search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
inital git commit
[phpns.git] / preferences.php
blob7f3067a5fd4281690e85a19f3cc0cbffc3bbce10
1 <?php
2
3 /* Copyright (c) 2007-08 Alec Henriksen
4 * phpns is free software; you can redistribute it and/or modify it under the
5 * terms of the GNU General Public Licence (GPL) as published by the Free
6 * Software Foundation; either version 2 of the Licence, or (at your option) any
7 * later version.
8 * Please see the GPL at http://www.gnu.org/copyleft/gpl.html for a complete
9 * understanding of what this license means and how to abide by it.
10 */
11 include("inc/init.php");
12
13 include("inc/header.php");
14 $do = $_GET['do'];
15
16 //quick permission check (redir to error)
17 if ($globalvars['rank'][6] == 0) {
18 header("Location: index.php?do=permissiondenied");
19 die();
20 }
21
22 if (!$do) { //just display the selection menu
23 $globalvars['page_name'] = "preferences";
24 $content = '
25 <h3>News display options</h3>
26 <div id="columnright">
27 <ul>
28 <li><a href="?do=sef">search engine friendly urls</a></li>
29 <li><a href="?do=comments">comment options</a></li>
30 <li><a href="?do=ban">ban options</a></li>
31 <li><a href="?do=wizard">integration wizard</a></li>
32 </ul>
33 </div>
34 <ul>
35 <li><a href="?do=display">general display options</a></li>
36 <li><a href="?do=categories">category management</a></li>
37 <li><a href="?do=templates">template management</a></li>
38 <li><a href="?do=feed">feed management</a></li>
39 <li><a href="?do=freeze">freezing/cache management</a></li>
40 </ul>
41 <h3>Editing/System options</h3>
42 <div id="columnright">
43 <ul>
44 <li><a href="?do=themes">theme options</a></li>
45 <li><a href="?do=wysiwyg">WYSIWYG editor</a></li>
46 <li><a href="?do=timestamp">timestamp options</a></li>
47 </ul>
48 </div>
49 <ul>
50 <li><a href="?do=syslog">system log</a></li>
51 <li><a href="?do=backup">database backup</a></li>
52 <li><a href="?do=line">online/offline options</a></li>
53 </ul>
54 <h3>User options</h3>
55 <div id="columnright">
56 <ul>
57 <li><a href="user.php?do=ranks">rank management</a></li>
58 </ul>
59 </div>
60 <ul>
61 <li><a href="user.php?do=loginrec&amp;action=delall" onClick="return confirm(\'Are you sure you want to delete all login records?\');">delete login records</a></li>
62 </ul>
63
64 <h3>Misc options</h3>
65 <ul>
66 <li><a href="?do=globalmessage">global message</a></li>
67 </ul>';
68 } elseif ($do == "categories") { //if category
69 $action = $_GET['action'];
70 //if create new category
71 if ($action == "new") { //if new category
72 $data = $_POST;
73 if (empty($data['name'])) {
74 $proceed = "no";
75 $error_messages = '<ol class="warning"><li>A name is required for the category!</li></ol>';
76 }
77 //execute SQL function if no errors
78 if ($proceed != "no") {
79 new_category($data,$_SESSION['username']);
80 unset($data);
81
82 //success message
83 $success .= '<div class="success">The category has been successfully created.</div>';
84 }
85
86 } elseif($action == "deleteitems") {
87 $items = $_POST; //get vars
88
89 //unset post data move_cat so we can get a clean collection of #s
90 unset($items['move_cat']);
91 $move_cat = $_POST['move_cat'];
92
93 if (!$items) { //if no items, avoid mysql error by just redirecting
94 header("Location: preferences.php?do=categories");
95 }
96
97 foreach($items as $key=>$value) { //create list of ids to be deleted
98 $items_f = $items_f."'$value',";
99 }
100 $items_f = substr_replace($items_f,"",-1); //remove last comma in list for SQL
101
102 $res = general_query("DELETE FROM ".$databaseinfo['prefix']."categories WHERE id IN (".$items_f.")"); //delete all records where the id is in the list
103
104 //log the deletion
105 log_this('delete_categories','User <i>'.$_SESSION['username'].'</i> has <strong>deleted</strong> the following categories (ID(s)): '.$items_f.'');
106
107 //form sql for deletion of sub cats
108 $res_subdel = general_query("DELETE FROM ".$databaseinfo['prefix']."categories WHERE cat_parent IN (".$items_f.")"); //delete all records where the id is in the list
109 //move items to selected cateogry
110 $res_m = general_query('UPDATE '.$databaseinfo['prefix'].'articles SET article_cat="'.$move_cat.'" WHERE article_cat IN ('.$items_f.')');
111 header("Location: preferences.php?do=categories&delete_success=1");
112 }
113 $globalvars['page_name'] = "categories";
114 $globalvars['page_image'] = "preferences";
115 $data['cat_list'] = gen_categories('option','top');
116 $table_rows = gen_categories('row','');
117 $move_selected = gen_categories('option','');
118
119 if ($_GET['delete_success']) {
120 $success .= '<div class="success">The item(s) have been successfully deleted.</div>';
121 }
122
123 $content = '
124 '.$error_messages.'
125 '.$success.'
126 <h3>Create new category</h3>
127 <div class="form">
128 <form action="preferences.php?do=categories&amp;action=new" method="post">
129 <label for="name">Category name</label><input type="text" id="category_name" name="name" maxlength="100" /> <input type="submit" value="Create category" id="submit" onclick="javascript:document.getElementById(\'submit\').disabled=true" /><br />
130 <label for="description">Description</label><input type="text" id="category_desc" name="description" value="'.$data['description'].'" maxlength="1000" /><br />
131 <label for="parent">Parent</label>
132 <select name="parent">
133 <option value="">None</option>
134 <optgroup label="Categories">
135 '.$data['cat_list'].'
136 </optgroup>
137 </select>
138 </form>
139 </div>
140 <h3>Category list</h3>
141 <form action="preferences.php?do=categories&amp;action=deleteitems" method="post">
142 <table style="text-align: left; width: 100%;" border="1"
143 cellpadding="3" cellspacing="2">
144 <tbody>
145 <tr class="toprow">
146 <td><strong>ID</strong></td>
147 <td><strong>Name</strong></td>
148 <td><strong>Parent (?)</strong></td>
149 <td><strong>Description</strong></td>
150 <td><strong>Date</strong></td>
151 <td style="width: 10px; text-align: center;"><strong><input type="checkbox" onClick="Checkall(this.form);" /></strong></td>
152 </tr>
153 '.$table_rows.'
