Rev Author Line No. Line
130 kaklik 1 <?php
2 /***************************************************************************
3 * admin_words.php
4 * -------------------
5 * begin : Thursday, Jul 12, 2001
6 * copyright : (C) 2001 The phpBB Group
7 * email : support@phpbb.com
8 *
9 * $Id: admin_words.php,v 1.10.2.6 2006/04/13 09:56:48 grahamje Exp $
10 *
11 *
12 ***************************************************************************/
13  
14 /***************************************************************************
15 *
16 * This program is free software; you can redistribute it and/or modify
17 * it under the terms of the GNU General Public License as published by
18 * the Free Software Foundation; either version 2 of the License, or
19 * (at your option) any later version.
20 *
21 ***************************************************************************/
22  
23 if( !empty($setmodules) )
24 {
25 $file = basename(__FILE__);
26 $module['General']['Word_Censor'] = $file;
27 return;
28 }
29  
30 define('IN_PHPBB', 1);
31  
32 //
33 // Load default header
34 //
35 $phpbb_root_path = "./../";
36 require($phpbb_root_path . 'extension.inc');
37  
38 $cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;
39 $no_page_header = $cancel;
40  
41 require('./pagestart.' . $phpEx);
42  
43 if ($cancel)
44 {
45 redirect('admin/' . append_sid("admin_words.$phpEx", true));
46 }
47  
48 if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
49 {
50 $mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
51 $mode = htmlspecialchars($mode);
52 }
53 else
54 {
55 //
56 // These could be entered via a form button
57 //
58 if( isset($HTTP_POST_VARS['add']) )
59 {
60 $mode = "add";
61 }
62 else if( isset($HTTP_POST_VARS['save']) )
63 {
64 $mode = "save";
65 }
66 else
67 {
68 $mode = "";
69 }
70 }
71  
72 // Restrict mode input to valid options
73 $mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
74  
75 if( $mode != "" )
76 {
77 if( $mode == "edit" || $mode == "add" )
78 {
79 $word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
80  
81 $template->set_filenames(array(
82 "body" => "admin/words_edit_body.tpl")
83 );
84  
85 $word_info = array('word' => '', 'replacement' => '');
86 $s_hidden_fields = '';
87  
88 if( $mode == "edit" )
89 {
90 if( $word_id )
91 {
92 $sql = "SELECT *
93 FROM " . WORDS_TABLE . "
94 WHERE word_id = $word_id";
95 if(!$result = $db->sql_query($sql))
96 {
97 message_die(GENERAL_ERROR, "Could not query words table", "Error", __LINE__, __FILE__, $sql);
98 }
99  
100 $word_info = $db->sql_fetchrow($result);
101 $s_hidden_fields .= '<input type="hidden" name="id" value="' . $word_id . '" />';
102 }
103 else
104 {
105 message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
106 }
107 }
108  
109 $template->assign_vars(array(
110 "WORD" => $word_info['word'],
111 "REPLACEMENT" => $word_info['replacement'],
112  
113 "L_WORDS_TITLE" => $lang['Words_title'],
114 "L_WORDS_TEXT" => $lang['Words_explain'],
115 "L_WORD_CENSOR" => $lang['Edit_word_censor'],
116 "L_WORD" => $lang['Word'],
117 "L_REPLACEMENT" => $lang['Replacement'],
118 "L_SUBMIT" => $lang['Submit'],
119  
120 "S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),
121 "S_HIDDEN_FIELDS" => $s_hidden_fields)
122 );
123  
124 $template->pparse("body");
125  
126 include('./page_footer_admin.'.$phpEx);
127 }
128 else if( $mode == "save" )
129 {
130 $word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
131 $word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";
132 $replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";
133  
134 if($word == "" || $replacement == "")
135 {
136 message_die(GENERAL_MESSAGE, $lang['Must_enter_word']);
137 }
138  
139 if( $word_id )
140 {
141 $sql = "UPDATE " . WORDS_TABLE . "
