1<?php
2/***************************************************************************
3 *                              admin_ranks.php
4 *                            -------------------
5 *   begin                : Thursday, Jul 12, 2001
6 *   copyright            : (C) 2001 The phpBB Group
7 *   email                : support@phpbb.com
8 *
9 *   $Id: admin_ranks.php 8377 2008-02-10 12:52:05Z acydburn $
10 *
11 ***************************************************************************/
12
13/***************************************************************************
14 *
15 *   This program is free software; you can redistribute it and/or modify
16 *   it under the terms of the GNU General Public License as published by
17 *   the Free Software Foundation; either version 2 of the License, or
18 *   (at your option) any later version.
19 *
20 ***************************************************************************/
21
22if( !empty($setmodules) )
23{
24	$file = basename(__FILE__);
25	$module['Users']['Ranks'] = $file;
26	return;
27}
28
29define('IN_PHPBB', 1);
30
31//
32// Let's set the root dir for phpBB
33//
34$phpbb_root_path = "./../";
35require($phpbb_root_path . 'extension.inc');
36
37$cancel = ( isset($HTTP_POST_VARS['cancel']) || isset($_POST['cancel']) ) ? true : false;
38$no_page_header = $cancel;
39
40require('./pagestart.' . $phpEx);
41
42if ($cancel)
43{
44	redirect('admin/' . append_sid("admin_ranks.$phpEx", true));
45}
46
47if( isset($HTTP_GET_VARS['mode']) || isset($HTTP_POST_VARS['mode']) )
48{
49	$mode = (isset($HTTP_GET_VARS['mode'])) ? $HTTP_GET_VARS['mode'] : $HTTP_POST_VARS['mode'];
50	$mode = htmlspecialchars($mode);
51}
52else
53{
54	//
55	// These could be entered via a form button
56	//
57	if( isset($HTTP_POST_VARS['add']) )
58	{
59		$mode = "add";
60	}
61	else if( isset($HTTP_POST_VARS['save']) )
62	{
63		$mode = "save";
64	}
65	else
66	{
67		$mode = "";
68	}
69}
70
71// Restrict mode input to valid options
72$mode = ( in_array($mode, array('add', 'edit', 'save', 'delete')) ) ? $mode : '';
73
74if( $mode != "" )
75{
76	if( $mode == "edit" || $mode == "add" )
77	{
78		//
79		// They want to add a new rank, show the form.
80		//
81		$rank_id = ( isset($HTTP_GET_VARS['id']) ) ? intval($HTTP_GET_VARS['id']) : 0;
82
83		$s_hidden_fields = "";
84
85		if( $mode == "edit" )
86		{
87			if( empty($rank_id) )
88			{
89				message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
90			}
91
92			$sql = "SELECT * FROM " . RANKS_TABLE . "
93				WHERE rank_id = $rank_id";
94			if(!$result = $db->sql_query($sql))
95			{
96				message_die(GENERAL_ERROR, "Couldn't obtain rank data", "", __LINE__, __FILE__, $sql);
97			}
98
99			$rank_info = $db->sql_fetchrow($result);
100			$s_hidden_fields .= '<input type="hidden" name="id" value="' . $rank_id . '" />';
101
102		}
103		else
104		{
105			$rank_info['rank_special'] = 0;
106		}
107
108		$s_hidden_fields .= '<input type="hidden" name="mode" value="save" />';
109
110		$rank_is_special = ( $rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
111		$rank_is_not_special = ( !$rank_info['rank_special'] ) ? "checked=\"checked\"" : "";
112
113		$template->set_filenames(array(
114			"body" => "admin/ranks_edit_body.tpl")
115		);
116
117		$template->assign_vars(array(
118			"RANK" => $rank_info['rank_title'],
119			"SPECIAL_RANK" => $rank_is_special,
120			"NOT_SPECIAL_RANK" => $rank_is_not_special,
121			"MINIMUM" => ( $rank_is_special ) ? "" : $rank_info['rank_min'],
122			"IMAGE" => ( $rank_info['rank_image'] != "" ) ? $rank_info['rank_image'] : "",
123			"IMAGE_DISPLAY" => ( $rank_info['rank_image'] != "" ) ? '<img src="../' . $rank_info['rank_image'] . '" />' : "",
124
125			"L_RANKS_TITLE" => $lang['Ranks_title'],
126			"L_RANKS_TEXT" => $lang['Ranks_explain'],
127			"L_RANK_TITLE" => $lang['Rank_title'],
128			"L_RANK_SPECIAL" => $lang['Rank_special'],
129			"L_RANK_MINIMUM" => $lang['Rank_minimum'],
130			"L_RANK_IMAGE" => $lang['Rank_image'],
131			"L_RANK_IMAGE_EXPLAIN" => $lang['Rank_image_explain'],
132			"L_SUBMIT" => $lang['Submit'],
133			"L_RESET" => $lang['Reset'],
134			"L_YES" => $lang['Yes'],
135			"L_NO" => $lang['No'],
136
137			"S_RANK_ACTION" => append_sid("admin_ranks.$phpEx"),
138			"S_HIDDEN_FIELDS" => $s_hidden_fields)
139		);
140
141	}
142	else if( $mode == "save" )
143	{
144		//
145		// Ok, they sent us our info, let's update it.
