search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
last minute modifications (2.2.0 release)
[phpns.git] / shownews.php
blob79e44434ebfb722ee87f357474b9140121b894b1
1 <?php
2
3 //error_reporting( E_ALL | E_STRICT ); //DEBUGGING, uncommment to activate
4
5 /* Copyright (c) 2007-08 Alec Henriksen
6 * phpns is free software; you can redistribute it and/or modify it under the
7 * terms of the GNU General Public Licence (GPL) as published by the Free
8 * Software Foundation; either version 2 of the Licence, or (at your option) any
9 * later version.
10 * Please see the GPL at http://www.gnu.org/copyleft/gpl.html for a complete
11 * understanding of what this license means and how to abide by it.
12 */
13
14 /* This file will need little to NO modification. All customization can be done
15 before including the file, using pre-set variables. If you need to make modifications
16 to this file, it's important to comment your code. This is obviously the most important
17 file in the system, so understanding it is important. All functions are defined here are
18 seperate from the main system (for security reasons.)
19
20 -- Alec Henriksen (http://phpns.com | http://alecwh.com)
21 */
22
23 /* Optional variables that can be called before user include:
24 * $phpns['limit'] = 1-9999
25 * $phpns['template'] = template_id
26 * $phpns['category'] (multiple) = ID Number(s) (seperated by commas (cat1, cat2, cat3))
27 * $phpns['mode'] (RSS) = RSS, XML, ATOM;
28 * $phpns['offset'] = 1-9999;
29 * $phpns['order'] = asc|desc;
30 * $phpns['sef_override'] = TRUE/FALSE;
31 * $phpns['comment_override'] = TRUE/FALSE;
32 * $phpns['static'] = TRUE/FALSE;
33 * $phpns['disable_pagination'];
34 * $phpns['items_per_page'];
35 * $phpns['always_show_extended_article'] = TRUE/FALSE;
36 * $phpns['script_link'] = 'path/to/script.php' (relative or absolute)
37 * $phpns['freeze_file'] = FILENAME;
38 */
39
40 //first, before anything, we need to check for "$phpns['freeze_file']". If it exists, skip all this stuff and just get that file.
41
42 if ($phpns['freeze_file'] && strstr($phpns['freeze_file'], 'freeze.')) {
43
44 //include freeze file!
45 include($phpns['freeze_file']);
46
47 } else { //if no freeze file, go into the article generation
48
49 //define some variables, immediately protect against injection
50
51 $phpns['do'] = htmlentities($_POST['do']);
52 if (!$phpns['do'] && !strstr($_GET['a'], 'page:')) { $phpns['id'] = htmlentities($_GET['a']); }
53 $phpns['mode'] = htmlentities($phpns['mode']);
54 $phpns['offset'] = htmlentities($phpns['offset']);
55
56 //generate current time, used globally
57 $phpns['time'] = time();
58 $phpns['ip'] = $_SERVER['REMOTE_ADDR'];
59
60 //before continuing, protect from injection
61 if ($phpns['sef_override'] == FALSE) {
62 if (!is_numeric($phpns['id']) && $phpns['id'] && $phpns['id'] != 'do=rss') {
63 $phpns['inject_error'] = '
64 <h1>stop!</h1>
65 <hr />
66 ID paramater used: <strong>'.$phpns['id'].'</strong>
67 <p>Phpns has detected a possible security breach, or a mal-formed URL. The ID paramater cannot contain a letter in non-SEF mode.</p>
68 ';
69 die($phpns['inject_error']);
70 }
71 } else {
72 //if sef is set to /, just blank it
73 $phpns['sef_slash'] = ($phpns['sef_override'] == '/') ? '' : '/';
74
75 if ($phpns['id'] && substr($phpns['id'],strlen($phpns['id'])-1,1) == '/') {
76 $phpns['id'] = substr_replace($phpns['id'] ,"",-1);
77 }
78 }
79
80 //include database information
81 @require("inc/config.php");
82 //connect.
83 $phpns['connection'] = mysql_connect($databaseinfo['host'], $databaseinfo['user'], $databaseinfo['password'])
84 or die ($error['connection']);
85 //select mysql database
86 $phpns['db'] = mysql_select_db($databaseinfo['dbname'],$phpns['connection'])
87 or die ($error['database']);
88
89 //define show_news functions, and check if functions are already defined.
