Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 275 → Rev 306

/admin/all-accounts.php
17,7 → 17,7
write('<td class="bold">ID</td>');
write('<td class="bold">AccessID</td>');
write('<td class="bold">Username</td>');
write('<td class="bold">Password</td>');
write('<td class="bold">SHA1 Password</td>');
write('<td class="bold">Name</td>');
write('<td class="bold">Email Address</td>');
write('<td class="bold">Challenge ID</td>');
/wiki/index.php
12,6 → 12,8
$page->drawHeader();
$page->drawMiddle();
 
write('<p><i>The wiki is still under construction.</i></p>');
 
if ($page->isUserGM($page->getLoggedInUser()))
{
write('<p><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
/wiki/edit-do.php
10,6 → 10,8
 
$page = new Taios_Page('Edit Page - ' . $pageName, '../');
 
$page->checkLoggedIn();
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$filename = 'pages/' . $pageName . '.txt';
/wiki/edit.php
12,6 → 12,8
$page->drawHeader();
$page->drawMiddle();
 
$page->checkLoggedIn();
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$filename = 'pages/' . $pageName . '.txt';
/forums/index.php
3,8 → 3,6
require '../_taios.php';
 
$page = new Taios_Page('Forums', '../');
$page->drawHeader();
$page->drawMiddle();
 
$parentID = $_GET['parentID'];
if (empty($parentID))
11,18 → 9,35
{
$parentID = -1;
}
else if ($parentID != -1)
{
$page->title = $page->getForumCategory($parentID)->title;
}
 
$page->drawHeader();
$page->drawMiddle();
 
write('<p><i>The forums are still under construction.</i></p>');
 
write('<p class="bold">');
if ($parentID != -1)
{
write('<a href="index.php?parentID=-1">Back to root</a>');
}
if ($page->isUserAdmin($page->getLoggedInUser()))
if ($page->isLoggedIn())
{
if ($parentID != -1)
{
write(' &middot; ');
}
write('<a href="add-post.php?categoryID=' . $parentID . '">Add Post</a>');
}
if ($page->isUserAdmin($page->getLoggedInUser()))
{
if ($page->isLoggedIn())
{
write(' &middot; ');
}
write('<a href="add-category.php?parentID=' . $parentID . '">Add Category</a>');
}
write('</p><br />');
41,7 → 56,7
write('<p>' . $forumCategory->description . '</p>');
if ($page->isUserAdmin($page->getLoggedInUser()))
{
write('<p class="bold"><a href="edit-category.php?id=' . $forumCategory->ID . '">Edit Category</a> &nbsp;&nbsp; &middot; &nbsp;&nbsp; <a href="delete-category.php?id=' . $forumCategory->ID . '">Delete Category</a></p>');
write('<p class="bold"><a href="edit-category.php?id=' . $forumCategory->ID . '">Edit Category</a> &nbsp; &middot; &nbsp; <a href="delete-category-do.php?id=' . $forumCategory->ID . '">Delete Category</a></p>');
}
write('<br />');
}
/forums/post.php
1,29 → 1,45
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Forum Post', '../');
$page->drawHeader();
$page->drawMiddle();
 
$id = $page->getGetID();
$forumPost = $page->getForumPost($id);
write('<p class="bold"><a href="index.php?parentID=' . $forumPost->category->ID . '">Back to Topics</a></p><br />');
 
write('<h3>' . $forumPost->title . '</h3>');
write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
write('<br />');
 
$ids = $page->findIDs('ForumPosts', 'WHERE ParentID = ' . $id . ' ORDER BY DatePosted DESC');
for ($i = 0; $i < count($ids); $i++)
{
$forumPost = $page->getForumPost($ids[$i]);
write('<h4>' . $forumPost->title . '</h4>');
write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
write('<br />');
}
 
$page->drawFooter();
 
?>
 
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Forum Post', '../');
$page->drawHeader();
$page->drawMiddle();
 