154 </tbody>
155 </table>
156 <div style="text-align: right;">
157 Move items from categories (that will be deleted) to: <select id="move_cat" name="move_cat" style=" margin: 0; width: 250px;">
158 '.$move_selected.'
159 </select>
160 <input type="submit" id="submit" value="Delete Selected" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
161 </div>
162 </form>
163 ';
164
165 } elseif ($do == "display") { //if displaly options
166 //define page name and image
167 $globalvars['page_name'] = "display options";
168 $globalvars['page_image'] = "preferences";
169
170 if ($_GET['action'] == "update") {
171 change_config('def_limit',$_POST['def_limit']);
172 change_config('def_offset',$_POST['def_offset']);
173 change_config('timestamp_format',$_POST['timestamp_format']);
174 change_config('def_order',$_POST['def_order']);
175 change_config('def_items_per_page',$_POST['def_items_per_page']);
176 $error_message = '<div class="success">Your preferences have been saved.</div>';
177
178 //log the change
179 log_this('display_config','User <i>'.$_SESSION['username'].'</i> has <strong>edited</strong> the default display options');
180 }
181
182 //generate gconfig values
183 $timestamp_format = load_config('timestamp_format');
184 $def_offset = load_config('def_offset');
185 $def_items_per_page = load_config('def_items_per_page');
186 $def_limit = load_config('def_limit');
187 $def_order = load_config('def_order');
188
189 if ($def_order['v1'] == "desc") {
190 $def_order_display = "Descending";
191 } elseif ($def_order['v1'] == "asc") {
192 $def_order_display = "Ascending";
193 }
194
195 $content = '
196 '.$error_message.'
197 <h3>Display options</h3>
198 <div class="form">
199 <form action="preferences.php?do=display&amp;action=update" method="post">
200 <div id="columnright">
201 <br />
202 <label for="def_limit">Display limit</label>
203 <select name="def_limit">
204 <optgroup label="Selected:">
205 <option selected="selected" value="'.$def_limit['v1'].'">'.$def_limit['v1'].'</option>
206 </optgroup>
207 <optgroup label="Choose a limit:">
208 <option>1</option>
209 <option>2</option>
210 <option>3</option>
211 <option>5</option>
212 <option>10</option>
213 <option>15</option>
214 <option>20</option>
215 <option>30</option>
216 <option>50</option>
217 <option>100</option>
218 <option>200</option>
219 <option>500</option>
220 <option>1000</option>
221 </optgroup>
222 </select>
223 <br />
224 <label for="def_order">Article order</label>
225 <select name="def_order">
226 <optgroup label="Selected:">
227 <option selected="selected" value="'.$def_order['v1'].'">'.$def_order_display.'</option>
228 </optgroup>
229 <optgroup label="Choose an order:">
230 <option value="asc">Ascending</option>
231 <option value="desc">Descending</option>
232 </optgroup>
233 </select>
234 </div>
235
236 <label for="def_offset">Display offset</label>
237 <input type="text" name="def_offset" value="'.$def_offset['v1'].'" style="width: 50px" maxlength="17" />
238 <br />
239 <label for="def_items_per_page">Items per page</label>
240 <input type="text" name="def_items_per_page" value="'.$def_items_per_page['v1'].'" style="width: 50px" maxlength="17" />
241 <br />
242 <label for="timestamp_format">Date format</label>
243 <input type="text" name="timestamp_format" value="'.$timestamp_format['v3'].'" maxlength="1000" /> <br />(<a href="http://us2.php.net/date">date function help</a>)
244 <br />
245 <div class="alignr">
246 <input type="submit" id="submit" value="Save display options" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
247 </div>
248 </form>
249 </div>
250 ';
251
252 } elseif ($do == "comments") { //if comment options
253 //define page name and image
254 $globalvars['page_name'] = 'comment options';
255 $globalvars['page_image'] = 'preferences';
256
257 if ($_GET['action'] == "update") {
258 change_config('def_comlimit',$_POST['def_comlimit']);
259 change_config('def_comorder',$_POST['def_comorder']);
260 change_config('def_comenabled',$_POST['def_comenabled']);
261
262 $error_message = '<div class="success">Your preferences have been saved.</div>';
263
264 //log the change
265 log_this('comment_config','User <i>'.$_SESSION['username'].'</i> has <strong>edited</strong> the default comment options');
266 }
267
268 //generate gconfig values
269 $def_comlimit = load_config('def_comlimit');
270 $def_comorder = load_config('def_comorder');
271 $def_comenabled = load_config('def_comenabled');
272
273 if ($def_comorder['v1'] == "desc") {
274 $def_comorder_display = "Descending";
275 } elseif ($def_comorder['v1'] == "asc") {
276 $def_comorder_display = "Ascending";
277 }
278
279 if ($def_comenabled['v1'] == 0) {
280 $def_comenabled_display = "No";
281 } elseif ($def_comenabled['v1'] == 1) {
282 $def_comenabled_display = "Yes";
283 }
284
285 $content = '
286 '.$error_message.'
287 <h3>Display options</h3>
288 <div class="form">
289 <form action="preferences.php?do=comments&amp;action=update" method="post">
290 <div id="columnright">
291 <br />
292 <label for="def_comlimit">Character Limit</label>
293 <select name="def_comlimit">
294 <optgroup label="Selected:">
295 <option selected="selected" value="'.$def_comlimit['v3'].'">'.$def_comlimit['v3'].'</option>
296 </optgroup>
297 <optgroup label="Choose a limit:">
298 <option>50</option>
299 <option>100</option>
300 <option>200</option>
301 <option>300</option>
302 <option>500</option>
303 <option>750</option>
304 <option>1000</option>
305 <option>1050</option>
306 <option>1100</option>
307 <option>1200</option>
308 <option>1500</option>
309 <option>2000</option>
310 <option>5000</option>
311 <option>10000</option>
312 <option>100000</option>
313 </optgroup>
314 </select>
315 <br />
316
317 </div>
318
319 <label for="def_comenabled">Comments active</label>
320 <select name="def_comenabled">
321 <optgroup label="Selected:">
322 <option selected="selected" value="'.$def_comenabled['v1'].'">'.$def_comenabled_display.'</option>
323 </optgroup>
324 <optgroup label="Active:">
325 <option value="1">Yes</option>
326 <option value="0">No</option>
327 </optgroup>
328 </select>
329 <br />
330 <label for="def_comorder">Comment order</label>
331 <select name="def_comorder">
332 <optgroup label="Selected:">
333 <option selected="selected" value="'.$def_comorder['v1'].'">'.$def_comorder_display.'</option>
334 </optgroup>
335 <optgroup label="Choose an order:">
336 <option value="asc">Ascending</option>
337 <option value="desc">Descending</option>
338 </optgroup>
339 </select>
340 <br />
341 <div class="alignr">
342 <input type="submit" id="submit" value="Save comment options" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
343 </div>
344 </form>
345 </div>
346 ';
347 } elseif ($do == "feed") { //if rss
348 $globalvars['page_name'] = 'rss/atom management';
349 $globalvars['page_image'] = 'preferences'; //set preferences image
350 if ($_GET['action'] == "update") {
351 change_config('def_rsslimit',$_POST['def_rsslimit']);
352 change_config('def_rssorder',$_POST['def_rssorder']);
353 change_config('def_rsstitle',$_POST['def_rsstitle']);
354 change_config('def_rssdesc',$_POST['def_rssdesc']);
355 change_config('def_rssenabled',$_POST['def_rssenabled']);
356
357 $error_message = '<div class="success">Your preferences have been saved.</div>';
358
359 //log the change
360 log_this('rss_config','User <i>'.$_SESSION['username'].'</i> has <strong>edited</strong> the default rss options');
361 }
362
363 //generate gconfig values
364 $def_rsslimit = load_config('def_rsslimit');
365 $def_rssorder = load_config('def_rssorder');
366 $def_rssenabled = load_config('def_rssenabled');
367 $def_rsstitle = load_config('def_rsstitle');
368 $def_rssdesc = load_config('def_rssdesc');
369
370 if ($def_rssorder['v1'] == "desc") {
371 $def_rssorder_display = "Descending";
372 } elseif ($def_rssorder['v1'] == "asc") {
373 $def_rssorder_display = "Ascending";
374 }
375
376 if ($def_rssenabled['v1'] == 0) {
377 $def_rssenabled_display = "No";
378 } elseif ($def_rssenabled['v1'] == 1) {
379 $def_rssenabled_display = "Yes";
380 }
381
382 $content = '
383 '.$error_message.'
