1 --- PHP-Nuke-7.4/html/admin.php 2004-07-23 14:46:00.000000000 +0000
2 +++ PHP-Nuke-7.4.new/html/admin.php 2004-11-01 20:50:15.217447320 +0000
6 -/************************************************************************/
\r
7 -/* PHP-NUKE: Advanced Content Management System */
\r
8 -/* ============================================ */
\r
10 -/* Copyright (c) 2002 by Francisco Burzi */
\r
11 -/* http://phpnuke.org */
\r
13 -/* This program is free software. You can redistribute it and/or modify */
\r
14 -/* it under the terms of the GNU General Public License as published by */
\r
15 -/* the Free Software Foundation; either version 2 of the License. */
\r
17 -/************************************************************************/
\r
18 -/* Additional security checking code 2003 by chatserv */
\r
19 -/* http://www.nukefixes.com -- http://www.nukeresources.com */
\r
20 -/************************************************************************/
\r
21 -if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
\r
22 - die("Illegal Operation");
\r
24 -$checkurl = $_SERVER['REQUEST_URI'];
\r
26 -if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
\r
30 -require_once("mainfile.php");
\r
33 -function create_first($name, $url, $email, $pwd, $user_new) {
\r
34 - global $prefix, $db, $user_prefix;
\r
35 - $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
\r
36 - if ($first == 0) {
\r
39 - $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");
\r
40 - if ($user_new == 1) {
\r
41 - $user_regdate = date("M d, Y");
\r
42 - $user_avatar = "gallery/blank.gif";
\r
43 - $commentlimit = 4096;
\r
44 - if ($url == "http://") { $url = ""; }
\r
45 - $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");
\r
51 -$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
\r
52 -if ($the_first == 0) {
\r
54 - include("header.php");
\r
55 - title("$sitename: "._ADMINISTRATION."");
\r
57 - echo "<center><b>"._NOADMINYET."</b></center><br><br>"
\r
58 - ."<form action=\"admin.php\" method=\"post\">"
\r
59 - ."<table border=\"0\">"
\r
60 - ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"
\r
61 - ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"
\r
62 - ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"
\r
63 - ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"
\r
64 - ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"
\r
65 - ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">"
\r
66 - ."<input type=\"submit\" value=\""._SUBMIT."\">"
\r
67 - ."</td></tr></table></form>";
\r
69 - include("footer.php");
\r
72 - case "create_first":
\r
73 - create_first($name, $url, $email, $pwd, $user_new);
\r
79 -require("auth.php");
\r
81 -if(!isset($op)) { $op = "adminMain"; }
\r
82 -$pagetitle = "- "._ADMINMENU."";
\r
84 -/*********************************************************/
\r
85 -/* Login Function */
\r
86 -/*********************************************************/
\r
90 - include ("header.php");
\r
91 - mt_srand ((double)microtime()*1000000);
\r
92 - $maxran = 1000000;
\r
93 - $random_num = mt_rand(0, $maxran);
\r
95 - echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";
\r
99 - echo "<form action=\"admin.php\" method=\"post\">"
\r
100 - ."<table border=\"0\">"
\r
101 - ."<tr><td>"._ADMINID."</td>"
\r
102 - ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"
\r
103 - ."<tr><td>"._PASSWORD."</td>"
\r
104 - ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";
\r
105 - if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {
\r
106 - echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"
\r
107 - ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";
\r
110 - ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"
\r
111 - ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"
\r
112 - ."<input type=\"submit\" VALUE=\""._LOGIN."\">"
\r
113 - ."</td></tr></table>"
\r
116 - include ("footer.php");
\r
119 -function gfx($random_num) {
\r
120 - global $prefix, $db;