90 if (!function_exists('clean_data')) {
91 function clean_data($data) {
92 if (is_array($data)) {
93 foreach ($data as $key => $value) {
94 if(ini_get('magic_quotes_gpc')) { $data[$key] = stripslashes($value); }
95 $data[$key] = htmlspecialchars($value);
96 }
97 } else {
98 if(ini_get('magic_quotes_gpc')) { $data = stripslashes($data); }
99 $data = htmlspecialchars($data, ENT_QUOTES);
100 }
101 return $data;
102 }
103 }
104 if (!function_exists('decode_data')) {
105 function decode_data($data) {
106 if (is_array($data)) {
107 foreach ($data as $key => $value) {
108 $data[$key] = htmlspecialchars_decode($value);
109 }
110 } else {
111 $data = htmlspecialchars_decode($data);
112 }
113 return $data;
114 }
115 }
116 if (!function_exists('db_fetch')) {
117 function db_fetch($query,$type,$clean=NULL) {
118 //echo '<textarea width="100%">'.$query.'</textarea>'; //debugging, this will output every query.
119 if ($clean == TRUE) {
120 $query = clean_data($query); //clean
121 }
122
123 $res = mysql_query($query) or die(mysql_error().'<br /><br />Line '.__LINE__.'<br /><br /> query: '.$query.'');
124 //return value or not?
125 if ($type == 1) { //if we want a value
126 $value = mysql_fetch_array($res) or die('fetch array failed, line: '.__LINE__.', query: '.$query.'<p>'.mysql_error().'');
127 return $value;
128 } else {
129 return $res;
130 }
131 }
132 }
133 if (!function_exists('db_insert')) {
134 function db_insert($query) {
135 //sql construction
136 $insert_res = mysql_query($query) or die(mysql_error());
137 $affected = mysql_affected_rows();
138 return $affected;
139 }
140 }
141 if (!function_exists('fetch_template')) {
142 function fetch_template() { //figure out default template, or use a user defined one.
143 global $databaseinfo; //for table prefix
144 global $phpns;
145
146 if (!$phpns['template']) { //if template is not defined by pre-var include... get default
147 $res = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."templates WHERE template_selected='1' LIMIT 1", 1);
148 return $res; //return default template (changeable in preferences)
149 } else {
150 $res = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."templates WHERE id='".$phpns['template']."' LIMIT 1", 1);
151 return $res;
152 }
153 }
154 }
155 if (!function_exists('translate_item')) {
156 function translate_item($item,$template,$type) {
157 /*
158 HTML_ARTICLE:
159 {title} = article title
160 {subtitle} = subtitle
161 {date} = timestamp/date
162 {main_article} = main article
163 {extended_article} = full story
164 {image} = article image
165 {author} = author
166 {article_href} = the link to the article, but the actual href value
167 {reddit} = reddit social networking link
168 {digg} = digg social networking link
169 HTML_COMMENT
170 {author} = comment author
171 {website} = website
172 {comment} = comment
173 {date} = comment date
174 {ip} = comment ip address
175 HTML_FORM:
176 {action} = value that goes inside the <form>
177 {hidden_data} = required value somewhere inside the <form>
178 {captcha_question} = In plain text, the question
179 {captcha_answer} = The answer encoded and passed through <form>
180
181 */
182 global $phpns; //for various things
183 global $databaseinfo; //for table prefix
184
185 $template = decode_data($template);
186
187 if ($type == "html_article") { //if we are working with the html_article
188 //change back from htmlspecialchars to htmlspecialchars_decode, and define some other vars
189 $item = decode_data($item);
190 $item['timestamp'] = date($phpns['timestamp_format']['v3'], $item['timestamp']);
191
192 if ($phpns['sef_override'] == TRUE) {
193 //apply the safe url
194 $url = 'http://'.$_SERVER['SERVER_NAME'].$phpns['sef_slash'].$phpns['sef_override'].$item['article_sef_title'];
195 } else {
196 if ($phpns['script_link']) {
197 $url = $phpns['script_link'].'?a='.$item['id'];
198 } else {
199 $url = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'?a='.$item['id'];
200 }
201 }
202 $template = str_replace('{title}', $item['article_title'], $template);
203 $template = str_replace('{id}', $item['id'], $template);
204 $template = str_replace('{sub_title}', $item['article_subtitle'], $template);
205 $template = str_replace('{main_article}', $item['article_text'], $template);
206
207 if ($phpns['always_show_extended_article'] == TRUE) { $template = str_replace('{extended_article}', $item['article_exptext'], $template); }
208
209 if ($phpns['id'] && $phpns['disable_extended_article'] != TRUE) { $template = str_replace('{extended_article}', $item['article_exptext'], $template); } else { $template = str_replace('{extended_article}', '', $template); }
210
211 //replace image location (note: not image itself!)
