<?php/**************************************************************************** admin_words.php* -------------------* begin : Thursday, Jul 12, 2001* copyright : (C) 2001 The phpBB Group* email : support@phpbb.com** $Id: admin_words.php,v 1.10.2.6 2006/04/13 09:56:48 grahamje Exp $*****************************************************************************//***************************************************************************** This program is free software; you can redistribute it and/or modify* it under the terms of the GNU General Public License as published by* the Free Software Foundation; either version 2 of the License, or* (at your option) any later version.****************************************************************************/if( !empty($setmodules) ){$file = basename(__FILE__);$module['General']['Word_Censor'] = $file;return;}define('IN_PHPBB', 1);//// Load default header//$phpbb_root_path = "./../";require($phpbb_root_path . 'extension.inc');$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? true : false;$no_page_header = $cancel;require('./pagestart.' . $phpEx);if ($cancel){redirect('admin/' . append_sid("admin_words.$phpEx", true));}if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) ){$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];$mode = htmlspecialchars($mode);}else{//// These could be entered via a form button//if( isset($HTTP_POST_VARS['add']) ){$mode = "add";}else if( isset($HTTP_POST_VARS['save']) ){$mode = "save";}else{$mode = "";}}// Restrict mode input to valid options$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';if( $mode != "" ){if( $mode == "edit" || $mode == "add" ){$word_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;$template->set_filenames(array("body" => "admin/words_edit_body.tpl"));$word_info = array('word' => '', 'replacement' => '');$s_hidden_fields = '';if( $mode == "edit" ){if( $word_id ){$sql = "SELECT *FROM " . WORDS_TABLE . "WHERE word_id = $word_id";if(!$result = $db->sql_query($sql)){message_die(GENERAL_ERROR, "Could not query words table", "Error", __LINE__, __FILE__, $sql);}$word_info = $db->sql_fetchrow($result);$s_hidden_fields .= '<input type="hidden" name="id" value="' . $word_id . '" />';}else{message_die(GENERAL_MESSAGE, $lang['No_word_selected']);}}$template->assign_vars(array("WORD" => $word_info['word'],"REPLACEMENT" => $word_info['replacement'],"L_WORDS_TITLE" => $lang['Words_title'],"L_WORDS_TEXT" => $lang['Words_explain'],"L_WORD_CENSOR" => $lang['Edit_word_censor'],"L_WORD" => $lang['Word'],"L_REPLACEMENT" => $lang['Replacement'],"L_SUBMIT" => $lang['Submit'],"S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),"S_HIDDEN_FIELDS" => $s_hidden_fields));$template->pparse("body");include('./page_footer_admin.'.$phpEx);}else if( $mode == "save" ){$word_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;$word = ( isset($HTTP_POST_VARS['word']) ) ? trim($HTTP_POST_VARS['word']) : "";$replacement = ( isset($HTTP_POST_VARS['replacement']) ) ? trim($HTTP_POST_VARS['replacement']) : "";if($word == "" || $replacement == ""){message_die(GENERAL_MESSAGE, $lang['Must_enter_word']);}if( $word_id ){$sql = "UPDATE " . WORDS_TABLE . "SET word = '" . str_replace("\'", "''", $word) . "', replacement = '" . str_replace("\'", "''", $replacement) . "'WHERE word_id = $word_id";$message = $lang['Word_updated'];}else{$sql = "INSERT INTO " . WORDS_TABLE . " (word, replacement)VALUES ('" . str_replace("\'", "''", $word) . "', '" . str_replace("\'", "''", $replacement) . "')";$message = $lang['Word_added'];}if(!$result = $db->sql_query($sql)){message_die(GENERAL_ERROR, "Could not insert data into words table", $lang['Error'], __LINE__, __FILE__, $sql);}$message .= "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");message_die(GENERAL_MESSAGE, $message);}else if( $mode == "delete" ){if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) ){$word_id = ( isset($HTTP_POST_VARS['id']) ) ? $HTTP_POST_VARS['id'] : $HTTP_GET_VARS['id'];$word_id = intval($word_id);}else{$word_id = 0;}$confirm = isset($HTTP_POST_VARS['confirm']);if( $word_id && $confirm ){$sql = "DELETE FROM " . WORDS_TABLE . "WHERE word_id = $word_id";if(!$result = $db->sql_query($sql)){message_die(GENERAL_ERROR, "Could not remove data from words table", $lang['Error'], __LINE__, __FILE__, $sql);}$message = $lang['Word_removed'] . "<br /><br />" . sprintf($lang['Click_return_wordadmin'], "<a href=\"" . append_sid("admin_words.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");message_die(GENERAL_MESSAGE, $message);}elseif( $word_id && !$confirm){// Present the confirmation screen to the user$template->set_filenames(array('body' => 'admin/confirm_body.tpl'));$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $word_id . '" />';$template->assign_vars(array('MESSAGE_TITLE' => $lang['Confirm'],'MESSAGE_TEXT' => $lang['Confirm_delete_word'],'L_YES' => $lang['Yes'],'L_NO' => $lang['No'],'S_CONFIRM_ACTION' => append_sid("admin_words.$phpEx"),'S_HIDDEN_FIELDS' => $hidden_fields));}else{message_die(GENERAL_MESSAGE, $lang['No_word_selected']);}}}else{$template->set_filenames(array("body" => "admin/words_list_body.tpl"));$sql = "SELECT *FROM " . WORDS_TABLE . "ORDER BY word";if( !$result = $db->sql_query($sql) ){message_die(GENERAL_ERROR, "Could not query words table", $lang['Error'], __LINE__, __FILE__, $sql);}$word_rows = $db->sql_fetchrowset($result);$db->sql_freeresult($result);$word_count = count($word_rows);$template->assign_vars(array("L_WORDS_TITLE" => $lang['Words_title'],"L_WORDS_TEXT" => $lang['Words_explain'],"L_WORD" => $lang['Word'],"L_REPLACEMENT" => $lang['Replacement'],"L_EDIT" => $lang['Edit'],"L_DELETE" => $lang['Delete'],"L_ADD_WORD" => $lang['Add_new_word'],"L_ACTION" => $lang['Action'],"S_WORDS_ACTION" => append_sid("admin_words.$phpEx"),"S_HIDDEN_FIELDS" => ''));for($i = 0; $i < $word_count; $i++){$word = $word_rows[$i]['word'];$replacement = $word_rows[$i]['replacement'];$word_id = $word_rows[$i]['word_id'];$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];$template->assign_block_vars("words", array("ROW_COLOR" => "#" . $row_color,"ROW_CLASS" => $row_class,"WORD" => $word,"REPLACEMENT" => $replacement,"U_WORD_EDIT" => append_sid("admin_words.$phpEx?mode=edit&id=$word_id"),"U_WORD_DELETE" => append_sid("admin_words.$phpEx?mode=delete&id=$word_id")));}}$template->pparse("body");include('./page_footer_admin.'.$phpEx);?>