File: D:/HostingSpaces/SBogers45/smuldersinterieurprojecten.nl/wwwroot/admin/php/multipage.php
<?php
function getMultipage($pageName, $pageLabel){
//get text
$siteText = getSiteText();
//check if medialib
$query = 'SELECT mediaLib, docLib, maxItems
FROM _pages AS p, status AS s
WHERE p.name = "'.$pageName.'"
AND s.active = 1
AND s.itemId = p.id
AND s.page = "_pages"
LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$mediaLib = $record['mediaLib'];
$docLib = $record['docLib'];
$maxItems = $record['maxItems'];
if($maxItems == 1){
//get itemId
$result = mysql_query('SELECT p.id
FROM '.$pageName.' AS p, status as s
WHERE s.active = 1
AND s.itemId = p.id
AND s.page = "'.$pageName.'"
ORDER BY id ASC
LIMIT 1') or die (mysql_error());
if(mysql_num_rows($result) > 0){
$record = mysql_fetch_assoc($result);
$firstId = $record['id'];
$nopages = false;
}
else{
//if no items on page
$nopages = true;
}
}
$output = '';
//header
if(isset($_GET['action']) && !isset($_POST['back'])){
$action = $_GET['action'];
if($action == 'add' || $action == 'edit' || $action == 'article-edit' ||$action == 'delete') $output .= '<div class="header-bar content-bar top-rounded">';
if($action == 'add'){
$output .= strtolower($pageLabel).' // '.strtolower($siteText['titleNewItem']) ;
}
else if($action == 'edit' || $action == 'article-edit'){
$output .= strtolower($pageLabel).' // '.strtolower($siteText['titleEditItem']) ;
}
else if($action == 'delete'){
$output .= strtolower($pageLabel).' // '.strtolower($siteText['titleDeleteItem']) ;
}
if($action == 'add' || $action == 'edit' || $action == 'article-edit' ||$action == 'delete') $output .= '</div>';
}
//Array uit database
//$formArr = getBlogFormArray();
$formArr = createArrayFormDB($pageName,$pageLabel);
if(isset($_POST['back'])){
if($maxItems != 1 || $nopages){
$output .= showList($pageName);
}
else{
$output .= showItem($pageName, $pageLabel, $firstId);
}
}
else if(isset($_POST['do_submit'])) {
sbmChangeItemOrder();
}
else if(isset($_POST['deleteComment'])){
deleteComment();
}
else if(isset($_POST['sbmNew'])){
$output .= validateForm($formArr, 'new');
if($_SESSION['numErrors'] > 0) {
if($mediaLib == 1) $output .= getSmallLibraries($pageName);
}
}
else if(isset($_POST['sbmEdit'])){
$output .= validateForm($formArr, 'edit', $_GET['id']);
if($_SESSION['numErrors'] > 0) {
if($mediaLib == 1) $output .= getSmallLibraries($pageName);
}
}
else if(isset($_POST['sbmDelete'])){
$output .= validateForm($formArr, 'delete', $_GET['id']);
correctOrderAfterDelete($_GET['id'], $pageName);
}
else if(isset($_GET['action'])){
$action = $_GET['action'];
if($action == 'add'){
$output .= createForm($formArr, 'new');
}
else if($action == 'article-edit'){
$output .= createForm($formArr, 'edit', $_GET['id']);
}
else if($action == 'edit'){
$output .= createForm($formArr, 'edit', $_GET['id']);
}
else if($action == 'delete'){
$output .= createForm($formArr, 'delete', $_GET['id']);
}
else if($action == 'article'){
$output .= showItem($pageName, $pageLabel, $_GET['id']);
}
else if($action == 'change-order'){
$output .= showChangeOrder($pageName, $pageLabel);
}
else if($action == 'comments'){
$output .= showComments($pageName, $pageLabel, $_GET['id']);
}
else if($action == 'delete-comment'){
$output .= areYouSureDeleteComment($pageName);
}
else if($action == 'block-ip'){
$output .= blockIp($pageName);
}
else if($action == 'moveup'){
move('up',$_GET['id'], $pageName);
}
else if($action == 'movedown'){
move('down',$_GET['id'], $pageName);
}
if($action == 'add' || $action == 'edit' || $action == 'article-edit'){
if($mediaLib == 1 || $docLib == 1) $output .= getSmallLibraries($pageName);
}
}
else{
if($maxItems != 1 || $nopages){
$output .= showList($pageName);
}
else{
$output .= showItem($pageName, $pageLabel, $firstId);
}
}
return $output;
}
//FUNCTION SHOWLIST
function showList($pageName, $pageLabel=""){
//get text
$siteText = getSiteText();
//check maxItems
$result = mysql_query('SELECT maxItems, comments FROM _pages WHERE name = "'.$pageName.'" LIMIT 1');
$record = mysql_fetch_assoc($result);
$maxPageItems = $record['maxItems'];
$comments = $record['comments'];
if(empty($pageLabel)) $pageLabel = ucwords($pageName);
//get list form database
$query = 'SELECT DISTINCT b.id, b.title, b.description, b.timest, b.itemOrder
FROM '.$pageName.' AS b, status AS s
WHERE s.page="'.$pageName.'"
