sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
if ($first == 0) {
$pwd = md5($pwd);
$the_adm = "God";
$db->sql_query("INSERT INTO ".$prefix."_authors VALUES ('$name', '$the_adm', '$url', '$email', '$pwd', '0', '1', '')");
if ($user_new == 1) {
$user_regdate = date("M d, Y");
$user_avatar = "gallery/blank.gif";
$commentlimit = 4096;
if ($url == "http://") { $url = ""; }
$db->sql_query("INSERT INTO ".$user_prefix."_users (user_id, username, user_email, user_website, user_avatar, user_regdate, user_password, theme, commentmax, user_level, user_lang, user_dateformat) VALUES (NULL,'$name','$email','$url','$user_avatar','$user_regdate','$pwd','$Default_Theme','$commentlimit', '2', 'english','D M d, Y g:i a')");
}
login();
}
}
$the_first = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_authors"));
if ($the_first == 0) {
if (!$name) {
include("header.php");
title("$sitename: "._ADMINISTRATION."");
OpenTable();
echo "
"._NOADMINYET."
"
."";
CloseTable();
include("footer.php");
}
switch($fop) {
case "create_first":
create_first($name, $url, $email, $pwd, $user_new);
break;
}
die();
}
if (ereg("[^a-zA-Z0-9_-]",trim($aid))) {
die("Begone");
}
$aid = substr("$aid", 0,25);
$pwd = substr("$pwd", 0,18);
if ((isset($aid)) && (isset($pwd)) && ($op == "login")) {
$datekey = date("F j");
$rcode = hexdec(md5($_SERVER[HTTP_USER_AGENT] . $sitekey . $_POST[random_num] . $datekey));
$code = substr($rcode, 2, 6);
if (extension_loaded("gd") AND $code != $_POST[gfx_check] AND ($gfx_chk == 1 OR $gfx_chk == 5 OR $gfx_chk == 6 OR $gfx_chk == 7)) {
Header("Location: ".$admin_file.".php");
die();
}
if($aid!="" AND $pwd!="") {
$pwd = md5($pwd);
$result = $db->sql_query("SELECT pwd, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'");
$row = $db->sql_fetchrow($result);
$admlanguage = $row['admlanguage'];
$rpwd = $row['pwd'];
if($rpwd == $pwd) {
$admin = base64_encode("$aid:$pwd:$admlanguage");
setcookie("admin","$admin",time()+2592000);
unset($op);
}
}
}
$admintest = 0;
if(isset($admin) && $admin != "") {
$admin = addslashes(base64_decode($admin));
$admin = explode(":", $admin);
$aid = "$admin[0]";
$pwd = "$admin[1]";
$admlanguage = "$admin[2]";
if ($aid=="" || $pwd=="") {
$admintest=0;
echo "\n";
echo "INTRUDER ALERT!!!\n";
echo "\n\n
\n\n";
echo "
\n";
echo "Get Out!\n";
echo "\n";
echo "\n";
exit;
}
$aid = substr("$aid", 0,25);
$result2 = $db->sql_query("SELECT pwd FROM ".$prefix."_authors WHERE aid='$aid'");
if (!$result2) {
echo "Selection from database failed!";
exit;
} else {
$row2 = $db->sql_fetchrow($result2);
$rpwd = $row2['pwd'];
if($rpwd == $pwd && $rpwd != "") {
$admintest = 1;
}
}
}
if(!isset($op)) { $op = "adminMain"; }
$pagetitle = "- "._ADMINMENU."";
/*********************************************************/
/* Login Function */
/*********************************************************/
function login() {
global $gfx_chk, $admin_file;
include ("header.php");
mt_srand ((double)microtime()*1000000);
$maxran = 1000000;
$random_num = mt_rand(0, $maxran);
OpenTable();
echo ""._ADMINLOGIN."";
CloseTable();
echo "
";
OpenTable();