384 <h3>Display options</h3>
385 <div class="form">
386 <form action="preferences.php?do=feed&amp;action=update" method="post">
387 <div id="columnright">
388 <br />
389 <label for="def_rsslimit">Feed item limit</label>
390 <select name="def_rsslimit">
391 <optgroup label="Selected:">
392 <option selected="selected" value="'.$def_rsslimit['v3'].'">'.$def_rsslimit['v3'].'</option>
393 </optgroup>
394 <optgroup label="Choose a limit:">
395 <option>1</option>
396 <option>2</option>
397 <option>3</option>
398 <option>5</option>
399 <option>7</option>
400 <option>10</option>
401 <option>15</option>
402 <option>20</option>
403 <option>25</option>
404 <option>30</option>
405 <option>50</option>
406 <option>75</option>
407 <option>100</option>
408 <option>150</option>
409 <option>200</option>
410 <option>500</option>
411 <option>1000</option>
412 <option>10000</option>
413 <option>100000</option>
414 </optgroup>
415 </select>
416 <br />
417
418 <label for="def_rssorder">Feed order</label>
419 <select name="def_rssorder">
420 <optgroup label="Selected:">
421 <option selected="selected" value="'.$def_rssorder['v1'].'">'.$def_rssorder_display.'</option>
422 </optgroup>
423 <optgroup label="Choose an order:">
424 <option value="asc">Ascending</option>
425 <option value="desc">Descending</option>
426 </optgroup>
427 </select>
428 <br />
429
430 </div>
431
432 <label for="def_rssenabled">Feed online</label>
433 <select name="def_rssenabled">
434 <optgroup label="Selected:">
435 <option selected="selected" value="'.$def_rssenabled['v1'].'">'.$def_rssenabled_display.'</option>
436 </optgroup>
437 <optgroup label="Active:">
438 <option value="1">Yes</option>
439 <option value="0">No</option>
440 </optgroup>
441 </select>
442 <br />
443 <label for="def_rsstitle">Feed title</label>
444 <input type="text" name="def_rsstitle" value="'.$def_rsstitle['v3'].'" maxlength="1000" />
445 <br />
446 <label for="def_rssdesc">Feed description</label>
447 <input type="text" name="def_rssdesc" value="'.$def_rssdesc['v3'].'" maxlength="1000" />
448 <br />
449 <div class="alignr">
450 <input type="submit" id="submit" value="Save feed options" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
451 </div>
452 </form>
453 </div>
454 ';
455
456 } elseif ($do == "freeze") { //freeze/cache management
457 //define name and image
458 $globalvars['page_name'] = 'freeze management';
459 $globalvars['page_image'] = 'preferences'; //set preferences image
460
461 $action = $_GET['action'];
462
463 if ($action == "p") {
464 //if the integration code has any illegal chars, stop. This means anything that could be used for malicious ways
465 if (strstr($_POST['integration_code'], '(') || strstr($_POST['integration_code'], '{') || strstr($_POST['integration_code'], 'echo') || strstr($_POST['integration_code'], 'globalvars') || strstr($_POST['integration_code'], 'databaseinfo') || strstr($_POST['integration_code'], '$_')) {
466 $success .= '<div class="warning">Only pre-include variables may be used!</div>';
467 } else {
468 ob_start(); //start output buffering to gather phpns articles into a var
469
470 eval(stripslashes($_POST['integration_code']));
471
472 $phpns['always_show_full_story'] = TRUE;
473 $phpns['static'] = TRUE;
474 include("shownews.php");
475 $freeze_articles = ob_get_contents(); //get contents
476 ob_end_clean(); //kill buffer
477 }
478
479 if ($freeze_articles) {
480 $rand_file_token = md5(uniqid(rand(), true)); //generate unique id token for file creation
481
482 if ($freeze_open = @fopen("inc/freeze/freeze.".$rand_file_token.".php",'w')) { //if file is created...
483 fwrite($freeze_open, $freeze_articles);
484
485 //generate include path
486 $path_to = $_SERVER['SCRIPT_FILENAME'];
487 $path_to = str_replace("preferences.php","inc/freeze/freeze.".$rand_file_token.".php",$path_to);
488
489 $success = '
490 <div class="success">Phpns created the freeze file successfully!</div>
491 <h3>Freeze code</h3>
492 <p>Your freeze code was successfully created. <strong>To activate the freeze, you need to add the following pre-include variable to your phpns instance!</strong></p>
493
494 <textarea style="height: 50px;" readonly="readonly">$phpns[\'freeze_file\'] = "'.$path_to.'";</textarea>';
495 } else {
496 $warning .= '<div class="warning">Phpns could not create the freeze file (inc/freeze'.$rand_file_token.'.php). Make sure phpns has permission to write to the /inc/ directory!</div>';
497 }
498 } else {
499 $warning .= '<div class="warning">Phpns could not generate the articles to be written to freeze file. Probably mal-formed integration code.</div>';
500 }
501 }
502
503 //form the content for template
504 $content = '
505 '.$warning.'
