newspaper.php - orodlin-1-pub in Orodlin v.1

<?php
/**
 *   File functions:
 *   City newspaper
 *
 *   @name                 : newspaper.php
 *   @copyright            : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
 *   @author               : thindil <thindil@users.sourceforge.net>
 *   @author               : eyescream <tduda@users.sourceforge.net>
 *   @version              : 1.4
 *   @since                : 17.04.2007
 *
 */

//
//
//       This program is free software; you can redistribute it and/or modify
//   it under the terms of the GNU General Public License as published by
//   the Free Software Foundation; either version 2 of the License, or
//   (at your option) any later version.
//
//   This program is distributed in the hope that it will be useful,
//   but WITHOUT ANY WARRANTY; without even the implied warranty of
//   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//   GNU General Public License for more details.
//
//   You should have received a copy of the GNU General Public License
//   along with this program; if not, write to the Free Software
//   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
//
// $Id$

$title = "Redakcja gazety";
require_once("includes/head.php");

/**
* Get the localization for game
*/
require_once("languages/".$player -> lang."/newspaper.php");

if ($player -> lang != $player -> seclang)
{
    $strQuery = "lang='".$player -> lang."' OR lang='".$player -> seclang."'";
}
    else
{
    $strQuery = "lang='".$player -> lang."'";
}

/**
* Assign variables to template
*/
$smarty -> assign(array("Message" => '',
    "Aedit" => '',
    "Apublic" => A_PUBLIC));

/**
* Main menu
*/
if (!isset($_GET['comments']) && !isset($_GET['step']) && !isset($_GET['read']))
{
    $smarty -> assign(array('Paperinfo' => PAPERINFO,
                            'Paperinfo2' => PAPERINFO2,
                            'Paperinfo3' => PAPERINFO3,
                            'Anewpaper' => A_NEW_PAPER,
                            'Aarchive' => A_ARCHIVE,
                            'Aredaction' => A_REDACTION,
                            'Aredmail' => A_RED_MAIL));
}

/**
* Read and edit newspaper
*/
if ((isset($_GET['step']) && $_GET['step'] == 'new') || (isset($_GET['read']) || (isset($_GET['step3']) && $_GET['step3'] == 'S')))
{
    if (isset($_GET['read']) && !ereg("^[1-9][0-9]*$", $_GET['read']))
    {
        error(ERROR);
    }
    if (isset($_GET['step3']))
    {
        if ($player -> rank != 'Admin' && $player -> rank != 'Redaktor')
        {
            error(NO_PERM);
        }
    }
        else
    {
        $_GET['step3'] = '';
    }
    $strNext = '';
    $strPrevious = '';
    $intPage = 0;
    $intPage2 = 0;
    $arrTypes = array('N', 'M', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
    $arrSecnames = array(A_NEWS, A_NEWS2, A_COURT, A_ROYAL, A_KING, A_CHRONICLE." ".$gamename, A_SENSATIONS, A_HUMOR, A_INTER, A_NEWS3, A_POETRY);
    if (isset($_GET['page']) && $_GET['page'] == 'contents')
    {
        $arrId = array(array());
        $arrTitle = array(array());
        $arrAuthor = array(array());
        $j = 0;
        $blnPage = false;
        foreach ($arrTypes as $strType)
        {
            if (isset($_GET['step']) && $_GET['step'] == 'new')
            {
                $objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
		if (!$objPaperid -> fields['paper_id']) error(NO_PAPER);
                $objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `paper_id`=".$objPaperid -> fields['paper_id']." AND `type`='".$strType."' AND `added`='Y' AND ".$strQuery);
                $objPaperid -> Close();
            }
                elseif (isset($_GET['read']))
            {
                $objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `paper_id`=".$_GET['read']." AND `type`='".$strType."' AND `added`='Y' AND ".$strQuery);
            }
                elseif (isset($_GET['step3']))
            {
                $objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `added`='N' AND `type`='".$strType."' AND ".$strQuery);
            }
            $i = 0;
            if (empty($objArticles -> fields['id']))
            {
                $arrId[$j][0] = 0;
                $arrTitle[$j][0] = '';
                $arrAuthor[$j][0] = '';
            }
                elseif (!$blnPage)
            {
                $intPage = $objArticles -> fields['id'];
                $blnPage = true;
            }
            while (!$objArticles -> EOF)
            {
                $arrId[$j][$i] = $objArticles -> fields['id'];
                $arrTitle[$j][$i] = $objArticles -> fields['title'];
                $arrAuthor[$j][$i] = $objArticles -> fields['author'];

                $objComments = $db -> Execute("SELECT count(*) FROM `newspaper_comments` WHERE `textid`=".$objArticles -> fields['id']);
                $intComment[$j][$i] = $objComments -> fields['count(*)'];
                $objComments -> Close();
                $i ++;
                $objArticles -> MoveNext();
            }
            $objArticles -> Close();
            $j ++;
        }
        $strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\" />";
        $smarty -> assign(array('Artidm' => $arrId,
                                'Arttitlem' => $arrTitle,
                                'Artcoment' => $intComment,
                                'Artauthorm' => $arrAuthor,
                                'Acomments' => A_COMMENTS));
    }
    if (isset($_GET['step']) && $_GET['step'] == 'new')
    {
        $smarty -> assign("Newslink", "step=new");
    }
        elseif (isset($_GET['read']))
    {
        $smarty -> assign("Newslink", "read=".$_GET['read']);
    }
        elseif (isset($_GET['step3']))
    {
        $smarty -> assign(array('Aedit' => A_EDIT,
                                'Adelete' => A_DELETE,
                                'Newslink' => 'step3=S'));
    }
    if (!isset($_GET['page']))
    {
        $_GET['page'] = '';
    }
    $smarty -> assign(array('Readinfo' => READINFO,
                            'Aauthor' => A_AUTHOR,
                            'Amain' => A_MAIN,
                            'Acontents' => A_CONTENTS,
                            'Aend' => A_END,
                            'Page' => $_GET['page'],
                            'Arttypes' => $arrTypes,
                            'Secnames' => $arrSecnames,
                            'Next' => $strNext,
                            'Previous' => $strPrevious,
                            'Pageid' => $intPage,
                            'Pageid2' => $intPage2));
}