AND s.itemId = b.id
AND s.active=1
ORDER BY b.itemOrder DESC';
$result = mysql_query($query);
$numTotalItems = mysql_num_rows($result);
//set max items
$maxItems = 6;
$numPages = ceil($numTotalItems / $maxItems);
if($numPages == 0) $numPages = 1;
//set current page
$sessionName = $pageName.'_thisPage';
if(isset($_SESSION[$sessionName])){
$thispage = $_SESSION[$sessionName];
}
else{
$thispage = 1;
}
$limitFrom = ($thispage * $maxItems)-$maxItems;
//load max items
$query .= ' LIMIT '.$limitFrom.','.$maxItems;
$result = mysql_query($query);
//check if page is still needed
$newNumItems = mysql_num_rows($result);
if($newNumItems == 0 && $numTotalItems != 0){
$_SESSION[$sessionName] = $_SESSION[$sessionName] - 1;
header('location: ./');
}
//get current view
$viewResult = mysql_query('SELECT view FROM _pages WHERE name = "'.$pageName.'" LIMIT 1');
$viewRecord = mysql_fetch_assoc($viewResult);
$view = $viewRecord['view'];
$view == 1 ? $view = 'grid' : $view = 'list';
$count = 0;
$colCount = 0;
//output
$output = '';
//header
$output .= '<div class="header-bar top-rounded content-bar">'.strtolower($pageLabel);
if($maxPageItems != 1) {
//view
$output .= '<img src="./images/icons/list';
if($view == 'list') $output .= '_sel';
$output .= '.png" alt="list" height="10" class="mp-view-icon first-icon" onclick="updateView(\''.$pageName.'\',2);"/>';
$output .= '<img src="./images/icons/grid';
if($view == 'grid') $output .= '_sel';
$output .= '.png" alt="grid" height="10" class="mp-view-icon" onclick="updateView(\''.$pageName.'\',1);"/>';
$output .= '<div class="clear"></div>';
}
$output .= '</div>';
$output .= '<div class="pages-action-menu full-action-menu">';
$output .= '<ul>';
if($maxPageItems != 1) $output .= '<li><a href="./pages/'.$pageName.'/change-order/">'.$siteText['changeOrder'].'</a></li>';
if($numTotalItems < $maxPageItems || $maxPageItems == 0){
$output .= '<li><a href="./pages/'.$pageName.'/add/"><img src="./images/icons/plus.png" alt="add"/> '.ucwords($siteText['btnNewItem']).'</a></li>';
}
$output .= '</ul>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
// GRID OUTPUT
if($view == 'grid') $output .= '<div class="mp-box-row">';
//LIST OUTPUT
if($view == 'list'){
$output .= '<div class="triple-column-content">';
//top row
$output .= '<div class="mp-row mp-head-row">';
$output .= '<div class="mp-row-title"><strong>'.$siteText['headRowTitle'].'</strong></div>';
$output .= '<div class="mp-row-desc"><strong>'.$siteText['formInputDesc'].'</strong></div>';
$output .= '<div class="mp-row-actions"><strong>'.$siteText['headRowActions'].'</strong></div>';
$output .= '<div class="clear"></div>';
$output .= '</div>';
}
while($record = mysql_fetch_assoc($result)){
$itemId = $record['id'];
$title = fromDatabase($record['title']);
$description = fromDatabase($record['description']);
$timest = $record['timest'];
$date = date('j-n-Y',$timest);
$order = $record['itemOrder'];
//$displayId = str_pad($listId, 2, '0', STR_PAD_LEFT);
if(strlen($title) > 40){
$title = substr($title,0,40).'..';
}
$view == 'grid' ? $descLength = 130 : $descLength = 40;
if(strlen($description) > $descLength){
