Hej. JEg har kørt med fusion i nogle år og er rigtig glad for det...
Men er der nogle der hved når man foreslår en artikel, sådan at man kan sætte flere tekst felter ind.
Eks.
Navn: [Micky]
Alder:[14]
osv... Jeg har prøvet men "fare vild" i koden.. Nogle der kan.. Selve article.php
<?php
/*--------------------------------------------+
| PHP-Fusion 5 - Content Management System |
|---------------------------------------------|
| author: Nick Jones (Digitanium) © 2002-2005 |
| web: http://www.php-fusion.co.uk |
| email: nick@php-fusion.co.uk |
|---------------------------------------------|
| Released under the terms and conditions of |
| the GNU General Public License (Version 2) |
+--------------------------------------------*/
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
include LOCALE.LOCALESET."articles.php";
if (!isset($cat_id)) {
opentable($locale['400']);
$result = dbquery("SELECT * FROM ".$db_prefix."article_cats WHERE ".groupaccess('article_cat_access')." ORDER BY article_cat_name");
$rows = dbrows($result);
if ($rows != 0) {
$counter = 0; $columns = 2;
echo "<table cellpadding='0' cellspacing='0' width='100%' class='tbl'>\\n<tr>\\n";
while ($data = dbarray($result)) {
if ($counter != 0 && ($counter % $columns == 0)) echo "</tr>\\n<tr>\\n";
$num = dbcount("(article_cat)", "articles", "article_cat='".$data['article_cat_id']."'");
echo "<td align='center' valign='top' width='50%'><a href='".FUSION_SELF."?cat_id=".$data['article_cat_id']."'>".$data['article_cat_name']."</a> <span class='small2'>($num)</span>";
if ($data['article_cat_description'] != "") echo "<br>\\n<span class='small'>".$data['article_cat_description']."</span>";
echo "</td>\\n";
$counter++;
}
echo "</tr>\\n</table>\\n";
} else {
echo "<center><br>\\n".$locale['401']."<br><br>\\n</center>\\n";
}
closetable();
} else {
$res = 0;
if (!isNum($cat_id)) fallback(FUSION_SELF);
$result = dbquery("SELECT * FROM ".$db_prefix."article_cats WHERE article_cat_id='$cat_id'");
if (dbrows($result) != 0) {
$cdata = dbarray($result);
if (checkgroup($cdata['article_cat_access'])) {
$res = 1;
opentable($locale['400'].": ".$cdata['article_cat_name']);
$rows = dbcount("(article_id)", "articles", "article_cat='$cat_id'");
if (!isset($rowstart) || !isNum($rowstart)) $rowstart = 0;
if ($rows != 0) {
$result = dbquery("SELECT * FROM ".$db_prefix."articles WHERE article_cat='$cat_id' ORDER BY ".$cdata['article_cat_sorting']." LIMIT $rowstart,15");
$numrows = dbrows($result); $i = 1;
while ($data = dbarray($result)) {
if ($data['article_datestamp']+604800 > time()+($settings['timeoffset']*3600)) {
$new = " <span class='small'>[".$locale['402']."]</span>";
} else {
$new = "";
}
echo "<a href='readarticle.php?article_id=".$data['article_id']."'>".$data['article_subject']."</a>$new<br>\\n".stripslashes($data['article_snippet']);
echo ($i != $numrows ? "<br><br>\\n" : "\\n"); $i++;
}
closetable();
if ($rows > 15) echo "<div align='center' style='margin-top:5px;'>\\n".makePageNav($rowstart,15,$rows,3,FUSION_SELF."?cat_id=$cat_id&")."\\n</div>\\n";
} else {
echo "<center>".$locale['403']."</center>\\n";
closetable();
}
}
}
if ($res == 0) redirect(FUSION_SELF);
}
require_once "side_right.php";
require_once "footer.php";
?>..