/**
* Newspaper archive
*/
if (isset($_GET['step']) && $_GET['step'] == 'archive')
{
    $objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
    if (!$objPaperid -> fields['paper_id'])
    {
        error(EMPTY_ARCHIVE);
    }
    $objPaperid2 = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `paper_id`<".$objPaperid -> fields['paper_id']." AND `paper_id`!=0 GROUP BY `paper_id`");
    $objPaperid -> Close();
    $arrPaperid = array();
    $i = 0;
    while (!$objPaperid2 -> EOF)
    {
        $arrPaperid[$i] = $objPaperid2 -> fields['paper_id'];
        $i ++;
        $objPaperid2 -> MoveNext();
    }
    $objPaperid2 -> Close();
    $smarty -> assign(array('Paperid' => $arrPaperid,
                            'Anumber' => A_NUMBER,
                            'Archiveinfo' => ARCHIVEINFO));
}

/**
* Comments to text
*/
if (isset($_GET['comments']))
{
    $smarty -> assign("Amount", '');

    require_once('includes/comments.php');
    /**
    * Display comments
    */
    if (!isset($_GET['action']))
    {
        displaycomments($_GET['comments'], 'newspaper', 'newspaper_comments', 'textid');
        $smarty -> assign(array('Tauthor' => $arrAuthor,
                                'Tbody' => $arrBody,
                                'Amount' => $i,
                                'Cid' => $arrId,
                                'Tdate' => $arrDate,
                                'Nocomments' => NO_COMMENTS,
                                'Addcomment' => ADD_COMMENT,
                                'Adelete' => A_DELETE,
                                'Aadd' => A_ADD,
                                'Wrote' => WROTE));
    }

    /**
    * Add comment
    */
    if (isset($_GET['action']) && $_GET['action'] == 'add')
    {
        addcomments($_POST['tid'], 'newspaper_comments', 'textid');
    }

    /**
    * Delete comment
    */
    if (isset($_GET['action']) && $_GET['action'] == 'delete')
    {
        deletecomments('newspaper_comments');
    }
}

/**
* Newspaper redaction
*/
if (isset($_GET['step']) && $_GET['step'] == 'redaction')
{
    if ($player -> rank != 'Admin' && $player -> rank != 'Redaktor')
    {
        error(NO_PERM);
    }
    $smarty -> assign(array('Redactioninfo' => REDACTIONINFO,
                            'Ashow' => A_SHOW,
                            'Aredaction' => A_REDACTION));

