File: D:/HostingSpaces/SBogers10/deensekroon.komma-mediadesign.nl/wwwroot/admin/php/superadmin.php
<?php
/*
superadmin.php
Mike Ontwerpt 2012
www.mikeontwerpt.nl
*/
function initSuperAdmin(){
$output = '';
if(getRank() == 1){
if(isset($_POST['back'])){
if(isset($_POST['location'])){
$location = $_POST['location'];
header('location: '.$location);
}
else{
$output .= showSuperDashboard();
}
}
else if(isset($_POST['sbmAddPage'])){
$output .= validateAddEditPage('add');
}
else if(defined('URL_SUB')){
$action = URL_SUB;
switch($action){
case 'add-page' :
$output .= showAddEditPage('add');
break;
default:
$output .= showSuperDashboard();
}
}
else{
$output .= showSuperDashboard();
}
}
return $output;
}
function showSuperDashboard(){
/*
shows pages in the shop
gives oppertunity to manage pages
*/
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
$output = '';
/* title */
$output .= '<h1>'.$siteLabels['super-title'].'</h1>';
//start with form for checkboxes
$output .= '<form action="" name="chkForm" method="post">';
/* buttons */
$output .= '<div class="submenu">';
//buttons
$output .= '<a href="/admin/superadmin/add-page/"><span class="btn176 btn176a proceed">'.$siteLabels['super-addpage'].'</span></a>';
$output .= '<a href="/admin/superadmin/order-pages/"><span class="btn176 btn176a">'.$siteLabels['super-orderpages'].'</span></a>';
$output .= '<input type="submit" name="askMoveToTrash" value="'.$siteLabels['super-removepages'].'" class="btn176 btn176b"/>';
$output .= '</div>';
/* content */
/* get info */
$query = 'SELECT p.id, p.linkname, p.label
FROM mp_pages as p, content_status as s
WHERE s.active = 1
AND s.itemId = p.id
AND s.linkname = "mp_pages"
ORDER BY p.pageOrder DESC';
if($result = $mysqli->query($query)){
while($record = $result->fetch_assoc()){
//create productid
$pageId = $record['id'];
//title
$label = fromDatabase($record['label']);
$output .= '<div class="itemlist-row">';
/* product id */
$output .= '<div class="itemlist-single-column"> </div>';
/* title */
$output .= '<div class="itemlist-double-column"><input type="checkbox" name="option[]" id="option" value="'.$pageId.'" class="itemlist-cbox"/>'.$label.'</div>';
/* second (empty) */
$output .= '<div class="itemlist-single-column"> </div>';
/* third (empty) */
$output .= '<div class="itemlist-single-column"> </div>';
/* fourth (empty) */
$output .= '<div class="itemlist-single-column"> </div>';
/* fifth (empty) */
$output .= '<div class="itemlist-single-column"> </div>';
/* sixth (empty) */
$output .= '<div class="itemlist-single-column"> </div>';
/* edit */
$output .= '<div class="itemlist-single-column itemlist-edit">';
//$output .= '<a href="/admin/'.$linkname.'/edit-page/'.$pageId.'/" class="itemlist-btn" id="itemlist-btn-edit"></a>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
}
//end checkbox form
$output .= '</form>';
return $output;
}
function showAddEditPage($method){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
//set up session
if(!isset($_SESSION['addedit-page'])){
$_SESSION['addedit-page']['linkname'] = '';
$_SESSION['addedit-page']['label'] = '';
$_SESSION['addedit-page']['extention'] = '';
$_SESSION['addedit-page']['media'] = '';
$_SESSION['addedit-page']['maxitems'] = '';
}
/* if edit, fill session with current values */
if($method == 'edit'){
$editId = URL_SUB2;
//input fields
$query = 'SELECT linkname, label, extention, media, maxItems
FROM mp_pages
WHERE id = "'.$editId.'" LIMIT 1';
if($result = $mysqli->query($query)){
$record = $result->fetch_assoc();
//fill input fields
$_SESSION['addedit-page']['linkname'] = $record['linkname'];
$_SESSION['addedit-page']['label'] = $record['label'];
$_SESSION['addedit-page']['extention'] = $record['extention'];
$_SESSION['addedit-page']['media'] = $record['media'];
$_SESSION['addedit-page']['maxitems'] = $record['maxitems'];
}
}
/////// end fill session with values //////
$output = '';
/* title */
$output .= '<h1>'.$siteLabels['super-title'].' › ';
if($method == 'add') $output .= $siteLabels['super-addpage'].'</h1>';
if($method == 'edit') $output .= $siteLabels['super-editpage'].'</h1>';
/**** S T A R T F O R M ****/
$output .= '<form action="" method="post">';
//left top column
$output .= '<div class="single-column">';
/* linkname*/
$output .= $siteLabels['super-formaddpage-linkname'].' *<br />';
$output .= '<input type="text" name="mp-page-linkname" value="'.$_SESSION['addedit-page']['linkname'].'" class="txt" />';
/* label */
$output .= $siteLabels['super-formaddpage-label'].' *<br />';
$output .= '<input type="text" name="mp-page-label" value="'.$_SESSION['addedit-page']['label'].'" class="txt" />';
/* extention */
$output .= $siteLabels['super-formaddpage-extention'].' <br />';
$output .= '<input type="text" name="mp-page-extention" value="'.$_SESSION['addedit-page']['extention'].'" class="txt" />';
/* maxitems */
$output .= $siteLabels['super-formaddpage-maxitems'].' *<br />';
$output .= '<input type="text" name="mp-page-maxitems" value="'.$_SESSION['addedit-page']['maxitems'].'" class="txt" />';
/* media */
$output .= $siteLabels['super-formaddpage-media'].' ';
$output .= '<input type="checkbox" name="mp-page-media" value="1" ';
if($_SESSION['addedit-page']['media'] == 1) $output .= 'checked ';
$output .= '/> <br /><br />';
if($method == 'add') $output .= '<input type="submit" name="sbmAddPage" value="'.$siteLabels['super-addpage'].'" class="btn176 proceed"/>';
if($method == 'edit') $output .= '<input type="hidden" name="editId" value="'.$editId.'"/>';
if($method == 'edit') $output .= '<input type="submit" name="sbmEditPage" value="'.$siteLabels['super-editpage'].'" class="btn176 proceed"/>';
if($method == 'add') $output .= '<input type="hidden" name="location" value="../" />';
if($method == 'edit') $output .= '<input type="hidden" name="location" value="../../" />';
$output .= '<input type="submit" name="back" value="'.$siteLabels['form-back'].'" class="btn176"/>';
$output .= '</div>';
$output .= '</form>';
return $output;
}
function validateAddEditPage($method){
/* access the global sql object */
global $mysqli;
/* language */
$siteLabels = getLanguage();
/*
validate add / edit page
#1 get input
#2 empty input ?
