gitphp 0.2.9.1 :: contractdashboard.git/blobdiff

blob:a/cutenews/inc/options.mdu -> blob:b/cutenews/inc/options.mdu

<?PHP	<?PHP

if($member_db[1] == 4 and ($action != 'personal' and $action != 'options')){ msg('error', 'Error!', 'Access Denied for your user-level (commenter)'); }	if($member_db[1] == 4 and ($action != 'personal' and $action != 'options')){ msg('error', 'Error!', 'Access Denied for your user-level (commenter)'); }
// ********************************************************************************	// ********************************************************************************
// Options Menu	// Options Menu
// ********************************************************************************	// ********************************************************************************
if($action == "options" or $action == '')	if($action == "options" or $action == '')
{	{
echoheader("options","Options");	echoheader("options","Options");

//----------------------------------	//----------------------------------
// Predefine Options	// Predefine Options
//----------------------------------	//----------------------------------

// access means the lower level of user allowed; 1:admin, 2:editor+admin, 3:editor+admin+journalist, 4:all	// access means the lower level of user allowed; 1:admin, 2:editor+admin, 3:editor+admin+journalist, 4:all
$options = array(	$options = array(
array(	array(
'name' => "Personal Options",	'name' => "Personal Options",
'url' => "$PHP_SELF?mod=options&action=personal",	'url' => "$PHP_SELF?mod=options&action=personal",
'access' => "4",	'access' => "4",
),	),

array(	array(
'name' => "Block IP's from posting comments",	'name' => "Block IP's from posting comments",
'url' => "$PHP_SELF?mod=ipban",	'url' => "$PHP_SELF?mod=ipban",
'access' => "1",	'access' => "1",
),	),


array(	array(
'name' => "System Configurations",	'name' => "System Configurations",
'url' => "$PHP_SELF?mod=options&action=syscon&rand=".time(),	'url' => "$PHP_SELF?mod=options&action=syscon&rand=".time(),
'access' => "1",	'access' => "1",
),	),


array(	array(
'name' => "Integration Wizards (News and RSS)",	'name' => "Integration Wizards (News and RSS)",
'url' => "$PHP_SELF?mod=wizards",	'url' => "$PHP_SELF?mod=wizards",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Edit Templates",	'name' => "Edit Templates",
'url' => "$PHP_SELF?mod=options&action=templates",	'url' => "$PHP_SELF?mod=options&action=templates",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Add/Edit Users",	'name' => "Add/Edit Users",
'url' => "$PHP_SELF?mod=editusers&action=list",	'url' => "$PHP_SELF?mod=editusers&action=list",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Archives Manager",	'name' => "Archives Manager",
'url' => "$PHP_SELF?mod=tools&action=archive",	'url' => "$PHP_SELF?mod=tools&action=archive",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Manage Uploaded Images",	'name' => "Manage Uploaded Images",
'url' => "$PHP_SELF?mod=images",	'url' => "$PHP_SELF?mod=images",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Backup Tool",	'name' => "Backup Tool",
'url' => "$PHP_SELF?mod=tools&action=backup",	'url' => "$PHP_SELF?mod=tools&action=backup",
'access' => "1",	'access' => "1",
),	),

array(	array(
'name' => "Edit Categories",	'name' => "Edit Categories",
'url' => "$PHP_SELF?mod=categories",	'url' => "$PHP_SELF?mod=categories",
'access' => "1",	'access' => "1",
),	),



);	);


//------------------------------------------------	//------------------------------------------------
// Cut the options for wich we don't have access	// Cut the options for wich we don't have access
//------------------------------------------------	//------------------------------------------------
$count_options = count($options);	$count_options = count($options);
for($i=0; $i<$count_options; $i++){	for($i=0; $i<$count_options; $i++){
if($member_db[1] > $options[$i]['access']){	if($member_db[1] > $options[$i]['access']){
unset($options[$i]);	unset($options[$i]);
}	}
}	}
echo'<table border="0" width="100%"><tr>';	echo'<table border="0" width="100%"><tr>';
$i = 0;	$i = 0;
foreach($options as $option){	foreach($options as $option){
if($i%2 == 0){ echo"</tr>\n<tr>\n<td width='47%'>   <a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }	if($i%2 == 0){ echo"</tr>\n<tr>\n<td width='47%'>   <a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
else{ echo"\n<td width='53%'><a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }	else{ echo"\n<td width='53%'><a href='".$option['url']."'><b>".$option['name']."</b></a></td>\n"; }
$i++;	$i++;
}	}

echo'</tr></table>';	echo'</tr></table>';
echofooter();	echofooter();
}	}
// ********************************************************************************	// ********************************************************************************
// Show Personal Options	// Show Personal Options
// ********************************************************************************	// ********************************************************************************
elseif($action == "personal")	elseif($action == "personal")
{	{
echoheader("user","Personal Options");	echoheader("user","Personal Options");

