//
// "$Id: links.php,v 1.2 2004/05/20 15:45:55 mike Exp $"
//
// Hierarchical link interface.
//
// Contents:
//
//
//
// Include necessary headers...
//
include "phplib/html.php";
include "phplib/common.php";
//
// 'get_category()' - Get the category path.
//
function // O - Category path
get_category($id, // I - Category ID
$with_links = 2) // I - 0 = no links, 1 = all links, 2 = all but root
{
global $PHP_SELF;
if ($id == 0)
{
if ($with_links == 1)
return "Root ";
else
return "Root";
}
else if ($id < 0)
{
return "All";
}
$result = db_query("SELECT name, id, parent_id FROM link WHERE id = $id");
$category = "";
if ($result)
{
$row = db_next($result);
if ($row)
{
if ($with_links || $row['parent_id'] > 0)
$category = get_category($row['parent_id'], 1) . "/";
if ($with_links == 1)
$category .= ""
. htmlspecialchars($row[name]) . " ";
else
$category .= htmlspecialchars($row['name']);
}
db_free($result);
}
return ($category);
}
//
// 'select_category()' - Get a list of all categories.
//
function
select_category($parent_id = 0, // I - Parent ID
$is_category = 0) // I - Selecting for category?
{
// Scan the table for categories... We add "C" to the ID to
// avoid PHP thinking we want an actual index in the array.
$result = db_query("SELECT name,id FROM link "
."WHERE is_published != 0 AND is_category != 0 "
."ORDER BY name");
$cats = array();
while ($row = db_next($result))
$cats["C$row[id]"] = get_category($row['id'], 0);
db_free($result);
// Add the Root category if we are adding or modifying a category.
if ($is_category)
$cats["C0"] = "Root";
// Sort the category list...
asort($cats);
// List the categories for selection...
print("");
reset($cats);
while (list($cat_id, $cat_name) = each($cats))
{
$cat_id = (int)substr($cat_id, 1);
$cat_name = htmlspecialchars($cat_name);
if ($cat_id == $parent_id)
print("$cat_name ");
else
print("$cat_name ");
}
print(" ");
}
// Set globals...
$id = 0;
$parent_id = 0;
$query = '';
if ($LOGIN_LEVEL >= AUTH_DEVEL)
{
$op = 'Z';
}
else
{
$op = 'L';
}
// Get command-line options...
//
// Usage: links.php [operation] [options]
//
// Operations:
//
// LA = List all links
// LC = List links by category
// LU = List unpublished links
// R# = Rate listing #
// SH# = Show homepage for listing #
// SD# = Show download for listing #
// UC = Add new category
// UC# = Modify category #
// UL = Add new listing
// UL# = Modify listing #
// V# = View listing #
// X# = Delete category or listing #
//
// Options:
//
// P# = Set parent ID
// Qtext = Set search text
$search = "";
$op = "L";
$listtype = "C";
for ($i = 0; $i < $argc; $i ++)
{
switch ($argv[$i][0])
{
case 'L' : // List or search
$op = 'L';
if (strlen($argv[$i]) > 1)
{
$listtype = $argv[$i][1];
if ($listtype == 'A')
$parent_id = -1;
}
break;
case 'P' : // Parent
$parent_id = (int)substr($argv[$i], 1);
break;
case 'Q' : // Set search text
$search = $option;
$i ++;
while ($i < $argc)
{
$search .= " $argv[$i]";
$i ++;
}
break;
case 'R' : // Rate
$op = $argv[$i][0];
$id = (int)substr($argv[$i], 1);
break;
case 'S' : // Show web or download page
$op = $argv[$i][0];
$type = $argv[$i][1];
$id = (int)substr($argv[$i], 2);
break;
case 'U' : // Update/add
$op = $argv[$i][0];
$type = $argv[$i][1];
$id = (int)substr($argv[$i], 2);
break;
case 'V' : // View
$op = 'V';
$id = (int)substr($argv[$i], 1);
break;
case 'X' : // Delete
$op = 'X';
$id = (int)substr($argv[$i], 1);
break;
default :
header("Location: $PHP_SELF");
exit();
}
}
if (array_key_exists("SEARCH", $_POST))
$search = $_POST["SEARCH"];
// Encode the search parameters so they can be propagated...
