/modules/Textbox/admin.php
PHP | 300 lines | 244 code | 40 blank | 16 comment | 16 complexity | cd5d8969ee1d6040f79c44bb2fabee8e MD5 | raw file
Possible License(s): GPL-3.0, BSD-3-Clause, GPL-2.0, LGPL-3.0, LGPL-2.1
- <?php
- // -------------------------------------------------------------------------//
- // Nuked-KlaN - PHP Portal //
- // http://www.nuked-klan.org //
- // -------------------------------------------------------------------------//
- // This program is free software. you can redistribute it and/or modify //
- // it under the terms of the GNU General Public License as published by //
- // the Free Software Foundation; either version 2 of the License. //
- // -------------------------------------------------------------------------//
- if (!defined("INDEX_CHECK"))
- {
- die ("<div style=\"text-align: center;\">You cannot open this page directly</div>");
- }
- global $user, $language;
- translate("modules/Textbox/lang/" . $language . ".lang.php");
- include("modules/Admin/design.php");
- admintop();
- if (!$user)
- {
- $visiteur = 0;
- }
- else
- {
- $visiteur = $user[1];
- }
- $ModName = basename(dirname(__FILE__));
- $level_admin = admin_mod($ModName);
- if ($visiteur >= $level_admin && $level_admin > -1)
- {
- function edit_shout($mid)
- {
- global $nuked, $language;
- $sql = mysql_query("SELECT auteur, texte, ip FROM " . TEXTBOX_TABLE . " WHERE id = '" . $mid . "'");
- list($pseudo, $texte, $ip) = mysql_fetch_array($sql);
- $texte = htmlspecialchars($texte);
- echo "<div class=\"content-box\">\n" //<!-- Start Content Box -->
- . "<div class=\"content-box-header\"><h3>" . _ADMINSHOUTBOX . "</h3>\n"
- . "<div style=\"text-align:right;\"><a href=\"help/" . $language . "/Textbox.php\" rel=\"modal\">\n"
- . "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a>\n"
- . "</div></div>\n"
- . "<div class=\"tab-content\" id=\"tab2\"><form method=\"post\" action=\"index.php?file=Textbox&page=admin&op=modif_shout\">\n"
- . "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" width=\"60%\" border=\"0\">\n"
- . "<tr><td><b>" . _NICKNAME . " :</b> " . $pseudo . " ( " . $ip . " )</td></tr>\n"
- . "<tr><td> </td></tr><tr><td><b>" . _SHOUT . " :</b></td></tr>\n"
- . "<tr><td><textarea name=\"texte\" cols=\"65\" rows=\"10\">" . $texte . "</textarea></td></tr>\n"
- . "<tr><td align=\"center\"><input type=\"hidden\" name=\"mid\" value=\"" . $mid . "\" /> </td></tr>\n"
- . "<tr><td align=\"center\"><input type=\"submit\" value=\"" . _MODIF . "\" /></td></tr></table>\n"
- . "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=Textbox&page=admin\"><b>" . _BACK . "</b></a> ]</div></form><br /></div></div>\n";
- }
- function modif_shout($mid, $texte)
- {
- global $nuked, $user;
- $texte = mysql_real_escape_string(stripslashes($texte));
- $sql = mysql_query("UPDATE " . TEXTBOX_TABLE . " SET texte = '" . $texte . "' WHERE id = '" . $mid . "'");
- // Action
- $texteaction = "". _ACTIONMODIFSHO .".";
- $acdate = time();
- $sqlaction = mysql_query("INSERT INTO ". $nuked['prefix'] ."_action (`date`, `pseudo`, `action`) VALUES ('".$acdate."', '".$user[0]."', '".$texteaction."')");
- //Fin action
- echo "<div class=\"notification success png_bg\">\n"
- . "<div>\n"
- . "" . _MESSEDIT . "\n"
- . "</div>\n"
- . "</div>\n";
- redirect("index.php?file=Textbox&page=admin", 2);
- }
- function del_shout($mid)
- {
- global $nuked, $user;
- $sql = mysql_query("DELETE FROM " . TEXTBOX_TABLE . " WHERE id = '" . $mid . "'");
- // Action
- $texteaction = "". _ACTIONDELSHO .".";
- $acdate = time();
- $sqlaction = mysql_query("INSERT INTO ". $nuked['prefix'] ."_action (`date`, `pseudo`, `action`) VALUES ('".$acdate."', '".$user[0]."', '".$texteaction."')");
- //Fin action
- echo "<div class=\"notification success png_bg\">\n"