$registrationdate = date("D, d F Y",$member_db[0]); //registration date	$registrationdate = date("D, d F Y",$member_db[0]); //registration date
if($member_db[7] == 1){ $ifchecked = "Checked"; } //if user wants to hide his e-mail	if($member_db[7] == 1){ $ifchecked = "Checked"; } //if user wants to hide his e-mail

foreach($member_db as $key=>$value){	foreach($member_db as $key=>$value){
$member_db[$key] = stripslashes(preg_replace(array("'\"'", "'\''"), array(""", "'"),$member_db[$key]));	$member_db[$key] = stripslashes(preg_replace(array("'\"'", "'\''"), array(""", "'"),$member_db[$key]));
}	}

echo"	echo"
<table border=0 height=1 width=617 cellspacing=\"0\" cellpadding=\"0\">	<table border=0 height=1 width=617 cellspacing=\"0\" cellpadding=\"0\">
<form method=POST action=\"$PHP_SELF\" name=personal>	<form method=POST action=\"$PHP_SELF\" name=personal>
<td height=\"21\" width=\"99\" bgcolor=#F7F6F4 >	<td height=\"21\" width=\"99\" bgcolor=#F7F6F4 >
Username	Username
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>	<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
$member_db[2]	$member_db[2]
<tr>	<tr>
<td height=\"21\" width=\"200\">	<td height=\"21\" width=\"200\">
New Password	New Password
<td height=\"21\" width=\"400\" colspan=2>	<td height=\"21\" width=\"400\" colspan=2>
<input name=editpassword >   Only if you want to change the current	<input name=editpassword >   Only if you want to change the current
</tr>	</tr>

<tr>	<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>	<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
Nickname	Nickname
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>	<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
<input type=text name=editnickname value=\"$member_db[4]\">	<input type=text name=editnickname value=\"$member_db[4]\">
</tr>	</tr>

<tr>	<tr>
<td height=\"21\" width=\"200\" >	<td height=\"21\" width=\"200\" >
Email	Email
<td height=\"21\" width=\"400\" colspan=2>	<td height=\"21\" width=\"400\" colspan=2>
<input type=text name=editmail value=\"$member_db[5]\">   <input type=checkbox name=edithidemail $ifchecked> Hide my e-mail from visitors	<input type=text name=editmail value=\"$member_db[5]\">   <input type=checkbox name=edithidemail $ifchecked> Hide my e-mail from visitors
</tr>";	</tr>";

if($member_db[1] != 4){echo"<tr>	if($member_db[1] != 4){echo"<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>	<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
Default Avatar URL	Default Avatar URL
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 >	<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 >
<input type=text name=change_avatar value=\"$member_db[8]\">    will appear on 'Add News' page	<input type=text name=change_avatar value=\"$member_db[8]\">    will appear on 'Add News' page
</tr>"; }else{ $bg = "bgcolor=#F7F6F4"; }	</tr>"; }else{ $bg = "bgcolor=#F7F6F4"; }

echo"<tr>	echo"<tr>
<td height=\"21\" width=\"200\" $bg>	<td height=\"21\" width=\"200\" $bg>
Access Level	Access Level
<td height=\"21\" width=\"400\" $bg colspan=2>";	<td height=\"21\" width=\"400\" $bg colspan=2>";

if ($member_db[1] == 4){ echo "commenter"; }	if ($member_db[1] == 4){ echo "commenter"; }
elseif ($member_db[1] == 3){ echo "journalist"; }	elseif ($member_db[1] == 3){ echo "journalist"; }
elseif ($member_db[1] == 2){ echo "editor"; }	elseif ($member_db[1] == 2){ echo "editor"; }
elseif ($member_db[1] == 1){ echo "administrator"; }	elseif ($member_db[1] == 1){ echo "administrator"; }

if($member_db[1] != 4){ echo"</tr>	if($member_db[1] != 4){ echo"</tr>
<tr>	<tr>
<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>	<td height=\"21\" width=\"200\" bgcolor=#F7F6F4>
written news	written news
<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>	<td height=\"21\" width=\"400\" bgcolor=#F7F6F4 colspan=2>
$member_db[6]	$member_db[6]
</tr>"; }	</tr>"; }

