PageRenderTime 57ms CodeModel.GetById 25ms RepoModel.GetById 0ms app.codeStats 0ms

/admin/includes/edit_sitemap.php

https://bitbucket.org/mpercy/deeemm-cms
PHP | 212 lines | 144 code | 30 blank | 38 comment | 9 complexity | a0de1d548ab4b8a056c0e91ebbaab518 MD5 | raw file
Possible License(s): LGPL-2.1, BSD-2-Clause 
    

  1. <?php

    2. 

  2. 

    3. 

  3. defined( '_INDM' ) or die( 'POSSIBLE HACK ATTEMPT!' );

    4. 

  4. 

    5. 

  5. /*===========================================================================

    6. 

  6. Check user priviledges

    7. 

  7. ===========================================================================*/

    8. 

  8. require VALIDATE;

    9. 

  9. 

    10. 

  10. if ($user != 'ADMIN') header("Location: " . $default_url . "index.php");

    11. 

  11. 

    12. 

  12. switch ($action) {

    13. 

  13. 

    14. 

  14. /*===========================================================================

    15. 

  15. Move up

    16. 

  16. ===========================================================================*/

    17. 

  17. 	case 'move_up_category';

    18. 

  18. 	//get current order value

    19. 

  19. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "core_structure` WHERE `table` = '$category'");

    20. 

  20. 	while($sql_result = mysql_fetch_array($sql_query)) {

    21. 

  21. 		$current_order = $sql_result[order];

    22. 

  22. 		$new_order = $current_order - 1;

    23. 

  23. 	}

    24. 

  24. 	//swap order value with adjacent category

    25. 

  25. 	mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$current_order' WHERE `order` = '$new_order'");

    26. 

  26. 	mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$new_order' WHERE `table` = '$category'");

    27. 

  27. 

    28. 

  28. 	//reorder results to get rid of blank / ambiguous results

    29. 

  29. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "core_structure` ORDER BY `order`");

    30. 

  30. 	while($sql_result = mysql_fetch_array($sql_query)){

    31. 

  31. 		$old_order[].= $sql_result[order];

    32. 

  32. 	}

    33. 

  33. 	$i = 1;

    34. 

  34. 	foreach ($old_order as $temp){

    35. 

  35. 		mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$i' WHERE `order` = '$temp'");

    36. 

  36. 		$i = $i + 1;

    37. 

  37. 	}

    38. 

  38. 	header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    39. 

  39. 	break;

    40. 

  40. 

    41. 

  41. 

    42. 

  42. /*===========================================================================

    43. 

  43. Move up sub category

    44. 

  44. ===========================================================================*/

    45. 

  45. 	case 'move_up_subcategory';

    46. 

  46. 	//get current order value

    47. 

  47. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "$category` WHERE `id` = '$id'");

    48. 

  48. 	while($sql_result = mysql_fetch_array($sql_query)) {

    49. 

  49. 		$current_order = $sql_result[order];

    50. 

  50. 		$new_order = $current_order - 1;

    51. 

  51. 	}

    52. 

  52. 	//swap order value with adjacent category

    53. 

  53. 	mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$current_order' WHERE `order` = '$new_order'");

    54. 

  54. 	mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$new_order' WHERE `id` = '$id'");

    55. 

  55. 

    56. 

  56. 	//reorder results to get rid of blank / ambiguous results

    57. 

  57. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "$category` ORDER BY `order`");

    58. 

  58. 	while($sql_result = mysql_fetch_array($sql_query)){

    59. 

  59. 		$old_order[].= $sql_result[order];

    60. 

  60. 	}

    61. 

  61. 	$i = 1;

    62. 

  62. 	foreach ($old_order as $temp){

    63. 

  63. 		mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$i' WHERE `order` = '$temp'");

    64. 

  64. 		$i = $i + 1;

    65. 

  65. 	}

    66. 

  66. 	header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    67. 

  67. 	break;

    68. 

  68. 

    69. 

  69. 

    70. 

  70. /*===========================================================================

    71. 

  71. Move down

    72. 

  72. ===========================================================================*/

    73. 

  73. 	case 'move_down_category';

    74. 

  74. 	//get current order value

    75. 

  75. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "core_structure` WHERE `table` = '$category'");

    76. 

  76. 	while($sql_result = mysql_fetch_array($sql_query)) {

    77. 

  77. 		$current_order = $sql_result[order];

    78. 

  78. 		$new_order = $current_order + 1;

    79. 

  79. 	}

    80. 

  80. 	//swap order value with adjacent category

    81. 

  81. 	mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$current_order' WHERE `order` = '$new_order'");

    82. 

  82. 	mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$new_order' WHERE `table` = '$category'");

    83. 

  83. 

    84. 

  84. 	//reorder results to get rid of blank / ambiguous results

    85. 

  85. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "core_structure` ORDER BY `order`");

    86. 

  86. 	while($sql_result = mysql_fetch_array($sql_query)){

    87. 