506 '.$success.'
507 <h3>Integration code (pre-include variables):</h3>
508 <form action="preferences.php?do=freeze&amp;action=p" method="post">
509 <p>In this step, you may want to paste the pre-include variables you are using for the desired static phpns instance. This can be left blank if you want a default instance of phpns. Do not use &lt;?php or ?&gt;.</p>
510 <textarea name="integration_code" style="height: 120px;"></textarea>
511 <div class="warning">Pagination will not work with the freeze feature; only page 1 will be generated. Also, the full story will be included immediately below the main article.</div>
512
513 <div class="alignr">
514 <input type="submit" id="submit" value="Continue freeze instance" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
515 </div>
516 </form>
517 ';
518
519 } elseif ($do == "templates") {
520 //define page name & default image
521 $globalvars['page_name'] = 'templates';
522 $globalvars['page_image'] = 'preferences'; //set preferences image
523 $action = $_GET['action'];
524
525 if ($action == "switch") { //switch default template
526 $sw_id = $_POST['select'];
527
528 if (switch_template($sw_id)) {
529 $message = '<div class="success">The template you selected is now the default template.</div>';
530 } else {
531 $message = '<div class="warning">There was an error switching the template.</div>';
532 }
533 unset($action);
534 }
535
536 if (!$action) {
537 //we're going to fetch all the available templates.
538 $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates'); //execute tsql
539
540 while ($trow = mysql_fetch_assoc($tres)) { //get arrays
541 $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg
542 $trow['timestamp'] = date($globalvars['time_format'],$trow['timestamp']);
543 if ($trow['template_selected'] == TRUE) { //set the radio button to checked if it's currently selected
544 $trow['template_selected'] = 'checked="checked"';
545 }
546
547 if ($trow['template_desc'] == NULL) { //if no reason set, we need to set to N/A
548 $trow['template_desc'] = '<em>N/A</em>';
549 }
550
551 $template_rows .= '
552 <tr bgcolor="'.$row_bg.'">
553 <td><strong>'.$trow['id'].'</strong></td>
554 <td>
555 <a href="javascript:if(confirm(\'Are you sure you want to delete this template?\')) top.location=\'preferences.php?do=templates&amp;action=delete&amp;tid='.$trow['id'].'\'"><img src="images/icons/delete.png" class="row_icon" alt="delete icon" title="delete &quot;'.$trow['template_name'].'&quot;" /></a>
556 <a href="preferences.php?do=templates&amp;action=edit&amp;tid='.$trow['id'].'"><img src="images/icons/edit.png" class="row_icon" alt="edit icon" title="edit &quot;'.$trow['template_name'].'&quot;" /></a>
557 <strong><a href="preferences.php?do=templates&amp;action=edit&amp;tid='.$trow['id'].'">'.$trow['template_name'].'</a></strong></td>
558 <td>'.$trow['template_desc'].'</td>
559 <td>'.$trow['template_author'].'</td>
560 <td>'.$trow['timestamp'].'</td>
561 <td><input type="radio" name="select" value="'.$trow['id'].'" '.$trow['template_selected'].' /></td>
562 </tr>';
563 }
564
565 if ($_GET['delete_success']) {
566 $success .= '<div class="success">The item(s) have been successfully deleted.</div>';
567 }
568
569 if ($_GET['create_success']) {
570 $success .= '<div class="success">The template has been succesfully created.</div>';
571 }
572
573 $content = '
574 '.$message.'
575 '.$success.'
576 <h3>Options</h3>
577 <ul>
578 <li><a href="preferences.php?do=templates&amp;action=new">create new template</a></li>
579 </ul>
580 <h3>Template list</h3>
581 <form action="preferences.php?do=templates&amp;action=switch" method="post">
582 <table style="text-align: left; width: 100%;" border="1"
583 cellpadding="3" cellspacing="2">
584 <tbody>
585 <tr class="toprow">
586 <td style="width: 10px"><strong>ID</td>
587 <td style="width: 200px;"><strong>Name</strong></td>
588 <td><strong>Description</strong></td>
589 <td style=""><strong>Author</strong></td>
590 <td><strong>Date</strong></td>
591 <td style="width: 10px"><strong>Active</strong></td>
592 </tr>
593 '.$template_rows.'
594 </table>
595 <div class="alignr">
596 <input type="submit" id="submit" value="Switch template" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
597 </div>
598 </form>
599 ';
600 } elseif ($action == "new") {
601
602 $content = template_form();
603
604 } elseif ($action == "newp") { //create new template process
605 $data = $_POST;
606 $continue = TRUE; //set continue var
607 if ($data['template_name'] == "") {
608 $continue = FALSE;
609 $error_message = '<div class="warning">You must enter a title for this template before continuing.</div>';
610 }
611
612 if ($continue == TRUE) {
613 //create template
614 $res = new_template($data,$_SESSION['username']);
615 //redirect to templates
616 header("Location: preferences.php?do=templates&create_success=1");
617 } else {
618 $globalvars['page_name'] == 'templates';
619 $globalvars['page_image'] == 'error';
620
621 $content = template_form();
622 }
623 } elseif ($action == "edit") { //if editing a template
624 $tid = $_GET['tid'];
625 $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.'',1); //execute tsql
626 $content = template_form($tres);
627 } elseif ($action == "editp") {
628 $data = $_POST;
629 $continue = TRUE; //set continue var
630 if ($data['template_name'] == NULL) {
631 $continue = FALSE;
632 $error_message = '<div class="warning">You must enter a title for this template before continuing.</div>';
633 }
634
635 if ($continue == TRUE) {
636 $globalvars['page_name'] = "templates";
637 $globalvars['page_image'] = "success";
638 //give $data post vars
639 $res = edit_template($data,$_SESSION['username']);
640
641 //get template id
642 $tid = $_POST['id'];
643
644 //after the edit, redisplay form with edited values
645 $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.'',1); //execute tsql
646 $content = template_form($tres);
647 } else {
648 $globalvars['page_name'] == 'templates';
649 $globalvars['page_image'] == 'error';
650
651 $content = template_form($data);
652 }
653 } elseif ($action == "delete") {
654 //get tid and delete from db
655 $tid = clean_data($_GET['tid']);
656 $dres = general_query('DELETE FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.''); //execute tsql
657 //redirect to templates
658 header("Location: preferences.php?do=templates&delete_success=1");
659 }
660 } elseif ($do == "sef") { //search engine friendly urls page
661 $globalvars['page_name'] = 'search engine friendly urls';
662 $globalvars['page_image'] = "preferences";
663
664 //edited out by alecwh: .htaccess is not necessary in the /phpns/ directory..., so it's not necessary to check for one.