    /**
    * Edit article
    */
    if (isset($_GET['step3']) && ($_GET['step3'] == 'edit' || $_GET['step3'] == 'R'))
    {
        if (isset($_GET['edit']) && !ereg("^[1-9][0-9]*$", $_GET['edit']))
        {
            error(ERROR);
        }
        if ($_GET['step3'] == 'R')
        {
            $_GET['edit'] = '';
        }
        $arrTypes = array('N', 'M', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
        $arrSecnames = array(A_NEWS, A_NEWS2, A_COURT, A_ROYAL, A_KING, A_CHRONICLE." ".$gamename, A_SENSATIONS, A_HUMOR, A_INTER, A_NEWS3, A_POETRY);
        $smarty -> assign(array('Ttitle' => T_TITLE,
                                'Tbody' => T_BODY,
                                'Mailtype' => MAIL_TYPE,
                                'Ashow' => A_SHOW2,
                                'Asend' => A_SEND,
                                'Showmail' => '',
                                'Mtitle' => '',
                                'Mbody' => '',
                                'Mtype' => '',
                                'Edit' => $_GET['edit'],
                                'Youedit' => YOU_EDIT,
                                'Arttypes' => $arrTypes,
                                'Sectionnames' => $arrSecnames));
        if ($_GET['step3'] == 'edit')
        {
            $objArticle = $db -> Execute("SELECT `title`, `type`, `body` FROM `newspaper` WHERE `id`=".$_GET['edit']);
            require_once('includes/bbcode.php');
            $smarty -> assign(array('Mtitle' => htmltobbcode($objArticle -> fields['title']),
                                    'Mbody' => htmltobbcode($objArticle -> fields['body']),
                                    'Mtype' => $objArticle -> fields['type']));
            $objArticle -> Close();
        }
        if (isset($_POST['show']))
        {
            $arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
            if (!in_array($_POST['mail'], $arrType))
            {
                error(ERROR);
            }
            if (empty($_POST['mtitle']) || empty($_POST['mbody']))
            {
                error(EMPTY_FIELDS);
            }
            $_POST['mbody'] = nl2br($_POST['mbody']);
            require_once('includes/bbcode.php');
            $_POST['mbody'] = bbcodetohtml($_POST['mbody']);
            $_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
            $strMail = T_TITLE." ".$_POST['mtitle']."<br />".T_BODY." <br />".$_POST['mbody'];
            $_POST['mbody'] = htmltobbcode($_POST['mbody']);
            $_POST['mtitle'] = htmltobbcode($_POST['mtitle']);
            $smarty -> assign(array('Showmail' => $strMail,
                                    'Mtitle' => $_POST['mtitle'],
                                    'Mbody' => $_POST['mbody'],
                                    'Mtype' => $_POST['mail']));
        }
        if (isset($_POST['sendmail']))
        {
            $arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
            if (!in_array($_POST['mail'], $arrType))
            {
                error(ERROR);
            }
            if (empty($_POST['mtitle']) || empty($_POST['mbody']))
            {
                error(EMPTY_FIELDS);
            }
            $_POST['mbody'] = nl2br($_POST['mbody']);
            require_once('includes/bbcode.php');
            $_POST['mbody'] = bbcodetohtml($_POST['mbody']);
            $_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
            $strBody = $db -> qstr($_POST['mbody'], get_magic_quotes_gpc());
            $strTitle = $db -> qstr($_POST['mtitle'], get_magic_quotes_gpc());
            $strAuthor = $player -> user." ID: ".$player -> id;
            $_POST['mbody'] = $_POST['mbody']."<br /><br />".EDITED_BY.$strAuthor;
            if ($_GET['step3'] == 'edit')
            {
                $db -> Execute("UPDATE `newspaper` SET `title`=".$strTitle.", `body`=".$strBody.", `type`='".$_POST['mail']."' WHERE `id`=".$_GET['edit']);
            }
                else
            {
                $strAuthor = $player -> user." ID: ".$player -> id;
                $objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
                $intPaperid = $objPaperid -> fields['paper_id'] + 1;
                $objPaperid -> Close();
                $db -> Execute("INSERT INTO `newspaper` (`paper_id`, `title`, `body`, `author`, `lang`, `added`, `type`) VALUES(".$intPaperid.", ".$strTitle.", ".$strBody.", '".$strAuthor."', '".$player -> lang."', 'N', '".$_POST['mail']."')");
            }
            $smarty -> assign('Message', '<br /><br />'.MAIL_SEND);
        }
    }

    /**
    * Release new newspaper
    */
    if (isset($_GET['step3']) && $_GET['step3'] == 'release')
    {
        $db -> Execute('UPDATE `newspaper` SET `added`=\'Y\' WHERE `added`=\'N\'');
        $smarty -> assign('Message', '<br /><br />'.NEWSPAPER_RELEASED);
    }

    /**
    * Delete selected article
    */
    if (isset($_GET['step3']) && $_GET['step3'] == 'delete')
    {
        $db -> Execute('DELETE FROM `newspaper` WHERE `id`='.$_GET['del']);
        $smarty -> assign('Message', '<br /><br />'.ARTICLE_DELETED);
    }
}

/**
* Newspaper mail
*/
if (isset($_GET['step']) && $_GET['step'] == 'mail')
{
    $smarty -> assign(array('Anews' => A_NEWS,
                            'Anews2' => A_NEWS2,
                            'Anews3' => A_NEWS3,
                            'Acourt' => A_COURT,
                            'Aroyal' => A_ROYAL,
                            'Aking' => A_KING,
                            'Achronicle' => A_CHRONICLE,
                            'Asensations' => A_SENSATIONS,
                            'Ahumor' => A_HUMOR,
                            'Ainter' => A_INTER,
                            'Apoetry' => A_POETRY,
                            'Ttitle' => T_TITLE,
                            'Tbody' => T_BODY,
                            'Mailinfo' => MAILINFO,
                            'Mailtype' => MAIL_TYPE,
                            'Ashow' => A_SHOW,
                            'Asend' => A_SEND,
                            'Showmail' => '',
                            'Mtitle' => '',
                            'Mbody' => '',
                            'Mtype' => ''));
    if (isset($_GET['step3']) && $_GET['step3'] == 'add')
    {
        $arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
        if (!in_array($_POST['mail'], $arrType))
        {
            error(ERROR);
        }
        if (empty($_POST['mtitle']) || empty($_POST['mbody']))
        {
            error(EMPTY_FIELDS);
        }
        $_POST['mbody'] = nl2br($_POST['mbody']);
        require_once('includes/bbcode.php');
        $_POST['mbody'] = bbcodetohtml($_POST['mbody']);
        $_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
        if (isset($_POST['show']))
        {
            $strMail = T_TITLE." ".$_POST['mtitle']."<br />".T_BODY." <br />".$_POST['mbody'];
            $_POST['mbody'] = htmltobbcode($_POST['mbody']);
            $_POST['mtitle'] = htmltobbcode($_POST['mtitle']);
            $smarty -> assign(array('Showmail' => $strMail,
                                    'Mtitle' => $_POST['mtitle'],
                                    'Mbody' => $_POST['mbody'],
                                    'Mtype' => $_POST['mail']));
        }
        if (isset($_POST['sendmail']))
        {
            $strAuthor = $player -> user." ID: ".$player -> id;
            $objPaperid = $db -> Execute("SELECT paper_id FROM newspaper WHERE added='Y' GROUP BY paper_id DESC");
            $intPaperid = $objPaperid -> fields['paper_id'] + 1;
            $objPaperid -> Close();
            $strBody = $db -> qstr($_POST['mbody'], get_magic_quotes_gpc());
            $strTitle = $db -> qstr($_POST['mtitle'], get_magic_quotes_gpc());
            $db -> Execute("INSERT INTO `newspaper` (`paper_id`, `title`, `body`, `author`, `lang`, `added`, `type`) VALUES(".$intPaperid.", ".$strTitle.", ".$strBody.", '".$strAuthor."', '".$player -> lang."', 'N', '".$_POST['mail']."')");
            $smarty -> assign('Message', '<br /><br />'.MAIL_SEND);
        }
    }
}