  87. 		$old_order[].= $sql_result[order];

    88. 

  88. 	}

    89. 

  89. 	$i = 1;

    90. 

  90. 	foreach ($old_order as $temp){

    91. 

  91. 		mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `order` = '$i' WHERE `order` = '$temp'");

    92. 

  92. 		$i = $i + 1;

    93. 

  93. 	}

    94. 

  94. 	header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    95. 

  95. 	break;

    96. 

  96. 

    97. 

  97. 

    98. 

  98. /*===========================================================================

    99. 

  99. Move down sub category

    100. 

  100. ===========================================================================*/

    101. 

  101. 	case 'move_down_subcategory';

    102. 

  102. 	//get current order value

    103. 

  103. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "$category` WHERE `id` = '$id'");

    104. 

  104. 	while($sql_result = mysql_fetch_array($sql_query)) {

    105. 

  105. 		$current_order = $sql_result[order];

    106. 

  106. 		$new_order = $current_order + 1;

    107. 

  107. 	}

    108. 

  108. 	//swap order value with adjacent category

    109. 

  109. 	mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$current_order' WHERE `order` = '$new_order'");

    110. 

  110. 	mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$new_order' WHERE `table` = '$category'");

    111. 

  111. 

    112. 

  112. 	//reorder results to get rid of blank / ambiguous results

    113. 

  113. 	$sql_query = mysql_query("SELECT * FROM `" . $db_table_prefix . "$category` ORDER BY `order`");

    114. 

  114. 	while($sql_result = mysql_fetch_array($sql_query)){

    115. 

  115. 		$old_order[].= $sql_result[order];

    116. 

  116. 	}

    117. 

  117. 	$i = 1;

    118. 

  118. 	foreach ($old_order as $temp){

    119. 

  119. 		mysql_query("UPDATE `" . $db_table_prefix . "$category` SET `order` = '$i' WHERE `order` = '$temp'");

    120. 

  120. 		$i = $i + 1;

    121. 

  121. 	}

    122. 

  122. 	header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    123. 

  123. 	break;

    124. 

  124. 

    125. 

  125. 

    126. 

  126. /*===========================================================================

    127. 

  127. Delete category

    128. 

  128. ===========================================================================*/

    129. 

  129. 	case 'delete_category';

    130. 

  130. 	$category = strtolower($_REQUEST['category']);

    131. 

  131. 	mysql_query("DELETE FROM " . $db_table_prefix . "core_structure WHERE `table` = '$category'") or die ("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql_query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());;

    132. 

  132. 	mysql_query("DROP TABLE `" . $db_table_prefix . "$category`");

    133. 

  133. 	//reorder id by recreating field

    134. 

  134. 	if ($page != 'orphan') {

    135. 

  135. 		mysql_query("ALTER TABLE `" . $db_table_prefix . "core_structure` DROP `id`");

    136. 

  136. 		mysql_query("ALTER TABLE `" . $db_table_prefix . "core_structure` ADD `id` MEDIUMINT( 16 ) NOT NULL AUTO_INCREMENT PRIMARY KEY FIRST");

    137. 

  137. 		header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    138. 

  138. 	}

    139. 

  139. 	break;

    140. 

  140. 

    141. 

  141. 

    142. 

  142. /*===========================================================================

    143. 

  143. Save category information

    144. 

  144. ===========================================================================*/

    145. 

  145. 	case 'save_categories';

    146. 

  146. 	$type = strtolower($_REQUEST['category_type']);

    147. 

  147. 	 

    148. 

  148. 	$category = strtolower($_REQUEST['category_lan_1']);

    149. 

  149. 	$old_category = $_REQUEST['old_category'];

    150. 

  150. 

    151. 

  151. 	$media_library_default_view = $_REQUEST['media_library_default_view'];

    152. 

  152. 	$num_slideshow_images = $_REQUEST['num_slideshow_images'];

    153. 

  153. 	$imagebox_type = $_REQUEST['imagebox_type'];

    154. 

  154. 	$display_in_margin = $_REQUEST['display_in_margin'];

    155. 

  155. 	$display_in_sitemap = $_REQUEST['display_in_sitemap'];

    156. 

  156. 	$allow_comments = $_REQUEST['allow_comments'];

    157. 

  157. 	$category_lan_1 = $_REQUEST['category_lan_1'];

    158. 

  158. 	$category_lan_2 = $_REQUEST['category_lan_2'];

    159. 

  159. 	$category_lan_3 = $_REQUEST['category_lan_3'];

    160. 

  160. 	$category_lan_4 = $_REQUEST['category_lan_4'];

    161. 

  161. 	$tool_tip_lan_1 = $_REQUEST['tool_tip_lan_1'];

    162. 

  162. 	$tool_tip_lan_2 = $_REQUEST['tool_tip_lan_2'];

    163. 

