6 files changed, 261 insertions, 17 deletions

diff --git a/admin/admins/functions.php b/admin/admins/functions.php
index 495dfdd..0cc6513 100644
--- a/admin/admins/functions.php
+++ b/admin/admins/functions.php
@@ -40,6 +40,10 @@
  function NewAdmin()

  {

  	 $maxLevel = $_SESSION['level'];

+ 	 

+ 	 if(isset($_POST['processed'])){

+ 	 	 	 

+ 	 }

 ?> 	 

 <div style="text-align:right"><img src="images/cancel.png" />Cancel</div>

 <center>

diff --git a/admin/admins/index.php b/admin/admins/index.php
index b000111..1223d3a 100644
--- a/admin/admins/index.php
+++ b/admin/admins/index.php
@@ -25,29 +25,30 @@ if(!defined("ADMIN_FILE"))
 }

 

 include $basedir.'admins/functions.php';

+?>

 

-if(isset($_GET['edit']))

-{

+<table class="panel" width="100%" cellspacing="0">

+	<tr>

+	<td class="panel-none">

+		<table align="center" width="200px">

+			<tr><th><?php echo LinkInternal('<img src="images/add.png" />Add New Admin','?op=admins&create=true'); ?></th></tr>

+		</table>

+		<?php ListAdmins(); ?>

+	</td>

+	<td class="panel-box">

+<?php

+if(isset($_GET['edit'])){

   $user_id = $_GET['edit'];

   EditAdmin($user_id);

-  return;

 }

-

-if(isset($_GET['delete']))

-{

+else if(isset($_GET['delete'])){

   $user_id = $_GET['delete'];

   DeleteAdmin($user_id);

-  return;

 }

-

-if(isset($_GET['create']))

-{

+else if(isset($_GET['create'])){

   NewAdmin();

-  return;

 }

-

-echo "<table align=\"center\" width=\"200px\"><tr><th>".LinkInternal('<img src="images/add.png" />Add New Admin','?op=admins&create=true')."</th></tr></table>";

-

-ListAdmins();

-

-?>
\ No newline at end of file
+?>

+	</td>

+	</tr>

+</table>

diff --git a/admin/blocks/functions.php b/admin/blocks/functions.php
index 2ef951c..ad7daa0 100644
--- a/admin/blocks/functions.php
+++ b/admin/blocks/functions.php
@@ -102,6 +102,7 @@ function EditBlock($block_id)
     $dir_name = addslashes($_POST['dir_name']);
     $position = (int) addslashes($_POST['position']);
     $active = addslashes($_POST['active']);
+    $title = addslashes($_POST['title']);
     
     if(!is_int($weight) || empty($dir_name) || empty($title) || !is_int($position))
     {
diff --git a/admin/index.php b/admin/index.php
index 06f68d9..feed2ca 100644
--- a/admin/index.php
+++ b/admin/index.php
@@ -93,6 +93,7 @@ include 'header.php';
         $th = array('Module Administration','');
         $td = array(
           LinkInternal('<img src="images/editpage.png" /><br />Pages','?op=pages'),
+          LinkInternal('<img src="images/image.png" /><br />News Reel','?op=newsreel'),
           LinkInternal('<img src="images/news.png" /><br />News','?op=news'),
           LinkInternal('<img src="images/calendar.png" /><br />Calendar','?op=calendar'),
           LinkInternal('<img src="images/box_download.png" /><br />Downloads', '?op=downloads'),
diff --git a/admin/modules/functions.php b/admin/modules/functions.php
index e69de29..619efc7 100644
--- a/admin/modules/functions.php
+++ b/admin/modules/functions.php
@@ -0,0 +1,178 @@
+<?php

+/**

+ * Bayonet Content Management System

+ * Copyright (C) 2008  Joseph Hunkeler

+ *

+ * This program is free software: you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation, either version 3 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.

