<?PHP
if( !defined( 'DATALIFEENGINE' ) OR !defined( 'LOGGED_IN' ) ) {
die( "Hacking attempt!" );
}
$result = "";
$catid = intval( $_REQUEST['catid'] );
if( ! $user_group[$member_id['user_group']]['admin_categories'] ) {msg( "error", $lang['index_denied'], $lang['cat_perm'] );}
function get_sub_cats($id, $subcategory = false) {
global $cat_info;
$subfound = array ();
if( ! $subcategory ) {
$subcategory = array ();
$subcategory[] = $id;
}
foreach ( $cat_info as $cats ) {
if( $cats['parentid'] == $id ) {
$subfound[] = $cats['id'];
}
}
foreach ( $subfound as $parentid ) {
$subcategory[] = $parentid;
$subcategory = get_sub_cats( $parentid, $subcategory );
}
return $subcategory;
}
if( $_REQUEST['action'] == 'sort' ) {
foreach ( $_POST["posi"] as $id => $posi ) {
if( $posi != "" ) {
$posi = intval( $posi );
$id = intval( $id );
$db->query( "UPDATE " . PREFIX . "_category SET posi='{$posi}' WHERE id = '{$id}'" );
}
}
$cache->delete('category.php');
header( "Location:$PHP_SELF?mod=categories" );
}
// ********************************************************************************
// ���������� ���������
// ********************************************************************************
if( $action == "add" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );}
$quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r" );
$cat_name = $db->safesql( htmlspecialchars( strip_tags( stripslashes($_POST['cat_name'] ) ), ENT_QUOTES) );
$alt_cat_name = totranslit( stripslashes( $_POST['alt_cat_name'] ), true, false );
if( ! $cat_name ) {msg( "error", $lang['cat_error'], $lang['cat_ername'], "javascript:history.go(-1)" );}
if( ! $alt_cat_name ) {msg( "error", $lang['cat_error'], $lang['cat_erurl'], "javascript:history.go(-1)" );}
if ( in_array($_POST['news_sort'], array("date", "rating", "news_read", "title")) ) {
$news_sort = $db->safesql( $_POST['news_sort'] );
} else $news_sort = "";
if ( in_array($_POST['news_msort'], array("ASC", "DESC")) ) {
$news_msort = $db->safesql( $_POST['news_msort'] );
} else $news_msort = "";
if ( $_POST['news_number'] > 0) $news_number = intval( $_POST['news_number'] ); else $news_number = 0;
if ( $_POST['category'] > 0) $category = intval( $_POST['category'] ); else $category = 0;
$meta_title = $db->safesql( htmlspecialchars ( strip_tags( stripslashes( $_POST['meta_title'] ) ) ) );
$description = $db->safesql( substr( strip_tags( stripslashes( $_POST['descr'] ) ), 0, 200 ) );
$keywords = $db->safesql( str_replace( $quotes, " ", strip_tags( stripslashes( $_POST['keywords'] ) ) ) );
$row = $db->super_query( "SELECT alt_name FROM " . PREFIX . "_category WHERE alt_name ='{$alt_cat_name}'" );
if( $row['alt_name'] ) {msg( "error", $lang['cat_error'], $lang['cat_eradd'], "?mod=categories" );}
$db->query( "INSERT INTO " . PREFIX . "_category (parentid, name, alt_name, descr, keywords, news_sort, news_msort, news_number, metatitle) values ('$category', '$cat_name', '$alt_cat_name', '$description', '$keywords', '$news_sort', '$news_msort', '$news_number', '$meta_title')" );
$cache->delete('category.php');
$cache->clear();
msg( "info", $lang['cat_addok'], $lang['cat_addok_1'], "?mod=categories" );
}
// ********************************************************************************
// �������� ���������
// ********************************************************************************
elseif( $action == "remove" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );}
function DeleteSubcategories($parentid) {
global $db;
$subcategories = $db->query( "SELECT id FROM " . PREFIX . "_category WHERE parentid = '$parentid'" );
while ( $subcategory = $db->get_row( $subcategories ) ) {
DeleteSubcategories( $subcategory['id'] );
$db->query( "DELETE FROM " . PREFIX . "_category WHERE id = '" . $subcategory['id'] . "'" );
}
}
if( ! $catid ) {
msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );
}
$row = $db->super_query( "SELECT count(*) as count FROM " . PREFIX . "_post WHERE category regexp '[[:<:]]($catid)[[:>:]]'" );
if( $row['count'] ) {
if( is_array( $_REQUEST['new_category'] ) ) {
if( ! in_array( $catid, $new_category ) ) {
$category_list = $db->safesql( htmlspecialchars( strip_tags( stripslashes( implode( ',', $_REQUEST['new_category']))), ENT_QUOTES ) );
$db->query( "UPDATE " . PREFIX . "_post set category='$category_list' WHERE category regexp '[[:<:]]($catid)[[:>:]]'" );