Og her er den side som Admin godkender artikelen på :
<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "../maincore.php";
require_once ADMIN."subheader.php";
require_once ADMIN."navigation.php";
include LOCALE.LOCALESET."admin/submissions.php";
if (!checkrights("SU") || !defined("iAUTH") || $aid != iAUTH) fallback("../index.php");
if (isset($submit_id) && !isNum($submit_id)) fallback(FUSION_SELF.$aidlink);
if (!isset($stage)) $stage = "";
$links = ""; $news = ""; $articles = ""; $photos = "";
if ($stage == "" || $stage == "1") {
if (isset($delete)) {
opentable($locale['400']);
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$delete'");
echo "<br><div align='center'>".$locale['401']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else {
$result = dbquery("SELECT * FROM ".$db_prefix."submissions WHERE submit_type='l' ORDER BY submit_datestamp DESC");
if (dbrows($result) != "0") {
while ($data = dbarray($result)) {
$submit_criteria = unserialize($data['submit_criteria']);
$links .= "<tr>\\n<td class='tbl1'>".$submit_criteria['link_name']."</td>
<td align='right' width='1%' class='tbl1' style='white-space:nowrap'><span class='small'><a href='".FUSION_SELF.$aidlink."&stage=2&t=l&submit_id=".$data['submit_id']."'>".$locale['417']."</a></span> |
<span class='small'><a href='".FUSION_SELF.$aidlink."&delete=".$data['submit_id']."'>".$locale['418']."</a></span></td>\\n</tr>\\n";
}
} else {
$links = "<tr>\\n<td colspan='2' class='tbl1'>".$locale['414']."</td>\\n</tr>\\n";
}
$result = dbquery("SELECT * FROM ".$db_prefix."submissions WHERE submit_type='n' ORDER BY submit_datestamp DESC");
if (dbrows($result) != "0") {
while ($data = dbarray($result)) {
$submit_criteria = unserialize($data['submit_criteria']);
$news .= "<tr>\\n<td class='tbl1'>".$submit_criteria['news_subject']."</td>
<td align='right' width='1%' class='tbl1' style='white-space:nowrap'><span class='small'><a href='".FUSION_SELF.$aidlink."&stage=2&t=n&submit_id=".$data['submit_id']."'>".$locale['417']."</a></span> |
<span class='small'><a href='".FUSION_SELF.$aidlink."&delete=".$data['submit_id']."'>".$locale['418']."</a></span></td>\\n</tr>\\n";
}
} else {
$news = "<tr>\\n<td colspan='2' class='tbl1'>".$locale['415']."</td>\\n</tr>\\n";
}
$result = dbquery("SELECT * FROM ".$db_prefix."submissions WHERE submit_type='a' ORDER BY submit_datestamp DESC");
if (dbrows($result) != "0") {
while ($data = dbarray($result)) {
$submit_criteria = unserialize($data['submit_criteria']);
$articles .= "<tr>\\n<td class='tbl1'>".$submit_criteria['article_subject']."</td>
<td align='right' width='1%' class='tbl1' style='white-space:nowrap'><span class='small'><a href='".FUSION_SELF.$aidlink."&stage=2&t=a&submit_id=".$data['submit_id']."'>".$locale['417']."</a></span> |
<span class='small'><a href='".FUSION_SELF.$aidlink."&delete=".$data['submit_id']."'>".$locale['418']."</a></span></td>\\n</tr>\\n";
}
} else {
$articles = "<tr>\\n<td colspan='2' class='tbl1'>".$locale['416']."</td>\\n</tr>\\n";
}
$result = dbquery("SELECT * FROM ".$db_prefix."submissions WHERE submit_type='p' ORDER BY submit_datestamp DESC");
if (dbrows($result) != "0") {
while ($data = dbarray($result)) {
$submit_criteria = unserialize($data['submit_criteria']);
$photos .= "<tr>\\n<td class='tbl1'>".$submit_criteria['photo_title']."</td>
<td align='right' width='1%' class='tbl1' style='white-space:nowrap'><span class='small'><a href='".FUSION_SELF.$aidlink."&stage=2&t=p&submit_id=".$data['submit_id']."'>".$locale['417']."</a></span> |
<span class='small'><a href='".FUSION_SELF.$aidlink."&delete=".$data['submit_id']."'>".$locale['418']."</a></span></td>\\n</tr>\\n";
}
} else {
$photos = "<tr>\\n<td colspan='2' class='tbl1'>".$locale['420']."</td>\\n</tr>\\n";
}
opentable($locale['410']);
echo "<table align='center' width='400' cellpadding='0' cellspacing='1' class='tbl-border'>
<tr>
<td colspan='2' class='tbl2'>".$locale['411']."</td>
</tr>
$links<tr>
<td colspan='2' class='tbl2'>".$locale['412']."</td>
</tr>
$news<tr>
<td colspan='2' class='tbl2'>".$locale['413']."</td>
</tr>
$articles
<td colspan='2' class='tbl2'>".$locale['419']."</td>
</tr>
$photos</table>\\n";
closetable();
}
}
if ($stage == "2" && $t == "l") {
if (isset($_POST['add'])) {
$link_name = stripinput($_POST['link_name']);
$link_url = stripinput($_POST['link_url']);
$link_description = stripinput($_POST['link_description']);
$result = dbquery("INSERT INTO ".$db_prefix."weblinks (weblink_name, weblink_description, weblink_url, weblink_cat, weblink_datestamp, weblink_count) VALUES ('$link_name', '$link_description', '$link_url', '".$_POST['link_category']."', '".time()."', '0')");