$options = "+Q" . urlencode($search);
// Now do operation..
switch ($op)
{
case 'L' : // List...
html_header("Links");
html_start_links(1);
html_link("Show All Listings", "$PHP_SELF?LA$options");
html_link("Show Listings By Category", "$PHP_SELF?LC$options");
if ($LOGIN_LEVEL >= AUTH_DEVEL)
html_link("Show Unpublished Listings", "$PHP_SELF?LU$options");
html_end_links();
print("
Links \n");
print("\n"
." \n");
if ($search != "")
{
// Construct a query...
$search_string = $search;
$search_string = str_replace("'", " ", $search_string);
$search_string = str_replace("\"", " ", $search_string);
$search_string = str_replace("\\", " ", $search_string);
$search_string = str_replace("%20", " ", $search_string);
$search_string = str_replace("%27", " ", $search_string);
$search_string = str_replace(" ", " ", $search_string);
$search_words = explode(' ', $search_string);
// Loop through the array of words, adding them to the
$prefix = "";
$next = "OR";
reset($search_words);
while ($keyword = current($search_words))
{
next($search_words);
$keyword = ltrim(rtrim($keyword));
if (strcasecmp($keyword, 'or') == 0)
{
$next = 'OR';
if ($prefix != '')
$prefix = 'OR';
}
else if (strcasecmp($keyword, 'and') == 0)
{
$next = 'AND';
if ($prefix != '')
$prefix = 'AND';
}
else
{
$query = "$query $prefix name LIKE '%$keyword%'";
$prefix = $next;
}
}
}
if ($search == "")
$category = get_category($parent_id);
else
$category = "Search";
if ($listtype == 'U')
$is_published = "is_published = 0 AND ";
else if ($LOGIN_LEVEL >= AUTH_DEVEL)
$is_published = "";
else
$is_published = "is_published = 1 AND ";
// Show the categories...
if ($query != "")
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 1 AND "
."($query) "
."ORDER BY name");
else if ($parent_id >= 0)
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 1 AND "
."parent_id = $parent_id "
."ORDER BY name");
else
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 1 "
."ORDER BY name");
if ($parent_id < 0)
print("All Categories \n");
else
print("Categories in $category \n");
print("\n");
while ($row = db_next($result))
{
$id = $row["id"];
$name = htmlspecialchars($row["name"]);
print("$name ");
if ($LOGIN_LEVEL >= AUTH_DEVEL || $LOGIN_USER == $row["create_user"])
{
print(" [ Edit |"
." Delete ]");
}
print(" \n");
}
print(" \n");
html_start_links();
html_link("Submit New Category", "$PHP_SELF?FC+P$parent_id$options");
html_end_links();
db_free($result);
// Then show the listings...
if ($query != "")
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 0 AND "
."($query) "
."ORDER BY name");
else if ($parent_id >= 0)
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 0 AND "
."parent_id = $parent_id "
."ORDER BY name");
else
$result = db_query("SELECT * FROM link "
."WHERE ${ispublished}is_category = 0 "
."ORDER BY name");
if ($parent_id < 0)
print("All Listings \n");
else
print("Listings in $category \n");
print("\n");
while ($row = db_next($result))
{
$id = $row["id"];
$name = htmlspecialchars($row["name"]);
$description = format_text($row["description"]);
$version = htmlspecialchars($row["version"]);
$age = (int)((time() - $row['modify_date']) / 86400);
print("$name $version ");
if ($search != "")
{
$category = get_category($row['parent_id'], 1);
print(" in $category");
}
if ($age == 1)
print(", Updated 1 day ago ");
else if ($age < 30)
print(", Updated $age days ago ");
if ($LOGIN_LEVEL >= AUTH_DEVEL || $LOGIN_USER == $row["create_user"])
{
print(" [ Edit "
." | Delete ]\n");
}
print("$description \n");
}
print(" \n");
html_start_links();
html_link("Submit New Listing", "$PHP_SELF?UL+P$parent_id$options");
html_end_links();
db_free($result);
html_footer();
break;
case 'U' : // Add or update category or listing...
if ($id > 0)
{
// Get current link data from database...