212 $template = str_replace('{image_location}', $item['article_imgid'], $template);
213
214 //if there is an image
215 if ($item['article_imgid']) { $template = str_replace('{image}', '<img src="'.$item['article_imgid'].'" alt="'.$item['article_title'].'" title="'.$item['article_title'].'" />', $template); } else { $template = str_replace('{image}', '', $template); }
216 $template = str_replace('{date}', $item['timestamp'], $template);
217 $template = str_replace('{author}', $item['article_author'], $template);
218
219 //construct href for a
220 $template = str_replace('{article_href}', $url, $template);
221
222 //reddit, digg, del.icio.us buttons
223 $template = str_replace('{reddit}', '
224 <script>reddit_url=\''.$url.'\'</script>
225 <script>reddit_title=\''.$item['article_title'].'\'</script>
226 <script language="javascript" src="http://reddit.com/button.js?t=2"></script>
227 ', $template);
228
229 //digg_url = \''.$url.'\'; is the real one
230 $template = str_replace('{digg}', '
231 <script type="text/javascript">
232 digg_url = \''.$url.'\';
233 digg_bgcolor = \'transparent\';
234 </script>
235 <script src="http://digg.com/tools/diggthis.js" type="text/javascript"></script>
236 ', $template);
237
238 //comment numeric representations
239 $comment_num = db_fetch('SELECT COUNT(*) FROM '.$databaseinfo['prefix'].'comments WHERE article_id='.$item['id'].'',1,FALSE);
240 $template = str_replace('{comment_count}', $comment_num[0], $template);
241 return $template;
242 } elseif ($type == "html_comment") {
243 $item['timestamp'] = date($phpns['timestamp_format']['v3'], $item['timestamp']);
244 $item['comment_text'] = nl2br($item['comment_text']);
245 $template = str_replace('{author}', $item['comment_author'], $template);
246 $template = str_replace('{id}', $item['id'], $template);
247 $template = str_replace('{timestamp}', $item['timestamp'], $template);
248 $template = str_replace('{comment}', $item['comment_text'], $template);
249 $template = str_replace('{website}', $item['website'], $template);
250 $template = str_replace('{ip}', $item['ip'], $template);
251 $template = str_replace('{admin}', '', $template);
252 return $template;
253
254
255 } elseif ($type == "html_form") {
256 @require("inc/captcha.php"); //require captcha info
257 //if SEF urls, we write a SEF url. ;) IF NOT, regular ?$phpns['id']
258 if ($phpns['sef_override'] == TRUE) {
259 $url = 'http://'.$_SERVER['SERVER_NAME'].$phpns['sef_slash'].$phpns['sef_override'].$phpns['article_sef_title'];
260 } else {
261 $url = '?a='.$phpns['id'];
262 }
263 //captcha determination
264 $captcha['question'] = array_rand($captcha);
265 $captcha['answer'] = base64_encode($captcha[$captcha['question']] + (60-20));
266 //start translation for the html comment form
267 $template = str_replace('{action}', $url, $template);
268 $template = str_replace('{captcha_question}', $captcha['question'], $template);
269 $template = str_replace('{captcha_answer}', '<input type="hidden" name="captcha_answer" value="'.$captcha['answer'].'" />', $template);
270 $template = str_replace('{hidden_data}', '<input type="hidden" name="id" value="'.$phpns['id'].'" />', $template);
271 return $template;
272
273 } elseif ($type == "html_pagination") { //pagination template
274
275 if ($item['previous']) {$template = str_replace('{previous_page}', '?a=page:'.$item['previous'], $template); } else { $template = str_replace('{previous_page}', '', $template); }
276 if ($item['next']) {$template = str_replace('{next_page}', '?a=page:'.$item['next'], $template); } else { $template = str_replace('{next_page}', '', $template); }
277 $template = str_replace('{middle_pages}', $item['middle'], $template);
278 return $template;
279
280 } elseif ($type == "rss") { //we translate each item with RSS syntax. <item>s and such.