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
opentable($locale['430']);
echo "<br><div align='center'>".$locale['431']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else if (isset($_POST['delete'])) {
opentable($locale['432']);
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
echo "<br><div align='center'>".$locale['433']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else {
$opts = "";
$result = dbquery("SELECT * FROM ".$db_prefix."weblink_cats ORDER BY weblink_cat_name");
if (dbrows($result) != 0) {
while($data = dbarray($result)) $opts .= "<option value='".$data['weblink_cat_id']."'>".$data['weblink_cat_name']."</option>\\n";
} else {
$opts .= "<option value='0'>".$locale['434']."</option>\\n";
}
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$posted = showdate("longdate", $data['submit_datestamp']);
opentable($locale['440']);
echo "<form name='publish' method='post' action='".FUSION_SELF.$aidlink."&stage=2&t=l&submit_id=$submit_id'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td style='text-align:center;' class='tbl'>".$locale['441']."<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."'>".$data['user_name']."</a>".$locale['442']."$posted</td>
</tr>
<tr>
<td style='text-align:center;' class='tbl'><a href='".$submit_criteria['link_url']."' target='_blank'>".$submit_criteria['link_name']."</a> - ".$submit_criteria['link_url']."</td>
</tr>
<tr>
<td style='text-align:center;' class='tbl'><span class='alt'>".$locale['443']."</span> ".$submit_criteria['link_category']."</td>
</tr>
</table>
<table align='center'>
<tr>
<td>".$locale['443']."</td>
<td><select name='link_category' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td>".$locale['444']."</td>
<td><input type='text' name='link_name' value='".$submit_criteria['link_name']."' class='textbox' style='width:300px'></td>
</tr>
<tr>
<td>".$locale['445']."</td>
<td><input type='text' name='link_url' value='".$submit_criteria['link_url']."' class='textbox' style='width:300px'></td>
</tr>
<tr>
<td>".$locale['446']."</td>
<td><input type='text' name='link_description' value='".$submit_criteria['link_description']."' class='textbox' style='width:300px'></td>
</tr>
</table>
<center><br>
".$locale['447']."<br>
<input type='submit' name='add' value='".$locale['448']."' class='button'>
<input type='submit' name='delete' value='".$locale['449']."' class='button'></center>
</form>\\n";
closetable();
}
}
if ($stage == "2" && $t == "n") {
if (isset($_POST['publish'])) {
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$news_subject = stripinput($_POST['news_subject']);
$news_cat = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
$news_body = addslash($_POST['news_body']);
$news_breaks = ($_POST['news_breaks'] == "y") ? "y" : "n";
$result = dbquery("INSERT INTO ".$db_prefix."news (news_subject, news_cat, news_news, news_extended, news_breaks, news_name, news_datestamp, news_start, news_end, news_visibility, news_reads, news_allow_comments, news_allow_ratings) VALUES ('$news_subject', '$news_cat', '$news_body', '', '$news_breaks', '".$data['user_id']."', '".time()."', '0', '0', '0', '0', '1', '1')");
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
opentable($locale['490']);
echo "<br><div align='center'>".$locale['491']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else if (isset($_POST['delete'])) {
opentable($locale['492']);
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
echo "<br><div align='center'>".$locale['493']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else {
if ($settings['tinymce_enabled'] == 1) echo "<script type='text/javascript'>advanced();</script>\\n";
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$news_subject = $submit_criteria['news_subject'];
$news_cat = $submit_criteria['news_cat'];
$news_body = phpentities(stripslashes($submit_criteria['news_body']));
$news_breaks = $submit_criteria['news_breaks'];
$news_cat_opts = ""; $sel = "";
$result2 = dbquery("SELECT * FROM ".$db_prefix."news_cats ORDER BY news_cat_name");
if (dbrows($result2)) {
while ($data2 = dbarray($result2)) {
if (isset($news_cat)) $sel = ($news_cat == $data2['news_cat_id'] ? " selected" : "");
$news_cat_opts .= "<option value='".$data2['news_cat_id']."'$sel>".$data2['news_cat_name']."</option>\\n";
}
}
opentable($locale['500']);
echo "<form name='publish' method='post' action='".FUSION_SELF.$aidlink."&sub=submissions&stage=2&t=n&submit_id=$submit_id'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['505']."</td>
<td width='80%' class='tbl'><input type='text' name='news_subject' value='$news_subject' class='textbox' style='width: 250px'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['506']."</td>
