nuke/html/mainfile.php

<?php

######################################################################
# PHP-NUKE: Web Portal System
# ===========================
#
# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
# http://www.ncc.org.ve/php-nuke.php
#
# This modules is a collection of some usefull global functions
#
# This program is free software. You can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License.
######################################################################

include("config.php");
include("lang-$language.php");
$mainfile = 1;

function dbconnect() {
        include("config.php");
        mysql_pconnect($dbhost, $dbuname, $dbpass);
        @mysql_select_db("$dbname") or die ("Unable to select database");
}

function ultramode() {
    $file = fopen("ultramode.txt", "w");
    fwrite($file, "General purpose self-explanatory file with news headlines\n");
    $rfile=mysql_query("select sid, aid, title, time, comments, topic from stories order by time DESC limit 0,10");
    while(list($sid, $aid, $title, $time, $comments, $topic) = mysql_fetch_row($rfile)) {
        $rfile2=mysql_query("select topictext, topicimage from topics where topicid=$topic");
        list($topictext, $topicimage) = mysql_fetch_row($rfile2);
        $content = "%%\n$title\n/article.php?sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
        fwrite($file, $content);
    }
    fclose($file);
}

function counter() {
        dbconnect();
        mysql_query("UPDATE vars SET value=value+1 where name='totalhits'");
}

function cookiedecode($user) {
        global $cookie;
        $user = base64_decode($user);
        $cookie = explode(":", $user);
        return $cookie;
}

function getusrinfo($user) {
        global $userinfo;
        $user2 = base64_decode($user);
        dbconnect();
        $user3 = explode(":", $user2);
        $result = mysql_query("select uid, name, uname, email, femail, url, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax from users where uname='$user3[1]' and pass='$user3[2]'");
        if(mysql_num_rows($result)==1) {
                $userinfo = mysql_fetch_array($result);
        } else {
                echo "<b>A problem occured</b><br>";
        }
        return $userinfo;
}

function FixQuotes ($what = "") {
        $what = ereg_replace("'","''",$what);
        while (eregi("\\\\'", $what)) {
                $what = ereg_replace("\\\\'","'",$what);
        }
        return $what;
}

/*********************************************************/
/* text filter                                           */
/*********************************************************/

function check_words($Message) {
        global $EditedMessage, $CensorList, $CensorMode, $CensorReplace;
        $EditedMessage = $Message;

        if ($CensorMode != 0) {
                if (is_array($CensorList)) {
                        $Replacement = $CensorReplace;

                        if ($CensorMode == 1) { # Exact match
                                $RegExPrefix   = '([^[:alpha:]]|^)';
                                $RegExSuffix   = '([^[:alpha:]]|$)';
                        } elseif ($CensorMode == 2) {    # Word beginning
                                $RegExPrefix   = '([^[:alpha:]]|^)';
                                $RegExSuffix   = '[[:alpha:]]*([^[:alpha:]]|$)';
                        } elseif ($CensorMode == 3) {    # Word fragment
                                $RegExPrefix   = '([^[:alpha:]]*)[[:alpha:]]*';
                                $RegExSuffix   = '[[:alpha:]]*([^[:alpha:]]*)';
                        }

                        for ($i = 0; $i < count($CensorList) && $RegExPrefix != ''; $i++) {
                                $EditedMessage = eregi_replace($RegExPrefix.$CensorList[$i].$RegExSuffix,"\\1$Replacement\\2",$EditedMessage);
                        }
                }
        }
        return ($EditedMessage);
}

function check_html ($str, $strip="") {

    include("config.php");

    if ($strip == "nohtml")
        $AllowableHTML=array('');