665 // if(is_file('.htaccess') ? $fileaccess = @file_get_contents(".htaccess") : $fileaccess = 'There is currently no .htaccess file, please make one!' );
666 $content = '
667 <p>The suggested .htaccess file:
668 <textarea class="code"># .htaccess file for SEF URLs
669 # SEF URL .htaccess file. PLACE THIS FILE WHEREVER YOUR NEWS IS BEING INCLUDED.
670
671 <IfModule mod_rewrite.c>
672 RewriteEngine on
673 RewriteCond %{SCRIPT_FILENAME} !-d
674 RewriteCond %{SCRIPT_FILENAME} !-f
675 RewriteRule ^(.*)$ index.php?a=$1 [QSA]
676 </IfModule></textarea>
677 <p>Place this \'.htaccess\' file wherever your news is being displayed on your website. This is usually the root of your website, \'/\'. You may also change the \'index.php\' reference to whatever file phpns displays news in.</p>
678 <p>The .htaccess file is not required for phpns to generate SEF URLs. You can activate using the $phpns[\'sef_override\'] pre-include variable to activate.</p>
679
680 ';
681 } elseif ($do == "ban") { //if ban page
682 $globalvars['page_name'] = "ban options";
683 $globalvars['page_image'] = "preferences";
684
685 if ($_GET['action'] == 'newp') { //if the action is new process
686 $data = $_POST; //assign post to $data
687 clean_data($data['reason']); //clean
688
689 //if ip is empty or in an incorrect form, display error
690 if (!$data['ip'] || !preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $data['ip'])) {
691 $error_message = '<div class="warning">Please make sure the IP address is in correct form, or is not blank.</div>';
692 } else {
693 ban($data,$_SESSION['username']); //ban.
694
695 //success message
696 $success = '<div class="success">The IP address has been banned.</div>';
697 }
698 } elseif ($_GET['action'] == "delete") { //if we're deleting banned ip addresses
699 $items = $_POST; //get vars
700 foreach($items as $key=>$value) { //create list of ids to be deleted
701 $items_f = $items_f."'$value',";
702 }
703 $items_f = substr_replace($items_f,"",-1); //remove last comma in list for SQL
704 $res = general_query('DELETE FROM '.$databaseinfo['prefix'].'banlist WHERE id IN ('.$items_f.')'); //delete query
705 //success message
706 $success .= '<div class="success">The selected ban(s) have been lifted.</div>';
707
708 //log the change
709 log_this('lift_ban','User <i>'.$_SESSION['username'].'</i> has <strong>lifted bans</strong> for the following ids: '.$items_f.'');
710
711 }
712
713 //fetch banned ips
714 $bres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'banlist'); //fetch query
715 while ($brow = mysql_fetch_assoc($bres)) { //get arrays
716 $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg
717 $brow['timestamp'] = date($globalvars['time_format'],$brow['timestamp']);
718
719 if ($brow['reason'] == NULL) { //if no reason set, we need to set to N/A
720 $brow['reason'] = '<em>N/A</em>';
721 }
722
723 $ip_rows .= '
724 <tr bgcolor="'.$row_bg.'">
725 <td><strong><a href="http://'.$brow['ip'].'">'.$brow['ip'].'</a></strong></td>
726 <td>'.$brow['reason'].'</td>
727 <td>'.$brow['banned_by'].'</td>
728 <td>'.$brow['timestamp'].'</td>
729 <td><input type="checkbox" value="'.$brow['id'].'" name="'.$brow['id'].'" /></td>
730 </tr>';
731 }
732
733 if (mysql_num_rows($bres) == 0) {
734 $ip_rows = '<td class="noresults" colspan="5"><strong>No returned results...</strong></td>';
735 }
736
737 $content = '
738 '.$error_message.'
739 '.$success.'
740 <h3>Ban an IP</h3>
741 <form action="?do=ban&amp;action=newp" method="post" class="form">
742 <label for="ip">IP address:</label> <input class="extended" type="text" name="ip" value="'.$_GET['ip'].'" maxlength="15" /> <input type="submit" id="submit" value="Ban this IP" onclick="javascript:document.getElementById(\'submit\').disabled=true" /><br />
743 <label for="reason">Reason for ban*:</label> <input type="text" class="extended" name="reason" maxlength="5000" />
744 </form>
745 <h3>Ban list</h3>
746 <form action="preferences.php?do=ban&amp;action=delete" method="post">
747 <table style="text-align: left; width: 100%;" border="1"
748 cellpadding="3" cellspacing="2">
749 <tbody>
750 <tr class="toprow">
751 <td style="text-align: left;"><strong>IP</strong></td>
752 <td><strong>Reason for ban</strong></td>
753 <td style=""><strong>Banned by</strong></td>
754 <td><strong>Date of ban</strong></td>
755 <td style="width: 10px; text-align: center;"><strong><input type="checkbox" onClick="Checkall(this.form);" /></strong></td>
756 </tr>
757 '.$ip_rows.'
758 </table>
759 <div class="alignr">
760 <input type="submit" id="submit" value="Lift selected bans" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
761 </div>
762 </form>
763 ';
764
765 } elseif ($do == "wizard") {
766 $globalvars['page_name'] = "integration wizard";
767 $globalvars['page_image'] = "preferences";
768
769 if ($_GET['action'] == "p") {
770 //definitions based on what was submitted
771
772 $generate['category'] = ($_POST['category']) ? ("\n\t".'$phpns[\'category\'] = \''.join($_POST['category'], ',').'\';') : ('');
773
774 $generate['rss'] = ($_POST['rss']) ? ('$phpns[\'mode\'] = \'rss\';') : ('');
775 $generate['limit'] = ($_POST['display_limit']) ? ("\n\t".'$phpns[\'limit\'] = \''.$_POST['display_limit'].'\';') : ('');
776 $generate['template'] = ($_POST['template']) ? ("\n\t".'$phpns[\'template\'] = \''.$_POST['template'].'\';') : ('');
777 $generate['order'] = ($_POST['order']) ? ("\n\t".'$phpns[\'order\'] = \''.$_POST['order'].'\';') : ('');
778 $generate['offset'] = ($_POST['offset']) ? ("\n\t".'$phpns[\'offset\'] = \''.$_POST['offset'].'\';') : ('');
779 $generate['script_path'] = ($_POST['script_path']) ? ("\n\t".'$phpns[\'script_path\'] = \''.$_POST['script_path'].'\';') : ('');
780 $generate['disable_pagination'] = ($_POST['disable_pagination']) ? ("\n\t".'$phpns[\'disable_pagination\'] = \''.$_POST['disable_pagination'].'\';') : ('');
781 $generate['items_per_page'] = ($_POST['items_per_page']) ? ("\n\t".'$phpns[\'items_per_page\'] = \''.$_POST['items_per_page'].'\';') : ('');
782 $generate['override_sef'] = ($_POST['override_sef']) ? ("\n\t".'$phpns[\'override_sef\'] = \''.$_POST['override_sef'].'\';') : ('');
783 $generate['override_comments'] = ($_POST['override_comments']) ? ("\n\t".'$phpns[\'override_comments\'] = \''.$_POST['override_comments'].'\';') : ('');
784 $generate['static'] = ($_POST['static']) ? ("\n\t".'$phpns[\'static\'] = \''.$_POST['static'].'\';') : ('');
785 $generate['always_show_extended_article'] = ($_POST['always_show_extended_article']) ? ("\n\t".'$phpns[\'always_show_extended_article\'] = \''.$_POST['always_show_extended_article'].'\';') : ('');
786 $generate['disable_extended_article'] = ($_POST['disable_extended_article']) ? ("\n\t".'$phpns[\'disable_extended_article\'] = \''.$_POST['disable_extended_article'].'\';') : ('');
787
788 //generate include path
789 $path_to = $_SERVER['SCRIPT_FILENAME'];
790 $path_to = str_replace("preferences.php","shownews.php",$path_to);
791
792 $content .= '
793 <h3>Generated code</h3>
794 <p><strong>Your include code was successfully generated. Simply paste the following code wherever you want your news displayed:</strong></p>
