Location: PHPKode > scripts > PHP Bookmarks > phpbookmarks-1.15/phpbookmarks-1.15/admin.php
<?
// PHP Bookmarks Admin Module v1.15

$pbcodever = "1.C";
$ver = "v1.15";

// configuration

// set insecure to 0  (which is good).  It can be changed in conf.php.
$insecure = 0;

if(file_exists("conf.php"))
{
  include("conf.php");
}

if($_SERVER["SERVER_PORT"] != "80" and $_SERVER["SERVER_PORT"] != "443")
{
  $serverport = ":" . $_SERVER["SERVER_PORT"];
}

$httpprefix = "http";
if($_SERVER["HTTPS"] == "on")
{
  $httpprefix = "https";
}

if(!isset($baseurl))
{
  $baseurl = "$httpprefix://" . $_SERVER["SERVER_NAME"] . $serverport . $_SERVER["PHP_SELF"];
  $baseurl = str_replace("admin.php", "index.php", $baseurl);
}
if(!isset($rssurl))
{
  $rssurl = "$httpprefix://" . $_SERVER["SERVER_NAME"] . $serverport . $_SERVER["PHP_SELF"];
  $rssurl = str_replace("admin.php", "rss.php", $rssurl);
}
if(!isset($adminurl))
{
  $adminurl = "$httpprefix://" . $_SERVER["SERVER_NAME"] . $serverport . $_SERVER["PHP_SELF"];
}

require("functions.php");

// set admin
if($_SERVER["PHP_AUTH_USER"] or $insecure)
{
  $admin = $_REQUEST["admin"];
}
elseif($_REQUEST["admin"] and !$insecure)
{
  // Error: requesting admin functions while not authenticated
  $fauxadmin = 1;
  $admin = 0;
}
else
{
  // Error: requesting page while not flagged as admin
  $admin = 0;
  header("Location: $baseurl");
}

require("header.php");

if(!$admin)
{
  print "<b>Admin</b><br>\n<br>\n";
  if($fauxadmin and !$insecure)
  {
    print "Error: requesting admin functions while not authenticated<br><br>\n";
  }
  print "You are not in admin mode.  Action canceled<br>\n<br>\n";
  print "[ <a class=footer href=\"$baseurl\">return</a> ] to main page<br>\n";
  exit;
}

if($SQLADMIN == "SETUP" and $dbname == "")
{
  checkdbversion("");
  exit;
}


$mysql_link = mysql_connect($dbmachine, $dbuser, $dbpassword);
mysql_select_db($dbname, $mysql_link);

// javascript:document.location = 
// 'http://krux.org/bookmarks/admin.php?add=item
// &bookmarkmode=1
// &admin=1
// &item_itemname=' + escape(document.title) + '
// &item_itemdesc=' + escape(document.location)

if($_GET["bookmarkmode"])
{
  $returnurl = $_GET["inputitemdesc"];
  $item_itemname = stripslashes($_GET["item_itemname"]);
  $returndesc = "to " . stripslashes($_GET["item_itemname"]);
  $item_itemdesc = $_GET["item_itemdesc"];
}
if($_POST["bookmarkmode"])
{
  $returnurl = $_POST["inputitemdesc"];
  $item_itemname = $_POST["inputitemname"];
  $returndesc = "to " . stripslashes($_POST["inputitemname"]);
  $item_itemdesc = $_POST["inputitemdesc"];
}
else
{
  $returnurl = "$baseurl?admin=$admin";
  $returndesc = "to main page";
} 

if($_REQUEST["edit"])
{
  // edit item subroutine

  $query = "SELECT item.ID, category.ID, category.name, item.name, item.description, item.comment, item.private ";
  $query .= "FROM item LEFT JOIN category ON item.categoryID = category.ID ";
  $query .= "WHERE item.ID = '" . $_REQUEST["edit"] . "' ";

  $mysql_result = mysql_query($query, $mysql_link);  

  while($row = mysql_fetch_row($mysql_result))
  {
    $item_itemID = $row[0];
    $item_categoryID = $row[1];
    $item_categoryname = $row[2];
    $item_itemname = $row[3];
    $item_itemdesc = $row[4];
    $item_itemcomment = $row[5];
    $item_itemprivate = $row[6];
  }
  
