A lightweight forum engine written in PHP. Repository is now obsolete and read-only. http://www.pioder.pl/uforum.html
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

587 lines
21 KiB

<?php
/**
* @package uForum
* @file admin/admin_forums.php
* @version $Id$
* @copyright 2009(c) PioDer <[email protected]>
* @link http://pioder.gim2przemysl.int.pl/
* @license GNU GPL v3
**/
define('IN_uF', true);
//include files
include('./../config.php');
include('./../includes/constants.php');
include('./../includes/db.php');
include('./../includes/errors.php');
//connect to database
DataBase::db_connect();
include('./../includes/sessions.php');
include('./../includes/classes/class_user.php');
include('./../common.php');
include('./../includes/admin/class_main.php');
include('./../includes/classes/class_forum.php');
include('./../includes/admin/class_forum.php');
include('./../lngs/'.Admin_Over::DefaultLang().'/admin.php');
SessDelInvalid();
SessRegister();
SessDeleteOld();
//$default_skin = Admin_Over::ViewSkinName();
if (User::UserInformation($_SESSION['uid'],'rank')!=2)
{
admin_message_forum($lng['yournotadmin'],'../index.php');
}
function GenerateDefaultDisplay()
{
//cache forums --don't modify!!!
$cache_id=1;
$sql = "SELECT * FROM ".FORUMS_TABLE." ORDER BY `c_id`, `sort`";
$query = DataBase::sql_query($sql,'CRITICAL','Could not obtain forum information.');
while($result = @mysql_fetch_array($query))
{
$forum[$cache_id]['f_id'] = $result['f_id'];
$forum[$cache_id]['name'] = $result['name'];
$forum[$cache_id]['desc'] = $result['desc'];
$forum[$cache_id]['c_id'] = $result['c_id'];
$forum[$cache_id]['sort'] = $result['sort'];
$cache_id+=1;
}
global $lng;
global $default_skin;
global $forum_config;
//add skin variables
$skin = array(
'forums&cats'=>$lng['forums_and_cats'],
'here_write_name_forum'=>$lng['here_write_name_forum'],
'new_forum_submit'=>$lng['new_forum_submit'],
);
Admin_Over::GenerateHeader();
include('./template/forums_beam_body.tpl');
//add forums and categories
$sql = "SELECT * FROM `".CATS_TABLE."` ORDER BY `sort`";
$query = DataBase::sql_query($sql,'CRITICAL','Could not obtain categories information.');
while($result = mysql_fetch_array($query))
{
$skin = array(
'category' => $result['name'],
'c_id'=>$result['c_id'],
'edit_cat'=>$lng['edit_cat'],
'move_up'=>$lng['moveup'],
'move_down'=>$lng['movedown'],
'delete'=>$lng['delete'],
'del_cat'=>$lng['c_del_cat']
);
include('./template/forum_category_add.tpl');
for ($i=1; $i<=count($forum); $i++)
{
if ($forum[$i]['c_id']==$result['c_id'])
{
$skin = array(
'forum_name' => $forum[$i]['name'],
'forum_id' => $forum[$i]['f_id'],
'description' => $forum[$i]['desc'],
'move_up'=>$lng['moveup'],
'edit_forum'=>$lng['edit_forum'],
'del_forum'=>$lng['c_del_forum'],
'move_down'=>$lng['movedown'],
'delete'=>$lng['delete']
);
include('./template/forum_forum_add.tpl');
}
}
echo '<span class="fsmall">&nbsp;<br></span>';
}
$skin = array(
'here_write_name_cat'=>$lng['here_write_name_cat'],
'new_cat_submit'=>$lng['new_cat_submit']
);
include('./template/forums_view_end_body.tpl');
include('./template/overall_footer.tpl');
}
if (!isset($_GET['mode']))
{
header('Location: admin_forums.php?mode=view');
}
switch($_GET['mode'])
{
case 'new':
{
switch($_GET['submode'])
{
case 'cat':
{
if (isset($_POST['cat_name']))
{
if (strlen($_POST['cat_name'])>=5)
{
$cat_name = strip_tags($_POST['cat_name']);
$sql = "SELECT `sort` FROM `".CATS_TABLE."` ORDER BY `sort` DESC LIMIT 1";
$last = @mysql_fetch_array(DataBase::sql_query($sql,'GENERAL','Could not obtain last category sort id'));
$sort = $last ['sort'];
$sort = $sort+1;
