]>
Commit | Line | Data |
---|---|---|
15158c40 SP |
1 | --- PHP-Nuke-7.4/html/admin.php 2004-07-23 14:46:00.000000000 +0000 |
2 | +++ PHP-Nuke-7.4.new/html/admin.php 2004-11-01 20:50:15.217447320 +0000 | |
3 | @@ -1,431 +1,440 @@ | |
4 | -<?php\r | |
5 | -\r | |
6 | -/************************************************************************/\r | |
7 | -/* PHP-NUKE: Advanced Content Management System */\r | |
8 | -/* ============================================ */\r | |
9 | -/* */\r | |
10 | -/* Copyright (c) 2002 by Francisco Burzi */\r | |
11 | -/* http://phpnuke.org */\r | |
12 | -/* */\r | |
13 | -/* This program is free software. You can redistribute it and/or modify */\r | |
14 | -/* it under the terms of the GNU General Public License as published by */\r | |
15 | -/* the Free Software Foundation; either version 2 of the License. */\r | |
16 | -/* */\r | |
17 | -/************************************************************************/\r | |
18 | -/* Additional security checking code 2003 by chatserv */\r | |
19 | -/* http://www.nukefixes.com -- http://www.nukeresources.com */\r | |
20 | -/************************************************************************/\r | |
21 | -if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {\r | |
22 | - die("Illegal Operation");\r | |
23 | -}\r | |
24 | -$checkurl = $_SERVER['REQUEST_URI']; \r | |
25 | -\r | |
26 | -if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) { \r | |
27 | - echo "die"; \r | |
28 | - exit; \r | |
29 | -}\r | |
30 | -require_once("mainfile.php");\r | |
31 | -get_lang(admin);\r | |
32 | -\r | |
33 | -function create_first($name, $url, $email, $pwd, $user_new) {\r | |
34 | - global $prefix, $db, $user_prefix;\r | |
35 | - $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));\r | |
36 | - if ($first == 0) {\r | |
37 | - $pwd = md5($pwd);\r | |
38 | - $the_adm = "God";\r | |
39 | - $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");\r | |
40 | - if ($user_new == 1) {\r | |
41 | - $user_regdate = date("M d, Y");\r | |
42 | - $user_avatar = "gallery/blank.gif";\r | |
43 | - $commentlimit = 4096;\r | |
44 | - if ($url == "http://") { $url = ""; }\r | |
45 | - $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");\r | |
46 | - }\r | |
47 | - login();\r | |
48 | - }\r | |
49 | -}\r | |
50 | -\r | |
51 | -$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));\r | |
52 | -if ($the_first == 0) {\r | |
53 | - if (!$name) {\r | |
54 | - include("header.php");\r | |
55 | - title("$sitename: "._ADMINISTRATION."");\r | |
56 | - OpenTable();\r | |
57 | - echo "<center><b>"._NOADMINYET."</b></center><br><br>"\r | |
58 | - ."<form action=\"admin.php\" method=\"post\">"\r | |
59 | - ."<table border=\"0\">"\r | |
60 | - ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"\r | |
61 | - ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"\r | |
62 | - ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"\r | |
63 | - ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"\r | |
64 | - ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"\r | |
65 | - ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">"\r | |
66 | - ."<input type=\"submit\" value=\""._SUBMIT."\">"\r | |
67 | - ."</td></tr></table></form>";\r | |
68 | - CloseTable();\r | |
69 | - include("footer.php");\r | |
70 | - }\r | |
71 | - switch($fop) {\r | |
72 | - case "create_first":\r | |
73 | - create_first($name, $url, $email, $pwd, $user_new);\r | |
74 | - break;\r | |
75 | - }\r | |
76 | - die();\r | |
77 | -}\r | |
78 | -\r | |
79 | -require("auth.php");\r | |
80 | -\r | |
81 | -if(!isset($op)) { $op = "adminMain"; }\r | |
82 | -$pagetitle = "- "._ADMINMENU."";\r | |
83 | -\r | |
84 | -/*********************************************************/\r | |
85 | -/* Login Function */\r | |
86 | -/*********************************************************/\r | |
87 | -\r | |
88 | -function login() {\r | |
89 | - global $gfx_chk;\r | |
90 | - include ("header.php");\r | |
91 | - mt_srand ((double)microtime()*1000000);\r | |
92 | - $maxran = 1000000;\r | |
93 | - $random_num = mt_rand(0, $maxran);\r | |
94 | - OpenTable();\r | |
95 | - echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";\r | |
96 | - CloseTable();\r | |
97 | - echo "<br>";\r | |
98 | - OpenTable();\r | |
99 | - echo "<form action=\"admin.php\" method=\"post\">"\r | |
100 | - ."<table border=\"0\">"\r | |
101 | - ."<tr><td>"._ADMINID."</td>"\r | |
