*
* *
* This script displays the contents for the 'Scheme Administration' page. *
* Don't forget the 12 space indent for all content pages. *
* *
* Last modified : September 24th, 2002 (JJS) *
\******************************************************************************/
/* Redirect possible hack attempts */
$file_name = "scheme_admin.php";
/* Get the negative length of $file_name */
$file_name_length = -(strlen($file_name));
/* Check if the values match, if so, redirect */
if (substr($_SERVER['SCRIPT_NAME'], $file_name_length) == $file_name)
header("Location: ../index.php");
/* Grab the variables held by superglobals */
$old_name = GetVars("old_name");
$scheme_id = GetVars("scheme_id");
$scheme_name = GetVars("scheme_name");
$scheme_desc = GetVars("scheme_desc");
$background_color = GetVars("background_color");
$table_border_size = GetVars("table_border_size");
$table_border_color = GetVars("table_border_color");
$table_header_background = GetVars("table_header_background");
$table_header_text_color = GetVars("table_header_text_color");
$text_color = GetVars("text_color");
$text_font = GetVars("text_font");
$text_regular = GetVars("text_regular");
$text_small = GetVars("text_small");
$table_color_1 = GetVars("table_color_1");
$table_color_2 = GetVars("table_color_2");
$link_color = GetVars("link_color");
$error_message = GetVars("error_message");
$header_background = GetVars("header_background");
$menu_background = GetVars("menu_background");
$active_scheme = GetVars("active_scheme");
$forum_exists = GetVars("forum_exists");
$action = GetVars("action");
$step = GetVars("step");
$type = GetVars("type");
/* Parse any user input */
CheckVars(&$step, 1);
CheckVars(&$old_name, 64);
CheckVars(&$scheme_id, 10);
CheckVars(&$scheme_name, 64);
CheckVars(&$scheme_desc, 255);
CheckVars(&$background_color, 7);
CheckVars(&$table_border_size, 2);
CheckVars(&$table_border_color, 7);
CheckVars(&$table_header_background, 7);
CheckVars(&$table_header_text_color, 7);
CheckVars(&$text_color, 7);
CheckVars(&$text_font, 64);
CheckVars(&$text_regular, 2);
CheckVars(&$text_small, 2);
CheckVars(&$table_color_1, 7);
CheckVars(&$table_color_2, 7);
CheckVars(&$link_color, 7);
CheckVars(&$error_message, 7);
CheckVars(&$header_background, 7);
CheckVars(&$menu_background, 7);
CheckVars(&$active_scheme, 2);
/* Check that the user isn't trying to mess with the $step variable */
if ( $step == "" || ( $step != 1 && $step != 2 && $step != 3 && $step != 4 && $step != 5 && $step != 6 ) )
$step = 1;
/* Make sure the user isn't feeding information via the query string, thwart all attempts!! */
if ( ( ( $scheme_name == "" ) && ( $step == 3 || $step == 4 ) ) ||
( ( $step == 1 && $QUERY_STRING != "pid=scheme_admin" ) ||
( $step == 2 && $QUERY_STRING != "pid=scheme_admin&step=2" ) ||
( $step == 3 && $QUERY_STRING != "pid=scheme_admin" ) ||
( $step == 4 && $QUERY_STRING != "pid=scheme_admin" ) ||
( $step == 5 && $QUERY_STRING != "pid=scheme_admin" ) ||
( $step == 6 && $QUERY_STRING != "pid=scheme_admin" ) ) ||
( ( $step != 1 && $step != 2 ) && ( strlen(trim($forum_name)) == 0 || strlen(trim($forum_desc)) == 0 ) ) )
{
echo "
Malformed request detected!