/**
 * Read article
 */
if (isset($_GET['article']))
{
    if (!ereg("^[1-9][0-9]*$", $_GET['article']))
    {
        error(ERROR);
    }
    $objArticle = $db -> Execute("SELECT `id`, `paper_id`, `title`, `body`, `author`, `added` FROM `newspaper` WHERE `id`=".$_GET['article']);
    if (!$objArticle -> fields['id'] || ($objArticle -> fields['added'] == 'N' && $player -> rank != 'Admin' && $player -> rank != 'Redaktor'))
    {
        error(ERROR);
    }
    $intPage = $_GET['article'] + 1;
    $strNext = '';
    $objNext = $db -> Execute("SELECT `id` FROM `newspaper` WHERE `id`=".$intPage." AND `paper_id`=".$objArticle -> fields['paper_id']);
    if (!$objNext -> fields['id'])
    {
        $intPage = 0;
    }
        else
    {
        $strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\" />";
    }
    $objNext -> Close();
    $intPage2 = $_GET['article'] - 1;
    $strPrevious = '';
    $objPrevious = $db -> Execute("SELECT `id` FROM `newspaper` WHERE `id`=".$intPage2." AND `paper_id`=".$objArticle -> fields['paper_id']);
    if (!$objPrevious -> fields['id'])
    {
        $intPage2 = 0;
    }
        else
    {
        $strPrevious = "<input type=\"submit\" name=\"next\" value=\"".A_PREVIOUS."\" />";
    }
    $objPrevious -> Close();
    $objComments = $db -> Execute("SELECT count(*) FROM `newspaper_comments` WHERE `textid`=".$objArticle -> fields['id']);
    $intComments = $objComments -> fields['count(*)'];
    $objComments -> Close();
    if (isset($_GET['step']) && $_GET['step'] == 'new')
    {
        $smarty -> assign("Newslink", "step=new");
    }
        elseif (isset($_GET['read']))
    {
        $smarty -> assign("Newslink", "read=".$_GET['read']);
    }
        elseif (isset($_GET['step3']))
    {
        $smarty -> assign("Newslink", "step3=S");
    }
    $smarty -> assign(array('Artid' => $objArticle -> fields['id'],
                            'Arttitle' => $objArticle -> fields['title'],
                            'Artauthor' => $objArticle -> fields['author'],
                            'Artbody' => $objArticle -> fields['body'],
                            'Artcomments' => $intComments,
                            'Next' => $strNext,
                            'Previous' => $strPrevious,
                            'Pageid' => $intPage,
                            'Pageid2' => $intPage2,
                            'Acomment' => A_COMMENT,
                            'Twrite' => T_WRITE,
                            'Tcomments' => T_COMMENTS,
                            'Ttitle' => T_TITLE));
    $objArticle -> Close();
}

/**
* Initialization of variables
*/
if (!isset($_GET['step']))
{
    $_GET['step'] = '';
}
if (!isset($_GET['step2']))
{
    $_GET['step2'] = '';
}
if (!isset($_GET['read']))
{
    $_GET['read'] = '';
}
if (!isset($_GET['comments']))
{
    $_GET['comments'] = '';
}
if (!isset($_GET['step3']))
{
    $_GET['step3'] = '';
}
if (!isset($_GET['article']))
{
    $_GET['article'] = '';
}

/**
* Assign variables to template and display page
*/
$smarty -> assign(array("Step" => $_GET['step'],
                        "Step2" => $_GET['step2'],
                        "Read" => $_GET['read'],
                        "Comments" => $_GET['comments'],
                        "Rank" => $player -> rank,
                        "Aback" => A_BACK,
                        "Step3" => $_GET['step3'],
                        "Article" => $_GET['article']));
$smarty -> display('newspaper.tpl');
if ($_GET['step'] != "new")
{
    require_once("includes/foot.php");
}
?>

