nuke/html/mainfile.php

<?php

######################################################################
# PHP-NUKE: Web Portal System
# ===========================
#
# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
# http://www.ncc.org.ve/php-nuke.php
#
# This modules is a collection of some usefull global functions
#
# This program is free software. You can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License.
######################################################################

include("config.php");
include("lang-$language.php");
$mainfile = 1;

function dbconnect() {
        include("config.php");
        mysql_pconnect($dbhost, $dbuname, $dbpass);
        @mysql_select_db("$dbname") or die ("Unable to select database");
}

function ultramode() {
    $file = fopen("ultramode.txt", "w");
    fwrite($file, "General purpose self-explanatory file with news headlines\n");
    $rfile=mysql_query("select sid, aid, title, time, comments, topic from stories order by time DESC limit 0,10");
    while(list($sid, $aid, $title, $time, $comments, $topic) = mysql_fetch_row($rfile)) {
        $rfile2=mysql_query("select topictext, topicimage from topics where topicid=$topic");
        list($topictext, $topicimage) = mysql_fetch_row($rfile2);
        $content = "%%\n$title\n/article.php?sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
        fwrite($file, $content);
    }
    fclose($file);
}

function counter() {
        dbconnect();
        mysql_query("UPDATE vars SET value=value+1 where name='totalhits'");
}

function cookiedecode($user) {
        global $cookie;
        $user = base64_decode($user);
        $cookie = explode(":", $user);
        return $cookie;
}

function getusrinfo($user) {
        global $userinfo;
        $user2 = base64_decode($user);
        dbconnect();
        $user3 = explode(":", $user2);
        $result = mysql_query("select uid, name, uname, email, femail, url, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax from users where uname='$user3[1]' and pass='$user3[2]'");
        if(mysql_num_rows($result)==1) {
                $userinfo = mysql_fetch_array($result);
        } else {
                echo "<b>A problem occured</b><br>";
        }
        return $userinfo;
}

function FixQuotes ($what = "") {
        $what = ereg_replace("'","''",$what);
        while (eregi("\\\\'", $what)) {
                $what = ereg_replace("\\\\'","'",$what);
        }
        return $what;
}

/*********************************************************/
/* text filter                                           */
/*********************************************************/

function check_words($Message) {
        global $EditedMessage, $CensorList, $CensorMode, $CensorReplace;
        $EditedMessage = $Message;

        if ($CensorMode != 0) {
                if (is_array($CensorList)) {
                        $Replacement = $CensorReplace;

                        if ($CensorMode == 1) { # Exact match
                                $RegExPrefix   = '([^[:alpha:]]|^)';
                                $RegExSuffix   = '([^[:alpha:]]|$)';
                        } elseif ($CensorMode == 2) {    # Word beginning
                                $RegExPrefix   = '([^[:alpha:]]|^)';
                                $RegExSuffix   = '[[:alpha:]]*([^[:alpha:]]|$)';
                        } elseif ($CensorMode == 3) {    # Word fragment
                                $RegExPrefix   = '([^[:alpha:]]*)[[:alpha:]]*';
                                $RegExSuffix   = '[[:alpha:]]*([^[:alpha:]]*)';
                        }

                        for ($i = 0; $i < count($CensorList) && $RegExPrefix != ''; $i++) {
                                $EditedMessage = eregi_replace($RegExPrefix.$CensorList[$i].$RegExSuffix,"\\1$Replacement\\2",$EditedMessage);
                        }
                }
        }
        return ($EditedMessage);
}

function check_html ($str, $strip="") {

    include("config.php");

    if ($strip == "nohtml")
        $AllowableHTML=array('');

    $str = stripslashes($str);
    $str = eregi_replace("<[[:space:]]*([^>]*)[[:space:]]*>","<\\1>",$str);
    $tmp = "";
    while (eregi("<([^> ]*)([^>]*)>",$str,$reg)) {
      $i = strpos($str,$reg[0]);
      $l = strlen($reg[0]);
      if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
      else $tag = strtolower($reg[1]);  
      if ($a = $AllowableHTML[$tag])
        if ($reg[1][0] == "/") $tag = "</$tag>";
        elseif ($a == 1) $tag = "<$tag>";
        else $tag = "<$tag " . $reg[2] . ">";
      else $tag = "";
      $tmp .= substr($str,0,$i) . $tag;
      $str = substr($str,$i+$l);
    }
    $str = $tmp . $str;

