API tools faq
paste
Advertisement
pushrbx

Untitled

pushrbx
Nov 22nd, 2013
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 9.95 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2. /*-------------------------------------------------------+
  3. | PHP-Fusion Content Management System
  4. | Copyright (C) 2002 - 2012 Nick Jones
  5. | http://www.php-fusion.co.uk/
  6. +--------------------------------------------------------+
  7. | Filename: administrativo.php
  8. | Author: Ricz
  9. +--------------------------------------------------------+
  10. | This program is released as free software under the
  11. | Affero GPL license. You can redistribute it and/or
  12. | modify it under the terms of this license which you
  13. | can read by viewing the included agpl.txt or online
  14. | at www.gnu.org/licenses/agpl.html. Removal of this
  15. | copyright header is strictly prohibited without
  16. | written permission from the original author(s).
  17. +--------------------------------------------------------*/
  18. require_once "../maincore.php";
  19. require_once THEMES."templates/admin_header_mce.php";
  20. include LOCALE.LOCALESET."admin/admin_correct.php";
  21.  
  22. if (!checkrights("ADC") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect("../index.php"); }
  23.  
  24. if ($settings['tinymce_enabled'] == 1) {
  25.     echo "<script language='javascript' type='text/javascript'>advanced();</script>\n";
  26. } else {
  27.     require_once INCLUDES."html_buttons_include.php";
  28. }
  29.  
  30. if (isset($_GET['status']) && !isset($message)) {
  31.     if ($_GET['status'] == "su") {
  32.         $message = $locale['411'];
  33.     }
  34.     if ($message) { echo "<div id='close-message'><div class='admin-message'>".$message."</div></div>\n"; }
  35. }
  36.  
  37. $result = dbcount("(projects_id)", DB_PROJECTS);
  38. if (!empty($result)) {
  39.     if (isset($_POST['save'])) {
  40.         $project = stripinput($_POST['project']);
  41.         $encyc = stripinput($_POST['encyc']);
  42.         $forum = stripinput($_POST['forum']);
  43.         $down = stripinput($_POST['down']);
  44.         $download = stripinput($_POST['download']);
  45.         $online = stripinput($_POST['online']);
  46.        
  47.         if (isset($_POST['projects_id']) && isnum($_POST['projects_id'])) {
  48.             // old:
  49.             //$result = dbquery("UPDATE ".DB_PROJECTS." SET projects_subject='$project' AND ".DB_ENCYCLOPEDIA." SET encyclopedia_subject='$encyc' && ".DB_THREADS." SET thread_subject='$forum' && ".DB_DOWN." SET down_subject='$down' && ".DB_DOWNLOAD_CATS." SET download_cat_name='$download' && ".DB_VIDEO_CAT." SET cat_name='$online WHERE projects_id='".$_POST['projects_id']."'");
  50.            
  51.             // new:
  52.             $tempAr = array();
  53.            
  54.             // organize table names with their field name and field value in an array
  55.             $tempAr[DB_PROJECTS] = array('field' => 'projects_subject', 'value' => $project);
  56.             $tempAr[DB_ENCYCLOPEDIA] = array('field' => 'encyclopedia_subject', 'value' => $encyc);
  57.             $tempAr[DB_THREADS] = array('field' => 'thread_subject', 'value' => $forum);
  58.             $tempAr[DB_DOWN] = array('field' => 'down_subject', 'value' => $down);
  59.             $tempAr[DB_DOWNLOAD_CATS] = array('field' => 'download_cat_name', 'value' => $download);
  60.             $tempAr[DB_VIDEO_CAT] = array('field' => 'cat_name', 'value' => $online);
  61.            
  62.             // protect input from sql injection
  63.             $primaryKey = (int) mysql_real_escape_string($_POST['projects_id']);
  64.            
  65.             foreach($tempAr as $tblName => $fieldValuePair)
  66.             {
  67.                 dbquery("UPDATE ".$tblName." SET ".$fieldValuePair["field"]." = '".$fieldValuePair["value"]."' WHERE projects_id = '".$primaryKey."'");
  68.             }
  69.            
  70.             redirect(FUSION_SELF.$aidlink."&status=su");
  71.         }
  72.        