$db->query( "DELETE FROM " . PREFIX . "_category WHERE id='$catid'" );
DeleteSubcategories( $catid );
$cache->delete('category.php');
$cache->clear();
msg( "info", $lang['cat_delok'], $lang['cat_delok_1'], "?mod=categories" );
}
}
msg( "info", $lang['all_info'], "<form action=\"\" method=\"post\">{$lang['comm_move']} <select name=\"new_category[]\" class=\"cat_select\" align=\"absmiddle\" multiple>" . CategoryNewsSelection( 0, 0 ) . "</select> <input class=\"edit\" type=\"submit\" value=\"{$lang['b_start']}\"></form>", "$PHP_SELF?mod=categories" );
} else {
$db->query( "DELETE FROM " . PREFIX . "_category WHERE id='$catid'" );
DeleteSubcategories( $catid );
$cache->delete('category.php' );
$cache->clear();
msg( "info", $lang['cat_delok'], $lang['cat_delok_1'], "?mod=categories" );
}
}
// ********************************************************************************
// �������������� ���������
// ********************************************************************************
elseif( $action == "edit" ) {
echoheader( "options", $lang['cat_head'] );
$catid = intval( $_GET['catid'] );
if( ! $catid ) {msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );}
$row = $db->super_query( "SELECT * FROM " . PREFIX . "_category WHERE id = '$catid'" );
if( ! $row['id'] ) msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );
$categorylist = CategoryNewsSelection( $row['parentid'], 0 );
$row['name'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['name'] ) );
$row['metatitle'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['metatitle'] ) );
$row['descr'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['descr'] ) );
$row['keywords'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['keywords'] ) );
$row['news_sort'] = makeDropDown( array ("" => $lang['sys_global'], "date" => $lang['opt_sys_sdate'], "rating" => $lang['opt_sys_srate'], "news_read" => $lang['opt_sys_sview'], "title" => $lang['opt_sys_salph'] ), "news_sort", $row['news_sort'] );
$row['news_msort'] = makeDropDown( array ("" => $lang['sys_global'], "DESC" => $lang['opt_sys_mminus'], "ASC" => $lang['opt_sys_mplus'] ), "news_msort", $row['news_msort'] );
echo <<<HTML
<form method="post" action="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['cat_edit']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td width="260" style="padding:4px;">{$lang['cat_name']}</td>
<td><input class="edit" value="{$row['name']}" type="text" name="cat_name"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_catname]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['cat_url']}</td>
<td><input class="edit" value="{$row['alt_name']}" type="text" name="alt_cat_name"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_cataltname]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_title']}</td>
<td><input type="text" name="meta_title" style="width:345px;" value="{$row['metatitle']}" class="edit"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_descr_cat']}</td>
<td><input type="text" name="descr" style="width:345px;" value="{$row['descr']}" class="edit"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_keys']}</td>
<td><textarea name="keywords" style="width:345px;height:50px;">{$row['keywords']}</textarea></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['cat_parent']}</td>
<td><select name="parentid" >{$categorylist}</select></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['opt_sys_sort']}</td>
<td>{$row['news_sort']}</td>
</tr>
<td style="padding:4px;">{$lang['opt_sys_msort']}</td>
<td>{$row['news_msort']}</td>
</tr>
<tr>
<td style="padding:4px;">{$lang['opt_sys_newc']}</td>
<td><input class="edit" type="text" name="news_number" value="{$row['news_number']}"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_news_number]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
<tr>
<td style="padding:4px;"> </td>
<td><input type="submit" class="buttons" value="{$lang['vote_edit']}">
<input type=hidden name=action value=doedit>
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input type=hidden name=catid value=$row[id]>
</tr>
</table>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
HTML;
echofooter();
die();
}
// ********************************************************************************
// ������ ����������������� ���������
// ********************************************************************************
elseif( $action == "doedit" ) {
if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );}
$quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r", '"' );
$cat_name = $db->safesql( htmlspecialchars( strip_tags( stripslashes($_POST['cat_name'] ) ), ENT_QUOTES) );
$alt_cat_name = totranslit( stripslashes( $_POST['alt_cat_name'] ), true, false );
$catid = intval( $_POST['catid'] );
$parentid = intval( $_POST['parentid'] );
$meta_title = $db->safesql( htmlspecialchars ( strip_tags( stripslashes( $_POST['meta_title'] ) ) ) );
$description = $db->safesql( substr( strip_tags( stripslashes( $_POST['descr'] ) ), 0, 200 ) );
$keywords = $db->safesql( str_replace( $quotes, " ", strip_tags( stripslashes( $_POST['keywords'] ) ) ) );
if ( in_array($_POST['news_sort'], array("date", "rating", "news_read", "title")) ) {
$news_sort = $db->safesql( $_POST['news_sort'] );
} else $news_sort = "";
if ( in_array($_POST['news_msort'], array("ASC", "DESC")) ) {
$news_msort = $db->safesql( $_POST['news_msort'] );
} else $news_msort = "";
if ( $_POST['news_number'] > 0)$news_number = intval( $_POST['news_number'] ); else $news_number = 0;
if( ! $catid ) {msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );}
if( $cat_name == "" ) {msg( "error", $lang['cat_error'], $lang['cat_noname'], "javascript:history.go(-1)" );}
$row = $db->super_query( "SELECT id, alt_name FROM " . PREFIX . "_category WHERE alt_name = '$alt_cat_name'" );
if( $row['id'] and $row['id'] != $catid ) {
msg( "error", $lang['cat_error'], $lang['cat_eradd'], "javascript:history.go(-1)" );
}
if( in_array( $parentid, get_sub_cats( $catid ) ) ) {
msg( "error", $lang['cat_error'], $lang['cat_noparentid'], "$PHP_SELF?mod=categories" );
}
$db->query( "UPDATE " . PREFIX . "_category set parentid='$parentid', name='$cat_name', alt_name='$alt_cat_name', descr='$description', keywords='$keywords', news_sort='$news_sort', news_msort='$news_msort', news_number='$news_number', metatitle='$meta_title' WHERE id='$catid'" );
$cache->delete('category.php' );
$cache->clear();
msg( "info", $lang['cat_editok'], $lang['cat_editok_1'], "$PHP_SELF?mod=categories" );
}
// ********************************************************************************
// List all Categories
// ********************************************************************************
echoheader( "options", $lang['cat_head'] );
$categorylist = CategoryNewsSelection( 0, 0 );
echo <<<HTML
<form method="post" action="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['cat_add']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td width="260" style="padding:4px;">{$lang['cat_name']}</td>
<td><input class="edit" type="text" name="cat_name"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_catname]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['cat_url']}</td>
<td><input class="edit" type="text" name="alt_cat_name"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_cataltname]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_title']}</td>
<td><input type="text" name="meta_title" style="width:345px;" class="edit"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_descr_cat']}</td>
<td><input type="text" name="descr" style="width:345px;" class="edit"> ({$lang['meta_descr_max']})</td>
</tr>
<tr>
<td style="padding:4px;">{$lang['meta_keys']}</td>
<td><textarea name="keywords" style="width:345px;height:50px;"></textarea></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['cat_parent']}</td>
<td><select name="category" >{$categorylist}</select></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['opt_sys_sort']}</td>
<td><select size=1 name="news_sort">
<option value="" selected >{$lang['sys_global']}</option>
<option value="date">{$lang['opt_sys_sdate']}</option>
<option value="rating">{$lang['opt_sys_srate']}</option>
<option value="news_read">{$lang['opt_sys_sview']}</option>
<option value="title">{$lang['opt_sys_salph']}</option>
</select></td>
</tr>
<td style="padding:4px;">{$lang['opt_sys_msort']}</td>
<td><select size=1 name="news_msort">
<option value="" selected >{$lang['sys_global']}</option>
<option value="DESC">{$lang['opt_sys_mminus']}</option>
<option value="ASC">{$lang['opt_sys_mplus']}</option>
</select></td>
</tr>
<tr>
<td style="padding:4px;">{$lang['opt_sys_newc']}</td>