- . "<div>\n"
- . "" . _MESSDEL . "\n"
- . "</div>\n"
- . "</div>\n";
- redirect("index.php?file=Textbox&page=admin", 2);
- }
- function del_all_shout()
- {
- global $nuked, $user;
- $sql = mysql_query("DELETE FROM " . TEXTBOX_TABLE);
- // Action
- $texteaction = "". _ACTIONALLDELSHO .".";
- $acdate = time();
- $sqlaction = mysql_query("INSERT INTO ". $nuked['prefix'] ."_action (`date`, `pseudo`, `action`) VALUES ('".$acdate."', '".$user[0]."', '".$texteaction."')");
- //Fin action
- echo "<div class=\"notification success png_bg\">\n"
- . "<div>\n"
- . "" . _ALLMESSDEL . "\n"
- . "</div>\n"
- . "</div>\n";
- redirect("index.php?file=Textbox&page=admin", 2);
- }
- function main()
- {
- global $nuked, $language;
- $nb_mess_guest = 30;
- $sql2 = mysql_query("SELECT id FROM " . TEXTBOX_TABLE);
- $count = mysql_num_rows($sql2);
- if (!$_REQUEST['p']) $_REQUEST['p'] = 1;
- $start = $_REQUEST['p'] * $nb_mess_guest - $nb_mess_guest;
- echo "<script type=\"text/javascript\">\n"
- . "<!--\n"
- . "\n"
- . "function del_shout(pseudo, id)\n"
- . "{\n"
- . "if (confirm('" . _DELETETEXT . " '+pseudo+' ! " . _CONFIRM . "'))\n"
- . "{document.location.href = 'index.php?file=Textbox&page=admin&op=del_shout&mid='+id;}\n"
- . "}\n"
- . "\n"
- . "function delall()\n"
- . "{\n"
- . "if (confirm('" . _DELETEALLTEXT . "'))\n"
- . "{document.location.href = 'index.php?file=Textbox&page=admin&op=del_all_shout';}\n"
- . "}\n"
- . "\n"
- . "// -->\n"
- . "</script>\n";
- echo "<div class=\"content-box\">\n" //<!-- Start Content Box -->
- . "<div class=\"content-box-header\"><h3>" . _ADMINSHOUTBOX . "</h3>\n"
- . "<div style=\"text-align:right;\"><a href=\"help/" . $language . "/Textbox.php\" rel=\"modal\">\n"
- . "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a>\n"
- . "</div></div>\n"
- . "<div class=\"tab-content\" id=\"tab2\"><div style=\"text-align: center;\">" . _SHOUTBOX . "<b> | "
- . "<a href=\"index.php?file=Textbox&page=admin&op=main_pref\">" . _PREFS . "</a> | "
- . "<a href=\"javascript:delall();\">" . _DELALLMESS . "</a></b></div><br />\n";
- if ($count > $nb_mess_guest)
- {
- number($count, $nb_mess_guest, "index.php?file=Textbox&page=admin");
- }
- echo "<table width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n"
- . "<tr>\n"
- . "<td style=\"width: 20%;\" align=\"center\"><b>" . _DATE . "</b></td>\n"
- . "<td style=\"width: 25%;\" align=\"center\"><b>" . _NICKNAME . "</b></td>\n"
- . "<td style=\"width: 25%;\" align=\"center\"><b>" . _IP . "</b></td>\n"
- . "<td style=\"width: 15%;\" align=\"center\"><b>" . _EDIT . "</b></td>\n"
- . "<td style=\"width: 15%;\" align=\"center\"><b>" . _DEL . "</b></td></tr>\n";
- $sql = mysql_query("SELECT id, date, auteur, ip FROM " . TEXTBOX_TABLE . " ORDER BY id DESC LIMIT " . $start . ", " . $nb_mess_guest."");
- while (list($id, $date, $auteur, $ip) = mysql_fetch_array($sql))
- {
- $date = nkDate($date);
- echo "<tr>\n"
- . "<td style=\"width: 20%;\" align=\"center\">" . $date . "</td>\n"
- . "<td style=\"width: 25%;\" align=\"center\">" . $auteur . "</td>\n"
- . "<td style=\"width: 25%;\" align=\"center\">" . $ip . "</td>\n"
- . "<td style=\"width: 15%;\" align=\"center\"><a href=\"index.php?file=Textbox&page=admin&op=edit_shout&mid=" . $id . "\"><img style=\"border: 0;\" src=\"images/edit.gif\" alt=\"\" title=\"" . _EDITTHISMESS . "\" /></a></td>\n"
- . "<td style=\"width: 15%;\" align=\"center\"><a href=\"javascript:del_shout('" . mysql_real_escape_string(stripslashes($auteur)) . "', '" . $id . "');\"><img style=\"border: 0;\" src=\"images/del.gif\" alt=\"\" title=\"" . _DELTHISMESS . "\" /></a></td></tr>\n";
- }
- if ($count == "0")
- {
- echo "<tr><td align=\"center\" colspan=\"5\">" . _NOMESS . "</td></tr>\n";
- }
- echo "</table>";
- if ($count > $nb_mess_guest)