142 SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "'
143 WHERE word_id = $word_id";
144 $message = $lang['Word_updated'];
145 }
146 else
147 {
148 $sql = "INSERT INTO " . WORDS_TABLE . " (word, replacement)
149 VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";
150 $message = $lang['Word_added'];
151 }
152  
153 if(!$result = $db->sql_query($sql))
154 {
155 message_die(GENERAL_ERROR, "Could not insert data into words table", $lang['Error'], __LINE__, __FILE__, $sql);
156 }
157  
158 $message .= "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
159  
160 message_die(GENERAL_MESSAGE, $message);
161 }
162 else if( $mode == "delete" )
163 {
164 if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
165 {
166 $word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];
167 $word_id = intval($word_id);
168 }
169 else
170 {
171 $word_id = 0;
172 }
173  
174 $confirm = isset($HTTP_POST_VARS['confirm']);
175  
176 if( $word_id && $confirm )
177 {
178 $sql = "DELETE FROM " . WORDS_TABLE . "
179 WHERE word_id = $word_id";
180  
181 if(!$result = $db->sql_query($sql))
182 {
183 message_die(GENERAL_ERROR, "Could not remove data from words table", $lang['Error'], __LINE__, __FILE__, $sql);
184 }
185  
186 $message = $lang['Word_removed'] . "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
187  
188 message_die(GENERAL_MESSAGE, $message);
189 }
190 elseif( $word_id && !$confirm)
191 {
192 // Present the confirmation screen to the user
193 $template->set_filenames(array(
194 'body' => 'admin/confirm_body.tpl')
195 );
196  
197 $hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />';
198  
199 $template->assign_vars(array(
200 'MESSAGE_TITLE' => $lang['Confirm'],
201 'MESSAGE_TEXT' => $lang['Confirm_delete_word'],
202  
203 'L_YES' => $lang['Yes'],
204 'L_NO' => $lang['No'],
205  
206 'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"),
207 'S_HIDDEN_FIELDS' => $hidden_fields)
208 );
209 }
210 else
211 {
212 message_die(GENERAL_MESSAGE, $lang['No_word_selected']);
213 }
214 }
215 }
216 else
217 {
218 $template->set_filenames(array(
219 "body" => "admin/words_list_body.tpl")
220 );
221  
222 $sql = "SELECT *
223 FROM " . WORDS_TABLE . "
224 ORDER BY word";
225 if( !$result = $db->sql_query($sql) )
226 {
227 message_die(GENERAL_ERROR, "Could not query words table", $lang['Error'], __LINE__, __FILE__, $sql);
228 }
229  
230 $word_rows = $db->sql_fetchrowset($result);
231 $db->sql_freeresult($result);
232 $word_count = count($word_rows);
233  
234 $template->assign_vars(array(
235 "L_WORDS_TITLE" => $lang['Words_title'],
236 "L_WORDS_TEXT" => $lang['Words_explain'],
237 "L_WORD" => $lang['Word'],
238 "L_REPLACEMENT" => $lang['Replacement'],
239 "L_EDIT" => $lang['Edit'],
240 "L_DELETE" => $lang['Delete'],
241 "L_ADD_WORD" => $lang['Add_new_word'],
242 "L_ACTION" => $lang['Action'],
243  
244 "S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),
245 "S_HIDDEN_FIELDS" => '')
246 );
247  
248 for($i = 0; $i < $word_count; $i++)
249 {
250 $word = $word_rows[$i]['word'];
251 $replacement = $word_rows[$i]['replacement'];
252 $word_id = $word_rows[$i]['word_id'];
253  
254 $row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
255 $row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
256  
257 $template->assign_block_vars("words", array(
258 "ROW_COLOR" => "#" . $row_color,
259 "ROW_CLASS" => $row_class,
260 "WORD" => $word,
261 "REPLACEMENT" => $replacement,
262  
263 "U_WORD_EDIT" => append_sid("admin_words.$phpEx?mode=edit&amp;id=$word_id"),
264 "U_WORD_DELETE" => append_sid("admin_words.$phpEx?mode=delete&amp;id=$word_id"))
265 );
266 }
267 }
268  
269 $template->pparse("body");
270  
271 include('./page_footer_admin.'.$phpEx);
272  
273 ?>