Partage de codes sources - CodesWall.info
Php > veloron
| Titre | veloron | |
| Postée le | 26-04-2008 | |
| Affichée | 783 | |
| Mini-lien | ||
| Description | strftime error | |
| Etat |  Contient des erreurs. |
| Code d'insertion | |||
| Options |
|
||
| Téléchargement |
|
<?php
// -------------------------------------------------------------------------//
// Nuked-KlaN - PHP Portal //
// http://www.nuked-klan.org //
// -------------------------------------------------------------------------//
// This program is free software. you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License. //
// -------------------------------------------------------------------------//
if (!defined("INDEX_CHECK"))
{
die ("<div style=\"text-align: center;\">You cannot open this page directly</div>");
}
global $user, $language;
translate("modules/News/lang/" . $language . ".lang.php");
if (!$user)
{
$visiteur = 0;
}
else
{
$visiteur = $user[1];
}
$ModName = basename(dirname(__FILE__));
$level_admin = admin_mod($ModName);
if ($visiteur >= $level_admin && $level_admin > -1)
{
function main()
{
global $user, $nuked, $language, $bgcolor1, $bgcolor2, $bgcolor3, $p, $orderby;
$nb_news = 30;
$sql = mysql_query("SELECT id FROM " . NEWS_TABLE);
$count = mysql_num_rows($sql);
if (!$p) $p = 1;
$start = $p * $nb_news - $nb_news;
echo"<script type=\"text/javascript\">\n"
."<!--\n"
."\n"
. "function del_news(titre, id)\n"
. "{\n"
. "if (confirm('" . _DELETENEWS . " '+titre+' ! " . _CONFIRM . "'))\n"
. "{document.location.href = 'index.php?file=News&page=admin&op=do_del&news_id='+id;}\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\">" . _NAVNEWS . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n";
if ($orderby == "date")
{
$order_by = "date DESC";
}
else if ($orderby == "title")
{
$order_by = "titre";
}
else if ($orderby == "cat")
{
$order_by = "cat";
}
else if ($orderby == "author")
{
$order_by = "auteur";
}
else
{
$order_by = "date DESC";
}
echo "<table width=\"100%\" cellpadding=\"2\" cellspacing=\"0\" border=\"0\">\n"
. "<tr><td align=\"right\">" . _ORDERBY . " : ";
if ($orderby == "date" || !$orderby)
{
echo "<b>" . _DATE . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=date\">" . _DATE . "</a> | ";
}
if ($orderby == "title")
{
echo "<b>" . _TITLE . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=title\">" . _TITLE . "</a> | ";
}
if ($orderby == "author")
{
echo "<b>" . _AUTHOR . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=author\">" . _AUTHOR . "</a> | ";
}
if ($orderby == "cat")
{
echo "<b>" . _CAT . "</b>";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=cat\">" . _CAT . "</a>";
}
echo " </td></tr></table>\n";
if ($count > $nb_news)
{
echo "<div>";
$url = "index.php?file=News&page=admin&orderby=" . $orderby;
number($count, $nb_news, $url);
echo "</div>\n";
}
echo "<table style=\"background: " . $bgcolor2 . ";border: 1px solid " . $bgcolor3 . ";\" width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n"
. "<tr style=\"background: " . $bgcolor3 . ";\">\n"
. "<td style=\"width: 25%;\" align=\"center\"><b>" . _TITLE . "</b></td>\n"
. "<td style=\"width: 15%;\" align=\"center\"><b>" . _CAT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _DATE . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _AUTHOR . "</b></td>\n"
. "<td style=\"width: 10%;\" align=\"center\"><b>" . _EDIT . "</b></td>\n"
. "<td style=\"width: 10%;\" align=\"center\"><b>" . _DEL . "</b></td></tr>\n";
$sql2 = mysql_query("SELECT id, titre, auteur, auteur_id, cat, date FROM " . NEWS_TABLE . " ORDER BY " . $order_by . " LIMIT " . $start . ", " . $nb_news);
while (list($news_id, $titre, $autor, $autor_id, $cat, $date) = mysql_fetch_array($sql2))
{
$date = strftime("%x %H:%M", $date);
$titre = stripslashes($titre);
$autor = stripslashes($autor);
$sql3 = mysql_query("SELECT titre FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat. "'");
list($categorie) = mysql_fetch_array($sql3);
$categorie = stripslashes($categorie);
$categorie = htmlentities($categorie);
if ($autor_id != "")
{
$sql4 = mysql_query("SELECT pseudo FROM " . USER_TABLE . " WHERE id = '" . $autor_id . "'");
$test = mysql_num_rows($sql4);
}
if ($autor_id != "" && $test > 0)
{
list($auteur) = mysql_fetch_array($sql4);
$auteur = stripslashes($auteur);
}
else
{
$auteur = $autor;
}
if ($j == 0)
{
$bg = $bgcolor2;
$j++;
}
else
{
$bg = $bgcolor1;
$j = 0;
}
if (strlen($titre) > 25)
{
$title = "<span style=\"cursor: hand\" title=\"" . htmlentities($titre) . "\">" . htmlentities(substr($titre, 0, 25)) . "...</span>";
}
else
{
$title = htmlentities($titre);
}
echo "<tr style=\"background: " . $bg . ";\">\n"
. "<td style=\"width: 25%;\">" . $title . "</td>\n"
. "<td style=\"width: 15%;\" align=\"center\">" . $categorie . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\">" . $date . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\">" . $auteur . "</td>\n";
if($user[0] == $autor_id || $user[1] == 9) echo"<td style=\"width: 10%;\" align=\"center\"><a href=\"index.php?file=News&page=admin&op=edit&news_id=" . $news_id . "\"><img style=\"border: 0;\" src=\"images/edit.gif\" alt=\"\" title=\"" . _EDITTHISNEWS . "\" /></a></td>\n"."<td style=\"width: 10%;\" align=\"center\"><a href=\"javascript:del_news('" . addslashes($titre) . "', '" . $news_id . "');\"><img style=\"border: 0;\" src=\"images/del.gif\" alt=\"\" title=\"" . _DELTHISNEWS . "\" /></a></td></tr>\n";
else echo"<td style=\"width: 10%;\" align=\"center\"> - </td>\n"."<td style=\"width: 10%;\" align=\"center\"> - </td></tr>\n";
}
if ($count == 0)
{
echo "<tr><td align=\"center\" colspan=\"6\">" . _NONEWSINDB . "</td></tr>\n";
}
echo" </table>\n";
if ($count > $nb_news)
{
echo "<div>";
$url = "index.php?file=News&page=admin&orderby=" . $orderby;
number($count, $nb_news, $url);
echo "</div>\n";
}
echo "<br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=Admin\"><b>" . _BACK . "</b></a> ]</div><br />\n";
}
function add()
{
global $nuked, $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "</b>" . _ADDNEWS . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=do_add\" onsubmit=\"backslash('news_texte');backslash('news_suite');BBcode_close('news_texte');BBcode_close('news_suite');\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">\n"
. "<tr><td align=\"center\"><b>" . _TITLE . " :</b> <input type=\"text\" id=\"news_titre\" name=\"titre\" maxlength=\"100\" size=\"45\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _PUBLISH . " " . _THE ." :</b> <select id=\"news_jour\" name=\"jour\">\n";
$day = 1;
while ($day < 32)
{
if ($day == date("d"))
{
echo "<option value=\"" . $day . "\" selected=\"selected\">" . $day . "</option>\n";
}
else
{
echo "<option value=\"" . $day . "\">" . $day . "</option>\n";
}
$day++;
}
echo "</select> <select id=\"news_mois\" name=\"mois\">\n";
$month = 1;
while ($month < 13)
{
if ($month == date("m"))
{
echo "<option value=\"" . $month . "\" selected=\"selected\">" . $month . "</option>\n";
}
else
{
echo "<option value=\"" . $month . "\">" . $month . "</option>\n";
}
$month++;
}
echo "</select> <select id=\"news_annee\" name=\"annee\">\n";
$prevprevprevyear = date(Y) -3;
$prevprevyear = date(Y) -2;
$prevyear = date(Y) -1;
$year = date(Y) ;
$nextyear = date(Y) + 1;
$nextnextyear = date(Y) + 2;
$check = "selected=\"selected\"";
echo "<option value=\"" . $prevprevprevyear . "\">" . $prevprevprevyear . "</option>\n"
. "<option value=\"" . $prevprevyear . "\">" . $prevprevyear . "</option>\n"
. "<option value=\"" . $prevyear . "\">" . $prevyear . "</option>\n"
. "<option value=\"" . $year . "\" " . $check . ">" . $year . "</option>\n";
$heure = date("H:i");
echo "<option value=\"" . $nextyear . "\">" . $nextyear . "</option>\n"
. "<option value=\"" . $nextnextyear . "\">" . $nextnextyear . "</option>\n"
. "</select> <b>" . _AT . " :</b> <input type=\"text\" id=\"news_heure\" name=\"heure\" size=\"5\" maxlength=\"5\" value=\"" . $heure . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _CAT . " :</b> <select id=\"news_cat\" name=\"cat\">\n";
select_news_cat();
echo "</select></td></tr><tr><td> </td></tr>\n"
. "<tr><td align=\"center\"><big><b>" . _TEXT . " :</b></big></td></tr>\n"
. "<tr><td align=\"center\">\n";
buttonBB("news_texte");
echo"</td></tr><tr><td align=\"center\">\n";
smiley("news_texte");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_texte\" name=\"texte\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_texte');\" onclick=\"storeCaret('news_texte');\" onkeyup=\"storeCaret('news_texte');\"></textarea></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><big><b>" . _MORE . " :</b></big></td></tr><tr><td align=\"center\">\n";