281 if (!$phpns['script_link']) {
282 $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['PHP_SELF']);
283 $url = 'http://'.$_SERVER['SERVER_NAME'].$phpns['sef_slash'].$phpns['sef_override'];
284 if (strstr($_SERVER['PHP_SELF'], 'etc.php')) {
285 $url = $url.'/article.php?do=edit&amp;id='.$item['id'].'';
286 $rss_link = $url;
287 } else {
288 if ($phpns['sef_override']) {
289 $rss_link = $url.''.$item['article_sef_title'].'';
290 } else {
291 $rss_link = $url.'?a='.$item['id'].'';
292 }
293 }
294 } else {
295 $rss_link = $phpns['script_link'].'?'.$item['id'].'';
296 }
297
298 $item['timestamp'] = date(DATE_RSS, $item['timestamp']);
299
300 $template = '
301 <item>
302 <title>'.$item['article_title'].'</title>
303 <author>'.$item['article_author'].'</author>
304 <category>'.$item['article_cat'].'</category>
305 <pubDate>'.$item['timestamp'].'</pubDate>
306 <link>'.$rss_link.'</link>
307 <description>'.$item['article_text'].'</description>
308 </item>';
309 return $template; //return template
310 } elseif ($type == "atom") {
311 if (!$phpns['script_link']) {
312 $url = 'http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['PHP_SELF']);
313 $url = 'http://'.$_SERVER['SERVER_NAME'].$phpns['sef_slash'].$phpns['sef_override'];
314 if (strstr($_SERVER['PHP_SELF'], 'etc.php')) {
315 $url = $url.'/article.php?do=edit&amp;id='.$item['id'].'';
316 $rss_link = $url;
317 } else {
318 if ($phpns['sef_override']) {
319 $rss_link = $url.''.$item['article_sef_title'].'';
320 } else {
321 $rss_link = $url.'?a='.$item['id'].'';
322 }
323 }
324 } else {
325 $rss_link = $phpns['script_link'].'?'.$item['id'].'';
326 }
327
328 $item['timestamp'] = date(DATE_ATOM, $item['timestamp']);
329
330 $template = '
331 <entry>
332 <title>'.$item['article_title'].'</title>
333 <author><name>'.$item['article_author'].'</name></author>
334 <published>'.$item['timestamp'].'</published>
335 <link href="'.$atom_link.'"/>
336 <id>'.$item['id'].'</id>
337 <updated>'.$item['timestamp'].'</updated>
338 <summary>'.$item['article_text'].'</summary>
339 </entry>';
340 return $template;
341 }
342 }
343 }
344 //check to see if the system is online. If yes, we continue, if no, well... no. ;)
345 $phpns['siteonline'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='line'",1,FALSE);
346 if ($phpns['siteonline']['v1'] == 'no') {
347 die('<div class="disabled_message">The administrator has disabled the news system.</div>');
348 }
349 $phpns['banned'] = db_fetch("SELECT ip, reason FROM ".$databaseinfo['prefix']."banlist",0);
350 while ($phpns['ip'] = mysql_fetch_assoc($phpns['banned'])) {
351 if ($phpns['ip']['ip'] == $_SERVER['REMOTE_ADDR']) {
352 die("<strong>You have been banned from viewing this article system.</strong>
353 <p>Reason: ".$phpns['ip']['reason']."</p>
354 ");
355 }
356 }
357
358 //timestamp format fetch
359 $phpns['timestamp_format'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='timestamp_format'",1,FALSE);
360
361 //fetch template. :)
362 $phpns['template'] = fetch_template();
363
364 //before anything else, we're going to detect if there is post data, and if there is, we'll insert the db. If there is no post data, just pass over this.
