/ - Diff - WB 2.08.x - Tracking

« Previous | Next »

Revision 274

Added by ryan over 18 years ago

Creating 2.6.1 tag

     Change Log
     ===============================================================================
     Please note: This change log may not be accurate
     $Id$
     Legend:
     + = Added
     - = Removed
     # = Bugfix
     ! = Update/Change
     ------------------------------------- 2.6.1 -------------------------------------
 -Dec-2005 Ryan Djurovich
     #	Fixed security vulnerability in class.login.php
     #	Fixed typo in EN language file
     #	Fixed captcha problems (when feature is disabled) in form module and sign-up
     !	Added charset encoding to admin templates
     !	Added extra code to check for selection of addon upon uninstalling
     #	Fixed bugs in RSS news feeder
     #	Fixed bug with PAGE_DESCRIPTION not being set on any page
     ------------------------------------- 2.6.0 -------------------------------------
 -Nov-2005 Ryan Djurovich
     +	Added default charset option to (advanced) settings
     #	Form module email fields now have email address validation
     #	Fixed spacing in form submissions
 -Nov-2005 Ryan Djurovich
     +	Added captcha verification to sign-up form
     +	Added Captcha to News module
 -Nov-2005 Stefan Braunewell
     !	Applied aportale's patch to use label instead of javascript toggle code
 -Nov-2005 Ryan Djurovich
     !	News mod now hides read more link if no need for it (see ticket #56)
     +	Added support for mailto: links in the menu link mod
     #	Added direct-access redirection on some files (see ticket #37)
     +	Added extra characters to convert.php (see ticket #64)
     #	Fixed ticket #65 (last_reset check in account/forgot_form.php)
 -Sep-2005 Ryan Djurovich
     !	Cleaned up form buttons in Settings
     !	Moved some options into Advanced Settings
     #	Semi-disabled "separate" page trash option
     +	Created a backup module/tool for backing-up the database
     	(thanks to John (pcwacht) for the original code)
     +	Created new "blank template", which can be used in case where you don't
     	want anything wrapping page-content.
 -Sep-2005 Ryan Djurovich
     +	Added _license field for all add-ons to specify a license
     !	Renamed _designed_for variables (for all addons) to _platform
     +	Created addons table for faster internal referencing of installed addons
     !	Fixed some links, including the "Help" button in Admin
     #	Used nl2br to display body correctly when viewing form-submissions
 -Sep-2005 Stefan Braunewell
     +	Added table module with columns 'name','type' and 'directory' as an
     	index.
     +	Added entry to settings table 'wb_version' which holds the version
     	number and can be utilized in future upgrade scripts.
     !	Added upgrade functionality also for templates and languages.
     #/!	Template/modules installation now respects paths.
     !	Moved updates from config.php to database.
     	Created initialize.php (required by config.php) to read settings.
 -Sep-2005 Stefan Braunewell
     !	HTMLArea is now a module instead of a core component. Files moved
     	from "include" to "modules".
     +	Implemented Installation of modules on top of an older version. This is
     	done via checking $module_version. Instead of install.php, upgrade.php
     	is then called if it exists in the module package.
     	For module developers: $module_version and $new_module_version are
     	accessible in upgrade.php to find out what upgrade steps need to be taken.
     !	Changed column names in mod_news_posts from short,long to content_short,
     	content_long.
 -Sep-2005 Stefan Braunewell
     +	Added new advanced setting "Rename Files On Upload". File extensions can be
     	given so that respective files will have a ".txt" appended on media upload.
     #	Fixed "None found" message bug when user has no top level page edit
     	rights.
     #	Fixed missing parent option 'none' - ticket #12 - and a minor scope bug.
     +	Added breadcrumbs code. Call using $wb->breadcrumbs().
     +	Added utf-8 character encoding meta tag into all stock templates.
     #	Fixed bug when changing a page's parent
     !	Changed the way blocks are treated. Added new frontend class attribute
     	default_block_content that controls what is shown on pages such as
     	search, login, etc. (Ticket #16)
     +	Added support for WYSIWYG editor modules (wysiwygmod)