795 <textarea readonly="readonly" class="code" style="height: 120px">
796 <?php
797 /*
798 This file is used to generate articles managed by the phpns system.
799 Place this code wherever you want your articles displayed on your
800 website. The page that this code is placed in should have a .php
801 extension.
802 */
803 '.$generate['rss'].''.$generate['category'].''.$generate['limit'].''.$generate['template'].''.$generate['order'].''.$generate['offset'].''.$generate['script_path'].''.$generate['disable_pagination'].''.$generate['items_per_page'].''.$generate['override_sef'].''.$generate['override_comments'].''.$generate['static'].''.$generate['always_show_extended_article'].''.$generate['disable_extended_article'].'
804
805 //after variable declaration(s), include shownews.php
806 include("'.$path_to.'");
807 ?>
808 </textarea>';
809 }
810
811 $data['cat_list'] = gen_categories('option','');
812 $data['template_list'] = gen_templates();
813
814 //integration wizard form
815 $content .= '
816 <h3>Display configuration</h3>
817 <div class="form">
818 <form action="?do=wizard&amp;action=p" method="post">
819
820 <label for="category">Category</label>
821 <select name="category[]" id="category" multiple="multiple" size="10">
822 <option value="0">All categories</option>
823 <optgroup label="Categories">
824 '.$data['cat_list'].'
825 </optgroup>
826 </select>
827 <br />
828
829 <label for="template">Template</label>
830 <select name="template" id="template">
831 <optgroup label="Select...">
832 <option value="">Default</option>
833 </optgroup>
834 <optgroup label="Templates">
835 '.$data['template_list'].'
836 </optgroup>
837 </select>
838 <br />
839
840 <label for="order">Order</label>
841 <select name="order" id="order">
842 <optgroup label="Select...">
843 <option value="">Default</option>
844 <option value="desc">Descending</option>
845 <option value="asc">Ascending</option>
846 </optgroup>
847 </select><br />
848
849 <label for="display_limit">Display limit</label>
850 <input type="text" name="display_limit" id="display_limit" value="" /> (numeric, 1 - 9999, or blank for default) <br />
851 <label for="offset">Offset</label>
852 <input type="text" name="offset" id="offset" value="" /> (numeric, 0 - 9999, or blank for default) <br />
853 <label for="script_path">Script path</label>
854 <input type="text" name="script_path" id="script_path" value="" /> (script where articles will be linked to, before <code>?a=xx</code>)<br />
855
856 <h4>Pagination settings (<a href="javascript:expand(\'pagination_options\');">expand/collapse</a>)</h4>
857 <div id="pagination_options" class="advanced" style="display: none;">
858 <label for="disable_pagination">Disable pagination</label> <input type="checkbox" value="1" name="disable_pagination" id="disable_pagination" /><br /><br />
859
860 <label for="items_per_page">Items Per Page</label>
861 <input type="text" name="items_per_page" id="items_per_page" value="" /> (numeric, 1 - 9999, or blank for default)<br />
862 </div>
863
864 <h4>Advanced (<a href="javascript:expand(\'overrides\');">expand/collapse</a>)</h4>
865 <div id="overrides" class="advanced" style="display: none;">
866 <label for="override_sef" class="nofloat"><input type="checkbox" value="1" name="override_sef" id="override_sef" /> Override SEF (Search Engine Friendly URLs)</label><br /><br />
867 <label for="override_comments" class="nofloat"><input type="checkbox" value="1" name="override_comments" id="override_comments" /> Override Comments</label><br /><br />
868
869 <label for="static" class="nofloat"><input type="checkbox" value="1" name="static" id="static" /> Static display</label><br /><br />
870 <label for="always_show_extended_article" class="nofloat"><input type="checkbox" value="1" name="always_show_extended_article" id="always_show_extended_article" /> Always show extended article</label><br /><br />
871 <label for="disable_extended_article" class="nofloat"><input type="checkbox" value="1" name="disable_extended_article" id="disable_extended_article" />Always disable (hide) extended article</label><br /><br />
872
873 </div>
874 <div class="alignr">
875 <input type="submit" id="submit" value="Generate code" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
876 </div>
877 </form>
878 </div>
879 ';
880
881 } elseif ($do == "syslog") {
882 $globalvars['page_name'] = "system log";
883 $globalvars['page_image'] = "preferences";
884 //determine pagintation variables and sorting
885 $page = $_GET['page'];
886 if (!$page) {
887 $page = 1;
888 }
889 $items_per_page = 20;
890 $page_start = ($page*$items_per_page) - $items_per_page;
891 $next_page = $page + 1;
892 $prev_page = $page - 1;
893 //get sorting info and view
894 $sort = $_GET['sort'];
895 $v = $_GET['v'];
896 //END OF PAGINATION/SORTING
897
898 $content = log_form();
899
900 } elseif ($do == "backup") {
901 $globalvars['page_name'] = "database backup";
902 $globalvars['page_image'] = "preferences";
903
904 if ($_GET['action'] == "backup") {
905
906 //mysqldump -u alecwh --password=alecwh phpns2 > database.sql
907 exec('mysqldump -u '.$databaseinfo['user'].' --password='.$databaseinfo['password'].' '.$databaseinfo['dbname'].' > '.$databaseinfo['dbname'].'.sql');
908
909 //log the change
910 log_this('backup_db','User <i>'.$_SESSION['username'].'</i> has <strong>backed up</strong> the system database.');
911
912 //define filepaths and determine future gz file
913 $file = $databaseinfo['dbname'].'.sql'; //the current dump
914 // $file = file_get_contents($file);