365 if ($_POST && $phpns['static'] != TRUE) {
366
367 //IF THERE IS POST DATA, then we're submitting the form. We need to clean data.
368 $phpns['comment'] = clean_data($_POST);
369
370 //set the continue to yes.
371 $phpns['comment_continue'] = TRUE;
372
373 //validate data (regex for email)
374 if (!$phpns['comment']['name'] || !$phpns['comment']['email'] || !$phpns['comment']['comment'] || !preg_match("/^[A-Za-z0-9_-]+@[A-Za-z0-9_-]+\.([A-Za-z0-9_-][A-Za-z0-9_]+)$/", $phpns['comment']['email'])) {
375 $phpns['comment_error'] = 'You need to enter all required fields, and a valid email. Press back to try again.';
376 $phpns['comment_continue'] = FALSE;
377 }
378
379 if (!$phpns['def_comlimit']) { $phpns['def_comlimit'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_comlimit'",1); $phpns['def_comlimit'] = $phpns['def_comlimit']['v3']; }
380
381 if (strlen($phpns['comment']['comment']) >= $phpns['def_comlimit']) {
382 $phpns['comment_continue'] = FALSE;
383 $phpns['comment_error'] .= 'Your comment exceeded the character limit ('.$phpns['def_comlimit'].').';
384 }
385
386 if ($phpns['comment']['captcha'] != base64_decode($phpns['comment']['captcha_answer'])-(60-20) || !$phpns['comment']['captcha']) {
387 $phpns['comment_continue'] = FALSE;
388 $phpns['comment_error'] .= ' The captcha answer was incorrect. Press "back" on your browser to try again.';
389 }
390 if ($phpns['sef_override'] == TRUE) {
391 $phpns['sef']['title_id'] = str_replace('-', ' ', $phpns['comment']['id']);
392 $article_id = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."articles WHERE article_title='".$phpns['sef']['title_id']."'",1);
393 $article_id = $article_id['id'];
394 } else {
395 $article_id = $phpns['comment']['id'];
396 }
397
398
399 //if comment_id is not numeric, kill with message
400 if (!is_numeric($phpns['comment']['id']) && $phpns['sef_override'] == FALSE) { die("non-numeric form id, invalid information."); }
401 if ($phpns['comment_continue'] == TRUE) {
402 $phpns['ip'] = $_SERVER['REMOTE_ADDR'];
403 $insert = db_insert('INSERT INTO '.$databaseinfo['prefix'].'comments (article_id,comment_text,comment_author,website,timestamp,approved,ip) VALUES ("'.$article_id.'","'.$phpns['comment']['comment'].'","'.$phpns['comment']['name'].'","'.$phpns['comment']['website'].'","'.$phpns['time'].'","1","'.$phpns['ip'].'")');
404 } else {
405 $phpns['content'] .= '<div class="warning">'.$phpns['comment_error'].'</div>';
406 }
407 }
408
409
410
411
412 /*
413 ACTUAL CONTENT GENERATION.
414 If there is no $phpns['do'], we're not using RSS or ATOM, and there is no specific $phpns['id'], we display the list.
415 */
416
417 if (((!$phpns['do'] || $phpns['do'] == 'rss') && (!$phpns['id'] || $phpns['id'] == 'do=rss')) || $phpns['static'] == TRUE) { //if no defined action, show news as it is meant to be displayed.
418 //gather some important variables from db.
419 if ($phpns['category']) { $phpns['category'] = 'WHERE article_cat IN ('.$phpns['category'].',\'all\') &&'; } else { $phpns['category'] = "WHERE"; }
420 if (!$phpns['offset']) { $phpns['offset'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_offset'",1); $phpns['offset'] = $phpns['offset']['v1']; } $phpns['original_offset'] = $phpns['offset']; //to be used later...
