load('START,NEWS,POSTINGS'); if(!$wbbuserdata['can_news_sysaccess']) access_error(); /* copyright */ eval("\$footer = \"".$tpl->get("news_footer")."\";"); eval("\$footer .= \"".$tpl->get("footer")."\";"); /* END copyright */ /* read cats */ $news_cats_query = $db->query("SELECT nc.* FROM bb".$n."_news_cats nc"); $news_categories = ""; while($news_cats = $db->fetch_array($news_cats_query)){ $news_containing = $db->query_first("SELECT COUNT(n.newsid) FROM bb".$n."_news n WHERE n.catid='".$news_cats['catid']."'"); $news_cats['news_containing'] = $news_containing[0]; eval("\$news_categories .= \"".$tpl->get("news_categorie_bit")."\";"); } /* END read cats */ /* read news in cats */ if($_GET['catid'] && $_GET['action']=="viewcat"){ $news_incats_query = $db->query("SELECT * FROM bb".$n."_news WHERE catid='".$_GET['catid']."' ORDER BY creationdate DESC"); $news_posts = ""; while($news_incats = $db->fetch_array($news_incats_query)){ eval("\$news_posts .= \"".$tpl->get("news_post_bit")."\";"); } $catdata = $db->query_first("SELECT * FROM bb".$n."_news_cats WHERE catid='".$_GET['catid']."'"); if(!$catdata[catid]) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); eval("\$tpl->output(\"".$tpl->get("news_incat")."\");"); exit(); } /* END read news in cats */ /* read news */ if($_GET['newsid'] && $_GET['action']=="viewnews"){ if(!$wbbuserdata['can_news_access']) access_error(); require('./acp/lib/class_parse.php'); $parse = &new parse($docensor,75,$wbbuserdata['showimages'],$hilight,$usecode); $news = $db->query_first("SELECT n.*,nc.name,nc.catid,u.userid,u.username FROM bb".$n."_news n LEFT JOIN bb".$n."_news_cats nc ON n.catid=nc.catid LEFT JOIN bb".$n."_users u ON u.userid=n.author WHERE n.newsid='".$_GET['newsid']."'"); if(!$news[newsid]) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); $update_views = $db->query("UPDATE bb".$n."_news SET views = views+1 WHERE newsid='".$_GET['newsid']."'"); $news['views'] = $news['views']+1; $news['date'] = formatdate($wbbuserdata['dateformat'], $news['creationdate']); $news['time'] = formatdate($wbbuserdata['timeformat'], $news['creationdate']); $lang->items['LANG_NEWS_AUTHOR'] = $lang->get("LANG_NEWS_AUTHOR", array('$author' => $news['username'], '$authorid' => $news['userid'], '$date' => $news['date'], '$time' => $news['time'], '$title' => $news['title'], '$views' => $news['views'])); if($news['disablesmilies']==1) $news['smilies']=0; else $news['smilies']=1; if($news['disablehtml']==1) $news['html']=0; else $news['html']=1; if($news['disablebbcode']==1) $news['bbcode']=0; else $news['bbcode']=1; if($news['disableimages']==1) $news['images']=0; else $news['images']=1; $news[content] = $parse->doparse($news[content],$news['smilies'],$news['html'],$news['bbcode'],$news['images']); eval("\$tpl->output(\"".$tpl->get("news_post")."\");"); exit(); } /* END read news in cats */ /* Inserting new Categorie */ if($_GET['action']=="newcat" || $_POST['action']=="newcat"){ if(!$wbbuserdata['can_news_categorie_admin']) access_error(); if($_POST['send']=="send"){ if(!$_POST['catname'] || !$_POST['catdescr']) error($lang->items['LANG_NEWS_CAT_ADDED_REQUIREDFIELDS']); $_POST['catname'] = wbb_trim($_POST['catname']); $_POST['catdescr'] = wbb_trim($_POST['catdescr']); $add_cat = $db->query("INSERT INTO bb".$n."_news_cats SET catid='', name='".addslashes($_POST['catname'])."', descr='".addslashes($_POST['catdescr'])."'"); if($add_cat) redirect($lang->get("LANG_NEWS_CAT_ADDED", array('$catname' => $_POST[catname])), "news.php".$SID_ARG_1ST, 5); else error($lang->items['LANG_NEWS_CAT_ADDED_FAILURE']); } eval("\$tpl->output(\"".$tpl->get("news_newcat")."\");"); exit(); } /* END Inserting new Categorie */ /* Editing Categorie */ if(($_GET['action']=="editcat" && $_GET['catid']) || ($_POST['action']=="editcat" && $_POST['catid'])){ if(!$wbbuserdata['can_news_categorie_admin']) access_error(); if($_POST['send']=="send"){ if(!$_POST['catname'] || !$_POST['catdescr']) error($lang->items['LANG_NEWS_CAT_ADDED_REQUIREDFIELDS']); $_POST['catname'] = wbb_trim($_POST['catname']); $_POST['catdescr'] = wbb_trim($_POST['catdescr']); $add_cat = $db->query("UPDATE bb".