$id = $page->getGetID();
$forumPost = $page->getForumPost($id);
write('<p class="bold"><a href="index.php?parentID=' . $forumPost->category->ID . '">Back to Topics</a></p><br />');
write('<h3>' . $forumPost->title . '</h3>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
if ($page->isLoggedIn())
{
write('<p class="bold"><a href="add-post.php?parentID=' . $id . '">Post Reply</a>');
if ($page->isUserAdmin($page->getLoggedInUser()) || $forumPost->author->ID == $page->getLoggedInUser()->ID)
{
write(' &nbsp; &middot; &nbsp; <a href="edit-post.php?id=' . $id . '">Edit Post</a>');
write(' &nbsp; &middot; &nbsp; <a href="delete-post-do.php?id=' . $id . '">Delete Post</a>');
}
write('</p>');
}
write('<br />');
 
$ids = $page->findIDs('ForumPosts', 'WHERE ParentID = ' . $id . ' ORDER BY DatePosted ASC');
for ($i = 0; $i < count($ids); $i++)
{
$forumPost = $page->getForumPost($ids[$i]);
write('<h4>' . $forumPost->title . '</h4>');
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $forumPost->datePosted) . ' by ' . $forumPost->author->name . ' (' . $forumPost->author->username . ')</h5>');
write('<p>' . $page->replaceBBCode($forumPost->content) . '</p>');
if ($page->isUserAdmin($page->getLoggedInUser()) || $forumPost->author->ID == $page->getLoggedInUser()->ID)
{
write('<p class="bold"><a href="edit-post.php?id=' . $ids[$i] . '">Edit Post</a>');
write(' &nbsp; &middot; &nbsp; <a href="delete-post-do.php?id=' . $ids[$i] . '">Delete Post</a></p>');
}
write('<br />');
}
 
$page->drawFooter();
 
?>
 
/forums/delete-post-do.php
0,0 → 1,30
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Delete Post', '../');
 
$page->checkLoggedIn();
 
$id = $page->getGetID();
$post = $page->getForumPost($id);
 
if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post)
{
$page->query('DELETE FROM ForumPosts WHERE ID = ' . $id);
$page->redirect('index.php');
}
else
{
if (!$post)
{
$page->drawError('No such forum post, #' . $id);
}
else
{
$page->drawError('You do not have permission to access this page.');
}
}
 
?>
 
/forums/add-post-do.php
0,0 → 1,36
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Add Category', '../');
 
$page->checkLoggedIn();
 
$parentID = $_POST['parentID'];
if (empty($parentID))
{
$parentID = -1;
}
$categoryID = $_POST['categoryID'];
if (empty($categoryID))
{
$parentID = -1;
}
 
$title = $_POST['title'];
$content = $_POST['content'];
 
if (empty($title))
{
$page->redirect('add-post.php?error=No Title Specified');
}
if (empty($title))
{
$page->redirect('add-post.php?error=No Content Specified');
}
 
$page->query('INSERT INTO ForumPosts VALUES (0, ' .$page->getLoggedInUser()->ID . ', ' . $categoryID . ', ' . $parentID . ', "' . $title . '", "' . $content . '", NOW(), FALSE)');
$page->redirect('index.php?parentID=' . $categoryID);
 
?>
 
/forums/add-post.php
0,0 → 1,62
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Add Post', '../');
$page->drawHeader();
$page->drawMiddle();
 
$page->checkLoggedIn();
 
$parentID = $_GET['parentID'];
if (empty($parentID))
{
$parentID = -1;
}
 
$categoryID = $_GET['categoryID'];
if (empty($categoryID))
{
$categoryID = -1;
}
 
if ($page->isLoggedIn())
{
 
if (isset($_GET['error']))
{
$page->drawError($_GET['error'], false);
}
 
?>
 
<form action="add-post-do.php" method="POST">
<input type="hidden" name="parentID" value="<?php echo $parentID; ?>" />
<input type="hidden" name="categoryID" value="<?php echo $categoryID; ?>" />
<table>
<tr>
<td class="bold">Title: </td>
<td><input type="text" name="title" /></td>
</tr>
<tr>
<td class="bold">Content: </td>
<td><textarea name="content"></textarea></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Add" /></td>
</tr>
</table>
</form>
 