102 | - ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"\r | |
103 | - ."<tr><td>"._PASSWORD."</td>"\r | |
104 | - ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";\r | |
105 | - if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {\r | |
106 | - echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"\r | |
107 | - ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";\r | |
108 | - }\r | |
109 | - echo "<tr><td>"\r | |
110 | - ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"\r | |
111 | - ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"\r | |
112 | - ."<input type=\"submit\" VALUE=\""._LOGIN."\">"\r | |
113 | - ."</td></tr></table>"\r | |
114 | - ."</form>";\r | |
115 | - CloseTable();\r | |
116 | - include ("footer.php");\r | |
117 | -}\r | |
118 | -\r | |
119 | -function gfx($random_num) {\r | |
120 | - global $prefix, $db;\r | |
121 | - require("config.php");\r | |
122 | - $datekey = date("F j");\r | |
123 | - $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));\r | |
124 | - $code = substr($rcode, 2, 6);\r | |
125 | - $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");\r | |
126 | - $text_color = ImageColorAllocate($image, 80, 80, 80);\r | |
127 | - Header("Content-type: image/jpeg");\r | |
128 | - ImageString ($image, 5, 12, 2, $code, $text_color);\r | |
129 | - ImageJPEG($image, '', 75);\r | |
130 | - ImageDestroy($image);\r | |
131 | - die();\r | |
132 | -}\r | |
133 | -\r | |
134 | -function deleteNotice($id) { \r | |
135 | - global $prefix, $db; \r | |
136 | - $id = intval($id); \r | |
137 | - $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); \r | |
138 | - Header("Location: admin.php?op=reviews"); \r | |
139 | -}\r | |
140 | -\r | |
141 | -/*********************************************************/\r | |
142 | -/* Administration Menu Function */\r | |
143 | -/*********************************************************/\r | |
144 | -\r | |
145 | -function adminmenu($url, $title, $image) {\r | |
146 | - global $counter, $admingraphic, $Default_Theme;\r | |
147 | - $ThemeSel = get_theme();\r | |
148 | - if (file_exists("themes/$ThemeSel/images/admin/$image")) {\r | |
149 | - $image = "themes/$ThemeSel/images/admin/$image";\r | |
150 | - } else {\r | |
151 | - $image = "images/admin/$image";\r | |
152 | - }\r | |
153 | - if ($admingraphic == 1) {\r | |
154 | - $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>";\r | |
155 | - $close = "";\r | |
156 | - } else {\r | |
157 | - $img = "";\r | |
158 | - $close = "</a>";\r | |
159 | - }\r | |
160 | - echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";\r | |
161 | - if ($counter == 5) {\r | |
162 | - echo "</tr><tr>";\r | |
163 | - $counter = 0;\r | |
164 | - } else {\r | |
165 | - $counter++;\r | |
166 | - }\r | |
167 | -}\r | |
168 | -\r | |
169 | -function GraphicAdmin() {\r | |
170 | - global $aid, $admingraphic, $language, $admin, $prefix, $db;\r | |
171 | - $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));\r | |
172 | - $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));\r | |
173 | - $radminarticle = intval($row['radminarticle']);\r | |
174 | - $radmintopic = intval($row['radmintopic']);\r | |
175 | - $radminuser = intval($row['radminuser']);\r | |
176 | - $radminsurvey = intval($row['radminsurvey']);\r | |
177 | - $radminlink = intval($row['radminlink']);\r | |
178 | - $radminfaq = intval($row['radminfaq']);\r | |
179 | - $radmindownload = intval($row['radmindownload']);\r | |
180 | - $radminreviews = intval($row['radminreviews']);\r | |
181 | - $radminnewsletter = intval($row['radminnewsletter']);\r | |
182 | - $radminforum = intval($row['radminforum']);\r | |
183 | - $radmincontent = intval($row['radmincontent']);\r | |
184 | - $radminency = intval($row['radminency']);\r | |
185 | - $radminsuper = intval($row['radminsuper']);\r | |
186 | - OpenTable();\r | |
187 | - echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>";\r | |
188 | - echo "<br><br>";\r | |
189 | - echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>";\r | |
190 | - $linksdir = dir("admin/links");\r | |
191 | - while($func=$linksdir->read()) {\r | |
192 | - if(substr($func, 0, 6) == "links.") {\r | |
193 | - $menulist .= "$func ";\r | |
194 | - }\r | |
195 | - }\r | |
196 | - closedir($linksdir->handle);\r | |
197 | - $menulist = explode(" ", $menulist);\r | |
198 | - sort($menulist);\r | |
199 | - for ($i=0; $i < sizeof($menulist); $i++) {\r | |
200 | - if($menulist[$i]!="") {\r | |
201 | - $counter = 0;\r | |
