,,
,

,

,

,

,

,
,
'); } function page_title($title) { if ( $title ) { echo '
'; echo ''; echo stripslashes($title); echo ''; echo '
'; echo '
'; } } function divider() { echo '
'; echo '
'; } function gatekeeper() { if ( ! checkAdmin() ) { include('private.php'); die(); } } // the following are the functions that can only be used by admin (however called) function processImage($image) { if ( checkAdmin() ) { global $root_dir, $file_path; $filetype = $image['type']; if ( $filetype == "image/gif" || $filetype == "image/pjpeg" || $filetype == "image/jpeg" || $filetype == "image/png" ) { $filename = date('U') . "-" . $image['name']; $destination = "./images/" . $filename; $source = $image['tmp_name']; copy ($source,$destination) or die ("Failed to upload image"); /* thumbnail */ $size = getimagesize($destination); $wt=$size[0]; $ht=$size[1]; $destination2 = "./images/thumbs/" . $filename; $ht2 = 225 * $ht / $wt; createThumb($destination,$destination2,225,$ht2); return $filename; } else { return ''; } } } function createThumb($name,$filename,$new_w,$new_h){ $system=explode('.',basename($name)); if (preg_match('/jpg|jpeg/',strtolower($system[1]))){ $src_img=imagecreatefromjpeg($name); } if (preg_match('/png/',strtolower($system[1]))){ $src_img=imagecreatefrompng($name); } $old_x=imageSX($src_img); $old_y=imageSY($src_img); if ($old_x > $old_y) { $thumb_w=$new_w; $thumb_h=$old_y*($new_h/$old_x); } if ($old_x < $old_y) { $thumb_w=$old_x*($new_w/$old_y); $thumb_h=$new_h; } if ($old_x == $old_y) { $thumb_w=$new_w; $thumb_h=$new_h; } /* override above */ $thumb_w=$new_w; $thumb_h=$new_h; $dst_img=ImageCreateTrueColor($thumb_w,$thumb_h); imagecopyresampled($dst_img,$src_img,0,0,0,0,$thumb_w,$thumb_h,$old_x,$old_y); if (preg_match("/png/",$system[1])) { imagepng($dst_img,$filename); } else { imagejpeg($dst_img,$filename); } imagedestroy($dst_img); imagedestroy($src_img); } function processTheme($post,$files) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $theme_id = $post['header_id']; $description = $post['description']; /* images */ $image1 = processImage($files['img1']); if ( ! $image1 ) $image1 = $post['image1']; $image2 = processImage($files['img2']); if ( ! $image2 ) $image2 = $post['image2']; /* do it */ if ( $theme_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_header "; $sql .= "( description, image1, image2 ) "; $sql .= "VALUES (\"" . $description . "\",\"" . $image1 . "\",\"" . $image2 . "\")"; } else { $sql = "UPDATE " . $prefix . "_header "; $sql .= "SET description = \"" . $description . "\", "; $sql .= " image1 = \"" . $image1 . "\", "; $sql .= " image2 = \"" . $image2 . "\" "; $sql .= "WHERE header_id = " . $theme_id; } $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function showParent($page_id, $parent) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; /* connect to database */ $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* create dropdown list */ echo ""; echo "Sub-page of : "; echo ""; echo ""; echo ""; mysql_close($handle); } function eventDelete($event_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_event "; $sql .= "WHERE event_id = " . $event_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function streetDelete($street_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_street "; $sql .= "WHERE street_id = " . $street_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function personDelete($person_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_person "; $sql .= "WHERE person_id = " . $person_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function imageDelete($image_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_image "; $sql .= "WHERE image_id = " . $image_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function propertyDelete($property_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_property "; $sql .= "WHERE property_id = " . $property_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function resourceDelete($resource_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_resource "; $sql .= "WHERE resource_id = " . $resource_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function pageDelete($page_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_page "; $sql .= "WHERE page_id = " . $page_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function themeDelete($header_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_header "; $sql .= "WHERE header_id = " . $header_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function pageMove($page_id,$parent,$direction) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* get sequence */ $sql = "SELECT sequence seq FROM " . $prefix . "_page "; $sql .= "WHERE page_id = " . $page_id; $res = mysql_query($sql); $arr = mysql_fetch_array($res); $seq = $arr['seq']; /* get next sequence */ if ( $direction == "up" ) { $sql = "SELECT MAX(sequence) seq FROM " . $prefix . "_page "; $sql .= "WHERE sequence < " . $seq; $sql .= " AND parent_page_id = " . $parent; } else { $sql = "SELECT MIN(sequence) seq FROM " . $prefix . "_page "; $sql .= "WHERE sequence > " . $seq; $sql .= " AND parent_page_id = " . $parent; } $res = mysql_query($sql); $arr = mysql_fetch_array($res); $nseq = $arr['seq']; /* swap them */ $sql = "UPDATE " . $prefix . "_page "; $sql .= "SET sequence = " . $seq . " "; $sql .