    $str = stripslashes($str);
    $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>","<\\1>",$str);
    $tmp = "";
    while (eregi("<([^> ]*)([^>]*)>",$str,$reg)) {
      $i = strpos($str,$reg[0]);
      $l = strlen($reg[0]);
      if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
      else $tag = strtolower($reg[1]);  
      if ($a = $AllowableHTML[$tag])
        if ($reg[1][0] == "/") $tag = "</$tag>";
        elseif ($a == 1) $tag = "<$tag>";
        else $tag = "<$tag " . $reg[2] . ">";
      else $tag = "";
      $tmp .= substr($str,0,$i) . $tag;
      $str = substr($str,$i+$l);
    }
    $str = $tmp . $str;

    // Squash PHP tags unconditionally
    $str = ereg_replace("<\?","",$str);
    $str = ereg_replace("\"","",$str); 
    return $str;
}

function filter_text($Message, $strip="") {
        global $EditedMessage;
        check_words($Message);
        $EditedMessage=check_html($EditedMessage, $strip);
        return ($EditedMessage);
}

/*********************************************************/
/* formatting stories                                    */
/*********************************************************/

function formatTimestamp($time) {
        include ("config.php");
        global $datetime;
        setlocale ("LC_TIME", "$locale");
        ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
        $datetime = strftime("".translate("datestring")."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
        $datetime = ucfirst($datetime);
        return($datetime);
}

function formatAidHeader($aid) {
        $holder = mysql_query("SELECT url, email FROM authors where aid='$aid'");
        if (!$holder) { echo mysql_errno(). ": ".mysql_error(). "<br>"; exit(); }
        list($url, $email) = mysql_fetch_row($holder);
        if (isset($url)) { echo "<a href=\"$url\">$aid</a>";
        } elseif (isset($email)) { echo "<a href=\"mailto:$email\">$aid</a>";
        } else { echo $aid; }
}

function oldNews($storynum) {
        include ("config.php");
        $boxstuff = "<font face=Arial,Helvetica size=2>";
        $boxTitle = translate("Past Articles");
        $result = mysql_query("select sid, title, time, comments from stories order by time desc limit $storynum, $oldnum");
        while(list($sid, $title, $time, $comments) = mysql_fetch_row($result)) {
            setlocale ("LC_TIME", "$locale");
            ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);
            $datetime2 = strftime("".translate("datestring2")."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));
            $datetime2 = ucfirst($datetime2);
            if($time2==$datetime2) {
                $boxstuff .= "<li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
            } else {
                if($a=="") {
                    $boxstuff .= "$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
                    $time2 = $datetime2;
                    $a = 1;
                } else {
                    $boxstuff .= "<br><br>$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
                    $time2 = $datetime2;
                }
            }
            
        }
        themesidebox($boxTitle, $boxstuff);
}

function mainblock() {
//      dbconnect();
        $result = mysql_query("select title, content from mainblock");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function rightblocks() {
        $result = mysql_query("select title, content from rblocks");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function leftblocks() {
        $result = mysql_query("select title, content from lblocks");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function adminblock() {
        $result = mysql_query("select title, content from adminblock");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}


/*********************************************************/
/* poll functions                                        */
/*********************************************************/

function pollMain($pollID) {
        global $maxOptions, $boxTitle, $boxContent, $uimages;
        include("config.php");
        dbconnect();
        if(!isset($pollID))
          $pollID = 1;
        if(!isset($url))
          $url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);

        $boxContent .= "<form action=\"pollBooth.php\" method=\"post\">";
        $boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
        $boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
        $result = mysql_query("SELECT pollTitle, voters FROM poll_desc WHERE pollID=$pollID");
        list($pollTitle, $voters) = mysql_fetch_row($result);
        $boxTitle = translate("Survey");
        $boxContent .= "<font face=Arial,Helvetica size=2><b>$pollTitle</b><br>";
        for($i = 1; $i <= $maxOptions; $i++) {
                $result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
                $object = mysql_fetch_object($result);
                if(is_object($object)) {
                        $optionText = $object->optionText;
                        if($optionText != "") {
                                $boxContent .= "<input type=\"radio\" name=\"voteID\" value=\"".$i."\"><font face=Arial,Helvetica size=2> $optionText <br>";
                        }
                }
        }