202 | - include($linksdir->path."/$menulist[$i]");\r | |
203 | - }\r | |
204 | - }\r | |
205 | - adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif");\r | |
206 | - echo"</tr></table></center>";\r | |
207 | - CloseTable();\r | |
208 | - echo "<br>";\r | |
209 | -}\r | |
210 | -\r | |
211 | -/*********************************************************/\r | |
212 | -/* Administration Main Function */\r | |
213 | -/*********************************************************/\r | |
214 | -\r | |
215 | -function adminMain() {\r | |
216 | - global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix;\r | |
217 | - include ("header.php");\r | |
218 | - $dummy = 0;\r | |
219 | - $Today = getdate();\r | |
220 | - $month = $Today['month'];\r | |
221 | - $mday = $Today['mday'];\r | |
222 | - $year = $Today['year'];\r | |
223 | - $pmonth = $Today['month'];\r | |
224 | - $pmday = $Today['mday'];\r | |
225 | - $pmday = $mday-1;\r | |
226 | - $pyear = $Today['year'];\r | |
227 | - if ($pmonth=="January") { $pmonth=1; } else\r | |
228 | - if ($pmonth=="February") { $pmonth=2; } else\r | |
229 | - if ($pmonth=="March") { $pmonth=3; } else\r | |
230 | - if ($pmonth=="April") { $pmonth=4; } else\r | |
231 | - if ($pmonth=="May") { $pmonth=5; } else\r | |
232 | - if ($pmonth=="June") { $pmonth=6; } else\r | |
233 | - if ($pmonth=="July") { $pmonth=7; } else\r | |
234 | - if ($pmonth=="August") { $pmonth=8; } else\r | |
235 | - if ($pmonth=="September") { $pmonth=9; } else\r | |
236 | - if ($pmonth=="October") { $pmonth=10; } else\r | |
237 | - if ($pmonth=="November") { $pmonth=11; } else\r | |
238 | - if ($pmonth=="December") { $pmonth=12; };\r | |
239 | - $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);\r | |
240 | - $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";\r | |
241 | - $preday = strftime ("%d",$test);\r | |
242 | - $premonth = strftime ("%B",$test);\r | |
243 | - $preyear = strftime ("%Y",$test);\r | |
244 | - $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";\r | |
245 | - GraphicAdmin();\r | |
246 | - $aid = substr("$aid", 0,25);\r | |
247 | - $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));\r | |
248 | - $radminarticle = intval($row['radminarticle']);\r | |
249 | - $radminsuper = intval($row['radminsuper']);\r | |
250 | - $admlanguage = $row['admlanguage'];\r | |
251 | - if ($admlanguage != "" ) {\r | |
252 | - $queryalang = "WHERE alanguage='$admlanguage' ";\r | |
253 | - } else {\r | |
254 | - $queryalang = "";\r | |
255 | - }\r | |
256 | - $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));\r | |
257 | - $main_module = $row2['main_module'];\r | |
258 | - OpenTable();\r | |
259 | - echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>"\r | |
260 | - .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>";\r | |
261 | - CloseTable();\r | |
262 | - echo "<br>";\r | |
263 | - OpenTable();\r | |
264 | - $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));\r | |
265 | - $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));\r | |
266 | - $who_online_num = $guest_online_num + $member_online_num;\r | |
267 | - $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";\r | |
268 | - $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));\r | |
269 | - $userCount = $row3['userCount'];\r | |
270 | - $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));\r | |
271 | - $userCount2 = $row4['userCount'];\r | |
272 | - echo "<center>$who_online<br>"\r | |
273 | - .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>";\r | |
274 | - CloseTable();\r | |
275 | - echo "<br>";\r | |
276 | - OpenTable();\r | |
277 | - echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>";\r | |
278 | - $count = 0;\r | |
279 | - $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");\r | |
280 | - while ($row5 = $db->sql_fetchrow($result5)) {\r | |
281 | - $anid = intval($row5['anid']);\r | |
282 | - $aid = $row5['aid'];\r | |
283 | - $said = substr("$aid", 0,25);\r | |
284 | - $title = $row5['title'];\r | |
285 | - $time = $row5['time'];\r | |
286 | - $alanguage = $row5['alanguage'];\r | |
287 | - if ($alanguage == "") {\r | |
288 | - $alanguage = ""._ALL."";\r | |
289 | - }\r | |
290 | - if ($anid != "") {\r | |
291 | - if ($count == 0) {\r | |
292 | - echo "<table border=\"1\" width=\"100%\">";\r | |
293 | - $count = 1;\r | |
294 | - }\r | |
295 | - $time = ereg_replace(" ", "@", $time);\r | |
296 | - if (($radminarticle==1) OR ($radminsuper==1)) {\r | |