  73.     } else {
  74.         $result = dbquery("SELECT ta.projects_id, ta.projects_subject,
  75.        tab.encyclopedia_subject,
  76.         tac.thread_subject,
  77.         tad.down_subject,
  78.         tae.download_cat_name,
  79.         taf.cat_name
  80.         FROM ".DB_PROJECTS." ta
  81.         LEFT JOIN ".DB_ENCYCLOPEDIA." tab ON ta.projects_subject=tab.encyclopedia_subject
  82.        LEFT JOIN ".DB_THREADS." tac ON ta.projects_subject=tac.thread_subject
  83.         LEFT JOIN ".DB_DOWN." tad ON ta.projects_subject=tad.down_subject
  84.         LEFT JOIN ".DB_DOWNLOAD_CATS." tae ON ta.projects_subject=tae.download_cat_name
  85.         LEFT JOIN ".DB_VIDEO_CAT." taf ON ta.projects_subject=taf.cat_name ORDER BY ta.projects_subject ASC");
  86.         if (dbrows($result)) {
  87.             $editlist = ""; $sel = "";
  88.             while ($data = dbarray($result)) {
  89.                 if ((isset($_POST['projects_id']) && isnum($_POST['projects_id'])) || (isset($_GET['projects_id']) && isnum($_GET['projects_id']))) {
  90.                     $projects_id = isset($_POST['projects_id']) ? $_POST['projects_id'] : $_GET['projects_id'];
  91.                     $sel = ($projects_id == $data['projects_id'] ? " selected='selected'" : "");
  92.                 } else {
  93.                     $sel = "";
  94.                 }
  95.                 $editlist .= "<option value='".$data['projects_id']."'".$sel.">".$data['projects_subject']."</option>\n";
  96.             }
  97.             opentable($locale['400']);
  98.             echo "<div style='text-align:center'>\n<form name='selectform' method='post' action='".FUSION_SELF.$aidlink."&amp;action=edit'>\n";
  99.             echo "<select name='projects_id' class='textbox' style='width:250px;'>\n".$editlist."</select>\n";
  100.             echo "<input type='submit' name='edit' value='".$locale['409']."' class='button' />\n";
  101.             echo "</form>\n</div>\n";
  102.             closetable();
  103.         }
  104.  
  105.         if ((isset($_GET['action']) && $_GET['action'] == "edit") && (isset($_POST['projects_id']) && isnum($_POST['projects_id'])) || (isset($_GET['projects_id']) && isnum($_GET['projects_id']))) {
  106.             $result = dbquery("SELECT ta.projects_id, ta.projects_subject,
  107.        tab.encyclopedia_subject,
  108.         tac.thread_subject,
  109.         tad.down_subject,
  110.         tae.download_cat_name,
  111.         taf.cat_name
  112.         FROM ".DB_PROJECTS." ta
  113.         LEFT JOIN ".DB_ENCYCLOPEDIA." tab ON ta.projects_subject=tab.encyclopedia_subject
  114.        LEFT JOIN ".DB_THREADS." tac ON ta.projects_subject=tac.thread_subject
  115.         LEFT JOIN ".DB_DOWN." tad ON ta.projects_subject=tad.down_subject
  116.         LEFT JOIN ".DB_DOWNLOAD_CATS." tae ON ta.projects_subject=tae.download_cat_name
  117.         LEFT JOIN ".DB_VIDEO_CAT." taf ON ta.projects_subject=taf.cat_name WHERE projects_id='".(isset($_POST['projects_id']) ? $_POST['projects_id'] : $_GET['projects_id'])."'");
  118.             if (dbrows($result)) {
  119.                 $data = dbarray($result);
  120.                 $project = $data['projects_subject'];
  121.                 $encyc = $data['encyclopedia_subject'];
  122.                 $forum = $data['thread_subject'];
  123.                 $down = $data['down_subject'];
  124.                 $download = $data['download_cat_name'];
  125.                 $online = $data['cat_name'];
  126.             } else {
  127.                 redirect(FUSION_SELF.$aidlink);
  128.             }
  129.         }
  130.         if ((isset($_POST['projects_id']) && isnum($_POST['projects_id'])) || (isset($_GET['projects_id']) && isnum($_GET['projects_id']))) {
  131.             opentable($locale['400']);
  132.         } else {
  133.             if (!isset($_POST['preview'])) {
  134.                 $project = "";
  135.                 $encyc = "";
  136.                 $forum = "";
  137.                 $down = "";
  138.                 $download = "";
  139.                 $online = "";
  140.             }
  141.             opentable($locale['400']);
  142.         }
  143.         $result = dbquery("SELECT ta.projects_id, ta.projects_subject,