#3 check linkname
#4 prepare for database
#5 check page order
#6 insert page into database
#7 insert standard blogpage
*/
#1 get input
$linkname = $_SESSION['addedit-page']['linkname'] = $_POST['mp-page-linkname'];
$label = $_SESSION['addedit-page']['label'] = $_POST['mp-page-label'];
$extention = $_SESSION['addedit-page']['extention'] = $_POST['mp-page-extention'];
$maxitems = $_SESSION['addedit-page']['maxitems'] = $_POST['mp-page-maxitems'];
if(isset($_POST['mp-page-media'])){ $media = $_SESSION['addedit-page']['media'] = $_POST['mp-page-media']; }
else { $media = $_SESSION['addedit-page']['media'] = 0; }
#2 empty required?
if(empty($linkname) || empty($label)){
//feedback fill in required fields
$errors[] = $siteLabels['fm-emptyrequiredfields'];
}
#3 check linkname
$linkname = linkname($linkname);
str_replace('-','_',$linkname);
// VALID ?
if(isset($errors)){
displayErrors($errors);
return showAddEditPage($method);
}
else{
#4 prepare for database
$linkname = inDatabase($linkname);
$label = inDatabase($linkname);
#5 check page order
$pageOrder = 1;
$orderQuery = 'SELECT pageOrder FROM mp_pages ORDER BY pageOrder DESC LIMIT 1';
if($orderResult = $mysqli->query($orderQuery)){
if($orderResult->num_rows > 0){
$orderRecord = $orderResult->fetch_assoc();
$latestOrder = $orderRecord['pageOrder'];
$pageOrder = $latestOrder+1;
}
}
#6 insert page into database
$query = 'INSERT INTO mp_pages(linkname,label,extention,maxitems,media,pageOrder)
VALUES("'.$linkname.'","'.$label.'","'.$extention.'","'.$maxitems.'","'.$media.'","'.$pageOrder.'")';
if(!$result = $mysqli->query($query)){
//handle errors
$errors[] = $siteLabels['fm-somethingwentwrong'];
displayErrors($errors);
return showAddEditPage($method);
}
else{
$pageId = $mysqli->insert_id;
$statusQuery = 'INSERT INTO content_status(itemId, linkname, active, timest) VALUES("'.$pageId.'", "mp_pages", "1",'.time().')';
$mysqli->query($statusQuery);
//if this page is not an extention (standard page)
if(empty($extention)){
/*
#7 insert standard blogpage
- title
- description
- submit
- itemOrder
- timest
*/
/* title */
$queries[] = 'INSERT INTO mp_fields(pageId, linkname, label, type, required, clear, fieldOrder)
VALUES("'.$pageId.'","title","title","text",1,1,5)';
/* description */
$queries[] = 'INSERT INTO mp_fields(pageId, linkname, label, type, required, clear, fieldOrder)
VALUES("'.$pageId.'","description","description","wysiwyg",0,1,4)';
/* submit */
$queries[] = 'INSERT INTO mp_fields(pageId, linkname, label, type, fieldOrder)
VALUES("'.$pageId.'","sbm","save","submit",3)';
/* itemOrder */
$queries[] = 'INSERT INTO mp_fields(pageId, linkname, type, fieldOrder)
VALUES("'.$pageId.'","itemOrder","itemOrder",2)';
/* timest */
$queries[] = 'INSERT INTO mp_fields(pageId, linkname, type, fieldOrder)
VALUES("'.$pageId.'","timest","timestamp",1)';
//create database
$queries[] =' CREATE TABLE IF NOT EXISTS `'.$linkname.'` (
`id` int(16) NOT NULL AUTO_INCREMENT,
`title` varchar(512) NOT NULL,
`description` TEXT NOT NULL,
`timest` int(16) NOT NULL,
`itemOrder` int(16) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1';
// Set autocommit to FALSE
$mysqli->autocommit(FALSE);
foreach($queries as $query)
{
if(!$mysqli->query($query))
{
$errors[] = $siteLabels['fm-somethingwentwrong'];
}
}
// ROLLBACK of COMMIT
if(isset($errors))
{
$mysqli->rollback();
displayErrors($errors);
header('location: ../');
}
else
{
$mysqli->commit();
unset($_SESSION['addedit-page']);
$_SESSION['feed-msg'] = '<span class="fm-suc"><span class="fm-suc-v">√</span>'.$siteLabels['fm-addpagesucces'].'</span>';
header('location: ../');
}
}
else{
//extention, header back to dashboard
header('location: ../');
}
}
}
}
?>