\r
121 - require("config.php");
\r
122 - $datekey = date("F j");
\r
123 - $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));
\r
124 - $code = substr($rcode, 2, 6);
\r
125 - $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");
\r
126 - $text_color = ImageColorAllocate($image, 80, 80, 80);
\r
127 - Header("Content-type: image/jpeg");
\r
128 - ImageString ($image, 5, 12, 2, $code, $text_color);
\r
129 - ImageJPEG($image, '', 75);
\r
130 - ImageDestroy($image);
\r
134 -function deleteNotice($id) {
\r
135 - global $prefix, $db;
\r
136 - $id = intval($id);
\r
137 - $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'");
\r
138 - Header("Location: admin.php?op=reviews");
\r
141 -/*********************************************************/
\r
142 -/* Administration Menu Function */
\r
143 -/*********************************************************/
\r
145 -function adminmenu($url, $title, $image) {
\r
146 - global $counter, $admingraphic, $Default_Theme;
\r
147 - $ThemeSel = get_theme();
\r
148 - if (file_exists("themes/$ThemeSel/images/admin/$image")) {
\r
149 - $image = "themes/$ThemeSel/images/admin/$image";
\r
151 - $image = "images/admin/$image";
\r
153 - if ($admingraphic == 1) {
\r
154 - $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>";
\r
160 - echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";
\r
161 - if ($counter == 5) {
\r
162 - echo "</tr><tr>";
\r
169 -function GraphicAdmin() {
\r
170 - global $aid, $admingraphic, $language, $admin, $prefix, $db;
\r
171 - $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));
\r
172 - $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
\r
173 - $radminarticle = intval($row['radminarticle']);
\r
174 - $radmintopic = intval($row['radmintopic']);
\r
175 - $radminuser = intval($row['radminuser']);
\r
176 - $radminsurvey = intval($row['radminsurvey']);
\r
177 - $radminlink = intval($row['radminlink']);
\r
178 - $radminfaq = intval($row['radminfaq']);
\r
179 - $radmindownload = intval($row['radmindownload']);
\r
180 - $radminreviews = intval($row['radminreviews']);
\r
181 - $radminnewsletter = intval($row['radminnewsletter']);
\r
182 - $radminforum = intval($row['radminforum']);
\r
183 - $radmincontent = intval($row['radmincontent']);
\r
184 - $radminency = intval($row['radminency']);
\r
185 - $radminsuper = intval($row['radminsuper']);
\r
187 - echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>";
\r
189 - echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>";
\r
190 - $linksdir = dir("admin/links");
\r
191 - while($func=$linksdir->read()) {
\r
192 - if(substr($func, 0, 6) == "links.") {
\r
193 - $menulist .= "$func ";
\r
196 - closedir($linksdir->handle);
\r
197 - $menulist = explode(" ", $menulist);
\r
199 - for ($i=0; $i < sizeof($menulist); $i++) {
\r
200 - if($menulist[$i]!="") {
\r
202 - include($linksdir->path."/$menulist[$i]");
\r
205 - adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif");
\r
206 - echo"</tr></table></center>";
\r
211 -/*********************************************************/
\r
212 -/* Administration Main Function */
\r
213 -/*********************************************************/
\r
215 -function adminMain() {
\r
216 - global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix;
\r
217 - include ("header.php");
\r
219 - $Today = getdate();
\r
220 - $month = $Today['month'];
\r
221 - $mday = $Today['mday'];
\r
222 - $year = $Today['year'];
\r
223 - $pmonth = $Today['month'];
\r
224 - $pmday = $Today['mday'];
\r
225 - $pmday = $mday-1;
\r
226 - $pyear = $Today['year'];
\r
227 - if ($pmonth=="January") { $pmonth=1; } else
\r
228 - if ($pmonth=="February") { $pmonth=2; } else
\r
229 - if ($pmonth=="March") { $pmonth=3; } else
\r
230 - if ($pmonth=="April") { $pmonth=4; } else
\r
231 - if ($pmonth=="May") { $pmonth=5; } else
\r
232 - if ($pmonth=="June") { $pmonth=6; } else
\r
233 - if ($pmonth=="July") { $pmonth=7; } else
\r