$sql = "SELECT `c_id` FROM `".CATS_TABLE."` ORDER BY `c_id` DESC LIMIT 1";
$last = @mysql_fetch_array(DataBase::sql_query($sql,'GENERAL','Could not obtain last category id'));
$last = $last['c_id'];
$last = $last +1;
$sql = "INSERT INTO `".CATS_TABLE."` VALUES ('$last','$cat_name','$sort')";
DataBase::sql_query($sql,'GENERAL','Could not add category');
$msg='./template/blank.tpl';
admin_message_forum($lng['cat_saved'],'admin_forums.php');
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_cat_name'];
}
}
else
{
$_POST['cat_name'] = '';
$msg='./../skins/'.$default_skin.'/blank.tpl';
}
$skin = array(
'here_write_name_forum'=>$lng['here_write_name_forum'],
'here_write_name_cat'=>$lng['here_write_name_cat'],
'new_forum_submit'=>$lng['new_forum_submit'],
'new_cat_submit'=>$lng['new_cat_submit'],
'L.save'=>$lng['submit'],
'L.reset'=>$lng['reset'],
'L.cat_name'=>$lng['cat_name'],
'forums&cats'=>$lng['forums_and_cats'],
'L.main_beam'=>$lng['new_cat'],
'action'=>'admin_forums.php?mode=new&submode=cat'
);
Admin_Over::GenerateHeader();
include('./template/cat_new_edit_body.tpl');
include('./template/overall_footer.tpl');
break;
}
case 'forum':
{
if (isset($_POST['forum_name'], $_POST['forum_desc']))
{
if (strlen($_POST['forum_name'])>=5)
{
if (strlen($_POST['forum_desc'])>=5)
{
$forum_name = strip_tags($_POST['forum_name']);
$forum_desc = strip_tags($_POST['forum_desc']);
$forum_cat = $_POST['forum_cat'];
$forum_lock = (isset($_POST['forum_locked'])) ? 1 : 0;
$allow_moderate = (isset($_POST['allow_moderate'])) ? 1 : 0;
$sql = "SELECT `sort`, `c_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$forum_cat' ORDER BY `sort` DESC LIMIT 1";
$last = @mysql_fetch_array(DataBase::sql_query($sql,'GENERAL','Could not obtain last forum sort id'));
$sort = $last ['sort'];
$sort = $sort+1;
$sql = "SELECT `f_id` FROM `".FORUMS_TABLE."` ORDER BY `f_id` DESC LIMIT 1";
$last = @mysql_fetch_array(DataBase::sql_query($sql,'GENERAL','Could not obtain last forum id'));
$last = $last['f_id'];
$last = $last +1;
$sql = "INSERT INTO `".FORUMS_TABLE."` VALUES ('$last','$forum_lock','$allow_moderate', '$forum_name', '$forum_desc','$forum_cat','$sort')";
DataBase::sql_query($sql,'GENERAL','Could not add forum');
$msg='./../skins/'.$default_skin.'/blank.tpl';
admin_message_forum($lng['forum_saved'],'admin_forums.php');
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_forum_desc'];
}
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_forum_name'];
}
}
else
{
if (!isset($_POST['forum_name'])) { $_POST['forum_name'] = ''; }
if (!isset($_POST['forum_desc'])) { $_POST['forum_desc'] = ''; }
$msg='./../skins/'.$default_skin.'/blank.tpl';
}
$skin = array(
'here_write_name_forum'=>$lng['here_write_name_forum'],
'here_write_name_cat'=>$lng['here_write_name_cat'],
'new_forum_submit'=>$lng['new_forum_submit'],
'new_cat_submit'=>$lng['new_cat_submit'],
'L.save'=>$lng['submit'],
'L.reset'=>$lng['reset'],
'L.forum_name'=>$lng['forum_name'],
'L.change_cat'=>$lng['change_cat'],
'L.forum_locked'=>$lng['forum_locked'],
'on'=>$lng['allow'],
'OPTION.forum_locked'=> '',
'L.allow_moderate'=>$lng['moderate_posts'],
'forums&cats'=>$lng['forums_and_cats'],
'OPTION.allow_moderate'=>'',
'OPTIONS.forum_cat'=>Admin_Forum::AddCats(0),
'L.forum_desc'=>$lng['forum_desc'],
'L.main_beam'=>$lng['new_forum'],
'action'=>'admin_forums.php?mode=new&submode=forum'
);
Admin_Over::GenerateHeader();
include('./template/forum_new_edit_body.tpl');
include('./template/overall_footer.tpl');
break;
}
}
break;
}
case 'moveup':
{
//temp variables
$i1 = 0;
$i2 = 0;
$r1 = 0;
$r2 = 0;
//BEGIN switch - submode
switch($_GET['submode'])