        $boxContent .= "<center><table cellspacing=0 cellpadding=5 border=0 width=111><tr><td align=center> <input type=image src=$uimages/vote.gif border=0></td><td align=center></form>";
        $boxContent .= "<a href=\"pollBooth.php?op=results&pollID=$pollID\"><img src=$uimages/result.gif border=0></a></td></tr></table><a href=\"pollBooth.php\"><font face=Verdana,Arial,Helvetica size=1><b>".translate("Past Surveys")."</a></b><br>";
        if ($pollcomm) {
            list($numcom) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pollID=$pollID"));
            $boxContent .= "<br>".translate("Votes: ")."<b>$voters</b> | ".translate("comments:")."  <b>$numcom</b></fonts>";
        } else {
            $boxContent .= "<br>".translate("Votes: ")."<b>$voters</b></font>";
        }
        $boxContent .= "</font></center>";
        themesidebox($boxTitle, $boxContent);
}

function pollLatest() {
        dbconnect();
        $result = mysql_query("SELECT pollID FROM poll_data ORDER BY pollID DESC");
        $pollID = mysql_fetch_row($result);
        return($pollID[0]);
}

function pollNewest() {
        $pollID = pollLatest();
        pollMain($pollID);
}

function pollCollector($pollID, $voteID, $forwarder) {
        global $maxOptions, $setCookies, $cookiePrefix, $HTTP_COOKIE_VARS;
        dbconnect();
        $voteValid = "1";

        if($setCookies>0) {
                // we have to check for cookies, so get timestamp of this poll
                $result = mysql_query("SELECT timeStamp FROM poll_desc WHERE pollID=$pollID");
                $object = mysql_fetch_object($result);
                $timeStamp = $object->timeStamp;
                $cookieName = $cookiePrefix.$timeStamp;

                // check if cookie exists
                if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
                        // cookie exists, invalidate this vote
                        $warn = "You already voted today!";
                        $voteValid = "0";
                } else {
                        // cookie does not exist yet, set one now
                        $cvalue = "1";
                        setcookie("$cookieName",$cvalue,time()+86400);
                }
        }

        // update database if the vote is valid
        if($voteValid>0) {
                @mysql_query("UPDATE poll_data SET optionCount=optionCount+1 WHERE (pollID=$pollID) AND (voteID=$voteID)");
                @mysql_query("UPDATE poll_desc SET voters=voters+1 WHERE pollID=$pollID");
                Header("Location: $forwarder");
        } else {
                Header("Location: $forwarder");
        }
        // a lot of browsers can't handle it if there's an empty page
        echo "<html><head></head><body></body></html>";
}

function pollList() {
        dbconnect();
        $result = mysql_query("SELECT pollID, pollTitle, timeStamp, voters FROM poll_desc ORDER BY timeStamp"); 
        $counter = 0;
        echo "<table border=0 cellpadding=8><tr><td>";
        echo "<font face=Arial,Helvetica size=3>";
        while($object = mysql_fetch_object($result)) {
                $resultArray[$counter] = array($object->pollID, $object->pollTitle, $object->timeStamp, $object->voters);
                $counter++;
        }
        for ($count = 0; $count < count($resultArray); $count++) {
                $id = $resultArray[$count][0];
                $pollTitle = $resultArray[$count][1];
                $voters = $resultArray[$count][3];
                echo("<li> <a href=\"pollBooth.php?pollID=$id\">$pollTitle</a> ");
                echo("(<a href=\"pollBooth.php?op=results&pollID=$id\">".translate("Results")."</a> - $voters ".translate("votes").")\n");
        }
        echo "</td></tr></table>";
}

function pollResults($pollID) {
        global $maxOptions, $BarScale, $resultTableBgColor, $resultBarFile, $setCookies;
        if(!isset($pollID)) $pollID = 1;
        dbconnect();