buttonBB("news_suite");
echo "</td></tr><tr><td align=\"center\">\n";
echo"<script type=\"text/javascript\">\n"
. "<!--\n"
. "\n"
. "function preview(){\n"
. "\n"
. "ns4 = (document.layers) ? true : false;\n"
. "ie4 = (document.all) ? true : false;\n"
. "\n"
. "if(document.getElementById('news_bbcodeoff').checked) {\n"
. "var bbcodeoff=1;}else{var bbcodeoff=0;}\n"
. "\n"
. "if(document.getElementById('news_smileyoff').checked) {\n"
. "var smileyoff=1;}else{var smileyoff=0;}\n"
. "\n"
. "var texte=document.getElementById('news_texte').value;\n"
. "texte = texte.replace(/\\\/g,'\\\\\\\');\n"
. "texte = texte.replace(/\+/g,'_PLUS_');\n"
. "texte = texte.replace(/script/g,'s\\\cript');\n"
. "texte = texte.replace(/union/g,'un\\\ion');\n"
. "texte = texte.replace(/load_file/g,'l\\\oad_file');\n"
. "texte = texte.replace(/outfile/g,'o\\\utfile');\n"
. "texte = texte.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "texte = texte.replace(/onmouse/g,'on\\\mouse');\n"
. "texte = texte.replace(/iframe/g,'i\\\frame');\n"
. "texte = texte.replace(/applet/g,'a\\\pplet');\n"
. "texte = texte.replace(/<meta/g,'<\\\meta');\n"
. "texte = texte.replace(/<style/g,'<\\\style');\n"
. "texte = texte.replace(/<form/g,'<\\\form');\n"
. "texte = texte.replace(/<img/g,'<\\\img');\n"
. "texte = texte.replace(/<body/g,'<\\\body');\n"
. "texte = texte.replace(/<link/g,'<\\\link');\n"
. "var text1 = escape(texte);\n"
. "var suite=document.getElementById('news_suite').value;\n"
. "suite = suite.replace(/\\\/g,'\\\\\\\');\n"
. "suite = suite.replace(/\+/g,'_PLUS_');\n"
. "suite = suite.replace(/script/g,'s\\\cript');\n"
. "suite = suite.replace(/union/g,'un\\\ion');\n"
. "suite = suite.replace(/load_file/g,'l\\\oad_file');\n"
. "suite = suite.replace(/outfile/g,'o\\\utfile');\n"
. "suite = suite.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "suite = suite.replace(/onmouse/g,'on\\\mouse');\n"
. "suite = suite.replace(/iframe/g,'i\\\frame');\n"
. "suite = suite.replace(/applet/g,'a\\\pplet');\n"
. "suite = suite.replace(/<meta/g,'<\\\meta');\n"
. "suite = suite.replace(/<style/g,'<\\\style');\n"
. "suite = suite.replace(/<form/g,'<\\\form');\n"
. "suite = suite.replace(/<img/g,'<\\\img');\n"
. "suite = suite.replace(/<body/g,'<\\\body');\n"
. "suite = suite.replace(/<link/g,'<\\\link');\n"
. "var suite1 = escape(suite);\n"
. "\n"
. "if(ie4)\n"
. "{\n"
. "var text2 = text1.replace(/\\r/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\r/g,'<br />');\n"
. "}\n"
. "else\n"
. "{\n"
. "var text2 = text1.replace(/\\n/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\n/g,'<br />');\n"
. "}\n"
. "\n"
. "var titre=document.getElementById('news_titre').value;\n"
. "titre = titre.replace(/script/g,'s\\\cript');\n"
. "titre = titre.replace(/union/g,'un\\\ion');\n"
. "titre = titre.replace(/load_file/g,'l\\\oad_file');\n"
. "titre = titre.replace(/outfile/g,'o\\\utfile');\n"
. "titre = titre.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "titre = titre.replace(/onmouse/g,'o\\\nmouse');\n"
. "titre = titre.replace(/iframe/g,'i\\\frame');\n"
. "titre = titre.replace(/applet/g,'a\\\pplet');\n"
. "titre = titre.replace(/<meta/g,'<\\\meta');\n"
. "titre = titre.replace(/<style/g,'<\\\style');\n"
. "titre = titre.replace(/<form/g,'<\\\form');\n"
. "titre = titre.replace(/<img/g,'<\\\img');\n"
. "titre = titre.replace(/<body/g,'<\\\body');\n"
. "titre = titre.replace(/<link/g,'<\\\link');\n"
. "var title = escape(titre);\n"
. "var cat=document.getElementById('news_cat').value;\n"
. "var jour=document.getElementById('news_jour').value;\n"
. "var mois=document.getElementById('news_mois').value;\n"
. "var an=document.getElementById('news_annee').value;\n"
. "var heure=document.getElementById('news_heure').value;\n"
. "\n"
. "window.open('index.php?file=News&nuked_nude=admin&op=preview&texte='+ text2 +'&suite='+ suite2 +'&titre='+ title +'&cat='+ cat +'&jour='+ jour +'&mois='+ mois +'&annee='+ an +'&heure='+ heure +'&bbcodeoff='+ bbcodeoff +'&smileyoff='+ smileyoff,'preview','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=550,height=300,top=30,left=0');\n"
. "return(false)\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
smiley("news_suite");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_suite\" name=\"suite\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_suite');\" onclick=\"storeCaret('news_suite');\" onkeyup=\"storeCaret('news_suite');\"></textarea></td></tr>\n"
. "<tr><td><input class=\"checkbox\" type=\"checkbox\" id=\"news_bbcodeoff\" name=\"bbcodeoff\" value=\"1\" /> " . _BBCODEOFF . "<br />\n"
. "<input class=\"checkbox\" type=\"checkbox\" id=\"news_smileyoff\" name=\"smileyoff\" value=\"1\" /> " . _SMILEYOFF . "<br /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><input type=\"submit\" value=\"" . _ADDNEWS . "\" />\n"
. " <input type=\"button\" value=\"" . _PREVIEW . "\" onclick=\"preview()\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\">[ <a href=\"index.php?file=News&page=admin&op=main\"><b>" . _BACK . "</b></a> ]</td></tr></table></form><br />\n";
}
function do_add($titre, $texte, $suite, $cat, $bbcodeoff, $smileyoff, $jour, $mois, $annee, $heure)
{
global $nuked, $user;
$table = explode(':', $heure, 2);
$date = mktime ($table[0], $table[1], 0, $mois, $jour, $annee) ;
$titre = addslashes($titre);
$texte = addslashes($texte);
$suite = addslashes($suite);
$auteur = $user[2];
$auteur_id = $user[0];
$sql = mysql_query("INSERT INTO " . NEWS_TABLE . " ( `id` , `cat` , `titre` , `auteur` , `auteur_id` , `texte` , `suite` , `date` , `bbcodeoff` , `smileyoff` ) VALUES ( '', '" . $cat ."' , '" . $titre . "' , '" . $auteur . "' , '" . $auteur_id . "' , '" . $texte . "' , '" . $suite . "' , '" . $date . "' , '" . $bbcodeoff . "' , '" . $smileyoff . "' )");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSADD . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function edit($news_id)
{
global $user, $nuked, $language;
$sql = mysql_query("SELECT titre, auteur_id, texte, suite, date, cat, bbcodeoff, smileyoff FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id, $texte, $suite, $date, $cat, $bbcodeoff, $smileyoff) = mysql_fetch_array($sql);
/*
test by Norx
*/
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$titre = stripslashes($titre);
$texte = stripslashes($texte);
$suite = stripslashes($suite);
$auteur = stripslashes($auteur);
if ($bbcodeoff == "1")
{
$checked = "checked=\"checked\"";
}
if ($smileyoff == "1")
{
$checked0 = "checked=\"checked\"";
}
$sql2 = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat . "'");
list($cid, $categorie) = mysql_fetch_array($sql2);
$categorie = stripslashes($categorie);
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=do_edit&news_id=" . $news_id . "\" onsubmit=\"backslash('news_texte');backslash('news_suite');BBcode_close('news_texte');BBcode_close('news_suite');\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">\n"
. "<tr><td align=\"center\"><b>" . _TITLE . " :</b> <input type=\"text\" id=\"news_titre\" name=\"titre\" maxlength=\"100\" size=\"45\" value=\"" . $titre . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _PUBLISH . " " . _THE ." :</b> <select id=\"news_jour\" name=\"jour\">\n";
$day = 1;
while ($day < 32)
{
if ($day == date("d", $date))
{
echo "<option value=\"" . $day . "\" selected=\"selected\">" . $day . "</option>\n";
}
else
{
echo "<option value=\"" . $day . "\">" . $day . "</option>\n";
}
$day++;
}
echo "</select> <select id=\"news_mois\" name=\"mois\">\n";
$month = 1;
while ($month < 13)
{
if ($month == date("m", $date))
{
echo "<option value=\"" . $month . "\" selected=\"selected\">" . $month . "</option>\n";
}
else
{
echo "<option value=\"" . $month . "\">" . $month . "</option>\n";
}
$month++;
}
echo "</select> <select id=\"news_annee\" name=\"annee\">\n";
$prevprevprevyear = date("Y", $date) -3;
$prevprevyear = date("Y", $date) -2;
$prevyear = date("Y", $date) -1;
$year = date("Y", $date) ;
$nextyear = date("Y", $date) + 1;
$nextnextyear = date("Y", $date) + 2;
$check = "selected=\"selected\"";
echo "<option value=\"" . $prevprevprevyear . "\">" . $prevprevprevyear . "</option>\n"
. "<option value=\"" . $prevprevyear . "\">" . $prevprevyear . "</option>\n"
. "<option value=\"" . $prevyear . "\">" . $prevyear . "</option>\n"
