; $query = DataBase::sql_query($sql, GENERAL,'Could not obtain forum information.'); while($item = DataBase::fetch($query)) { $fid = $item['f_id']; $sql="DELETE FROM `".POSTS_TABLE."` WHERE `f_id`='$fid'"; DataBase::sql_query($sql, GENERAL,'Could not delete post.'); $sql = "DELETE FROM `".TOPICS_TABLE."` WHERE `f_id`='$fid'"; DataBase::sql_query($sql, GENERAL,'Could not delete topic'); } $sql = "DELETE FROM `".FORUMS_TABLE."` WHERE `c_id`='$cid'"; DataBase::sql_query($sql, GENERAL,'Could not delete topic'); $sql = "DELETE FROM `".CATS_TABLE."` WHERE `c_id`='$cid'"; DataBase::sql_query($sql,GENERAL,'Could not delete category.'); } } case 'forum': { if (isset($_GET['f'])) { $fid = intval($_GET['f']); $sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forum information'); $result = DataBase::fetch($query); $sort = $result['sort']; $sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `sort`>'$sort'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forums information'); while($item = DataBase::fetch($query)) { $new_sort = $item['sort']-1; $fid1 = $item['f_id']; $sql2 = "UPDATE `".FORUMS_TABLE."` SET `sort`='$new_sort' WHERE `f_id`='$fid1'"; DataBase::sql_query($sql,GENERAL,'Could not update forum'); } $sql="DELETE FROM `".POSTS_TABLE."` WHERE `f_id`='$fid'"; DataBase::sql_query($sql, GENERAL,'Could not delete post.'); $sql = "DELETE FROM `".TOPICS_TABLE."` WHERE `f_id`='$fid'"; DataBase::sql_query($sql, GENERAL,'Could not delete topic'); $sql = "DELETE FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'"; DataBase::sql_query($sql, GENERAL,'Could not delete forum'); } } } GenerateDefaultDisplay(); break; } case 'edit': { switch($_GET['submode']) { case 'cat': { $cid = intval($_GET['c']); if (isset($_POST['cat_name'])) { if (strlen($_POST['cat_name'])>=5) { $cat_name = strip_tags($_POST['cat_name']); $sql = "SELECT `sort`, `c_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$cat_name' ORDER BY `sort` DESC LIMIT 1"; $last = DataBase::fetch(DataBase::sql_query($sql,GENERAL,'Could not obtain last forum sort id')); $sort = $last ['sort']; $sort = $sort+1; $sql = "UPDATE `".CATS_TABLE."` SET `name`='$cat_name', `sort`='$sort' WHERE `c_id`='$cid'"; DataBase::sql_query($sql,GENERAL,'Could not update category'); $msg='./../skins/'.$default_skin.'/blank.tpl'; admin_message_forum($lng['cat_saved'],'admin_forums.php'); } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_cat_name']; } } else { $tmp = DataBase::fetch(DataBase::sql_query("SELECT `name` FROM `".CATS_TABLE."` WHERE `c_id`='$cid'",GENERAL,'Could not obtain category information')); $tmp = $tmp['name']; $_POST['cat_name'] = $tmp; if($tmp['name']=='') { admin_message_forum($lng['no_category'],'admin_forums.php?mode=view'); } unset($tmp); $msg='./../skins/'.$default_skin.'/blank.tpl'; } $skin = array( 'here_write_name_forum'=>$lng['here_write_name_forum'], 'here_write_name_cat'=>$lng['here_write_name_cat'], 'new_forum_submit'=>$lng['new_forum_submit'], 'new_cat_submit'=>$lng['new_cat_submit'], 'L.save'=>$lng['submit'], 'forums&cats'=>$lng['forums_and_cats'], 'L.reset'=>$lng['reset'], 'L.cat_name'=>$lng['cat_name'], 'L.main_beam'=>$lng['edit_cat'], 'action'=>'admin_forums.php?mode=edit&submode=cat&c='.$cid ); Admin_Over::GenerateHeader(); include('./template/cat_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } case 'forum': { $fid = intval($_GET['f']); if (isset($_POST['forum_name'],$_POST['forum_desc'])) { if (strlen($_POST['forum_name'])>=5) { if (strlen($_POST['forum_desc'])>=5) { $forum_name = strip_tags($_POST['forum_name']); $forum_desc = strip_tags($_POST['forum_desc']); $forum_cat = $_POST['forum_cat']; $sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forum information'); $result = DataBase::fetch($query); $actual_cid = $result['c_id']; $sort = $result['sort']; if ($actual_cid != $forum_cat) { $sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `c_id`='$forum_cat' ORDER BY `sort` DESC LIMIT 1"; $query = DataBase::sql_query($sql,GENERAL,'Could not obtain forums information'); $result = DataBase::fetch($query); $sort = $result['sort']+1; } $forum_lock = (isset($_POST['forum_locked'])) ? 1 : 0; $forum_moderate = (isset($_POST['allow_moderate'])) ? 1 : 0; $sql = "UPDATE `".FORUMS_TABLE."` SET `name`='$forum_name', `desc`='$forum_desc', `lock`='$forum_lock', `moderate`='$forum_moderate', `c_id`='$forum_cat', `sort`='$sort' WHERE `f_id`='$fid'"; DataBase::sql_query($sql,GENERAL,'Could not update forum'); $msg='./../skins/'.$default_skin.'/blank.tpl'; admin_message_forum($lng['forum_saved'],'admin_forums.php'); } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_forum_desc']; } } else { $msg = './../skins/'.$default_skin.'/post_error_body.tpl'; $message = $lng['to_short_forum_name']; } } else { $tmp = DataBase::fetch(DataBase::sql_query("SELECT `name`, `desc` FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'",GENERAL,'Could not obtain forum information')); $_POST['forum_name'] = $tmp['name']; $msg='./../skins/'.$default_skin.'/blank.tpl'; $_POST['forum_desc'] = $tmp['desc']; if($tmp['name']=='') { admin_message_forum($lng['no_forum'],'admin_forums.php?mode=view'); } unset($tmp); } $skin = array( 'here_write_name_forum'=>$lng['here_write_name_forum'], 'here_write_name_cat'=>$lng['here_write_name_cat'], 'new_forum_submit'=>$lng['new_forum_submit'], 'new_cat_submit'=>$lng['new_cat_submit'], 'L.save'=>$lng['submit'], 'forums&cats'=>$lng['forums_and_cats'], 'L.reset'=>$lng['reset'], 'L.forum_name'=>$lng['forum_name'], 'L.change_cat'=>$lng['change_cat'], 'L.forum_locked'=>$lng['forum_locked'], 'on'=>$lng['allow'], 'OPTION.forum_locked'=>(Forum::ForumInformation($fid,'lock')==1) ? 'checked="checked"' : '', 'OPTIONS.forum_cat'=>Admin_Forum::AddCats($fid), 'L.allow_moderate'=>$lng['moderate_posts'], 'OPTION.allow_moderate'=>(Forum::ForumInformation($fid,'moderate')==1) ? 'checked="checked"' : '', 'L.forum_desc'=>$lng['forum_desc'], 'L.main_beam'=>$lng['edit_forum'], 'action'=>'admin_forums.php?mode=edit&submode=forum&f='.$fid ); Admin_Over::GenerateHeader(); include('./template/forum_new_edit_body.tpl'); include('./template/overall_footer.tpl'); break; } } break; } case 'view': { GenerateDefaultDisplay(); break; } default: { header('Location: admin_forums.php?mode=view'); break; } } ?>