echo "";
CloseTable();
include ("footer.php");
}
function deleteNotice($id) {
global $prefix, $db, $admin_file;
$id = intval($id);
$db->sql_query("DELETE FROM ".$prefix."_reviews_add WHERE id = '$id'");
Header("Location: ".$admin_file.".php?op=reviews");
}
/*********************************************************/
/* Administration Menu Function */
/*********************************************************/
function adminmenu($url, $title, $image) {
global $counter, $admingraphic, $Default_Theme;
$ThemeSel = get_theme();
if (file_exists("themes/$ThemeSel/images/admin/$image")) {
$image = "themes/$ThemeSel/images/admin/$image";
} else {
$image = "images/admin/$image";
}
if ($admingraphic == 1) {
$img = "
";
$close = "";
} else {
$img = "";
$close = "";
}
echo "$img$title$close
| ";
if ($counter == 5) {
echo "";
$counter = 0;
} else {
$counter++;
}
}
function GraphicAdmin() {
global $aid, $admingraphic, $language, $admin, $prefix, $db, $counter, $admin_file;
$newsubs = $db->sql_numrows($db->sql_query("SELECT qid FROM ".$prefix."_queue"));
$row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
$radminsuper = intval($row['radminsuper']);
if ($radminsuper == 1) {
OpenTable();
echo ""._ADMINMENU."";
echo "
";
echo"";
$linksdir = dir("admin/links");
while($func=$linksdir->read()) {
if(substr($func, 0, 6) == "links.") {
$menulist .= "$func ";
}
}
closedir($linksdir->handle);
$menulist = explode(" ", $menulist);
sort($menulist);
for ($i=0; $i < sizeof($menulist); $i++) {
if($menulist[$i]!="") {
$sucounter = 0;
include($linksdir->path."/$menulist[$i]");
}
}
adminmenu("".$admin_file.".php?op=logout", ""._ADMINLOGOUT."", "logout.gif");
echo"
";
$counter = "";
CloseTable();
echo "
";
}
OpenTable();
echo ""._MODULESADMIN."";
echo "
";
echo"";
$handle=opendir('modules');
while ($file = readdir($handle)) {
if ( (!ereg("[.]",$file)) ) {
$modlist .= "$file ";
}
}
closedir($handle);
$modlist = explode(" ", $modlist);
sort($modlist);
for ($i=0; $i < sizeof($modlist); $i++) {
if($modlist[$i] != "") {
$row = $db->sql_fetchrow($db->sql_query("SELECT mid from " . $prefix . "_modules where title='$modlist[$i]'"));
$mid = intval($row['mid']);
if ($mid == "") {
$db->sql_query("insert into " . $prefix . "_modules values (NULL, '$modlist[$i]', '$modlist[$i]', '0', '0', '1', '0', '')");
}
}
}
$result = $db->sql_query("SELECT title, admins FROM ".$prefix."_modules ORDER BY title ASC");
$row2 = $db->sql_fetchrow($db->sql_query("SELECT name FROM ".$prefix."_authors WHERE aid='$aid'"));
while ($row = $db->sql_fetchrow($result)) {
$admins = explode(",", $row[admins]);
$auth_user = 0;
for ($i=0; $i < sizeof($admins); $i++) {
if ($row2[name] == "$admins[$i]") {
$auth_user = 1;
}
}
if ($radminsuper == 1 || $auth_user == 1) {
if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
include("modules/$row[title]/admin/links.php");
}
}
}
adminmenu("".$admin_file.".php?op=logout", ""._ADMINLOGOUT."", "logout.gif");
echo"
";
CloseTable();
echo "
";
}
/*********************************************************/
/* Administration Main Function */