  144.        tab.encyclopedia_subject,
  145.         tac.thread_subject,
  146.         tad.down_subject,
  147.         tae.download_cat_name,
  148.         taf.cat_name
  149.         FROM ".DB_PROJECTS." ta
  150.         LEFT JOIN ".DB_ENCYCLOPEDIA." tab ON ta.projects_subject=tab.encyclopedia_subject
  151.        LEFT JOIN ".DB_THREADS." tac ON ta.projects_subject=tac.thread_subject
  152.         LEFT JOIN ".DB_DOWN." tad ON ta.projects_subject=tad.down_subject
  153.         LEFT JOIN ".DB_DOWNLOAD_CATS." tae ON ta.projects_subject=tae.download_cat_name
  154.         LEFT JOIN ".DB_VIDEO_CAT." taf ON ta.projects_subject=taf.cat_name ORDER BY projects_subject DESC");
  155.         $list = ""; $sel = "";
  156.         while ($data = dbarray($result)) {
  157.             if (isset($projects_subject)) $sel = ($projects_subject == $data['projects_subject'] ? " selected='selected'" : "");
  158.             $list .= "<option value='".$data['projects_subject']."'$sel>".$data['projects_subject']."</option>\n";
  159.         }
  160.         echo "<form name='inputform' method='post' action='".FUSION_SELF.$aidlink."' onsubmit='return ValidateForm(this)'>\n";
  161.         echo "<table cellpadding='0' cellspacing='0' class='center'>\n<tr>\n";
  162.         echo "<td width='100' class='tbl'>".$locale['401']."</td>\n";
  163.         echo "<td class='tbl'><input type='text' name='project' value='".$project."' class='textbox' style='width:250px;' /></td>\n";
  164.         echo "</tr>\n<tr>\n";
  165.         echo "<td width='100' class='tbl'>".$locale['402']."</td>\n";
  166.         echo "<td class='tbl'><input type='text' name='encyc' value='".$encyc."' class='textbox' style='width:250px;' /></td>\n";
  167.         echo "</tr>\n<tr>\n";
  168.         echo "<td width='100' class='tbl'>".$locale['403']."</td>\n";
  169.         echo "<td class='tbl'><input type='text' name='forum' value='".$forum."' class='textbox' style='width:250px;' /></td>\n";
  170.         echo "</tr>\n<tr>\n";
  171.         echo "<td width='100' class='tbl'>".$locale['404']."</td>\n";
  172.         echo "<td class='tbl'><input type='text' name='down' value='".$down."' class='textbox' style='width:250px;' /></td>\n";
  173.         echo "</tr>\n<tr>\n";
  174.         echo "<td width='100' class='tbl'>".$locale['405']."</td>\n";
  175.         echo "<td class='tbl'><input type='text' name='download' value='".$download."' class='textbox' style='width:250px;' /></td>\n";
  176.         echo "</tr>\n<tr>\n";
  177.         echo "<td width='100' class='tbl'>".$locale['406']."</td>\n";
  178.         echo "<td class='tbl'><input type='text' name='online' value='".$online."' class='textbox' style='width:250px;' /></td>\n";
  179.         echo "</tr>\n<tr>\n";
  180.         echo "<td align='center' colspan='2' class='tbl'><br />\n";
  181.         if ((isset($_POST['projects_id']) && isnum($_POST['projects_id'])) || (isset($_GET['projects_id']) && isnum($_GET['projects_id']))) {
  182.             echo "<input type='hidden' name='projects_id' value='".(isset($_POST['projects_id']) ? $_POST['projects_id'] : $_GET['projects_id'])."' />\n";
  183.         }
  184.         echo "<input type='submit' name='preview' value='".$locale['407']."' class='button' />\n";
  185.         echo "<input type='submit' name='save' value='".$locale['408']."' class='button' /></td>\n";
  186.         echo "</tr>\n</table>\n</form>\n";
  187.         closetable();
  188.         echo "<script type='text/javascript'>"."\n"."function DeleteArticle() {\n";
  189.         echo "return confirm('".$locale['451']."');\n}\n";
  190.         echo "function ValidateForm(frm) {"."\n"."if(frm.subject.value=='') {\n";
  191.         echo "alert('".$locale['450']."');"."\n"."return false;\n}\n}\n</script>\n";
  192.     }
  193. } else {
  194.     opentable($locale['403']);
  195.     echo "<div style='text-align:center'>".$locale['452']."<br />\n".$locale['453']."<br />\n";
  196.     echo "<a href='article_cats.php".$aidlink."'>".$locale['454']."</a>".$locale['455']."</div>\n";
  197.     closetable();
  198. }
  199.  
  200. require_once THEMES."templates/footer.php";
  201. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!