+ */ 

+

+function ListModules()

+{

+  global $db;

+  $result = $db->Query("SELECT * FROM `bayonet_blocks` ORDER BY `active` DESC, `weight` ASC, `position`");

+  while(($rows = $db->fetch($result))!=false)

+  {

+    $blocks[] = $rows;

+  }

+  

+  echo "<table align=\"center\"><tr><th colspan=\"3\">Existing Blocks</th></tr>";

+  foreach($blocks as $block)

+  {

+    echo "<tr><td>{$block['weight']} : {$block['dir_name']}</td><td><a href=\"?load=admin&op=blocks&edit={$block['block_id']}\">Edit</a></td><td><a href=\"?load=admin&op=blocks&delete={$block['block_id']}\">Delete</a></td></tr>";

+  }

+  echo "</table>";

+}

+

+function NewModule()

+{

+  global $db;

+  if(isset($_POST['processed']))

+  {

+    //Secure our data to prevent injection attacks.

+    $weight = addslashes($_POST['weight']);

+    $dir_name = addslashes($_POST['dir_name']);

+    $position = addslashes($_POST['position']);

+    $active = addslashes($_POST['active']);

+    $title = addslashes($_POST['title']);

+    

+    if(!is_int($weight) || empty($dir_name) || empty($title) || !is_int($position))

+    {

+      echo "You must fill everything out before proceeding.";

+      return;

+    }

+    //Update the database with the new data.

+    $db->Query("INSERT INTO `bayonet_blocks` SET `weight` = '$weight', `dir_name` = '$dir_name', `title` = '$title', `position` = '$position', `active` = '$active'");

+    //die, because we have completed what we wanted to do.

+    echo "New block, '$dir_name', at position '$weight' added.\n";

+    return;

+  }

+    

+  ?>

+  <form action="<?php $_SERVER['PHP_SELF']?>" method="post">

+  <table align="center">

+  <tr><th>Title</th><td><input type="text" name="title" value="<?php echo $block['title'] ?>"></td></tr>

+  <tr><th>Weight</th><td><input type="text" name="weight" value="<?php echo $block['weight'] ?>"></td></tr>

+  <tr><th>Position</th><td><input type="text" name="position" value="<?php echo $block['position'] ?>"></td></tr>

+  <tr><th>Directory Name</th><td><input type="text" name="dir_name" value="<?php echo $block['dir_name'] ?>"></td>

+  <tr><th>Active</th><td>

+  <select name="active">

+    <option value="1">Yes</option>

+    <option value="0">No</option>

+  </select></td>

+  <tr><th colspan="2"><input type="submit" name="processed" value="Submit"></th></tr>

+  </table>

+  </form>

+  <?php

+}

+

+function GetActive($module_id, &$active)

+{ 

+  $options = array(1 => 'Yes',0 => 'No');

+  foreach($options as $option => $value)

+  {

+    $selected = NULL;

+    if($active == $option)

+    {

+      $selected = "selected";

+    }

+    echo "<option " . $selected . " value=\"". $option ."\">" . $value . "</option>\n";  

+  }

+  

+

+}

+

+function EditModule($module_id)

+{

+  global $db;

+  if(isset($_POST['processed']))

+  {

+    //Secure our data to prevent injection attacks.

+    $weight = (int) addslashes($_POST['weight']);

+    $dir_name = addslashes($_POST['dir_name']);

+    $position = (int) addslashes($_POST['position']);

+    $active = addslashes($_POST['active']);

+    $title = addslashes($_POST['title']);

+    

+    if(!is_int($weight) || empty($dir_name) || empty($title) || !is_int($position))

+    {

+      echo "You must fill everything out before proceeding.";

+      return;

+    }

+    

+    //Update the database with the new data.

+    $db->Query("UPDATE bayonet_blocks SET weight = '$weight', dir_name = '$dir_name', position = '$position', active = '$active' WHERE block_id = '$block_id'");

+    //$isActive = $active ? "IS" : "IS NOT";

+    echo "Block, '$dir_name', at position '$weight' has been edited.\n";

+    PageRedirect(3, "?op=blocks");

+    //die, because we have completed what we wanted to do.

+    return;

+  }

+  

+  //Grab the page from the database according to the $page_id passed to the function.

