*
* *
* This script displays the contents for the 'General Administration' page. *
* Don't forget the 12 space indent for all content pages. *
* *
* Last modified : September 13th, 2002 (JJS) *
\******************************************************************************/
/* As always, don't let them access the file directly */
$file_name = "general_admin.php";
/* Get the negative length of $file_name */
$file_name_length = -(strlen($file_name));
/* Check if the values match, if so, redirect */
if (substr($_SERVER['SCRIPT_NAME'], $file_name_length) == $file_name)
header("Location: ../index.php");
/* Grab the veriables held by superglobals */
$board_name = GetVars("board_name");
$title_image = GetVars("title_image");
$action = GetVars("action");
/* Parse any user input */
CheckVars(&$step, 1);
CheckVars(&$board_name, 64);
CheckVars(&$title_image, 128);
/* Make sure someone isn't trying to feed the step number via the querystring */
if ( $step == "" || ( $step != 1 && $step != 2 && $step != 3 && $step != 4 ) )
$step = 1;
/* Make sure the user isn't feeding information via the query string, thwart all attempts!! */
if ( ( ( $board_name == "" || $title_image == "" ) && ( $step == 3 || $step == 4 ) ) ||
( ( $step == 1 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 2 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 3 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 4 && $QUERY_STRING != "pid=general_admin" ) ) ||
( ( $step != 1 && $step != 2 ) &&
( strlen(trim($board_name)) == 0 || strlen(trim($title_image)) == 0 ) ) )
{
/* Give them an error if they are */
echo "
Malformed request detected!
\n";
$step = 1;
}
/* Determine which step to use */
if ($action == "Edit Properties")
$step = 2;
else if ($action == "Preview Properties")
$step = 3;
else if ($action == "Submit Properties")
$step = 4;
/* Strip out all escape characters */
if ( $step == 3 || $step == 4 )
$board_name = stripslashes(strip_tags($board_name));
/* Display the desired step */
switch ($step)
{
/* Show the forum list */
default:
case 1:
ShowProperties();
break;
/* Show edit form */
case 2:
ShowPropertyForm( $board_name, $title_image );
break;
/* Show preview */
case 3:
echo " \n";
break;
/* Add the new forum to the database */
case 4:
/* Check if the page was POSTed */
if ( $REQUEST_METHOD == "POST" )
{
/* Set the error to zero */
$no_err = 0;
/* Delete the existing properties */
$SQL = "DELETE FROM " . TABLE_PREFIX . "properties;";
$results = ExeSQL($SQL);
/* Add the new ones in */
$SQL = "INSERT INTO " . TABLE_PREFIX . "properties (board_name, title_image) VALUES ('$board_name', '$title_image');";
$results = ExeSQL($SQL);
/* Let the user know what's up, then show the properties */
echo "
The properties have successfully been modified!
\n";
ShowProperties();
return;
}
else
ShowMessageForm( $message_name, $message_body, $message_id );
break;
}
/*
* Show the existing properties and values
*/
function
ShowProperties()
{
/* Spit out the top part of the HTML */
echo " \n";
}
/*
* Show the form to edit the properties
*/
function
ShowPropertyForm( $board_name, $title_image )
{
/* What are you waiting for, show it already! */
echo " \n";
}
?>