News display options

Editing/System options

User options

Misc options

'; } elseif ($do == "categories") { //if category $action = $_GET['action']; //if create new category if ($action == "new") { //if new category $data = $_POST; if (empty($data['name'])) { $proceed = "no"; $error_messages = '
  1. A name is required for the category!
'; } //execute SQL function if no errors if ($proceed != "no") { new_category($data,$_SESSION['username']); unset($data); //success message $success .= '
The category has been successfully created.
'; } } elseif($action == "deleteitems") { $items = $_POST; //get vars //unset post data move_cat so we can get a clean collection of #s unset($items['move_cat']); $move_cat = $_POST['move_cat']; if (!$items) { //if no items, avoid mysql error by just redirecting header("Location: preferences.php?do=categories"); } foreach($items as $key=>$value) { //create list of ids to be deleted $items_f = $items_f."'$value',"; } $items_f = substr_replace($items_f,"",-1); //remove last comma in list for SQL $res = general_query("DELETE FROM ".$databaseinfo['prefix']."categories WHERE id IN (".$items_f.")"); //delete all records where the id is in the list //log the deletion log_this('delete_categories','User '.$_SESSION['username'].' has deleted the following categories (ID(s)): '.$items_f.''); //form sql for deletion of sub cats $res_subdel = general_query("DELETE FROM ".$databaseinfo['prefix']."categories WHERE cat_parent IN (".$items_f.")"); //delete all records where the id is in the list //move items to selected cateogry $res_m = general_query('UPDATE '.$databaseinfo['prefix'].'articles SET article_cat="'.$move_cat.'" WHERE article_cat IN ('.$items_f.')'); header("Location: preferences.php?do=categories&delete_success=1"); } $globalvars['page_name'] = "categories"; $globalvars['page_image'] = "preferences"; $data['cat_list'] = gen_categories('option','top'); $table_rows = gen_categories('row',''); $move_selected = gen_categories('option',''); if ($_GET['delete_success']) { $success .= '
The item(s) have been successfully deleted.
'; } $content = ' '.$error_messages.' '.$success.'

Create new category



Category list

'.$table_rows.'
ID Name Parent (?) Description Date
Move items from categories (that will be deleted) to:
'; } elseif ($do == "display") { //if displaly options //define page name and image $globalvars['page_name'] = "display options"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == "update") { change_config('def_limit',$_POST['def_limit']); change_config('def_offset',$_POST['def_offset']); change_config('timestamp_format',$_POST['timestamp_format']); change_config('def_order',$_POST['def_order']); change_config('def_items_per_page',$_POST['def_items_per_page']); $error_message = '
Your preferences have been saved.
'; //log the change log_this('display_config','User '.$_SESSION['username'].' has edited the default display options'); } //generate gconfig values $timestamp_format = load_config('timestamp_format'); $def_offset = load_config('def_offset'); $def_items_per_page = load_config('def_items_per_page'); $def_limit = load_config('def_limit'); $def_order = load_config('def_order'); if ($def_order['v1'] == "desc") { $def_order_display = "Descending"; } elseif ($def_order['v1'] == "asc") { $def_order_display = "Ascending"; } $content = ' '.$error_message.'

Display options






(date function help)
'; } elseif ($do == "comments") { //if comment options //define page name and image $globalvars['page_name'] = 'comment options'; $globalvars['page_image'] = 'preferences'; if ($_GET['action'] == "update") { change_config('def_comlimit',$_POST['def_comlimit']); change_config('def_comorder',$_POST['def_comorder']); change_config('def_comenabled',$_POST['def_comenabled']); $error_message = '
Your preferences have been saved.
'; //log the change log_this('comment_config','User '.$_SESSION['username'].' has edited the default comment options'); } //generate gconfig values $def_comlimit = load_config('def_comlimit'); $def_comorder = load_config('def_comorder'); $def_comenabled = load_config('def_comenabled'); if ($def_comorder['v1'] == "desc") { $def_comorder_display = "Descending"; } elseif ($def_comorder['v1'] == "asc") { $def_comorder_display = "Ascending"; } if ($def_comenabled['v1'] == 0) { $def_comenabled_display = "No"; } elseif ($def_comenabled['v1'] == 1) { $def_comenabled_display = "Yes"; } $content = ' '.$error_message.'