echo"<tr>	echo"<tr>
<td height=\"21\" width=\"200\" >	<td height=\"21\" width=\"200\" >
registration date	registration date
<td height=\"21\" width=\"400\" colspan=2>	<td height=\"21\" width=\"400\" colspan=2>
$registrationdate	$registrationdate
</tr>	</tr>
<tr>	<tr>
<td height=\"1\" width=\"611\" colspan=\"2\" colspan=3>	<td height=\"1\" width=\"611\" colspan=\"2\" colspan=3>
<br /><input type=submit value=\"Save Changes\" accesskey=\"s\">	<br /><input type=submit value=\"Save Changes\" accesskey=\"s\">
</tr>	</tr>
<input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal>	<input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal>
</form>	</form>
</table>";	</table>";

echofooter();	echofooter();
}	}
// ********************************************************************************	// ********************************************************************************
// Save Personal Options	// Save Personal Options
// ********************************************************************************	// ********************************************************************************
elseif($action == "dosavepersonal")	elseif($action == "dosavepersonal")
{	{

if($editpassword != "" and ($oldpassword == "" or !$oldpassword)){	if($editpassword != "" and ($oldpassword == "" or !$oldpassword)){
msg("info", "Old Password Verification", "<form method=POST action=\"$PHP_SELF\"> You have requested to change your password.<br>In order to complete this action you must enter your old password: <input type=text name=oldpassword> <input type=submit value='Submit'><input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal><input type=hidden name=editpassword value='$editpassword'><input type=hidden name=editnickname value='$editnickname'><input type=hidden name=editmail value='$editmail'><input type=hidden name=edithidemail value='$edithidemail'><input type=hidden name=change_avatar value='$change_avatar'></form>");	msg("info", "Old Password Verification", "<form method=POST action=\"$PHP_SELF\"> You have requested to change your password.<br>In order to complete this action you must enter your old password: <input type=text name=oldpassword> <input type=submit value='Submit'><input type=hidden name=mod value=options><input type=hidden name=action value=dosavepersonal><input type=hidden name=editpassword value='$editpassword'><input type=hidden name=editnickname value='$editnickname'><input type=hidden name=editmail value='$editmail'><input type=hidden name=edithidemail value='$edithidemail'><input type=hidden name=change_avatar value='$change_avatar'></form>");
}elseif($editpassword != "" and (md5($oldpassword) != $member_db[3])){	}elseif($editpassword != "" and (md5($oldpassword) != $member_db[3])){
msg("error","Error!","You did not enter correctly your old password.");	msg("error","Error!","You did not enter correctly your old password.");
}	}




$editnickname = replace_comment("add",$editnickname);	$editnickname = replace_comment("add",$editnickname);
$editmail = replace_comment("add",$editmail);	$editmail = replace_comment("add",$editmail);
$edithidemail = replace_comment("add",$edithidemail);	$edithidemail = replace_comment("add",$edithidemail);
$change_avatar = replace_comment("add",$change_avatar);	$change_avatar = replace_comment("add",$change_avatar);

if($editpassword != "" and !preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $editpassword)){ msg("error","Error !!!", "Your password must conatain only valid characters and numbers"); }	if($editpassword != "" and !preg_match("/^[\.A-z0-9_\-]{1,15}$/i", $editpassword)){ msg("error","Error !!!", "Your password must conatain only valid characters and numbers"); }

if($edithidemail){ $edithidemail = 1;}else{ $edithidemail = 0; }	if($edithidemail){ $edithidemail = 1;}else{ $edithidemail = 0; }

$avatars = preg_replace(array("'\\|'","'\n'","' '"), array("","","_"), $avatars);	$avatars = preg_replace(array("'\\|'","'\n'","' '"), array("","","_"), $avatars);