= "WHERE sequence = " . $nseq; $sql .= " AND parent_page_id = " . $parent; $res = mysql_query($sql); $sql = "UPDATE " . $prefix . "_page "; $sql .= "SET sequence = " . $nseq . " "; $sql .= "WHERE page_id = " . $page_id; $res = mysql_query($sql); /* tidy */ $sql = "SELECT page_id FROM " . $prefix . "_page WHERE parent_page_id = " . $parent . " ORDER BY sequence"; $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $x=1; while ( $arr = mysql_fetch_array($res) ) { $sql2 = "UPDATE " . $prefix . "_page "; $sql2 .= "SET sequence = " . $x . " "; $sql2 .= "WHERE page_id = " . $arr['page_id']; $res2 = mysql_query($sql2); $x++; } } mysql_close($handle); } } function addContent($params) { $title = $params['title']; $content = $params['pcontent']; $content2 = $params['content2']; $header_id = $params['header_id']; $published = $params['published']; $parent_page_id = $params['parent_page_id']; $allow_child_pages = $params['allow_child_pages']; $texture = $params['texture']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $s1 = "SELECT MAX(sequence) seq FROM " . $prefix . "_page"; $r1 = mysql_query($s1); if ( mysql_num_rows($r1) > 0 ) { $a1 = mysql_fetch_array($r1); $seq = $a1['seq']; } else $seq = 0; $nseq = $seq + 1; $sql = "INSERT INTO " . $prefix . "_page "; $sql .= "(content, content2, title, sequence, header_id, published, allow_child_pages, parent_page_id, texture) "; $sql .= "VALUES(\"" . addslashes($content) . "\",\"" . addslashes($content2) . "\",\"" . addslashes($title) . "\"," . $nseq . ",\"" . $header_id . "\",\"" . $published . "\",\"" . $allow_child_pages . "\",\"" . $parent_page_id . "\",\"" . $texture . "\")"; $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function updateContent($params) { $page_id = $params['page_id']; $title = $params['title']; $content = $params['pcontent']; $content2 = $params['content2']; $header_id = $params['header_id']; $published = $params['published']; $parent_page_id = $params['parent_page_id']; $allow_child_pages = $params['allow_child_pages']; $texture = $params['texture']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "UPDATE " . $prefix . "_page "; $sql .= "SET content = \"" . addslashes($content) . "\", "; $sql .= " header_id = \"" . $header_id . "\", "; $sql .= " published = \"" . $published . "\", "; $sql .= " allow_child_pages = \"" . $allow_child_pages . "\", "; $sql .= " parent_page_id = \"" . $parent_page_id . "\", "; $sql .= " texture = \"" . $texture . "\","; $sql .= " content2 = \"" . addslashes($content2) . "\","; $sql .= " title = \"" . addslashes($title) . "\" "; $sql .= "WHERE page_id = " . $page_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function updateEvent($params) { $description = $params['description']; $event_id = $params['event_id']; $year = $params['year']; $use_date = $params['use_date']; $shepton_life = $params['shepton_life']; $shepton_title = $params['shepton_title']; $month = $params['month']; $day = $params['day']; $hour = $params['hour']; $minute = $params['minute']; $all_day = $params['all_day']; $date = $year . "-" . $month . "-" . $day; $time = $hour . ":" . $minute . ":0"; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $event_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_event "; $sql .= "(description, date, time, use_date, shepton_life, shepton_title, all_day) "; $sql .= "VALUES(\"" . addslashes($description) . "\",\"" . $date . "\",\"" . $time . "\",\"" . $use_date . "\",\"" . addslashes($shepton_life) . "\",\"" . $shepton_title . "\",\"" . $all_day . "\")"; } else { $sql = "UPDATE " . $prefix . "_event "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " date =\"" . $date . "\","; $sql .= " time =\"" . $time . "\","; $sql .= " all_day =\"" . $all_day . "\","; $sql .= " use_date =\"" . $use_date . "\","; $sql .= " shepton_life =\"" . $shepton_life . "\","; $sql .= " shepton_title =\"" . addslashes($shepton_title) . "\" "; $sql .= "WHERE event_id = \"" . $event_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function updateStreet($params) { $title = $params['title']; $description = $params['description']; $street_id = $params['street_id']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $street_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_street "; $sql .= "(title, description) "; $sql .= "VALUES(\"" . addslashes($title) . "\",\"" . addslashes($description) . "\")"; } else { $sql = "UPDATE " . $prefix . "_street "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " title=\"" . addslashes($title) . "\" "; $sql .= "WHERE street_id = \"" . $street_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function updateProperty($params) { $title = $params['title']; $description_short = $params['description_short']; $description_long = $params['description_long']; $property_id = $params['property_id']; $street_id = $params['street_id']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $property_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_property "; $sql .= "(street_id, title, description_short, description_long) "; $sql .= "VALUES(" . $street_id . ",\"" . addslashes($title) . "\",\"" . addslashes($description_short) . "\",\"" . addslashes($description_long) . "\")"; } else { $sql = "UPDATE " . $prefix . "_property "; $sql .= "SET description_short=\"" . addslashes($description_short) . "\","; $sql .