<?php
/*
MGB 0.6.x - OpenSource PHP and MySql Guestbook
Copyright (C) 2004 - 2011 Juergen Grueneisl - http://www.m-gb.org/
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
// =============== //
// smilies.inc.php //
// =============== //
//
// ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //
// make sure nobody has direct acces to this script
if (!defined('ADMINISTRATION'))
{
include ("error.html");
die();
}
else
{
if(check_rights($_GET['action'], $_SESSION['ID']))
{
// load config, settings and language files
require ("../includes/config.inc.php");
require ("../includes/load_settings.inc.php");
require ("../language/".$settings['language_path']."/lang_admin.php");
// load templates
require ("load_template_admin.inc.php");
// connect to database
$link = @mysql_connect($db['hostname'], $db['username'], $db['password']) or die ("(smilies.inc.php) Error, line 46: ".mysql_error());
@mysql_select_db($db['dbname'], $link) or die ("(smilies.inc.php) Error, line 47: ".mysql_error());
if (isset($_POST['sent_smilies']) AND $_POST['sent_smilies'] == 1)
{
for($i = 0; $i < $_SESSION['SMILEY_COUNT']; $i++)
{
if ($_POST['path_'.$i.''] != "" AND $_POST['replacement_'.$i.''] != "")
{
$sql = "UPDATE `".$db['prefix']."smilies` SET
`path` = '".cleanstr($_POST['path_'.$i.''])."',
`replacement` = '".cleanstr($_POST['replacement_'.$i.''])."',
`height` = '".cleanstr($_POST['height_'.$i.''])."',
`width` = '".cleanstr($_POST['width_'.$i.''])."'
WHERE ID=".secure_value($_POST['real_id_'.$i.''])." LIMIT 1";
}
elseif (
isset($_POST['path_'.$i.'']) AND
isset($_POST['replacement_'.$i.'']) AND
isset($_POST['width_'.$i.'']) AND
isset($_POST['height_'.$i.'']) AND
($_POST['path_'.$i.''] == "") AND
($_POST['replacement_'.$i.''] == "") AND
($_POST['width_'.$i.''] == "") AND
($_POST['height_'.$i.''] == ""))
{
$sql = "DELETE FROM `".$db['dbname']."`.`".$db['prefix']."smilies` WHERE `".$db['prefix']."smilies`.`ID` = ".secure_value($_POST['real_id_'.$i.'']);
}
if ( @mysql_query($sql, $link) or die ("(smilies.inc.php) Error, line 75: ".mysql_error()) )
{
$successfull = 1;
}
}
}
// user wants to delete more than one smilies at once
if (isset($_POST['dropbox']) AND (!empty($_POST['dropbox'])))
{
if ($_POST['dropbox'] == 1) // delete checked smilies, keep unchecked
{
for($i = 0; $i < $_SESSION['SMILEY_COUNT']; $i++)
{
if (isset($_POST['edit_smiley_'.$i.'']) AND (!empty($_POST['edit_smiley_'.$i.''])))
{
$sql = "DELETE FROM `".$db['dbname']."`.`".$db['prefix']."smilies` WHERE `".$db['prefix']."smilies`.`ID` = ".secure_value($_POST['real_id_'.$i.'']);
if ( @mysql_query($sql, $link) or die ("(smilies.inc.php) Error, line 92: ".mysql_error()) )
{
$successfull = 1;
}
}
}
}
elseif ($_POST['dropbox'] == 2) // delete unchecked smilies, keep checked
{
for($i = 0; $i < $_SESSION['SMILEY_COUNT']; $i++)
{
if (empty($_POST['edit_smiley_'.$i.'']))
{
$sql = "DELETE FROM `".$db['dbname']."`.`".$db['prefix']."smilies` WHERE `".$db['prefix']."smilies`.`ID` = ".secure_value($_POST['real_id_'.$i.'']);
if ( @mysql_query($sql, $link) or die ("(smilies.inc.php) Error, line 106: ".mysql_error()) )
{
$successfull = 1;
}
}
}
}
}
// user wants to add a new smiley
if (!empty($_POST['new_path']) AND !empty($_POST['new_replacement']))
{
require ("../includes/functions.inc.php");
$sql = "INSERT INTO ".$db['prefix']."smilies (
path,
replacement,
height,
width
) values (
'".cleanstr($_POST['new_path'])."',
'".cleanstr($_POST['new_replacement'])."',
'".cleanstr($_POST['new_height'])."',
'".cleanstr($_POST['new_width'])."'