421 if (!$phpns['limit']) { $phpns['limit'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_limit'",1); $phpns['limit'] = $phpns['limit']['v1']; }
422 if (!$phpns['order']) { $phpns['order'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_order'",1); $phpns['order'] = $phpns['order']['v1']; }
423 if (!$phpns['items_per_page']) { $phpns['items_per_page'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_items_per_page'",1); $phpns['items_per_page'] = $phpns['items_per_page']['v1']; }
424
425 /* Pagination management:
426 phpns works by using QUERY_STRING like this: filename.php?page:1
427 So, if no page is defined, we're going to default to 1. */
428
429 if (strstr($_GET['a'], "page:") && $phpns['static'] != TRUE) {
430 //get the current page from the URI.
431 $phpns['current_page'] = str_replace('page:','', $_GET['a']);
432 }
433
434 //if the string is empty, we assume page 1.
435 if (!is_numeric($phpns['current_page']) && !$phpns['current_page']) {
436 $phpns['current_page'] = 1;
437 }
438
439 //added this to balance problems in dealing with larger items_per_page than the limit itself. Works so far. =)
440 if ($phpns['items_per_page'] > $phpns['limit']) {
441 $phpns['items_per_page'] = $phpns['limit'];
442 }
443
444 if ($phpns['current_page'] == 1) {
445 //determine offset
446 $phpns['offset'] = ($phpns['current_page'] * $phpns['items_per_page'] - ($phpns['items_per_page'])) + $phpns['offset'];
447 } else {
448 $phpns['offset'] = ($phpns['current_page'] * $phpns['items_per_page'] - ($phpns['items_per_page']));
449 }
450
451
452
453 //MODE MODIFICATION
454 if ($phpns['mode'] == "rss" || $phpns['mode'] == "atom") {
455 //rss online?
456 $phpns['enabled'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_rssenabled'",1);
457 $phpns['enabled'] = $phpns['enabled']['v1'];
458
459 if ($phpns['enabled'] == FALSE) {
460 die("RSS is not enabled.");
461 }
462
463 //fetch rss limit
464 $phpns['limit'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_rsslimit'",1);
465 $phpns['limit'] = $phpns['limit']['v3'];
466 //fetch rss order
467 $phpns['order'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_rssorder'",1);
468 $phpns['order'] = $phpns['order']['v1'];
469
470 $phpns['items_per_page'] = $phpns['limit'];
471 }
472
473 if ($phpns['mode'] == NULL) {
474 //form count query, then figure out the total amount of rows in the news generation (including all pages)
475 $phpns['fetch_news_count'] = db_fetch("
476 SELECT * FROM ".$databaseinfo['prefix']."articles
477 ".$phpns['category']."
478 active='1' AND approved='1'
479 LIMIT ".$phpns['original_offset'].",".$phpns['limit']."
480 ", 0);
481 $phpns['total_news_count'] = mysql_num_rows($phpns['fetch_news_count']);
482 }
483 //forming actual news query.
484 $phpns['fetch_news'] = db_fetch("
485 SELECT * FROM ".$databaseinfo['prefix']."articles
486 ".$phpns['category']."
487 active='1' AND approved='1'
488 ORDER BY timestamp ".$phpns['order']."
489 LIMIT ".$phpns['offset'].",".$phpns['items_per_page']."
490 ", 0);
491
492 //pagination determinaion continuation =)
493
494
495 while ($phpns['row'] = mysql_fetch_assoc($phpns['fetch_news'])) { //start fetch loop
496
497 //if start time is greater than current time, and end time is less than current time, show.