$result = db_query("SELECT * FROM link WHERE id = $id");
if (db_count($result) != 1)
{
// Link doesn't exist!
db_free($result);
header("Location: $PHP_SELF");
exit();
}
$row = db_next($result);
if ($LOGIN_LEVEL < AUTH_DEVEL && $LOGIN_USER != $row["create_user"])
{
// No permission!
db_free($result);
header("Location: $PHP_SELF");
exit();
}
$is_category = $row['is_category'];
$is_published = $row['is_published'];
$name = $row['name'];
$version = $row['version'];
$license = $row['license'];
$author = $row['author'];
$email = $row['email'];
$homepage_url = $row['homepage_url'];
$download_url = $row['download_url'];
$description = $row['description'];
db_free($result);
}
else
{
// Use default information for type...
if ($type == 'C')
$is_category = 1;
else
$is_category = 0;
if ($LOGIN_LEVEL >= AUTH_DEVEL)
$is_published = 1;
else
$is_published = 0;
$name = "";
$version = "";
$license = "";
$author = "";
$email = "";
$homepage_url = "http://";
$download_url = "ftp://";
$description = "";
}
$announcement = "";
if ($REQUEST_METHOD == "POST")
{
if (array_key_exists("PARENT_ID", $_POST))
$parent_id = (int)$_POST["PARENT_ID"];
if ($LOGIN_LEVEL >= AUTH_DEVEL &&
array_key_exists("IS_PUBLISHED", $_POST))
$is_published = (int)$_POST["IS_PUBLISHED"];
if (array_key_exists("NAME", $_POST))
$name = $_POST["NAME"];
if (array_key_exists("VERSION", $_POST))
$version = $_POST["VERSION"];
if (array_key_exists("LICENSE", $_POST))
$license = $_POST["LICENSE"];
if (array_key_exists("AUTHOR", $_POST))
$author = $_POST["AUTHOR"];
if (array_key_exists("EMAIL", $_POST))
$email = $_POST["EMAIL"];
if (array_key_exists("HOMEPAGE_URL", $_POST))
$homepage_url = $_POST["HOMEPAGE_URL"];
if (array_key_exists("DOWNLOAD_URL", $_POST))
$download_url = $_POST["DOWNLOAD_URL"];
if (array_key_exists("DESCRIPTION", $_POST))
$description = $_POST["DESCRIPTION"];
if (array_key_exists("ANNOUNCEMENT", $_POST))
$announcement = $_POST["ANNOUNCEMENT"];
if ($name != "" &&
($is_category ||
($version != "" && $license != "" &&
$author != "" && $description != "" &&
$homepage_url != "http://" && $download_url != "ftp://")))
$havedata = 1;
else
$havedata = 0;
}
else
$havedata = 0;
if ($type == 'C')
$typename = 'Category';
else
$typename = 'Listing';
if ($id > 0)
$opname = 'Update';
else
$opname = 'Create';
$heading = htmlspecialchars("$opname $typename $name");
html_header($heading);
html_start_links(1);
html_link("Show All Listings", "$PHP_SELF?LA$options");
html_link("Show Listings By Category", "$PHP_SELF?LC$options");
if ($LOGIN_LEVEL >= AUTH_DEVEL)
html_link("Show Unpublished Listings", "$PHP_SELF?LU$options");
html_end_links();
print("$heading \n");
if ($havedata)
{
$name = db_escape($name);
$version = db_escape($version);
$license = db_escape($license);
$author = db_escape($author);
$email = db_escape($email);
$homepage_url = db_escape($homepage_url);
$download_url = db_escape($download_url);
$user = db_escape($LOGIN_USER);
$date = time();
if ($id == 0)
{
// Insert a new record...