     +	When trying to access a registered page, user is automatically redirected
     	there on successful login.
     #	Fixed various issues with system search (mainly related to stripslashes()
     #	Removed stripslashes() in many places in the code. Added check for
     	magic_quotes_gpc to new wb class method add_slashes(). Now database contest
     	is independent of magic_quotes setting..
 -Sep-2005 Stefan Braunewell
     #	Fixed bug concerning direct access of preferences page.
     #	Reworked page visibility and menu item visibility code (frontend login
     	problem).
     #	Pages in link list in htmlarea popup are now correctly ordered.
     #	Fixed bug where group with existing name can be added.
 -Sep-2005 Ryan Djurovich
     +	Added and RSS newsfeed script to the News module
 -Sep-2005 Stefan Braunewell
     !	Rewrote menu function. Parameters are now given as attributes to frontend class.
     #	Fixed some occurrences of potential direct access path disclosure
     #	Added directory check to browse.php to prevent xss exploit by trusted users.
     !	Updated code to reflect move to Subversion repository system.
 -Aug-2005 Stefan Braunewell
     #	Fixed bugs 4,5,6,8,9 in bug tracker
     !	Removed 'USER_LANGUAGE' and 'GET_LANGUAGE' constants.
     	A GET['lang'] now sets the session language variable.
 -Aug-2005 Stefan Braunewell
     !	Moved redundant code into the new class functions. Created
     	'compatibility.php' for backward compatibility with
     	modules and templates. Variables and functions can still be accessed
     	in the old way.
     !/+	Reorganized core frontend files, added new base class 'wb' from
     	which 'admin' and the new 'frontend' class inherit. Moved all frontend
     	function into new class. Completely rewrote core index.php.
     	Now all variables and functions that are available to templates and
     	modules are attributes and methods of the frontend and the wb classes
     ------------------------------------- 2.5.2 -------------------------------------
 -Jun-2005 Ryan Djurovich
     !	create_access_file now creates all parent directories if needed
     #	Fixed bug when moving page with subpages to another level
     #	Fixed bug when saving "Settings" (in Admin) on Windows/IIS
     #	Fixed bug where query was not setting error correctly in class.database.php
 -Jun-2005 Ryan Djurovich
     #	Fixed bug where template permissions were not saved when a adding group
 -Jun-2005 Ryan Djurovich
     #	Added htmlspecialchars for modifying WYSIWYG, news, etc. modules (Bug #78)
     #	Fixed language problems in some area's of Admin. (Bug #70)
     #	Added a space in website/page keywords (Bug #69)
     #	Fixed bugs on settings2.php (Bug #52)
     !	Links inserted with HTMLArea now use [wblink--PAGE_ID--] instead of raw URL
 -Jun-2005 Ryan Djurovich
     #	Fixed bug (#88) with news module
     !	Title of Administration login page now taken from language file (Bug #72)
     #	Fixed redirection admin/home to admin/start on admin/index.php
     #	Fixed bug with forgotten password page in admin (Bug #81)
 -Apr-2005 Ryan Djurovich
     #	Fixed numerous bugs with module uninstallation
     #	Fixed bug when uploading files in Administration -> Media
     !	Installer no-longer requires you to accept the GNU GPL
     ------------------------------------- 2.5.1 -------------------------------------
 -Apr-2005 Ryan Djurovich
     #	Fixed two bugs with account login/logout
     ------------------------------------- 2.5.1 -------------------------------------
 -Apr-2005 Ryan Djurovich
     #	Fixed bug where non-english characters can get used in page filenames. Many
     	measuers have been added (including a new file: wb/framework/convert.php),
     	to prevent any possible errors that can occur in page filenames.
     #	Fixed invalid meta tags in stock templates (meta tags were not closed)
     #	Removed lines 401, 402, and 425 of wb/index.php - not needed
     #	Fixed bug where search and account pages are shown in every block
     	that is in a template
     #	Fixed numerous bugs with media home directories feature
 -Apr-2005 Ryan Djurovich
     #	Fixed bugs in account/login.php and logout.php where users
     	gets redirected to /pages
     ------------------------------------- 2.5.0 -------------------------------------
 -Apr-2005 Ryan Djurovich
     -	Removed section language feature
     +	Added page language feature (replaces need for sections language feature)