<?php
}
else
{
$page->drawError('You do not have permission to access this page.');
}
 
$page->drawFooter();
 
?>
 
/forums/edit-category.php
0,0 → 1,59
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Edit Category', '../');
$page->drawHeader();
$page->drawMiddle();
 
$page->checkLoggedIn();
 
$id = $page->getGetID();
$cat = $page->getForumCategory($id);
 
if ($page->isUserAdmin($page->getLoggedInUser()) && $cat)
{
 
if (isset($_GET['error']))
{
$page->drawError($_GET['error'], false);
}
 
?>
 
<form action="edit-category-do.php" method="POST">
<input type="hidden" name="id" value="<?php echo $id; ?>" />
<table>
<tr>
<td class="bold">Title: </td>
<td><input type="text" name="title" value="<?php echo $cat->title; ?>" /></td>
</tr>
<tr>
<td class="bold">Description: </td>
<td><input type="text" name="description" value="<?php echo $cat->description; ?>" /></td>
</tr>
<tr>
<td></td>
<td><input type="submit" value="Edit" /></td>
</tr>
</table>
</form>
 
<?php
}
else
{
if (!$cat)
{
$page->drawError('No such Forum Category, #' . $id);
}
else
{
$page->drawError('You do not have permission to access this page.');
}
}
 
$page->drawFooter();
 
?>
 
/forums/edit-category-do.php
0,0 → 1,30
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Edit Category', '../');
 
$page->checkLoggedIn();
 
$id = $page->getPostID();
 
$title = $_POST['title'];
$description = $_POST['description'];
 
if ($page->isUserAdmin($page->getLoggedInUser()))
{
if (empty($title))
{
$page->redirect('edit-category.php?error=No Title Specified');
}
$page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = ' . $id);
$page->redirect('index.php');
}
else
{
$page->drawError('You do not have permission to access this page.');
}
 
?>
 
/forums/delete-category-do.php
0,0 → 1,22
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Delete Category', '../');
 
$page->checkLoggedIn();
 
$id = $page->getGetID();
 
if ($page->isUserAdmin($page->getLoggedInUser()))
{
$page->query('DELETE FROM ForumCategories WHERE ID = ' . $id);
$page->redirect('index.php');
}
else
{
$page->drawError('You do not have permission to access this page.');
}
 
?>
 
/photos/album.php
52,12 → 52,13
if ($i >= 4)
{
write('</tr><tr>');
$i = 0;
}
$filename = 'albums/' . $dirName . '/' . $file;
$size = getImageSizes($filename, 200, 200);
write('<td><a href="' . $filename . '"><img wdith="' . $size[0] . '" height="' . $size[1] . '" src="' . $filename . '" /></a></td>');
write('<td><a href="' . $filename . '"><img width="' . $size[0] . '" height="' . $size[1] . '" src="' . $filename . '" /></a></td>');
$i++;
}
/_taios.php
1,537 → 1,537
<?php
 
require '_config.php';
 
class Taios_Page
{
function __construct($title, $url = "")
{
$this->title = $title;
$this->url = $url;
$this->drawnHeader = false;
$this->drawnMiddle = false;
$this->drawnFooter = false;
$this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
if (!$this->db)
{
$this->drawError('Failed to connect to database: ' . mysql_error());
}
if (!mysql_select_db('Tim32'))
{
$this->drawError('Failed to select database: ' . mysql_error());
}
}
function drawHeader()
{
if (!$this->drawnHeader)
{
write('<!DOCTYPE html>');
write('<html>');
write('<head>');
write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
write('<title>Tim32 &middot; ' . $this->title . '</title>');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="screen">');
write('</head>');
write('<body>');
write('<div class="sidebar">');
write('<div class="sidebar-header">');
write('<h1>Tim32</h1>');
write('</div>');
write('<div class="sidebar-menu">');
$this->drawMenuItem('Home', 'index.php');
$this->drawMenuItem('Blog', 'blog/');
$this->drawMenuItem('Projects', 'projects/');
$this->drawMenuItem('Forums', 'forums/');
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('<br />');
if ($this->isLoggedIn())
{
$this->drawMenuItem('Administration', 'admin/');
$this->drawMenuItem('Logout', 'logout-do.php');
}
else
{
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
write('<br />');
$this->drawnHeader = true;
}
}
function drawMenuItem($t, $u)
{
write('<p><a href="' . $this->url . $u . '">' . $t . '</a></p>');
}
function drawMiddle()
{
if (!$this->drawnMiddle)
{
write('<br />');
write('</div>');
write('</div>');
write('<div class="content">');
write('<h2>' . $this->title . '</h2>');
 