= " description_long=\"" . addslashes($description_long) . "\","; $sql .= " title=\"" . addslashes($title) . "\" "; $sql .= "WHERE property_id = \"" . $property_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function updatePerson($params) { $title = $params['title']; $description = $params['description']; $introduction = $params['introduction']; $person_id = $params['person_id']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $person_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_person "; $sql .= "(title, introduction, description) "; $sql .= "VALUES(\"" . addslashes($title) . "\",\"" . addslashes($introduction) . "\",\"" . addslashes($description) . "\")"; } else { $sql = "UPDATE " . $prefix . "_person "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " title=\"" . addslashes($title) . "\","; $sql .= " introduction=\"" . addslashes($introduction) . "\" "; $sql .= "WHERE person_id = \"" . $person_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function updateResource($params) { $title = $params['title']; $description_short = $params['description_short']; $description_long = $params['description_long']; $resource_id = $params['resource_id']; $person_id = $params['person_id']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $resource_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_resource "; $sql .= "(person_id, title, description_short, description_long) "; $sql .= "VALUES(" . $person_id . ",\"" . addslashes($title) . "\",\"" . addslashes($description_short) . "\",\"" . addslashes($description_long) . "\")"; } else { $sql = "UPDATE " . $prefix . "_resource "; $sql .= "SET description_short=\"" . addslashes($description_short) . "\","; $sql .= " description_long=\"" . addslashes($description_long) . "\","; $sql .= " title=\"" . addslashes($title) . "\" "; $sql .= "WHERE resource_id = \"" . $resource_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function findChildren($page,$published="") { global $prefix; global $dbhost, $dbuser, $dbpass, $dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $sql = "SELECT COUNT(*) cnt FROM " . $prefix . "_page "; $sql .= "WHERE parent_page_id = " . $page; if ( $published ) { $sql .= " AND published = 'Y'"; } $res = mysql_query($sql); $arr = mysql_fetch_array($res); $cnt = $arr['cnt']; mysql_close($handle); return $cnt; } function updateImage($params,$files) { $description = $params['description']; $copyright = $params['copyright']; $display_up = $params['display_up']; $property_id = $params['property_id']; $resource_id = $params['resource_id']; $image_id = $params['image_id']; $filename = $params['filename']; $page_id = $params['page_id']; /* property/page_id mutually exclusive */ if ( $property_id > 0 || $resource_id > 0 ) $page_id = "0"; $image1 = processImage($files['image']); if ( $image1 ) $filename = $image1; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $image_id == 0 ) { $sql = "INSERT INTO " . $prefix . "_image "; $sql .= "(property_id, resource_id, page_id, filename, description, copyright, display_up) "; $sql .= "VALUES('" . $property_id . "','" . $resource_id . "','" . $page_id . "',\"" . $filename . "\",\"" . addslashes($description) . "\",\"" . addslashes($copyright) . "\",\"" . $display_up . "\")"; } else { $sql = "UPDATE " . $prefix . "_image "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " copyright=\"" . addslashes($copyright) . "\","; $sql .= " filename=\"" . $filename . "\","; $sql .= " display_up=\"" . $display_up . "\" "; $sql .= "WHERE image_id = \"" . $image_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function adminbar($page) { global $self, $level, $id; if ( checkAdmin() ) { echo "
"; echo "Logout"; echo "   "; echo "Site Admin"; echo "   "; echo "New Page"; echo "   "; if ( $self == "survey.php" ) { switch ( $level ) { case 'property': echo "Add Image"; break; case 'street': echo "Add Property"; break; default: echo "Edit Page"; echo "   "; echo "Add Street"; break; } } else if ( $self == "people.php" ) { switch ( $level ) { case 'resource': echo "Add Image"; break; case 'person': echo "Add Resource"; break; default: echo "Edit Page"; echo "   "; echo "Add Person"; break; } } else { if ( $self == "index.php" ) { echo "Add Image"; echo "   "; echo "Add File"; if ( $page > 1 && findChildren($page) == 0 ) { echo "   "; echo "Delete"; } echo "   "; echo "Edit Page"; } } echo "
"; } } function get_themes($header_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* existing first */ $sql = "SELECT * FROM " . $prefix . "_header WHERE header_id = " . $header_id; $res = mysql_query($sql); echo ""; mysql_close($handle); } } // these functions are used all over the site function showChildren($page) { global $prefix, $dbhost, $dbuser, $dbpass, $dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $sql = "SELECT * FROM " . $prefix . "_page WHERE parent_page_id = " . $page . " "; if ( ! checkAdmin() ) { $sql .= " AND published = 'Y' "; } $sql .= "ORDER BY sequence"; $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { while ( $arr = mysql_fetch_array($res) ) { switch ( $arr['page_type'] ) { case 'survey': $pageName = "survey.php"; break; case 'people': $pageName = "people.php"; break; default: $pageName = "index.php"; break; } if ( $arr['published'] == "Y" ) echo "