297 | - if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {\r | |
298 | - echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r | |
299 | - } else {\r | |
300 | - echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r | |
301 | - }\r | |
302 | - } else {\r | |
303 | - echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */\r | |
304 | - }\r | |
305 | - }\r | |
306 | - }\r | |
307 | - if (($anid == "") AND ($count == 0)) {\r | |
308 | - echo "<center><i>"._NOAUTOARTICLES."</i></center>";\r | |
309 | - }\r | |
310 | - if ($count == 1) {\r | |
311 | - echo "</table>";\r | |
312 | - }\r | |
313 | - CloseTable();\r | |
314 | - echo "<br>";\r | |
315 | - OpenTable();\r | |
316 | - echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";\r | |
317 | - $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");\r | |
318 | - echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">";\r | |
319 | - while ($row6 = $db->sql_fetchrow($result6)) {\r | |
320 | - $sid = intval($row6['sid']);\r | |
321 | - $aid = $row6['aid'];\r | |
322 | - $said = substr("$aid", 0,25);\r | |
323 | - $title = $row6['title'];\r | |
324 | - $time = $row6['time'];\r | |
325 | - $topic = $row6['topic'];\r | |
326 | - $informant = $row6['informant'];\r | |
327 | - $alanguage = $row6['alanguage'];\r | |
328 | - $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));\r | |
329 | - $topicname = $row7['topicname'];\r | |
330 | - if ($alanguage == "") {\r | |
331 | - $alanguage = ""._ALL."";\r | |
332 | - }\r | |
333 | - formatTimestamp($time);\r | |
334 | - echo "<tr><td align=\"right\"><b>$sid</b>"\r | |
335 | - ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>"\r | |
336 | - ."</td><td align=\"center\">$alanguage"\r | |
337 | - ."</td><td align=\"right\">$topicname";\r | |
338 | - if (($radminarticle==1) OR ($radminsuper==1)) {\r | |
339 | - if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {\r | |
340 | - echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"\r | |
341 | - ."</td></tr>";\r | |
342 | - } else {\r | |
343 | - echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"\r | |
344 | - ."</td></tr>";\r | |
345 | - }\r | |
346 | - } else {\r | |
347 | - echo "</td></tr>";\r | |
348 | - }\r | |
349 | - }\r | |
350 | - echo "</table>";\r | |
351 | - if (($radminarticle==1) OR ($radminsuper==1)) {\r | |
352 | - echo "<center>"\r | |
353 | - ."<form action=\"admin.php\" method=\"post\">"\r | |
354 | - .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">"\r | |
355 | - ."<select name=\"op\">"\r | |
356 | - ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>"\r | |
357 | - ."<option value=\"RemoveStory\">"._DELETE."</option>"\r | |
358 | - ."</select>"\r | |
359 | - ."<input type=\"submit\" value=\""._GO."\">"\r | |
360 | - ."</form></center>";\r | |
361 | - }\r | |
362 | - CloseTable();\r | |
363 | - $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));\r | |
364 | - $pollID = intval($row8['pollID']);\r | |
365 | - $pollTitle = $row8['pollTitle'];\r | |
366 | - echo "<br>";\r | |
367 | - OpenTable();\r | |
368 | - echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";\r | |
369 | - CloseTable();\r | |
370 | - include ("footer.php");\r | |
371 | -}\r | |
372 | -\r | |
373 | -if($admintest) {\r | |
374 | -\r | |
375 | - switch($op) {\r | |
376 | -\r | |
377 | - case "do_gfx":\r | |
378 | - do_gfx();\r | |
379 | - break;\r | |
380 | -\r | |
381 | - case "deleteNotice":\r | |
382 | - deleteNotice($id);\r | |
383 | - break;\r | |
384 | -\r | |
385 | - case "GraphicAdmin":\r | |
386 | - GraphicAdmin();\r | |
387 | - break;\r | |
388 | -\r | |
389 | - case "adminMain":\r | |
390 | - adminMain();\r | |
391 | - break;\r | |
392 | -\r | |
393 | - case "logout":\r | |
394 | - setcookie("admin");\r | |
395 | - $admin = "";\r | |
396 | - include("header.php");\r | |
397 | - OpenTable();\r | |
398 | - echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>";\r | |
399 | - CloseTable();\r | |
400 | - include("footer.php");\r | |
401 | - break;\r | |
402 | -\r | |
403 | - case "login";\r | |
404 | - unset($op);\r | |
405 | -\r | |
406 | - default:\r | |
407 | - $casedir = dir("admin/case");\r | |
408 | - while($func=$casedir->read()) {\r | |
409 | - if(substr($func, 0, 5) == "case.") {\r | |
410 | - include($casedir->path."/$func");\r | |
411 | - }\r | |
412 | - }\r | |
413 | - closedir($casedir->handle);\r | |
414 | - break;\r | |
415 | -\r | |
416 | - }\r | |
417 | -\r | |