$this->drawnMiddle = true;
}
}
function drawFooter()
{
if (!$this->drawnFooter)
{
write('</div>');
write('</body>');
write('</html>');
$this->drawnFooter = true;
}
die();
}
function drawError($text, $die = true)
{
$this->drawHeader();
$this->drawMiddle();
write('<h4 style="color: red;">Error: ' . $text . '</h4>');
if ($die)
{
$this->drawFooter();
die();
}
}
function drawBlogPostTree($id, $first = false)
{
$post = $this->getBlogPost($id);
if ($first)
{
write('<h3><a href="post.php?id=' . $id . '">' . $post->title. '</a> <a href="post.php?id=' . $post->parent->ID . '">^</a></h3>');
}
else
{
write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
}
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<p>' . $this->replaceBBCode($post->content) . '</p>');
 
if ($this->isUserNormal($this->getLoggedInUser()))
{
echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>';
if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser()->ID == $post->author->ID)
{
echo ' &middot <a href="edit-post.php?id=' . $id . '">Edit Post</a>';
echo ' &nbsp;&nbsp; &middot &nbsp;&nbsp; <a href="del-post.php?id=' . $id . '">Delete Post</a>';
}
write('</p><br />');
}
 
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
for ($i = 0; $i < count($ids); $i++)
{
write('<div class="indent">');
$this->drawBlogPostTree($ids[$i]);
write('</div>');
}
}
function drawBlogCategoriesMenu()
{
$cats = array();
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID = -1');
for ($i = 0; $i < count($ids); $i++)
{
$cat = $this->getBlogPost($ids[$i])->category;
if (!in_array($cat, $cats))
{
array_push($cats, $cat);
}
}
write('<h3>Categories</h3>');
for ($i = 0; $i < count($cats); $i++)
{
$this->drawMenuItem($cats[$i], 'blog/index.php?cat=' . $cats[$i]);
}
}
function replaceBBCode($str)
{
$newstr = str_replace("\n", '</p><p>', $str);
$newstr = str_replace(' ', '&nbsp;&nbsp;', $newstr);
$newstr = str_replace(' :)', ' <img src="' . $this->url . 'data/smilies/face-smile.png" class="smiley" />', $newstr);
$newstr = str_replace(' :p', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />', $newstr);
$newstr = str_replace(' :P', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />',$newstr);
$newstr = str_replace(' :|', ' <img src="' . $this->url . 'data/smilies/face-plain.png" class="smiley" />',$newstr);
$newstr = str_replace(' :D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' =D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' :(', ' <img src="' . $this->url . 'data/smilies/face-sad.png" class="smiley" />',$newstr);
$newstr = str_replace(' :0', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :o', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :O', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :/', ' <img src="' . $this->url . 'data/smilies/face-uncertain.png" class="smiley" />',$newstr);
$newstr = str_replace(' ;)', ' <img src="' . $this->url . 'data/smilies/face-wink.png" class="smiley" />',$newstr);
$bbcode = array(
'/\[b\](.+?)\[\/b\]/is',
'/\[i\](.+?)\[\/i\]/is',
'/\[u\](.+?)\[\/u\]/is',
'/\[url\](.+?)\[\/url\]/is',
'/\[code\](.+?)\[\/code\]/is',
'/\[img\](.+?)\[\/img\]/is'
);
 