1	<?php
2	/**
3	* File functions:
4	* City newspaper
5	*
6	* @name : newspaper.php
7	* @copyright : (C) 2004,2005,2006,2007 Vallheru Team based on Gamers-Fusion ver 2.5
8	* @author : thindil <thindil@users.sourceforge.net>
9	* @author : eyescream <tduda@users.sourceforge.net>
10	* @version : 1.4
11	* @since : 17.04.2007
12	*
13	*/
14
15	//
16	//
17	// This program is free software; you can redistribute it and/or modify
18	// it under the terms of the GNU General Public License as published by
19	// the Free Software Foundation; either version 2 of the License, or
20	// (at your option) any later version.
21	//
22	// This program is distributed in the hope that it will be useful,
23	// but WITHOUT ANY WARRANTY; without even the implied warranty of
24	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25	// GNU General Public License for more details.
26	//
27	// You should have received a copy of the GNU General Public License
28	// along with this program; if not, write to the Free Software
29	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
30	//
31	// $Id$
32
33	$title = "Redakcja gazety";
34	require_once("includes/head.php");
35
36	/**
37	* Get the localization for game
38	*/
39	require_once("languages/".$player -> lang."/newspaper.php");
40
41	if ($player -> lang != $player -> seclang)
42	{
43	$strQuery = "lang='".$player -> lang."' OR lang='".$player -> seclang."'";
44	}
45	else
46	{
47	$strQuery = "lang='".$player -> lang."'";
48	}
49
50	/**
51	* Assign variables to template
52	*/
53	$smarty -> assign(array("Message" => '',
54	"Aedit" => '',
55	"Apublic" => A_PUBLIC));
56
57	/**
58	* Main menu
59	*/
60	if (!isset($_GET['comments']) && !isset($_GET['step']) && !isset($_GET['read']))
61	{
62	$smarty -> assign(array('Paperinfo' => PAPERINFO,
63	'Paperinfo2' => PAPERINFO2,
64	'Paperinfo3' => PAPERINFO3,
65	'Anewpaper' => A_NEW_PAPER,
66	'Aarchive' => A_ARCHIVE,
67	'Aredaction' => A_REDACTION,
68	'Aredmail' => A_RED_MAIL));
69	}
70
71	/**
72	* Read and edit newspaper
73	*/
74	if ((isset($_GET['step']) && $_GET['step'] == 'new') \|\| (isset($_GET['read']) \|\| (isset($_GET['step3']) && $_GET['step3'] == 'S')))
75	{
76	if (isset($_GET['read']) && !ereg("^[1-9][0-9]*$", $_GET['read']))
77	{
78	error(ERROR);
79	}
80	if (isset($_GET['step3']))
81	{
82	if ($player -> rank != 'Admin' && $player -> rank != 'Redaktor')
83	{
84	error(NO_PERM);
85	}
86	}
87	else
88	{
89	$_GET['step3'] = '';
90	}
91	$strNext = '';
92	$strPrevious = '';
93	$intPage = 0;
94	$intPage2 = 0;
95	$arrTypes = array('N', 'M', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
96	$arrSecnames = array(A_NEWS, A_NEWS2, A_COURT, A_ROYAL, A_KING, A_CHRONICLE." ".$gamename, A_SENSATIONS, A_HUMOR, A_INTER, A_NEWS3, A_POETRY);
97	if (isset($_GET['page']) && $_GET['page'] == 'contents')
98	{
99	$arrId = array(array());
100	$arrTitle = array(array());
101	$arrAuthor = array(array());
102	$j = 0;
103	$blnPage = false;
104	foreach ($arrTypes as $strType)
105	{
106	if (isset($_GET['step']) && $_GET['step'] == 'new')
107	{
108	$objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
109	if (!$objPaperid -> fields['paper_id']) error(NO_PAPER);
110	$objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `paper_id`=".$objPaperid -> fields['paper_id']." AND `type`='".$strType."' AND `added`='Y' AND ".$strQuery);
111	$objPaperid -> Close();
112	}
113	elseif (isset($_GET['read']))
114	{
115	$objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `paper_id`=".$_GET['read']." AND `type`='".$strType."' AND `added`='Y' AND ".$strQuery);
116	}
117	elseif (isset($_GET['step3']))
118	{
119	$objArticles = $db -> Execute("SELECT `title`, `author`, `id` FROM `newspaper` WHERE `added`='N' AND `type`='".$strType."' AND ".$strQuery);
120	}
121	$i = 0;
122	if (empty($objArticles -> fields['id']))
123	{
124	$arrId[$j][0] = 0;
125	$arrTitle[$j][0] = '';
126	$arrAuthor[$j][0] = '';
127	}
128	elseif (!$blnPage)
129	{
130	$intPage = $objArticles -> fields['id'];
131	$blnPage = true;
132	}
133	while (!$objArticles -> EOF)
134	{
135	$arrId[$j][$i] = $objArticles -> fields['id'];
136	$arrTitle[$j][$i] = $objArticles -> fields['title'];
137	$arrAuthor[$j][$i] = $objArticles -> fields['author'];
138
139	$objComments = $db -> Execute("SELECT count(*) FROM `newspaper_comments` WHERE `textid`=".$objArticles -> fields['id']);