        $result = mysql_query("SELECT pollID, pollTitle, timeStamp FROM poll_desc WHERE pollID=$pollID");
        $holdtitle = mysql_fetch_row($result);
        echo "<br><b>$holdtitle[1]</b><br><br>";
        
        mysql_free_result($result);

        $result = mysql_query("SELECT SUM(optionCount) AS SUM FROM poll_data WHERE pollID=$pollID");
        $sum = (int)mysql_result($result, 0, "SUM"); 
        mysql_free_result($result);

        echo "<table>";

        // cycle through all options
        for($i = 1; $i <= $maxOptions; $i++) {
                // select next vote option
                $result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
                $object = mysql_fetch_object($result);

                if(is_object($object)) {
                        $optionText = $object->optionText;
                        $optionCount = $object->optionCount;

                        echo "<tr>";

                        if($optionText != "") {
                                echo "<td>";
                                echo "<font face=Arial,Helvetica>$optionText";
                                echo "</td>";

                                if($sum) {
                                        $percent = 100 * $optionCount * $BarScale / $sum;
                                } else {
                                        $percent = 0;
                                }
                                echo "<td>";
                                $percentInt = (int)$percent * 4;
                                $percent2 = (int)$percent;

                                if ($percent > 0) {
                                        echo "<img src=\"images/leftbar.gif\" height=16 width=3>";
                                        echo "<img src=\"images/mainbar.gif\" height=16 width=$percentInt Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/rightbar.gif\" height=16 width=3>";
                                } else {
                                        echo "<img src=\"images/leftbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/mainbar.gif\" height=16 width=2 Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/rightbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
                                }

                                printf(" %.2f %% (%d)", $percent, $optionCount);

                                echo "</td>";
                        }
                }
                echo "</tr>";
        }

        echo "</td></tr></table><br>";
        echo "<center><font face=Arial,Helvetica><b>".translate("Total Votes: ")."$sum</b><br>";
        if($setCookies>0) {
            echo "<font size=1>".translate("We allow just one vote per day")."<br><br><font size=3>";
        } else {
            echo "<br><br>";
        }

        $booth = $pollID;
        echo("<font face=Arial,Helvetica>[ <a href=\"pollBooth.php?pollID=$booth\">".translate("Voting Booth")."</a> | ");
        echo("<a href=\"pollBooth.php\">".translate("Other Polls")."</a> ]");
        return(1);
}

function getTopics($s_sid) {
    global $topicname, $topicimage, $topictext;
    $sid = $s_sid;
    dbconnect();
    $result=mysql_query("SELECT topic FROM stories where sid=$sid");
    list($topic) = mysql_fetch_row($result);
    $result=mysql_query("SELECT topicid, topicname, topicimage, topictext FROM topics where topicid=$topic");
    list($topicid, $topicname, $topicimage, $topictext) = mysql_fetch_row($result);
}