234 - if ($pmonth=="August") { $pmonth=8; } else
\r
235 - if ($pmonth=="September") { $pmonth=9; } else
\r
236 - if ($pmonth=="October") { $pmonth=10; } else
\r
237 - if ($pmonth=="November") { $pmonth=11; } else
\r
238 - if ($pmonth=="December") { $pmonth=12; };
\r
239 - $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);
\r
240 - $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";
\r
241 - $preday = strftime ("%d",$test);
\r
242 - $premonth = strftime ("%B",$test);
\r
243 - $preyear = strftime ("%Y",$test);
\r
244 - $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";
\r
246 - $aid = substr("$aid", 0,25);
\r
247 - $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));
\r
248 - $radminarticle = intval($row['radminarticle']);
\r
249 - $radminsuper = intval($row['radminsuper']);
\r
250 - $admlanguage = $row['admlanguage'];
\r
251 - if ($admlanguage != "" ) {
\r
252 - $queryalang = "WHERE alanguage='$admlanguage' ";
\r
254 - $queryalang = "";
\r
256 - $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));
\r
257 - $main_module = $row2['main_module'];
\r
259 - echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>"
\r
260 - .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>";
\r
264 - $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));
\r
265 - $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));
\r
266 - $who_online_num = $guest_online_num + $member_online_num;
\r
267 - $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";
\r
268 - $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));
\r
269 - $userCount = $row3['userCount'];
\r
270 - $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));
\r
271 - $userCount2 = $row4['userCount'];
\r
272 - echo "<center>$who_online<br>"
\r
273 - .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>";
\r
277 - echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>";
\r
279 - $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");
\r
280 - while ($row5 = $db->sql_fetchrow($result5)) {
\r
281 - $anid = intval($row5['anid']);
\r
282 - $aid = $row5['aid'];
\r
283 - $said = substr("$aid", 0,25);
\r
284 - $title = $row5['title'];
\r
285 - $time = $row5['time'];
\r
286 - $alanguage = $row5['alanguage'];
\r
287 - if ($alanguage == "") {
\r
288 - $alanguage = ""._ALL."";
\r
290 - if ($anid != "") {
\r
291 - if ($count == 0) {
\r
292 - echo "<table border=\"1\" width=\"100%\">";
\r
295 - $time = ereg_replace(" ", "@", $time);
\r
296 - if (($radminarticle==1) OR ($radminsuper==1)) {
\r
297 - if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
\r
298 - echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
\r
300 - echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
\r
303 - echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
\r
307 - if (($anid == "") AND ($count == 0)) {
\r
308 - echo "<center><i>"._NOAUTOARTICLES."</i></center>";
\r
310 - if ($count == 1) {
\r
316 - echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";
\r
317 - $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");
\r
318 - echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">";
\r
319 - while ($row6 = $db->sql_fetchrow($result6)) {
\r
320 - $sid = intval($row6['sid']);
\r
321 - $aid = $row6['aid'];
\r
322 - $said = substr("$aid", 0,25);
\r
323 - $title = $row6['title'];
\r
324 - $time = $row6['time'];
\r
325 - $topic = $row6['topic'];
\r
326 - $informant = $row6['informant'];
\r
327 - $alanguage = $row6['alanguage'];
\r
328 - $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));
\r
329 - $topicname = $row7['topicname'];
\r
330 - if ($alanguage == "") {
\r
331 - $alanguage = ""._ALL."";
\r
333 - formatTimestamp($time);
\r
334 - echo "<tr><td align=\"right\"><b>$sid</b>"
\r
335 - ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>"
\r
336 - ."</td><td align=\"center\">$alanguage"
\r
337 - ."</td><td align=\"right\">$topicname";
\r
338 - if (($radminarticle==1) OR ($radminsuper==1)) {
\r