" . $arr['title'] . "

"; else echo "

" . $arr['title'] . "

"; } } mysql_close($handle); } function getContent($page_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * FROM " . $prefix . "_page "; if ( ! $page_id ) $sql .= "WHERE home = 'Y'"; else $sql .= "WHERE page_id = " . $page_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo $sql; echo $handle; echo '
'; echo "Error! Page Not Found!"; die(); } else { $page = mysql_fetch_array($res); mysql_close($handle); } return $page; } function getStreet($street_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_street "; $sql .= "WHERE street_id = " . $street_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Street Not Found!"; die(); } else { $street = mysql_fetch_array($res); mysql_close($handle); } return $street; } function getPerson($person_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_person "; $sql .= "WHERE person_id = " . $person_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Person Not Found!"; die(); } else { $person = mysql_fetch_array($res); mysql_close($handle); } return $person; } function getImage($image_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_image "; $sql .= "WHERE image_id = " . $image_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Image Not Found!"; die(); } else { $image = mysql_fetch_array($res); mysql_close($handle); } return $image; } function getResource($resource_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_resource "; $sql .= "WHERE resource_id = " . $resource_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Resource Not Found!"; die(); } else { $resource = mysql_fetch_array($res); mysql_close($handle); } return $resource; } function getProperty($property_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_property "; $sql .= "WHERE property_id = " . $property_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Property Not Found!"; die(); } else { $property = mysql_fetch_array($res); mysql_close($handle); } return $property; } function getEvent($event_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT event_id,"; $sql .= " description,"; $sql .= " shepton_life,"; $sql .= " shepton_title,"; $sql .= " use_date,"; $sql .= " all_day,"; $sql .= " date,"; $sql .= " date_format(date, \"%Y\") year,"; $sql .= " date_format(date, \"%d\") day,"; $sql .= " date_format(date, \"%M\") month,"; $sql .= " date_format(date, \"%m\") mm,"; $sql .= " date_format(concat(date, ' ', time), \"%H\") hour,"; $sql .= " date_format(concat(date, ' ', time), \"%i\") min "; $sql .= " FROM " . $prefix . "_event "; $sql .= "WHERE event_id = " . $event_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Event Not Found!"; die(); } else { $event = mysql_fetch_array($res); mysql_close($handle); } return $event; } function set_theme($header_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $sql = "SELECT * FROM " . $prefix . "_header WHERE header_id = " . $header_id; $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo ""; } mysql_close($handle); } function getChildren($page_id,$level) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; //$debug=$level; $max=6; $cnt=0; //maximum top level $sql = "SELECT * FROM " . $prefix . "_page "; $sql .= "WHERE IFNULL(parent_page_id,0) = " . $page_id . " "; /* if normal user only include published items */ if ( ! checkAdmin() ) { $sql .= " AND published = 'Y' "; } $sql .= "ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { while ( $arr = mysql_fetch_array($res) ) { /* create URL */ switch ( $arr['page_type'] ) { case 'survey': $pageName = "survey.php"; break; case 'people': $pageName = "people.php"; break; default: $pageName = "index.php"; break; } if ( $arr['filename'] ) $pageName = $arr['filename']; $url = $pageName . "?page_id=" . $arr['page_id']; /* find out how many children this page has */ if ( checkAdmin() ) $children = findChildren($arr['page_id']); else $children = findChildren($arr['page_id'],"Y"); /* unpublished items are styled differently */ if ( $arr['published'] == "Y" ) $style="font-style: normal;"; else $style="font-style: italic;"; /* determine whether "category" or "page" */ if ( $arr['page_id'] == 1 ) $link_title = "Home"; else $link_title = htmlentities($arr['title']); if ( $level >0 || $cnt<$max ) { $cnt++; if ( $children > 0 && $level == 0 ) { //echo '"; } else { echo "\n"; if ( $level > 0 ) echo '' . $debug . $link_title . ''; else echo '' . $debug . $link_title . ''; } } } } /* close */ mysql_close($handle); } function navbar() { echo "\n"; /* top level pages */ getChildren(0,0); } function getImagesRand($id,$level) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; global $page_id; global $class; if ( ! $level ) $level = "town"; $sql = "SELECT * "; $sql .= "FROM " . $prefix . "_image "; switch ($level) { case 'property': $sql .= "WHERE property_id = " . $id; break; case 'resource': $sql .= "WHERE resource_id = " . $id; break; case 'page': $sql .= "WHERE page_id = " . $id; break; case 'street': $sql .= "WHERE property_id IN ( SELECT property_id FROM " . $prefix . "_property WHERE street_id=" . $id . ") AND display_up = \"Y\""; break; case 'person': $sql .= "WHERE resource_id IN ( SELECT resource_id FROM " . $prefix . "_resource WHERE person_id=" . $id . ") AND display_up = \"Y\""; break; case 'town': $sql .= "WHERE display_up = \"Y\" AND property_id > 0"; break; case 'index': $sql .= "WHERE display_up = \"Y\" AND resource_id IS NOT NULL AND resource_id > 0"; break; } $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); /* bomb out if nothing returned */ if ( mysql_num_rows($res) == 0 ) return; /* sort */ $businesses = array(); $cnt=0; if ( mysql_num_rows($res) > 0 ) { while( $arr = mysql_fetch_array($res) ) { $title = $arr['description'] . " "; if ( $arr['copyright'] ) $title .= "© " . $arr['copyright']; if ( $arr['filename'] ) { $cnt++; $businesses[] = array($arr['filename'],$arr['property_id'],$arr['image_id'],$title,$arr['resource_id']); } } } /* no limit for property */ echo '
'; if ( $cnt > 8 && ! ( $level == "property" )) $cnt = 8; if ( $cnt > 1 ) { $keys = array_rand($businesses,$cnt); foreach($keys as $key ) { echo '
'; echo ""; echo "\"""; echo ""; echo '

' . $businesses[$key][3] . '