?>
1	dpavlin	1.1	<?php
2
3			######################################################################
4			# PHP-NUKE: Web Portal System
5			# ===========================
6			#
7			# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
8			# http://www.ncc.org.ve/php-nuke.php
9			#
10			# This modules is a collection of some usefull global functions
11			#
12			# This program is free software. You can redistribute it and/or modify
13			# it under the terms of the GNU General Public License as published by
14			# the Free Software Foundation; either version 2 of the License.
15			######################################################################
16
17			include("config.php");
18			include("lang-$language.php");
19			$mainfile = 1;
20
21			function dbconnect() {
22			include("config.php");
23			mysql_pconnect($dbhost, $dbuname, $dbpass);
24			@mysql_select_db("$dbname") or die ("Unable to select database");
25			}
26
27			function ultramode() {
28			$file = fopen("ultramode.txt", "w");
29			fwrite($file, "General purpose self-explanatory file with news headlines\n");
30			$rfile=mysql_query("select sid, aid, title, time, comments, topic from stories order by time DESC limit 0,10");
31			while(list($sid, $aid, $title, $time, $comments, $topic) = mysql_fetch_row($rfile)) {
32			$rfile2=mysql_query("select topictext, topicimage from topics where topicid=$topic");
33			list($topictext, $topicimage) = mysql_fetch_row($rfile2);
34			$content = "%%\n$title\n/article.php?sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
35			fwrite($file, $content);
36			}
37			fclose($file);
38			}
39
40			function counter() {
41			dbconnect();
42			mysql_query("UPDATE vars SET value=value+1 where name='totalhits'");
43			}
44
45			function cookiedecode($user) {
46			global $cookie;
47			$user = base64_decode($user);
48			$cookie = explode(":", $user);
49			return $cookie;
50			}
51
52			function getusrinfo($user) {
53			global $userinfo;
54			$user2 = base64_decode($user);
55			dbconnect();
56			$user3 = explode(":", $user2);
57			$result = mysql_query("select uid, name, uname, email, femail, url, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax from users where uname='$user3[1]' and pass='$user3[2]'");
58			if(mysql_num_rows($result)==1) {
59			$userinfo = mysql_fetch_array($result);
60			} else {
61			echo "<b>A problem occured</b><br>";
62			}
63			return $userinfo;
64			}
65
66			function FixQuotes ($what = "") {
67			$what = ereg_replace("'","''",$what);
68			while (eregi("\\\\'", $what)) {
69			$what = ereg_replace("\\\\'","'",$what);
70			}
71			return $what;
72			}
73
74			/*********************************************************/
75			/* text filter */
76			/*********************************************************/
77
78			function check_words($Message) {
79			global $EditedMessage, $CensorList, $CensorMode, $CensorReplace;
80			$EditedMessage = $Message;
81
82			if ($CensorMode != 0) {
83			if (is_array($CensorList)) {
84			$Replacement = $CensorReplace;
85
86			if ($CensorMode == 1) { # Exact match
87			$RegExPrefix = '([^[:alpha:]]\|^)';
88			$RegExSuffix = '([^[:alpha:]]\|$)';
89			} elseif ($CensorMode == 2) { # Word beginning
90			$RegExPrefix = '([^[:alpha:]]\|^)';
91			$RegExSuffix = '[[:alpha:]]*([^[:alpha:]]\|$)';
92			} elseif ($CensorMode == 3) { # Word fragment
93			$RegExPrefix = '([^[:alpha:]])[[:alpha:]]';
94			$RegExSuffix = '[[:alpha:]]([^[:alpha:]])';
95			}
96
97			for ($i = 0; $i < count($CensorList) && $RegExPrefix != ''; $i++) {
98			$EditedMessage = eregi_replace($RegExPrefix.$CensorList[$i].$RegExSuffix,"\\1$Replacement\\2",$EditedMessage);
99			}
100			}
101			}
102			return ($EditedMessage);
103			}
104
105			function check_html ($str, $strip="") {
106
107			include("config.php");
108
109			if ($strip == "nohtml")
110			$AllowableHTML=array('');
111
112			$str = stripslashes($str);
113			$str = eregi_replace("<[[:space:]]([^>])[[:space:]]*>","<\\1>",$str);
