aboutsummaryrefslogtreecommitdiffstats
path: root/admin
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--admin/update.php4
-rw-r--r--admin/waiting.php106
2 files changed, 56 insertions, 54 deletions
diff --git a/admin/update.php b/admin/update.php
index 627af7812..42683f3cd 100644
--- a/admin/update.php
+++ b/admin/update.php
@@ -25,6 +25,10 @@
// | USA. |
// +-----------------------------------------------------------------------+
+if( !defined("PHPWG_ROOT_PATH") )
+{
+ die ("Hacking attempt!");
+}
include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
define('CURRENT_DATE', "'".date('Y-m-d')."'");
diff --git a/admin/waiting.php b/admin/waiting.php
index feda12754..ebced6120 100644
--- a/admin/waiting.php
+++ b/admin/waiting.php
@@ -24,14 +24,16 @@
// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
// | USA. |
// +-----------------------------------------------------------------------+
-include_once( './admin/include/isadmin.inc.php' );
+if( !defined("PHPWG_ROOT_PATH") )
+{
+ die ("Hacking attempt!");
+}
+include_once( PHPWG_ROOT_PATH.'admin/include/isadmin.inc.php');
//--------------------------------------------------------------------- updates
if ( isset( $_POST['submit'] ) )
{
- $query = 'SELECT id,storage_category_id,file,tn_ext';
- $query.= ' FROM '.PREFIX_TABLE.'waiting';
- $query.= " WHERE validated = 'false'";
- $query.= ';';
+ $query = 'SELECT * FROM '.WAITING_TABLE;
+ $query.= " WHERE validated = 'false';";
$result = mysql_query( $query );
while ( $row = mysql_fetch_array( $result ) )
{
@@ -42,7 +44,7 @@ if ( isset( $_POST['submit'] ) )
{
// The uploaded element was validated, we have to set the
// "validated" field to "true"
- $query = 'UPDATE '.PREFIX_TABLE.'waiting';
+ $query = 'UPDATE '.WAITING_TABLE;
$query.= " SET validated = 'true'";
$query.= ' WHERE id = '.$row['id'];
$query.= ';';
@@ -54,7 +56,7 @@ if ( isset( $_POST['submit'] ) )
{
// The uploaded element was refused, we have to delete its reference
// in the database and to delete the element as well.
- $query = 'DELETE FROM '.PREFIX_TABLE.'waiting';
+ $query = 'DELETE FROM '.WAITING_TABLE;
$query.= ' WHERE id = '.$row['id'];
$query.= ';';
mysql_query( $query );
@@ -66,29 +68,37 @@ if ( isset( $_POST['submit'] ) )
$thumbnail = $conf['prefix_thumbnail'];
$thumbnail.= get_filename_wo_extension( $row['file'] );
$thumbnail.= '.'.$row['tn_ext'];
- $url = '.'.$dir.'thumbnail/'.$thumbnail;
+ $url = PHPWG_ROOT_PATH.$dir.'thumbnail/'.$thumbnail;
unlink( $url );
}
}
}
}
}
+
//----------------------------------------------------- template initialization
-$sub = $vtp->Open( './template/'.$user['template'].'/admin/waiting.vtp' );
-$tpl = array( 'category','date','author','thumbnail','file','delete',
- 'submit','waiting_update' );
-templatize_array( $tpl, 'lang', $sub );
+$template->set_filenames(array('waiting'=>'admin/waiting.tpl'));
+$template->assign_vars(array(
+ 'L_WAITING_CONFIRMATION'=>$lang['waiting_update'],
+ 'L_AUTHOR'=>$lang['author'],
+ 'L_THUMBNAIL'=>$lang['thumbnail'],
+ 'L_DATE'=>$lang['date'],
+ 'L_FILE'=>$lang['file'],
+ 'L_CATEGORY'=>$lang['category'],
+ 'L_SUBMIT'=>$lang['submit'],
+ 'L_DELETE'=>$lang['delete'],
+
+ 'F_ACTION'=>add_session_id(str_replace( '&', '&', $_SERVER['REQUEST_URI'] ))
+ ));
+
//-------------------------------------------------------- confirmation message
-if ( isset( $_POST['submit'] ) )
+if (isset($_POST['submit']))
{
- $vtp->addSession( $sub, 'confirmation' );
- $vtp->closeSession( $sub, 'confirmation' );