Display options





'; } elseif ($do == "feed") { //if rss $globalvars['page_name'] = 'rss/atom management'; $globalvars['page_image'] = 'preferences'; //set preferences image if ($_GET['action'] == "update") { change_config('def_rsslimit',$_POST['def_rsslimit']); change_config('def_rssorder',$_POST['def_rssorder']); change_config('def_rsstitle',$_POST['def_rsstitle']); change_config('def_rssdesc',$_POST['def_rssdesc']); change_config('def_rssenabled',$_POST['def_rssenabled']); $error_message = '
Your preferences have been saved.
'; //log the change log_this('rss_config','User '.$_SESSION['username'].' has edited the default rss options'); } //generate gconfig values $def_rsslimit = load_config('def_rsslimit'); $def_rssorder = load_config('def_rssorder'); $def_rssenabled = load_config('def_rssenabled'); $def_rsstitle = load_config('def_rsstitle'); $def_rssdesc = load_config('def_rssdesc'); if ($def_rssorder['v1'] == "desc") { $def_rssorder_display = "Descending"; } elseif ($def_rssorder['v1'] == "asc") { $def_rssorder_display = "Ascending"; } if ($def_rssenabled['v1'] == 0) { $def_rssenabled_display = "No"; } elseif ($def_rssenabled['v1'] == 1) { $def_rssenabled_display = "Yes"; } $content = ' '.$error_message.'

Display options







'; } elseif ($do == "freeze") { //freeze/cache management //define name and image $globalvars['page_name'] = 'freeze management'; $globalvars['page_image'] = 'preferences'; //set preferences image $action = $_GET['action']; if ($action == "p") { //if the integration code has any illegal chars, stop. This means anything that could be used for malicious ways if (strstr($_POST['integration_code'], '(') || strstr($_POST['integration_code'], '{') || strstr($_POST['integration_code'], 'echo') || strstr($_POST['integration_code'], 'globalvars') || strstr($_POST['integration_code'], 'databaseinfo') || strstr($_POST['integration_code'], '$_')) { $success .= '
Only pre-include variables may be used!
'; } else { ob_start(); //start output buffering to gather phpns articles into a var eval(stripslashes($_POST['integration_code'])); $phpns['always_show_full_story'] = TRUE; $phpns['static'] = TRUE; include("shownews.php"); $freeze_articles = ob_get_contents(); //get contents ob_end_clean(); //kill buffer } if ($freeze_articles) { $rand_file_token = md5(uniqid(rand(), true)); //generate unique id token for file creation if ($freeze_open = @fopen("inc/freeze/freeze.".$rand_file_token.".php",'w')) { //if file is created... fwrite($freeze_open, $freeze_articles); //generate include path $path_to = $_SERVER['SCRIPT_FILENAME']; $path_to = str_replace("preferences.php","inc/freeze/freeze.".$rand_file_token.".php",$path_to); $success = '
Phpns created the freeze file successfully!

Freeze code

Your freeze code was successfully created. To activate the freeze, you need to add the following pre-include variable to your phpns instance!

'; } else { $warning .= '
Phpns could not create the freeze file (inc/freeze'.$rand_file_token.'.php). Make sure phpns has permission to write to the /inc/ directory!
'; } } else { $warning .= '
Phpns could not generate the articles to be written to freeze file. Probably mal-formed integration code.
'; } } //form the content for template $content = ' '.$warning.' '.$success.'

Integration code (pre-include variables):

In this step, you may want to paste the pre-include variables you are using for the desired static phpns instance. This can be left blank if you want a default instance of phpns. Do not use <?php or ?>.