. "<option value=\"" . $year . "\" " . $check . ">" . $year . "</option>\n";
$heure = date("H:i", $date);
echo "<option value=\"" . $nextyear . "\">" . $nextyear . "</option>\n"
. "<option value=\"" . $nextnextyear . "\">" . $nextnextyear . "</option>\n"
. "</select> <b>" . _AT . " :</b> <input type=\"text\" id=\"news_heure\" name=\"heure\" size=\"5\" maxlength=\"5\" value=\"" . $heure . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _CAT . " :</b> <select id=\"news_cat\" name=\"cat\"><option value=\"" . $cid . "\">" . $categorie . "</option>\n";
select_news_cat();
echo "</select></td></tr><tr><td> </td></tr>\n"
. "<tr><td align=\"center\"><big><b>" . _TEXT . " :</b></big></td></tr>\n"
. "<tr><td align=\"center\">\n";
buttonBB("news_texte");
echo"</td></tr><tr><td align=\"center\">\n";
smiley("news_texte");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_texte\" name=\"texte\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_texte');\" onclick=\"storeCaret('news_texte');\" onkeyup=\"storeCaret('news_texte');\">$texte</textarea></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><big><b>" . _MORE . " :</b></big></td></tr><tr><td align=\"center\">\n";
buttonBB("news_suite");
echo "</td></tr><tr><td align=\"center\">\n";
echo"<script type=\"text/javascript\">\n"
. "<!--\n"
. "\n"
. "function preview(){\n"
. "\n"
. "ns4 = (document.layers) ? true : false;\n"
. "ie4 = (document.all) ? true : false;\n"
. "\n"
. "if(document.getElementById('news_bbcodeoff').checked) {\n"
. "var bbcodeoff=1;}else{var bbcodeoff=0;}\n"
. "\n"
. "if(document.getElementById('news_smileyoff').checked) {\n"
. "var smileyoff=1;}else{var smileyoff=0;}\n"
. "\n"
. "var texte=document.getElementById('news_texte').value;\n"
. "texte = texte.replace(/\\\/g,'\\\\\\\');\n"
. "texte = texte.replace(/\+/g,'_PLUS_');\n"
. "texte = texte.replace(/script/g,'s\\\cript');\n"
. "texte = texte.replace(/union/g,'un\\\ion');\n"
. "texte = texte.replace(/load_file/g,'l\\\oad_file');\n"
. "texte = texte.replace(/outfile/g,'o\\\utfile');\n"
. "texte = texte.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "texte = texte.replace(/onmouse/g,'on\\\mouse');\n"
. "texte = texte.replace(/iframe/g,'i\\\frame');\n"
. "texte = texte.replace(/applet/g,'a\\\pplet');\n"
. "texte = texte.replace(/<meta/g,'<\\\meta');\n"
. "texte = texte.replace(/<style/g,'<\\\style');\n"
. "texte = texte.replace(/<form/g,'<\\\form');\n"
. "texte = texte.replace(/<img/g,'<\\\img');\n"
. "texte = texte.replace(/<body/g,'<\\\body');\n"
. "texte = texte.replace(/<link/g,'<\\\link');\n"
. "var text1 = escape(texte);\n"
. "var suite=document.getElementById('news_suite').value;\n"
. "suite = suite.replace(/\\\/g,'\\\\\\\');\n"
. "suite = suite.replace(/\+/g,'_PLUS_');\n"
. "suite = suite.replace(/script/g,'s\\\cript');\n"
. "suite = suite.replace(/union/g,'un\\\ion');\n"
. "suite = suite.replace(/load_file/g,'l\\\oad_file');\n"
. "suite = suite.replace(/outfile/g,'o\\\utfile');\n"
. "suite = suite.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "suite = suite.replace(/onmouse/g,'on\\\mouse');\n"
. "suite = suite.replace(/iframe/g,'i\\\frame');\n"
. "suite = suite.replace(/applet/g,'a\\\pplet');\n"
. "suite = suite.replace(/<meta/g,'<\\\meta');\n"
. "suite = suite.replace(/<style/g,'<\\\style');\n"
. "suite = suite.replace(/<form/g,'<\\\form');\n"
. "suite = suite.replace(/<img/g,'<\\\img');\n"
. "suite = suite.replace(/<body/g,'<\\\body');\n"
. "suite = suite.replace(/<link/g,'<\\\link');\n"
. "var suite1 = escape(suite);\n"
. "\n"
. "if(ie4)\n"
. "{\n"
. "var text2 = text1.replace(/\\r/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\r/g,'<br />');\n"
. "}\n"
. "else\n"
. "{\n"
. "var text2 = text1.replace(/\\n/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\n/g,'<br />');\n"
. "}\n"
. "\n"
. "var titre=document.getElementById('news_titre').value;\n"
. "titre = titre.replace(/script/g,'s\\\cript');\n"
. "titre = titre.replace(/union/g,'un\\\ion');\n"
. "titre = titre.replace(/load_file/g,'l\\\oad_file');\n"
. "titre = titre.replace(/outfile/g,'o\\\utfile');\n"
. "titre = titre.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "titre = titre.replace(/onmouse/g,'o\\\nmouse');\n"
. "titre = titre.replace(/iframe/g,'i\\\frame');\n"
. "titre = titre.replace(/applet/g,'a\\\pplet');\n"
. "titre = titre.replace(/<meta/g,'<\\\meta');\n"
. "titre = titre.replace(/<style/g,'<\\\style');\n"
. "titre = titre.replace(/<form/g,'<\\\form');\n"
. "titre = titre.replace(/<img/g,'<\\\img');\n"
. "titre = titre.replace(/<body/g,'<\\\body');\n"
. "titre = titre.replace(/<link/g,'<\\\link');\n"
. "var title = escape(titre);\n"
. "var cat=document.getElementById('news_cat').value;\n"
. "var jour=document.getElementById('news_jour').value;\n"
. "var mois=document.getElementById('news_mois').value;\n"
. "var an=document.getElementById('news_annee').value;\n"
. "var heure=document.getElementById('news_heure').value;\n"
. "\n"
. "window.open('index.php?file=News&nuked_nude=admin&op=preview&texte='+ text2 +'&suite='+ suite2 +'&titre='+ title +'&cat='+ cat +'&jour='+ jour +'&mois='+ mois +'&annee='+ an +'&heure='+ heure +'&bbcodeoff='+ bbcodeoff +'&smileyoff='+ smileyoff,'preview','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=550,height=300,top=30,left=0');\n"
. "return(false)\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
smiley("news_suite");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_suite\" name=\"suite\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_suite');\" onclick=\"storeCaret('news_suite');\" onkeyup=\"storeCaret('news_suite');\">$suite</textarea></td></tr>\n"
. "<tr><td><input class=\"checkbox\" type=\"checkbox\" id=\"news_bbcodeoff\" name=\"bbcodeoff\" value=\"1\" " . $checked . " /> " . _BBCODEOFF . "<br />\n"
. "<input class=\"checkbox\" type=\"checkbox\" id=\"news_smileyoff\" name=\"smileyoff\" value=\"1\" " . $checked0 . " /> " . _SMILEYOFF . "<br /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><input type=\"submit\" value=\"" . _MODIFTHISNEWS . "\" />\n"
. " <input type=\"button\" value=\"" . _PREVIEW . "\" onclick=\"preview()\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\">[ <a href=\"index.php?file=News&page=admin&op=main\"><b>" . _BACK . "</b></a> ]</td></tr></table></form><br />\n";
}
function do_edit($news_id, $titre, $texte, $suite, $cat, $bbcodeoff, $smileyoff, $jour, $mois, $annee, $heure)
{
global $user, $nuked;
$sql = mysql_query("SELECT titre, auteur_id FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id) = mysql_fetch_array($sql);
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$table = explode(':', $heure, 2);
$date = mktime ($table[0], $table[1], 0, $mois, $jour, $annee) ;
$titre = addslashes($titre);
$texte = addslashes($texte);
$suite = addslashes($suite);
$upd = mysql_query("UPDATE " . NEWS_TABLE . " SET cat = '" . $cat . "', titre = '" . $titre . "', texte = '" . $texte . "', suite = '" . $suite . "', date = '" . $date . "', bbcodeoff = '" . $bbcodeoff . "', smileyoff = '" . $smileyoff . "' WHERE id = '" . $news_id . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSMODIF . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function do_del($news_id)
{
global $user, $nuked;
$sql = mysql_query("SELECT titre, auteur_id FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id) = mysql_fetch_array($sql);
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$del = mysql_query("DELETE FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
$del_com = mysql_query("DELETE FROM " . COMMENT_TABLE . " WHERE im_id = '" . $news_id . "' AND module = 'news'");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSDEL . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function main_cat()
{
global $nuked, $language, $bgcolor1, $bgcolor2, $bgcolor3;
echo"<script type=\"text/javascript\">\n"
."<!--\n"
."\n"
. "function del_cat(titre, id)\n"
. "{\n"
. "if (confirm('" . _DELETENEWS . " '+titre+' ! " . _CONFIRM . "'))\n"
. "{document.location.href = 'index.php?file=News&page=admin&op=del_cat&cid='+id;}\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "</b>" . _CATMANAGEMENT . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;background: " . $bgcolor2 . ";border: 1px solid " . $bgcolor3 . ";\" width=\"70%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n"
. "<tr style=\"background: " . $bgcolor3 . ";\">\n"
. "<td style=\"width: 60%;\" align=\"center\"><b>" . _CAT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _EDIT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _DEL . "</b></td></tr>\n";