339 - if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
\r
340 - echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"
\r
343 - echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"
\r
347 - echo "</td></tr>";
\r
351 - if (($radminarticle==1) OR ($radminsuper==1)) {
\r
353 - ."<form action=\"admin.php\" method=\"post\">"
\r
354 - .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">"
\r
355 - ."<select name=\"op\">"
\r
356 - ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>"
\r
357 - ."<option value=\"RemoveStory\">"._DELETE."</option>"
\r
359 - ."<input type=\"submit\" value=\""._GO."\">"
\r
360 - ."</form></center>";
\r
363 - $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));
\r
364 - $pollID = intval($row8['pollID']);
\r
365 - $pollTitle = $row8['pollTitle'];
\r
368 - echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";
\r
370 - include ("footer.php");
\r
381 - case "deleteNotice":
\r
382 - deleteNotice($id);
\r
385 - case "GraphicAdmin":
\r
389 - case "adminMain":
\r
394 - setcookie("admin");
\r
396 - include("header.php");
\r
398 - echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>";
\r
400 - include("footer.php");
\r
407 - $casedir = dir("admin/case");
\r
408 - while($func=$casedir->read()) {
\r
409 - if(substr($func, 0, 5) == "case.") {
\r
410 - include($casedir->path."/$func");
\r
413 - closedir($casedir->handle);
\r
423 - gfx($random_num);
\r
435 \ No newline at end of file
438 +/************************************************************************/
439 +/* PHP-NUKE: Advanced Content Management System */
440 +/* ============================================ */
442 +/* Copyright (c) 2002 by Francisco Burzi */
443 +/* http://phpnuke.org */
445 +/* This program is free software. You can redistribute it and/or modify */
446 +/* it under the terms of the GNU General Public License as published by */
447 +/* the Free Software Foundation; either version 2 of the License. */
449 +/************************************************************************/
450 +/* Additional security checking code 2003 by chatserv */
451 +/* http://www.nukefixes.com -- http://www.nukeresources.com */
452 +/************************************************************************/
454 +if ( !empty($HTTP_GET_VARS['op']) ) {
455 +$op = $HTTP_GET_VARS['op'];
458 +if ( !empty($HTTP_POST_VARS['op']) ) {
459 +$op = $HTTP_POST_VARS['op'];
462 +if(stristr($_SERVER["QUERY_STRING"],'AddAuthor') || stristr($_SERVER["QUERY_STRING"],'UpdateAuthor')) {
463 + die("Illegal Operation");
465 +$checkurl = $_SERVER['REQUEST_URI'];
467 +if ((preg_match("/\?admin/", "$checkurl")) || (preg_match("/\&admin/", "$checkurl"))) {
471 +require_once("mainfile.php");
474 +function create_first($name, $url, $email, $pwd, $user_new) {
475 + global $prefix, $db, $user_prefix;
476 + $first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
480 + $db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '0', '1', '')");
481 + if ($user_new == 1) {
482 + $user_regdate = date("M d, Y");
483 + $user_avatar = "gallery/blank.gif";
484 + $commentlimit = 4096;
485 + if ($url == "http://") { $url = ""; }
486 + $db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");
492 +$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
493 +if ($the_first == 0) {
495 + include("header.php");
496 + title("$sitename: "._ADMINISTRATION."");
498 + echo "<center><b>"._NOADMINYET."</b></center><br><br>"
499 + ."<form action=\"admin.php\" method=\"post\">"
500 + ."<table border=\"0\">"
501 + ."<tr><td><b>"._NICKNAME.":</b></td><td><input type=\"text\" name=\"name\" size=\"30\" maxlength=\"25\"></td></tr>"
502 + ."<tr><td><b>"._HOMEPAGE.":</b></td><td><input type=\"text\" name=\"url\" size=\"30\" maxlength=\"255\" value=\"http://\"></td></tr>"
503 + ."<tr><td><b>"._EMAIL.":</b></td><td><input type=\"text\" name=\"email\" size=\"30\" maxlength=\"255\"></td></tr>"