$description = substr($description,0,$descLength).' .. <a href="./pages/'.$pageName.'/article/'.$itemId.'/" >'.$siteText['readMore'].'</a>';
}
// GRID VIEW OUTPUT
if($view == 'grid'){
if($colCount == 0 && $count != 0){
$output .= '</div>';
$output .= '<div class="mp-box-row">';
}
$output .= '<div class="single-column-container ';
if($colCount == 2){
$output .= 'no-margin-right';
}
$output .= '">';
$output .= '<div class="single-column-content mp-box">';
$output .= '<h1><a href="./pages/'.$pageName.'/article/'.$itemId.'/" class="mp-h1">'.$title.'</a></h1>';
$output .= '<div class="mp-box-desc">';
$output .= $description;
$output .= '</div>';
$output .= '<div class="mp-box-icon-container">';
if($comments == 1) $output .= '<a href="./pages/'.$pageName.'/comments/'.$itemId.'/"><img src="./images/icons/comments.png" alt="show comments" class="mp-box-icon" /></a>';
$output .= '<a href="./pages/'.$pageName.'/edit/'.$itemId.'/"><img src="./images/icons/edit.png" alt="edit" class="mp-box-icon" /></a>';
$output .= '<a href="./pages/'.$pageName.'/delete/'.$itemId.'/"><img src="./images/icons/trashcan.png" alt="move to trash" class="mp-box-icon" /></a>';
$output .= '</div>';
$output .= '</div>';
$output .= '</div>';
$colCount++;
$count++;
if($colCount == 3){
$colCount = 0;
}
}
//LIST OUTPUT
if($view == 'list'){
$output .= '<div class="mp-row">';
$output .= '<div class="mp-row-title">'.$title.'</a></div>';
$output .= '<div class="mp-row-desc">'.$description.'</div>';
$output .= '<div class="mp-row-actions">';
if($comments == 1) $output .= '<a href="./pages/'.$pageName.'/comments/'.$itemId.'/"><img src="./images/icons/comments.png" alt="show comments" class="mp-box-icon" /></a>';
$output .= '<a href="./pages/'.$pageName.'/edit/'.$itemId.'/"><img src="./images/icons/edit.png" alt="edit" class="mp-box-icon" /></a>';
$output .= '<a href="./pages/'.$pageName.'/delete/'.$itemId.'/"><img src="./images/icons/trashcan.png" alt="move to trash" class="mp-box-icon" /></a>';
$output .= '</div>';
$output .= '</div>';
}
}
$output .= '</div>';
//page control
if($numPages > 1){
$output .= '<div class="mp-page-control-container">';
if($thispage != 1){ $output .= '<span class="mp-page-control-previous" onclick="updateSession(\''.$sessionName.'\','.($thispage-1).')">'.$siteText['prevPage'].'</a></span>'; }
if($thispage != $numPages){ $output .= '<span class="mp-page-control-next" onclick="updateSession(\''.$sessionName.'\','.($thispage+1).')">'.$siteText['nextPage'].'</a></span>'; }
$output .= '</div>';
}
return $output;
}
function showItem($pageName, $pageLabel, $itemId){
//get text
$siteText = getSiteText();
if(empty($pageLabel)) $pageLabel = ucwords($pageName);
//check if medialib
$result = mysql_query('SELECT mediaLib, maxitems FROM _pages WHERE name = "'.$pageName.'" LIMIT 1');
$record = mysql_fetch_assoc($result);
$mediaLib = $record['mediaLib'];
$maxitems = $record['maxitems'];
//get list form database
$query = 'SELECT DISTINCT b.id, b.title, b.description, b.timest, b.itemOrder
FROM '.$pageName.' AS b, status AS s
WHERE b.id = '.$itemId.'
AND s.page="'.$pageName.'"