    // Squash PHP tags unconditionally
    $str = ereg_replace("<\?","",$str);
    $str = ereg_replace("\"","",$str); 
    return $str;
}

function filter_text($Message, $strip="") {
        global $EditedMessage;
        check_words($Message);
        $EditedMessage=check_html($EditedMessage, $strip);
        return ($EditedMessage);
}

/*********************************************************/
/* formatting stories                                    */
/*********************************************************/

function formatTimestamp($time) {
        include ("config.php");
        global $datetime;
        setlocale ("LC_TIME", "$locale");
        ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
        $datetime = strftime("".translate("datestring")."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
        $datetime = ucfirst($datetime);
        return($datetime);
}

function formatAidHeader($aid) {
        $holder = mysql_query("SELECT url, email FROM authors where aid='$aid'");
        if (!$holder) { echo mysql_errno(). ": ".mysql_error(). "<br>"; exit(); }
        list($url, $email) = mysql_fetch_row($holder);
        if (isset($url)) { echo "<a href=\"$url\">$aid</a>";
        } elseif (isset($email)) { echo "<a href=\"mailto:$email\">$aid</a>";
        } else { echo $aid; }
}

function oldNews($storynum) {
        include ("config.php");
        $boxstuff = "<font face=Arial,Helvetica size=2>";
        $boxTitle = translate("Past Articles");
        $result = mysql_query("select sid, title, time, comments from stories order by time desc limit $storynum, $oldnum");
        while(list($sid, $title, $time, $comments) = mysql_fetch_row($result)) {
            setlocale ("LC_TIME", "$locale");
            ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);
            $datetime2 = strftime("".translate("datestring2")."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));
            $datetime2 = ucfirst($datetime2);
            if($time2==$datetime2) {
                $boxstuff .= "<li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
            } else {
                if($a=="") {
                    $boxstuff .= "$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
                    $time2 = $datetime2;
                    $a = 1;
                } else {
                    $boxstuff .= "<br><br>$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
                    $time2 = $datetime2;
                }
            }
            
        }
        themesidebox($boxTitle, $boxstuff);
}

function mainblock() {
//      dbconnect();
        $result = mysql_query("select title, content from mainblock");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function rightblocks() {
        $result = mysql_query("select title, content from rblocks");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function leftblocks() {
        $result = mysql_query("select title, content from lblocks");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}

function adminblock() {
        $result = mysql_query("select title, content from adminblock");
        while(list($title, $content) = mysql_fetch_array($result)) {
                $content = nl2br($content);
                themesidebox($title, $content);
        }
}


/*********************************************************/
/* poll functions                                        */
/*********************************************************/

function pollMain($pollID) {
        global $maxOptions, $boxTitle, $boxContent, $uimages;
        include("config.php");
        dbconnect();
        if(!isset($pollID))
          $pollID = 1;
        if(!isset($url))
          $url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);

        $boxContent .= "<form action=\"pollBooth.php\" method=\"post\">";
        $boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
        $boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
        $result = mysql_query("SELECT pollTitle, voters FROM poll_desc WHERE pollID=$pollID");
        list($pollTitle, $voters) = mysql_fetch_row($result);
        $boxTitle = translate("Survey");
        $boxContent .= "<font face=Arial,Helvetica size=2><b>$pollTitle</b><br>";
        for($i = 1; $i <= $maxOptions; $i++) {
                $result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
                $object = mysql_fetch_object($result);
                if(is_object($object)) {
                        $optionText = $object->optionText;
                        if($optionText != "") {
                                $boxContent .= "<input type=\"radio\" name=\"voteID\" value=\"".$i."\"><font face=Arial,Helvetica size=2> $optionText <br>";
                        }
                }
        }