114			$tmp = "";
115			while (eregi("<([^> ])([^>])>",$str,$reg)) {
116			$i = strpos($str,$reg[0]);
117			$l = strlen($reg[0]);
118			if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
119			else $tag = strtolower($reg[1]);
120			if ($a = $AllowableHTML[$tag])
121			if ($reg[1][0] == "/") $tag = "</$tag>";
122			elseif ($a == 1) $tag = "<$tag>";
123			else $tag = "<$tag " . $reg[2] . ">";
124			else $tag = "";
125			$tmp .= substr($str,0,$i) . $tag;
126			$str = substr($str,$i+$l);
127			}
128			$str = $tmp . $str;
129
130			// Squash PHP tags unconditionally
131			$str = ereg_replace("<\?","",$str);
132			$str = ereg_replace("\"","",$str);
133			return $str;
134			}
135
136			function filter_text($Message, $strip="") {
137			global $EditedMessage;
138			check_words($Message);
139			$EditedMessage=check_html($EditedMessage, $strip);
140			return ($EditedMessage);
141			}
142
143			/*********************************************************/
144			/* formatting stories */
145			/*********************************************************/
146
147			function formatTimestamp($time) {
148			include ("config.php");
149			global $datetime;
150			setlocale ("LC_TIME", "$locale");
151			ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
152			$datetime = strftime("".translate("datestring")."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
153			$datetime = ucfirst($datetime);
154			return($datetime);
155			}
156
157			function formatAidHeader($aid) {
158			$holder = mysql_query("SELECT url, email FROM authors where aid='$aid'");
159			if (!$holder) { echo mysql_errno(). ": ".mysql_error(). "<br>"; exit(); }
160			list($url, $email) = mysql_fetch_row($holder);
161			if (isset($url)) { echo "<a href=\"$url\">$aid</a>";
162			} elseif (isset($email)) { echo "<a href=\"mailto:$email\">$aid</a>";
163			} else { echo $aid; }
164			}
165
166			function oldNews($storynum) {
167			include ("config.php");
168			$boxstuff = "<font face=Arial,Helvetica size=2>";
169			$boxTitle = translate("Past Articles");
170			$result = mysql_query("select sid, title, time, comments from stories order by time desc limit $storynum, $oldnum");
171			while(list($sid, $title, $time, $comments) = mysql_fetch_row($result)) {
172			setlocale ("LC_TIME", "$locale");
173			ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);
174			$datetime2 = strftime("".translate("datestring2")."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));
175			$datetime2 = ucfirst($datetime2);
176			if($time2==$datetime2) {
177			$boxstuff .= "<li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
178			} else {
179			if($a=="") {
180			$boxstuff .= "$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
181			$time2 = $datetime2;
182			$a = 1;
183			} else {
184			$boxstuff .= "<br><br>$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
185			$time2 = $datetime2;
186			}
187			}
188
189			}
190			themesidebox($boxTitle, $boxstuff);
191			}
192
193			function mainblock() {
194			// dbconnect();
195			$result = mysql_query("select title, content from mainblock");
196			while(list($title, $content) = mysql_fetch_array($result)) {
197			$content = nl2br($content);
198			themesidebox($title, $content);
199			}
200			}
201
202			function rightblocks() {
203			$result = mysql_query("select title, content from rblocks");
204			while(list($title, $content) = mysql_fetch_array($result)) {
205			$content = nl2br($content);
206			themesidebox($title, $content);
207			}
208			}
209
210			function leftblocks() {
211			$result = mysql_query("select title, content from lblocks");
212			while(list($title, $content) = mysql_fetch_array($result)) {
213			$content = nl2br($content);
214			themesidebox($title, $content);
215			}
216			}
217
218			function adminblock() {
219			$result = mysql_query("select title, content from adminblock");
220			while(list($title, $content) = mysql_fetch_array($result)) {
