| 1 | <?php |
|---|
| 2 | // +-----------------------------------------------------------------------+ |
|---|
| 3 | // | Piwigo - a PHP based picture gallery | |
|---|
| 4 | // +-----------------------------------------------------------------------+ |
|---|
| 5 | // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | |
|---|
| 6 | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | |
|---|
| 7 | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | |
|---|
| 8 | // +-----------------------------------------------------------------------+ |
|---|
| 9 | // | This program is free software; you can redistribute it and/or modify | |
|---|
| 10 | // | it under the terms of the GNU General Public License as published by | |
|---|
| 11 | // | the Free Software Foundation | |
|---|
| 12 | // | | |
|---|
| 13 | // | This program is distributed in the hope that it will be useful, but | |
|---|
| 14 | // | WITHOUT ANY WARRANTY; without even the implied warranty of | |
|---|
| 15 | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
|---|
| 16 | // | General Public License for more details. | |
|---|
| 17 | // | | |
|---|
| 18 | // | You should have received a copy of the GNU General Public License | |
|---|
| 19 | // | along with this program; if not, write to the Free Software | |
|---|
| 20 | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | |
|---|
| 21 | // | USA. | |
|---|
| 22 | // +-----------------------------------------------------------------------+ |
|---|
| 23 | |
|---|
| 24 | if (!defined("PHPWG_ROOT_PATH")){ |
|---|
| 25 | die("Hacking attempt!"); |
|---|
| 26 | } |
|---|
| 27 | |
|---|
| 28 | include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); |
|---|
| 29 | |
|---|
| 30 | // Check access and exit when user status is not ok |
|---|
| 31 | check_status(ACCESS_ADMINISTRATOR); |
|---|
| 32 | |
|---|
| 33 | // Default is to create, if changed to 1, show edit page |
|---|
| 34 | $edit = 0; |
|---|
| 35 | |
|---|
| 36 | // The values for the form fields |
|---|
| 37 | $CRid = 0; |
|---|
| 38 | $CRname = ''; |
|---|
| 39 | $CRurl = ''; |
|---|
| 40 | $CRdesc = ''; |
|---|
| 41 | $CRvisible = 0; |
|---|
| 42 | |
|---|
| 43 | // Do managing of copyrights |
|---|
| 44 | if (isset($_GET['tab'])) { |
|---|
| 45 | if ($_GET['tab'] == 'create') { |
|---|
| 46 | $name = pwg_db_real_escape_string($_REQUEST['name']); |
|---|
| 47 | $url = pwg_db_real_escape_string($_REQUEST['url']); |
|---|
| 48 | $desc = pwg_db_real_escape_string($_REQUEST['desc']); |
|---|
| 49 | $visible = (isset($_REQUEST['visible']) ? 1 : 0); |
|---|
| 50 | $query = sprintf( |
|---|
| 51 | 'INSERT INTO %s |
|---|
| 52 | (`name`,`url`,`des`,`visible`) VALUES |
|---|
| 53 | ("%s","%s","%s",%d) |
|---|
| 54 | ;', |
|---|
| 55 | COPYRIGHTS_ADMIN, $name, $url, $desc, $visible); |
|---|
| 56 | pwg_query($query); |
|---|
| 57 | } |
|---|
| 58 | |
|---|
| 59 | if ($_GET['tab'] == 'edit') { |
|---|
| 60 | $edit = 1; |
|---|
| 61 | $CRid = $_REQUEST['id']; |