'; echo '
'; /* admin links */ if ( checkAdmin() ) { echo "Edit"; echo "  "; echo "Delete"; } } } else { echo '
'; echo ""; echo "\"""; echo ""; echo '

' . $businesses[$key][3] . '

'; echo '
'; /* admin links */ if ( checkAdmin() ) { echo "Edit"; echo "  "; echo "Delete"; } } echo '
'; /* close */ mysql_close($handle); } function getImages($id,$level) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; global $page_id; global $class; if ( ! $level ) $level = "town"; $sql = "SELECT * "; $sql .= "FROM " . $prefix . "_image "; switch ($level) { case 'property': $sql .= "WHERE property_id = " . $id; break; case 'resource': $sql .= "WHERE resource_id = " . $id; break; case 'page': $sql .= "WHERE page_id = " . $id; break; case 'street': $sql .= "WHERE property_id IN ( SELECT property_id FROM " . $prefix . "_property WHERE street_id=" . $id . ") AND display_up = \"Y\""; break; case 'person': $sql .= "WHERE resource_id IN ( SELECT resource_id FROM " . $prefix . "_resource WHERE person_id=" . $id . ") AND display_up = \"Y\""; break; case 'town': $sql .= "WHERE display_up = \"Y\" AND property_id > 0"; break; case 'index': $sql .= "WHERE display_up = \"Y\" AND resource_id IS NOT NULL AND resource_id > 0"; break; } $sql .= " ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); /* bomb out if nothing returned */ if ( mysql_num_rows($res) == 0 ) return; echo '
'; /* do them */ while( $arr = mysql_fetch_array($res) ) { $title = $arr['description'] . " "; if ( $arr['copyright'] ) $title .= "© " . $arr['copyright']; if ( $arr['filename'] ) { echo '
'; echo "

"; echo ""; echo "\"""; echo ""; echo "

"; /* admin links */ if ( checkAdmin() ) { echo "

"; echo "Up"; echo "  "; echo "Edit"; echo "  "; echo "Delete"; echo "  "; echo "Down"; echo "

"; } } } echo "
"; /* close */ mysql_close($handle); } /* Get Events */ function getEvents() { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT event_id,"; $sql .= " description,"; $sql .= " shepton_life,"; $sql .= " shepton_title,"; $sql .= " use_date,"; $sql .= " all_day,"; $sql .= " date sdate,"; $sql .= " date_format(date, \"%d %M %Y\") date,"; $sql .= " date_format(concat(date, ' ', time), \"%l.%i%p\") time,"; $sql .= " date_format(concat(date, ' ', time), \"%k%i\") tm"; $sql .= " FROM " . $prefix . "_event "; $sql .= "WHERE use_date = '' "; $sql .= " OR ( use_date = 'Y' "; $sql .= " AND date >= CURDATE() ) "; $sql .= "ORDER BY use_date, sdate"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo "

"; while ( $arr = mysql_fetch_array($res) ) { /* echo event */ echo ""; echo ""; /* admin links */ if ( checkAdmin() ) { echo ""; } echo "
"; /* only display date if flag set */ if ( $arr['use_date'] == "Y" ) { $date = $arr['date']; if ( ! ( $arr['all_day'] == "Y" ) ) $date .= ", " . strtolower($arr['time']); echo "
" . $date . "

"; } /* continue with description */ echo $arr['description']; echo "
"; echo "Edit"; echo "  "; echo "Delete"; echo "
"; } echo "

"; } else { echo "

"; echo "There are no events currently planned."; echo "

"; } if ( checkAdmin() ) echo "

New Event

"; /* close */ mysql_close($handle); } function renderText($text) { $new_text = str_replace(chr(13),"
",$text); return $new_text; } function getStreets($page_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_street "; $sql .= "ORDER BY title"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { while ( $arr = mysql_fetch_array($res) ) { /* echo street */ /* title and description and link */ echo '

'; echo "" . stripslashes($arr['title']) . ""; echo "
"; echo '' . renderText(stripslashes($arr['description'])) . ''; echo '

'; /* admin links */ if ( checkAdmin() ) { echo ""; echo "Edit"; /* only delete if no properties */ $sql2 = "SELECT * "; $sql2 .= " FROM " . $prefix . "_property "; $sql2 .= "WHERE street_id=" . $arr['street_id']; $res2 = mysql_query($sql2); if ( mysql_num_rows($res2) == 0 ) { echo "  "; echo "Delete"; } echo ""; } } } /* close */ mysql_close($handle); } function showStreet($page_id,$street_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_street "; $sql .= "WHERE street_id = " . $street_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $sarr = mysql_fetch_array($res); echo "

" . $sarr['title'] . "
"; echo renderText($sarr['description']) . "

"; } else echo "Error! No details found for this street."; /* properties */ $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_property "; $sql .= "WHERE street_id = " . $street_id . " "; $sql .= "ORDER BY title"; $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo "

"; while ( $arr = mysql_fetch_array($res) ) { /* echo street */ echo ""; echo ""; /* admin links */ if ( checkAdmin() ) { echo ""; } echo "
"; /* title and description and link */ echo "" . stripslashes($arr['title']) . ""; echo "
"; echo renderText(stripslashes($arr['description_short'])); echo "
"; echo "Edit"; echo "  "; echo "Delete"; echo "
"; } echo "