  163. 	$tool_tip_lan_3 = $_REQUEST['tool_tip_lan_3'];

    164. 

  164. 	$tool_tip_lan_4 = $_REQUEST['tool_tip_lan_4'];

    165. 

  165. 

    166. 

  166. 	if ($old_category == '') {

    167. 

  167. 

    168. 

  168. 		//save new category to structure table

    169. 

  169. 		$order = $num_tables + 1;

    170. 

  170. 			

    171. 

  171. 		if (mysql_query("INSERT INTO " . $db_table_prefix . "core_structure VALUES(NULL,'$category','$order','$type', '$media_library_default_view', '$num_slideshow_images', '$imagebox_type', '$display_in_margin', '$display_in_sitemap', '$allow_comments', '$category_lan_1', '$tool_tip_lan_1', '$category_lan_2', '$tool_tip_lan_2', '$category_lan_3', '$tool_tip_lan_3', '$category_lan_4', '$tool_tip_lan_4')")) {

    172. 

  172. 				

    173. 

  173. 			//if (mkdir($media_library .'/'. $category, 0700)) echo 'test';

    174. 

  174. 

    175. 

  175. 			//create new table for category

    176. 

  176. 			mysql_query("CREATE TABLE `" . $db_table_prefix . "$category` (

    177. 

  177.   			`id` mediumint( 16 ) NOT NULL AUTO_INCREMENT ,

    178. 

  178.   			`date` date NOT NULL default '0000-00-00',

    179. 

  179.   			`order` mediumint( 16 ) NOT NULL default '1',

    180. 

  180.   			`parent` varchar( 60 ) NOT NULL default '',

    181. 

  181.   			`child` varchar( 60 ) NOT NULL default '',

    182. 

  182.   			`category` varchar( 60 ) NOT NULL default '',

    183. 

  183.   			`image` varchar( 60 ) default NULL,

    184. 

  184. 				`link_url` varchar(200) NOT NULL default '',

    185. 

  185. 				`display_in_navbar` varchar(50) NOT NULL default 'on',   			

    186. 

  186.   			`title_lan_1` varchar( 60 ) NOT NULL default '',

    187. 

  187.   			`tool_tip_lan_1` varchar( 60 ) NOT NULL default '',

    188. 

  188.   			`description_lan_1` text NOT NULL,

    189. 

  189.   			`title_lan_2` varchar( 60 ) NOT NULL default '',

    190. 

  190.   			`tool_tip_lan_2` varchar( 60 ) NOT NULL default '',

    191. 

  191.   			`description_lan_2` text NOT NULL ,

    192. 

  192.   			`title_lan_3` varchar( 60 ) NOT NULL default '',

    193. 

  193.   			`tool_tip_lan_3` varchar( 60 ) NOT NULL default '',

    194. 

  194.   			`description_lan_3` text NOT NULL,

    195. 

  195.   			`title_lan_4` varchar( 60 ) NOT NULL default '',

    196. 

  196.   			`tool_tip_lan_4` varchar( 60 ) NOT NULL default '',

    197. 

  197.   			`description_lan_4` text NOT NULL,

    198. 

  198.   			PRIMARY KEY ( `id` ) ) ENGINE = InnoDB DEFAULT CHARSET = latin1") or die ("<b>A fatal MySQL error occured</b>.\n<br />Query: " . $sql_query . "<br />\nError: (" . mysql_errno() . ") " . mysql_error());;

    199. 

  199. 		}

    200. 

  200. 

    201. 

  201. 	} else {

    202. 

  202. 

    203. 

  203. 		//category exists - update values

    204. 

  204. 		mysql_query("UPDATE `" . $db_table_prefix . "core_structure` SET `table` = '$category', `type` = '$type', `media_library_default_view` = '$media_library_default_view', `num_slideshow_images` = '$num_slideshow_images', `imagebox_type` = '$imagebox_type', `display_in_margin` = '$display_in_margin', `display_in_sitemap` = '$display_in_sitemap', `allow_comments` = '$allow_comments', `category_lan_1` = '$category_lan_1', `tool_tip_lan_1` = '$tool_tip_lan_1', `category_lan_2` = '$category_lan_2', `tool_tip_lan_2` = '$tool_tip_lan_2', `category_lan_3` = '$category_lan_3', `tool_tip_lan_3` = '$tool_tip_lan_3', `category_lan_4` = '$category_lan_4', `tool_tip_lan_4` = '$tool_tip_lan_4' WHERE `table` = '$old_category'");

    205. 

  205. 		mysql_query("RENAME TABLE `" . $db_table_prefix . $old_category . "`  TO `" . $db_table_prefix . $category . "`");

    206. 

  206. 	}

    207. 

  207. 	header("Location: " . $default_url . $admin_dir . "index.php?action=edit_sitemap");

    208. 

  208. 	break;

    209. 

  209. 

    210. 

  210. }//end switch case

    211. 

  211. 

    212. 

  212. ?>
    213.