3){ msg("error", "Access Denied", "You don't have permission to edit news"); } $orig_cat_lines = file("./data/category.db.php"); //only show allowed categories $allowed_cats = array(); $cat_lines = array(); foreach($orig_cat_lines as $single_line){ $ocat_arr = explode("|", $single_line); $cat[$ocat_arr[0]] = $ocat_arr[1]; if($member_db[1] <= $ocat_arr[3] or ($ocat_arr[3] == '0' || $ocat_arr[3] == '')){ $cat_lines[] = $single_line; $allowed_cats[] = $ocat_arr[0]; } } // ******************************************************************************** // List all news available for editing // ******************************************************************************** if($action == "list") { echoheader("editnews","Edit News"); // How Many News to show on one page if($news_per_page == ""){ $news_per_page = 21; } $all_db = array(); if($source == ""){ $all_db = file("./data/news.txt"); } elseif($source == "postponed"){ $all_db = file("./data/postponed_news.txt"); ResynchronizePostponed(); } elseif($source == "unapproved"){ $all_db = file("./data/unapproved_news.txt");} else{ $all_db = file("./data/archives/${source}.news.arch"); } // choose only needed news items if ($category != '' or $author != "" or $member_db[1] == 3){ foreach($all_db as $raw_line){ $raw_arr = explode("|", $raw_line); ; if ( ($category == '' or in_array($category, explode(',',$raw_arr[6]))) and ($author == "" or $raw_arr[1] == $author) and ($member_db[1] != 3 or $raw_arr[1] == $member_db[2] ) ){ $all_db_tmp[] = $raw_line; } } $all_db = $all_db_tmp; } // Prelist Entries $flag = 1; if($start_from == "0"){ $start_from = ""; } $i = $start_from; $entries_showed = 0; if(!empty($all_db)){ foreach ($all_db as $line){ if($j < $start_from){ $j++; continue; } $i++; $item_db = explode("|",$line); $itemdate = date("d/m/y",$item_db[0]); if($flag == 1){ $bg="#F7F6F4"; $flag = 0; } else {$bg = "#FFFFFF"; $flag = 1;} if(strlen($item_db[2]) > 74){ $title = substr($item_db[2],0,70)." ..."; } $title = stripslashes( preg_replace(array("'\|'", "'\"'", "'\''"), array("I", """, "'"), $item_db[2]) ); $title = ereg_replace("<[^>]*>","",$title); $entries .= " $title "; $count_comments = countComments($item_db[0], $source); if($count_comments == 0){$entries .= "$count_comments";} else{$entries .= "$count_comments";} $entries .= "       "; if($item_db[6] == ""){ $my_cat = "---"; } // elseif($cat[$item_db[6]] == ""){ $my_cat = "(ID: $item_db[6])"; } elseif(strstr($item_db[6],',')){ $all_this_cats_arr = explode(',',$item_db[6]); $my_multy_cat_labels = ''; foreach($all_this_cats_arr as $this_single_cat){ $my_multy_cat_labels .= "$cat[$this_single_cat], "; } $my_cat = "(multiple)"; } else{ $my_cat = $cat[$item_db[6]]; } $entries .= "$my_cat  $itemdate $item_db[1] "; $entries_showed ++; if($i >= $news_per_page + $start_from){ break; } }//foreach news line } // End prelisting $all_count_news = count($all_db); if($category != ""){ $cat_msg = "Category: $cat[$category];"; } if($source == "postponed"){ $source_msg = "Postponed News, [Resynchronize]"; $postponed_selected = " selected ";} elseif($source == "unapproved"){ $source_msg = "Unapproved News"; $unapproved_selected = " selected ";} elseif($source != "" ){ $news_lines = file("./data/archives/$source.news.arch"); $count = count($news_lines); $last = $count-1; $first_news_arr = explode("|", $news_lines[$last]); $last_news_arr = explode("|", $news_lines[0]); $first_timestamp = $first_news_arr[0]; $last_timestamp = $last_news_arr[0]; $source_msg = "Archive: ". date("d M Y",$first_timestamp) ." - ". date("d M Y",$last_timestamp) .";"; } /////////////////////////////////////////// // Options Bar echo"
Showing $entries_showed articles from total $all_count_news; $cat_msg $source_msg

show options 

 "; // End Options Bar //////////////////////////////////////////////////////////////////////////////// Showing List of News if($entries_showed == 0){ echo"

- No news were found matching your criteria -
[options]