418 | -} else {\r | |
419 | -\r | |
420 | - switch($op) {\r | |
421 | -\r | |
422 | - case "gfx":\r | |
423 | - gfx($random_num);\r | |
424 | - break;\r | |
425 | - \r | |
426 | - default:\r | |
427 | - login();\r | |
428 | - break;\r | |
429 | -\r | |
430 | - }\r | |
431 | -\r | |
432 | -}\r | |
433 | -\r | |
434 | -?> | |
435 | \ No newline at end of file | |
436 | +<?php | |
437 | + | |
438 | +/************************************************************************/ | |
439 | +/* PHP-NUKE: Advanced Content Management System */ | |
440 | +/* ============================================ */ | |
441 | +/* */ | |
442 | +/* Copyright (c) 2002 by Francisco Burzi */ | |
443 | +/* http://phpnuke.org */ | |
444 | +/* */ | |
445 | +/* This program is free software. You can redistribute it and/or modify */ | |
446 | +/* it under the terms of the GNU General Public License as published by */ | |
447 | +/* the Free Software Foundation; either version 2 of the License. */ | |
448 | +/* */ | |
449 | +/************************************************************************/ | |
450 | +/* Additional security checking code 2003 by chatserv */ | |
451 | +/* http://www.nukefixes.com -- http://www.nukeresources.com */ | |
452 | +/************************************************************************/ | |
453 | + | |
454 | +if ( !empty($HTTP_GET_VARS['op']) ) { | |
455 | +$op = $HTTP_GET_VARS['op']; | |
456 | +} | |
457 | + | |
458 | +if ( !empty($HTTP_POST_VARS['op']) ) { | |
459 | +$op = $HTTP_POST_VARS['op']; | |
460 | +} | |
461 | + | |
462 | +if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) { | |
463 | + die("Illegal Operation"); | |
464 | +} | |
465 | +$checkurl = $_SERVER['REQUEST_URI']; | |
466 | + | |
467 | +if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) { | |
468 | + echo "die"; | |
469 | + exit; | |
470 | +} | |
471 | +require_once("mainfile.php"); | |
472 | +get_lang(admin); | |
473 | + | |
474 | +function create_first($name, $url, $email, $pwd, $user_new) { | |
475 | + global $prefix, $db, $user_prefix; | |
476 | + $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); | |
477 | + if ($first == 0) { | |
478 | + $pwd = md5($pwd); | |
479 | + $the_adm = "God"; | |
480 | + $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')"); | |
481 | + if ($user_new == 1) { | |
482 | + $user_regdate = date("M d, Y"); | |
483 | + $user_avatar = "gallery/blank.gif"; | |
484 | + $commentlimit = 4096; | |
485 | + if ($url == "http://") { $url = ""; } | |
486 | + $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')"); | |
487 | + } | |
488 | + login(); | |
489 | + } | |
490 | +} | |
491 | + | |
492 | +$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors")); | |
493 | +if ($the_first == 0) { | |
494 | + if (!$name) { | |
495 | + include("header.php"); | |
496 | + title("$sitename: "._ADMINISTRATION.""); | |
497 | + OpenTable(); | |
498 | + echo "<center><b>"._NOADMINYET."</b></center><br><br>" | |
499 | + ."<form action=\"admin.php\" method=\"post\">" | |
500 | + ."<table border=\"0\">" | |
501 | + ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>" | |
502 | + ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>" | |
503 | + ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>" | |
504 | + ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>" | |
505 | + ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>" | |
506 | + ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">" | |
507 | + ."<input type=\"submit\" value=\""._SUBMIT."\">" | |
508 | + ."</td></tr></table></form>"; | |
509 | + CloseTable(); | |
510 | + include("footer.php"); | |
511 | + } | |
512 | + switch($fop) { | |
513 | + case "create_first": | |
514 | + create_first($name, $url, $email, $pwd, $user_new); | |
515 | + break; | |
516 | + } | |
517 | + die(); | |
518 | +} | |
519 | + | |
520 | +require("auth.php"); | |
521 | + | |
522 | +if(!isset($op)) { $op = "adminMain"; } | |
523 | +$pagetitle = "- "._ADMINMENU.""; | |
524 | + | |
525 | +/*********************************************************/ | |
526 | +/* Login Function */ | |
527 | +/*********************************************************/ | |
528 | + | |
529 | +function login() { | |
530 | + global $gfx_chk; | |
531 | + include ("header.php"); | |
532 | + mt_srand ((double)microtime()*1000000); | |
533 | + $maxran = 1000000; | |
534 | + $random_num = mt_rand(0, $maxran); | |
535 | + OpenTable(); | |