504 + ."<tr><td><b>"._PASSWORD.":</b></td><td><input type=\"password\" name=\"pwd\" size=\"11\" maxlength=\"10\"></td></tr>"
505 + ."<tr><td colspan=\"2\">"._CREATEUSERDATA." <input type=\"radio\" name=\"user_new\" value=\"1\" checked>"._YES." <input type=\"radio\" name=\"user_new\" value=\"0\">"._NO."</td></tr>"
506 + ."<tr><td><input type=\"hidden\" name=\"fop\" value=\"create_first\">"
507 + ."<input type=\"submit\" value=\""._SUBMIT."\">"
508 + ."</td></tr></table></form>";
510 + include("footer.php");
513 + case "create_first":
514 + create_first($name, $url, $email, $pwd, $user_new);
520 +require("auth.php");
522 +if(!isset($op)) { $op = "adminMain"; }
523 +$pagetitle = "- "._ADMINMENU."";
525 +/*********************************************************/
526 +/* Login Function */
527 +/*********************************************************/
531 + include ("header.php");
532 + mt_srand ((double)microtime()*1000000);
534 + $random_num = mt_rand(0, $maxran);
536 + echo "<center><font class=\"title\"><b>"._ADMINLOGIN."</b></font></center>";
540 + echo "<form action=\"admin.php\" method=\"post\">"
541 + ."<table border=\"0\">"
542 + ."<tr><td>"._ADMINID."</td>"
543 + ."<td><input type=\"text\" NAME=\"aid\" SIZE=\"20\" MAXLENGTH=\"25\"></td></tr>"
544 + ."<tr><td>"._PASSWORD."</td>"
545 + ."<td><input type=\"password\" NAME=\"pwd\" SIZE=\"20\" MAXLENGTH=\"18\"></td></tr>";
546 + if (extension_loaded("gd") AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {
547 + echo "<tr><td colspan='2'>"._SECURITYCODE.": <img src='admin.php?op=gfx&random_num=$random_num' border='1' alt='"._SECURITYCODE."' title='"._SECURITYCODE."'></td></tr>"
548 + ."<tr><td colspan='2'>"._TYPESECCODE.": <input type=\"text\" NAME=\"gfx_check\" SIZE=\"7\" MAXLENGTH=\"6\"></td></tr>";
551 + ."<input type=\"hidden\" NAME=\"random_num\" value=\"$random_num\">"
552 + ."<input type=\"hidden\" NAME=\"op\" value=\"login\">"
553 + ."<input type=\"submit\" VALUE=\""._LOGIN."\">"
554 + ."</td></tr></table>"
557 + include ("footer.php");
560 +function gfx($random_num) {
561 + global $prefix, $db;
562 + require("config.php");
563 + $datekey = date("F j");
564 + $rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $random_num . $datekey));
565 + $code = substr($rcode, 2, 6);
566 + $image = ImageCreateFromJPEG("images/admin/code_bg.jpg");
567 + $text_color = ImageColorAllocate($image, 80, 80, 80);
568 + Header("Content-type: image/jpeg");
569 + ImageString ($image, 5, 12, 2, $code, $text_color);
570 + ImageJPEG($image, '', 75);
571 + ImageDestroy($image);
575 +function deleteNotice($id) {
576 + global $prefix, $db;
578 + $db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'");
579 + Header("Location: admin.php?op=reviews");
582 +/*********************************************************/
583 +/* Administration Menu Function */
584 +/*********************************************************/
586 +function adminmenu($url, $title, $image) {
587 + global $counter, $admingraphic, $Default_Theme;
588 + $ThemeSel = get_theme();
589 + if (file_exists("themes/$ThemeSel/images/admin/$image")) {
590 + $image = "themes/$ThemeSel/images/admin/$image";
592 + $image = "images/admin/$image";
594 + if ($admingraphic == 1) {
595 + $img = "<img src=\"$image\" border=\"0\" alt=\"$title\" title=\"$title\"></a><br>";
601 + echo "<td align=\"center\" valign=\"top\" width=\"16%\"><font class=\"content\"><a href=\"$url\">$img<b>$title</b>$close<br><br></font></td>";
602 + if ($counter == 5) {
610 +function GraphicAdmin() {
611 + global $aid, $admingraphic, $language, $admin, $prefix, $db;
612 + $newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));
613 + $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle,radmintopic,radminuser,radminsurvey,radminlink,radminfaq,radmindownload,radminreviews,radminnewsletter,radminforum,radmincontent,radminency,radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
614 + $radminarticle = intval($row['radminarticle']);