        $boxContent .= "<center><table cellspacing=0 cellpadding=5 border=0 width=111><tr><td align=center> <input type=image src=$uimages/vote.gif border=0></td><td align=center></form>";
        $boxContent .= "<a href=\"pollBooth.php?op=results&pollID=$pollID\"><img src=$uimages/result.gif border=0></a></td></tr></table><a href=\"pollBooth.php\"><font face=Verdana,Arial,Helvetica size=1><b>".translate("Past Surveys")."</a></b><br>";
        if ($pollcomm) {
            list($numcom) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pollID=$pollID"));
            $boxContent .= "<br>".translate("Votes: ")."<b>$voters</b> | ".translate("comments:")."  <b>$numcom</b></fonts>";
        } else {
            $boxContent .= "<br>".translate("Votes: ")."<b>$voters</b></font>";
        }
        $boxContent .= "</font></center>";
        themesidebox($boxTitle, $boxContent);
}

function pollLatest() {
        dbconnect();
        $result = mysql_query("SELECT pollID FROM poll_data ORDER BY pollID DESC");
        $pollID = mysql_fetch_row($result);
        return($pollID[0]);
}

function pollNewest() {
        $pollID = pollLatest();
        pollMain($pollID);
}

function pollCollector($pollID, $voteID, $forwarder) {
        global $maxOptions, $setCookies, $cookiePrefix, $HTTP_COOKIE_VARS;
        dbconnect();
        $voteValid = "1";

        if($setCookies>0) {
                // we have to check for cookies, so get timestamp of this poll
                $result = mysql_query("SELECT timeStamp FROM poll_desc WHERE pollID=$pollID");
                $object = mysql_fetch_object($result);
                $timeStamp = $object->timeStamp;
                $cookieName = $cookiePrefix.$timeStamp;

                // check if cookie exists
                if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
                        // cookie exists, invalidate this vote
                        $warn = "You already voted today!";
                        $voteValid = "0";
                } else {
                        // cookie does not exist yet, set one now
                        $cvalue = "1";
                        setcookie("$cookieName",$cvalue,time()+86400);
                }
        }

        // update database if the vote is valid
        if($voteValid>0) {
                @mysql_query("UPDATE poll_data SET optionCount=optionCount+1 WHERE (pollID=$pollID) AND (voteID=$voteID)");
                @mysql_query("UPDATE poll_desc SET voters=voters+1 WHERE pollID=$pollID");
                Header("Location: $forwarder");
        } else {
                Header("Location: $forwarder");
        }
        // a lot of browsers can't handle it if there's an empty page
        echo "<html><head></head><body></body></html>";
}

function pollList() {
        dbconnect();
        $result = mysql_query("SELECT pollID, pollTitle, timeStamp, voters FROM poll_desc ORDER BY timeStamp"); 
        $counter = 0;
        echo "<table border=0 cellpadding=8><tr><td>";
        echo "<font face=Arial,Helvetica size=3>";
        while($object = mysql_fetch_object($result)) {
                $resultArray[$counter] = array($object->pollID, $object->pollTitle, $object->timeStamp, $object->voters);
                $counter++;
        }
        for ($count = 0; $count < count($resultArray); $count++) {
                $id = $resultArray[$count][0];
                $pollTitle = $resultArray[$count][1];
                $voters = $resultArray[$count][3];
                echo("<li> <a href=\"pollBooth.php?pollID=$id\">$pollTitle</a> ");
                echo("(<a href=\"pollBooth.php?op=results&pollID=$id\">".translate("Results")."</a> - $voters ".translate("votes").")\n");
        }
        echo "</td></tr></table>";
}

function pollResults($pollID) {
        global $maxOptions, $BarScale, $resultTableBgColor, $resultBarFile, $setCookies;
        if(!isset($pollID)) $pollID = 1;
        dbconnect();

        $result = mysql_query("SELECT pollID, pollTitle, timeStamp FROM poll_desc WHERE pollID=$pollID");
        $holdtitle = mysql_fetch_row($result);
        echo "<br><b>$holdtitle[1]</b><br><br>";
        
        mysql_free_result($result);

