Location: PHPKode > projects > Sound PHP Engine > s-p-e-0.3.0/s-p-e-0.3.0/data/bams.php
<?php
// ===================================================== 
// 
// s-p-e - Content management system. 
// Copyright (C) 2004, 2005, 2010, 2011 Vladimir B. Tsarkov
// 
// This file is part of s-p-e. 
// 
// s-p-e is free software; you can redistribute it and/or modify 
// it under the terms of the GNU General Public License as published by 
// the Free Software Foundation, either version 3 of the License, or 
// (at your option) any later version. 
// 
// s-p-e is distributed in the hope that it will be useful, 
// but WITHOUT ANY WARRANTY; without even the implied warranty of 
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
// GNU General Public License for more details. 
// 
// You should have received a copy of the GNU General Public License 
// along with s-p-e. If not, see <http://www.gnu.org/licenses/>.
//
// ------
//
//  You can contact me via e-mail: bvbn at lipetsk period ru
//
//  bams.php
//
//  Abstract: Bindings and Sections management.
//  
//  Revision History:
// 
//	1  2004-03-27 - 2005-07-02  vbt
//	2  2005-07-22  vbt
//	3  2005-09-18  vbt
//	4  2010-06-24  vbt
//	5  2011-01-21  vbt
//
// =====================================================
header("Content-Type: text/html; charset=UTF-8");

include("configure/specfg.php"); 
include("../include/functions.php");

cache();

session_set_save_handler("open", "close", "read", "write", "destroy", "gc");
session_start();

gc();

redirect(read(session_id()));

if(read(session_id()) == "administrator")
{
	echo "<html>
	<head>
	<link rel='stylesheet' type='text/css' href='../skin/".($cfg["skin"])."/style.css'>	
	</head>
	<body>";
	
	language($cfg["deflangadmin"]);
	
	if(isset($_POST['delpart']))
	{
		$delpart = $_POST['delpart'];
	}
	if(isset($_POST['addpart']))
	{
		$addpart = $_POST['addpart'];
	}
	if(isset($_POST['addbind']))
	{
		$addbind = $_POST['addbind'];
	}
	if(isset($_POST['username']))
	{
		$username = trim($_POST['username']);
	}
	if(isset($_POST['userbind']))
	{
		$userbind = trim($_POST['userbind']);
	}
	if(isset($_POST['newpart']))
	{
		$newpart = trim($_POST['newpart']);
	}
	if(isset($_POST['part']))
	{
		$part = trim($_POST['part']);
	}
	if(isset($_POST['bind']))
	{
		$bind = $_POST['bind'];
	}
	if(isset($_POST['type']))
	{
		$type = $_POST['type'];
	}
	
	if(isset($type) && $type == 1)
	{
		$length = 10;
		$stype = "".(_("news"))."";
	}
	if(isset($type) && $type == 0)
	{
		$length = 11;
		$stype = "".(_("articles"))."";
	}
	
	if(isset($addpart) || isset($delpart))
	{
		if(isset($addpart) && isset($newpart))
		{
			if($newpart == false)
			{
				echo "<font class='negative'>
				".(_("Please, specify the name of the new section."))."
				</font>";
			} 
			else 
			{
				connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
				$result = mysql_query("select num 
					from ".($cfg["prefix"])."partition 
					where partname='$newpart' 
					and pnid regexp '^.{".($length)."}$'", $connector) 
					or die("error #102-1");
				while($row = mysql_fetch_array($result))
				{
					$id = $row["num"];
				}
				if(mysql_num_rows($result) == 0)
				{
					if($type == 1)
					{
						$srcpid = "".mt_rand(111, 999).strftime("%j").strftime("%m").strftime("%d")."";
					}
					if($type == 0)
					{
						$srcpid = "".mt_rand(1111, 9999).strftime("%j").strftime("%m").strftime("%d")."";
					}
					mysql_query("insert into ".($cfg["prefix"])."partition 
						(partname, pnid, date, timer) 
						values ('$newpart', '$srcpid', CURDATE(), now())", $connector) 
						or die("error #102-2");	
					
					mysql_query("create table ".($cfg["prefix"].$srcpid)." 
						(num integer auto_increment, 
						login varchar(25) not null, 
						mail varchar(35) not null, 
						theme varchar(255) not null, 
						intro text not null, 
						text text not null, 
						date date not null, 
						timer time not null, 
						state varchar(10), 
						robot varchar(1), key(num))", $connector) 
						or die("error #102-3");
					
					echo "<font class='positive'>".(ucfirst($stype))."&nbsp;".(_("section"))."</font>
					&nbsp;$newpart&nbsp;
					<font class='positive'>".(_("created successfully."))."</font>";
				} 
				else 
				{
					
					echo "<font class='negative'>".(ucfirst($stype))."&nbsp;".(_("section"))."</font>
					&nbsp;$newpart&nbsp;<font class='negative'>".(_("already exists."))."</font>";
				