221			$content = nl2br($content);
222			themesidebox($title, $content);
223			}
224			}
225
226
227			/*********************************************************/
228			/* poll functions */
229			/*********************************************************/
230
231			function pollMain($pollID) {
232			global $maxOptions, $boxTitle, $boxContent, $uimages;
233			include("config.php");
234			dbconnect();
235			if(!isset($pollID))
236			$pollID = 1;
237			if(!isset($url))
238			$url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);
239
240			$boxContent .= "<form action=\"pollBooth.php\" method=\"post\">";
241			$boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
242			$boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
243			$result = mysql_query("SELECT pollTitle, voters FROM poll_desc WHERE pollID=$pollID");
244			list($pollTitle, $voters) = mysql_fetch_row($result);
245			$boxTitle = translate("Survey");
246			$boxContent .= "<font face=Arial,Helvetica size=2><b>$pollTitle</b><br>";
247			for($i = 1; $i <= $maxOptions; $i++) {
248			$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
249			$object = mysql_fetch_object($result);
250			if(is_object($object)) {
251			$optionText = $object->optionText;
252			if($optionText != "") {
253			$boxContent .= "<input type=\"radio\" name=\"voteID\" value=\"".$i."\"><font face=Arial,Helvetica size=2> $optionText <br>";
254			}
255			}
256			}
257
258			$boxContent .= "<center><table cellspacing=0 cellpadding=5 border=0 width=111><tr><td align=center> <input type=image src=$uimages/vote.gif border=0></td><td align=center></form>";
259			$boxContent .= "<a href=\"pollBooth.php?op=results&pollID=$pollID\"><img src=$uimages/result.gif border=0></a></td></tr></table><a href=\"pollBooth.php\"><font face=Verdana,Arial,Helvetica size=1><b>".translate("Past Surveys")."</a></b><br>";
260			if ($pollcomm) {
261			list($numcom) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pollID=$pollID"));
262			$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b> \| ".translate("comments:")." <b>$numcom</b></fonts>";
263			} else {
264			$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b></font>";
265			}
266			$boxContent .= "</font></center>";
267			themesidebox($boxTitle, $boxContent);
268			}
269
270			function pollLatest() {
271			dbconnect();
272			$result = mysql_query("SELECT pollID FROM poll_data ORDER BY pollID DESC");
273			$pollID = mysql_fetch_row($result);
274			return($pollID[0]);
275			}
276
277			function pollNewest() {
278			$pollID = pollLatest();
279			pollMain($pollID);
280			}
281
282			function pollCollector($pollID, $voteID, $forwarder) {
283			global $maxOptions, $setCookies, $cookiePrefix, $HTTP_COOKIE_VARS;
284			dbconnect();
285			$voteValid = "1";
286
287			if($setCookies>0) {
288			// we have to check for cookies, so get timestamp of this poll
289			$result = mysql_query("SELECT timeStamp FROM poll_desc WHERE pollID=$pollID");
290			$object = mysql_fetch_object($result);
291			$timeStamp = $object->timeStamp;
292			$cookieName = $cookiePrefix.$timeStamp;
293
294			// check if cookie exists
295			if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
296			// cookie exists, invalidate this vote
297			$warn = "You already voted today!";
298			$voteValid = "0";
299			} else {
300			// cookie does not exist yet, set one now
301			$cvalue = "1";
302			setcookie("$cookieName",$cvalue,time()+86400);
303			}
304			}
305
306			// update database if the vote is valid
307			if($voteValid>0) {
308			@mysql_query("UPDATE poll_data SET optionCount=optionCount+1 WHERE (pollID=$pollID) AND (voteID=$voteID)");
309			@mysql_query("UPDATE poll_desc SET voters=voters+1 WHERE pollID=$pollID");
310			Header("Location: $forwarder");
311			} else {
312			Header("Location: $forwarder");
313			}
314			// a lot of browsers can't handle it if there's an empty page
315			echo "<html><head></head><body></body></html>";
316			}
317