615 + $radmintopic = intval($row['radmintopic']);
616 + $radminuser = intval($row['radminuser']);
617 + $radminsurvey = intval($row['radminsurvey']);
618 + $radminlink = intval($row['radminlink']);
619 + $radminfaq = intval($row['radminfaq']);
620 + $radmindownload = intval($row['radmindownload']);
621 + $radminreviews = intval($row['radminreviews']);
622 + $radminnewsletter = intval($row['radminnewsletter']);
623 + $radminforum = intval($row['radminforum']);
624 + $radmincontent = intval($row['radmincontent']);
625 + $radminency = intval($row['radminency']);
626 + $radminsuper = intval($row['radminsuper']);
628 + echo "<center><a href=\"admin.php\"><font class='title'>"._ADMINMENU."</font></a>";
630 + echo"<table border=\"0\" width=\"100%\" cellspacing=\"1\"><tr>";
631 + $linksdir = dir("admin/links");
632 + while($func=$linksdir->read()) {
633 + if(substr($func, 0, 6) == "links.") {
634 + $menulist .= "$func ";
637 + closedir($linksdir->handle);
638 + $menulist = explode(" ", $menulist);
640 + for ($i=0; $i < sizeof($menulist); $i++) {
641 + if($menulist[$i]!="") {
643 + include($linksdir->path."/$menulist[$i]");
646 + adminmenu("admin.php?op=logout", ""._ADMINLOGOUT."", "logout.gif");
647 + echo"</tr></table></center>";
652 +/*********************************************************/
653 +/* Administration Main Function */
654 +/*********************************************************/
656 +function adminMain() {
657 + global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix;
658 + include ("header.php");
660 + $Today = getdate();
661 + $month = $Today['month'];
662 + $mday = $Today['mday'];
663 + $year = $Today['year'];
664 + $pmonth = $Today['month'];
665 + $pmday = $Today['mday'];
667 + $pyear = $Today['year'];
668 + if ($pmonth=="January") { $pmonth=1; } else
669 + if ($pmonth=="February") { $pmonth=2; } else
670 + if ($pmonth=="March") { $pmonth=3; } else
671 + if ($pmonth=="April") { $pmonth=4; } else
672 + if ($pmonth=="May") { $pmonth=5; } else
673 + if ($pmonth=="June") { $pmonth=6; } else
674 + if ($pmonth=="July") { $pmonth=7; } else
675 + if ($pmonth=="August") { $pmonth=8; } else
676 + if ($pmonth=="September") { $pmonth=9; } else
677 + if ($pmonth=="October") { $pmonth=10; } else
678 + if ($pmonth=="November") { $pmonth=11; } else
679 + if ($pmonth=="December") { $pmonth=12; };
680 + $test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);
681 + $curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";
682 + $preday = strftime ("%d",$test);
683 + $premonth = strftime ("%B",$test);
684 + $preyear = strftime ("%Y",$test);
685 + $curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";
687 + $aid = substr("$aid", 0,25);
688 + $row = $db->sql_fetchrow($db->sql_query("SELECT radminarticle, radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));
689 + $radminarticle = intval($row['radminarticle']);
690 + $radminsuper = intval($row['radminsuper']);
691 + $admlanguage = $row['admlanguage'];
692 + if ($admlanguage != "" ) {
693 + $queryalang = "WHERE alanguage='$admlanguage' ";
697 + $row2 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));
698 + $main_module = $row2['main_module'];
700 + echo "<center><b>$sitename: "._DEFHOMEMODULE."</b><br><br>"
701 + .""._MODULEINHOME." <b>$main_module</b><br>[ <a href=\"admin.php?op=modules\">"._CHANGE."</a> ]</center>";
705 + $guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));
706 + $member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));
707 + $who_online_num = $guest_online_num + $member_online_num;
708 + $who_online = "<center><font class=\"option\">"._WHOSONLINE."</font><br><br><font class=\"content\">"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."<br>";
709 + $row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));
710 + $userCount = $row3['userCount'];
711 + $row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));
712 + $userCount2 = $row4['userCount'];