Pagination will not work with the freeze feature; only page 1 will be generated. Also, the full story will be included immediately below the main article.
'; } elseif ($do == "templates") { //define page name & default image $globalvars['page_name'] = 'templates'; $globalvars['page_image'] = 'preferences'; //set preferences image $action = $_GET['action']; if ($action == "switch") { //switch default template $sw_id = $_POST['select']; if (switch_template($sw_id)) { $message = '
The template you selected is now the default template.
'; } else { $message = '
There was an error switching the template.
'; } unset($action); } if (!$action) { //we're going to fetch all the available templates. $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates'); //execute tsql while ($trow = mysql_fetch_assoc($tres)) { //get arrays $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg $trow['timestamp'] = date($globalvars['time_format'],$trow['timestamp']); if ($trow['template_selected'] == TRUE) { //set the radio button to checked if it's currently selected $trow['template_selected'] = 'checked="checked"'; } if ($trow['template_desc'] == NULL) { //if no reason set, we need to set to N/A $trow['template_desc'] = 'N/A'; } $template_rows .= ' '.$trow['id'].' delete icon edit icon '.$trow['template_name'].' '.$trow['template_desc'].' '.$trow['template_author'].' '.$trow['timestamp'].' '; } if ($_GET['delete_success']) { $success .= '
The item(s) have been successfully deleted.
'; } if ($_GET['create_success']) { $success .= '
The template has been succesfully created.
'; } $content = ' '.$message.' '.$success.'

Options

Template list

'.$template_rows.'
ID Name Description Author Date Active
'; } elseif ($action == "new") { $content = template_form(); } elseif ($action == "newp") { //create new template process $data = $_POST; $continue = TRUE; //set continue var if ($data['template_name'] == "") { $continue = FALSE; $error_message = '
You must enter a title for this template before continuing.
'; } if ($continue == TRUE) { //create template $res = new_template($data,$_SESSION['username']); //redirect to templates header("Location: preferences.php?do=templates&create_success=1"); } else { $globalvars['page_name'] == 'templates'; $globalvars['page_image'] == 'error'; $content = template_form(); } } elseif ($action == "edit") { //if editing a template $tid = $_GET['tid']; $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.'',1); //execute tsql $content = template_form($tres); } elseif ($action == "editp") { $data = $_POST; $continue = TRUE; //set continue var if ($data['template_name'] == NULL) { $continue = FALSE; $error_message = '
You must enter a title for this template before continuing.
'; } if ($continue == TRUE) { $globalvars['page_name'] = "templates"; $globalvars['page_image'] = "success"; //give $data post vars $res = edit_template($data,$_SESSION['username']); //get template id $tid = $_POST['id']; //after the edit, redisplay form with edited values $tres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.'',1); //execute tsql $content = template_form($tres); } else { $globalvars['page_name'] == 'templates'; $globalvars['page_image'] == 'error'; $content = template_form($data); } } elseif ($action == "delete") { //get tid and delete from db $tid = clean_data($_GET['tid']); $dres = general_query('DELETE FROM '.$databaseinfo['prefix'].'templates WHERE id='.$tid.''); //execute tsql //redirect to templates header("Location: preferences.php?do=templates&delete_success=1"); } } elseif ($do == "sef") { //search engine friendly urls page $globalvars['page_name'] = 'search engine friendly urls'; $globalvars['page_image'] = "preferences"; //edited out by alecwh: .htaccess is not necessary in the /phpns/ directory..., so it's not necessary to check for one. // if(is_file('.htaccess') ? $fileaccess = @file_get_contents(".htaccess") : $fileaccess = 'There is currently no .htaccess file, please make one!' ); $content = '

The suggested .htaccess file:

Place this \'.htaccess\' file wherever your news is being displayed on your website. This is usually the root of your website, \'/\'. You may also change the \'index.php\' reference to whatever file phpns displays news in.

The .htaccess file is not required for phpns to generate SEF URLs. You can activate using the $phpns[\'sef_override\'] pre-include variable to activate.