  $item_itemcommentprivate = $item_itemprivate & 1;
  $item_itementryprivate = $item_itemprivate & 2;

  if($_POST["edit"] == "submit")
  {
    // edit item
    $item_itemcommentprivate = $_POST["inputitemcommentprivate"];
    $item_itementryprivate = $_POST["inputitementryprivate"];
    $item_itemprivate = 0;

    if($item_itemcommentprivate)
    {
      $item_itemprivate = $item_itemprivate | 1;
    }
    if($item_itementryprivate)
    {
      $item_itemprivate = $item_itemprivate | 2;
    }

    $inputitemname = trim($_POST["inputitemname"]);
    $inputitemdesc = trim($_POST["inputitemdesc"]);
    $inputitemcomment = trim($_POST["inputitemcomment"]);
    $inputcategoryID = trim($_POST["inputcategoryID"]);
    $inputitemID = trim($_POST["inputitemID"]);
    
    $query = "UPDATE item ";
    $query .= "SET name = '$inputitemname', ";
    $query .= "    description = '$inputitemdesc', ";
    $query .= "    comment = '$inputitemcomment', ";
    $query .= "    categoryID = '$inputcategoryID', ";
    $query .= "    private = $item_itemprivate ";
    $query .= "WHERE ID = '$inputitemID' ";
    $mysql_result = mysql_query($query, $mysql_link);  

    print "<b>Edit Item</b><br>\n<br>\n";
    print "<b>" . stripslashes($inputitemname) . "</b> updated<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["edit"] == "cancel")
  {
    // action canceled

    print "<b>Edit Item</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    print "<b>Edit Item</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"edit\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"inputitemID\" value=\"$item_itemID\">\n";

    print "Category:<br>\n";

    categorynest($item_categoryID, $item_categoryID, 0, 0);

    print "Name:<br>\n";
    print "<input type=\"text\" name=\"inputitemname\" value=\"" . htmlspecialchars($item_itemname) . "\" size=64><br>\n";
    print "URL:<br>\n";
    print "<input type=\"text\" name=\"inputitemdesc\" value=\"$item_itemdesc\" size=64><br>\n";
    print "Comment:<br>\n";
    print "<input type=\"text\" name=\"inputitemcomment\" value=\"" . htmlspecialchars($item_itemcomment) . "\" size=64><br>\n";
    print "Security:<br>\n";
    print "<input type=\"checkbox\" name=\"inputitemcommentprivate\" value=\"1\"";
    if($item_itemcommentprivate)
    {
      print " checked";
    }
    print "> hide comment<br>\n";
    print "<input type=\"checkbox\" name=\"inputitementryprivate\" value=\"1\"";
    if($item_itementryprivate)
    {
      print " checked";
    }
    print "> hide entry<br>\n";

    print "<br>\n";
    print "<input type=\"submit\" name=\"edit\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"edit\" value=\"cancel\">\n";
    print "</form>";

  }

}
elseif($_REQUEST["add"])
{
  // add record subroutine

  if($_POST["add"] == "submit")
  {
    // add item
    $item_itemcommentprivate = $_POST["inputitemcommentprivate"];
    $item_itementryprivate = $_POST["inputitementryprivate"];
    $item_itemprivate = 0;

    if($item_itemcommentprivate)
    {
      $item_itemprivate = $item_itemprivate | 1;
    }
    if($item_itementryprivate)
    {
      $item_itemprivate = $item_itemprivate | 2;
    }

    $inputitemname = trim($_POST["inputitemname"]);
    $inputitemdesc = trim($_POST["inputitemdesc"]);
    $inputitemcomment = trim($_POST["inputitemcomment"]);
    $inputcategoryID = trim($_POST["inputcategoryID"]);
    $inputitemID = trim($_POST["inputitemID"]);

    $query = "INSERT INTO item (categoryID, date, name, description, comment, private) ";
    $query .= "VALUES ('$inputcategoryID', now(), '$inputitemname', '$inputitemdesc', "
                    . "'$inputitemcomment', $item_itemprivate)";

    $mysql_result = mysql_query($query, $mysql_link);  

    print "<b>Add Item</b><br>\n<br>\n";
    print "<b>" . stripslashes($inputitemname) . "</b> added<br>\n<br>\n";
    print "[ <a class=footer href=\"$adminurl?add=item&category=$inputcategoryID&admin=$admin\">add another</a> ]<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["add"] == "cancel")
  {
    // action canceled

    print "<b>Add Item</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    $query = "SELECT name FROM category WHERE ID = '". $_GET["category"] . "' ";