<td width='80%' class='tbl'><select name='news_cat' class='textbox'>
<option value='0'>".$locale['507']."</option>
$news_cat_opts</select>
</td>
</tr>
<tr>
<td valign='top' width='100' class='tbl'>".$locale['508']."</td>
<td width='80%' class='tbl'><textarea name='news_body' cols='65' rows='10' class='textbox'>$news_body</textarea></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl1'><br>
".$locale['501']."<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."'>".$data['user_name']."</a><br><br>
".$locale['502']."<br>
<input type='hidden' name='news_breaks' value='$news_breaks'>
<input type='submit' name='publish' value='".$locale['503']."' class='button'>
<input type='submit' name='delete' value='".$locale['504']."' class='button'>
</td>
</tr>
</table>
</form>\\n";
closetable();
}
}
if ($stage == "2" && $t == "a") {
if (isset($_POST['publish'])) {
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$article_cat = $_POST['article_cat'];
$article_subject = $_POST['article_subject'];
$article_snippet = addslash($_POST['article_snippet']);
$article_body = addslash($_POST['article_body']);
$article_breaks = ($_POST['article_breaks'] == "y") ? "y" : "n";
$result = dbquery("INSERT INTO ".$db_prefix."articles (article_cat, article_subject, article_snippet, article_article, article_breaks, article_name, article_datestamp, article_reads, article_allow_comments, article_allow_ratings) VALUES ('$article_cat', '$article_subject', '$article_snippet', '$article_body', '$article_breaks', '".$data['user_id']."', '".time()."', '0', '1', '1')");
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
opentable($locale['530']);
echo "<br><div align='center'>".$locale['531']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else if (isset($_POST['delete'])) {
opentable($locale['532']);
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
echo "<br><div align='center'>".$locale['533']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else {
if ($settings['tinymce_enabled'] == 1) echo "<script type='text/javascript'>advanced();</script>\\n";
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$article_cat = $submit_criteria['article_cat'];
$article_subject = $submit_criteria['article_subject'];
$article_snippet = phpentities(stripslashes($submit_criteria['article_snippet']));
$article_body = phpentities(stripslashes($submit_criteria['article_body']));
$article_breaks = $submit_criteria['article_breaks'];
$result2 = dbquery("SELECT * FROM ".$db_prefix."article_cats ORDER BY article_cat_name DESC");
$article_cat_opts = ""; $sel = "";
while ($data2 = dbarray($result2)) {
if (isset($article_cat)) $sel = ($article_cat == $data2['article_cat_id'] ? " selected" : "");
$article_cat_opts .= "<option value='".$data2['article_cat_id']."'$sel>".$data2['article_cat_name']."</option>\\n";
}
opentable($locale['540']);
echo "<form name='publish' method='post' action='".FUSION_SELF.$aidlink."&sub=submissions&stage=2&t=a&submit_id=$submit_id'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['506']."</td>
<td width='80%' class='tbl'><select name='article_cat' class='textbox'>
$article_cat_opts</select></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['505']."</td>
<td width='80%' class='tbl'><input type='text' name='article_subject' value='$article_subject' class='textbox' style='width: 250px'></td>
</tr>
<tr>
<td valign='top' width='100' class='tbl'>".$locale['547']."</td>
<td width='80%' class='tbl'><textarea name='article_snippet' cols='65' rows='5' class='textbox'>$article_snippet</textarea></td>
</tr>
<tr>
<td valign='top' width='100' class='tbl'>".$locale['548']."</td>
<td width='80%' class='tbl'><textarea name='article_body' cols='65' rows='10' class='textbox'>$article_body</textarea></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl1'><br>
".$locale['541']."<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."'>".$data['user_name']."</a><br><br>
".$locale['542']."<br>
<input type='hidden' name='article_breaks' value='$article_breaks'>
<input type='submit' name='publish' value='".$locale['543']."' class='button'>
<input type='submit' name='delete' value='".$locale['544']."' class='button'>
</td>
</tr>
</table>
</form>\\n";
closetable();
}
}
if ($stage == "2" && $t == "p") {
if (isset($_POST['publish'])) {
define("SAFEMODE", @ini_get("safe_mode") ? true : false);
require_once INCLUDES."photo_functions_include.php";
$photo_file = ""; $photo_thumb1 = ""; $photo_thumb2 = "";
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$photo_title = stripinput($_POST['photo_title']);