498 if (($phpns['row']['start_date'] <= $phpns['time'] || $phpns['row']['start_date'] == NULL) && ($phpns['row']['end_date'] >= $phpns['time'] || $phpns['row']['end_date'] == NULL)) {
499
500 //put into $phpns['items'] if rss mode, else just $phpns['content']
501 if ($phpns['mode'] == 'rss' || $phpns['mode'] == 'atom') {
502 $phpns['returned_data'] = translate_item($phpns['row'], $phpns['template']['html_article'], ''.$phpns['mode'].''); //translate into template
503 $phpns['items'] .= $phpns['returned_data'];
504 } else {
505 $phpns['returned_data'] = translate_item($phpns['row'], $phpns['template']['html_article'], 'html_article'); //translate into template
506 $phpns['content'] .= $phpns['returned_data'];////////////////////
507 }
508
509 }
510 }
511
512 if (!$phpns['mode'] && $phpns['disable_pagination'] != TRUE) {
513
514 //find the total number of pages
515 $phpns['pages']['page_num'] = ceil($phpns['total_news_count'] / $phpns['items_per_page']);
516
517 //generate previous page link
518 if ($phpns['current_page'] > 1) {
519 $phpns['page']['previous'] = $phpns['current_page'] - 1;
520 }
521
522 //generate next page link
523 if ($phpns['current_page'] < $phpns['pages']['page_num']) {
524 $phpns['page']['next'] = $phpns['current_page'] + 1;
525 }
526
527 //generate middle pages
528 for($phpns['i'] = 1; $phpns['i'] <= $phpns['pages']['page_num']; $phpns['i']++){
529 if ($phpns['i'] == $phpns['current_page']) {
530 $phpns['page']['middle'] = $phpns['page']['middle'] . "\n".'<span class="pagination page_link_'.$phpns['i'].'"><a>'.$phpns['i'].'</a></span> ';
531 } else {
532 $phpns['page']['middle'] = $phpns['page']['middle'] . "\n".'<span class="pagination page_link_'.$phpns['i'].'"><a href="?a=page:'.$phpns['i'].'">'.$phpns['i'].'</a></span> ';
533 }
534 }
535
536 //add pagination links to content
537 $phpns['content'] .= translate_item($phpns['page'], $phpns['template']['html_pagination'], 'html_pagination');
538 }
539
540 } elseif ($phpns['id'] && !$phpns['mode'] && $phpns['static'] != TRUE) { //if we're dealing with singles, and the admin wants single articles to be displayed....
541 if (!$phpns['comment_override']) { $phpns['allow_com'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_comenabled'",1); } else { $phpns['allow_com'] = TRUE; }
542 //if SEF URLs are enabled, we need to change a few things, and make it search for titles instead of id
543
544 if ($phpns['sef_override'] == TRUE) {
545 $phpns['sef']['title_id'] = str_replace('-', ' ', $phpns['id']);
546 $phpns['where_spec'] = "article_title='".$phpns['sef']['title_id']."'";
547 } else {
548 $phpns['where_spec'] = "id='".$phpns['id']."'";
549 }
550
551 //forming actual news query.
552 $phpns['fetch_news'] = db_fetch("
553 SELECT * FROM ".$databaseinfo['prefix']."articles
554 WHERE
555 active='1' AND approved='1' AND ".$phpns['where_spec']." LIMIT 1
556 ", 0);
557 //we're checking how many results were retrieved. If none, we set an error message and display it.
558 if (mysql_num_rows($phpns['fetch_news']) == 0) {
559
560 //set the error message, and display it.
561 $phpns['error_message'] = '<div class="error_message">The article/page requested ('.$phpns['id'].' | '.$phpns['sef']['title_id'].') does not exist.</div>';
562 $phpns['content'] .= $phpns['error_message'];
563
564 } else { //if there IS an article, we proceed. =)
565 while ($phpns['row'] = mysql_fetch_assoc($phpns['fetch_news'])) { //start fetch loop
566 if ($phpns['time'] >= $phpns['row']['start_date'] || $phpns['time'] <= $phpns['row']['end_date'] || $phpns['row']['start_date'] == NULL || $phpns['row']['end_date'] == NULL) { //if we're set for time landings
567 $phpns['allow_com']['article_specific'] = $phpns['row']['allow_comments'];
568 $phpns['returned_data'] = translate_item($phpns['row'], $phpns['template']['html_article'], 'html_article'); //translate into template
569 $phpns['content'] .= $phpns['returned_data'];
570 //if rss, we have to write it to $phpns['items']
571 }
572
573 }
574 //echo var_dump($phpns['allow_com']); //debug
575 //now, we generate comments for this specific article IF they are enabled
576 if ($phpns['allow_com']['v1'] == TRUE) {
577
578 //get order preference from db