<td><input class="edit" type="text" name="news_number"><a href="#" class="hintanchor" onMouseover="showhint('{$lang[hint_news_number]}', this, event, '250px')">[?]</a></td>
</tr>
<tr>
<td colspan="2"><div class="hr_line"></div></td>
</tr>
<tr>
<td style="padding:4px;"> </td>
<td><input type="submit" class="buttons" value="{$lang['vote_new']}">
<input type=hidden name=mod value=categories>
<input type="hidden" name="user_hash" value="$dle_login_hash" />
<input type=hidden name=action value=add></td>
</tr>
</table>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
HTML;
if( ! count( $cat_info ) ) {
echo <<<HTML
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['cat_list']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td height="100" align="center">{$lang['cat_nocat']}</td>
</tr>
</table>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div>
HTML;
} else {
function DisplayCategories($parentid = 0, $sublevelmarker = '') {
global $lang, $cat_info, $config, $dle_login_hash;
// start table
if( $parentid == 0 ) {
echo <<<HTML
<form method="post" action="">
<div style="padding-top:5px;padding-bottom:2px;">
<table width="100%">
<tr>
<td width="4"><img src="system/skins/images/tl_lo.gif" width="4" height="4" border="0"></td>
<td background="system/skins/images/tl_oo.gif"><img src="system/skins/images/tl_oo.gif" width="1" height="4" border="0"></td>
<td width="6"><img src="system/skins/images/tl_ro.gif" width="6" height="4" border="0"></td>
</tr>
<tr>
<td background="system/skins/images/tl_lb.gif"><img src="system/skins/images/tl_lb.gif" width="4" height="1" border="0"></td>
<td style="padding:5px;" bgcolor="#FFFFFF">
<table width="100%">
<tr>
<td bgcolor="#EFEFEF" height="29" style="padding-left:10px;"><div class="navigation">{$lang['stat_all']}</div></td>
</tr>
</table>
<div class="unterline"></div>
<table width="100%">
<tr>
<td style="padding:2px;">ID</td>
<td style="padding:2px;">Position</td>
<td>{$lang['cat_cat']}</td>
<td>{$lang['cat_url']}</td>
<td width="120">{$lang['cat_action']}</td>
</tr>
<tr>
<td colspan="8"><div class="hr_line"></div></td>
</tr>
HTML;
} else {
$sublevelmarker .= '--';
}
if( count( $cat_info ) ) {
foreach ( $cat_info as $cats ) {
if( $cats['parentid'] == $parentid ) $root_category[] = $cats['id'];
}
if( count( $root_category ) ) {
foreach ( $root_category as $id ) {
$category_name = $cat[$id];
if( $config['allow_alt_url'] == "yes" ) $link = "<a class=\"list\" href=\"" . $config['http_home_url'] . get_url( $id ) . "/\" target=\"_blank\">" . stripslashes( $cat_info[$id]['name'] ) . "</a>";
else $link = "<a class=\"list\" href=\"{$config['http_home_url']}index.php?do=cat&category=" . $cat_info[$id]['alt_name'] . "\" target=\"_blank\">" . stripslashes( $cat_info[$id]['name'] ) . "</a>";
echo "<tr>
<td height=\"14\"> <b>" . $cat_info[$id]['id'] . "</b></td>
<td height=\"20\"><input class=\"edit\" type=\"text\" size=\"5\" name=\"posi[{$cat_info[$id]['id']}]\" maxlength=\"5\" value=\"{$cat_info[$id]['posi']}\"></td>
<td> $sublevelmarker " . $link . "</td>
<td>";
if( $cat_info[$id]['alt_name'] != "" ) {
echo $cat_info[$id]['alt_name'];
} else {
echo "---";
}
echo "</td>
<td class=\"list\"><nobr>[<a href=\"?mod=categories&action=edit&catid=" . $cat_info[$id]['id'] . "\">$lang[cat_ed]</a>] [<a class=maintitle href=\"?mod=categories&user_hash=" . $dle_login_hash . "&action=remove&catid=" . $cat_info[$id]['id'] . "\">$lang[cat_del]</a>]</nobr></td>
</tr>
<tr><td background=\"system/skins/images/mline.gif\" height=1 colspan=8></td></tr>";
DisplayCategories( $id, $sublevelmarker );
}
}
}
// end table
if( $parentid == 0 ) {
echo <<<HTML
<tr>
<td colspan="8" style="padding:5px;"><input type=hidden name=action value=sort><input type="submit" id="posi" class="edit" value="$lang[cat_posi]" /></td>
</tr>
</table>
</td>
<td background="system/skins/images/tl_rb.gif"><img src="system/skins/images/tl_rb.gif" width="6" height="1" border="0"></td>
</tr>
<tr>
<td><img src="system/skins/images/tl_lu.gif" width="4" height="6" border="0"></td>
<td background="system/skins/images/tl_ub.gif"><img src="system/skins/images/tl_ub.gif" width="1" height="6" border="0"></td>
<td><img src="system/skins/images/tl_ru.gif" width="6" height="6" border="0"></td>
</tr>
</table>
</div></form>
HTML;
}
}
DisplayCategories();
}
echofooter();
?>