318			function pollList() {
319			dbconnect();
320			$result = mysql_query("SELECT pollID, pollTitle, timeStamp, voters FROM poll_desc ORDER BY timeStamp");
321			$counter = 0;
322			echo "<table border=0 cellpadding=8><tr><td>";
323			echo "<font face=Arial,Helvetica size=3>";
324			while($object = mysql_fetch_object($result)) {
325			$resultArray[$counter] = array($object->pollID, $object->pollTitle, $object->timeStamp, $object->voters);
326			$counter++;
327			}
328			for ($count = 0; $count < count($resultArray); $count++) {
329			$id = $resultArray[$count][0];
330			$pollTitle = $resultArray[$count][1];
331			$voters = $resultArray[$count][3];
332			echo("<li> <a href=\"pollBooth.php?pollID=$id\">$pollTitle</a> ");
333			echo("(<a href=\"pollBooth.php?op=results&pollID=$id\">".translate("Results")."</a> - $voters ".translate("votes").")\n");
334			}
335			echo "</td></tr></table>";
336			}
337
338			function pollResults($pollID) {
339			global $maxOptions, $BarScale, $resultTableBgColor, $resultBarFile, $setCookies;
340			if(!isset($pollID)) $pollID = 1;
341			dbconnect();
342
343			$result = mysql_query("SELECT pollID, pollTitle, timeStamp FROM poll_desc WHERE pollID=$pollID");
344			$holdtitle = mysql_fetch_row($result);
345			echo "<br><b>$holdtitle[1]</b><br><br>";
346
347			mysql_free_result($result);
348
349			$result = mysql_query("SELECT SUM(optionCount) AS SUM FROM poll_data WHERE pollID=$pollID");
350			$sum = (int)mysql_result($result, 0, "SUM");
351			mysql_free_result($result);
352
353			echo "<table>";
354
355			// cycle through all options
356			for($i = 1; $i <= $maxOptions; $i++) {
357			// select next vote option
358			$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
359			$object = mysql_fetch_object($result);
360
361			if(is_object($object)) {
362			$optionText = $object->optionText;
363			$optionCount = $object->optionCount;
364
365			echo "<tr>";
366
367			if($optionText != "") {
368			echo "<td>";
369			echo "<font face=Arial,Helvetica>$optionText";
370			echo "</td>";
371
372			if($sum) {
373			$percent = 100 * $optionCount * $BarScale / $sum;
374			} else {
375			$percent = 0;
376			}
377			echo "<td>";
378			$percentInt = (int)$percent * 4;
379			$percent2 = (int)$percent;
380
381			if ($percent > 0) {
382			echo "<img src=\"images/leftbar.gif\" height=16 width=3>";
383			echo "<img src=\"images/mainbar.gif\" height=16 width=$percentInt Alt=\"$percent2 %\">";
384			echo "<img src=\"images/rightbar.gif\" height=16 width=3>";
385			} else {
386			echo "<img src=\"images/leftbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
387			echo "<img src=\"images/mainbar.gif\" height=16 width=2 Alt=\"$percent2 %\">";
388			echo "<img src=\"images/rightbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
389			}
390
391			printf(" %.2f %% (%d)", $percent, $optionCount);
392
393			echo "</td>";
394			}
395			}
396			echo "</tr>";
397			}
398
399			echo "</td></tr></table><br>";
400			echo "<center><font face=Arial,Helvetica><b>".translate("Total Votes: ")."$sum</b><br>";
401			if($setCookies>0) {
402			echo "<font size=1>".translate("We allow just one vote per day")."<br><br><font size=3>";
403			} else {
404			echo "<br><br>";
405			}
406
407			$booth = $pollID;
408			echo("<font face=Arial,Helvetica>[ <a href=\"pollBooth.php?pollID=$booth\">".translate("Voting Booth")."</a> \| ");
409			echo("<a href=\"pollBooth.php\">".translate("Other Polls")."</a> ]");
410			return(1);
411			}
412
413			function getTopics($s_sid) {
414			global $topicname, $topicimage, $topictext;
415			$sid = $s_sid;
416			dbconnect();
417			$result=mysql_query("SELECT topic FROM stories where sid=$sid");
418			list($topic) = mysql_fetch_row($result);
419			$result=mysql_query("SELECT topicid, topicname, topicimage, topictext FROM topics where topicid=$topic");
420			list($topicid, $topicname, $topicimage, $topictext) = mysql_fetch_row($result);
421			}
422
423
424			?>