\n";
$step = 1;
}
/* Determine which step to use */
if ($action == "Edit Scheme")
$step = 2;
else if ($action == "Edit")
{
$step = 2;
$type = "existing";
}
else if ($action == "Preview Information")
$step = 3;
else if ($action == "Submit Scheme")
$step = 4;
else if ($action == "Delete")
$step = 6;
/* If the user is submitting an existing forum for editting, then go to step 5 */
if ( $step == 4 && $type != "" )
$step = 5;
/* Strip out all escape characters */
/*
I'll unREM this eventually
if ($step == 2)
{
$forum_name = stripslashes(strip_tags($forum_name));
$forum_desc = stripslashes(strip_tags($forum_desc));
$old_name = stripslashes(strip_tags($old_name));
}
if ($step == 3)
{
$forum_name = stripslashes(strip_tags($forum_name));
$forum_desc = stripslashes(strip_tags($forum_desc));
$old_name = stripslashes(strip_tags($old_name));
}
*/
/* What to do, oh what to do ... */
switch ($step)
{
/* Show the forum list */
default:
case 1:
ShowSchemes();
break;
/* Display the new forum page */
case 2:
ShowSchemeForm( $scheme_id, $scheme_name, $scheme_desc, $background_color, $table_border_size, $table_border_color, $table_header_background, $table_header_text_color, $text_color, $text_font, $text_regular, $text_small, $table_color_1, $table_color_2, $link_color, $error_message, $header_background, $menu_background, $active_scheme, $type );
break;
/* Show preview */
case 3:
echo " \n";
break;
/* Add the new scheme to the database */
case 4:
/* Make sure it was POSTed */
if ( $REQUEST_METHOD == "POST" )
{
/* No errors... yet */
$no_err = 0;
/* Pull the number of schemes with the same name */
$SQL = "SELECT COUNT(*) as scheme_exists FROM " . TABLE_PREFIX . "schemes WHERE scheme_name='$scheme_name';";
$results = ExeSQL($SQL);
/* Grab the data, and analyze it */
while ($row = mysql_fetch_array($results))
{
/* If the forum already exists ... */
if ($row["scheme_exists"] != 0)
{
/* Let the user know */
echo "
A forum by that name already exists!
\n";
$no_err++;
}
}
/* If there were no errors, then keep going */
if ($no_err == 0)
{
/* Add the new scheme to the database */
$SQL = "INSERT INTO " . TABLE_PREFIX . "schemes (scheme_name, scheme_desc, background_color, table_border_color, table_border_size, header_background, menu_background, text_color, text_font, text_small, text_regular, link_color, table_header_background, table_header_text_color, table_color_1, table_color_2, error_message, active_scheme) VALUES ('$scheme_name', '$scheme_desc', '$background_color', '$table_border_color', '$table_border_size', '$header_background', '$menu_background', '$text_color', '$text_font', '$text_small', '$text_regular', '$link_color', '$table_header_background', '$table_header_text_color', '$table_color_1', '$table_color_2', '$error_message', '$active_scheme');";
$results = ExeSQL($SQL);
/* If this is supposed to be the active scheme ... */
if ($active_scheme == 1)
{
/* Set all the other schemes to inactive */
$SQL = "UPDATE " . TABLE_PREFIX . "schemes SET active_scheme='0' WHERE scheme_name!='$scheme_name';";
$results = ExeSQL($SQL);
}
/* Let the user know it went off w/o a hitch */
echo "
\n";
ShowSchemes();
return;
}
else
{
/* If there was a problem, then display the form again */
ShowSchemeForm( $scheme_id, $scheme_name, $scheme_desc, $background_color, $table_border_size, $table_border_color, $table_header_background, $table_header_text_color, $text_color, $text_font, $text_regular, $text_small, $table_color_1, $table_color_2, $link_color, $error_message, $header_background, $menu_background, $active_scheme, $type );
}
}
else
{
/* Same deal */
echo "
Malformed request detected!
\n";
ShowSchemeForm( $scheme_id, $scheme_name, $scheme_desc, $background_color, $table_border_size, $table_border_color, $table_header_background, $table_header_text_color, $text_color, $text_font, $text_regular, $text_small, $table_color_1, $table_color_2, $link_color, $error_message, $header_background, $menu_background, $active_scheme, $type );
}
break;
/* Update an existing scheme */
case 5:
/* Make sure the form is POSTed */
if ( $REQUEST_METHOD == "POST" )
{
/* No errors */
$no_err = 0;
/* If the old and new names don't match */
if ($scheme_name != $old_name)
{
/* Pull the number of schemes with the same name */
$SQL = "SELECT COUNT(*) as scheme_exists FROM " . TABLE_PREFIX . "schemes WHERE scheme_name='$scheme_name';";
$results = ExeSQL($SQL);
/* Grab the data, parse the results */
while ($row = mysql_fetch_array($results))
{
/* If the scheme name exists, then error out */
if ($row["scheme_exists"] != 0)
{
echo "
A scheme by that name already exists!