146		//
147
148		$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : 0;
149		$rank_title = ( isset($HTTP_POST_VARS['title']) ) ? trim($HTTP_POST_VARS['title']) : "";
150		$special_rank = ( $HTTP_POST_VARS['special_rank'] == 1 ) ? TRUE : 0;
151		$min_posts = ( isset($HTTP_POST_VARS['min_posts']) ) ? intval($HTTP_POST_VARS['min_posts']) : -1;
152		$rank_image = ( (isset($HTTP_POST_VARS['rank_image'])) ) ? trim($HTTP_POST_VARS['rank_image']) : "";
153
154		if( $rank_title == "" )
155		{
156			message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
157		}
158
159		if( $special_rank == 1 )
160		{
161			$max_posts = -1;
162			$min_posts = -1;
163		}
164
165		//
166		// The rank image has to be a jpg, gif or png
167		//
168		if($rank_image != "")
169		{
170			if ( !preg_match("/(\.gif|\.png|\.jpg)$/is", $rank_image))
171			{
172				$rank_image = "";
173			}
174		}
175
176		if ($rank_id)
177		{
178			if (!$special_rank)
179			{
180				$sql = "UPDATE " . USERS_TABLE . "
181					SET user_rank = 0
182					WHERE user_rank = $rank_id";
183
184				if( !$result = $db->sql_query($sql) )
185				{
186					message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
187				}
188			}
189			$sql = "UPDATE " . RANKS_TABLE . "
190				SET rank_title = '" . str_replace("\'", "''", $rank_title) . "', rank_special = $special_rank, rank_min = $min_posts, rank_image = '" . str_replace("\'", "''", $rank_image) . "'
191				WHERE rank_id = $rank_id";
192
193			$message = $lang['Rank_updated'];
194		}
195		else
196		{
197			$sql = "INSERT INTO " . RANKS_TABLE . " (rank_title, rank_special, rank_min, rank_image)
198				VALUES ('" . str_replace("\'", "''", $rank_title) . "', $special_rank, $min_posts, '" . str_replace("\'", "''", $rank_image) . "')";
199
200			$message = $lang['Rank_added'];
201		}
202
203		if( !$result = $db->sql_query($sql) )
204		{
205			message_die(GENERAL_ERROR, "Couldn't update/insert into ranks table", "", __LINE__, __FILE__, $sql);
206		}
207
208		$message .= "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
209
210		message_die(GENERAL_MESSAGE, $message);
211
212	}
213	else if( $mode == "delete" )
214	{
215		//
216		// Ok, they want to delete their rank
217		//
218
219		if( isset($HTTP_POST_VARS['id']) || isset($HTTP_GET_VARS['id']) )
220		{
221			$rank_id = ( isset($HTTP_POST_VARS['id']) ) ? intval($HTTP_POST_VARS['id']) : intval($HTTP_GET_VARS['id']);
222		}
223		else
224		{
225			$rank_id = 0;
226		}
227
228		$confirm = isset($HTTP_POST_VARS['confirm']);
229
230		if( $rank_id && $confirm )
231		{
232			$sql = "DELETE FROM " . RANKS_TABLE . "
233				WHERE rank_id = $rank_id";
234
235			if( !$result = $db->sql_query($sql) )
236			{
237				message_die(GENERAL_ERROR, "Couldn't delete rank data", "", __LINE__, __FILE__, $sql);
238			}
239
240			$sql = "UPDATE " . USERS_TABLE . "
241				SET user_rank = 0
242				WHERE user_rank = $rank_id";
243
244			if( !$result = $db->sql_query($sql) )
245			{
246				message_die(GENERAL_ERROR, $lang['No_update_ranks'], "", __LINE__, __FILE__, $sql);
247			}
248