"; } /* close */ mysql_close($handle); echo "Back to Survey"; } function showProperty($page_id, $property_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_property "; $sql .= "WHERE property_id = " . $property_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $arr = mysql_fetch_array($res); echo "

" . $arr['title'] . "

"; echo "

" . renderText($arr['description_short']) . "

"; echo "

" . renderText($arr['description_long']) . "

"; } else echo "Error! Property not found."; /* close */ mysql_close($handle); echo "Back to Street"; } /* people - clone of survey */ function getPeople($page_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_person "; $sql .= "ORDER BY title"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo "

"; while ( $arr = mysql_fetch_array($res) ) { /* echo person */ echo ""; echo ""; /* admin links */ if ( checkAdmin() ) { echo ""; } echo "
"; /* title and description and link */ echo "" . stripslashes($arr['title']) . ""; echo "
"; echo renderText(stripslashes($arr['introduction'])); echo "
"; echo "Edit"; /* only delete if no resources */ $sql2 = "SELECT * "; $sql2 .= " FROM " . $prefix . "_resource "; $sql2 .= "WHERE person_id=" . $arr['person_id']; $res2 = mysql_query($sql2); if ( mysql_num_rows($res2) == 0 ) { echo "  "; echo "Delete"; } echo "
"; } echo "

"; } /* close */ mysql_close($handle); } function showPerson($page_id,$person_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_person "; $sql .= "WHERE person_id = " . $person_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $sarr = mysql_fetch_array($res); echo "

" . $sarr['title'] . "

"; echo "

" . renderText($sarr['introduction']) . "

"; echo "

" . $sarr['description'] . "

"; } else echo "Error! No details found for this person."; /* properties */ $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_resource "; $sql .= "WHERE person_id = " . $person_id . " "; $sql .= "ORDER BY title"; $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo "

"; while ( $arr = mysql_fetch_array($res) ) { /* echo person */ echo ""; echo ""; /* admin links */ if ( checkAdmin() ) { echo ""; } echo "
"; /* title and description and link */ echo "" . stripslashes($arr['title']) . ""; echo "
"; echo renderText(stripslashes($arr['description_short'])); echo "
"; echo "Edit"; echo "  "; echo "Delete"; echo "
"; } echo "

"; } /* close */ mysql_close($handle); echo "Back"; } function showResource($page_id, $resource_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_resource "; $sql .= "WHERE resource_id = " . $resource_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $arr = mysql_fetch_array($res); echo "

" . $arr['title'] . "

"; echo "

" . renderText($arr['description_short']) . "

"; echo "

" . renderText($arr['description_long']) . "

"; } else echo "Error! Resource not found."; /* close */ mysql_close($handle); echo "Back"; } /* login/logout */ function login($username,$password) { session_start(); if ( $username == "bonham" && $password == "antiquarians" ) { $_SESSION['admin'] = "Y"; } } function logout() { session_start(); $_SESSION['admin'] = ""; } /* links */ function linkDelete($link_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_link "; $sql .= "WHERE link_id = " . $link_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function updateLink($params) { $description = $params['description']; $link = str_replace('http://','',$params['link']); $link_id = $params['link_id']; if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $link_id == 0 ) { $s1 = "SELECT sequence from " . $prefix . "_link ORDER BY sequence DESC"; $r1 = mysql_query($s1); if ( mysql_num_rows($r1) > 0 ) { $a1 = mysql_fetch_array($r1); $sequence = $a1['sequence']+1; } else $sequence = 1; $sql = "INSERT INTO " . $prefix . "_link "; $sql .= "(description, link, sequence) "; $sql .= "VALUES(\"" . addslashes($description) . "\",\"" . $link . "\"," . $sequence . ")"; } else { $sql = "UPDATE " . $prefix . "_link "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " link =\"" . $link . "\" "; $sql .= "WHERE link_id = \"" . $link_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function getLink($link_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT *"; $sql .= " FROM " . $prefix . "_link "; $sql .= "WHERE link_id = " . $link_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! Link Not Found!"; die(); } else { $link = mysql_fetch_array($res); mysql_close($handle); } return $link; } /* Get Links */ function getLinks() { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT link_id,"; $sql .= " description,"; $sql .= " link "; $sql .= " FROM " . $prefix . "_link "; $sql .= "ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo "

"; while ( $arr = mysql_fetch_array($res) ) { /* echo link */ echo ""; echo ""; /* admin links */ if ( checkAdmin() ) { echo ""; } echo "
"; /* description */ echo "
"; echo $arr['description']; echo "
"; echo "
"; echo "Click here to visit site"; echo "
"; echo "
"; echo "Move Up"; echo "  "; echo "Move Down"; echo "  "; echo "Edit"; echo "  "; echo "Delete"; echo "
"; } echo "

"; } else { echo "

"; echo "There are no links."; echo "

"; } if ( checkAdmin() ) echo "