713 + echo "<center>$who_online<br>"
714 + .""._BTD.": <b>$userCount</b> - "._BYD.": <b>$userCount2</b></center>";
718 + echo "<center><b>"._AUTOMATEDARTICLES."</b></center><br>";
720 + $result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");
721 + while ($row5 = $db->sql_fetchrow($result5)) {
722 + $anid = intval($row5['anid']);
723 + $aid = $row5['aid'];
724 + $said = substr("$aid", 0,25);
725 + $title = $row5['title'];
726 + $time = $row5['time'];
727 + $alanguage = $row5['alanguage'];
728 + if ($alanguage == "") {
729 + $alanguage = ""._ALL."";
733 + echo "<table border=\"1\" width=\"100%\">";
736 + $time = ereg_replace(" ", "@", $time);
737 + if (($radminarticle==1) OR ($radminsuper==1)) {
738 + if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
739 + echo "<tr><td nowrap> (<a href=\"admin.php?op=autoEdit&anid=$anid\">"._EDIT."</a>-<a href=\"admin.php?op=autoDelete&anid=$anid\">"._DELETE."</a>) </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
741 + echo "<tr><td> ("._NOFUNCTIONS.") </td><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
744 + echo "<tr><td width=\"100%\"> $title </td><td align=\"center\"> $alanguage </td><td nowrap> $time </td></tr>"; /* Multilingual Code : added column to display language */
748 + if (($anid == "") AND ($count == 0)) {
749 + echo "<center><i>"._NOAUTOARTICLES."</i></center>";
757 + echo "<center><b>"._LAST." 20 "._ARTICLES."</b></center><br>";
758 + $result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");
759 + echo "<center><table border=\"1\" width=\"100%\" bgcolor=\"$bgcolor1\">";
760 + while ($row6 = $db->sql_fetchrow($result6)) {
761 + $sid = intval($row6['sid']);
762 + $aid = $row6['aid'];
763 + $said = substr("$aid", 0,25);
764 + $title = $row6['title'];
765 + $time = $row6['time'];
766 + $topic = $row6['topic'];
767 + $informant = $row6['informant'];
768 + $alanguage = $row6['alanguage'];
769 + $row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));
770 + $topicname = $row7['topicname'];
771 + if ($alanguage == "") {
772 + $alanguage = ""._ALL."";
774 + formatTimestamp($time);
775 + echo "<tr><td align=\"right\"><b>$sid</b>"
776 + ."</td><td align=\"left\" width=\"100%\"><a href=\"modules.php?name=News&file=article&sid=$sid\">$title</a>"
777 + ."</td><td align=\"center\">$alanguage"
778 + ."</td><td align=\"right\">$topicname";
779 + if (($radminarticle==1) OR ($radminsuper==1)) {
780 + if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
781 + echo "</td><td align=\"right\" nowrap>(<a href=\"admin.php?op=EditStory&sid=$sid\">"._EDIT."</a>-<a href=\"admin.php?op=RemoveStory&sid=$sid\">"._DELETE."</a>)"
784 + echo "</td><td align=\"right\" nowrap><font class=\"content\"><i>("._NOFUNCTIONS.")</i></font>"
792 + if (($radminarticle==1) OR ($radminsuper==1)) {
794 + ."<form action=\"admin.php\" method=\"post\">"
795 + .""._STORYID.": <input type=\"text\" NAME=\"sid\" SIZE=\"10\">"
796 + ."<select name=\"op\">"
797 + ."<option value=\"EditStory\" SELECTED>"._EDIT."</option>"
798 + ."<option value=\"RemoveStory\">"._DELETE."</option>"
800 + ."<input type=\"submit\" value=\""._GO."\">"
801 + ."</form></center>";
804 + $row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));
805 + $pollID = intval($row8['pollID']);
806 + $pollTitle = $row8['pollTitle'];
809 + echo "<center><b>"._CURRENTPOLL.":</b> $pollTitle [ <a href=\"admin.php?op=polledit&pollID=$pollID\">"._EDIT."</a> | <a href=\"admin.php?op=create\">"._ADD."</a> ]</center>";
811 + include ("footer.php");
822 + case "deleteNotice":
826 + case "GraphicAdmin":
835 + setcookie("admin");
837 + include("header.php");
839 + echo "<center><font class=\"title\"><b>"._YOUARELOGGEDOUT."</b></font></center>";
841 + include("footer.php");
848 + $casedir = dir("admin/case");
849 + while($func=$casedir->read()) {
850 + if(substr($func, 0, 5) == "case.") {
851 + include($casedir->path."/$func");
854 + closedir($casedir->handle);