$html = array(
'<b>$1</b>',
'<i>$1</i>',
'<u>$1</u>',
'<a href="$1">$1</a>',
'<div class="code">$1</div>',
'<img src="$1" />'
);
 
$newstr = preg_replace($bbcode, $html, $newstr);
return $newstr;
}
 
function redirect($u)
{
header('Location: ' . $u);
die();
}
function isLoggedIn()
{
$cookie = $_COOKIE['Tim32_Login'];
if (!empty($cookie))
{
$clist = explode('|~|', $cookie);
$user = $this->getUserByUsername($clist[0]);
if ($user)
{
if ($user->password == $clist[1])
{
return true;
}
}
}
return false;
}
function isUserAdmin()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 0)
{
return true;
}
}
return false;
}
function isUserGM()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 1)
{
return true;
}
}
return false;
}
function isUserNormal()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 2)
{
return true;
}
}
return false;
}
function checkLoggedIn()
{
if (!$this->isLoggedIn())
{
$this->drawError('You need to be logged in.');
}
}
function query($query)
{
$result = mysql_query($query);
if (!$result)
{
$this->drawError('Query Failed: ' . $query . "\n" . 'MySQL Error: ' . mysql_error());
}
return $result;
}
function findIDs($table, $query = '')
{
$array = array();
$result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
while ($row = mysql_fetch_array($result))
{
array_push($array, $row['ID']);
}
return $array;
}
function getUserByID($id)
{
$result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$user = new User;
$user->ID = $row['ID'];
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
$user->password = $row['Password'];
$user->emailAddress = $row['EmailAddress'];
$user->name = $row['Name'];
$user->challengeID = $row['ChallengeID'];
return $user;
}
return false;
}
function getUserByUsername($username)
{
$result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
while ($row = mysql_fetch_array($result))
{
return $this->getUserByID($row['ID']);
}
return false;
}
function getLoggedInUser()
{
if ($this->isLoggedIn())
{
$clist = explode('|~|', $_COOKIE['Tim32_Login']);
return $this->getUserByUsername($clist[0]);
}
return false;
}
function getBlogPost($id)
{
$result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$post = new BlogPost;
$post->ID = $row['ID'];
if ($row['ParentID'] == -1)
{
$post->parent = -1;
}
else
{
$post->parent = $this->getBlogPost($row['ParentID']);
}
$post->author = $this->getUserByID($row['AuthorID']);
$post->user = $this->getUserByID($row['AuthorID']); // For some older pages
$post->title = $row['Title'];
$post->content = $row['Content'];
$post->datePosted = strtotime($row['DatePosted']);
$post->category = $row['Category'];
$post->spam = $row['Spam'];
return $post;
}
$this->drawError('Cannot find blog post, #' . $id);
}
function getProject($id)
{
$result = $this->query('SELECT * FROM Projects WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$project = new Project;
$project->ID = $row['ID'];
$project->author = $this->getUserByID($row['AuthorID']);
$project->title = $row['Title'];
$project->description = $row['Description'];
$project->logoURL = $row['LogoURL'];
$project->downloadURL = $row['DownloadURL'];
$project->websiteURL = $row['WebsiteURL'];
$project->latestVersion = $row['LatestVersion'];
$project->lastUpdate = strtotime($row['LastUpdate']);
return $project;
}
return false;
}
function getForumCategory($id)
{
$result = $this->query('SELECT * FROM ForumCategories WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$f = new ForumCategory;
$f->ID = $row['ID'];
$f->parent = $this->getForumCategory($row['ParentID']);
$f->title = $row['Title'];
$f->description = $row['Description'];
return $f;
}
return false;
}
function getForumPost($id)
{
$result = $this->query('SELECT * FROM ForumPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$f = new ForumPost;
$f->ID = $row['ID'];
$f->author = $this->getUserByID($row['AuthorID']);
$f->category = $this->getForumCategory($row['CategoryID']);
$f->parent = $this->getForumPost($row['ParentID']);
$f->title = $row['Title'];
$f->content = $row['Content'];
$f->datePosted = strtotime($row['DatePosted']);
$f->spam = $row['Spam'];
return $f;
}
return false;
}
function delBlogPost($id)
{
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
for ($i = 0; $i < count($ids); $i++)
{
$this->delBlogPost($ids[$i]);
}
 