915 /*
916 COMPRESSION FOR FILE, COMMENTED OUT UNTIL WE CAN SOLIDIFY THE PROCESS.
917 //encode and write to file process
918 $data = implode("", file($file));
919 $gzdata = gzuncompress($data, 9); //encrypt to .gz, most compression possible (9)
920 $fp = fopen($gz_file_to_produce, "w"); //open to write
921 fwrite($fp, $gzdata); //write
922 fclose($fp); //close
923
924 > <meta http-equiv="content-type","application/download">
925 > <meta http-equiv="content-type","application/force-download">
926 > <meta http-equiv="content-type","application/octet-stream">
927 > <meta http-equiv="content-disposition","attachment; filename=list.txt">[/color]
928 */
929
930 //redirect to etc for actual header info
931 header("Location: etc.php?do=backup");
932
933 } elseif ($_GET['action'] == "restore") { //if we're restoring the data
934 //action for uploaded file, for db restore
935 $target_path = basename($_FILES['file']['name']);
936 if (move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) {
937 //the file has been uploaded, now we deal wtih manipulation.
938 //de-gz the file
939 //THIS WAS THE PROBLEM with .gz compression, the decompression was not widely supported. Maybe support in the future, but for now, we're not dealing with it.
940 //execute and dump data
941 exec('mysql -u '.$databaseinfo['user'].' --password='.$databaseinfo['password'].' '.$databaseinfo['dbname'].' < '.$target_path.'');
942 } else {
943 //log the change
944 log_this('backup_restore','User <i>'.$_SESSION['username'].'</i> has <strong>restored</strong> a previous phpns database.');
945 $error_message .= '<div class="warning">There was an error uploading the file.</div>';
946 }
947 }
948
949 if ($_GET['success'] == 'no') {
950 $output = '<div class="warning">Phpns could not create the database file. This is usually a problem with file permissions; make sure phpns can create files in this directory.</div>';
951 }
952
953 $content .= '
954 '.$output.'
955 <h3>Create backup</h3>
956 <p>Once you click the button below, phpns will create a backup of the whole phpns database, and then compress to .sql when available.</p>
957 <div id="button_container">
958 <button class="backup" OnClick="window.location = \'?do=backup&amp;action=backup\';"><strong>Click here to backup the phpns database</strong></button>
959 </div>
960
961 <h3>Restore backup</h3>
962 <p>Please browse to the backup file earlier created.</p>
963 <form enctype="multipart/form-data" action="?do=backup&amp;action=restore" method="post" onsubmit="return confirm(\'Are you sure you want to restore this backup?\n\nThis will erase your database schema, and delete any articles/categories/users/settings that are not included in the backup.\');" >
964 <label for="file">Select .sql file</label> <input name="file" type="file" /><br />
965 <div class="alignr">
966 <input type="submit" value="Restore backup" id="submit" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
967 </div>
968 </form>
969
970 ';
971
972
973 } elseif ($do == "images") {
974 $globalvars['page_name'] = "image uploads and settings";
975 $globalvars['page_image'] = "preferences";
976
977
978 } elseif ($do == "themes") { //if themes
979 //define page name & default image
980 $globalvars['page_name'] = 'themes';
981 $globalvars['page_image'] = 'preferences'; //set preferences image
982 $action = $_GET['action'];
983 $path = $_POST['path'];
984 if ($action == "switch" && $path != "") { //if theme switch is underway....
985
986 $theme_path = 'themes/'.$path.'/'; //construct filepath
987 $themeinfo = simplexml_load_file('themes/'.$path.'/theme.xml');
988 $timestamp = time();
989
990 //first, we're going to delete previous theme selection(s). There should only ever be one.
991 $sql_del = general_query('DELETE FROM '.$databaseinfo['prefix'].'themes');
992
993 $res = general_query("INSERT INTO ".$databaseinfo['prefix']."themes
994 (theme_name,theme_author,theme_dir,base_dir,timestamp,theme_selected) VALUES (
995 '".$themeinfo->name."',
996 '".$themeinfo->author."',
997 '".$theme_path."',
998 '".$path."',
999 '".$timestamp."',
1000 1)
1001 "); //form query and execute
1002 //log the change
1003 log_this('change_theme','User <i>'.$_SESSION['username'].'</i> has <strong>changed</strong> the default system theme.');
1004 $content = '<div class="success">The theme has been saved.</div>';
1005 }
1006
1007 $scanlisting = scandir("themes/");
1008 $dirlisting = array();
1009 foreach($scanlisting as $key => $value) {
1010 if (is_dir("themes/$value") == true && $value != '.' && $value != '..') {
1011 $dirlisting[] = $value;
1012 }
1013 }
1014 $themelist = '
1015 <form action="preferences.php?do=themes&action=switch" method="post">
1016 <table style="text-align: left; width: 100%;" border="1"
1017 cellpadding="3" cellspacing="2">
1018 <tbody>
1019 <tr class="toprow">
1020 <td style="width: 100px"><strong>Preview</strong></td>
1021 <td style="width: 150px; text-align: left;"><strong>Name</strong></td>
1022 <td style="width: 150px;"><strong>Author</strong></td>
1023 <td><strong>Description</strong></td>
1024 <td style="width: 10px"><strong>Active</strong></td>
1025 </tr>';
1026 foreach($dirlisting as $key => $value) {
1027 if (is_file("themes/$value/theme.xml")) {
1028 $themeinfo = simplexml_load_file('themes/'.$value.'/theme.xml');
1029
1030 //sql to fetch current theme, so we can have the theme selected
1031 $stheme = general_query('SELECT * FROM '.$databaseinfo['prefix'].'themes WHERE theme_selected=1', TRUE);
1032
1033 //radio button. selected or not?
1034
1035 if ("$themeinfo->name" == $stheme['theme_name']) {
1036 $radio = '<td><input type="radio" id="path" name="path" value="'.$value.'" checked="checked" /></td>';
1037 } else {
1038 $radio = '<td><input type="radio" id="path" name="path" value="'.$value.'" /></td>';
1039 }
1040
1041 $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg
1042
1043 $themelist = $themelist.'
1044 <tr bgcolor="'.$row_bg.'">
1045 <td><img src="themes/'.$value.'/preview.png" alt="preview" /></td>
1046 <td valign="top"><strong>'."$themeinfo->name".'</strong></td>
1047 <td valign="top"><a href="'."$themeinfo->website".'"> '."$themeinfo->author".' </a></td>
1048 <td valign="top">'."$themeinfo->description".'</td>
1049 '.$radio.'