$sql = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE . " ORDER BY titre");
while (list($cid, $titre) = mysql_fetch_array($sql))
{
$titre = stripslashes($titre);
$titre = htmlentities($titre);
if ($j == 0)
{
$bg = $bgcolor2;
$j++;
}
else
{
$bg = $bgcolor1;
$j = 0;
}
echo "<tr style=\"background: " . $bg . ";\">\n"
. "<td style=\"width: 60%;\" align=\"center\">" . $titre . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><a href=\"index.php?file=News&page=admin&op=edit_cat&cid=" . $cid . "\"><img style=\"border: 0;\" src=\"images/edit.gif\" alt=\"\" title=\"" . _EDITTHISCAT . "\" /></a></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><a href=\"javascript:del_cat('" . addslashes($titre) . "','" . $cid . "');\"><img style=\"border: 0;\" src=\"images/del.gif\" alt=\"\" title=\"" . _DELTHISCAT . "\" /></a></td></tr>\n";
}
echo "</table><br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=News&page=admin&op=add_cat\"><b>" . _ADDCAT . "</b></a> ]</div>\n"
. "<br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=News&page=admin\"><b>" . _BACK . "</b></a> ]</div><br />\n";
}
function add_cat()
{
global $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=send_cat\" enctype=\"multipart/form-data\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\">\n"
. "<tr><td><b>" . _TITLE . " : </b><input type=\"text\" name=\"titre\" size=\"30\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _URLIMG . " : </b><input type=\"text\" name=\"image\" size=\"39\" /></td></tr>\n"
. "<tr><td><b>" . _UPIMG . " : </b><input type=\"file\" name=\"fichiernom\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _DESCR . " : </b><br /><textarea name=\"description\" cols=\"65\" rows=\"10\"></textarea></td></tr>\n"
. "</table><div style=\"text-align: center;\"><br /><input type=\"submit\" value=\"" . _CREATECAT . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin&op=main_cat\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function send_cat($titre, $description, $image, $fichiernom)
{
$filename = $_FILES['fichiernom']['name'];
if ($filename != "")
{
$ext = strrchr($filename, ".");
$ext = substr($filename, 1);
if (!eregi(".php", $filename) && !eregi(".htm", $filename) && (eregi("jpg", $ext) || eregi("jpeg", $ext) || eregi("gif", $ext) || eregi("png", $ext)))
{
$url_image = "upload/News/" . $filename;
move_uploaded_file($_FILES['fichiernom']['tmp_name'], $url_image) or die ("<br /><br /><div style=\"text-align: center;\"><b>Upload file failed !!!</b></div><br /><br />");
@chmod ($url_image, 0644);
}
else
{
echo "<br /><br /><div style=\"text-align: center;\">No image file !!!</div><br /><br />";
redirect("index.php?file=News&page=admin&op=add_cat", 2);
closetable();
footer();
exit();
}
}
else
{
$url_image = $image;
}
$titre = addslashes($titre);
$description = addslashes($description);
$sql = mysql_query("INSERT INTO " . NEWS_CAT_TABLE . " ( `nid` , `titre` , `description` , `image` ) VALUES ( '' , '" . $titre . "' , '" . $description . "' , '" . $url_image . "' )");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATADD . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function edit_cat($cid)
{
global $nuked, $language;
$sql = mysql_query("SELECT titre, description, image FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cid . "'");
list($titre, $description, $image) = mysql_fetch_array($sql);
$titre = stripslashes($titre);
$description = stripslashes($description);
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=modif_cat\" enctype=\"multipart/form-data\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\">\n"
. "<tr><td><b>" . _TITLE . " : </b><input type=\"text\" name=\"titre\" size=\"30\" value=\"" . $titre . "\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _URLIMG . " : </b><input type=\"text\" name=\"image\" size=\"39\" value=\"" . $image . "\" /></td></tr>\n"
. "<tr><td><b>" . _UPIMG . " : </b><input type=\"file\" name=\"fichiernom\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _DESCR . " : </b><br /><textarea name=\"description\" cols=\"65\" rows=\"10\">" . $description . "</textarea></td></tr>\n"
. "</table><div style=\"text-align: center;\"><input type=\"hidden\" name=\"cid\" value=\"" . $cid . "\" /><br /><input type=\"submit\" value=\"" . _MODIFTHISCAT . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin&op=main_cat\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function modif_cat($cid, $titre, $description, $image, $fichiernom)
{
global $nuked;
$filename = $_FILES['fichiernom']['name'];
if ($filename != "")
{
$ext = strrchr($filename, ".");
$ext = substr($filename, 1);
if (!eregi(".php", $filename) && !eregi(".htm", $filename) && (eregi("jpg", $ext) || eregi("jpeg", $ext) || eregi("gif", $ext) || eregi("png", $ext)))
{
$url_image = "upload/News/" . $filename;
move_uploaded_file($_FILES['fichiernom']['tmp_name'], $url_image) or die ("<br /><br /><div style=\"text-align: center;\"><b>Upload file failed !!!</b></div><br /><br />");
@chmod ($url_image, 0644);
}
else
{
echo "<br /><br /><div style=\"text-align: center;\">No image file !!!</div><br /><br />";
redirect("index.php?file=News&page=admin&op=edit_cat&cid=" . $cid, 2);
closetable();
footer();
exit();
}
}
else
{
$url_image = $image;
}
$titre = addslashes($titre);
$description = addslashes($description);
$sql = mysql_query("UPDATE " . NEWS_CAT_TABLE . " SET titre = '" . $titre . "', description = '" . $description . "', image = '" . $url_image . "' WHERE nid = '" . $cid . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATMODIF . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function select_news_cat()
{
global $nuked;
$sql = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE);
while (list($cid, $titre) = mysql_fetch_array($sql))
{
$titre = stripslashes($titre);
$titre = htmlentities($titre);
echo "<option value=\"" . $cid . "\">" . $titre . "</option>\n";
}
}
function del_cat($cid)
{
global $nuked;
$sql = mysql_query("DELETE FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cid . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATDEL . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function main_pref()
{
global $nuked, $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "</b>" . _PREFS . "</div><br />\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=change_pref\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\">\n"
. "<tr><td align=\"center\"><big>" . _PREFS . "</big></td></tr>\n"
. "<tr><td>" . _NUMBERNEWS . " :</td><td> <input type=\"text\" name=\"max_news\" size=\"2\" value=\"" . $nuked['max_news'] . "\" /></td></tr>\n"
. "<tr><td>" . _NUMBERARCHIVE . " :</td><td> <input type=\"text\" name=\"max_archives\" size=\"2\" value=\"" . $nuked['max_archives'] . "\" /></td></tr>\n"
. "</table><div style=\"text-align: center;\"><br /><input type=\"submit\" value=\"" . _SEND . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function change_pref($max_news, $max_archives)
{
global $nuked;
$upd1 = mysql_query("UPDATE " . CONFIG_TABLE . " SET value = '" . $max_news . "' WHERE name = 'max_news'");
$upd2 = mysql_query("UPDATE " . CONFIG_TABLE . " SET value = '" . $max_archives . "' WHERE name = 'max_archives'");
echo "<br /><br /><div style=\"text-align: center;\">" . _PREFUPDATED . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function preview()
{
global $nuked, $user, $theme, $language, $bgcolor3, $bgcolor2, $texte, $titre, $suite, $auteur, $cat, $jour, $mois, $annee, $heure, $bbcodeoff, $smileyoff;
if ($language == "french" && ereg("WIN", PHP_OS)) setlocale (LC_TIME, "french");
else if ($language == "french" && ereg("BSD", PHP_OS)) setlocale (LC_TIME, "fr_FR.ISO8859-1");
else if ($language == "french") setlocale (LC_TIME, "fr_FR");
else setlocale (LC_TIME, $language);
$sql3 = mysql_query("SELECT titre, image FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat . "'");
list($categorie, $image) = mysql_fetch_array($sql3);
$categorie
// -------------------------------------------------------------------------//
// Nuked-KlaN - PHP Portal //
// http://www.nuked-klan.org //
// -------------------------------------------------------------------------//
// This program is free software. you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License. //
// -------------------------------------------------------------------------//
if (!defined("INDEX_CHECK"))
{
die ("<div style=\"text-align: center;\">You cannot open this page directly</div>");