$photo_description = stripinput($_POST['photo_description']);
$album_id = isNum($_POST['album_id']) ? $_POST['album_id'] : "0";
$photo_name = strtolower(substr($submit_criteria['photo_file'], 0, strrpos($submit_criteria['photo_file'], ".")));
$photo_ext = strtolower(strrchr($submit_criteria['photo_file'],"."));
$photo_dest = PHOTOS.(!SAFEMODE ? "album_".$album_id."/" : "");
$photo_file = image_exists($photo_dest, $photo_name.$photo_ext);
copy(PHOTOS."submissions/".$submit_criteria['photo_file'], $photo_dest.$photo_file);
chmod($photo_dest.$photo_file, 0644);
unlink(PHOTOS."submissions/".$submit_criteria['photo_file']);
$imagefile = @getimagesize($photo_dest.$photo_file);
$photo_thumb1 = image_exists($photo_dest, $photo_name."_t1".$photo_ext);
createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb1, $settings['thumb_w'], $settings['thumb_h']);
if ($imagefile[0] > $settings['photo_w'] || $imagefile[1] > $settings['photo_h']) {
$photo_thumb2 = image_exists($photo_dest, $photo_name."_t2".$photo_ext);
createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb2, $settings['photo_w'], $settings['photo_h']);
}
$photo_order = dbresult(dbquery("SELECT MAX(photo_order) FROM ".$db_prefix."photos WHERE album_id='$album_id'"), 0) + 1;
$result = dbquery("INSERT INTO ".$db_prefix."photos (album_id, photo_title, photo_description, photo_filename, photo_thumb1, photo_thumb2, photo_datestamp, photo_user, photo_views, photo_order, photo_allow_comments, photo_allow_ratings) VALUES ('$album_id', '$photo_title', '$photo_description', '$photo_file', '$photo_thumb1', '$photo_thumb2', '".time()."', '".$data['submit_user']."', '0', '$photo_order', '1', '1')");
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
opentable($locale['580']);
echo "<br><div align='center'>".$locale['581']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else if (isset($_POST['delete'])) {
opentable($locale['582']);
$data = dbarray(dbquery("SELECT * FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'"));
$submit_criteria = unserialize($data['submit_criteria']);
@unlink(PHOTOS."submissions/".$submit_criteria['photo_file']);
$result = dbquery("DELETE FROM ".$db_prefix."submissions WHERE submit_id='$submit_id'");
echo "<br><div align='center'>".$locale['583']."<br><br>
<a href='".FUSION_SELF.$aidlink."'>".$locale['402']."</a><br><br>
<a href='index.php".$aidlink."'>".$locale['403']."</a></div><br>\\n";
closetable();
} else {
$data = dbarray(dbquery(
"SELECT ts.*, user_id,user_name FROM ".$db_prefix."submissions ts
LEFT JOIN ".$db_prefix."users tu ON ts.submit_user=tu.user_id
WHERE submit_id='$submit_id'"
));
$submit_criteria = unserialize($data['submit_criteria']);
$photo_title = $submit_criteria['photo_title'];
$photo_description = $submit_criteria['photo_description'];
$photo_file = $submit_criteria['photo_file'];
$album_id = $submit_criteria['album_id'];
$photo_albums = ""; $sel = "";
$result2 = dbquery("SELECT * FROM ".$db_prefix."photo_albums ORDER BY album_title");
if (dbrows($result2)) {
while ($data2 = dbarray($result2)) {
if (isset($album_id)) $sel = ($album_id == $data2['album_id'] ? " selected" : "");
$photo_albums .= "<option value='".$data2['album_id']."'$sel>".$data2['album_title']."</option>\\n";
}
}
opentable($locale['500']);
echo "<form name='publish' method='post' action='".FUSION_SELF.$aidlink."&sub=submissions&stage=2&t=p&submit_id=$submit_id'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['596']."</td>
<td width='80%' class='tbl'><input type='text' name='photo_title' value='$photo_title' class='textbox' style='width: 250px'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['597']."</td>
<td width='80%' class='tbl'><input type='text' name='photo_description' value='$photo_description' class='textbox' style='width: 250px'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['598']."</td>
<td width='80%' class='tbl'><select name='album_id' class='textbox'>
<option value='0'>".$locale['507']."</option>
$photo_albums</select>
</td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl1'><br>
<a href='".PHOTOS."submissions/".$photo_file."' target='_blank'>".$locale['591']."</a><br><br>
".$locale['592']."<a href='".BASEDIR."profile.php?lookup=".$data['user_id']."'>".$data['user_name']."</a><br><br>
".$locale['593']."<br>
<input type='submit' name='publish' value='".$locale['594']."' class='button'>
<input type='submit' name='delete' value='".$locale['595']."' class='button'>
</td>
</tr>
</table>
</form>\\n";
closetable();
}
}
echo "</td>\\n";
require_once BASEDIR."footer.php";
?>..
og den sidste hvor brugeren skriver sin artikel.