140	$intComment[$j][$i] = $objComments -> fields['count(*)'];
141	$objComments -> Close();
142	$i ++;
143	$objArticles -> MoveNext();
144	}
145	$objArticles -> Close();
146	$j ++;
147	}
148	$strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\" />";
149	$smarty -> assign(array('Artidm' => $arrId,
150	'Arttitlem' => $arrTitle,
151	'Artcoment' => $intComment,
152	'Artauthorm' => $arrAuthor,
153	'Acomments' => A_COMMENTS));
154	}
155	if (isset($_GET['step']) && $_GET['step'] == 'new')
156	{
157	$smarty -> assign("Newslink", "step=new");
158	}
159	elseif (isset($_GET['read']))
160	{
161	$smarty -> assign("Newslink", "read=".$_GET['read']);
162	}
163	elseif (isset($_GET['step3']))
164	{
165	$smarty -> assign(array('Aedit' => A_EDIT,
166	'Adelete' => A_DELETE,
167	'Newslink' => 'step3=S'));
168	}
169	if (!isset($_GET['page']))
170	{
171	$_GET['page'] = '';
172	}
173	$smarty -> assign(array('Readinfo' => READINFO,
174	'Aauthor' => A_AUTHOR,
175	'Amain' => A_MAIN,
176	'Acontents' => A_CONTENTS,
177	'Aend' => A_END,
178	'Page' => $_GET['page'],
179	'Arttypes' => $arrTypes,
180	'Secnames' => $arrSecnames,
181	'Next' => $strNext,
182	'Previous' => $strPrevious,
183	'Pageid' => $intPage,
184	'Pageid2' => $intPage2));
185	}
186
187	/**
188	* Newspaper archive
189	*/
190	if (isset($_GET['step']) && $_GET['step'] == 'archive')
191	{
192	$objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
193	if (!$objPaperid -> fields['paper_id'])
194	{
195	error(EMPTY_ARCHIVE);
196	}
197	$objPaperid2 = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `paper_id`<".$objPaperid -> fields['paper_id']." AND `paper_id`!=0 GROUP BY `paper_id`");
198	$objPaperid -> Close();
199	$arrPaperid = array();
200	$i = 0;
201	while (!$objPaperid2 -> EOF)
202	{
203	$arrPaperid[$i] = $objPaperid2 -> fields['paper_id'];
204	$i ++;
205	$objPaperid2 -> MoveNext();
206	}
207	$objPaperid2 -> Close();
208	$smarty -> assign(array('Paperid' => $arrPaperid,
209	'Anumber' => A_NUMBER,
210	'Archiveinfo' => ARCHIVEINFO));
211	}
212
213	/**
214	* Comments to text
215	*/
216	if (isset($_GET['comments']))
217	{
218	$smarty -> assign("Amount", '');
219
220	require_once('includes/comments.php');
221	/**
222	* Display comments
223	*/
224	if (!isset($_GET['action']))
225	{
226	displaycomments($_GET['comments'], 'newspaper', 'newspaper_comments', 'textid');
227	$smarty -> assign(array('Tauthor' => $arrAuthor,
228	'Tbody' => $arrBody,
229	'Amount' => $i,
230	'Cid' => $arrId,
231	'Tdate' => $arrDate,
232	'Nocomments' => NO_COMMENTS,
233	'Addcomment' => ADD_COMMENT,
234	'Adelete' => A_DELETE,
235	'Aadd' => A_ADD,
236	'Wrote' => WROTE));
237	}
238
239	/**
240	* Add comment
241	*/
242	if (isset($_GET['action']) && $_GET['action'] == 'add')
243	{
244	addcomments($_POST['tid'], 'newspaper_comments', 'textid');
245	}
246
247	/**
248	* Delete comment
249	*/
250	if (isset($_GET['action']) && $_GET['action'] == 'delete')
251	{
252	deletecomments('newspaper_comments');
253	}
254	}
255
256	/**
257	* Newspaper redaction
258	*/
259	if (isset($_GET['step']) && $_GET['step'] == 'redaction')
260	{
261	if ($player -> rank != 'Admin' && $player -> rank != 'Redaktor')
262	{
263	error(NO_PERM);
264	}
265	$smarty -> assign(array('Redactioninfo' => REDACTIONINFO,
266	'Ashow' => A_SHOW,
267	'Aredaction' => A_REDACTION));
268
269	/**
270	* Edit article
271	*/
272	if (isset($_GET['step3']) && ($_GET['step3'] == 'edit' \|\| $_GET['step3'] == 'R'))
273	{
274	if (isset($_GET['edit']) && !ereg("^[1-9][0-9]*$", $_GET['edit']))
275	{
276	error(ERROR);
277	}
278	if ($_GET['step3'] == 'R')
279	{
280	$_GET['edit'] = '';
281	}
282	$arrTypes = array('N', 'M', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
283	$arrSecnames = array(A_NEWS, A_NEWS2, A_COURT, A_ROYAL, A_KING, A_CHRONICLE." ".$gamename, A_SENSATIONS, A_HUMOR, A_INTER, A_NEWS3, A_POETRY);
284	$smarty -> assign(array('Ttitle' => T_TITLE,
285	'Tbody' => T_BODY,
286	'Mailtype' => MAIL_TYPE,
287	'Ashow' => A_SHOW2,
288	'Asend' => A_SEND,
289	'Showmail' => '',
290	'Mtitle' => '',
291	'Mbody' => '',
292	'Mtype' => '',
293	'Edit' => $_GET['edit'],
294	'Youedit' => YOU_EDIT,
295	'Arttypes' => $arrTypes,
296	'Sectionnames' => $arrSecnames));
297	if ($_GET['step3'] == 'edit')
298	{
299	$objArticle = $db -> Execute("SELECT `title`, `type`, `body` FROM `newspaper` WHERE `id`=".$_GET['edit']);