        $result = mysql_query("SELECT SUM(optionCount) AS SUM FROM poll_data WHERE pollID=$pollID");
        $sum = (int)mysql_result($result, 0, "SUM"); 
        mysql_free_result($result);

        echo "<table>";

        // cycle through all options
        for($i = 1; $i <= $maxOptions; $i++) {
                // select next vote option
                $result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
                $object = mysql_fetch_object($result);

                if(is_object($object)) {
                        $optionText = $object->optionText;
                        $optionCount = $object->optionCount;

                        echo "<tr>";

                        if($optionText != "") {
                                echo "<td>";
                                echo "<font face=Arial,Helvetica>$optionText";
                                echo "</td>";

                                if($sum) {
                                        $percent = 100 * $optionCount * $BarScale / $sum;
                                } else {
                                        $percent = 0;
                                }
                                echo "<td>";
                                $percentInt = (int)$percent * 4;
                                $percent2 = (int)$percent;

                                if ($percent > 0) {
                                        echo "<img src=\"images/leftbar.gif\" height=16 width=3>";
                                        echo "<img src=\"images/mainbar.gif\" height=16 width=$percentInt Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/rightbar.gif\" height=16 width=3>";
                                } else {
                                        echo "<img src=\"images/leftbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/mainbar.gif\" height=16 width=2 Alt=\"$percent2 %\">";
                                        echo "<img src=\"images/rightbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
                                }

                                printf(" %.2f %% (%d)", $percent, $optionCount);

                                echo "</td>";
                        }
                }
                echo "</tr>";
        }

        echo "</td></tr></table><br>";
        echo "<center><font face=Arial,Helvetica><b>".translate("Total Votes: ")."$sum</b><br>";
        if($setCookies>0) {
            echo "<font size=1>".translate("We allow just one vote per day")."<br><br><font size=3>";
        } else {
            echo "<br><br>";
        }

        $booth = $pollID;
        echo("<font face=Arial,Helvetica>[ <a href=\"pollBooth.php?pollID=$booth\">".translate("Voting Booth")."</a> | ");
        echo("<a href=\"pollBooth.php\">".translate("Other Polls")."</a> ]");
        return(1);
}

function getTopics($s_sid) {
    global $topicname, $topicimage, $topictext;
    $sid = $s_sid;
    dbconnect();
    $result=mysql_query("SELECT topic FROM stories where sid=$sid");
    list($topic) = mysql_fetch_row($result);
    $result=mysql_query("SELECT topicid, topicname, topicimage, topictext FROM topics where topicid=$topic");
    list($topicid, $topicname, $topicimage, $topictext) = mysql_fetch_row($result);
}