- {
- number($count, $nb_mess_guest, "index.php?file=Textbox&page=admin");
- }
- echo "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=Admin\"><b>" . _BACK . "</b></a> ]</div><br /></div></div>\n";
- }
- function main_pref()
- {
- global $nuked, $language;
- echo "<script type=\"text/javascript\">\n"
- . "<!--\n"
- . "\n"
- . "function delall()\n"
- . "{\n"
- . "if (confirm('" . _DELETEALLTEXT . "'))\n"
- . "{document.location.href = 'index.php?file=Textbox&page=admin&op=del_all_shout';}\n"
- . "}\n"
- . "\n"
- . "// -->\n"
- . "</script>\n";
- echo "<div class=\"content-box\">\n" //<!-- Start Content Box -->
- . "<div class=\"content-box-header\"><h3>" . _ADMINSHOUTBOX . "</h3>\n"
- . "<div style=\"text-align:right;\"><a href=\"help/" . $language . "/Textbox.php\" rel=\"modal\">\n"
- . "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a>\n"
- . "</div></div>\n"
- . "<div class=\"tab-content\" id=\"tab2\"><div style=\"text-align: center;\"><b><a href=\"index.php?file=Textbox&page=admin\">" . _SHOUTBOX . "</a> | "
- . "</b>" . _PREFS . "<b> | "
- . "<a href=\"javascript:delall();\">" . _DELALLMESS . "</a></b></div><br />\n"
- . "<form method=\"post\" action=\"index.php?file=Textbox&page=admin&op=change_pref\">\n"
- . "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\">\n"
- . "<tr><td colspan=\"2\" align=\"center\"><big>" . _PREFS . "</big></td></tr>\n"
- . "<tr><td>" . _NUMBERSHOUT . " :</td><td> <input type=\"text\" name=\"max_shout\" size=\"2\" value=\"" . $nuked['max_shout'] . "\" /></td></tr>\n"
- . "<tr><td align=\"center\" colspan=\"2\"><input type=\"submit\" name=\"Submit\" value=\"" . _SEND . "\" /></td></tr></table>\n"
- . "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=Textbox&page=admin\"><b>" . _BACK . "</b></a> ]</div></form><br /></div></div>\n";
- }
- function change_pref($max_shout)
- {
- global $nuked, $user;
- $upd = mysql_query("UPDATE " . CONFIG_TABLE . " SET value = '" . $max_shout . "' WHERE name = 'max_shout'");
- // Action
- $texteaction = "". _ACTIONCONFSHO .".";
- $acdate = time();
- $sqlaction = mysql_query("INSERT INTO ". $nuked['prefix'] ."_action (`date`, `pseudo`, `action`) VALUES ('".$acdate."', '".$user[0]."', '".$texteaction."')");
- //Fin action
- echo "<div class=\"notification success png_bg\">\n"
- . "<div>\n"
- . "" . _PREFUPDATED . "\n"
- . "</div>\n"
- . "</div>\n";
- redirect("index.php?file=Textbox&page=admin", 2);
- }
- switch ($_REQUEST['op'])
- {
- case "edit_shout":
- edit_shout($_REQUEST['mid']);
- break;
- case "modif_shout":
- modif_shout($_REQUEST['mid'], $_REQUEST['texte']);
- break;
- case "del_shout":
- del_shout($_REQUEST['mid']);
- break;
- case "del_all_shout":
- del_all_shout();
- break;
- case "main_pref":
- main_pref();
- break;
- case "change_pref":
- change_pref($_REQUEST['max_shout']);
- break;
- default:
- main();
- break;
- }
- }
- else if ($level_admin == -1)
- {
- echo "<div class=\"notification error png_bg\">\n"
- . "<div>\n"
- . "<br /><br /><div style=\"text-align: center;\">" . _MODULEOFF . "<br /><br /><a href=\"javascript:history.back()\"><b>" . _BACK . "</b></a></div><br /><br />"
- . "</div>\n"
- . "</div>\n";
- }
- else if ($visiteur > 1)
- {
- echo "<div class=\"notification error png_bg\">\n"
- . "<div>\n"
- . "<br /><br /><div style=\"text-align: center;\">" . _NOENTRANCE . "<br /><br /><a href=\"javascript:history.back()\"><b>" . _BACK . "</b></a></div><br /><br />"
- . "</div>\n"
- . "</div>\n";
- }
- else
- {
- echo "<div class=\"notification error png_bg\">\n"
- . "<div>\n"
- . "<br /><br /><div style=\"text-align: center;\">" . _ZONEADMIN . "<br /><br /><a href=\"javascript:history.back()\"><b>" . _BACK . "</b></a></div><br /><br />"
- . "</div>\n"
- . "</div>\n";
- }
- adminfoot();
- ?>