AND s.itemId = b.id
AND s.active=1
ORDER BY b.itemOrder DESC
LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$itemId = $record['id'];
$title = fromDatabase($record['title']);
$description = fromDatabase($record['description']);
if($mediaLib == 1) $description = replaceShortcodes($description, 438, '../images/uploads/');
$timest = $record['timest'];
$date = date('j-n-Y',$timest);
$order = $record['itemOrder'];
$output = '';
//header
$output .= '<div class="header-bar top-rounded content-bar">'.strtolower($pageLabel).' // '.strtolower($title).'</div>';
$output .= '<div class="pages-group-options full-action-menu">';
$output .= '<a href="./pages/'.$pageName.'/article-edit/'.$itemId.'/"><img src="./images/icons/edit.png" alt="edit" class="mp-box-icon pages-group-icon"/></a>';
$output .= '<a href="./pages/'.$pageName.'/delete/'.$itemId.'/"><img src="./images/icons/trashcan.png" alt="move to trash" class="mp-box-icon pages-group-icon"/></a>';
$output .= '</div>';
$output .= '<div class="clear"></div>';
$output .= '<div class="double-column-content">';
if($maxitems != 1)$output .= '<a href="./pages/'.$pageName.'/">'.$siteText['backToOverview'].'</a>.<br /><br />';
$output .= '<h1>'.$title.'</h1>';
$output .= $description;
if($maxitems != 1)$output .= '<br /><br /><a href="./pages/'.$pageName.'/">'.$siteText['backToOverview'].'</a>.';
$output .= '</div>';
return $output;
}
//CHANGE ORDER BY DAVID WALSH
//http://davidwalsh.name/mootools-drag-drop
function showChangeOrder($linkname, $pageLabel){
//get text
$siteText = getSiteText();
$output = '';
// header
$output .= '<div class="header-bar top-rounded content-bar">'.strtolower($pageLabel).' // '.strtolower($siteText['changeOrder']).'</div>';
$output .= '<div class="triple-column-content">';
$output .= $siteText['changeOrderHelp'];
if(!isset($message)) $message = '';
//$output .= '<div id="message-box">'.$message.' Waiting for sortation submission...</div>';
$output .= '<form action="'.$_SERVER['REQUEST_URI'].'" id="dd-form" name="dd-form" method="post">';
/* $output .= '<p><input type="checkbox" value="1" name="auto_submit" id="auto_submit"';
if(isset($_POST['auto_submit'])) {
if($_POST['auto_submit']) { $output .= 'checked="checked"'; }
}
$output .= '/> <label for="auto_submit">Automatically submit on drop event</label></p>';*/
$output .= '<ul id="sortable-list">';
$order = array();
$count = 1;
//Get Info for the list
$query = 'SELECT DISTINCT b.id, b.title, b.description, b.timest, b.itemOrder
FROM '.$linkname.' AS b, status AS s
WHERE s.page="'.$linkname.'"
AND s.itemId = b.id
AND s.active=1
ORDER BY b.itemOrder DESC';
$result = mysql_query($query );
while($item = mysql_fetch_assoc($result))
{
$output .= '<li title="'.$item['id'].'">'.$item['title'].'</li>';
$order[] = $item['itemOrder'];
}
$output .= '</ul>';
$output .= '<br />';
$output .= '<input type="hidden" name="sort_order" id="sort_order" value="'.implode(',',$order).'" />';
$output .= '<input type="hidden" name="linkname" value="'.$linkname.'" />';
$output .= '<input type="submit" name="do_submit" value="Save" class="button fully-rounded" />';
$output .= '</form>';
$output .= '</div>';
$output .= '<script type="text/javascript"> initSortableList(); </script>';
return $output;
}
function sbmChangeItemOrder(){
/* split the value of the sortation */
$ids = explode(',',$_POST['sort_order']);
/* run the update query for each id */
foreach($ids as $index=>$id) {
$id = (int) $id;
if($id != '') {
$linkname = $_POST['linkname'];
mysql_query('UPDATE '.$linkname.' SET itemOrder = '.($index + 1).' WHERE id = '.$id.' LIMIT 1');
}
}
/* now what? */
// if($_POST['byajax']) { die(); } else { $message = 'Sortation has been saved.'; }
header('location: ../');
}
/* ********** COMMENTS ************ */
function showComments($linkname, $pageLabel, $itemId){
$output = '';
//get info about item and page
$query = 'SELECT p.id, mp.title
FROM _pages AS p, '.$linkname.' AS mp
WHERE p.name = "'.$linkname.'"
AND mp.id = '.$itemId.'
LIMIT 1';
$result = mysql_query($query) or die(mysql_error());
$record = mysql_fetch_assoc($result);
$pageId = $record['id'];
$title = fromDatabase($record['title']);
$output .= '<div class="header-bar top-rounded content-bar">'.strtolower($pageLabel).' // show comments</div>';
$output .= '<div class="double-column-content">';
$output .= '<h1>Comments on "'.$title.'"</h1>';
$output .= '<hr />';
$output .= '<br /><br />';
//show comments
$comment_query = 'SELECT c.id AS commentId, c.name, c.email, c.web, c.message, c.ip, c.timest, cip.active
FROM comments AS c, comments_items AS ci, comments_ip AS cip
WHERE c.id = ci.commentId
AND ci.itemId = '.$itemId.'