?>
1	<?php
2
3	######################################################################
4	# PHP-NUKE: Web Portal System
5	# ===========================
6	#
7	# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve)
8	# http://www.ncc.org.ve/php-nuke.php
9	#
10	# This modules is a collection of some usefull global functions
11	#
12	# This program is free software. You can redistribute it and/or modify
13	# it under the terms of the GNU General Public License as published by
14	# the Free Software Foundation; either version 2 of the License.
15	######################################################################
16
17	include("config.php");
18	include("lang-$language.php");
19	$mainfile = 1;
20
21	function dbconnect() {
22	include("config.php");
23	mysql_pconnect($dbhost, $dbuname, $dbpass);
24	@mysql_select_db("$dbname") or die ("Unable to select database");
25	}
26
27	function ultramode() {
28	$file = fopen("ultramode.txt", "w");
29	fwrite($file, "General purpose self-explanatory file with news headlines\n");
30	$rfile=mysql_query("select sid, aid, title, time, comments, topic from stories order by time DESC limit 0,10");
31	while(list($sid, $aid, $title, $time, $comments, $topic) = mysql_fetch_row($rfile)) {
32	$rfile2=mysql_query("select topictext, topicimage from topics where topicid=$topic");
33	list($topictext, $topicimage) = mysql_fetch_row($rfile2);
34	$content = "%%\n$title\n/article.php?sid=$sid\n$time\n$aid\n$topictext\n$comments\n$topicimage\n";
35	fwrite($file, $content);
36	}
37	fclose($file);
38	}
39
40	function counter() {
41	dbconnect();
42	mysql_query("UPDATE vars SET value=value+1 where name='totalhits'");
43	}
44
45	function cookiedecode($user) {
46	global $cookie;
47	$user = base64_decode($user);
48	$cookie = explode(":", $user);
49	return $cookie;
50	}
51
52	function getusrinfo($user) {
53	global $userinfo;
54	$user2 = base64_decode($user);
55	dbconnect();
56	$user3 = explode(":", $user2);
57	$result = mysql_query("select uid, name, uname, email, femail, url, pass, storynum, umode, uorder, thold, noscore, bio, ublockon, ublock, theme, commentmax from users where uname='$user3[1]' and pass='$user3[2]'");
58	if(mysql_num_rows($result)==1) {
59	$userinfo = mysql_fetch_array($result);
60	} else {
61	echo "<b>A problem occured</b><br>";
62	}
63	return $userinfo;
64	}
65
66	function FixQuotes ($what = "") {
67	$what = ereg_replace("'","''",$what);
68	while (eregi("\\\\'", $what)) {
69	$what = ereg_replace("\\\\'","'",$what);
70	}
71	return $what;
72	}
73
74	/*********************************************************/
75	/* text filter */
76	/*********************************************************/
77
78	function check_words($Message) {
79	global $EditedMessage, $CensorList, $CensorMode, $CensorReplace;
80	$EditedMessage = $Message;
81
82	if ($CensorMode != 0) {
83	if (is_array($CensorList)) {
84	$Replacement = $CensorReplace;
85
86	if ($CensorMode == 1) { # Exact match
87	$RegExPrefix = '([^[:alpha:]]\|^)';
88	$RegExSuffix = '([^[:alpha:]]\|$)';
89	} elseif ($CensorMode == 2) { # Word beginning
90	$RegExPrefix = '([^[:alpha:]]\|^)';
91	$RegExSuffix = '[[:alpha:]]*([^[:alpha:]]\|$)';
92	} elseif ($CensorMode == 3) { # Word fragment
93	$RegExPrefix = '([^[:alpha:]])[[:alpha:]]';
94	$RegExSuffix = '[[:alpha:]]([^[:alpha:]])';
95	}
96
97	for ($i = 0; $i < count($CensorList) && $RegExPrefix != ''; $i++) {
98	$EditedMessage = eregi_replace($RegExPrefix.$CensorList[$i].$RegExSuffix,"\\1$Replacement\\2",$EditedMessage);
99	}
100	}
101	}
102	return ($EditedMessage);
103	}
104
105	function check_html ($str, $strip="") {
106
107	include("config.php");
108
109	if ($strip == "nohtml")
110	$AllowableHTML=array('');
111
112	$str = stripslashes($str);
113	$str = eregi_replace("<[[:space:]]([^>])[[:space:]]*>","<\\1>",$str);
114	$tmp = "";