				}
				mysql_free_result($result);
				mysql_close($connector);
			}
		}
		
		if(isset($delpart) && isset($newpart))
		{
			if($newpart == false)
			{
				echo "<font class='negative'>".(_("Please, specify the name of the section."))."</font>";
			} 
			else 
			{
				connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
				$rpart = mysql_query("select num, pnid 
				       from ".($cfg["prefix"])."partition 
				       where partname='$newpart' 
				       and pnid regexp '^.{".($length)."}$'", $connector) 
				       or die("error #102-4");
				if(mysql_num_rows($rpart) == 0)
				{
					echo "<font class='negative'>".(_("You cannot remove section"))."</font>
					&nbsp;$newpart&nbsp.
					<font class='negative'>".(_("It does not exist."))."</font>";
				} 
				else 
				{
					while($row = mysql_fetch_array($rpart))
					{
						$pointer = $row["pnid"];
						$id = $row["num"];
					}
					mysql_free_result($rpart);
					
					mysql_query("delete from ".($cfg["prefix"])."partition 
						where num='$id'", $connector) 
						or die("error #102-5");
					
					mysql_query("drop table ".($cfg["prefix"].$pointer)."", $connector) or die("error #102-6");
					
					mysql_query("delete from ".($cfg["prefix"])."lines 
						where partnameid='$id'", $connector) 
						or die("error #102-7");
					
					mysql_close($connector);
					
					echo "<font class='positive'>
					".(ucfirst($stype))."&nbsp;".(_("section"))."
					</font>
					&nbsp;$newpart&nbsp;
					<font class='positive'>".(_("removed successfully."))."</font>";
				}
			}
		}
	}
	
	if(isset($addbind) && isset($part) && isset($userbind))
	{
		if($userbind == "admin")
		{
			echo "<font class='negative'>
			".(_("You cannot bind the administrator's login to any section."))."
			</font>";
		} 
		else 
		{
			connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
			$result = mysql_query("select pnid 
				from ".($cfg["prefix"])."partition 
				where partname='$part' 
				and pnid regexp '^.{".($length)."}$'", $connector) 
				or die("error #102-8");
			if((mysql_num_rows($result) == 0) && ($bind == 1))
			{
				echo "<font class='negative'>
				".(_("Create the needed section first, then create a binding."))."
				</font>";
			}
			while($row = mysql_fetch_array($result))
			{
				$partnameid = $row["pnid"];
			}
			mysql_free_result($result);
			
			if($bind == 1 && isset($partnameid))
			{
				$result = mysql_query("select num 
					from ".($cfg["prefix"])."lines 
					where partnameid='$partnameid' 
					and login='$userbind'", $connector) 
					or die("error #102-9");
				if(mysql_num_rows($result) == 0)
				{	
					mysql_query("insert into ".($cfg["prefix"])."lines 
						(login, partnameid) 
						values ('$userbind', '$partnameid')", $connector) 
						or die("error #102-10");
					
					echo "<font class='positive'>".(_("The binding of the user"))."</font>
					&nbsp;$userbind&nbsp;
					<font class='positive'>".(_("to the section"))."</font>
					&nbsp;$part&nbsp;
					<font class='positive'>".(_("created successfully."))."</font>";
				} 
				else 
				{
					echo "<font class='negative'>
					".(_("User"))."
					</font>
					&nbsp;$userbind&nbsp;
					<font class='negative'>
					".(_("had already been binded to the section"))."
					</font>
					&nbsp;$part.";
				}
				mysql_free_result($result);
			}
			
			if($bind == 0 && isset($partnameid))
			{
				mysql_query("delete from ".($cfg["prefix"])."lines 
					where partnameid='$partnameid' 
					and login='$userbind'", $connector) 
					or die("error #102-11");
				
				echo "<font class='positive'>".(_("The binding of the user"))."</font>
				&nbsp;$userbind&nbsp;
				<font class='positive'>".(_("to the section"))."</font>
				&nbsp;$part&nbsp;
				<font class='positive'>".(_("removed successfully."))."</font>";
			}
			
			if($bind == 0 && isset($partnameid) == false)
			{
				echo "<font class='negative'>
				".(_("The binding you want to remove does not exist."))."
				</font>";
			}
			mysql_close($connector);
		}
	}
	echo "<p>
	<font class='s-normal'>
	".(_("Back to the"))."&nbsp;<a href='admin.php'>".(_("s-p-e Administrator's Page"))."</a>
	</font>
	</p>
	</body>
	</html>";
} else {
	echo _("Access denied.");
}
?>
Return current item: Sound PHP Engine