"; } else{ echo<< JSCRIPT; echo" HTML; } echo<<
Title Comments  Category  Date Author "; } ##################################################################################################################### echo $entries; ##################################################################################################################### if($start_from > 0) { $previous = $start_from - $news_per_page; $npp_nav .= "<< Previous"; $tmp = 1; } if(count($all_db) > $i) { if($tmp){ $npp_nav .= "  ||  ";} $how_next = count($all_db) - $i; if($how_next > $news_per_page){ $how_next = $news_per_page; } $npp_nav .= "Next $how_next >>"; } if($entries_showed != 0){ echo<<  
$npp_nav With selected:
HTML; echofooter(); } // ******************************************************************************** // Edit News Article // ******************************************************************************** elseif($action == "editnews") { // Show The Article for Editing if($source == ""){ $all_db = file("./data/news.txt"); } elseif($source == "postponed"){ $all_db = file("./data/postponed_news.txt"); } elseif($source == "unapproved"){ $all_db = file("./data/unapproved_news.txt"); } else{ $all_db = file("./data/archives/$source.news.arch"); } $found = FALSE; foreach ($all_db as $line) { $item_db=explode("|",$line); if ($id == $item_db[0]){ $found = TRUE; break;} }//foreach news line $have_perm = 0; if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;} elseif($member_db[1] == 3 and $item_db[1] == $member_db[2]) {$have_perm = 1;} if(!$have_perm){ msg("error", "NO Access", "You dont have access for this action", "$PHP_SELF?mod=editnews&action=list"); } if(strstr($item_db[6], ',')){ $all_these_cats = explode(',',$item_db[6]); foreach($all_these_cats as $all_this_cat){ if($member_db[1] != 1 and !in_array($all_this_cat,$allowed_cats) ){ msg("error", "Access Denied", "This article is posted under category which you are not allowed to access."); } } } else{ if($member_db[1] != 1 and !in_array($item_db[6],$allowed_cats) ){ msg("error", "Access Denied", "This article is posted under category which you are not allowed to access."); } } if (!$found){ msg("error","Error !!!","The selected news item can not be found."); } $newstime = date("D, d F Y h:i:s", $item_db[0]); $item_db[2] = stripslashes( preg_replace(array("'\|'", "'\"'", "'\''"), array("I", """, "'"), $item_db[2]) ); $short_story_id = 'short_story'; $full_story_id = 'full_story'; // // Are we using the WYSIWYG ? // if($config_use_wysiwyg == "yes"){ $use_wysiwyg = true; $article_format_options = "

"; }else{ $use_wysiwyg = false; $article_format_options = "

"; } $item_db[3] = replace_news("admin", $item_db[3], $use_wysiwyg); $item_db[4] = replace_news("admin", $item_db[4], $use_wysiwyg); echoheader("editnews","Edit News"); echo"
"; if($config_use_avatar == "yes"){ echo" "; } /* Old Single Category Code echo""; */ echo""; echo" "; $flag = 1; $different_posters = explode("||",$comments_arr[1]); foreach($different_posters as $individual_comment) { if($flag == 1){ $bg = "bgcolor=#F7F6F4"; $flag = 0;} else{$bg = ""; $flag = 1;} $comment_arr = explode("|",$individual_comment); $comtime = date("d/m/y h:i:s",$comment_arr[0]); $comm_value = stripslashes(strip_tags($comment_arr[4])); $comm_excerpt_lenght = 43 - strlen($comment_arr[1]); if($comm_excerpt_lenght < strlen($comm_value)){ $comm_excerpt = substr($comm_value,0, $comm_excerpt_lenght).'...'; }else{ $comm_excerpt = $comm_value; } if($comment_arr[1]) { if(strlen($comment_arr[1]) > 25){ $comment_arr[1] = substr($comment_arr[1],0,22)."..."; } echo""; }//if not blank }//foreach comment echo"
Info. Posted on $newstime by $item_db[1]
Title
Avatar URL    (optional)
Category
Category "; echo''; // $cat_lines = file("./data/category.db.php"); commented-out because can lines are already opened before, and filtered with propper restrictions for user foreach($cat_lines as $single_line){ $cat_arr = explode("|", $single_line); echo" '; } } echo""; echo"
"; }else{ echo"$cat_arr[1]"; } $i++; if ($i%4 == 0){ echo'

Short Story 		"; if ($use_wysiwyg) { echo" "; }else{ echo" "; } echo"


[insert image]
[expand]

"; echo insertSmilies("$short_story_id", 4, true, "$use_wysiwyg"); echo"


Full Story
(optional) 		"; if ($use_wysiwyg) { echo" "; }else{ echo" "; } echo"


[insert image]
[expand]

"; echo insertSmilies("$full_story_id", 4, true, "$use_wysiwyg"); echo"

  "; if($source == 'unapproved'){ echo"  "; } echo"  


Comments"; // Show the Comments for Editing if($source == "" or $source == "postponed" or $source == "unapproved"){ $all_comments_db = file("./data/comments.txt"); } else{ $all_comments_db = file("./data/archives/${source}.comments.arch"); } $found_newsid = FALSE; foreach($all_comments_db as $comment_line) { $comment_line = trim($comment_line); $comments_arr = explode("|>|",$comment_line); if($comments_arr[0] == $id) {//if these are comments for our story $found_newsid = TRUE; if ($comments_arr[1] != "") { echo"   Poster, Comment preview Date
  $comment_arr[1], $comm_excerpt $comtime

delete all?