$old_user_db = file("./data/users.db.php");	$old_user_db = file("./data/users.db.php");
$new_user_db = fopen("./data/users.db.php", w);	$new_user_db = fopen("./data/users.db.php", w);
$personal_success = FALSE;	$personal_success = FALSE;
foreach($old_user_db as $old_user_db_line){	foreach($old_user_db as $old_user_db_line){
$old_user_db_arr = explode("\|", $old_user_db_line);	$old_user_db_arr = explode("\|", $old_user_db_line);
if(strtolower($username) != strtolower($old_user_db_arr[2])){	if(strtolower($username) != strtolower($old_user_db_arr[2])){
fwrite($new_user_db,"$old_user_db_line");	fwrite($new_user_db,"$old_user_db_line");
}	}
else{	else{
if($editpassword != ""){	if($editpassword != ""){
$old_user_db_arr[3] = md5($editpassword);	$old_user_db_arr[3] = md5($editpassword);
if($config_use_cookies == TRUE){ setcookie("md5_password", $old_user_db_arr[3]); }	if($config_use_cookies == TRUE){ setcookie("md5_password", $old_user_db_arr[3]); }
$_SESSION['md5_password'] = $old_user_db_arr[3];	$_SESSION['md5_password'] = $old_user_db_arr[3];
}	}
fwrite($new_user_db,"$old_user_db_arr[0]\|$old_user_db_arr[1]\|$old_user_db_arr[2]\|$old_user_db_arr[3]\|$editnickname\|$editmail\|$old_user_db_arr[6]\|$edithidemail\|$change_avatar\|$old_user_db_arr[9]\|\|\n");	fwrite($new_user_db,"$old_user_db_arr[0]\|$old_user_db_arr[1]\|$old_user_db_arr[2]\|$old_user_db_arr[3]\|$editnickname\|$editmail\|$old_user_db_arr[6]\|$edithidemail\|$change_avatar\|$old_user_db_arr[9]\|\|\n");
$personal_success = TRUE;	$personal_success = TRUE;
}	}
}	}
fclose($new_user_db);	fclose($new_user_db);
if($personal_success){ msg("info", "Changes Saved", "Your personal information was saved.", "$PHP_SELF?mod=options&action=personal"); }	if($personal_success){ msg("info", "Changes Saved", "Your personal information was saved.", "$PHP_SELF?mod=options&action=personal"); }
else{ msg("error", "Error !!!", "Error while listing users, $username not found", "$PHP_SELF?mod=options&action=personal"); }	else{ msg("error", "Error !!!", "Error while listing users, $username not found", "$PHP_SELF?mod=options&action=personal"); }
}	}
// ********************************************************************************	// ********************************************************************************
// Edit Templates	// Edit Templates
// ********************************************************************************	// ********************************************************************************
elseif($action == "templates")	elseif($action == "templates")
{	{
if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permissions for this type of action"); }	if($member_db[1] != 1){ msg("error", "Access Denied", "You don't have permissions for this type of action"); }
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Detect all template packs we have	Detect all template packs we have
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
$templates_list = array();	$templates_list = array();
if(!$handle = opendir("./data")){ die("<center>Can not open directory $cutepath/data "); }	if(!$handle = opendir("./data")){ die("<center>Can not open directory $cutepath/data "); }
while (false !== ($file = readdir($handle))){	while (false !== ($file = readdir($handle))){
if(eregi(".tpl", $file)){	if(eregi(".tpl", $file)){
$file_arr = explode(".", $file);	$file_arr = explode(".", $file);
$templates_list[]= $file_arr[0];	$templates_list[]= $file_arr[0];
}	}
}	}
closedir($handle);	closedir($handle);

/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
If we want to create new template	If we want to create new template
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "new"){	if($subaction == "new"){
echoheader("options", "New Template");	echoheader("options", "New Template");

echo"<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >Create new template based on: <select name=base_template>";	echo"<form method=post action=\"$PHP_SELF\"><table border=0 cellpading=0 cellspacing=0 width=100% height=100%><tr><td >Create new template based on: <select name=base_template>";
foreach($templates_list as $single_template){	foreach($templates_list as $single_template){
echo "<option value=\"$single_template\">$single_template</option>";	echo "<option value=\"$single_template\">$single_template</option>";
}	}
echo '</select> with name <input type=text name=template_name>  <input type=submit value="Create Template">	echo '</select> with name <input type=text name=template_name>  <input type=submit value="Create Template">
<input type=hidden name=mod value=options>	<input type=hidden name=mod value=options>
<input type=hidden name=action value=templates>	<input type=hidden name=action value=templates>
<input type=hidden name=subaction value=donew>	<input type=hidden name=subaction value=donew>
</td></tr></table></form>';	</td></tr></table></form>';
echofooter();	echofooter();
exit;	exit;
}	}
/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~	/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Do Create the new template	Do Create the new template
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */	~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
if($subaction == "donew"){	if($subaction == "donew"){
if(!eregi("^[a-z0-9_-]+$", $template_name)){ msg("error", "Error", "The name of the template must be only with letters and numbers", "$PHP_SELF?mod=options&subaction=new&action=templates"); }	if(!eregi("^[a-z0-9_-]+$", $template_name)){ msg("error", "Error", "The name of the template must be only with letters and numbers", "$PHP_SELF?mod=options&subaction=new&action=templates"); }
if(file_exists("./data/${template_name}.tpl")){ msg("error", "Error", "Template with this name already exists", "$PHP_SELF?mod=options&subaction=new&action=templates"); }	if(file_exists("./data/${template_name}.tpl")){ msg("error", "Error", "Template with this name already exists", "$PHP_SELF?mod=options&subaction=new&action=templates"); }

if($base_template != ""){ $base_file = "./data/${base_template}.tpl"; }	if($base_template != ""){ $base_file = "./data/${base_template}.tpl"; }
else{ $base_file = "./data/Default.tpl"; }	else{ $base_file = "./data/Default.tpl"; }

if (!copy($base_f