    $mysql_result = mysql_query($query, $mysql_link);  

    while($row = mysql_fetch_row($mysql_result))
    {
      $item_categoryname = $row[0];
    }

    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"add\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"bookmarkmode\" value=\"" . $_REQUEST["bookmarkmode"] . "\">\n";

    print "<b>Add Item</b> ";
	
    if($_GET["category"])
    {
      print "[ <b>$item_categoryname</b> ]<br>\n";
      print "<input type=\"hidden\" name=\"inputcategoryID\" value=\"" . $_GET["category"] . "\">\n";
    }
    else
    {
      print "<br>\nCategory:<br>\n";
      // set flag for selecting the first item
      $selectfirst = 3;
      categorynest($item_categoryID, $item_categoryID, 0, 0);
    }

    print "Name:<br>\n";
    print "<input type=\"text\" name=\"inputitemname\" value=\"" . htmlspecialchars($item_itemname) . "\" size=64><br>\n";
    print "URL:<br>\n";
    print "<input type=\"text\" name=\"inputitemdesc\" value=\"$item_itemdesc\" size=64><br>\n";
    print "Comment:<br>\n";
    print "<input type=\"text\" name=\"inputitemcomment\" value=\"" . htmlspecialchars($item_itemcomment) . "\" size=64><br>\n";
    print "Security:<br>\n";
    print "<input type=\"checkbox\" name=\"inputitemcommentprivate\" value=\"1\"> hide comment<br>\n";
    print "<input type=\"checkbox\" name=\"inputitementryprivate\" value=\"1\"> hide entry<br>\n";
    print "<br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"add\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"add\" value=\"cancel\">\n";

    print "<br><br>Add this Quick Link to \n";
    print "<a href=\"javascript:document.location = '$adminurl?";
    print "add=item&bookmarkmode=1&admin=1&item_itemname=' + escape(document.title) + '&";
    print "item_itemdesc=' + escape(document.location)\">Add to bookmarks</a> to your browser tool bar.";
    print "</form>";

  }

}
elseif($_REQUEST["del"])
{
  // deletion subroutine

  $query = "SELECT item.ID, category.ID, category.name, item.name, item.description, item.comment ";
  $query .= "FROM item LEFT JOIN category ON item.categoryID = category.ID ";
  $query .= "WHERE item.ID = '" . $_REQUEST["del"] . "' ";

  $mysql_result = mysql_query($query, $mysql_link);  

  while($row = mysql_fetch_row($mysql_result))
  {
    $item_itemID = $row[0];
    $item_categoryID = $row[1];
    $item_categoryname = $row[2];
    $item_itemname = $row[3];
    $item_itemdesc = $row[4];
    $item_itemcomment = $row[5];
  }

  if($_POST["del"] == "submit")
  {
    // delete item

    $inputitemname = trim($_POST["inputitemname"]);
    $inputitemID = trim($_POST["inputitemID"]);
    
    $query = "DELETE FROM item ";
    $query .= "WHERE ID = '$inputitemID' ";

    $mysql_result = mysql_query($query, $mysql_link);  

    print "<b>Delete Item</b><br>\n<br>\n";
    print "<b>" . stripslashes($inputitemname) . "</b> deleted<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["del"] == "cancel")
  {
    // action canceled

    print "<b>Delete Item</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    print "<b>Delete Item</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"del\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"inputitemID\" value=\"$item_itemID\">\n";
    print "<input type=\"hidden\" name=\"inputitemname\" value=\"" . htmlspecialchars($item_itemname) . "\">\n";
    print "<b>$item_itemname</b> will be deleted.<br>\n";
    print "Proceed with deletion?<br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"del\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"del\" value=\"cancel\">\n";
    print "</form>";

  }

}
elseif($_REQUEST["category"])
{
  // add category subroutine

  if($_POST["category"] == "submit")
  {
    // add category
    
    $inputcategoryname = trim($_POST["inputcategoryname"]);
    $inputcategorycomment = trim($_POST["inputcategorycomment"]);
    $inputcategoryparent = trim($_POST["inputcategoryparent"]);

    if($inputcategoryparent)
    {
      $query = "INSERT INTO category (name, comment, parent) ";
      $query .= "VALUES ('$inputcategoryname', '$inputcategorycomment', $inputcategoryparent)";
    }
    else
    {
      $query = "INSERT INTO category (name, comment) ";
      $query .= "VALUES ('$inputcategoryname', '$inputcategorycomment')";
    }