"; break;//foreach comment line }//if there are any comments else { echo"
 No Comments
"; } }//if these are comments for our story }//foreach comments line if($found_newsid == FALSE){ echo" No Comments "; } echofooter(); } // ******************************************************************************** // Do Edit News // ******************************************************************************** elseif($action == "doeditnews") { ///// ///Format our categories variable ///// if( is_array($category) ){ //User has selected multiple categories $nice_category = ''; $ccount = 0; foreach($category as $ckey=>$cvalue){ if( !in_array($cvalue,$allowed_cats) ){ die('not allowed category'); } if($ccount==0){ $nice_category = $cvalue; }//first cat else{ $nice_category = $nice_category.','.$cvalue; } $ccount++; } }else{ //Not in a category if( $category !="" and isset($category) and !in_array($category,$allowed_cats) ){ die('not allowed category'); } //don't format $nice_cats because we have not selected any. } if(trim($title) == "" and $ifdelete != "yes"){ msg("error","Error !!!","The title can not be blank.", "javascript:history.go(-1)"); } if($short_story == "" and $ifdelete != "yes"){ msg("error","Error !!!","The story can not be blank.", "javascript:history.go(-1)"); } if($if_convert_new_lines == "yes"){ $n_to_br = TRUE; } if($if_use_html == "yes"){ $use_html = TRUE; } $short_story = replace_news("add", rtrim($short_story), $n_to_br, $use_html); $full_story = replace_news("add", rtrim($full_story), $n_to_br, $use_html); $title = stripslashes( preg_replace(array("'\|'", "'\n'", "''"), array("I", "
", ""), $title) ); $avatar = stripslashes( preg_replace(array("'\|'", "'\n'", "''"), array("I", "
", ""), $avatar) ); if($source == ""){ $news_file = "./data/news.txt"; $com_file = "./data/comments.txt"; } elseif($source == "postponed"){ $news_file = "./data/postponed_news.txt"; $com_file = "./data/comments.txt"; } elseif($source == "unapproved"){ $news_file = "./data/unapproved_news.txt"; $com_file = "./data/comments.txt"; } else{ $news_file = "./data/archives/$source.news.arch"; $com_file = "./data/archives/$source.comments.arch";} $old_db = file("$news_file"); $new_db = fopen("$news_file", w); foreach($old_db as $old_db_line){ $old_db_arr = explode("|", $old_db_line); if($id != $old_db_arr[0]){ fwrite($new_db,"$old_db_line"); } else { $have_perm = 0; if(($member_db[1] == 1) or ($member_db[1] == 2)){$have_perm = 1;} elseif($member_db[1] == 3 and $old_db_arr[1] == $member_db[2]) {$have_perm = 1;} if($have_perm){ if($ifdelete != "yes") { $okchanges = TRUE; fwrite($new_db,"$old_db_arr[0]|$old_db_arr[1]|$title|$short_story|$full_story|$editavatar|$nice_category||\n"); } else { $okdeleted = TRUE; $all_file = file("$com_file"); $new_com=fopen("$com_file","w"); foreach($all_file as $line) { $line_arr = explode("|>|",$line); if($line_arr[0] == $id){ $okdelcom = TRUE; } else{ fwrite($new_com,"$line"); } } fclose($new_com); } }else{ fwrite($new_db,"$old_db_line"); $no_permission = TRUE; } } } fclose($new_db); if($no_permission){ msg("error", "NO Access", "You dont have access for this action", "$PHP_SELF?mod=editnews&action=list"); } if($okdeleted and $okdelcom){ msg("info","News Deleted","The news item successfully was deleted.
If there were comments for this article they are also deleted."); } if($okdeleted and !$okdelcom){ msg("info","News Deleted","The news item successfully was deleted.
If there were comments for this article they are also deleted.
But can not delete comments of this article !!!"); } elseif($okchanges){ msg("info","Changes Saved","The changes were successfully saved", "$PHP_SELF?mod=editnews&action=editnews&id=$id&source=$source"); } else{ msg("error","Error !!!","The news item can not be found or there is an error with the news database file."); } } ?>