|---|
| 62 | $query = sprintf( |
|---|
| 63 | 'SELECT * |
|---|
| 64 | FROM %s |
|---|
| 65 | WHERE `cr_id`=%d |
|---|
| 66 | ;', |
|---|
| 67 | COPYRIGHTS_ADMIN, $CRid); |
|---|
| 68 | $result = pwg_query($query); |
|---|
| 69 | $row = pwg_db_fetch_assoc($result); |
|---|
| 70 | $CRname = $row['name']; |
|---|
| 71 | $CRurl = $row['url']; |
|---|
| 72 | $CRdesc = $row['desc']; |
|---|
| 73 | $CRvisible = $row['visible']; |
|---|
| 74 | } |
|---|
| 75 | |
|---|
| 76 | if ($_GET['tab'] == 'update') { |
|---|
| 77 | $id = pwg_db_real_escape_string($_REQUEST['id']); |
|---|
| 78 | $name = pwg_db_real_escape_string($_REQUEST['name']); |
|---|
| 79 | $url = pwg_db_real_escape_string($_REQUEST['url']); |
|---|
| 80 | $desc= pwg_db_real_escape_string($_REQUEST['desc']); |
|---|
| 81 | $visible = (isset($_REQUEST['visible']) ? 1 : 0); |
|---|
| 82 | $query = sprintf( |
|---|
| 83 | 'UPDATE %s |
|---|
| 84 | SET `name`="%s", `url`="%s", `desc`="%s", `visible`=%d |
|---|
| 85 | WHERE `cr_id`=%d |
|---|
| 86 | ;', |
|---|
| 87 | COPYRIGHTS_ADMIN, $name, $url, $desc, $visible, $id); |
|---|
| 88 | pwg_query($query); |
|---|
| 89 | } |
|---|
| 90 | |
|---|
| 91 | if ($_GET['tab'] == 'delete') { |
|---|
| 92 | $id = $_REQUEST['id']; |
|---|
| 93 | $query = sprintf( |
|---|
| 94 | 'DELETE FROM %s |
|---|
| 95 | WHERE `cr_id`=%d |
|---|
| 96 | ;', |
|---|
| 97 | COPYRIGHTS_ADMIN, $id); |
|---|
| 98 | pwg_query($query); |
|---|
| 99 | } |
|---|
| 100 | } |
|---|
| 101 | |
|---|
| 102 | // Create page template |
|---|
| 103 | global $template; |
|---|
| 104 | |
|---|
| 105 | $template->set_filenames( |
|---|
| 106 | array( |
|---|
| 107 | 'plugin_admin_content' => dirname(__FILE__).'/admin.tpl' |
|---|
| 108 | ) |
|---|
| 109 | ); |
|---|
| 110 | |
|---|
| 111 | $query = sprintf( |
|---|
| 112 | 'SELECT * |
|---|
| 113 | FROM %s |
|---|
| 114 | ;', |
|---|
| 115 | COPYTIGHTS_ADMIN); |
|---|
| 116 | $result = pwg_query($query); |
|---|
| 117 | |
|---|
| 118 | while ($row = pwg_db_fetch_assoc($result)) { |
|---|
| 119 | $template->append( |
|---|
| 120 | 'CRs', |
|---|
| 121 | array( |
|---|
| 122 | 'cr_id' => $row['cr_id'], |
|---|
| 123 | 'name' => $row['name'], |
|---|
| 124 | 'url' => $row['url'], |
|---|
| 125 | 'desc' => $row['desc'], |
|---|
| 126 | 'visible' => $row['visible'] |
|---|
| 127 | ) |
|---|
| 128 | ); |
|---|
| 129 | } |
|---|
| 130 | |
|---|
| 131 | $template->assign( |
|---|
| 132 | 'COPYRIGHTS_PATH', |
|---|
| 133 | COPYRIGHTS_WEB_PATH |
|---|
| 134 | ); |
|---|
| 135 | |
|---|
| 136 | $template->assign('edit', $edit); |
|---|
| 137 | $template->assign('CRid', $CRid); |
|---|
| 138 | $template->assign('CRname', $CRname); |
|---|
| 139 | $template->assign('CRurl', $CRurl); |
|---|
| 140 | $template->assign('CRdesc', $CRdesc); |
|---|
| 141 | $template->assign('CRvisible', $CRvisible); |
|---|
| 142 | |
|---|
| 143 | $template->assign_var_from_handle('ADMIN_CONTENT', 'plugin_admin_content'); |
|---|
| 144 | |
|---|
| 145 | ?> |
|---|