}
global $user, $language;
translate("modules/News/lang/" . $language . ".lang.php");
if (!$user)
{
$visiteur = 0;
}
else
{
$visiteur = $user[1];
}
$ModName = basename(dirname(__FILE__));
$level_admin = admin_mod($ModName);
if ($visiteur >= $level_admin && $level_admin > -1)
{
function main()
{
global $user, $nuked, $language, $bgcolor1, $bgcolor2, $bgcolor3, $p, $orderby;
$nb_news = 30;
$sql = mysql_query("SELECT id FROM " . NEWS_TABLE);
$count = mysql_num_rows($sql);
if (!$p) $p = 1;
$start = $p * $nb_news - $nb_news;
echo"<script type=\"text/javascript\">\n"
."<!--\n"
."\n"
. "function del_news(titre, id)\n"
. "{\n"
. "if (confirm('" . _DELETENEWS . " '+titre+' ! " . _CONFIRM . "'))\n"
. "{document.location.href = 'index.php?file=News&page=admin&op=do_del&news_id='+id;}\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\">" . _NAVNEWS . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n";
if ($orderby == "date")
{
$order_by = "date DESC";
}
else if ($orderby == "title")
{
$order_by = "titre";
}
else if ($orderby == "cat")
{
$order_by = "cat";
}
else if ($orderby == "author")
{
$order_by = "auteur";
}
else
{
$order_by = "date DESC";
}
echo "<table width=\"100%\" cellpadding=\"2\" cellspacing=\"0\" border=\"0\">\n"
. "<tr><td align=\"right\">" . _ORDERBY . " : ";
if ($orderby == "date" || !$orderby)
{
echo "<b>" . _DATE . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=date\">" . _DATE . "</a> | ";
}
if ($orderby == "title")
{
echo "<b>" . _TITLE . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=title\">" . _TITLE . "</a> | ";
}
if ($orderby == "author")
{
echo "<b>" . _AUTHOR . "</b> | ";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=author\">" . _AUTHOR . "</a> | ";
}
if ($orderby == "cat")
{
echo "<b>" . _CAT . "</b>";
}
else
{
echo "<a href=\"index.php?file=News&page=admin&orderby=cat\">" . _CAT . "</a>";
}
echo " </td></tr></table>\n";
if ($count > $nb_news)
{
echo "<div>";
$url = "index.php?file=News&page=admin&orderby=" . $orderby;
number($count, $nb_news, $url);
echo "</div>\n";
}
echo "<table style=\"background: " . $bgcolor2 . ";border: 1px solid " . $bgcolor3 . ";\" width=\"100%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n"
. "<tr style=\"background: " . $bgcolor3 . ";\">\n"
. "<td style=\"width: 25%;\" align=\"center\"><b>" . _TITLE . "</b></td>\n"
. "<td style=\"width: 15%;\" align=\"center\"><b>" . _CAT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _DATE . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _AUTHOR . "</b></td>\n"
. "<td style=\"width: 10%;\" align=\"center\"><b>" . _EDIT . "</b></td>\n"
. "<td style=\"width: 10%;\" align=\"center\"><b>" . _DEL . "</b></td></tr>\n";
$sql2 = mysql_query("SELECT id, titre, auteur, auteur_id, cat, date FROM " . NEWS_TABLE . " ORDER BY " . $order_by . " LIMIT " . $start . ", " . $nb_news);
while (list($news_id, $titre, $autor, $autor_id, $cat, $date) = mysql_fetch_array($sql2))
{
$date = strftime("%x %H:%M", $date);
$titre = stripslashes($titre);
$autor = stripslashes($autor);
$sql3 = mysql_query("SELECT titre FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat. "'");
list($categorie) = mysql_fetch_array($sql3);
$categorie = stripslashes($categorie);
$categorie = htmlentities($categorie);
if ($autor_id != "")
{
$sql4 = mysql_query("SELECT pseudo FROM " . USER_TABLE . " WHERE id = '" . $autor_id . "'");
$test = mysql_num_rows($sql4);
}
if ($autor_id != "" && $test > 0)
{
list($auteur) = mysql_fetch_array($sql4);
$auteur = stripslashes($auteur);
}
else
{
$auteur = $autor;
}
if ($j == 0)
{
$bg = $bgcolor2;
$j++;
}
else
{
$bg = $bgcolor1;
$j = 0;
}
if (strlen($titre) > 25)
{
$title = "<span style=\"cursor: hand\" title=\"" . htmlentities($titre) . "\">" . htmlentities(substr($titre, 0, 25)) . "...</span>";
}
else
{
$title = htmlentities($titre);
}
echo "<tr style=\"background: " . $bg . ";\">\n"
. "<td style=\"width: 25%;\">" . $title . "</td>\n"
. "<td style=\"width: 15%;\" align=\"center\">" . $categorie . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\">" . $date . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\">" . $auteur . "</td>\n";
if($user[0] == $autor_id || $user[1] == 9) echo"<td style=\"width: 10%;\" align=\"center\"><a href=\"index.php?file=News&page=admin&op=edit&news_id=" . $news_id . "\"><img style=\"border: 0;\" src=\"images/edit.gif\" alt=\"\" title=\"" . _EDITTHISNEWS . "\" /></a></td>\n"."<td style=\"width: 10%;\" align=\"center\"><a href=\"javascript:del_news('" . addslashes($titre) . "', '" . $news_id . "');\"><img style=\"border: 0;\" src=\"images/del.gif\" alt=\"\" title=\"" . _DELTHISNEWS . "\" /></a></td></tr>\n";
else echo"<td style=\"width: 10%;\" align=\"center\"> - </td>\n"."<td style=\"width: 10%;\" align=\"center\"> - </td></tr>\n";
}
if ($count == 0)
{
echo "<tr><td align=\"center\" colspan=\"6\">" . _NONEWSINDB . "</td></tr>\n";
}
echo" </table>\n";
if ($count > $nb_news)
{
echo "<div>";
$url = "index.php?file=News&page=admin&orderby=" . $orderby;
number($count, $nb_news, $url);
echo "</div>\n";
}
echo "<br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=Admin\"><b>" . _BACK . "</b></a> ]</div><br />\n";
}
function add()
{
global $nuked, $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "</b>" . _ADDNEWS . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=do_add\" onsubmit=\"backslash('news_texte');backslash('news_suite');BBcode_close('news_texte');BBcode_close('news_suite');\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">\n"
. "<tr><td align=\"center\"><b>" . _TITLE . " :</b> <input type=\"text\" id=\"news_titre\" name=\"titre\" maxlength=\"100\" size=\"45\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _PUBLISH . " " . _THE ." :</b> <select id=\"news_jour\" name=\"jour\">\n";
$day = 1;
while ($day < 32)
{
if ($day == date("d"))
{
echo "<option value=\"" . $day . "\" selected=\"selected\">" . $day . "</option>\n";
}
else
{
echo "<option value=\"" . $day . "\">" . $day . "</option>\n";
}
$day++;
}
echo "</select> <select id=\"news_mois\" name=\"mois\">\n";
$month = 1;
while ($month < 13)
{
if ($month == date("m"))
{
echo "<option value=\"" . $month . "\" selected=\"selected\">" . $month . "</option>\n";
}
else
{
echo "<option value=\"" . $month . "\">" . $month . "</option>\n";
}
$month++;
}
echo "</select> <select id=\"news_annee\" name=\"annee\">\n";
$prevprevprevyear = date(Y) -3;
$prevprevyear = date(Y) -2;
$prevyear = date(Y) -1;
$year = date(Y) ;
$nextyear = date(Y) + 1;
$nextnextyear = date(Y) + 2;
$check = "selected=\"selected\"";
echo "<option value=\"" . $prevprevprevyear . "\">" . $prevprevprevyear . "</option>\n"
. "<option value=\"" . $prevprevyear . "\">" . $prevprevyear . "</option>\n"
. "<option value=\"" . $prevyear . "\">" . $prevyear . "</option>\n"
. "<option value=\"" . $year . "\" " . $check . ">" . $year . "</option>\n";
$heure = date("H:i");
echo "<option value=\"" . $nextyear . "\">" . $nextyear . "</option>\n"
. "<option value=\"" . $nextnextyear . "\">" . $nextnextyear . "</option>\n"
. "</select> <b>" . _AT . " :</b> <input type=\"text\" id=\"news_heure\" name=\"heure\" size=\"5\" maxlength=\"5\" value=\"" . $heure . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _CAT . " :</b> <select id=\"news_cat\" name=\"cat\">\n";
select_news_cat();
echo "</select></td></tr><tr><td> </td></tr>\n"
. "<tr><td align=\"center\"><big><b>" . _TEXT . " :</b></big></td></tr>\n"
. "<tr><td align=\"center\">\n";
buttonBB("news_texte");
echo"</td></tr><tr><td align=\"center\">\n";
smiley("news_texte");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_texte\" name=\"texte\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_texte');\" onclick=\"storeCaret('news_texte');\" onkeyup=\"storeCaret('news_texte');\"></textarea></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><big><b>" . _MORE . " :</b></big></td></tr><tr><td align=\"center\">\n";
buttonBB("news_suite");
echo "</td></tr><tr><td align=\"center\">\n";
echo"<script type=\"text/javascript\">\n"
. "<!--\n"
. "\n"
. "function preview(){\n"
. "\n"
. "ns4 = (document.layers) ? true : false;\n"
. "ie4 = (document.all) ? true : false;\n"
. "\n"
. "if(document.getElementById('news_bbcodeoff').checked) {\n"
. "var bbcodeoff=1;}else{var bbcodeoff=0;}\n"
. "\n"
. "if(document.getElementById('news_smileyoff').checked) {\n"
. "var smileyoff=1;}else{var smileyoff=0;}\n"
. "\n"
. "var texte=document.getElementById('news_texte').value;\n"
. "texte = texte.replace(/\\\/g,'\\\\\\\');\n"