)";
if ( @mysql_query($sql, $link) or die ("(smilies.inc.php) Error, line 132: ".mysql_error()) )
{
$successfull = 1;
}
}
// load smilies
$sql="SELECT * FROM ".$db['prefix']."smilies ORDER BY ID ".$settings['smileys_order'];
$result = @mysql_query($sql, $link) or die ("(smilies.inc.php) Error, line 140: ".mysql_error());
for($i = 0; $i < mysql_num_rows($result); $i++)
{
$smiley[$i] = mysql_fetch_array($result);
}
if(!isset($smiley)) { $smiley = NULL; }
$_SESSION['SMILEY_COUNT'] = count($smiley); // count smilies
for($i = 0; $i < count($smiley); $i++)
{
$page_smilies[$i] = $content_smilies_single;
// fill template with smilies
$page_smilies[$i] = template("SMILEY_PATH", $smiley[$i]['path'], $page_smilies[$i]);
$page_smilies[$i] = template("SMILEY_REPLACEMENT", $smiley[$i]['replacement'], $page_smilies[$i]);
$page_smilies[$i] = template("SMILEY_HEIGHT", $smiley[$i]['height'], $page_smilies[$i]);
$page_smilies[$i] = template("SMILEY_WIDTH", $smiley[$i]['width'], $page_smilies[$i]);
$page_smilies[$i] = template("SMILEY_ID", $i, $page_smilies[$i]);
$page_smilies[$i] = template("SMILEY_REAL_ID", $smiley[$i]['ID'], $page_smilies[$i]);
if(!isset($page_include)) { $page_include = NULL; }
$page_smilies_single .= $page_smilies[$i];
}
// add an empty field for adding a new smiley
$page_smilies_single .= $content_smilies_single_new;
$page_smiley = $content_smilies;
$page_smiley = template("TEMPLATE_SMILIES_SINGLE", $page_smilies_single, $page_smiley);
$page_smiley = template("LANG_ADD_SMILIES_DESCR", $lang['add_smilies_descr'], $page_smiley);
$page_smiley = template("LANG_SMILEY_PATH", $lang['smiley_path'], $page_smiley);
$page_smiley = template("LANG_SMILEY_REPLACEMENT", $lang['smiley_replacement'], $page_smiley);
$page_smiley = template("LANG_SMILEY_WIDTH", $lang['smiley_width'], $page_smiley);
$page_smiley = template("LANG_SMILEY_HEIGHT", $lang['smiley_height'], $page_smiley);
$page_smiley = template("LANG_SMILIES", $lang['smilies'], $page_smiley);
$page_smiley = template("LANG_CHECKED_SMILIES", $lang['checked_smilies'], $page_smiley);
$page_smiley = template("SMILEY_COUNT", $_SESSION['SMILEY_COUNT'], $page_smiley);
$page_smiley = template("URL_SMILIES", "admin.php?action=smilies".$sid, $page_smiley);
$page_smiley = template("LANG_SAVE", $lang['save'], $page_smiley);
$page_smiley = template("LANG_GO", $lang['go'], $page_smiley);
$page_smiley = template("LANG_DO_NOTHING", $lang['do_nothing'], $page_smiley);
$page_smiley = template("OPTION_DELETE_CHECKED_SMILIES", "<option value='1'>{LANG_DELETE_CHECKED_SMILIES}</option>", $page_smiley);
$page_smiley = template("LANG_DELETE_CHECKED_SMILIES", $lang['delete_checked_smilies'], $page_smiley);
$page_smiley = template("OPTION_KEEP_CHECKED_SMILIES", "<option value='2'>{LANG_KEEP_CHECKED_SMILIES}</option>", $page_smiley);
$page_smiley = template("LANG_KEEP_CHECKED_SMILIES", $lang['keep_checked_smilies'], $page_smiley);
$page_include = $page_smiley;
}
else
{
$page_include = "<span class=\"admin\">".$lang['errormessage4']."</span>";
$content_scrolling_function = "<br>";
}
}
// close sql connection
@mysql_close($link);
?>