db_query("INSERT INTO link VALUES(NULL,$parent_id,"
."$is_category,$is_published,"
."'$name','$version','$license',"
."'$author','$email','$homepage_url','$download_url',"
."'$description',5,1,0,0,$date,'$user',$date,'$user')");
$id = db_insert_id();
}
else
{
// Modify the existing record...
db_query("UPDATE link SET is_published=$is_published,"
."parent_id=$parent_id,"
."name='$name',version='$version',license='$license',"
."author='$author',email='$email',"
."homepage_url='$homepage_url',download_url='$download_url',"
."description='$description',modify_date=$date,"
."modify_user='$user' "
."WHERE id=$id");
}
if ($announcement != "")
{
$abstract = db_escape(abbreviate($announcement, 80));
$announcement = db_escape("[ "
."More Info ]
\n"
. $announcement);
db_query("INSERT INTO article VALUES(NULL,$is_published,"
."'$name $version','$abstract','$announcement',$date,"
."'$user',$date,'$user')");
$article_id = db_insert_id();
//
mail($PROJECT_EMAIL, "$PROJECT_NAME Article #$id $what",
wordwrap("$row[create_user] has $what an article titled, "
."'$row[title]' with the following abstract:\n\n"
." $row[abstract]\n\n"
."Please approve or delete this article via the following "
."page:\n\n"
." $PHP_URL?L$id\n"),
"From: noreply@easysw.com\r\n");
}
print("$typename '$NAME' $opname \n");
if ($is_published == 0)
{
// Send email to moderators...
$what = strtolower("${opname}d");
$message = wordwrap("'$name' has been $what on the $PROJECT_NAME "
."links page and requires your approval before "
."it will be made visible on the $PROJECT_NAME "
."site. Please go to the following link to "
."process the submission:\n\n"
." $PHP_URL?U$type$id\n");
mail($PROJECT_EMAIL, "$PROJECT_NAME $typename $opname",
$message, "From: noreply@easysw.com\r\n");
// Let the user know that the moderator must approve it...
print("Your submission will be made visible as soon as one of "
."moderators approves it.
\n");
}
else
print("Thank you, your submission is now visible on the site.
\n");
html_start_links();
html_link("Return to Listing", "$PHP_SELF?L+P$parent_id");
html_end_links();
}
else
{
if ($REQUEST_METHOD == "POST")
{
$what = strtolower($typename);
print("Error: Please fill in the fields marked in "
."bold red below and resubmit "
."your $what.
\n");
$hstart = "";
$hend = " ";
}
else
{
$hstart = "";
$hend = "";
}
$name = htmlspecialchars($name, ENT_QUOTES);
$version = htmlspecialchars($version, ENT_QUOTES);
$license = htmlspecialchars($license, ENT_QUOTES);
$author = htmlspecialchars($author, ENT_QUOTES);
$email = htmlspecialchars($email, ENT_QUOTES);
$homepage_url = htmlspecialchars($homepage_url, ENT_QUOTES);
$download_url = htmlspecialchars($download_url, ENT_QUOTES);
$abstract = htmlspecialchars($announcement, ENT_QUOTES);
print("");
}
html_footer();
break;
case 'V' : // View a listing...
$result = db_query("SELECT * FROM link WHERE id = $id");
if (db_count($result) != 1)
{
db_free($result);
header("Location: $PHP_SELF");
exit();
}
$row = db_next($result);
if ($row["is_published"] == 0 && $LOGIN_LEVEL < AUTH_DEVEL &&
$LOGIN_USER != $row["create_user"])
{
// No permission!