'; } elseif ($do == "ban") { //if ban page $globalvars['page_name'] = "ban options"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == 'newp') { //if the action is new process $data = $_POST; //assign post to $data clean_data($data['reason']); //clean //if ip is empty or in an incorrect form, display error if (!$data['ip'] || !preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/', $data['ip'])) { $error_message = '
Please make sure the IP address is in correct form, or is not blank.
'; } else { ban($data,$_SESSION['username']); //ban. //success message $success = '
The IP address has been banned.
'; } } elseif ($_GET['action'] == "delete") { //if we're deleting banned ip addresses $items = $_POST; //get vars foreach($items as $key=>$value) { //create list of ids to be deleted $items_f = $items_f."'$value',"; } $items_f = substr_replace($items_f,"",-1); //remove last comma in list for SQL $res = general_query('DELETE FROM '.$databaseinfo['prefix'].'banlist WHERE id IN ('.$items_f.')'); //delete query //success message $success .= '
The selected ban(s) have been lifted.
'; //log the change log_this('lift_ban','User '.$_SESSION['username'].' has lifted bans for the following ids: '.$items_f.''); } //fetch banned ips $bres = general_query('SELECT * FROM '.$databaseinfo['prefix'].'banlist'); //fetch query while ($brow = mysql_fetch_assoc($bres)) { //get arrays $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg $brow['timestamp'] = date($globalvars['time_format'],$brow['timestamp']); if ($brow['reason'] == NULL) { //if no reason set, we need to set to N/A $brow['reason'] = 'N/A'; } $ip_rows .= ' '.$brow['ip'].' '.$brow['reason'].' '.$brow['banned_by'].' '.$brow['timestamp'].' '; } if (mysql_num_rows($bres) == 0) { $ip_rows = 'No returned results...'; } $content = ' '.$error_message.' '.$success.'

Ban an IP


Ban list

'.$ip_rows.'
IP Reason for ban Banned by Date of ban
'; } elseif ($do == "wizard") { $globalvars['page_name'] = "integration wizard"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == "p") { //definitions based on what was submitted $generate['category'] = ($_POST['category']) ? ("\n\t".'$phpns[\'category\'] = \''.join($_POST['category'], ',').'\';') : (''); $generate['rss'] = ($_POST['rss']) ? ('$phpns[\'mode\'] = \'rss\';') : (''); $generate['limit'] = ($_POST['display_limit']) ? ("\n\t".'$phpns[\'limit\'] = \''.$_POST['display_limit'].'\';') : (''); $generate['template'] = ($_POST['template']) ? ("\n\t".'$phpns[\'template\'] = \''.$_POST['template'].'\';') : (''); $generate['order'] = ($_POST['order']) ? ("\n\t".'$phpns[\'order\'] = \''.$_POST['order'].'\';') : (''); $generate['offset'] = ($_POST['offset']) ? ("\n\t".'$phpns[\'offset\'] = \''.$_POST['offset'].'\';') : (''); $generate['script_path'] = ($_POST['script_path']) ? ("\n\t".'$phpns[\'script_path\'] = \''.$_POST['script_path'].'\';') : (''); $generate['disable_pagination'] = ($_POST['disable_pagination']) ? ("\n\t".'$phpns[\'disable_pagination\'] = \''.$_POST['disable_pagination'].'\';') : (''); $generate['items_per_page'] = ($_POST['items_per_page']) ? ("\n\t".'$phpns[\'items_per_page\'] = \''.$_POST['items_per_page'].'\';') : (''); $generate['override_sef'] = ($_POST['override_sef']) ? ("\n\t".'$phpns[\'override_sef\'] = \''.$_POST['override_sef'].'\';') : (''); $generate['override_comments'] = ($_POST['override_comments']) ? ("\n\t".'$phpns[\'override_comments\'] = \''.$_POST['override_comments'].'\';') : (''); $generate['static'] = ($_POST['static']) ? ("\n\t".'$phpns[\'static\'] = \''.$_POST['static'].'\';') : (''); $generate['always_show_extended_article'] = ($_POST['always_show_extended_article']) ? ("\n\t".'$phpns[\'always_show_extended_article\'] = \''.$_POST['always_show_extended_article'].'\';') : (''); $generate['disable_extended_article'] = ($_POST['disable_extended_article']) ? ("\n\t".'$phpns[\'disable_extended_article\'] = \''.$_POST['disable_extended_article'].'\';') : (''); //generate include path $path_to = $_SERVER['SCRIPT_FILENAME']; $path_to = str_replace("preferences.php","shownews.php",$path_to); $content .= '