+ $template->assign_block_vars('confirmation' ,array());
}
//---------------------------------------------------------------- form display
$cat_names = array();
-$query = 'SELECT id,storage_category_id,file,username,mail_address';
-$query.= ',date,tn_ext';
-$query.= ' FROM '.PREFIX_TABLE.'waiting';
+$query = 'SELECT * FROM '.WAITING_TABLE;
$query.= " WHERE validated = 'false'";
$query.= ' ORDER BY storage_category_id';
$query.= ';';
@@ -96,57 +106,45 @@ $result = mysql_query( $query );
$i = 0;
while ( $row = mysql_fetch_array( $result ) )
{
- $vtp->addSession( $sub, 'picture' );
- $vtp->setVar( $sub, 'picture.id', $row['id'] );
- if ( $i++ % 2 == 0 )
- {
- $vtp->setVar( $sub, 'picture.class', 'row2' );
- }
if ( !isset( $cat_names[$row['storage_category_id']] ) )
{
$cat = get_cat_info( $row['storage_category_id'] );
$cat_names[$row['storage_category_id']] = array();
$cat_names[$row['storage_category_id']]['dir'] =
- '.'.get_complete_dir( $row['storage_category_id'] );
+ PHPWG_ROOT_PATH.get_complete_dir( $row['storage_category_id'] );
$cat_names[$row['storage_category_id']]['display_name'] =
get_cat_display_name( $cat['name'], ' > ', 'font-weight:bold;' );
}
- // category name
- $vtp->setVar( $sub, 'picture.cat_name',
- $cat_names[$row['storage_category_id']]['display_name'] );
- // date displayed like this (in English ) :
- // Sunday 15 June 2003 21:29
- $date = format_date( $row['date'], 'unix', true );
- $vtp->setVar( $sub, 'picture.date', $date );
- // file preview link
- $url = $cat_names[$row['storage_category_id']]['dir'].$row['file'];
- $vtp->setVar( $sub, 'picture.preview_url', $url );
- // file name
- $vtp->setVar( $sub, 'picture.file', $row['file'] );
+ $preview_url = PHPWG_ROOT_PATH.$cat_names[$row['storage_category_id']]['dir'].$row['file'];
+ $class='row1';
+ if ( $i++ % 2== 0 ) $class='row2';
+
+ $template->assign_block_vars('picture' ,array(
+ 'WAITING_CLASS'=>$class,
+ 'CATEGORY_IMG'=>$cat_names[$row['storage_category_id']]['display_name'],
+ 'ID_IMG'=>$row['id'],
+ 'DATE_IMG'=>format_date( $row['date'], 'unix', true ),
+ 'FILE_IMG'=>$row['file'],
+ 'PREVIEW_URL_IMG'=>$preview_url,
+ 'UPLOAD_EMAIL'=>$row['mail_address'],
+ 'UPLOAD_USERNAME'=>$row['username']
+ ));
+
// is there an existing associated thumnail ?
- if ( isset( $row['tn_ext'] ) and $row['tn_ext'] != '' )
+ if ( !empty( $row['tn_ext'] ))
{
- $vtp->addSession( $sub, 'thumbnail' );
$thumbnail = $conf['prefix_thumbnail'];
$thumbnail.= get_filename_wo_extension( $row['file'] );
$thumbnail.= '.'.$row['tn_ext'];
- $url = $cat_names[$row['storage_category_id']]['dir'];
+ $url = $cat_names[$row['storage_category_id']]['dir'];
$url.= 'thumbnail/'.$thumbnail;
- $vtp->setVar( $sub, 'thumbnail.preview_url', $url );
- $vtp->setVar( $sub, 'thumbnail.file', $thumbnail );
- $vtp->closeSession( $sub, 'thumbnail' );
+
+ $template->assign_block_vars('picture.thumbnail' ,array(
+ 'PREVIEW_URL_TN_IMG'=>$url,
+ 'FILE_TN_IMG'=>$thumbnail
+ ));
}
- else
- {
- $vtp->addSession( $sub, 'no_thumbnail' );
- $vtp->closeSession( $sub, 'no_thumbnail' );
- }
- // username and associated mail address
- $vtp->setVar( $sub, 'picture.mail_address', $row['mail_address'] );
- $vtp->setVar( $sub, 'picture.username', $row['username'] );
-
- $vtp->closeSession( $sub, 'picture' );
}
//----------------------------------------------------------- sending html code
-$vtp->Parse( $handle , 'sub', $sub );
+$template->assign_var_from_handle('ADMIN_CONTENT', 'waiting');
?>