249			$message = $lang['Rank_removed'] . "<br /><br />" . sprintf($lang['Click_return_rankadmin'], "<a href=\"" . append_sid("admin_ranks.$phpEx") . "\">", "</a>") . "<br /><br />" . sprintf($lang['Click_return_admin_index'], "<a href=\"" . append_sid("index.$phpEx?pane=right") . "\">", "</a>");
250
251			message_die(GENERAL_MESSAGE, $message);
252
253		}
254		elseif( $rank_id && !$confirm)
255		{
256			// Present the confirmation screen to the user
257			$template->set_filenames(array(
258				'body' => 'admin/confirm_body.tpl')
259			);
260
261			$hidden_fields = '<input type="hidden" name="mode" value="delete" /><input type="hidden" name="id" value="' . $rank_id . '" />';
262
263			$template->assign_vars(array(
264				'MESSAGE_TITLE' => $lang['Confirm'],
265				'MESSAGE_TEXT' => $lang['Confirm_delete_rank'],
266
267				'L_YES' => $lang['Yes'],
268				'L_NO' => $lang['No'],
269
270				'S_CONFIRM_ACTION' => append_sid("admin_ranks.$phpEx"),
271				'S_HIDDEN_FIELDS' => $hidden_fields)
272			);
273		}
274		else
275		{
276			message_die(GENERAL_MESSAGE, $lang['Must_select_rank']);
277		}
278	}
279
280	$template->pparse("body");
281
282	include('./page_footer_admin.'.$phpEx);
283}
284
285//
286// Show the default page
287//
288$template->set_filenames(array(
289	"body" => "admin/ranks_list_body.tpl")
290);
291
292$sql = "SELECT * FROM " . RANKS_TABLE . "
293	ORDER BY rank_min ASC, rank_special ASC";
294if( !$result = $db->sql_query($sql) )
295{
296	message_die(GENERAL_ERROR, "Couldn't obtain ranks data", "", __LINE__, __FILE__, $sql);
297}
298$rank_count = $db->sql_numrows($result);
299
300$rank_rows = $db->sql_fetchrowset($result);
301
302$template->assign_vars(array(
303	"L_RANKS_TITLE" => $lang['Ranks_title'],
304	"L_RANKS_TEXT" => $lang['Ranks_explain'],
305	"L_RANK" => $lang['Rank_title'],
306	"L_RANK_MINIMUM" => $lang['Rank_minimum'],
307	"L_SPECIAL_RANK" => $lang['Rank_special'],
308	"L_EDIT" => $lang['Edit'],
309	"L_DELETE" => $lang['Delete'],
310	"L_ADD_RANK" => $lang['Add_new_rank'],
311	"L_ACTION" => $lang['Action'],
312
313	"S_RANKS_ACTION" => append_sid("admin_ranks.$phpEx"))
314);
315
316for($i = 0; $i < $rank_count; $i++)
317{
318	$rank = $rank_rows[$i]['rank_title'];
319	$special_rank = $rank_rows[$i]['rank_special'];
320	$rank_id = $rank_rows[$i]['rank_id'];
321	$rank_min = $rank_rows[$i]['rank_min'];
322
323	if( $special_rank == 1 )
324	{
325		$rank_min = $rank_max = "-";
326	}
327
328	$row_color = ( !($i % 2) ) ? $theme['td_color1'] : $theme['td_color2'];
329	$row_class = ( !($i % 2) ) ? $theme['td_class1'] : $theme['td_class2'];
330
331	$rank_is_special = ( $special_rank ) ? $lang['Yes'] : $lang['No'];
332
333	$template->assign_block_vars("ranks", array(
334		"ROW_COLOR" => "#" . $row_color,
335		"ROW_CLASS" => $row_class,
336		"RANK" => $rank,
337		"SPECIAL_RANK" => $rank_is_special,
338		"RANK_MIN" => $rank_min,
339
340		"U_RANK_EDIT" => append_sid("admin_ranks.$phpEx?mode=edit&amp;id=$rank_id"),
341		"U_RANK_DELETE" => append_sid("admin_ranks.$phpEx?mode=delete&amp;id=$rank_id"))
342	);
343}
344
345$template->pparse("body");
346
347include('./page_footer_admin.'.$phpEx);
348
349?>
350