. "texte = texte.replace(/\+/g,'_PLUS_');\n"
. "texte = texte.replace(/script/g,'s\\\cript');\n"
. "texte = texte.replace(/union/g,'un\\\ion');\n"
. "texte = texte.replace(/load_file/g,'l\\\oad_file');\n"
. "texte = texte.replace(/outfile/g,'o\\\utfile');\n"
. "texte = texte.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "texte = texte.replace(/onmouse/g,'on\\\mouse');\n"
. "texte = texte.replace(/iframe/g,'i\\\frame');\n"
. "texte = texte.replace(/applet/g,'a\\\pplet');\n"
. "texte = texte.replace(/<meta/g,'<\\\meta');\n"
. "texte = texte.replace(/<style/g,'<\\\style');\n"
. "texte = texte.replace(/<form/g,'<\\\form');\n"
. "texte = texte.replace(/<img/g,'<\\\img');\n"
. "texte = texte.replace(/<body/g,'<\\\body');\n"
. "texte = texte.replace(/<link/g,'<\\\link');\n"
. "var text1 = escape(texte);\n"
. "var suite=document.getElementById('news_suite').value;\n"
. "suite = suite.replace(/\\\/g,'\\\\\\\');\n"
. "suite = suite.replace(/\+/g,'_PLUS_');\n"
. "suite = suite.replace(/script/g,'s\\\cript');\n"
. "suite = suite.replace(/union/g,'un\\\ion');\n"
. "suite = suite.replace(/load_file/g,'l\\\oad_file');\n"
. "suite = suite.replace(/outfile/g,'o\\\utfile');\n"
. "suite = suite.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "suite = suite.replace(/onmouse/g,'on\\\mouse');\n"
. "suite = suite.replace(/iframe/g,'i\\\frame');\n"
. "suite = suite.replace(/applet/g,'a\\\pplet');\n"
. "suite = suite.replace(/<meta/g,'<\\\meta');\n"
. "suite = suite.replace(/<style/g,'<\\\style');\n"
. "suite = suite.replace(/<form/g,'<\\\form');\n"
. "suite = suite.replace(/<img/g,'<\\\img');\n"
. "suite = suite.replace(/<body/g,'<\\\body');\n"
. "suite = suite.replace(/<link/g,'<\\\link');\n"
. "var suite1 = escape(suite);\n"
. "\n"
. "if(ie4)\n"
. "{\n"
. "var text2 = text1.replace(/\\r/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\r/g,'<br />');\n"
. "}\n"
. "else\n"
. "{\n"
. "var text2 = text1.replace(/\\n/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\n/g,'<br />');\n"
. "}\n"
. "\n"
. "var titre=document.getElementById('news_titre').value;\n"
. "titre = titre.replace(/script/g,'s\\\cript');\n"
. "titre = titre.replace(/union/g,'un\\\ion');\n"
. "titre = titre.replace(/load_file/g,'l\\\oad_file');\n"
. "titre = titre.replace(/outfile/g,'o\\\utfile');\n"
. "titre = titre.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "titre = titre.replace(/onmouse/g,'o\\\nmouse');\n"
. "titre = titre.replace(/iframe/g,'i\\\frame');\n"
. "titre = titre.replace(/applet/g,'a\\\pplet');\n"
. "titre = titre.replace(/<meta/g,'<\\\meta');\n"
. "titre = titre.replace(/<style/g,'<\\\style');\n"
. "titre = titre.replace(/<form/g,'<\\\form');\n"
. "titre = titre.replace(/<img/g,'<\\\img');\n"
. "titre = titre.replace(/<body/g,'<\\\body');\n"
. "titre = titre.replace(/<link/g,'<\\\link');\n"
. "var title = escape(titre);\n"
. "var cat=document.getElementById('news_cat').value;\n"
. "var jour=document.getElementById('news_jour').value;\n"
. "var mois=document.getElementById('news_mois').value;\n"
. "var an=document.getElementById('news_annee').value;\n"
. "var heure=document.getElementById('news_heure').value;\n"
. "\n"
. "window.open('index.php?file=News&nuked_nude=admin&op=preview&texte='+ text2 +'&suite='+ suite2 +'&titre='+ title +'&cat='+ cat +'&jour='+ jour +'&mois='+ mois +'&annee='+ an +'&heure='+ heure +'&bbcodeoff='+ bbcodeoff +'&smileyoff='+ smileyoff,'preview','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=550,height=300,top=30,left=0');\n"
. "return(false)\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
smiley("news_suite");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_suite\" name=\"suite\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_suite');\" onclick=\"storeCaret('news_suite');\" onkeyup=\"storeCaret('news_suite');\"></textarea></td></tr>\n"
. "<tr><td><input class=\"checkbox\" type=\"checkbox\" id=\"news_bbcodeoff\" name=\"bbcodeoff\" value=\"1\" /> " . _BBCODEOFF . "<br />\n"
. "<input class=\"checkbox\" type=\"checkbox\" id=\"news_smileyoff\" name=\"smileyoff\" value=\"1\" /> " . _SMILEYOFF . "<br /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><input type=\"submit\" value=\"" . _ADDNEWS . "\" />\n"
. " <input type=\"button\" value=\"" . _PREVIEW . "\" onclick=\"preview()\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\">[ <a href=\"index.php?file=News&page=admin&op=main\"><b>" . _BACK . "</b></a> ]</td></tr></table></form><br />\n";
}
function do_add($titre, $texte, $suite, $cat, $bbcodeoff, $smileyoff, $jour, $mois, $annee, $heure)
{
global $nuked, $user;
$table = explode(':', $heure, 2);
$date = mktime ($table[0], $table[1], 0, $mois, $jour, $annee) ;
$titre = addslashes($titre);
$texte = addslashes($texte);
$suite = addslashes($suite);
$auteur = $user[2];
$auteur_id = $user[0];
$sql = mysql_query("INSERT INTO " . NEWS_TABLE . " ( `id` , `cat` , `titre` , `auteur` , `auteur_id` , `texte` , `suite` , `date` , `bbcodeoff` , `smileyoff` ) VALUES ( '', '" . $cat ."' , '" . $titre . "' , '" . $auteur . "' , '" . $auteur_id . "' , '" . $texte . "' , '" . $suite . "' , '" . $date . "' , '" . $bbcodeoff . "' , '" . $smileyoff . "' )");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSADD . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function edit($news_id)
{
global $user, $nuked, $language;
$sql = mysql_query("SELECT titre, auteur_id, texte, suite, date, cat, bbcodeoff, smileyoff FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id, $texte, $suite, $date, $cat, $bbcodeoff, $smileyoff) = mysql_fetch_array($sql);
/*
test by Norx
*/
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$titre = stripslashes($titre);
$texte = stripslashes($texte);
$suite = stripslashes($suite);
$auteur = stripslashes($auteur);
if ($bbcodeoff == "1")
{
$checked = "checked=\"checked\"";
}
if ($smileyoff == "1")
{
$checked0 = "checked=\"checked\"";
}
$sql2 = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat . "'");
list($cid, $categorie) = mysql_fetch_array($sql2);
$categorie = stripslashes($categorie);
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=do_edit&news_id=" . $news_id . "\" onsubmit=\"backslash('news_texte');backslash('news_suite');BBcode_close('news_texte');BBcode_close('news_suite');\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"2\">\n"
. "<tr><td align=\"center\"><b>" . _TITLE . " :</b> <input type=\"text\" id=\"news_titre\" name=\"titre\" maxlength=\"100\" size=\"45\" value=\"" . $titre . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _PUBLISH . " " . _THE ." :</b> <select id=\"news_jour\" name=\"jour\">\n";
$day = 1;
while ($day < 32)
{
if ($day == date("d", $date))
{
echo "<option value=\"" . $day . "\" selected=\"selected\">" . $day . "</option>\n";
}
else
{
echo "<option value=\"" . $day . "\">" . $day . "</option>\n";
}
$day++;
}
echo "</select> <select id=\"news_mois\" name=\"mois\">\n";
$month = 1;
while ($month < 13)
{
if ($month == date("m", $date))
{
echo "<option value=\"" . $month . "\" selected=\"selected\">" . $month . "</option>\n";
}
else
{
echo "<option value=\"" . $month . "\">" . $month . "</option>\n";
}
$month++;
}
echo "</select> <select id=\"news_annee\" name=\"annee\">\n";
$prevprevprevyear = date("Y", $date) -3;
$prevprevyear = date("Y", $date) -2;
$prevyear = date("Y", $date) -1;
$year = date("Y", $date) ;
$nextyear = date("Y", $date) + 1;
$nextnextyear = date("Y", $date) + 2;
$check = "selected=\"selected\"";
echo "<option value=\"" . $prevprevprevyear . "\">" . $prevprevprevyear . "</option>\n"
. "<option value=\"" . $prevprevyear . "\">" . $prevprevyear . "</option>\n"
. "<option value=\"" . $prevyear . "\">" . $prevyear . "</option>\n"
. "<option value=\"" . $year . "\" " . $check . ">" . $year . "</option>\n";
$heure = date("H:i", $date);
echo "<option value=\"" . $nextyear . "\">" . $nextyear . "</option>\n"
. "<option value=\"" . $nextnextyear . "\">" . $nextnextyear . "</option>\n"
. "</select> <b>" . _AT . " :</b> <input type=\"text\" id=\"news_heure\" name=\"heure\" size=\"5\" maxlength=\"5\" value=\"" . $heure . "\" /></td></tr>\n"
. "<tr><td align=\"center\"><b>" . _CAT . " :</b> <select id=\"news_cat\" name=\"cat\"><option value=\"" . $cid . "\">" . $categorie . "</option>\n";
select_news_cat();
echo "</select></td></tr><tr><td> </td></tr>\n"
. "<tr><td align=\"center\"><big><b>" . _TEXT . " :</b></big></td></tr>\n"
. "<tr><td align=\"center\">\n";
buttonBB("news_texte");
echo"</td></tr><tr><td align=\"center\">\n";