db_free($result);
header("Location: $PHP_SELF");
exit();
}
$name = htmlspecialchars($row['name'], ENT_QUOTES);
$version = htmlspecialchars($row['version'], ENT_QUOTES);
$license = htmlspecialchars($row['license'], ENT_QUOTES);
$author = htmlspecialchars($row['author'], ENT_QUOTES);
$email = htmlspecialchars($row['email'], ENT_QUOTES);
$homepage_url = htmlspecialchars($row['homepage_url'], ENT_QUOTES);
$download_url = htmlspecialchars($row['download_url'], ENT_QUOTES);
$description = format_text($row['description']);
$create_date = date("M d, Y", $row['create_date']);
$modify_date = date("M d, Y", $row['modify_date']);
$category = get_category($row['parent_id']);
$rating = (int)(100 * $row['rating_total'] /
$row['rating_count']) * 0.01;
$email = sanitize_email($row['email']);
if (($row['homepage_visits'] + $row['download_visits']) > 0)
{
$visits = db_query("SELECT MAX(homepage_visits), "
."MAX(download_visits) FROM link");
$visrow = db_next($visits);
$popularity = (int)(100 * ($row['homepage_visits'] +
$row['download_visits']) /
($visrow['MAX(homepage_visits)'] +
$visrow['MAX(download_visits)']));
if ($popularity < 0)
$popularity = 0;
db_free($visits);
}
else
{
$popularity = "???";
}
html_header("$name $version");
html_start_links(1);
html_link("Back To Listings", "$PHP_SELF?L+P$parent_id$options");
html_link("Show Comments", "#_USER_COMMENTS");
if ($LOGIN_LEVEL >= AUTH_DEVEL || $LOGIN_USER == $row["create_user"])
{
html_link("Delete Listing", "$PHP_SELF?X$id$options");
html_link("Edit Listing", "$PHP_SELF?UL$id$options");
}
html_end_links();
print("$name $version \n");
print("\n");
db_free($result);
print(" \n"
."\n");
html_start_links();
html_link("Submit Comment", "comment.php?r0+plinks.php_V$id");
html_end_links();
show_comments("links.php_V$id");
html_footer();
break;
case 'X' : // Delete listing...
/*
if ($id <= 0)
{
print("Error \n"
."No link ID provided...
\n");
break;
}
$result = db_query("SELECT * FROM link WHERE id = $id");
if (!$result)
{
print("Error \n"
."Link $id does not exist.
\n");
break;
}
$row = db_next($result);
if (!$row)
{
print("Error \n"
."Link $id does not exist.
\n");
break;
}
$name = $row['name;
$owner_email = $row['owner_email;
$owner_password = $row['owner_password;
db_free($result);
if (!$LOGIN_USER && !($OWNER_EMAIL && $OWNER_PASSWORD))
{
print("Delete $name \n");
print("\n"
." \n");
print(" ");
break;
}
else if (!$LOGIN_USER &&
($OWNER_EMAIL != $owner_email ||
$OWNER_PASSWORD != $owner_password))
{
print("Error \n"
."Owner email or password doesn't match!
\n");
break;
}
db_query("DELETE FROM link WHERE id=$id");
print("Deleted $name \n");
print("Return to listing.
\n");
*/
break;
case 'R' : // Rate this entry...
if (array_key_exists("RATING", $_POST))
{
$rating = (int)$_POST("RATING");
if ($rating < 0)
$rating = 0;
else if ($rating > 10)
$rating = 10;
if (db_query("INSERT INTO vote VALUES('link_${id}_${REMOTE_ADDR}')"))
db_query("UPDATE link SET rating_count = rating_count + 1, "
."rating_total = rating_total + $rating WHERE id = $id");
}
header("Location: $PHP_SELF?V$id$options");
break;
case 'S' : // Show home or download page...
$result = db_query("SELECT * FROM link WHERE id = $id");
if (db_count($result) != 1)
{
db_free($result);
header("Location: $PHP_SELF?L$options");
exit();
}
$row = db_next($result);
if ($type == 'H' && $row["homepage_url"] != "")
{
db_query("UPDATE link SET homepage_visits = homepage_visits + 1 "
."WHERE id = $id");
header("Location: $row[homepage_url]");
}
else if ($type == 'D' && $row["download_url"] != "")
{
db_query("UPDATE link SET download_visits = download_visits + 1 "
."WHERE id = $id");
header("Location: $row[download_url]");
}
else
header("Location: $PHP_SELF?V$id$options");
db_free($result);
break;
}
db_close();
//
// End of "$Id: links.php,v 1.2 2004/05/20 15:45:55 mike Exp $".
//
?>