300	require_once('includes/bbcode.php');
301	$smarty -> assign(array('Mtitle' => htmltobbcode($objArticle -> fields['title']),
302	'Mbody' => htmltobbcode($objArticle -> fields['body']),
303	'Mtype' => $objArticle -> fields['type']));
304	$objArticle -> Close();
305	}
306	if (isset($_POST['show']))
307	{
308	$arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
309	if (!in_array($_POST['mail'], $arrType))
310	{
311	error(ERROR);
312	}
313	if (empty($_POST['mtitle']) \|\| empty($_POST['mbody']))
314	{
315	error(EMPTY_FIELDS);
316	}
317	$_POST['mbody'] = nl2br($_POST['mbody']);
318	require_once('includes/bbcode.php');
319	$_POST['mbody'] = bbcodetohtml($_POST['mbody']);
320	$_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
321	$strMail = T_TITLE." ".$_POST['mtitle']."<br />".T_BODY." <br />".$_POST['mbody'];
322	$_POST['mbody'] = htmltobbcode($_POST['mbody']);
323	$_POST['mtitle'] = htmltobbcode($_POST['mtitle']);
324	$smarty -> assign(array('Showmail' => $strMail,
325	'Mtitle' => $_POST['mtitle'],
326	'Mbody' => $_POST['mbody'],
327	'Mtype' => $_POST['mail']));
328	}
329	if (isset($_POST['sendmail']))
330	{
331	$arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
332	if (!in_array($_POST['mail'], $arrType))
333	{
334	error(ERROR);
335	}
336	if (empty($_POST['mtitle']) \|\| empty($_POST['mbody']))
337	{
338	error(EMPTY_FIELDS);
339	}
340	$_POST['mbody'] = nl2br($_POST['mbody']);
341	require_once('includes/bbcode.php');
342	$_POST['mbody'] = bbcodetohtml($_POST['mbody']);
343	$_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
344	$strBody = $db -> qstr($_POST['mbody'], get_magic_quotes_gpc());
345	$strTitle = $db -> qstr($_POST['mtitle'], get_magic_quotes_gpc());
346	$strAuthor = $player -> user." ID: ".$player -> id;
347	$_POST['mbody'] = $_POST['mbody']."<br /><br />".EDITED_BY.$strAuthor;
348	if ($_GET['step3'] == 'edit')
349	{
350	$db -> Execute("UPDATE `newspaper` SET `title`=".$strTitle.", `body`=".$strBody.", `type`='".$_POST['mail']."' WHERE `id`=".$_GET['edit']);
351	}
352	else
353	{
354	$strAuthor = $player -> user." ID: ".$player -> id;
355	$objPaperid = $db -> Execute("SELECT `paper_id` FROM `newspaper` WHERE `added`='Y' GROUP BY `paper_id` DESC");
356	$intPaperid = $objPaperid -> fields['paper_id'] + 1;
357	$objPaperid -> Close();
358	$db -> Execute("INSERT INTO `newspaper` (`paper_id`, `title`, `body`, `author`, `lang`, `added`, `type`) VALUES(".$intPaperid.", ".$strTitle.", ".$strBody.", '".$strAuthor."', '".$player -> lang."', 'N', '".$_POST['mail']."')");
359	}
360	$smarty -> assign('Message', '<br /><br />'.MAIL_SEND);
361	}
362	}
363
364	/**
365	* Release new newspaper
366	*/
367	if (isset($_GET['step3']) && $_GET['step3'] == 'release')
368	{
369	$db -> Execute('UPDATE `newspaper` SET `added`=\'Y\' WHERE `added`=\'N\'');
370	$smarty -> assign('Message', '<br /><br />'.NEWSPAPER_RELEASED);
371	}
372
373	/**
374	* Delete selected article
375	*/
376	if (isset($_GET['step3']) && $_GET['step3'] == 'delete')
377	{
378	$db -> Execute('DELETE FROM `newspaper` WHERE `id`='.$_GET['del']);
379	$smarty -> assign('Message', '<br /><br />'.ARTICLE_DELETED);
380	}
381	}
382
383	/**
384	* Newspaper mail
385	*/
386	if (isset($_GET['step']) && $_GET['step'] == 'mail')
387	{
388	$smarty -> assign(array('Anews' => A_NEWS,
389	'Anews2' => A_NEWS2,
390	'Anews3' => A_NEWS3,
391	'Acourt' => A_COURT,
392	'Aroyal' => A_ROYAL,
393	'Aking' => A_KING,
394	'Achronicle' => A_CHRONICLE,
395	'Asensations' => A_SENSATIONS,
396	'Ahumor' => A_HUMOR,
397	'Ainter' => A_INTER,
398	'Apoetry' => A_POETRY,
399	'Ttitle' => T_TITLE,
400	'Tbody' => T_BODY,
401	'Mailinfo' => MAILINFO,
402	'Mailtype' => MAIL_TYPE,
403	'Ashow' => A_SHOW,
404	'Asend' => A_SEND,
405	'Showmail' => '',
406	'Mtitle' => '',
407	'Mbody' => '',
408	'Mtype' => ''));
409	if (isset($_GET['step3']) && $_GET['step3'] == 'add')
410	{
411	$arrType = array('M', 'N', 'O', 'R', 'K', 'C', 'S', 'H', 'I', 'A', 'P');
412	if (!in_array($_POST['mail'], $arrType))
413	{
414	error(ERROR);
415	}
416	if (empty($_POST['mtitle']) \|\| empty($_POST['mbody']))
417	{
418	error(EMPTY_FIELDS);
419	}
420	$_POST['mbody'] = nl2br($_POST['mbody']);
421	require_once('includes/bbcode.php');
422	$_POST['mbody'] = bbcodetohtml($_POST['mbody']);
423	$_POST['mtitle'] = bbcodetohtml($_POST['mtitle']);
424	if (isset($_POST['show']))
425	{