smiley("news_texte");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_texte\" name=\"texte\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_texte');\" onclick=\"storeCaret('news_texte');\" onkeyup=\"storeCaret('news_texte');\">$texte</textarea></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><big><b>" . _MORE . " :</b></big></td></tr><tr><td align=\"center\">\n";
buttonBB("news_suite");
echo "</td></tr><tr><td align=\"center\">\n";
echo"<script type=\"text/javascript\">\n"
. "<!--\n"
. "\n"
. "function preview(){\n"
. "\n"
. "ns4 = (document.layers) ? true : false;\n"
. "ie4 = (document.all) ? true : false;\n"
. "\n"
. "if(document.getElementById('news_bbcodeoff').checked) {\n"
. "var bbcodeoff=1;}else{var bbcodeoff=0;}\n"
. "\n"
. "if(document.getElementById('news_smileyoff').checked) {\n"
. "var smileyoff=1;}else{var smileyoff=0;}\n"
. "\n"
. "var texte=document.getElementById('news_texte').value;\n"
. "texte = texte.replace(/\\\/g,'\\\\\\\');\n"
. "texte = texte.replace(/\+/g,'_PLUS_');\n"
. "texte = texte.replace(/script/g,'s\\\cript');\n"
. "texte = texte.replace(/union/g,'un\\\ion');\n"
. "texte = texte.replace(/load_file/g,'l\\\oad_file');\n"
. "texte = texte.replace(/outfile/g,'o\\\utfile');\n"
. "texte = texte.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "texte = texte.replace(/onmouse/g,'on\\\mouse');\n"
. "texte = texte.replace(/iframe/g,'i\\\frame');\n"
. "texte = texte.replace(/applet/g,'a\\\pplet');\n"
. "texte = texte.replace(/<meta/g,'<\\\meta');\n"
. "texte = texte.replace(/<style/g,'<\\\style');\n"
. "texte = texte.replace(/<form/g,'<\\\form');\n"
. "texte = texte.replace(/<img/g,'<\\\img');\n"
. "texte = texte.replace(/<body/g,'<\\\body');\n"
. "texte = texte.replace(/<link/g,'<\\\link');\n"
. "var text1 = escape(texte);\n"
. "var suite=document.getElementById('news_suite').value;\n"
. "suite = suite.replace(/\\\/g,'\\\\\\\');\n"
. "suite = suite.replace(/\+/g,'_PLUS_');\n"
. "suite = suite.replace(/script/g,'s\\\cript');\n"
. "suite = suite.replace(/union/g,'un\\\ion');\n"
. "suite = suite.replace(/load_file/g,'l\\\oad_file');\n"
. "suite = suite.replace(/outfile/g,'o\\\utfile');\n"
. "suite = suite.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "suite = suite.replace(/onmouse/g,'on\\\mouse');\n"
. "suite = suite.replace(/iframe/g,'i\\\frame');\n"
. "suite = suite.replace(/applet/g,'a\\\pplet');\n"
. "suite = suite.replace(/<meta/g,'<\\\meta');\n"
. "suite = suite.replace(/<style/g,'<\\\style');\n"
. "suite = suite.replace(/<form/g,'<\\\form');\n"
. "suite = suite.replace(/<img/g,'<\\\img');\n"
. "suite = suite.replace(/<body/g,'<\\\body');\n"
. "suite = suite.replace(/<link/g,'<\\\link');\n"
. "var suite1 = escape(suite);\n"
. "\n"
. "if(ie4)\n"
. "{\n"
. "var text2 = text1.replace(/\\r/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\r/g,'<br />');\n"
. "}\n"
. "else\n"
. "{\n"
. "var text2 = text1.replace(/\\n/g,'<br />');\n"
. "var suite2 = suite1.replace(/\\n/g,'<br />');\n"
. "}\n"
. "\n"
. "var titre=document.getElementById('news_titre').value;\n"
. "titre = titre.replace(/script/g,'s\\\cript');\n"
. "titre = titre.replace(/union/g,'un\\\ion');\n"
. "titre = titre.replace(/load_file/g,'l\\\oad_file');\n"
. "titre = titre.replace(/outfile/g,'o\\\utfile');\n"
. "titre = titre.replace(/document.cookie/g,'d\\\ocument.cookie');\n"
. "titre = titre.replace(/onmouse/g,'o\\\nmouse');\n"
. "titre = titre.replace(/iframe/g,'i\\\frame');\n"
. "titre = titre.replace(/applet/g,'a\\\pplet');\n"
. "titre = titre.replace(/<meta/g,'<\\\meta');\n"
. "titre = titre.replace(/<style/g,'<\\\style');\n"
. "titre = titre.replace(/<form/g,'<\\\form');\n"
. "titre = titre.replace(/<img/g,'<\\\img');\n"
. "titre = titre.replace(/<body/g,'<\\\body');\n"
. "titre = titre.replace(/<link/g,'<\\\link');\n"
. "var title = escape(titre);\n"
. "var cat=document.getElementById('news_cat').value;\n"
. "var jour=document.getElementById('news_jour').value;\n"
. "var mois=document.getElementById('news_mois').value;\n"
. "var an=document.getElementById('news_annee').value;\n"
. "var heure=document.getElementById('news_heure').value;\n"
. "\n"
. "window.open('index.php?file=News&nuked_nude=admin&op=preview&texte='+ text2 +'&suite='+ suite2 +'&titre='+ title +'&cat='+ cat +'&jour='+ jour +'&mois='+ mois +'&annee='+ an +'&heure='+ heure +'&bbcodeoff='+ bbcodeoff +'&smileyoff='+ smileyoff,'preview','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=550,height=300,top=30,left=0');\n"
. "return(false)\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
smiley("news_suite");
echo "</td></tr><tr><td align=\"center\"><textarea id=\"news_suite\" name=\"suite\" cols=\"70\" rows=\"15\" onselect=\"storeCaret('news_suite');\" onclick=\"storeCaret('news_suite');\" onkeyup=\"storeCaret('news_suite');\">$suite</textarea></td></tr>\n"
. "<tr><td><input class=\"checkbox\" type=\"checkbox\" id=\"news_bbcodeoff\" name=\"bbcodeoff\" value=\"1\" " . $checked . " /> " . _BBCODEOFF . "<br />\n"
. "<input class=\"checkbox\" type=\"checkbox\" id=\"news_smileyoff\" name=\"smileyoff\" value=\"1\" " . $checked0 . " /> " . _SMILEYOFF . "<br /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\"><input type=\"submit\" value=\"" . _MODIFTHISNEWS . "\" />\n"
. " <input type=\"button\" value=\"" . _PREVIEW . "\" onclick=\"preview()\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td align=\"center\">[ <a href=\"index.php?file=News&page=admin&op=main\"><b>" . _BACK . "</b></a> ]</td></tr></table></form><br />\n";
}
function do_edit($news_id, $titre, $texte, $suite, $cat, $bbcodeoff, $smileyoff, $jour, $mois, $annee, $heure)
{
global $user, $nuked;
$sql = mysql_query("SELECT titre, auteur_id FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id) = mysql_fetch_array($sql);
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$table = explode(':', $heure, 2);
$date = mktime ($table[0], $table[1], 0, $mois, $jour, $annee) ;
$titre = addslashes($titre);
$texte = addslashes($texte);
$suite = addslashes($suite);
$upd = mysql_query("UPDATE " . NEWS_TABLE . " SET cat = '" . $cat . "', titre = '" . $titre . "', texte = '" . $texte . "', suite = '" . $suite . "', date = '" . $date . "', bbcodeoff = '" . $bbcodeoff . "', smileyoff = '" . $smileyoff . "' WHERE id = '" . $news_id . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSMODIF . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function do_del($news_id)
{
global $user, $nuked;
$sql = mysql_query("SELECT titre, auteur_id FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
list($titre, $autor_id) = mysql_fetch_array($sql);
if($autor_id != $user[0] && $user[1] != 9)
{
die("<br /><br /><br /><div style=\"text-align: center;\"><big>What are you trying to do ?</big></div>");
}
$del = mysql_query("DELETE FROM " . NEWS_TABLE . " WHERE id = '" . $news_id . "'");
$del_com = mysql_query("DELETE FROM " . COMMENT_TABLE . " WHERE im_id = '" . $news_id . "' AND module = 'news'");
echo "<br /><br /><div style=\"text-align: center;\">" . _NEWSDEL . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function main_cat()
{
global $nuked, $language, $bgcolor1, $bgcolor2, $bgcolor3;
echo"<script type=\"text/javascript\">\n"
."<!--\n"
."\n"
. "function del_cat(titre, id)\n"
. "{\n"
. "if (confirm('" . _DELETENEWS . " '+titre+' ! " . _CONFIRM . "'))\n"
. "{document.location.href = 'index.php?file=News&page=admin&op=del_cat&cid='+id;}\n"
. "}\n"
. "\n"
. "// -->\n"
. "</script>\n";
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "</b>" . _CATMANAGEMENT . "<b> | "
. "<a href=\"index.php?file=News&page=admin&op=main_pref\">" . _PREFS . "</a></b></div><br />\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;background: " . $bgcolor2 . ";border: 1px solid " . $bgcolor3 . ";\" width=\"70%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n"
. "<tr style=\"background: " . $bgcolor3 . ";\">\n"
. "<td style=\"width: 60%;\" align=\"center\"><b>" . _CAT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _EDIT . "</b></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><b>" . _DEL . "</b></td></tr>\n";
$sql = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE . " ORDER BY titre");
while (list($cid, $titre) = mysql_fetch_array($sql))
{
$titre = stripslashes($titre);
$titre = htmlentities($titre);
if ($j == 0)
{
$bg = $bgcolor2;
$j++;
}
else
{
$bg = $bgcolor1;
$j = 0;
}
echo "<tr style=\"background: " . $bg . ";\">\n"