New Link

"; /* close */ mysql_close($handle); } /* downloads */ function fileDelete($file_id) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "DELETE FROM " . $prefix . "_file "; $sql .= "WHERE file_id = " . $file_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); mysql_close($handle); } } function updateFile($params,$files) { $title = $params['title']; $description = $params['description']; $page_id = $params['page_id']; $file_id = $params['file_id']; $filename = $params['filename']; $file_type = $params['file_type']; $filename1 = processFile($files['file']); if ( $filename1 ) { $file_type = $files['file']['type']; $filename = $filename1; } if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); if ( $file_id == 0 ) { /* get next sequence */ $seq = "SELECT MAX(sequence) seq FROM " . $prefix . "_file WHERE page_id=" . $page_id; $res = mysql_query($seq); if ( mysql_num_rows($res) == 0 ) $sequence = 0; else { $arr = mysql_fetch_array($res); $sequence = $arr['seq']; } $sequence++; $sql = "INSERT INTO " . $prefix . "_file "; $sql .= "(page_id, filename, title, description, sequence, file_type) "; $sql .= "VALUES(" . $page_id . ",\"" . $filename . "\",\"" . addslashes($title) . "\",\"" . addslashes($description) . "\"," . $sequence . ",\"" . $file_type . "\")"; } else { $sql = "UPDATE " . $prefix . "_file "; $sql .= "SET description=\"" . addslashes($description) . "\","; $sql .= " title=\"" . addslashes($title) . "\","; $sql .= " file_type=\"" . $file_type . "\","; $sql .= " filename=\"" . $filename . "\" "; $sql .= "WHERE file_id = \"" . $file_id . "\""; } $res = mysql_query($sql); $key = mysql_insert_id(); mysql_close($handle); return $key; } } function getFile($file_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT * "; $sql .= " FROM " . $prefix . "_file "; $sql .= "WHERE file_id = " . $file_id; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) == 0 ) { echo "Error! File Not Found!"; die(); } else { $image = mysql_fetch_array($res); mysql_close($handle); } return $image; } function processFile($file) { if ( checkAdmin() ) { $filetype = $file['type']; if ( $filetype == "application/msword" || $filetype == "application/pdf" ) { $filename = date('U') . "-" . $file['name']; $destination = "./files/" . $filename; $source = $file['tmp_name']; copy ($source,$destination) or die ("Failed to upload file"); return $filename; } else { return ''; } } } function getFiles($page_id) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; /*global $page_id;*/ $sql = "SELECT * "; $sql .= "FROM " . $prefix . "_file "; $sql .= "WHERE page_id = " . $page_id . " "; $sql .= "ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { echo ""; echo ""; while ( $arr = mysql_fetch_array($res) ) { echo ""; echo ""; echo ""; echo ""; echo ""; } echo "
"; echo "Downloads"; echo "
"; if ( $arr['file_type'] == "application/pdf" ) { $image = "./images/adobe_pdf.gif"; $size = 32; } else { $image = "./images/ms_word.gif"; $size = 40; } echo ""; echo "\"Download\""; echo ""; echo ""; echo "" . stripslashes($arr['title']) . "
"; echo stripslashes($arr['description']); /* admin links */ if ( checkAdmin() ) { echo "
"; echo "

"; echo "Up"; echo "  "; echo "Edit"; echo "  "; echo "Delete"; echo "  "; echo "Down"; echo "