<?php
/*---------------------------------------------------+
| PHP-Fusion 6 Content Management System
+----------------------------------------------------+
| Copyright © 2002 - 2006 Nick Jones
| http://www.php-fusion.co.uk/
+----------------------------------------------------+
| Released under the terms & conditions of v2 of the
| GNU General Public License. For details refer to
| the included gpl.txt file or visit http://gnu.org
+----------------------------------------------------*/
require_once "maincore.php";
require_once "subheader.php";
require_once "side_left.php";
include LOCALE.LOCALESET."submit.php";
if (!iMEMBER) fallback("index.php");
if (!isset($stype) || !in_array($stype, array("a","l","n","p"))) fallback("index.php");
if ($stype == "l") {
if (isset($_POST['submit_link'])) {
if ($_POST['link_name'] != "" && $_POST['link_url'] != "" && $_POST['link_description'] != "") {
$submit_info['link_category'] = stripinput($_POST['link_category']);
$submit_info['link_name'] = stripinput($_POST['link_name']);
$submit_info['link_url'] = stripinput($_POST['link_url']);
$submit_info['link_description'] = stripinput($_POST['link_description']);
$result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('l', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
opentable($locale['400']);
echo "<center><br>\\n".$locale['410']."<br><br>
<a href='submit.php?stype=l'>".$locale['411']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\\n</center>\\n";
closetable();
}
} else {
$opts = "";
opentable($locale['400']);
$result = dbquery("SELECT * FROM ".$db_prefix."weblink_cats ORDER BY weblink_cat_name");
if (dbrows($result)) {
while ($data = dbarray($result)) $opts .= "<option>".$data['weblink_cat_name']."</option>\\n";
echo $locale['420']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=l' onSubmit='return validateLink(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['421']."</td>
<td class='tbl'><select name='link_category' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['422']."</td>
<td class='tbl'><input type='text' name='link_name' maxlength='100' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['423']."</td>
<td class='tbl'><input type='text' name='link_url' value='http://' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td class='tbl'>".$locale['424']."</td>
<td class='tbl'><input type='text' name='link_description' maxlength='200' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_link' value='".$locale['425']."' class='button'>
</td>
</tr>
</table>
</form>\\n";
} else {
echo "<center><br>\\n".$locale['551']."<br><br>\\n</center>\\n";
}
closetable();
}
} elseif ($stype == "n") {
if (isset($_POST['submit_news'])) {
if ($_POST['news_subject'] != "" && $_POST['news_body'] != "") {
$submit_info['news_subject'] = stripinput($_POST['news_subject']);
$submit_info['news_cat'] = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
$submit_info['news_body'] = descript($_POST['news_body']);
$submit_info['news_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
$result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES('n', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
opentable($locale['400']);
echo "<center><br>\\n".$locale['460']."<br><br>
<a href='submit.php?stype=n'>".$locale['461']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\\n</center>\\n";
closetable();
}
} else {
if (isset($_POST['preview_news'])) {
$news_subject = stripinput($_POST['news_subject']);
$news_cat = isNum($_POST['news_cat']) ? $_POST['news_cat'] : "0";
$news_body = phpentities(descript(stripslash($_POST['news_body'])));
$breaks = (isset($_POST['line_breaks']) ? " checked" : "");
opentable($news_subject);
echo (isset($_POST['line_breaks']) ? nl2br($news_body) : $news_body);
closetable();
tablebreak();
}
if (!isset($_POST['preview_news'])) {
$news_subject = "";
$news_body = "";
$breaks = " checked";
}
$news_cat_opts = ""; $sel = "";
$result2 = dbquery("SELECT * FROM ".$db_prefix."news_cats ORDER BY news_cat_name");
if (dbrows($result2)) {
while ($data2 = dbarray($result2)) {
if (isset($news_cat)) $sel = ($news_cat == $data2['news_cat_id'] ? " selected" : "");
$news_cat_opts .= "<option value='".$data2['news_cat_id']."'$sel>".$data2['news_cat_name']."</option>\\n";
}
}
opentable($locale['450']);