. "<td style=\"width: 60%;\" align=\"center\">" . $titre . "</td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><a href=\"index.php?file=News&page=admin&op=edit_cat&cid=" . $cid . "\"><img style=\"border: 0;\" src=\"images/edit.gif\" alt=\"\" title=\"" . _EDITTHISCAT . "\" /></a></td>\n"
. "<td style=\"width: 20%;\" align=\"center\"><a href=\"javascript:del_cat('" . addslashes($titre) . "','" . $cid . "');\"><img style=\"border: 0;\" src=\"images/del.gif\" alt=\"\" title=\"" . _DELTHISCAT . "\" /></a></td></tr>\n";
}
echo "</table><br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=News&page=admin&op=add_cat\"><b>" . _ADDCAT . "</b></a> ]</div>\n"
. "<br /><div style=\"text-align: center;\">[ <a href=\"index.php?file=News&page=admin\"><b>" . _BACK . "</b></a> ]</div><br />\n";
}
function add_cat()
{
global $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=send_cat\" enctype=\"multipart/form-data\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\">\n"
. "<tr><td><b>" . _TITLE . " : </b><input type=\"text\" name=\"titre\" size=\"30\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _URLIMG . " : </b><input type=\"text\" name=\"image\" size=\"39\" /></td></tr>\n"
. "<tr><td><b>" . _UPIMG . " : </b><input type=\"file\" name=\"fichiernom\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _DESCR . " : </b><br /><textarea name=\"description\" cols=\"65\" rows=\"10\"></textarea></td></tr>\n"
. "</table><div style=\"text-align: center;\"><br /><input type=\"submit\" value=\"" . _CREATECAT . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin&op=main_cat\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function send_cat($titre, $description, $image, $fichiernom)
{
$filename = $_FILES['fichiernom']['name'];
if ($filename != "")
{
$ext = strrchr($filename, ".");
$ext = substr($filename, 1);
if (!eregi(".php", $filename) && !eregi(".htm", $filename) && (eregi("jpg", $ext) || eregi("jpeg", $ext) || eregi("gif", $ext) || eregi("png", $ext)))
{
$url_image = "upload/News/" . $filename;
move_uploaded_file($_FILES['fichiernom']['tmp_name'], $url_image) or die ("<br /><br /><div style=\"text-align: center;\"><b>Upload file failed !!!</b></div><br /><br />");
@chmod ($url_image, 0644);
}
else
{
echo "<br /><br /><div style=\"text-align: center;\">No image file !!!</div><br /><br />";
redirect("index.php?file=News&page=admin&op=add_cat", 2);
closetable();
footer();
exit();
}
}
else
{
$url_image = $image;
}
$titre = addslashes($titre);
$description = addslashes($description);
$sql = mysql_query("INSERT INTO " . NEWS_CAT_TABLE . " ( `nid` , `titre` , `description` , `image` ) VALUES ( '' , '" . $titre . "' , '" . $description . "' , '" . $url_image . "' )");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATADD . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function edit_cat($cid)
{
global $nuked, $language;
$sql = mysql_query("SELECT titre, description, image FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cid . "'");
list($titre, $description, $image) = mysql_fetch_array($sql);
$titre = stripslashes($titre);
$description = stripslashes($description);
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=modif_cat\" enctype=\"multipart/form-data\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\">\n"
. "<tr><td><b>" . _TITLE . " : </b><input type=\"text\" name=\"titre\" size=\"30\" value=\"" . $titre . "\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _URLIMG . " : </b><input type=\"text\" name=\"image\" size=\"39\" value=\"" . $image . "\" /></td></tr>\n"
. "<tr><td><b>" . _UPIMG . " : </b><input type=\"file\" name=\"fichiernom\" /></td></tr>\n"
. "<tr><td> </td></tr><tr><td><b>" . _DESCR . " : </b><br /><textarea name=\"description\" cols=\"65\" rows=\"10\">" . $description . "</textarea></td></tr>\n"
. "</table><div style=\"text-align: center;\"><input type=\"hidden\" name=\"cid\" value=\"" . $cid . "\" /><br /><input type=\"submit\" value=\"" . _MODIFTHISCAT . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin&op=main_cat\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function modif_cat($cid, $titre, $description, $image, $fichiernom)
{
global $nuked;
$filename = $_FILES['fichiernom']['name'];
if ($filename != "")
{
$ext = strrchr($filename, ".");
$ext = substr($filename, 1);
if (!eregi(".php", $filename) && !eregi(".htm", $filename) && (eregi("jpg", $ext) || eregi("jpeg", $ext) || eregi("gif", $ext) || eregi("png", $ext)))
{
$url_image = "upload/News/" . $filename;
move_uploaded_file($_FILES['fichiernom']['tmp_name'], $url_image) or die ("<br /><br /><div style=\"text-align: center;\"><b>Upload file failed !!!</b></div><br /><br />");
@chmod ($url_image, 0644);
}
else
{
echo "<br /><br /><div style=\"text-align: center;\">No image file !!!</div><br /><br />";
redirect("index.php?file=News&page=admin&op=edit_cat&cid=" . $cid, 2);
closetable();
footer();
exit();
}
}
else
{
$url_image = $image;
}
$titre = addslashes($titre);
$description = addslashes($description);
$sql = mysql_query("UPDATE " . NEWS_CAT_TABLE . " SET titre = '" . $titre . "', description = '" . $description . "', image = '" . $url_image . "' WHERE nid = '" . $cid . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATMODIF . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function select_news_cat()
{
global $nuked;
$sql = mysql_query("SELECT nid, titre FROM " . NEWS_CAT_TABLE);
while (list($cid, $titre) = mysql_fetch_array($sql))
{
$titre = stripslashes($titre);
$titre = htmlentities($titre);
echo "<option value=\"" . $cid . "\">" . $titre . "</option>\n";
}
}
function del_cat($cid)
{
global $nuked;
$sql = mysql_query("DELETE FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cid . "'");
echo "<br /><br /><div style=\"text-align: center;\">" . _CATDEL . "</div><br /><br />";
redirect("index.php?file=News&page=admin&op=main_cat", 2);
}
function main_pref()
{
global $nuked, $language;
echo "<a href=\"#\" onclick=\"javascript:window.open('help/" . $language . "/News.html','Help','toolbar=0,location=0,directories=0,status=0,scrollbars=1,resizable=0,copyhistory=0,menuBar=0,width=350,height=300');return(false)\">\n"
. "<img style=\"border: 0;\" src=\"help/help.gif\" alt=\"\" title=\"" . _HELP . "\" /></a><div style=\"text-align: center;\"><h3>" . _ADMINNEWS . "</h3></div>\n"
. "<div style=\"text-align: center;\"><b><a href=\"index.php?file=News&page=admin\">" . _NAVNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=add\">" . _ADDNEWS . "</a> | "
. "<a href=\"index.php?file=News&page=admin&op=main_cat\">" . _CATMANAGEMENT . "</a> | "
. "</b>" . _PREFS . "</div><br />\n"
. "<form method=\"post\" action=\"index.php?file=News&page=admin&op=change_pref\">\n"
. "<table style=\"margin-left: auto;margin-right: auto;text-align: left;\" border=\"0\" cellspacing=\"0\" cellpadding=\"3\">\n"
. "<tr><td align=\"center\"><big>" . _PREFS . "</big></td></tr>\n"
. "<tr><td>" . _NUMBERNEWS . " :</td><td> <input type=\"text\" name=\"max_news\" size=\"2\" value=\"" . $nuked['max_news'] . "\" /></td></tr>\n"
. "<tr><td>" . _NUMBERARCHIVE . " :</td><td> <input type=\"text\" name=\"max_archives\" size=\"2\" value=\"" . $nuked['max_archives'] . "\" /></td></tr>\n"
. "</table><div style=\"text-align: center;\"><br /><input type=\"submit\" value=\"" . _SEND . "\" /></div>\n"
. "<div style=\"text-align: center;\"><br />[ <a href=\"index.php?file=News&page=admin\"><b>" . _BACK . "</b></a> ]</div></form><br />\n";
}
function change_pref($max_news, $max_archives)
{
global $nuked;
$upd1 = mysql_query("UPDATE " . CONFIG_TABLE . " SET value = '" . $max_news . "' WHERE name = 'max_news'");
$upd2 = mysql_query("UPDATE " . CONFIG_TABLE . " SET value = '" . $max_archives . "' WHERE name = 'max_archives'");
echo "<br /><br /><div style=\"text-align: center;\">" . _PREFUPDATED . "</div><br /><br />";
redirect("index.php?file=News&page=admin", 2);
}
function preview()
{
global $nuked, $user, $theme, $language, $bgcolor3, $bgcolor2, $texte, $titre, $suite, $auteur, $cat, $jour, $mois, $annee, $heure, $bbcodeoff, $smileyoff;
if ($language == "french" && ereg("WIN", PHP_OS)) setlocale (LC_TIME, "french");
else if ($language == "french" && ereg("BSD", PHP_OS)) setlocale (LC_TIME, "fr_FR.ISO8859-1");
else if ($language == "french") setlocale (LC_TIME, "fr_FR");
else setlocale (LC_TIME, $language);
$sql3 = mysql_query("SELECT titre, image FROM " . NEWS_CAT_TABLE . " WHERE nid = '" . $cat . "'");
list($categorie, $image) = mysql_fetch_array($sql3);
$categorie
![[Valid RSS]](/design/valid-rss.png)