/*********************************************************/
function adminMain() {
global $language, $admin, $aid, $prefix, $file, $db, $sitename, $user_prefix, $admin_file;
include ("header.php");
$dummy = 0;
$Today = getdate();
$month = $Today['month'];
$mday = $Today['mday'];
$year = $Today['year'];
$pmonth = $Today['month'];
$pmday = $Today['mday'];
$pmday = $mday-1;
$pyear = $Today['year'];
if ($pmonth=="January") { $pmonth=1; } else
if ($pmonth=="February") { $pmonth=2; } else
if ($pmonth=="March") { $pmonth=3; } else
if ($pmonth=="April") { $pmonth=4; } else
if ($pmonth=="May") { $pmonth=5; } else
if ($pmonth=="June") { $pmonth=6; } else
if ($pmonth=="July") { $pmonth=7; } else
if ($pmonth=="August") { $pmonth=8; } else
if ($pmonth=="September") { $pmonth=9; } else
if ($pmonth=="October") { $pmonth=10; } else
if ($pmonth=="November") { $pmonth=11; } else
if ($pmonth=="December") { $pmonth=12; };
$test = mktime (0,0,0,$pmonth,$pmday,$pyear,1);
$curDate2 = "%".$month[0].$month[1].$month[2]."%".$mday."%".$year."%";
$preday = strftime ("%d",$test);
$premonth = strftime ("%B",$test);
$preyear = strftime ("%Y",$test);
$curDateP = "%".$premonth[0].$premonth[1].$premonth[2]."%".$preday."%".$preyear."%";
GraphicAdmin();
$aid = substr("$aid", 0,25);
$row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper, admlanguage FROM ".$prefix."_authors WHERE aid='$aid'"));
$radminsuper = intval($row['radminsuper']);
$admlanguage = $row['admlanguage'];
$result = $db->sql_query("SELECT admins FROM ".$prefix."_modules WHERE title='News'");
$row2 = $db->sql_fetchrow($db->sql_query("SELECT name FROM ".$prefix."_authors WHERE aid='$aid'"));
while ($row = $db->sql_fetchrow($result)) {
$admins = explode(",", $row[admins]);
$auth_user = 0;
for ($i=0; $i < sizeof($admins); $i++) {
if ($row2[name] == "$admins[$i]") {
$auth_user = 1;
}
}
if ($auth_user == 1) {
$radminarticle = 1;
}
}
if ($admlanguage != "" ) {
$queryalang = "WHERE alanguage='$admlanguage' ";
} else {
$queryalang = "";
}
$row3 = $db->sql_fetchrow($db->sql_query("SELECT main_module from ".$prefix."_main"));
$main_module = $row3['main_module'];
OpenTable();
echo "$sitename: "._DEFHOMEMODULE."
"
.""._MODULEINHOME." $main_module
[ "._CHANGE." ]";
CloseTable();
echo "
";
OpenTable();
$guest_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='1'"));
$member_online_num = $db->sql_numrows($db->sql_query("SELECT uname FROM ".$prefix."_session WHERE guest='0'"));
$who_online_num = $guest_online_num + $member_online_num;
$who_online = ""._WHOSONLINE."
"._CURRENTLY." $guest_online_num "._GUESTS." $member_online_num "._MEMBERS."
";
$row3 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount from $user_prefix"._users." WHERE user_regdate LIKE '$curDate2'"));
$userCount = $row3['userCount'];
$row4 = $db->sql_fetchrow($db->sql_query("SELECT COUNT(user_id) AS userCount FROM $user_prefix"._users." WHERE user_regdate LIKE '$curDateP'"));
$userCount2 = $row4['userCount'];
echo "$who_online
"
.""._BTD.": $userCount - "._BYD.": $userCount2";
CloseTable();
echo "
";
OpenTable();
echo ""._AUTOMATEDARTICLES."