115	while (eregi("<([^> ])([^>])>",$str,$reg)) {
116	$i = strpos($str,$reg[0]);
117	$l = strlen($reg[0]);
118	if ($reg[1][0] == "/") $tag = strtolower(substr($reg[1],1));
119	else $tag = strtolower($reg[1]);
120	if ($a = $AllowableHTML[$tag])
121	if ($reg[1][0] == "/") $tag = "</$tag>";
122	elseif ($a == 1) $tag = "<$tag>";
123	else $tag = "<$tag " . $reg[2] . ">";
124	else $tag = "";
125	$tmp .= substr($str,0,$i) . $tag;
126	$str = substr($str,$i+$l);
127	}
128	$str = $tmp . $str;
129
130	// Squash PHP tags unconditionally
131	$str = ereg_replace("<\?","",$str);
132	$str = ereg_replace("\"","",$str);
133	return $str;
134	}
135
136	function filter_text($Message, $strip="") {
137	global $EditedMessage;
138	check_words($Message);
139	$EditedMessage=check_html($EditedMessage, $strip);
140	return ($EditedMessage);
141	}
142
143	/*********************************************************/
144	/* formatting stories */
145	/*********************************************************/
146
147	function formatTimestamp($time) {
148	include ("config.php");
149	global $datetime;
150	setlocale ("LC_TIME", "$locale");
151	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime);
152	$datetime = strftime("".translate("datestring")."", mktime($datetime[4],$datetime[5],$datetime[6],$datetime[2],$datetime[3],$datetime[1]));
153	$datetime = ucfirst($datetime);
154	return($datetime);
155	}
156
157	function formatAidHeader($aid) {
158	$holder = mysql_query("SELECT url, email FROM authors where aid='$aid'");
159	if (!$holder) { echo mysql_errno(). ": ".mysql_error(). "<br>"; exit(); }
160	list($url, $email) = mysql_fetch_row($holder);
161	if (isset($url)) { echo "<a href=\"$url\">$aid</a>";
162	} elseif (isset($email)) { echo "<a href=\"mailto:$email\">$aid</a>";
163	} else { echo $aid; }
164	}
165
166	function oldNews($storynum) {
167	include ("config.php");
168	$boxstuff = "<font face=Arial,Helvetica size=2>";
169	$boxTitle = translate("Past Articles");
170	$result = mysql_query("select sid, title, time, comments from stories order by time desc limit $storynum, $oldnum");
171	while(list($sid, $title, $time, $comments) = mysql_fetch_row($result)) {
172	setlocale ("LC_TIME", "$locale");
173	ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);
174	$datetime2 = strftime("".translate("datestring2")."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));
175	$datetime2 = ucfirst($datetime2);
176	if($time2==$datetime2) {
177	$boxstuff .= "<li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
178	} else {
179	if($a=="") {
180	$boxstuff .= "$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
181	$time2 = $datetime2;
182	$a = 1;
183	} else {
184	$boxstuff .= "<br><br>$datetime2<br><br><li><a href=\"article.php?sid=$sid\">$title</a> ($comments)";
185	$time2 = $datetime2;
186	}
187	}
188
189	}
190	themesidebox($boxTitle, $boxstuff);
191	}
192
193	function mainblock() {
194	// dbconnect();
195	$result = mysql_query("select title, content from mainblock");
196	while(list($title, $content) = mysql_fetch_array($result)) {
197	$content = nl2br($content);
198	themesidebox($title, $content);
199	}
200	}
201
202	function rightblocks() {
203	$result = mysql_query("select title, content from rblocks");
204	while(list($title, $content) = mysql_fetch_array($result)) {
205	$content = nl2br($content);
206	themesidebox($title, $content);
207	}
208	}
209
210	function leftblocks() {
211	$result = mysql_query("select title, content from lblocks");
212	while(list($title, $content) = mysql_fetch_array($result)) {
213	$content = nl2br($content);
214	themesidebox($title, $content);
215	}
216	}
217
218	function adminblock() {
219	$result = mysql_query("select title, content from adminblock");
220	while(list($title, $content) = mysql_fetch_array($result)) {
221	$content = nl2br($content);