1050 </tr>';
1051 }
1052 }
1053 $themelist = $themelist.'
1054 </tbody>
1055 </table>
1056 <div class="alignr">
1057 <input type="submit" id="submit" value="Switch and Save" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
1058 </div>
1059 </form>';
1060
1061 //compile content for themes
1062 $content .=
1063 '<h3>Detected themes (in the /themes directory)</h3>
1064 '.$themelist.'
1065 ';
1066 } elseif ($do == "wysiwyg") {
1067 $globalvars['page_name'] = "wysiwyg options";
1068 $globalvars['page_image'] = "preferences";
1069 if ($_GET['action'] == 'update') {
1070 change_config('wysiwyg',$_POST['wysiwyg']);
1071 $message = "<div class=\"success\">The wysiwyg editor has been changed to '".$_POST['wysiwyg']."'</div>";
1072 //log the change
1073 log_this('wysiwyg_options','User <i>'.$_SESSION['username'].'</i> has <strong>disabled/enabled</strong> the wysiwyg editor');
1074 }
1075
1076 $wysiwyg = load_config('wysiwyg');
1077
1078 $content = '
1079 '.$message.'
1080 <h3>wysiwyg</h3>
1081 <div class="form">
1082 <form action="preferences.php?do=wysiwyg&action=update" method="post">
1083 <label for="wysiwyg">Enabled</label>
1084 <select name="wysiwyg" id="wysiwyg">
1085 <optgroup label="Selected:">
1086 <option value="'.$wysiwyg['v1'].'">'.$wysiwyg['v1'].'</option>
1087 <optgroup label="Select...">
1088 <option value="yes">yes</option>
1089 <option value="no">no</option>
1090 </optgroup>
1091 </select><br />
1092 <p>*The WYSIWYG editor can be disabled/enabled by clicking "Toggle WYSIWYG" next to textareas ONLY if the editor is active.</p>
1093 <p>Phpns currently uses the <a href="http://tinymce.moxiecode.com">TinyMCE</a> wysiwyg textarea application, licensed under the <a href="inc/wysiwyg/license.txt">LGPL</a>. We also use the <a href="http://codepress.org/">codepress</a> code editor for template management. Thanks to these guys for awesome projects!</p>
1094 <div class="alignr">
1095 <input type="submit" id="submit" value="Save" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
1096 </div>
1097 </form>
1098 </div>
1099 ';
1100
1101 } elseif ($do == "timestamp") {
1102 $globalvars['page_name'] = "system timestamp format";
1103 $globalvars['page_image'] = "preferences";
1104 if ($_GET['action'] == 'update') {
1105 change_config('sys_time_format',$_POST['sys_time_format']);
1106 $message = "<div class=\"success\">The system timestamp format has been changed to '".$_POST['sys_time_format']."'</div>";
1107 //log the change
1108 log_this('system_timestamp','User <i>'.$_SESSION['username'].'</i> has <strong>modified</strong> the default system timestamp format to "'.$_POST['sys_time_format'].'"');
1109 }
1110
1111 $sys_time_format = load_config('sys_time_format');
1112
1113 $content = '
1114 <h3>system timestamp format</h3>
1115 '.$message.'
1116 <p>phpns uses the date(); function for formatting the system time. You can find a manual on the function at the <a href="http://php.net/date">php website</a>.</p>
1117 <div class="form">
1118 <form action="preferences.php?do=timestamp&action=update" method="post">
1119 <label for="format">Format</label>
1120 <input type="text" name="sys_time_format" id="format" value="'.$sys_time_format['v1'].'" maxlength="17" /><br />
1121 <div class="alignr">
1122 <input type="submit" id="submit" value="Save" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
1123 </div>
1124 </form>
1125 </div>
1126 ';
1127
1128 } elseif ($do == "line") {
1129 $globalvars['page_name'] = "online/offline options";
1130 $globalvars['page_image'] = "preferences";
1131 if ($_GET['action'] == 'update') {
1132 change_config('line',$_POST['line']);
1133 $message = "<div class=\"success\">The online/offline status has been changed to '".$_POST['line']."'</div>";
1134
1135 //log the change
1136 log_this('site_line','User <i>'.$_SESSION['username'].'</i> has <strong>changed</strong> the online/offline status');
1137 }
1138
1139 $line = load_config('line');
1140
1141 $content = '
1142 '.$message.'
1143 <h3>Line options</h3>
1144 <div class="form">
1145 <form action="preferences.php?do=line&action=update" method="post">
1146 <label for="line">Online:</label>
1147 <select name="line" id="line">
1148 <optgroup label="Selected:">
1149 <option value="'.$line['v1'].'">'.$line['v1'].'</option>
1150 <optgroup label="Select...">
1151 <option value="yes">yes</option>
1152 <option value="no">no</option>
1153 </optgroup>
1154 </select><br />
1155 <div>
1156 If the above option is set to \'no\' (or \'offline\'), users will <strong>not</strong> be able to view any articles on your website.
1157 </div>
1158 <div class="alignr">
1159 <input type="submit" id="submit" value="Save" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
1160 </div>
1161 </form>
1162 </div>
1163 ';
1164
1165 } elseif ($do == "globalmessage") {
1166 $globalvars['page_name'] = "global message";
1167 $globalvars['page_image'] = "preferences";
1168
1169 if ($_GET['action'] == "update") {
1170 change_config('global_message',$_POST['message']);
1171 $error_message = '<div class="success">Your message have been saved.</div>';
1172 //log the change
1173 log_this('global_message','User <i>'.$_SESSION['username'].'</i> has <strong>edited</strong> the default global message');
1174 }
1175 $global_message = load_config('global_message');
1176
1177 $content = $error_message.'
1178 <h3>global message</h3>
1179 <div class="form">
1180 <form action="preferences.php?do=globalmessage&action=update" method="post">
1181 <label for="message" class="for_textarea_alt">Message <a href="javascript:togglewysiwyg(\'message\');">wysiwyg on/off</a> <a href="javascript:expandwysiwyg(\'message\');">expand editor</a></label><textarea name="message" id="message">'.$global_message['v3'].'</textarea>
1182 <br />*If you do not want any message, leave the above field blank.
1183 <div class="alignr">
1184 <input type="submit" id="submit" value="Save global message" onclick="javascript:document.getElementById(\'submit\').disabled=true" />
1185 </div>
1186
1187 </form>
1188 </div>
1189 ';
1190 }
1191
1192 include("inc/themecontrol.php"); //include theme script
1193 ?>
Phpns is a free and open source PHP news system.