{
case 'cat':
{
if (isset($_GET['c']))
{
$i1 = $_GET['c'];
$sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `c_id`='$i1'";
$s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain category information.'));
$s1 = $s1['sort'];
$s2 = $s1 -1;
if ($s1>1)
{
$sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `sort`='$s2'";
$s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain category information.'));
$i2 = $s2['c_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".CATS_TABLE." SET `sort`='$s2' WHERE `c_id`='$i1'";
DataBase::sql_query($sql,'GENERAL','Could not update category position');
$sql = "UPDATE ".CATS_TABLE." SET `sort`='$s1' WHERE `c_id`='$i2'";
DataBase::sql_query($sql,'GENERAL','Could not update category position');
}
}
break;
}
case 'forum':
{
if (isset($_GET['f']))
{
$i1 = $_GET['f'];
$sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `f_id`='$i1'";
$s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain forum information.'));
$cid = $s1['c_id'];
$s1 = $s1['sort'];
$s2 = $s1 -1;
if ($s1>1)
{
$sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `sort`='$s2' AND `c_id`='$cid'";
$s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not forum forum information.'));
$i2 = $s2['f_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s2' WHERE `f_id`='$i1'";
DataBase::sql_query($sql,'GENERAL','Could not update forum position');
$sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s1' WHERE `f_id`='$i2'";
DataBase::sql_query($sql,'GENERAL','Could not update forum position');
}
}
break;
}
}
//END switch - submode
GenerateDefaultDisplay();
break;
}
case 'movedown':
{
//temp variables
$i1 = 0;
$i2 = 0;
$r1 = 0;
$r2 = 0;
//BEGIN switch - submode
switch($_GET['submode'])
{
case 'cat':
{
if (isset($_GET['c']))
{
$i1 = $_GET['c'];
$i2 = $i1 +1;
$sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `c_id`='$i1'";
$s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain category information.'));
$s1 = $s1['sort'];
$s2 = $s1 +1;
$sql = "SELECT `c_id` FROM ".CATS_TABLE;
$count = @mysql_num_rows(DataBase::sql_query($sql,'CRITICAL','Could not obtain category information.'));
if ($s1<$count)
{
$sql = "SELECT `sort`, `c_id` FROM ".CATS_TABLE." WHERE `sort`='$s2'";
$s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain category information.'));
$i2 = $s2['c_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".CATS_TABLE." SET `sort`='$s2' WHERE `c_id`='$i1'";
DataBase::sql_query($sql,'GENERAL','Could not update category position');
$sql = "UPDATE ".CATS_TABLE." SET `sort`='$s1' WHERE `c_id`='$i2'";
DataBase::sql_query($sql,'GENERAL','Could not update category position');
}
}
break;
}
case 'forum':
{
if (isset($_GET['f']))
{
$i1 = $_GET['f'];
$i2 = $i1 +1;
$sql = "SELECT `sort`, `c_id`, `f_id` FROM ".FORUMS_TABLE." WHERE `f_id`='$i1'";
$s1 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain forum information.'));
$cid = $s1['c_id'];
$s1 = $s1['sort'];
$s2 = $s1 +1;
$sql = "SELECT `f_id` FROM ".FORUMS_TABLE." WHERE `c_id`='$cid'";
$count = @mysql_num_rows(DataBase::sql_query($sql,'CRITICAL','Could not obtain forum information.'));
if ($s1<$count)
{
$sql = "SELECT `sort`, `f_id` FROM ".FORUMS_TABLE." WHERE `sort`='$s2'";
$s2 = @mysql_fetch_array(DataBase::sql_query($sql,'CRITICAL','Could not obtain forum information.'));
$i2 = $s2['f_id'];
$s2 = $s2['sort'];
$sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s2' WHERE `f_id`='$i1'";
DataBase::sql_query($sql,'GENERAL','Could not update forum position');
$sql = "UPDATE ".FORUMS_TABLE." SET `sort`='$s1' WHERE `f_id`='$i2'";
DataBase::sql_query($sql,'GENERAL','Could not update forum position');