    $mysql_result = mysql_query($query, $mysql_link);  

    if($inputcategoryparent)
    {
      $query = "SELECT ID FROM category ";
      $query .= "WHERE name = '$inputcategoryname' ";
      $query .= "AND parent = $inputcategoryparent ";
      $mysql_result = mysql_query($query, $mysql_link);  
      while($row = mysql_fetch_row($mysql_result))
      {
        $item_categoryID = $row[0];
      }
    
      $inputcategoryname = categorytitle($inputcategoryname, $item_categoryID);
    }
    print "<b>Add Category</b><br>\n<br>\n";
    print "<b>$inputcategoryname</b> added<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["category"] == "cancel")
  {
    // action canceled

    print "<b>Add Category</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form
    print "<b>Add Category</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"category\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    if($_REQUEST["parent"])
    {
      print "<input type=\"hidden\" name=\"inputcategoryparent\" value=\"" . $_REQUEST["parent"] . "\">\n";
    }
    print "Category name:<br>\n";
    print "<input type=\"text\" name=\"inputcategoryname\" value=\"\" size=32><br>\n";
    print "Category comment:<br>\n";
    print "<input type=\"text\" name=\"inputcategorycomment\" value=\"\" size=32><br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"category\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"category\" value=\"cancel\">\n";
    print "</form>";

  }

}
if($_REQUEST["categoryedit"])
{
  // edit category subroutine

  $query = "SELECT ID, name, comment, parent ";
  $query .= "FROM category WHERE ID = '" . $_REQUEST["categoryedit"] . "' ";

  $mysql_result = mysql_query($query, $mysql_link);  

  while($row = mysql_fetch_row($mysql_result))
  {
    $item_categoryID = $row[0];
    $item_categoryname = $row[1];
    $item_categorycomment = $row[2];
    $item_categoryparent = $row[3];
  }

  if($_POST["categoryedit"] == "submit")
  {
    // edit item

    $inputcategoryname = trim($_POST["inputcategoryname"]);
    $inputcategorycomment = trim($_POST["inputcategorycomment"]);
    $inputparentID = trim($_POST["inputparentID"]);
    $inputcategoryID = trim($_POST["inputcategoryID"]);

    $query = "UPDATE category ";
    $query .= "SET name = '$inputcategoryname', ";
    $query .= "    comment = '$inputcategorycomment', ";
    $query .= "    parent = '$inputparentID' ";
    $query .= "WHERE ID = '$inputcategoryID' ";
    $mysql_result = mysql_query($query, $mysql_link);  

    print "<b>Edit Item</b><br>\n<br>\n";
    $inputcategoryname = categorytitle($inputcategoryname, $inputcategoryID);
    print "<b>$inputcategoryname</b> updated<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["categoryedit"] == "cancel")
  {
    // action canceled

    print "<b>Edit Item</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    print "<b>Edit Item</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"categoryedit\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"inputcategoryID\" value=\"$item_categoryID\">\n";

    print "Parent:<br>\n";
    categorynest($item_categoryID, $item_categoryparent, 0, 1);

    print "Category name:<br>\n";
    print "<input type=\"text\" name=\"inputcategoryname\" value=\"" . htmlspecialchars($item_categoryname) . "\" size=64><br>\n";
    print "Category comment:<br>\n";
    print "<input type=\"text\" name=\"inputcategorycomment\" value=\"" . htmlspecialchars($item_categorycomment) . "\" size=64><br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"categoryedit\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"categoryedit\" value=\"cancel\">\n";
    print "</form>";

  }

}
if($_REQUEST["categorydel"])
{
  // edit category subroutine

  $query = "SELECT ID, name ";
  $query .= "FROM category WHERE ID = '" . $_REQUEST["categorydel"] . "' ";

  $mysql_result = mysql_query($query, $mysql_link);  

  while($row = mysql_fetch_row($mysql_result))
  {
    $item_categoryID = $row[0];
    $item_categoryname = $row[1];
  }

  if($_POST["categorydel"] == "submit")
  {
    // delete category

    $inputcategoryname = trim($_POST["inputcategoryname"]);
    $inputcategoryID = trim($_POST["inputcategoryID"]);

    print "<b>Delete Item</b><br>\n<br>\n";
    
    purgecategory($inputcategoryname, $inputcategoryID);

    print "All items deleted\n<br><br>\n";