$n."_news_cats SET name='".addslashes($_POST['catname'])."', descr='".addslashes($_POST['catdescr'])."' WHERE catid='".$_POST['catid']."'"); if($add_cat) redirect($lang->get("LANG_NEWS_CAT_EDITED", array('$catname' => $_POST[catname])), "news.php".$SID_ARG_1ST, 5); else error($lang->items['LANG_NEWS_CAT_EDITED_FAILURE']); } $catdata = $db->query_first("SELECT * FROM bb".$n."_news_cats WHERE catid='".$_GET['catid']."'"); if(!$catdata[catid]) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); $catdata['name'] = wbb_trim($catdata['name']); $catdata['name'] = htmlconverter(textwrap($catdata['name'])); $catdata['descr'] = wbb_trim($catdata['descr']); $catdata['descr'] = htmlconverter(textwrap($catdata['descr'])); eval("\$tpl->output(\"".$tpl->get("news_editcat")."\");"); exit(); } /* END Editing Categorie */ /* Delete Categorie */ if(($_GET['action']=="deletecat" && $_GET['catid']) || ($_POST['action']=="deletecat" && $_POST['catid'])){ if(!$wbbuserdata['can_news_categorie_admin']) access_error(); if($_GET['catid']) $catid = $_GET['catid']; if($_POST['catid']) $catid = $_POST['catid']; $cat = $db->query_first("SELECT nc.name FROM bb".$n."_news_cats nc WHERE nc.catid='".$catid."'"); if($_POST['send']=="send"){ $del_cat = $db->query("DELETE FROM bb".$n."_news_cats WHERE catid='".$catid."'"); $del_incatposts = $db->query("DELETE FROM bb".$n."_news WHERE catid='".$catid."'"); if($del_cat) redirect($lang->get("LANG_NEWS_DELETECAT_DELETED", array('$title' => $cat[name])), "news.php".$SID_ARG_1ST, 5); else error($lang->items['LANG_NEWS_DELETECAT_DELETED_FAILURE']); } $catdata = $db->query_first("SELECT * FROM bb".$n."_news_cats WHERE catid='".$_GET['catid']."'"); if(!$catdata[catid]) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); $lang->items['LANG_NEWS_DELETECAT_REALY'] = $lang->get("LANG_NEWS_DELETECAT_REALY", array('$title' => $cat[name])); eval("\$tpl->output(\"".$tpl->get("news_deletecat")."\");"); exit(); } /* END Delete Categorie */ /* Inserting new Newspost */ if(($_GET['action']=="addnews" && $_GET['catid']) || ($_POST['action']=="addnews" && $_POST['catid'])){ if(!$wbbuserdata['can_news_add']) access_error(); if($_POST['send']=="send"){ if(!$_POST['newstopic'] || !$_POST['message']) error($lang->items['LANG_NEWS_CAT_ADDED_REQUIREDFIELDS']); $_POST['newstopic'] = wbb_trim($_POST['newstopic']); $_POST['message'] = wbb_trim($_POST['message']); $add_news = $db->query("INSERT INTO bb".$n."_news SET newsid='', catid='".$_POST['catid']."', title='".addslashes($_POST['newstopic'])."', content='".addslashes($_POST['message'])."', author='".$wbbuserdata['userid']."', creationdate='".time()."', views='0', parse_url='".$_POST['parseurl']."', disablebbcode='".$_POST['disablebbcode']."', disablesmilies='".$_POST['disablesmilies']."', disableimages='".$_POST['disableimages']."', disablehtml='".$_POST['disablehtml']."'"); if($add_news) redirect($lang->get("LANG_NEWS_ADDNEWS_ADDED", array('$title' => $_POST[newstopic])), "news.php?action=viewcat&catid=".$_POST['catid'].$SID_ARG_2ND, 5); else error($lang->items['LANG_NEWS_ADDNEWS_ADDED_FAILURE']); } $catdata = $db->query_first("SELECT * FROM bb".$n."_news_cats WHERE catid='".$_GET['catid']."'"); if(!$catdata[catid]) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); /* bbcode and notes */ $note = ''; if (checkpermissions("can_use_post_html") == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW']; if (checkpermissions("can_use_post_bbcode") == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW']; if (checkpermissions("can_use_post_smilies") == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW']; if (checkpermissions("can_use_post_images") == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW']; $bbcode_buttons = getcodebuttons(); $bbcode_smilies = getclickysmilies($smilie_table_cols, $smilie_table_rows); eval("\$headinclude .= \"".$tpl->get("bbcode_script")."\";"); /* END bbcode and notes */ eval("\$tpl->output(\"".$tpl->get("news_newnews")."