}
}
break;
}
}
//END switch - submode
GenerateDefaultDisplay();
break;
}
case 'delete':
{
//BEGIN switch - submode
switch($_GET['submode'])
{
case 'cat':
{
if (isset($_GET['c']))
{
$cid = intval($_GET['c']);
$sql = "SELECT * FROM `".CATS_TABLE."` WHERE `c_id`='$cid'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain category information');
$result = @mysql_fetch_array($query);
$sort = $result['sort'];
$sql = "SELECT * FROM `".CATS_TABLE."` WHERE `sort`>'$sort'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain categories information');
while($item = @mysql_fetch_array($query))
{
$new_sort = $item['sort']-1;
$cid2 = $item['c_id'];
$sql2 = "UPDATE `".CATS_TABLE."` SET `sort`='$new_sort' WHERE `c_id`='$cid2'";
DataBase::sql_query($sql,'GENERAL','Could not update category');
}
$sql = "SELECT `f_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$cid'";
$query = DataBase::sql_query($sql, 'GENERAL','Could not obtain forum information.');
while($item = @mysql_fetch_array($query))
{
$fid = $item['f_id'];
$sql="DELETE FROM `".POSTS_TABLE."` WHERE `f_id`='$fid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete post.');
$sql = "DELETE FROM `".TOPICS_TABLE."` WHERE `f_id`='$fid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete topic');
}
$sql = "DELETE FROM `".FORUMS_TABLE."` WHERE `c_id`='$cid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete topic');
$sql = "DELETE FROM `".CATS_TABLE."` WHERE `c_id`='$cid'";
DataBase::sql_query($sql,'GENERAL','Could not delete category.');
}
}
case 'forum':
{
if (isset($_GET['f']))
{
$fid = intval($_GET['f']);
$sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain forum information');
$result = @mysql_fetch_array($query);
$sort = $result['sort'];
$sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `sort`>'$sort'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain forums information');
while($item = @mysql_fetch_array($query))
{
$new_sort = $item['sort']-1;
$fid1 = $item['f_id'];
$sql2 = "UPDATE `".FORUMS_TABLE."` SET `sort`='$new_sort' WHERE `f_id`='$fid1'";
DataBase::sql_query($sql,'GENERAL','Could not update forum');
}
$sql="DELETE FROM `".POSTS_TABLE."` WHERE `f_id`='$fid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete post.');
$sql = "DELETE FROM `".TOPICS_TABLE."` WHERE `f_id`='$fid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete topic');
$sql = "DELETE FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'";
DataBase::sql_query($sql, 'GENERAL','Could not delete forum');
}
}
}
GenerateDefaultDisplay();
break;
}
case 'edit':
{
switch($_GET['submode'])
{
case 'cat':
{
$cid = intval($_GET['c']);
if (isset($_POST['cat_name']))
{
if (strlen($_POST['cat_name'])>=5)
{
$cat_name = strip_tags($_POST['cat_name']);
$sql = "SELECT `sort`, `c_id` FROM `".FORUMS_TABLE."` WHERE `c_id`='$cat_name' ORDER BY `sort` DESC LIMIT 1";
$last = @mysql_fetch_array(DataBase::sql_query($sql,'GENERAL','Could not obtain last forum sort id'));
$sort = $last ['sort'];
$sort = $sort+1;
$sql = "UPDATE `".CATS_TABLE."` SET `name`='$cat_name', `sort`='$sort' WHERE `c_id`='$cid'";
DataBase::sql_query($sql,'GENERAL','Could not update category');
$msg='./../skins/'.$default_skin.'/blank.tpl';
admin_message_forum($lng['cat_saved'],'admin_forums.php');
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_cat_name'];
}
}
else
{
$tmp = mysql_fetch_array(DataBase::sql_query("SELECT `name` FROM `".CATS_TABLE."` WHERE `c_id`='$cid'",'GENERAL','Could not obtain category information'));
$tmp = $tmp['name'];
$_POST['cat_name'] = $tmp;
if($tmp['name']=='')
{