"; } echo "
"; } /* close */ mysql_close($handle); } function imageMove($image_id,$direction) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* get sequence */ $sql = "SELECT page_id, sequence seq FROM " . $prefix . "_image "; $sql .= "WHERE image_id = " . $image_id; $res = mysql_query($sql); $arr = mysql_fetch_array($res); $seq = $arr['seq']; $page_id = $arr['page_id']; /* get next sequence */ if ( $direction == "up" ) { $sql = "SELECT sequence seq FROM " . $prefix . "_image "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence < " . $seq . " "; $sql .= "ORDER BY sequence DESC"; } else { $sql = "SELECT sequence seq FROM " . $prefix . "_image "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence > " . $seq . " "; $sql .= "ORDER BY sequence"; } $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $arr = mysql_fetch_array($res); $nseq = $arr['seq']; /* swap them */ $sql = "UPDATE " . $prefix . "_image "; $sql .= "SET sequence = " . $seq . " "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence = " . $nseq; $res = mysql_query($sql); $sql = "UPDATE " . $prefix . "_image "; $sql .= "SET sequence = " . $nseq . " "; $sql .= "WHERE image_id = " . $image_id; $res = mysql_query($sql); } mysql_close($handle); } } function linkMove($link_id,$direction) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* get sequence */ $sql = "SELECT sequence seq FROM " . $prefix . "_link "; $sql .= "WHERE link_id = " . $link_id; $res = mysql_query($sql); $arr = mysql_fetch_array($res); $seq = $arr['seq']; /* get next sequence */ if ( $direction == "up" ) { $sql = "SELECT sequence seq FROM " . $prefix . "_link "; $sql .= "WHERE sequence < " . $seq . " "; $sql .= "ORDER BY sequence DESC"; } else { $sql = "SELECT sequence seq FROM " . $prefix . "_link "; $sql .= "WHERE sequence > " . $seq . " "; $sql .= "ORDER BY sequence"; } $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $arr = mysql_fetch_array($res); $nseq = $arr['seq']; /* swap them */ $sql = "UPDATE " . $prefix . "_link "; $sql .= "SET sequence = " . $seq . " "; $sql .= "WHERE sequence = " . $nseq; $res = mysql_query($sql); $sql = "UPDATE " . $prefix . "_link "; $sql .= "SET sequence = " . $nseq . " "; $sql .= "WHERE link_id = " . $link_id; $res = mysql_query($sql); } mysql_close($handle); } } function fileMove($file_id,$direction) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); /* get sequence */ $sql = "SELECT page_id, sequence seq FROM " . $prefix . "_file "; $sql .= "WHERE file_id = " . $file_id; $res = mysql_query($sql); $arr = mysql_fetch_array($res); $seq = $arr['seq']; $page_id = $arr['page_id']; /* get next sequence */ if ( $direction == "up" ) { $sql = "SELECT sequence seq FROM " . $prefix . "_file "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence < " . $seq . " "; $sql .= "ORDER BY sequence DESC"; } else { $sql = "SELECT sequence seq FROM " . $prefix . "_file "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence > " . $seq . " "; $sql .= "ORDER BY sequence"; } $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { $arr = mysql_fetch_array($res); $nseq = $arr['seq']; /* swap them */ $sql = "UPDATE " . $prefix . "_file "; $sql .= "SET sequence = " . $seq . " "; $sql .= "WHERE page_id = " . $page_id; $sql .= " AND sequence = " . $nseq; $res = mysql_query($sql); $sql = "UPDATE " . $prefix . "_file "; $sql .= "SET sequence = " . $nseq . " "; $sql .= "WHERE file_id = " . $file_id; $res = mysql_query($sql); } mysql_close($handle); } } /* WYSIWYG */ function editor($field,$contents,$height='450',$width='100%') { /* editor paths */ $oFCKeditor = new FCKeditor($field); $oFCKeditor->BasePath = './fckeditor/'; $oFCKeditor->Width=$width; $oFCKeditor->Height=$height; $oFCKeditor->Value = stripslashes($contents); $oFCKeditor->Create(); } /* new function to show whole site layout */ function getSite($parent,$level) { /* admin only function */ if ( ! checkAdmin() ) die('This function is only available to administrators!'); global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT page_id, title, page_type, sequence, filename, published "; $sql .= " FROM " . $prefix . "_page "; $sql .= "WHERE parent_page_id = " . $parent . " "; $sql .= "ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { while ( $arr = mysql_fetch_array($res) ) { /* get hyperlink */ if ( $arr['filename'] ) $filename = $arr['filename']; else $filename = 'index.php'; $filename .= '?page_id=' . $arr['page_id']; /* get padding based on level */ $padding = ($level * 30) . "px"; /* get colour for background (based on level up to 4 levels) */ $colour = $level * 2; if ( $colour > 8 ) $colour=8; $colour +=6; // $bgcolour = "FF" . dechex($colour) . dechex($colour) . dechex($colour) . dechex($colour); // $bgcolour = "FF" . dechex($colour) . dechex($colour) . dechex($colour) . dechex($colour); /* draw table */ echo ""; echo ""; // echo ""; echo ""; echo ""; /* can't delete home or static pages */ if ( $arr['page_id'] > 1 && $arr['filename'] == "" ) echo ""; else echo ""; if ( $arr['page_id'] ) { echo ""; echo ""; if ( $arr['published'] == "Y" ) { $published = "Unpublish"; $action = "N"; $color = "green"; } else { $published = "Publish"; $action = "Y"; $color = "orange"; } echo ""; } // echo ""; echo ""; echo "
 "; if ( $arr['page_id'] == 1 ) $title = "Home"; else $title = $arr['title']; if ( $arr['private'] == "Y" ) $title .= " (members)"; echo "" . $title . ""; echo "EditDelete Up  Down" . $published . " 
"; /* search for any children */ getSite($arr['page_id'],$level+1); } } /* close */ mysql_close($handle); } /* new function to show whole site layout */ function getSitemap($parent,$level) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $sql = "SELECT page_id, title, filename, page_type, sequence, published "; $sql .= " FROM " . $prefix . "_page "; $sql .= "WHERE parent_page_id = " . $parent . " "; if ( ! checkAdmin() ) { $sql .= "AND published = 'Y' "; } $sql .= "ORDER BY sequence"; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $res = mysql_query($sql); if ( mysql_num_rows($res) > 0 ) { while ( $arr = mysql_fetch_array($res) ) { /* get hyperlink */ if ( $arr['filename'] ) $filename = $arr['filename']; else $filename = 'index.php'; $filename .= '?page_id=' . $arr['page_id']; /* get padding based on level */ $padding = ($level * 50) . "px"; /* draw table */ echo ""; echo ""; echo ""; echo ""; echo "
"; if ( $arr['page_id'] == 1 ) $title = "Home"; else $title = $arr['title']; if ( $arr['private'] == "Y" ) $title .= " (members)"; echo "" . $title . ""; echo "
"; /* search for any children */ getSitemap($arr['page_id'],$level+1); } } /* close */ mysql_close($handle); } function pagePublish($page_id,$action) { if ( checkAdmin() ) { global $prefix; global $dbhost,$dbuser,$dbpass,$dbname; $handle = mysql_connect($dbhost,$dbuser,$dbpass); $db = mysql_select_db($dbname,$handle); $sql = "UPDATE " . $prefix . "_page "; $sql .= "SET published='" . $action . "' "; $sql .= "WHERE page_id = " . $page_id; $res = mysql_query($sql); mysql_close($handle); } } ?>