AND cip.ip = c.ip';
$comment_result = mysql_query($comment_query) or die(mysql_error());
while($comment_record = mysql_fetch_assoc($comment_result)){
$commentId = $comment_record['commentId'];
$name = $comment_record['name'];
$website = $comment_record['web'];
$email = $comment_record['email'];
$message = $comment_record['message'];
$ip = $comment_record['ip'];
$timest = $comment_record['timest'];
$ip_active = $comment_record['active'];
$date = date('d-m-Y',$timest);
if($ip_active == 0) $output .= '<div class="blocked-ip">';
$output .= '<strong>'.$name.'</strong><br />';
$output .= '<em>Posted on '.$date.'</em><br /> ';
$output .= '<em><strong>Ip</strong>: '.$ip.'</em>';
(empty($website) && empty($email)) ? $output .= '<br />' : $output .= ' / ';
if(!empty($website)) $output .= '<em><strong>Web</strong>: '.$website.'</em> / ';
if(!empty($email)) $output .= '<em><strong>Mail</strong>: '.$email.'</em><br /> ';
$output .= $message;
$output .= '<br />';
$output .= '<a href="./pages/'.$linkname.'/delete-comment/'.$commentId.'/"><img src="./images/icons/trashcan.png" alt="move to trash" /></a> ';
$output .= '<a href="./pages/'.$linkname.'/block-ip/'.$commentId.'/">';
if($ip_active == 1){ $output .= '<img src="./images/icons/block.png" alt="block ip" />'; }else{ $output .= '<img src="./images/icons/block_blue.png" alt="block ip" />'; }
$output .= '</a>';
$output .= '<br /><br />';
if($ip_active == 0) $output .= '</div>';
}
$output .= '</div>';
return $output;
}
function areYouSureDeleteComment($linkname){
//get text
$siteText = getSiteText();
$output = '';
$output .= '<div class="header-bar top-rounded content-bar">delete comment</div>';
$output .= '<div class="double-column-content">';
$output .= '<h1>Delete comment</h1>';
$output .= 'Are you sure you want to delete this comment, you can’t undo this action!<br /><br />';
$commentId = $_GET['id'];
$comment_query = 'SELECT c.name, c.message, ci.itemId
FROM comments AS c, comments_items AS ci
WHERE c.id = ci.commentId
AND c.id = '.$commentId.'
LIMIT 1';
$comment_result = mysql_query($comment_query) or die(mysql_error());
$comment_record = mysql_fetch_assoc($comment_result);
$name = $comment_record['name'];
$message = $comment_record['message'];
$itemId = $comment_record['itemId'];
$output .= '<em><strong>'.$name.'</strong><br />';
$output .= $message;
$output .= '</em><br /><br />';
$output .= '<form action="" method="post">';
$output .= '<input type="hidden" name="itemId" value="'.$itemId.'" />';
$output .= '<input type="hidden" name="linkname" value="'.$linkname.'" />';
$output .= '<input type="hidden" name="commentId" value="'.$commentId.'" />';
$output .= '<input type="submit" name="deleteComment" value="'.$siteText['formBtnYesDelete'].'" class="button fully-rounded"/> ';
$output .= '<input type="submit" name="back" value="'.$siteText['formBtnNo'].'" class="button fully-rounded"/>';
$output .= '<div class="clear"></div>';
$output .= '</form>';
$output .= '</div>';
return $output;
}
function deleteComment(){
$commentId = $_POST['commentId'];
$linkname = $_POST['linkname'];
$itemId = $_POST['itemId'];
//delete comment
mysql_query('DELETE FROM comments WHERE id = '.$commentId.' LIMIT 1');
//delete comment_items
mysql_query('DELETE FROM comments_items WHERE commentId = '.$commentId.' LIMIT 1');
header('location: ../../comments/'.$itemId.'/');
}
function blockIp($linkname){
$commentId = $_GET['id'];
$query = 'SELECT c.ip , ci.itemId, cip.active
FROM comments AS c, comments_items AS ci, comments_ip AS cip
WHERE c.id = '.$commentId.'
AND c.id = ci.commentId
AND c.ip = cip.ip
LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$ip = $record['ip'];
$itemId = $record['itemId'];
$active = $record['active'];
$active == 1 ? $newStatus = 0 : $newStatus = 1;
mysql_query('UPDATE comments_ip SET active = '.$newStatus.' WHERE ip = "'.$ip.'"');
header('location: ../../comments/'.$itemId.'/');
}
?>