\");"); exit(); } /* END Inserting new Newspost */ /* Editing new Newspost */ if(($_GET['action']=="editnews" && $_GET['newsid']) || ($_POST['action']=="editnews" && $_POST['newsid'])){ if($_GET['newsid']) $newsid = $_GET['newsid']; if($_POST['newsid']) $newsid = $_POST['newsid']; $news = $db->query_first("SELECT * FROM bb".$n."_news WHERE newsid='".$newsid."'"); if(!$news['newsid']) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); if(!$wbbuserdata['can_news_edit'] && !$wbbuserdata['can_news_admin']) access_error(); if(($wbbuserdata['can_news_edit'] && $news['author']!=$wbbuserdata['userid']) && !$wbbuserdata['can_news_admin']) access_error(); if($_POST['send']=="send"){ if(!$_POST['newstopic'] || !$_POST['message']) error($lang->items['LANG_NEWS_CAT_ADDED_REQUIREDFIELDS']); $_POST['newstopic'] = wbb_trim($_POST['newstopic']); $_POST['message'] = wbb_trim($_POST['message']); $add_news = $db->query("UPDATE bb".$n."_news SET title='".addslashes($_POST['newstopic'])."', content='".addslashes($_POST['message'])."', parse_url='".$_POST['parseurl']."', disablebbcode='".$_POST['disablebbcode']."', disablesmilies='".$_POST['disablesmilies']."', disableimages='".$_POST['disableimages']."', disablehtml='".$_POST['disablehtml']."' WHERE newsid='".$_POST['newsid']."'"); if($add_news) redirect($lang->get("LANG_NEWS_EDITNEWS_EDITED", array('$title' => $_POST[newstopic])), "news.php?action=viewnews&newsid=".$_POST['newsid'].$SID_ARG_2ND, 5); else error($lang->items['LANG_NEWS_EDITNEWS_EDITED_FAILURE']); } /* bbcode and notes */ $note = ''; if (checkpermissions("can_use_post_html") == 0) $note .= $lang->items['LANG_POSTINGS_HTML_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_HTML_ALLOW']; if (checkpermissions("can_use_post_bbcode") == 0) $note .= $lang->items['LANG_POSTINGS_BBCODE_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_BBCODE_ALLOW']; if (checkpermissions("can_use_post_smilies") == 0) $note .= $lang->items['LANG_POSTINGS_SMILIES_NOT_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_SMILIES_ALLOW']; if (checkpermissions("can_use_post_images") == 0) $note .= $lang->items['LANG_POSTINGS_HTML_IMAGES_ALLOW']; else $note .= $lang->items['LANG_POSTINGS_IMAGES_ALLOW']; $bbcode_buttons = getcodebuttons(); $bbcode_smilies = getclickysmilies($smilie_table_cols, $smilie_table_rows); if($news['parse_url']==1) $checked[0] = " checked=\"checked\""; if($news['disablebbcode']==1) $checked[1] = " checked=\"checked\""; if($news['disablesmilies']==1) $checked[2] = " checked=\"checked\""; if($news['disableimages']==1) $checked[3] = " checked=\"checked\""; if($news['disablehtml']==1) $checked[4] = " checked=\"checked\""; $news['title'] = wbb_trim($news['title']); $news['title'] = htmlconverter(textwrap($news['title'])); eval("\$headinclude .= \"".$tpl->get("bbcode_script")."\";"); /* END bbcode and notes */ eval("\$tpl->output(\"".$tpl->get("news_editnews")."\");"); exit(); } /* END Editing new Newspost */ /* Delete Newspost */ if(($_GET['action']=="deletenews" && $_GET['newsid']) || ($_POST['action']=="deletenews" && $_POST['newsid'])){ if($_GET['newsid']) $newsid = $_GET['newsid']; if($_POST['newsid']) $newsid = $_POST['newsid']; $news = $db->query_first("SELECT n.title,n.author,n.newsid FROM bb".$n."_news n WHERE n.newsid='".$newsid."'"); if(!$news['newsid']) error($lang->get("LANG_GLOBAL_ERROR_FALSELINK", array('$adminmail' => $adminmail))); if(!$wbbuserdata['can_news_admin'] && !$wbbuserdata['can_news_delete']) access_error(); if($wbbuserdata['can_news_edit'] && $news['author']!=$wbbuserdata['userid']) access_error(); if($_POST['send']=="send"){ $del_news = $db->query("DELETE FROM bb".$n."_news WHERE newsid='".$newsid."'"); if($del_news) redirect($lang->get("LANG_NEWS_DELETENEWS_DELETED", array('$title' => $news[title])), "news.php".$SID_ARG_1ST, 5); else error($lang->items['LANG_NEWS_DELETENEWS_DELETED_FAILURE']); } $lang->items['LANG_NEWS_DELETENEWS_REALY'] = $lang->get("LANG_NEWS_DELETENEWS_REALY", array('$title' => $news[title])); eval("\$tpl->output(\"".$tpl->get("news_deletenews")."\");"); exit(); } /* END DELETE Newspost */ eval("\$tpl->output(\"".$tpl->get("news")."\");"); ?>