536 | + echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>"; | |
537 | + CloseTable(); | |
538 | + echo "<br>"; | |
539 | + OpenTable(); | |
540 | + echo "<form action=\"admin.php\" method=\"post\">" | |
541 | + ."<table border=\"0\">" | |
542 | + ."<tr><td>"._ADMINID."</td>" | |
543 | + ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>" | |
544 | + ."<tr><td>"._PASSWORD."</td>" | |
545 | + ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>"; | |
546 | + if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) { | |
547 | + echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>" | |
548 | + ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>"; | |
549 | + } | |
550 | + echo "<tr><td>" | |
551 | + ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">" | |
552 | + ."<input type=\"hidden\" NAME=\"op\" value=\"login\">" | |
553 | + ."<input type=\"submit\" VALUE=\""._LOGIN."\">" | |
554 | + ."</td></tr></table>" | |
555 | + ."</form>"; | |
556 | + CloseTable(); | |
557 | + include ("footer.php"); | |
558 | +} | |
559 | + | |
560 | +function gfx($random_num) { | |
561 | + global $prefix, $db; | |
562 | + require("config.php"); | |
563 | + $datekey = date("F j"); | |
564 | + $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey)); | |
565 | + $code = substr($rcode, 2, 6); | |
566 | + $image = ImageCreateFromJPEG("images/admin/code_bg.jpg"); | |
567 | + $text_color = ImageColorAllocate($image, 80, 80, 80); | |
568 | + Header("Content-type: image/jpeg"); | |
569 | + ImageString ($image, 5, 12, 2, $code, $text_color); | |
570 | + ImageJPEG($image, '', 75); | |
571 | + ImageDestroy($image); | |
572 | + die(); | |
573 | +} | |
574 | + | |
575 | +function deleteNotice($id) { | |
576 | + global $prefix, $db; | |
577 | + $id = intval($id); | |
578 | + $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'"); | |
579 | + Header("Location: admin.php?op=reviews"); | |
580 | +} | |
581 | + | |
582 | +/*********************************************************/ | |
583 | +/* Administration Menu Function */ | |
584 | +/*********************************************************/ | |
585 | + | |
586 | +function adminmenu($url, $title, $image) { | |
587 | + global $counter, $admingraphic, $Default_Theme; | |
588 | + $ThemeSel = get_theme(); | |
589 | + if (file_exists("themes/$ThemeSel/images/admin/$image")) { | |
590 | + $image = "themes/$ThemeSel/images/admin/$image"; | |
591 | + } else { | |
592 | + $image = "images/admin/$image"; | |
593 | + } | |
594 | + if ($admingraphic == 1) { | |
595 | + $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>"; | |
596 | + $close = ""; | |
597 | + } else { | |
598 | + $img = ""; | |
599 | + $close = "</a>"; | |
600 | + } | |
601 | + echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>"; | |
602 | + if ($counter == 5) { | |
603 | + echo "</tr><tr>"; | |
604 | + $counter = 0; | |
605 | + } else { | |
606 | + $counter++; | |
607 | + } | |
608 | +} | |
609 | + | |
610 | +function GraphicAdmin() { | |
611 | + global $aid, $admingraphic, $language, $admin, $prefix, $db; | |
612 | + $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue")); | |
613 | + $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'")); | |
614 | + $radminarticle = intval($row['radminarticle']); | |
615 | + $radmintopic = intval($row['radmintopic']); | |
616 | + $radminuser = intval($row['radminuser']); | |
617 | + $radminsurvey = intval($row['radminsurvey']); | |
618 | + $radminlink = intval($row['radminlink']); | |
619 | + $radminfaq = intval($row['radminfaq']); | |
620 | + $radmindownload = intval($row['radmindownload']); | |
621 | + $radminreviews = intval($row['radminreviews']); | |
622 | + $radminnewsletter = intval($row['radminnewsletter']); | |
623 | + $radminforum = intval($row['radminforum']); | |
624 | + $radmincontent = intval($row['radmincontent']); | |
625 | + $radminency = intval($row['radminency']); | |
626 | + $radminsuper = intval($row['radminsuper']); | |
627 | + OpenTable(); | |
628 | + echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>"; | |
629 | + echo "<br><br>"; | |
630 | + echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>"; | |
631 | + $linksdir = dir("admin/links"); | |
632 | + while($func=$linksdir->read()) { | |
633 | + if(substr($func, 0, 6) == "links.") { | |
634 | + $menulist .= "$func "; | |
635 | + } | |
636 | + } | |
637 | + closedir($linksdir->handle); | |
638 | + $menulist = explode(" ", $menulist); | |
639 | + sort($menulist); | |