+  $result = $db->Query("SELECT weight,dir_name,position,active,title FROM bayonet_blocks WHERE block_id = '$block_id'");

+  while(($row = $db->Fetch($result))!=false)

+  {

+    //We only want one row, so we don't have to $block[]...  No foreach necessary.

+    $block = $row; 

+  }    

+

+  ?>

+  <form action="<?php $_SERVER['PHP_SELF']?>" method="post">

+  <table align="center">

+  <tr><th>Title</th><td><input type="text" name="title" value="<?php echo $block['title'] ?>" /></td></tr>

+  <tr><th>Weight</th><td><input type="text" name="weight" value="<?php echo $block['weight'] ?>" /></td></tr>

+  <tr><th>Position</th><td><input type="text" name="position" value="<?php echo $block['position'] ?>" /></td></tr>

+  <tr><th>Directory Name</th><td><input type="text" name="dir_name" value="<?php echo $block['dir_name'] ?>" /></td>

+  <tr><th>Active</th><td>

+    <select name="active">

+      <?php GetActive($block_id, $block['active']) ?>  

+    </select>

+  </td>

+  

+  <tr><th colspan="2"><input type="submit" name="processed" value="Submit"></th></tr>

+  </table>

+  </form>

+  <?php

+}

+

+function DeleteModule($module_id)

+{

+  global $db;

+  

+  $result = $db->Query("SELECT dir_name FROM bayonet_blocks WHERE block_id = '$block_id'");

+  $block = $db->Fetch($result);

+  

+  if(isset($_POST['proceed']))

+  {

+    echo "Block '{$block['dir_name']}', was deleted.";

+    $db->Query("DELETE FROM bayonet_blocks WHERE block_id = '$block_id' LIMIT 1");

+    return;

+  }

+  if(isset($_POST['cancel']))

+  {

+    echo "User cancelled deletion of page: '{$block['dir_name']}'";

+    return;

+  }

+  

+  ?>

+  <form action="<?php $_SERVER['PHP_SELF'] ?>" method="post">

+  <table align="center">

+  <th>Are you SURE you want to delete the block titled: '<?php echo $block['dir_name']?>'?</th>

+  <tr><th><button name="proceed">Yes</button>&nbsp;&nbsp;&nbsp;<button name="cancel">No</button></th></tr>

+  </table>

+  </form>

+  <?php  

+}

+

+?> 
\ No newline at end of file
diff --git a/admin/modules/index.php b/admin/modules/index.php
index e69de29..94e2814 100644
--- a/admin/modules/index.php
+++ b/admin/modules/index.php
@@ -0,0 +1,59 @@
+<?php

+/**

+ * Bayonet Content Management System

+ * Copyright (C) 2008  Joseph Hunkeler

+ *

+ * This program is free software: you can redistribute it and/or modify

+ * it under the terms of the GNU General Public License as published by

+ * the Free Software Foundation, either version 3 of the License, or

+ * (at your option) any later version.

+ *

+ * This program is distributed in the hope that it will be useful,

+ * but WITHOUT ANY WARRANTY; without even the implied warranty of

+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+ * GNU General Public License for more details.

+ *

+ * You should have received a copy of the GNU General Public License

+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.

+ */ 

+ 

+/**

+ * This file administers the site modules.

+ * 

+ * -weight

+ * -directory name

+ */

+

+if(!defined("ADMIN_FILE"))

+{

+  die("Access denied.");

+}

+

+echo "Do a database for the index modules, thats all this really is anyway.<br />";

+include $basedir.'modules/functions.php';

+

+if(isset($_GET['edit']))

+{

+  $module_id = $_GET['edit'];

+  EditModule($module_id);

+  return;

+}

+

+if(isset($_GET['delete']))

+{

+  $module_id = $_GET['delete'];

+  DeleteModule($module_id);

+  return;

+}

+

+if(isset($_GET['create']))

+{

+  NewModule();

+  return;

+}

+

+//echo "<table align=\"center\" width=\"200px\"><tr><th>".LinkInternal('Create a Module','?load=admin&op=modules&create=true')."</th></tr></table>";

+

+//ListModules();

+

+?> 
\ No newline at end of file