echo $locale['470']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=n' onSubmit='return validateNews(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['471']."</td>
<td class='tbl'><input type='text' name='news_subject' value='$news_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td width='100' class='tbl'>".$locale['476']."</td>
<td width='80%' class='tbl'><select name='news_cat' class='textbox'>
<option value='0'>".$locale['477']."</option>
$news_cat_opts</select>
</td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['472']."</td>
<td class='tbl'><textarea class='textbox' name='news_body' rows='8' style='width:300px;'>$news_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['473']."<br><br>
<input type='submit' name='preview_news' value='".$locale['474']."' class='button'>
<input type='submit' name='submit_news' value='".$locale['475']."' class='button'></center>
</td>
</tr>
</table>
</form>\\n";
closetable();
}
} elseif ($stype == "a") {
if (isset($_POST['submit_article'])) {
if ($_POST['article_subject'] != "" && $_POST['article_body'] != "") {
$submit_info['article_cat'] = $_POST['article_cat'];
$submit_info['article_subject'] = stripinput($_POST['article_subject']);
$submit_info['article_snippet'] = descript($_POST['article_snippet']);
$submit_info['article_body'] = descript($_POST['article_body']);
$submit_info['article_breaks'] = (isset($_POST['line_breaks']) ? "y" : "n");
$result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('a', '".$userdata['user_id']."', '".time()."', '".addslashes(serialize($submit_info))."')");
opentable($locale['400']);
echo "<center><br>\\n".$locale['510']."<br><br>
<a href='submit.php?stype=a'>".$locale['511']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\\n</center>\\n";
closetable();
}
} else {
if (isset($_POST['preview_article'])) {
$article_cat = $_POST['article_cat'];
$article_subject = stripinput($_POST['article_subject']);
$article_snippet = phpentities(descript(stripslash($_POST['article_snippet'])));
$article_body = phpentities(descript(stripslash($_POST['article_body'])));
$breaks = (isset($_POST['line_breaks']) ? " checked" : "");
opentable($article_subject);
echo (isset($_POST['line_breaks']) ? nl2br($article_body) : $article_body);
closetable();
tablebreak();
}
if (!isset($_POST['preview_article'])) {
$article_category = "";
$article_subject = "";
$article_snippet = "";
$article_body = "";
$breaks = " checked";
}
$cat_list = ""; $sel = "";
opentable($locale['500']);
$result = dbquery("SELECT * FROM ".$db_prefix."article_cats ORDER BY article_cat_name DESC");
if (dbrows($result)) {
while ($data = dbarray($result)) {
if (isset($_POST['preview_article'])) $sel = ($article_cat == $data['article_cat_id'] ? " selected" : "");
$cat_list .= "<option value='".$data['article_cat_id']."'$sel>".$data['article_cat_name']."</option>\\n";
}
echo $locale['520']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=a' onSubmit='return validateArticle(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td width='100' class='tbl'>".$locale['521']."</td>
<td class='tbl'><select name='article_cat' class='textbox'>
$cat_list</select></td>
</tr>
<tr>
<td class='tbl'>".$locale['522']."</td>
<td class='tbl'><input type='text' name='article_subject' value='$article_subject' maxlength='64' class='textbox' style='width:300px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['523']."</td>
<td class='tbl'><textarea class='textbox' name='article_snippet' rows='3' style='width:300px;'>$article_snippet</textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['524']."</td>
<td class='tbl'><textarea class='textbox' name='article_body' rows='8' style='width:300px;'>$article_body</textarea></td>
</tr>
<tr>
<td colspan='2' class='tbl'><br><center>
<input type='checkbox' name='line_breaks' value='yes'$breaks>".$locale['525']."<br><br>
<input type='submit' name='preview_article' value='".$locale['526']."' class='button'>
<input type='submit' name='submit_article' value='".$locale['527']."' class='button'></center>
</td>
</tr>
</table>
</form>\\n";
} else {
echo "<center><br>\\n".$locale['551']."<br><br>\\n</center>\\n";
}
closetable();
}
} elseif ($stype == "p") {
if (isset($_POST['submit_photo'])) {
require_once INCLUDES."photo_functions_include.php";
$error = "";
$submit_info['photo_title'] = stripinput($_POST['photo_title']);
$submit_info['photo_description'] = stripinput($_POST['photo_description']);