640 | + for ($i=0; $i < sizeof($menulist); $i++) { | |
641 | + if($menulist[$i]!="") { | |
642 | + $counter = 0; | |
643 | + include($linksdir->path."/$menulist[$i]"); | |
644 | + } | |
645 | + } | |
646 | + adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif"); | |
647 | + echo"</tr></table></center>"; | |
648 | + CloseTable(); | |
649 | + echo "<br>"; | |
650 | +} | |
651 | + | |
652 | +/*********************************************************/ | |
653 | +/* Administration Main Function */ | |
654 | +/*********************************************************/ | |
655 | + | |
656 | +function adminMain() { | |
657 | + global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix; | |
658 | + include ("header.php"); | |
659 | + $dummy = 0; | |
660 | + $Today = getdate(); | |
661 | + $month = $Today['month']; | |
662 | + $mday = $Today['mday']; | |
663 | + $year = $Today['year']; | |
664 | + $pmonth = $Today['month']; | |
665 | + $pmday = $Today['mday']; | |
666 | + $pmday = $mday-1; | |
667 | + $pyear = $Today['year']; | |
668 | + if ($pmonth=="January") { $pmonth=1; } else | |
669 | + if ($pmonth=="February") { $pmonth=2; } else | |
670 | + if ($pmonth=="March") { $pmonth=3; } else | |
671 | + if ($pmonth=="April") { $pmonth=4; } else | |
672 | + if ($pmonth=="May") { $pmonth=5; } else | |
673 | + if ($pmonth=="June") { $pmonth=6; } else | |
674 | + if ($pmonth=="July") { $pmonth=7; } else | |
675 | + if ($pmonth=="August") { $pmonth=8; } else | |
676 | + if ($pmonth=="September") { $pmonth=9; } else | |
677 | + if ($pmonth=="October") { $pmonth=10; } else | |
678 | + if ($pmonth=="November") { $pmonth=11; } else | |
679 | + if ($pmonth=="December") { $pmonth=12; }; | |
680 | + $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1); | |
681 | + $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%"; | |
682 | + $preday = strftime ("%d",$test); | |
683 | + $premonth = strftime ("%B",$test); | |
684 | + $preyear = strftime ("%Y",$test); | |
685 | + $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%"; | |
686 | + GraphicAdmin(); | |
687 | + $aid = substr("$aid", 0,25); | |
688 | + $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'")); | |
689 | + $radminarticle = intval($row['radminarticle']); | |
690 | + $radminsuper = intval($row['radminsuper']); | |
691 | + $admlanguage = $row['admlanguage']; | |
692 | + if ($admlanguage != "" ) { | |
693 | + $queryalang = "WHERE alanguage='$admlanguage' "; | |
694 | + } else { | |
695 | + $queryalang = ""; | |
696 | + } | |
697 | + $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main")); | |
698 | + $main_module = $row2['main_module']; | |
699 | + OpenTable(); | |
700 | + echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>" | |
701 | + .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>"; | |
702 | + CloseTable(); | |
703 | + echo "<br>"; | |
704 | + OpenTable(); | |
705 | + $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'")); | |
706 | + $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'")); | |
707 | + $who_online_num = $guest_online_num + $member_online_num; | |
708 | + $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>"; | |
709 | + $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'")); | |
710 | + $userCount = $row3['userCount']; | |
711 | + $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'")); | |
712 | + $userCount2 = $row4['userCount']; | |
713 | + echo "<center>$who_online<br>" | |
714 | + .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>"; | |
715 | + CloseTable(); | |
716 | + echo "<br>"; | |
717 | + OpenTable(); | |
718 | + echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>"; | |
719 | + $count = 0; | |
720 | + $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC"); | |
721 | + while ($row5 = $db->sql_fetchrow($result5)) { | |
722 | + $anid = intval($row5['anid']); | |
723 | + $aid = $row5['aid']; | |
724 | + $said = substr("$aid", 0,25); | |
725 | + $title = $row5['title']; | |
726 | + $time = $row5['time']; | |
727 | + $alanguage = $row5['alanguage']; | |
728 | + if ($alanguage == "") { | |
729 | + $alanguage = ""._ALL.""; | |
730 | + } | |
731 | + if ($anid != "") { | |
732 | + if ($count == 0) { | |
733 | + echo "<table border=\"1\" width=\"100%\">"; | |
734 | + $count = 1; | |
735 | + } | |
736 | + $time = ereg_replace(" ", "@", $time); | |
737 | + if (($radminarticle==1) OR ($radminsuper==1)) { | |
738 | + if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { | |
739 | + echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ | |
740 | + } else { | |
741 | + echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ | |
742 | + } | |
743 | + } else { | |
744 | + echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */ | |
745 | + } | |
746 | + } | |
747 | + } | |
748 | + if (($anid == "") AND ($count == 0)) { | |
749 | + echo "<center><i>"._NOAUTOARTICLES."</i></center>"; | |
750 | + } | |
751 | + if ($count == 1) { | |
752 | + echo "</table>"; | |
753 | + } | |
754 | + CloseTable(); | |
755 | + echo "<br>"; | |
756 | + OpenTable(); | |
757 | + echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>"; | |
758 | + $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20"); | |
759 | + echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">"; | |
760 | + while ($row6 = $db->sql_fetchrow($result6)) { | |
761 | + $sid = intval($row6['sid']); | |
762 | + $aid = $row6['aid']; | |
763 | + $said = substr("$aid", 0,25); | |
764 | + $title = $row6['title']; | |
765 | + $time = $row6['time']; | |
766 | + $topic = $row6['topic']; | |
767 | + $informant = $row6['informant']; | |
768 | + $alanguage = $row6['alanguage']; | |
769 | + $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'")); | |
770 | + $topicname = $row7['topicname']; | |
771 | + if ($alanguage == "") { | |
772 | + $alanguage = ""._ALL.""; | |
773 | + } | |
774 | + formatTimestamp($time); | |
775 | + echo "<tr><td align=\"right\"><b>$sid</b>" | |
776 | + ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>" | |
777 | + ."</td><td align=\"center\">$alanguage" | |
778 | + ."</td><td align=\"right\">$topicname"; | |
779 | + if (($radminarticle==1) OR ($radminsuper==1)) { | |
780 | + if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) { | |
781 | + echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)" | |
782 | + ."</td></tr>"; | |
783 | + } else { | |
784 | + echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>" | |
785 | + ."</td></tr>"; | |
786 | + } | |
787 | + } else { | |
788 | + echo "</td></tr>"; | |
789 | + } | |
790 | + } | |
791 | + echo "</table>"; | |
792 | + if (($radminarticle==1) OR ($radminsuper==1)) { | |
793 | + echo "<center>" | |
794 | + ."<form action=\"admin.php\" method=\"post\">" | |
795 | + .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">" | |
796 | + ."<select name=\"op\">" | |
797 | + ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>" | |
798 | + ."<option value=\"RemoveStory\">"._DELETE."</option>" | |
799 | + ."</select>" | |
800 | + ."<input type=\"submit\" value=\""._GO."\">" | |
801 | + ."</form></center>"; | |
802 | + } | |
803 | + CloseTable(); | |
804 | + $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1")); | |
805 | + $pollID = intval($row8['pollID']); | |
806 | + $pollTitle = $row8['pollTitle']; | |
807 | + echo "<br>"; | |
808 | + OpenTable(); | |
809 | + echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>"; | |
810 | + CloseTable(); | |
811 | + include ("footer.php"); | |
812 | +} | |
813 | + | |
814 | +if($admintest) { | |
815 | + | |
816 | + switch($op) { | |
817 | + | |
818 | + case "do_gfx": | |
819 | + do_gfx(); | |
820 | + break; | |
821 | + | |
822 | + case "deleteNotice": | |
823 | + deleteNotice($id); | |
824 | + break; | |
825 | + | |
826 | + case "GraphicAdmin": | |
827 | + GraphicAdmin(); | |
828 | + break; | |
829 | + | |
830 | + case "adminMain": | |
831 | + adminMain(); | |
832 | + break; | |
833 | + | |
834 | + case "logout": | |
835 | + setcookie("admin"); | |
836 | + $admin = ""; | |
837 | + include("header.php"); | |
838 | + OpenTable(); | |
839 | + echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>"; | |
840 | + CloseTable(); | |
841 | + include("footer.php"); | |
842 | + break; | |
843 | + | |
844 | + case "login"; | |
845 | + unset($op); | |
846 | + | |
847 | + default: | |
848 | + $casedir = dir("admin/case"); | |
849 | + while($func=$casedir->read()) { | |
850 | + if(substr($func, 0, 5) == "case.") { | |
851 | + include($casedir->path."/$func"); | |
852 | + } | |
853 | + } | |
854 | + closedir($casedir->handle); | |
855 | + break; | |
856 | + | |
857 | + } | |
858 | + | |
859 | +} else { | |
860 | + | |
861 | + switch($op) { | |
862 | + | |
863 | + case "gfx": | |
864 | + gfx($random_num); | |
865 | + break; | |
866 | + | |
867 | + default: | |
868 | + login(); | |
869 | + break; | |
870 | + | |
871 | + } | |
872 | + | |
873 | +} | |
874 | + | |
875 | +?> |