";
$count = 0;
$result5 = $db->sql_query("SELECT anid, aid, title, time, alanguage FROM ".$prefix."_autonews $queryalang ORDER BY time ASC");
while ($row5 = $db->sql_fetchrow($result5)) {
$anid = intval($row5['anid']);
$aid = $row5['aid'];
$said = substr("$aid", 0,25);
$title = $row5['title'];
$time = $row5['time'];
$alanguage = $row5['alanguage'];
if ($alanguage == "") {
$alanguage = ""._ALL."";
}
if ($anid != "") {
if ($count == 0) {
echo "";
$count = 1;
}
$time = ereg_replace(" ", "@", $time);
if (($radminarticle==1) OR ($radminsuper==1)) {
if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
echo " ("._EDIT."-"._DELETE.") | $title | $alanguage | $time |
"; /* Multilingual Code : added column to display language */
} else {
echo " ("._NOFUNCTIONS.") | $title | $alanguage | $time |
"; /* Multilingual Code : added column to display language */
}
} else {
echo " $title | $alanguage | $time |
"; /* Multilingual Code : added column to display language */
}
}
}
if (($anid == "") AND ($count == 0)) {
echo ""._NOAUTOARTICLES."";
}
if ($count == 1) {
echo "
";
}
CloseTable();
echo "
";
OpenTable();
echo ""._LAST." 20 "._ARTICLES."
";
$result6 = $db->sql_query("SELECT sid, aid, title, time, topic, informant, alanguage FROM ".$prefix."_stories $queryalang ORDER BY time DESC LIMIT 0,20");
echo "";
while ($row6 = $db->sql_fetchrow($result6)) {
$sid = intval($row6['sid']);
$aid = $row6['aid'];
$said = substr("$aid", 0,25);
$title = $row6['title'];
$time = $row6['time'];
$topic = $row6['topic'];
$informant = $row6['informant'];
$alanguage = $row6['alanguage'];
$row7 = $db->sql_fetchrow($db->sql_query("SELECT topicname FROM ".$prefix."_topics WHERE topicid='$topic'"));
$topicname = $row7['topicname'];
if ($alanguage == "") {
$alanguage = ""._ALL."";
}
formatTimestamp($time);
echo "$sid"
." | $title"
." | $alanguage"
." | $topicname";
if ($radminarticle == 1 OR $radminsuper == 1) {
if (($radminarticle==1) AND ($aid == $said) OR ($radminsuper==1)) {
echo " | ("._EDIT."-"._DELETE.")"
." |
";
} else {
echo "("._NOFUNCTIONS.")"
." | ";
}
} else {
echo "";
}
}
echo "
";
if (($radminarticle==1) OR ($radminsuper==1)) {
echo ""
."";
}
CloseTable();
$row8 = $db->sql_fetchrow($db->sql_query("SELECT pollID, pollTitle FROM ".$prefix."_poll_desc WHERE artid='0' ORDER BY pollID DESC LIMIT 1"));
$pollID = intval($row8['pollID']);
$pollTitle = $row8['pollTitle'];
echo "
";
OpenTable();
echo ""._CURRENTPOLL.": $pollTitle [ "._EDIT." | "._ADD." ]";
CloseTable();
include ("footer.php");
}
if($admintest) {
switch($op) {
case "do_gfx":
do_gfx();
break;
case "deleteNotice":
deleteNotice($id);
break;
case "GraphicAdmin":
GraphicAdmin();
break;
case "adminMain":
adminMain();
break;
case "logout":
setcookie("admin");
$admin = "";
include("header.php");
OpenTable();
echo ""._YOUARELOGGEDOUT."";
CloseTable();
echo "";
include("footer.php");
break;
case "login";
unset($op);
default:
if (!is_admin($admin)) {
login();
}
$casedir = dir("admin/case");
while($func=$casedir->read()) {
if(substr($func, 0, 5) == "case.") {
include($casedir->path."/$func");
}
}
closedir($casedir->handle);
$result = $db->sql_query("SELECT title FROM ".$prefix."_modules ORDER BY title ASC");
while ($row = $db->sql_fetchrow($result)) {
if (file_exists("modules/$row[title]/admin/index.php") AND file_exists("modules/$row[title]/admin/links.php") AND file_exists("modules/$row[title]/admin/case.php")) {
include("modules/$row[title]/admin/case.php");
}
}
break;
}
} else {
switch($op) {
default:
login();
break;
}
}
?>