222	themesidebox($title, $content);
223	}
224	}
225
226
227	/*********************************************************/
228	/* poll functions */
229	/*********************************************************/
230
231	function pollMain($pollID) {
232	global $maxOptions, $boxTitle, $boxContent, $uimages;
233	include("config.php");
234	dbconnect();
235	if(!isset($pollID))
236	$pollID = 1;
237	if(!isset($url))
238	$url = sprintf("pollBooth.php?op=results&pollID=%d", $pollID);
239
240	$boxContent .= "<form action=\"pollBooth.php\" method=\"post\">";
241	$boxContent .= "<input type=\"hidden\" name=\"pollID\" value=\"".$pollID."\">";
242	$boxContent .= "<input type=\"hidden\" name=\"forwarder\" value=\"".$url."\">";
243	$result = mysql_query("SELECT pollTitle, voters FROM poll_desc WHERE pollID=$pollID");
244	list($pollTitle, $voters) = mysql_fetch_row($result);
245	$boxTitle = translate("Survey");
246	$boxContent .= "<font face=Arial,Helvetica size=2><b>$pollTitle</b><br>";
247	for($i = 1; $i <= $maxOptions; $i++) {
248	$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
249	$object = mysql_fetch_object($result);
250	if(is_object($object)) {
251	$optionText = $object->optionText;
252	if($optionText != "") {
253	$boxContent .= "<input type=\"radio\" name=\"voteID\" value=\"".$i."\"><font face=Arial,Helvetica size=2> $optionText <br>";
254	}
255	}
256	}
257
258	$boxContent .= "<center><table cellspacing=0 cellpadding=5 border=0 width=111><tr><td align=center> <input type=image src=$uimages/vote.gif border=0></td><td align=center></form>";
259	$boxContent .= "<a href=\"pollBooth.php?op=results&pollID=$pollID\"><img src=$uimages/result.gif border=0></a></td></tr></table><a href=\"pollBooth.php\"><font face=Verdana,Arial,Helvetica size=1><b>".translate("Past Surveys")."</a></b><br>";
260	if ($pollcomm) {
261	list($numcom) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pollID=$pollID"));
262	$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b> \| ".translate("comments:")." <b>$numcom</b></fonts>";
263	} else {
264	$boxContent .= "<br>".translate("Votes: ")."<b>$voters</b></font>";
265	}
266	$boxContent .= "</font></center>";
267	themesidebox($boxTitle, $boxContent);
268	}
269
270	function pollLatest() {
271	dbconnect();
272	$result = mysql_query("SELECT pollID FROM poll_data ORDER BY pollID DESC");
273	$pollID = mysql_fetch_row($result);
274	return($pollID[0]);
275	}
276
277	function pollNewest() {
278	$pollID = pollLatest();
279	pollMain($pollID);
280	}
281
282	function pollCollector($pollID, $voteID, $forwarder) {
283	global $maxOptions, $setCookies, $cookiePrefix, $HTTP_COOKIE_VARS;
284	dbconnect();
285	$voteValid = "1";
286
287	if($setCookies>0) {
288	// we have to check for cookies, so get timestamp of this poll
289	$result = mysql_query("SELECT timeStamp FROM poll_desc WHERE pollID=$pollID");
290	$object = mysql_fetch_object($result);
291	$timeStamp = $object->timeStamp;
292	$cookieName = $cookiePrefix.$timeStamp;
293
294	// check if cookie exists
295	if($HTTP_COOKIE_VARS["$cookieName"] == "1") {
296	// cookie exists, invalidate this vote
297	$warn = "You already voted today!";
298	$voteValid = "0";
299	} else {
300	// cookie does not exist yet, set one now
301	$cvalue = "1";
302	setcookie("$cookieName",$cvalue,time()+86400);
303	}
304	}
305
306	// update database if the vote is valid
307	if($voteValid>0) {
308	@mysql_query("UPDATE poll_data SET optionCount=optionCount+1 WHERE (pollID=$pollID) AND (voteID=$voteID)");
309	@mysql_query("UPDATE poll_desc SET voters=voters+1 WHERE pollID=$pollID");
310	Header("Location: $forwarder");
311	} else {
312	Header("Location: $forwarder");
313	}
314	// a lot of browsers can't handle it if there's an empty page
315	echo "<html><head></head><body></body></html>";
316	}
317
318	function pollList() {