$this->query('DELETE FROM BlogPosts WHERE ID=' . $id);
}
 
function getGetID()
{
$id = $_GET['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
function getPostID()
{
$id = $_POST['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
 
}
 
class User
{
public $ID;
public $accessID;
public $username;
public $password;
public $emailAddress;
public $name;
public $challengeID;
}
 
class BlogPost
{
public $ID;
public $parent;
public $author;
public $title;
public $content;
public $datePosted;
public $category;
public $spam;
}
 
class Project
{
public $ID;
public $author;
public $title;
public $description;
public $logoURL;
public $downloadURL;
public $websiteURL;
public $latestVersion;
public $lastUpdate;
}
 
class ForumCategory
{
public $ID;
public $parent;
public $title;
public $description;
}
 
class ForumPost
{
public $id;
public $author;
public $category;
public $parent;
public $title;
public $content;
public $datePosted;
public $spam;
}
 
function write($str)
{
echo $str;
echo "\n";
}
 
?>
<?php
 
require '_config.php';
 
class Taios_Page
{
function __construct($title, $url = "")
{
$this->title = $title;
$this->url = $url;
$this->drawnHeader = false;
$this->drawnMiddle = false;
$this->drawnFooter = false;
$this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
if (!$this->db)
{
$this->drawError('Failed to connect to database: ' . mysql_error());
}
if (!mysql_select_db('Tim32'))
{
$this->drawError('Failed to select database: ' . mysql_error());
}
}
function drawHeader()
{
if (!$this->drawnHeader)
{
write('<!DOCTYPE html>');
write('<html>');
write('<head>');
write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
write('<title>Tim32 &middot; ' . $this->title . '</title>');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="screen">');
write('</head>');
write('<body>');
write('<div class="sidebar">');
write('<div class="sidebar-header">');
write('<h1>Tim32</h1>');
write('</div>');
write('<div class="sidebar-menu">');
$this->drawMenuItem('Home', 'index.php');
$this->drawMenuItem('Blog', 'blog/');
$this->drawMenuItem('Projects', 'projects/');
$this->drawMenuItem('Forums', 'forums/');
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('<br />');
if ($this->isLoggedIn())
{
$this->drawMenuItem('Administration', 'admin/');
$this->drawMenuItem('Logout', 'logout-do.php');
}
else
{
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
write('<br />');
$this->drawnHeader = true;
}
}
function drawMenuItem($t, $u)
{
write('<p><a href="' . $this->url . $u . '">' . $t . '</a></p>');
}
function drawMiddle()
{
if (!$this->drawnMiddle)
{
write('<br />');
write('</div>');
write('</div>');
write('<div class="content">');
write('<h2>' . $this->title . '</h2>');
 
$this->drawnMiddle = true;
}
}
function drawFooter()
{
if (!$this->drawnFooter)
{
write('</div>');
write('</body>');
write('</html>');
$this->drawnFooter = true;
}
die();
}
function drawError($text, $die = true)
{
$this->drawHeader();
$this->drawMiddle();
write('<h4 style="color: red;">Error: ' . $text . '</h4>');
if ($die)
{
$this->drawFooter();
die();
}
}
function drawBlogPostTree($id, $first = false)
{
$post = $this->getBlogPost($id);
if ($first)
{
write('<h3><a href="post.php?id=' . $id . '">' . $post->title. '</a> <a href="post.php?id=' . $post->parent->ID . '">^</a></h3>');
}
else
{
write('<a href="post.php?id=' . $id . '"><h3>' . $post->title. '</h3></a>');
}
write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>');
write('<p>' . $this->replaceBBCode($post->content) . '</p>');
 
if ($this->isUserNormal($this->getLoggedInUser()))
{
echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>';
if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser()->ID == $post->author->ID)
{
echo ' &nbsp; &middot &nbsp; <a href="edit-post.php?id=' . $id . '">Edit Post</a>';
echo ' &nbsp; &middot &nbsp; <a href="del-post.php?id=' . $id . '">Delete Post</a>';
}
write('</p><br />');
}
 