Generated code

Your include code was successfully generated. Simply paste the following code wherever you want your news displayed:

'; } $data['cat_list'] = gen_categories('option',''); $data['template_list'] = gen_templates(); //integration wizard form $content .= '

Display configuration




(numeric, 1 - 9999, or blank for default)
(numeric, 0 - 9999, or blank for default)
(script where articles will be linked to, before ?a=xx)

Pagination settings (expand/collapse)

Advanced (expand/collapse)

'; } elseif ($do == "syslog") { $globalvars['page_name'] = "system log"; $globalvars['page_image'] = "preferences"; //determine pagintation variables and sorting $page = $_GET['page']; if (!$page) { $page = 1; } $items_per_page = 20; $page_start = ($page*$items_per_page) - $items_per_page; $next_page = $page + 1; $prev_page = $page - 1; //get sorting info and view $sort = $_GET['sort']; $v = $_GET['v']; //END OF PAGINATION/SORTING $content = log_form(); } elseif ($do == "backup") { $globalvars['page_name'] = "database backup"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == "backup") { //mysqldump -u alecwh --password=alecwh phpns2 > database.sql exec('mysqldump -u '.$databaseinfo['user'].' --password='.$databaseinfo['password'].' '.$databaseinfo['dbname'].' > '.$databaseinfo['dbname'].'.sql'); //log the change log_this('backup_db','User '.$_SESSION['username'].' has backed up the system database.'); //define filepaths and determine future gz file $file = $databaseinfo['dbname'].'.sql'; //the current dump // $file = file_get_contents($file); /* COMPRESSION FOR FILE, COMMENTED OUT UNTIL WE CAN SOLIDIFY THE PROCESS. //encode and write to file process $data = implode("", file($file)); $gzdata = gzuncompress($data, 9); //encrypt to .gz, most compression possible (9) $fp = fopen($gz_file_to_produce, "w"); //open to write fwrite($fp, $gzdata); //write fclose($fp); //close > > > > [/color] */ //redirect to etc for actual header info header("Location: etc.php?do=backup"); } elseif ($_GET['action'] == "restore") { //if we're restoring the data //action for uploaded file, for db restore $target_path = basename($_FILES['file']['name']); if (move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) { //the file has been uploaded, now we deal wtih manipulation. //de-gz the file //THIS WAS THE PROBLEM with .gz compression, the decompression was not widely supported. Maybe support in the future, but for now, we're not dealing with it. //execute and dump data exec('mysql -u '.$databaseinfo['user'].' --password='.$databaseinfo['password'].' '.$databaseinfo['dbname'].' < '.$target_path.''); } else { //log the change log_this('backup_restore','User '.$_SESSION['username'].' has restored a previous phpns database.'); $error_message .= '
There was an error uploading the file.
'; } } if ($_GET['success'] == 'no') { $output = '
Phpns could not create the database file. This is usually a problem with file permissions; make sure phpns can create files in this directory.
'; } $content .= ' '.$output.'

Create backup

Once you click the button below, phpns will create a backup of the whole phpns database, and then compress to .sql when available.

Restore backup

Please browse to the backup file earlier created.