426	$strMail = T_TITLE." ".$_POST['mtitle']."<br />".T_BODY." <br />".$_POST['mbody'];
427	$_POST['mbody'] = htmltobbcode($_POST['mbody']);
428	$_POST['mtitle'] = htmltobbcode($_POST['mtitle']);
429	$smarty -> assign(array('Showmail' => $strMail,
430	'Mtitle' => $_POST['mtitle'],
431	'Mbody' => $_POST['mbody'],
432	'Mtype' => $_POST['mail']));
433	}
434	if (isset($_POST['sendmail']))
435	{
436	$strAuthor = $player -> user." ID: ".$player -> id;
437	$objPaperid = $db -> Execute("SELECT paper_id FROM newspaper WHERE added='Y' GROUP BY paper_id DESC");
438	$intPaperid = $objPaperid -> fields['paper_id'] + 1;
439	$objPaperid -> Close();
440	$strBody = $db -> qstr($_POST['mbody'], get_magic_quotes_gpc());
441	$strTitle = $db -> qstr($_POST['mtitle'], get_magic_quotes_gpc());
442	$db -> Execute("INSERT INTO `newspaper` (`paper_id`, `title`, `body`, `author`, `lang`, `added`, `type`) VALUES(".$intPaperid.", ".$strTitle.", ".$strBody.", '".$strAuthor."', '".$player -> lang."', 'N', '".$_POST['mail']."')");
443	$smarty -> assign('Message', '<br /><br />'.MAIL_SEND);
444	}
445	}
446	}
447
448	/**
449	* Read article
450	*/
451	if (isset($_GET['article']))
452	{
453	if (!ereg("^[1-9][0-9]*$", $_GET['article']))
454	{
455	error(ERROR);
456	}
457	$objArticle = $db -> Execute("SELECT `id`, `paper_id`, `title`, `body`, `author`, `added` FROM `newspaper` WHERE `id`=".$_GET['article']);
458	if (!$objArticle -> fields['id'] \|\| ($objArticle -> fields['added'] == 'N' && $player -> rank != 'Admin' && $player -> rank != 'Redaktor'))
459	{
460	error(ERROR);
461	}
462	$intPage = $_GET['article'] + 1;
463	$strNext = '';
464	$objNext = $db -> Execute("SELECT `id` FROM `newspaper` WHERE `id`=".$intPage." AND `paper_id`=".$objArticle -> fields['paper_id']);
465	if (!$objNext -> fields['id'])
466	{
467	$intPage = 0;
468	}
469	else
470	{
471	$strNext = "<input type=\"submit\" name=\"next\" value=\"".A_NEXT."\" />";
472	}
473	$objNext -> Close();
474	$intPage2 = $_GET['article'] - 1;
475	$strPrevious = '';
476	$objPrevious = $db -> Execute("SELECT `id` FROM `newspaper` WHERE `id`=".$intPage2." AND `paper_id`=".$objArticle -> fields['paper_id']);
477	if (!$objPrevious -> fields['id'])
478	{
479	$intPage2 = 0;
480	}
481	else
482	{
483	$strPrevious = "<input type=\"submit\" name=\"next\" value=\"".A_PREVIOUS."\" />";
484	}
485	$objPrevious -> Close();
486	$objComments = $db -> Execute("SELECT count(*) FROM `newspaper_comments` WHERE `textid`=".$objArticle -> fields['id']);
487	$intComments = $objComments -> fields['count(*)'];
488	$objComments -> Close();
489	if (isset($_GET['step']) && $_GET['step'] == 'new')
490	{
491	$smarty -> assign("Newslink", "step=new");
492	}
493	elseif (isset($_GET['read']))
494	{
495	$smarty -> assign("Newslink", "read=".$_GET['read']);
496	}
497	elseif (isset($_GET['step3']))
498	{
499	$smarty -> assign("Newslink", "step3=S");
500	}
501	$smarty -> assign(array('Artid' => $objArticle -> fields['id'],
502	'Arttitle' => $objArticle -> fields['title'],
503	'Artauthor' => $objArticle -> fields['author'],
504	'Artbody' => $objArticle -> fields['body'],
505	'Artcomments' => $intComments,
506	'Next' => $strNext,
507	'Previous' => $strPrevious,
508	'Pageid' => $intPage,
509	'Pageid2' => $intPage2,
510	'Acomment' => A_COMMENT,
511	'Twrite' => T_WRITE,
512	'Tcomments' => T_COMMENTS,
513	'Ttitle' => T_TITLE));
514	$objArticle -> Close();
515	}
516
517	/**
518	* Initialization of variables
519	*/
520	if (!isset($_GET['step']))
521	{
522	$_GET['step'] = '';
523	}
524	if (!isset($_GET['step2']))
525	{
526	$_GET['step2'] = '';
527	}
528	if (!isset($_GET['read']))
529	{
530	$_GET['read'] = '';
531	}
532	if (!isset($_GET['comments']))
533	{
534	$_GET['comments'] = '';
535	}
536	if (!isset($_GET['step3']))
537	{
538	$_GET['step3'] = '';
539	}
540	if (!isset($_GET['article']))
541	{
542	$_GET['article'] = '';
543	}
544
545	/**
546	* Assign variables to template and display page
547	*/
548	$smarty -> assign(array("Step" => $_GET['step'],
549	"Step2" => $_GET['step2'],
550	"Read" => $_GET['read'],
551	"Comments" => $_GET['comments'],
552	"Rank" => $player -> rank,
553	"Aback" => A_BACK,
554	"Step3" => $_GET['step3'],
555	"Article" => $_GET['article']));
556	$smarty -> display('newspaper.tpl');
557	if ($_GET['step'] != "new")
558	{
559	require_once("includes/foot.php");
560	}
561	?>

Gitorious