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
for ($i = 0; $i < count($ids); $i++)
{
write('<div class="indent">');
$this->drawBlogPostTree($ids[$i]);
write('</div>');
}
}
function drawBlogCategoriesMenu()
{
$cats = array();
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID = -1');
for ($i = 0; $i < count($ids); $i++)
{
$cat = $this->getBlogPost($ids[$i])->category;
if (!in_array($cat, $cats))
{
array_push($cats, $cat);
}
}
write('<h3>Categories</h3>');
for ($i = 0; $i < count($cats); $i++)
{
$this->drawMenuItem($cats[$i], 'blog/index.php?cat=' . $cats[$i]);
}
}
function replaceBBCode($str)
{
$newstr = str_replace("\n", '</p><p>', $str);
$newstr = str_replace(' ', '&nbsp;&nbsp;', $newstr);
$newstr = str_replace(' :)', ' <img src="' . $this->url . 'data/smilies/face-smile.png" class="smiley" />', $newstr);
$newstr = str_replace(' :p', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />', $newstr);
$newstr = str_replace(' :P', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />',$newstr);
$newstr = str_replace(' :|', ' <img src="' . $this->url . 'data/smilies/face-plain.png" class="smiley" />',$newstr);
$newstr = str_replace(' :D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' =D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' :(', ' <img src="' . $this->url . 'data/smilies/face-sad.png" class="smiley" />',$newstr);
$newstr = str_replace(' :0', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :o', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :O', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :/', ' <img src="' . $this->url . 'data/smilies/face-uncertain.png" class="smiley" />',$newstr);
$newstr = str_replace(' ;)', ' <img src="' . $this->url . 'data/smilies/face-wink.png" class="smiley" />',$newstr);
$bbcode = array(
'/\[b\](.+?)\[\/b\]/is',
'/\[i\](.+?)\[\/i\]/is',
'/\[u\](.+?)\[\/u\]/is',
'/\[url\](.+?)\[\/url\]/is',
'/\[code\](.+?)\[\/code\]/is',
'/\[img\](.+?)\[\/img\]/is'
);
 
$html = array(
'<b>$1</b>',
'<i>$1</i>',
'<u>$1</u>',
'<a href="$1">$1</a>',
'<div class="code">$1</div>',
'<img src="$1" />'
);
 