579 $phpns['def_comorder'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_comorder'",1);
580
581 if ($phpns['sef_override'] == TRUE) {
582 $phpns['sef']['title_id'] = str_replace('-', ' ', $phpns['id']);
583 $phpns['sef_article_id'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."articles WHERE article_title='".$phpns['sef']['title_id']."'",1);
584 $phpns['fetch_com_res'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."comments WHERE article_id='".$article_id['id']."' AND approved='1' ORDER BY id ".$phpns['def_comorder']['v1']."", 0);
585 } else {
586 $phpns['fetch_com_res'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."comments WHERE article_id='".$phpns['id']."' AND approved='1' ORDER BY id ".$phpns['def_comorder']['v1']."", 0);
587 }
588
589 //define refer_id as 0
590 $phpns['row']['refer_id'] = 0;
591 //for each row (or comment) generated, we translate the item and assign it to $phpns['content']
592 while ($phpns['row'] = mysql_fetch_assoc($phpns['fetch_com_res'])) {
593 $phpns['row']['refer_id'] = $phpns['row']['refer_id'] + 1;
594 $phpns['comment_list'] .= translate_item($phpns['row'], $phpns['template']['html_comment'], 'html_comment');
595 }
596 }
597 //assign $phpns['comment_list'] to $phpns['content']
598 $phpns['content'] .= $phpns['comment_list'];
599
600 //translate html comment form, then add it to the end of $phpns['content'], if comments are enabled
601 if (($phpns['allow_com']['v1'] == TRUE && $phpns['allow_com']['article_specific'] == 1 && $phpns['static'] != TRUE) || $phpns['comment_override'] == TRUE && $phpns['static'] != TRUE) {
602 $phpns['form_template'] = translate_item('', $phpns['template']['html_form'], 'html_form');
603 } else {
604 $phpns['form_template'] = '';
605 }
606 //add it to $phpns['content'] ($phpns['form_template'] will be empty if comments are not enabled)
607 $phpns['content'] .= '
608 '.$phpns['form_template'];
609 } //end of the ELSEIF of mysql_num_rows (there were results...)
610
611 } //end main if
612
613
614 //if we have a mode enabled (rss or atom....) then lets fetch some global data
615 if ($phpns['mode']) {
616 $rss['title'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_rsstitle'",1);
617 $rss['desc'] = db_fetch("SELECT * FROM ".$databaseinfo['prefix']."gconfig WHERE name='def_rssdesc'",1);
618 }
619
620 if ($phpns['mode'] == 'rss') { //we generate the header information
621 header('Content-Type: text/xml; charset=utf-8');
622
623 $phpns['content'] .= '<?xml version="1.0" encoding="UTF-8"?>
624 <rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/">
625 <channel>
626 <title>'.$rss['title']['v3'].'</title>
627 <link>http://'.$_SERVER['SERVER_NAME'].'</link>
628 <description>'.$rss['desc']['v3'].'</description>
629 '.$phpns['items'].'
630 </channel>
631 </rss>';
632 } elseif ($phpns['mode'] == "atom") {
633 header('Content-Type: text/xml; charset=utf-8');
634 $phpns['content'] .= '<?xml version="1.0" encoding="utf-8"?>
635 <feed xmlns="http://www.w3.org/2005/Atom">
636 <link href="http://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF'].'" rel="self"/>
637 <link href="http://'.$_SERVER['SERVER_NAME'].'"/>
638 <id>'.$_SERVER['SERVER_NAME'].'</id>
639 <updated>'.date(DATE_ATOM).'</updated>
640
641 '.$phpns['items'].'
642
643 </feed>';
644
645 }
646
647 //if viewing shownews.php directly
648 if (strstr($_SERVER['PHP_SELF'], "shownews.php")) {
649 echo "<p><strong>You are viewing the shownews.php file directly! You probably want to include this file, instead of just directly linking to it.</strong> For a HOWTO, see <a href=\"help.php\">the help/manual file.</a></p>";
650 }
651
652 echo $phpns['content']; //and... finally post the content
653
654
655
656 //if no $phpns['content'], something was wrong. Just display a friendly message....
657 if (!$phpns['content']) {
658 echo "<h2>Blank.</h2>
659 <p>For some reason, there was no output in the shownews.php file. Either (a) no articles are active, or (b) the template that is being used is empty.</p>";
660 }
661 } //end everything (this is the end to the freeze file if)
662
663 //unset the $phpns variable, swiping all data.
664 unset($phpns);
665
666 ?>
Phpns is a free and open source PHP news system.