admin_message_forum($lng['no_category'],'admin_forums.php?mode=view');
}
unset($tmp);
$msg='./../skins/'.$default_skin.'/blank.tpl';
}
$skin = array(
'here_write_name_forum'=>$lng['here_write_name_forum'],
'here_write_name_cat'=>$lng['here_write_name_cat'],
'new_forum_submit'=>$lng['new_forum_submit'],
'new_cat_submit'=>$lng['new_cat_submit'],
'L.save'=>$lng['submit'],
'forums&cats'=>$lng['forums_and_cats'],
'L.reset'=>$lng['reset'],
'L.cat_name'=>$lng['cat_name'],
'L.main_beam'=>$lng['edit_cat'],
'action'=>'admin_forums.php?mode=edit&submode=cat&c='.$cid
);
Admin_Over::GenerateHeader();
include('./template/cat_new_edit_body.tpl');
include('./template/overall_footer.tpl');
break;
}
case 'forum':
{
$fid = intval($_GET['f']);
if (isset($_POST['forum_name'],$_POST['forum_desc']))
{
if (strlen($_POST['forum_name'])>=5)
{
if (strlen($_POST['forum_desc'])>=5)
{
$forum_name = strip_tags($_POST['forum_name']);
$forum_desc = strip_tags($_POST['forum_desc']);
$forum_cat = $_POST['forum_cat'];
$sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain forum information');
$result = @mysql_fetch_array($query);
$actual_cid = $result['c_id'];
$sort = $result['sort'];
if ($actual_cid != $forum_cat)
{
$sql = "SELECT * FROM `".FORUMS_TABLE."` WHERE `c_id`='$forum_cat' ORDER BY `sort` DESC LIMIT 1";
$query = DataBase::sql_query($sql,'GENERAL','Could not obtain forums information');
$result = @mysql_fetch_array($query);
$sort = $result['sort']+1;
}
$forum_lock = (isset($_POST['forum_locked'])) ? 1 : 0;
$forum_moderate = (isset($_POST['allow_moderate'])) ? 1 : 0;
$sql = "UPDATE `".FORUMS_TABLE."` SET
`name`='$forum_name',
`desc`='$forum_desc',
`lock`='$forum_lock',
`moderate`='$forum_moderate',
`c_id`='$forum_cat',
`sort`='$sort'
WHERE `f_id`='$fid'";
DataBase::sql_query($sql,'GENERAL','Could not update forum');
$msg='./../skins/'.$default_skin.'/blank.tpl';
admin_message_forum($lng['forum_saved'],'admin_forums.php');
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_forum_desc'];
}
}
else
{
$msg = './../skins/'.$default_skin.'/post_error_body.tpl';
$message = $lng['to_short_forum_name'];
}
}
else
{
$tmp = mysql_fetch_array(DataBase::sql_query("SELECT `name`, `desc` FROM `".FORUMS_TABLE."` WHERE `f_id`='$fid'",'GENERAL','Could not obtain forum information'));
$_POST['forum_name'] = $tmp['name'];
$msg='./../skins/'.$default_skin.'/blank.tpl';
$_POST['forum_desc'] = $tmp['desc'];
if($tmp['name']=='')
{
admin_message_forum($lng['no_forum'],'admin_forums.php?mode=view');
}
unset($tmp);
}
$skin = array(
'here_write_name_forum'=>$lng['here_write_name_forum'],
'here_write_name_cat'=>$lng['here_write_name_cat'],
'new_forum_submit'=>$lng['new_forum_submit'],
'new_cat_submit'=>$lng['new_cat_submit'],
'L.save'=>$lng['submit'],
'forums&cats'=>$lng['forums_and_cats'],
'L.reset'=>$lng['reset'],
'L.forum_name'=>$lng['forum_name'],
'L.change_cat'=>$lng['change_cat'],
'L.forum_locked'=>$lng['forum_locked'],
'on'=>$lng['allow'],
'OPTION.forum_locked'=>(Forum::ForumInformation($fid,'lock')==1) ? 'checked="checked"' : '',
'OPTIONS.forum_cat'=>Admin_Forum::AddCats($fid),
'L.allow_moderate'=>$lng['moderate_posts'],
'OPTION.allow_moderate'=>(Forum::ForumInformation($fid,'moderate')==1) ? 'checked="checked"' : '',
'L.forum_desc'=>$lng['forum_desc'],
'L.main_beam'=>$lng['edit_forum'],
'action'=>'admin_forums.php?mode=edit&submode=forum&f='.$fid
);
Admin_Over::GenerateHeader();
include('./template/forum_new_edit_body.tpl');
include('./template/overall_footer.tpl');
break;
}
}
break;
}
case 'view':
{
GenerateDefaultDisplay();
break;
}
default:
{
header('Location: admin_forums.php?mode=view');
break;
}
}
?>