$newstr = preg_replace($bbcode, $html, $newstr);
return $newstr;
}
 
function redirect($u)
{
header('Location: ' . $u);
die();
}
function isLoggedIn()
{
$cookie = $_COOKIE['Tim32_Login'];
if (!empty($cookie))
{
$clist = explode('|~|', $cookie);
$user = $this->getUserByUsername($clist[0]);
if ($user)
{
if ($user->password == $clist[1])
{
return true;
}
}
}
return false;
}
function isUserAdmin()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 0)
{
return true;
}
}
return false;
}
function isUserGM()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 1)
{
return true;
}
}
return false;
}
function isUserNormal()
{
if ($this->isLoggedIn())
{
if ($this->getLoggedInUser()->accessID <= 2)
{
return true;
}
}
return false;
}
function checkLoggedIn()
{
if (!$this->isLoggedIn())
{
$this->drawError('You need to be logged in.');
}
}
function query($query)
{
$result = mysql_query($query);
if (!$result)
{
$this->drawError('Query Failed: ' . $query . "\n" . 'MySQL Error: ' . mysql_error());
}
return $result;
}
function findIDs($table, $query = '')
{
$array = array();
$result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
while ($row = mysql_fetch_array($result))
{
array_push($array, $row['ID']);
}
return $array;
}
function getUserByID($id)
{
$result = $this->query('SELECT * FROM Users WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$user = new User;
$user->ID = $row['ID'];
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
$user->password = $row['Password'];
$user->emailAddress = $row['EmailAddress'];
$user->name = $row['Name'];
$user->challengeID = $row['ChallengeID'];
return $user;
}
return false;
}
function getUserByUsername($username)
{
$result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
while ($row = mysql_fetch_array($result))
{
return $this->getUserByID($row['ID']);
}
return false;
}
function getLoggedInUser()
{
if ($this->isLoggedIn())
{
$clist = explode('|~|', $_COOKIE['Tim32_Login']);
return $this->getUserByUsername($clist[0]);
}
return false;
}
function getBlogPost($id)
{
$result = $this->query('SELECT * FROM BlogPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$post = new BlogPost;
$post->ID = $row['ID'];
if ($row['ParentID'] == -1)
{
$post->parent = -1;
}
else
{
$post->parent = $this->getBlogPost($row['ParentID']);
}
$post->author = $this->getUserByID($row['AuthorID']);
$post->user = $this->getUserByID($row['AuthorID']); // For some older pages
$post->title = $row['Title'];
$post->content = $row['Content'];
$post->datePosted = strtotime($row['DatePosted']);
$post->category = $row['Category'];
$post->spam = $row['Spam'];
return $post;
}
$this->drawError('Cannot find blog post, #' . $id);
}
function getProject($id)
{
$result = $this->query('SELECT * FROM Projects WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$project = new Project;
$project->ID = $row['ID'];
$project->author = $this->getUserByID($row['AuthorID']);
$project->title = $row['Title'];
$project->description = $row['Description'];
$project->logoURL = $row['LogoURL'];
$project->downloadURL = $row['DownloadURL'];
$project->websiteURL = $row['WebsiteURL'];
$project->latestVersion = $row['LatestVersion'];
$project->lastUpdate = strtotime($row['LastUpdate']);
return $project;
}
return false;
}
function getForumCategory($id)
{
$result = $this->query('SELECT * FROM ForumCategories WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$f = new ForumCategory;
$f->ID = $row['ID'];
$f->parent = $this->getForumCategory($row['ParentID']);
$f->title = $row['Title'];
$f->description = $row['Description'];
return $f;
}
return false;
}
function getForumPost($id)
{
$result = $this->query('SELECT * FROM ForumPosts WHERE ID = ' . $id);
while ($row = mysql_fetch_array($result))
{
$f = new ForumPost;
$f->ID = $row['ID'];
$f->author = $this->getUserByID($row['AuthorID']);
$f->category = $this->getForumCategory($row['CategoryID']);
$f->parent = $this->getForumPost($row['ParentID']);
$f->title = $row['Title'];
$f->content = $row['Content'];
$f->datePosted = strtotime($row['DatePosted']);
$f->spam = $row['Spam'];
return $f;
}
return false;
}
function delBlogPost($id)
{
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID=' . $id);
for ($i = 0; $i < count($ids); $i++)
{
$this->delBlogPost($ids[$i]);
}
 
$this->query('DELETE FROM BlogPosts WHERE ID=' . $id);
}
 
function getGetID()
{
$id = $_GET['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
function getPostID()
{
$id = $_POST['id'];
if (empty($id))
{
$id = 1;
}
return $id;
}
 
}
 
class User
{
public $ID;
public $accessID;
public $username;
public $password;
public $emailAddress;
public $name;
public $challengeID;
}
 
class BlogPost
{
public $ID;
public $parent;
public $author;
public $title;
public $content;
public $datePosted;
public $category;
public $spam;
}
 
class Project
{
public $ID;
public $author;
public $title;
public $description;
public $logoURL;
public $downloadURL;
public $websiteURL;
public $latestVersion;
public $lastUpdate;
}
 
class ForumCategory
{
public $ID;
public $parent;
public $title;
public $description;
}
 
class ForumPost
{
public $id;
public $author;
public $category;
public $parent;
public $title;
public $content;
public $datePosted;
public $spam;
}
 
function write($str)
{
echo $str;
echo "\n";
}
 
?>
/projects/edit-project.php
6,6 → 6,8
$page->drawHeader();
$page->drawMiddle();
 
$page->checkLoggedIn();
 
$project = $page->getProject($page->getGetID());
if (!$project)
{