    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["categorydel"] == "cancel")
  {
    // action canceled

    print "<b>Delete Item</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    print "<b>Delete Item</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"categorydel\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"inputcategoryID\" value=\"$item_categoryID\">\n";
    print "<input type=\"hidden\" name=\"inputcategoryname\" value=\"" . htmlspecialchars($item_categoryname) . "\">\n";
    print "<b>$item_categoryname</b> and it's items will be deleted.<br>\n";
    print "Proceed with deletion?<br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"categorydel\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"categorydel\" value=\"cancel\">\n";
    print "</form>";

  }

}


if($_REQUEST["orderby"])
{
  // edit category subroutine

  $orderby = $_REQUEST["orderby"];

  if($_POST["orderby"] == "submit")
  {
    // change default sort order

    $inputorderby = trim($_POST["inputorderby"]);

    $query = "UPDATE config SET val = '$inputorderby' WHERE name = 'orderby' ";
    $mysql_result = mysql_query($query, $mysql_link);  

    print "<b>Sort order</b><br>\n<br>\n";
    
    print "Default sort order changed to <b>$inputorderby</b>\n<br><br>\n";

    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  }
  elseif($_POST["orderby"] == "cancel")
  {
    // action canceled

    print "<b>Sort order</b><br>\n<br>\n";
    print "Action canceled<br>\n<br>\n";
    print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";
  
  }
  else
  {
    // display form

    print "<b>Sort order</b><br>\n";
    print "<form action=\"$adminurl\" method=\"post\">\n";
    print "<input type=\"hidden\" name=\"orderby\" value=\"submit\">\n";
    print "<input type=\"hidden\" name=\"admin\" value=\"$admin\">\n";
    print "<input type=\"hidden\" name=\"inputorderby\" value=\"$orderby\">\n";
    print "Change the default sort order to <b>$orderby</b>?<br>\n";
    print "<br>\n";
    print "<input type=\"submit\" name=\"orderby\" value=\"submit\">\n";
    print "<input type=\"submit\" name=\"orderby\" value=\"cancel\">\n";
    print "</form>";

  }

}

if(isset($_GET["setcomments"]))
{
  // toggle comments

  $query = "UPDATE config SET val = '" . $_GET["setcomments"] . "' WHERE name = 'comments' ";
  $mysql_result = mysql_query($query, $mysql_link);  

  print "<b>Comments</b><br>\n<br>\n";
   
  print "Comments are now <b>";
  if($_GET["setcomments"])
  {
    print "visible";
  }
  else
  {
    print "hidden";
  }
  print "</b>\n<br><br>\n";

  print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

}
  
if(isset($_GET["seturls"]))
{
  // toggle urls

  $query = "UPDATE config SET val = '" . $_GET["seturls"] . "' WHERE name = 'urls' ";
  $mysql_result = mysql_query($query, $mysql_link);  

  print "<b>URLs</b><br>\n<br>\n";
   
  print "URLs are now <b>";
  if($_GET["seturls"])
  {
    print "visible";
  }
  else
  {
    print "hidden";
  }
  print "</b>\n<br><br>\n";

  print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

}

if(isset($_GET["closedorder"]))
{
  // toggle urls

  $query = "UPDATE config SET val = '" . $_GET["closedorder"] . "' WHERE name = 'closedorder' ";
  $mysql_result = mysql_query($query, $mysql_link);  

  print "<b>Closed Categories</b><br>\n<br>\n";
   
  print "Closed top level categories are now <b>";
  print($_GET["closedorder"]);
  print "</b>\n<br><br>\n";

  print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

}

if(isset($_GET["admintoclose"]))
{
  // toggle locking of open/close in non admin mode
  print "<b>Closed Categories</b><br>\n<br>\n";
   
  print "Open/close functionality of categories while not in admin mode is now <b>";

  if($_GET["admintoclose"])
  {
    $admintoclose = 1;
    print "locked";
  }
  else
  {
    $admintoclose = 0;
    print "unlocked";
  }

  print "</b>\n<br><br>\n";
  print "[ <a class=footer href=\"$returnurl\">return</a> ] $returndesc<br>\n";

  $query = "UPDATE config SET val = '$admintoclose' WHERE name = 'admintoclose' ";
  $mysql_result = mysql_query($query, $mysql_link);  

}

require("footer.php");

?>
Return current item: PHP Bookmarks