$submit_info['album_id'] = isNum($_POST['album_id']) ? $_POST['album_id'] : "0";
if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) {
$photo_types = array(".gif",".jpg",".jpeg",".png");
$photo_pic = $_FILES['photo_pic_file'];
$photo_name = strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")));
$photo_ext = strtolower(strrchr($photo_pic['name'],"."));
$photo_dest = PHOTOS."submissions/";
if (!preg_match("/^[-0-9A-Z_\\[\\]]+$/i", $photo_name)) {
$error = 1;
} elseif ($photo_pic['size'] > $settings['photo_max_b']){
$error = 2;
} elseif (!in_array($photo_ext, $photo_types)) {
$error = 3;
} else {
$photo_file = image_exists($photo_dest, $photo_name.$photo_ext);
move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file);
chmod($photo_dest.$photo_file, 0644);
$imagefile = @getimagesize($photo_dest.$photo_file);
if (!verify_image($photo_dest.$photo_file)) {
$error = 3;
unlink($photo_dest.$photo_file);
} elseif ($imagefile[0] > $settings['photo_max_w'] || $imagefile[1] > $settings['photo_max_h']) {
$error = 4;
unlink($photo_dest.$photo_file);
} else {
$submit_info['photo_file'] = $photo_file;
}
}
}
opentable($locale['570']);
if (!$error) {
$result = dbquery("INSERT INTO ".$db_prefix."submissions (submit_type, submit_user, submit_datestamp, submit_criteria) VALUES ('p', '".$userdata['user_id']."', '".time()."', '".serialize($submit_info)."')");
echo "<center><br>\\n".$locale['580']."<br><br>
<a href='submit.php?stype=p'>".$locale['581']."</a><br><br>
<a href='index.php'>".$locale['412']."</a><br><br>\\n</center>\\n";
} else {
echo "<center><br>\\n".$locale['600']."<br><br>\\n";
if ($error == 1) { echo $locale['601']; }
elseif ($error == 2) { echo sprintf($locale['602'], $settings['photo_max_b']); }
elseif ($error == 3) { echo $locale['603']; }
elseif ($error == 4) { echo sprintf($locale['604'], $settings['photo_max_w'], $settings['photo_max_h']); }
echo "<br><br>\\n<a href='submit.php?stype=p'>".$locale['411']."</a><br><br>\\n</center>\\n";
}
closetable();
} else {
$opts = "";
opentable($locale['570']);
$result = dbquery("SELECT * FROM ".$db_prefix."photo_albums ORDER BY album_title");
if (dbrows($result)) {
while ($data = dbarray($result)) $opts .= "<option value='".$data['album_id']."'>".$data['album_title']."</option>\\n";
echo $locale['620']."<br><br>
<form name='submit_form' method='post' action='".FUSION_SELF."?stype=p' enctype='multipart/form-data' onSubmit='return validatePhoto(this);'>
<table align='center' cellpadding='0' cellspacing='0'>
<tr>
<td class='tbl'>".$locale['621']."</td>
<td class='tbl'><input type='text' name='photo_title' maxlength='100' class='textbox' style='width:250px;'></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['622']."</td>
<td class='tbl'><textarea name='photo_description' rows='5' class='textbox' style='width:250px;'></textarea></td>
</tr>
<tr>
<td valign='top' class='tbl'>".$locale['623']."</td>
<td class='tbl'><input type='file' name='photo_pic_file' class='textbox' style='width:250px;'><br>
<span class='small2'>".sprintf($locale['624'], parsebytesize($settings['photo_max_b']), $settings['photo_max_w'], $settings['photo_max_h'])."</span></td>
</tr>
<tr>
<td class='tbl'>".$locale['625']."</td>
<td class='tbl'><select name='album_id' class='textbox'>
$opts</select></td>
</tr>
<tr>
<td align='center' colspan='2' class='tbl'><br>
<input type='submit' name='submit_photo' value='".$locale['626']."' class='button'>
</td>
</tr>
</table>
</form>\\n";
} else {
echo "<center><br>\\n".$locale['551']."<br><br>\\n</center>\\n";
}
closetable();
}
}
echo "<script type='text/javascript'>
function validateLink(frm) {
if (frm.link_name.value==\\"\\" || frm.link_name.value==\\"\\" || frm.link_description.value==\\"\\") {
alert(\\"".$locale['550']."\\"); return false;
}
}
function validateNews(frm) {
if (frm.news_subject.value==\\"\\" || frm.news_body.value==\\"\\") {
alert(\\"".$locale['550']."\\"); return false;
}
}
function validateArticle(frm) {
if (frm.article_subject.value==\\"\\" || frm.article_snippet.value==\\"\\" || frm.article_body.value==\\"\\") {
alert(\\"".$locale['550']."\\");
return false;
}
}
function validatePhoto(frm) {
if (frm.photo_title.value==\\"\\" || frm.photo_description.value==\\"\\" || frm.photo_pic_file.value==\\"\\") {
alert(\\"".$locale['550']."\\");
return false;
}
}
</script>\\n";
require_once "side_right.php";
require_once "footer.php";
?>