'; } elseif ($do == "images") { $globalvars['page_name'] = "image uploads and settings"; $globalvars['page_image'] = "preferences"; } elseif ($do == "themes") { //if themes //define page name & default image $globalvars['page_name'] = 'themes'; $globalvars['page_image'] = 'preferences'; //set preferences image $action = $_GET['action']; $path = $_POST['path']; if ($action == "switch" && $path != "") { //if theme switch is underway.... $theme_path = 'themes/'.$path.'/'; //construct filepath $themeinfo = simplexml_load_file('themes/'.$path.'/theme.xml'); $timestamp = time(); //first, we're going to delete previous theme selection(s). There should only ever be one. $sql_del = general_query('DELETE FROM '.$databaseinfo['prefix'].'themes'); $res = general_query("INSERT INTO ".$databaseinfo['prefix']."themes (theme_name,theme_author,theme_dir,base_dir,timestamp,theme_selected) VALUES ( '".$themeinfo->name."', '".$themeinfo->author."', '".$theme_path."', '".$path."', '".$timestamp."', 1) "); //form query and execute //log the change log_this('change_theme','User '.$_SESSION['username'].' has changed the default system theme.'); $content = '
The theme has been saved.
'; } $scanlisting = scandir("themes/"); $dirlisting = array(); foreach($scanlisting as $key => $value) { if (is_dir("themes/$value") == true && $value != '.' && $value != '..') { $dirlisting[] = $value; } } $themelist = '
'; foreach($dirlisting as $key => $value) { if (is_file("themes/$value/theme.xml")) { $themeinfo = simplexml_load_file('themes/'.$value.'/theme.xml'); //sql to fetch current theme, so we can have the theme selected $stheme = general_query('SELECT * FROM '.$databaseinfo['prefix'].'themes WHERE theme_selected=1', TRUE); //radio button. selected or not? if ("$themeinfo->name" == $stheme['theme_name']) { $radio = ''; } else { $radio = ''; } $row_bg = ($row_bg == $globalvars['altcolor'][2]) ? $globalvars['altcolor'][1] : $globalvars['altcolor'][2]; //current row bg $themelist = $themelist.' '.$radio.' '; } } $themelist = $themelist.'
Preview Name Author Description Active
preview '."$themeinfo->name".' website".'"> '."$themeinfo->author".' '."$themeinfo->description".'
'; //compile content for themes $content .= '

Detected themes (in the /themes directory)

'.$themelist.' '; } elseif ($do == "wysiwyg") { $globalvars['page_name'] = "wysiwyg options"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == 'update') { change_config('wysiwyg',$_POST['wysiwyg']); $message = "
The wysiwyg editor has been changed to '".$_POST['wysiwyg']."'
"; //log the change log_this('wysiwyg_options','User '.$_SESSION['username'].' has disabled/enabled the wysiwyg editor'); } $wysiwyg = load_config('wysiwyg'); $content = ' '.$message.'

wysiwyg


*The WYSIWYG editor can be disabled/enabled by clicking "Toggle WYSIWYG" next to textareas ONLY if the editor is active.

Phpns currently uses the TinyMCE wysiwyg textarea application, licensed under the LGPL. We also use the codepress code editor for template management. Thanks to these guys for awesome projects!

'; } elseif ($do == "timestamp") { $globalvars['page_name'] = "system timestamp format"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == 'update') { change_config('sys_time_format',$_POST['sys_time_format']); $message = "
The system timestamp format has been changed to '".$_POST['sys_time_format']."'
"; //log the change log_this('system_timestamp','User '.$_SESSION['username'].' has modified the default system timestamp format to "'.$_POST['sys_time_format'].'"'); } $sys_time_format = load_config('sys_time_format'); $content = '

system timestamp format

'.$message.'

phpns uses the date(); function for formatting the system time. You can find a manual on the function at the php website.


'; } elseif ($do == "line") { $globalvars['page_name'] = "online/offline options"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == 'update') { change_config('line',$_POST['line']); $message = "
The online/offline status has been changed to '".$_POST['line']."'
"; //log the change log_this('site_line','User '.$_SESSION['username'].' has changed the online/offline status'); } $line = load_config('line'); $content = ' '.$message.'

Line options


If the above option is set to \'no\' (or \'offline\'), users will not be able to view any articles on your website.
'; } elseif ($do == "globalmessage") { $globalvars['page_name'] = "global message"; $globalvars['page_image'] = "preferences"; if ($_GET['action'] == "update") { change_config('global_message',$_POST['message']); $error_message = '
Your message have been saved.
'; //log the change log_this('global_message','User '.$_SESSION['username'].' has edited the default global message'); } $global_message = load_config('global_message'); $content = $error_message.'

global message


*If you do not want any message, leave the above field blank.
'; } include("inc/themecontrol.php"); //include theme script ?>