\n";
$no_err++;
}
}
}
/* If there were no errors ... */
if ($no_err == 0)
{
/* Update the scheme in the database */
$SQL = "UPDATE " . TABLE_PREFIX . "schemes SET scheme_name='$scheme_name', scheme_desc='$scheme_desc', background_color='$background_color', table_border_color='$table_border_color', table_border_size='$table_border_size', header_background='$header_background', menu_background='$menu_background', text_color='$text_color', text_font='$text_font', text_small='$text_small', text_regular='$text_regular', link_color='$link_color', table_header_background='$table_header_background', table_header_text_color='$table_header_text_color', table_color_1='$table_color_1', table_color_2='$table_color_2', error_message='$error_message', active_scheme='$active_scheme' WHERE scheme_id='$scheme_id';";
$results = ExeSQL($SQL);
/* If this is supposed to be the active scheme */
if ($active_scheme == 1)
{
/* Then set the other schemes to inactive */
$SQL = "UPDATE " . TABLE_PREFIX . "schemes SET active_scheme='0' WHERE scheme_id!='$scheme_id';";
$results = ExeSQL($SQL);
}
/* Count how many active schemes there are */
$SQL = "SELECT COUNT(*) AS any_active FROM " . TABLE_PREFIX . "schemes WHERE active_scheme='1';";
$results = ExeSQL($SQL);
/* Grab the data and load it in a variable */
while ($row = mysql_fetch_array($results))
$any_active = $row["any_active"];
/* If there are no active schemes */
if ($any_active == 0)
{
/* Set the oldest scheme as active */
$SQL = "UPDATE " . TABLE_PREFIX . "schemes SET active_scheme='1' LIMIT 1;";
$results = ExeSQL($SQL);
}
/* Let the user know everything went well */
echo "
\n";
ShowSchemeForm( $scheme_id, $scheme_name, $scheme_desc, $background_color, $table_border_size, $table_border_color, $table_header_background, $table_header_text_color, $text_color, $text_font, $text_regular, $text_small, $table_color_1, $table_color_2, $link_color, $error_message, $header_background, $menu_background, $active_scheme, $type );
}
break;
/* Delete the selected scheme */
case 6:
/* Delete the scheme */
$SQL = "DELETE FROM " . TABLE_PREFIX . "schemes WHERE scheme_id='$scheme_id';";
$results = ExeSQL($SQL);
/* Check for active schemes */
$SQL = "SELECT COUNT(*) AS any_active FROM " . TABLE_PREFIX . "schemes WHERE active_scheme='1';";
$results = ExeSQL($SQL);
/* Grab the data, and load it in a variable */
while ($row = mysql_fetch_array($results))
$any_active = $row["any_active"];
/* If there are no active schemes ... */
if ($any_active == 0)
{
/* Set the oldest scheme as active */
$SQL = "UPDATE " . TABLE_PREFIX . "schemes SET active_scheme='1' WHERE scheme_name='default';";
$results = ExeSQL($SQL);
}
/* Let the user know what's up */
echo "
\n";
ShowSchemes();
return;
break;
}
/*
* Show the schemes that are currently in the database
*/
function
ShowSchemes()
{
/* Stop your yappin' and start showing the schemes */
echo "
\n";
/* Set the active color */
$the_color = TABLE_COLOR_2;
/* Pull the schemes */
$SQL = "SELECT * FROM " . TABLE_PREFIX . "schemes ORDER BY scheme_id;";
$results = ExeSQL($SQL);
/* Grab the data, parse the results */
while ($row = mysql_fetch_array($results))
{
/* Load up all the variables */
$scheme_id = $row["scheme_id"];
$scheme_name = $row["scheme_name"];
$scheme_desc = $row["scheme_desc"];
$background_color = $row["background_color"];
$table_border_size = $row["table_border_size"];
$table_border_color = $row["table_border_color"];
$table_header_background = $row["table_header_background"];
$table_header_text_color = $row["table_header_text_color"];
$text_color = $row["text_color"];
$text_font = $row["text_font"];
$text_regular = $row["text_regular"];
$text_small = $row["text_small"];
$table_color_1 = $row["table_color_1"];
$table_color_2 = $row["table_color_2"];
$link_color = $row["link_color"];
$error_message = $row["error_message"];
$header_background = $row["header_background"];
$menu_background = $row["menu_background"];
$active_scheme = $row["active_scheme"];
/* Swap the colors */
if ($the_color == TABLE_COLOR_2)
$the_color = TABLE_COLOR_1;
else
$the_color = TABLE_COLOR_2;
/* Keep showing the data */
echo "
\n"
. "
\n"
. "
\n"
. "
\n"
. "
\n"
. " ";
/* If the current scheme is active, then bold the name */
if ($active_scheme != 1)
echo "$scheme_name";
else
echo "$scheme_name";
/* Finish displaying */
echo " \n"
. " $scheme_desc \n"
. "
\n";
/*
I couldn't get this shit to look right, so it's been replaced... I think this code might get resurrected someday, hence why it's still here!!
echo "