319	dbconnect();
320	$result = mysql_query("SELECT pollID, pollTitle, timeStamp, voters FROM poll_desc ORDER BY timeStamp");
321	$counter = 0;
322	echo "<table border=0 cellpadding=8><tr><td>";
323	echo "<font face=Arial,Helvetica size=3>";
324	while($object = mysql_fetch_object($result)) {
325	$resultArray[$counter] = array($object->pollID, $object->pollTitle, $object->timeStamp, $object->voters);
326	$counter++;
327	}
328	for ($count = 0; $count < count($resultArray); $count++) {
329	$id = $resultArray[$count][0];
330	$pollTitle = $resultArray[$count][1];
331	$voters = $resultArray[$count][3];
332	echo("<li> <a href=\"pollBooth.php?pollID=$id\">$pollTitle</a> ");
333	echo("(<a href=\"pollBooth.php?op=results&pollID=$id\">".translate("Results")."</a> - $voters ".translate("votes").")\n");
334	}
335	echo "</td></tr></table>";
336	}
337
338	function pollResults($pollID) {
339	global $maxOptions, $BarScale, $resultTableBgColor, $resultBarFile, $setCookies;
340	if(!isset($pollID)) $pollID = 1;
341	dbconnect();
342
343	$result = mysql_query("SELECT pollID, pollTitle, timeStamp FROM poll_desc WHERE pollID=$pollID");
344	$holdtitle = mysql_fetch_row($result);
345	echo "<br><b>$holdtitle[1]</b><br><br>";
346
347	mysql_free_result($result);
348
349	$result = mysql_query("SELECT SUM(optionCount) AS SUM FROM poll_data WHERE pollID=$pollID");
350	$sum = (int)mysql_result($result, 0, "SUM");
351	mysql_free_result($result);
352
353	echo "<table>";
354
355	// cycle through all options
356	for($i = 1; $i <= $maxOptions; $i++) {
357	// select next vote option
358	$result = mysql_query("SELECT pollID, optionText, optionCount, voteID FROM poll_data WHERE (pollID=$pollID) AND (voteID=$i)");
359	$object = mysql_fetch_object($result);
360
361	if(is_object($object)) {
362	$optionText = $object->optionText;
363	$optionCount = $object->optionCount;
364
365	echo "<tr>";
366
367	if($optionText != "") {
368	echo "<td>";
369	echo "<font face=Arial,Helvetica>$optionText";
370	echo "</td>";
371
372	if($sum) {
373	$percent = 100 * $optionCount * $BarScale / $sum;
374	} else {
375	$percent = 0;
376	}
377	echo "<td>";
378	$percentInt = (int)$percent * 4;
379	$percent2 = (int)$percent;
380
381	if ($percent > 0) {
382	echo "<img src=\"images/leftbar.gif\" height=16 width=3>";
383	echo "<img src=\"images/mainbar.gif\" height=16 width=$percentInt Alt=\"$percent2 %\">";
384	echo "<img src=\"images/rightbar.gif\" height=16 width=3>";
385	} else {
386	echo "<img src=\"images/leftbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
387	echo "<img src=\"images/mainbar.gif\" height=16 width=2 Alt=\"$percent2 %\">";
388	echo "<img src=\"images/rightbar.gif\" height=16 width=3 Alt=\"$percent2 %\">";
389	}
390
391	printf(" %.2f %% (%d)", $percent, $optionCount);
392
393	echo "</td>";
394	}
395	}
396	echo "</tr>";
397	}
398
399	echo "</td></tr></table><br>";
400	echo "<center><font face=Arial,Helvetica><b>".translate("Total Votes: ")."$sum</b><br>";
401	if($setCookies>0) {
402	echo "<font size=1>".translate("We allow just one vote per day")."<br><br><font size=3>";
403	} else {
404	echo "<br><br>";
405	}
406
407	$booth = $pollID;
408	echo("<font face=Arial,Helvetica>[ <a href=\"pollBooth.php?pollID=$booth\">".translate("Voting Booth")."</a> \| ");
409	echo("<a href=\"pollBooth.php\">".translate("Other Polls")."</a> ]");
410	return(1);
411	}
412
413	function getTopics($s_sid) {
414	global $topicname, $topicimage, $topictext;
415	$sid = $s_sid;
416	dbconnect();
417	$result=mysql_query("SELECT topic FROM stories where sid=$sid");
418	list($topic) = mysql_fetch_row($result);
419	$result=mysql_query("SELECT topicid, topicname, topicimage, topictext FROM topics where topicid=$topic");
420	list($topicid, $topicname, $topicimage, $topictext) = mysql_fetch_row($result);
421	}
422
423
424	?>