     #	Fixed bug where pages using menu_link module can have the URL changed
     -	Page directory no longer stored in link field in pages table, it is now added
     	when the page_link function is called - this makes changing the pages
     	directory much easier and quicker
     !	Pages with visibility of "none" are now no longer directly accessable
     +	Added new visibility setting "hidden", acts exactly like none did previously
     !	Template info file can now specify number of menu's available and relative names
     !	Template info file can now specify number of blocks's available and relative names
     ------------------------------------- 2.4.3 -------------------------------------
 -Apr-2005 Ryan Djurovich
     #	page_filename function has been rewritten using str_replace
     	function, which should be faster and will allow characters
     	from other languages into filenames
     !	Created new media_filename function, which is now used
     	by all media functions (create,upload,rename) to determine
     	which characters should be removed from a desired filename
     +	New button in Administration page list to view specific page
     #	Updated the page_link function to now be compatible with menu link
     	module when setting pages directory to root
     #	Fixed bugs in search when using "Any Words" option
     #	Fixed bug with news module when pages directory set to root
     !	Changed URL of documentation website on Administration Start page
     ------------------------------------- 2.4.2 -------------------------------------
 -Apr-2005 Ryan Djurovich
     #	Fixed bug where file could be renamed to nothing in Media
     !	Optimised Media create folder, upload file, and rename functions
     #	Fixed bug where stripslashes not run on news post titles in admin
 -Apr-2005 Stefan Braunewell
     #	Fixed bug concerning usage of the private_sql variable
     #	Fixed bug conerning sub-pages being displayed in menus incorrectly
     ------------------------------------- 2.4.1 -------------------------------------
 -Apr-2005 Ryan Djurovich
     !	Pages with visibility of "none" are again directly accessable
     #	Fixed bugs regarding renaming files and directories in Media section
     !	When home folders disabled, all folders now visible in Media section
     ------------------------------------- 2.4.0 -------------------------------------
 -Apr-2005 Ryan Djurovich
     -	Removed recently added visibility setting of "heading", and relative config vars
     +	Added new "menu" field to pages table, and new setting "multiple menus"
     	which replaces the need for the menu headings feature
     +	Added links to top of groups and users sections, linking to each other
     !	Change menu width in "Round" template to 170px (was 150px)
     #	Change page "are you sure" deletion message to mention that it will delete
     	all sub-pages as well
     #	Fixed many bugs with news module when viewing posts by group
     !	Pages with visibility of "none" are now no longer directly accessable
 -Apr-2005 Ryan Djurovich
     -	Removed need to specify DB_URL when calling database class
     #	Stopped fields without a type specified from being shown in form mod
     #	Changed '/media' to MEDIA_DIRECTORY on HTMLArea popup windows
     	for insert link and insert image
     +	Added setting which allows you to specify the default WYSIWYG style
     +	Added "Server Email" option, to specify what is used in "From" field when
     	sending emails using the PHP mail function. Default is admins email address.
     #	Search now excludes pages which have a visibility of none or heading
     !	Pages are now given modified_when and modified_by when added
 -Apr-2005 Ryan Djurovich
     +	Added option to News module to specify how many posts should be listed
     	per page (by default it is set to unlimited, which functions like previous version)
     #	Added stripslashes when display page titles in search
     +	Page descriptions and last updated date now shown in search by default
 -Mar-2005 Ryan Djurovich
     +	Added new feature for Media home folders, where a folder can be specified
     	for a specific user or group of users only
     !	Changed URL of Help button to http://www.websitebaker.org/docs/
     +	Added new feature for "Page Trash" - two modes available: inline and separate
     !	When pages are deleted, all sub-pages are now deleted (instead of being moved
     	up a level)
 -Mar-2005 Ryan Djurovich
     -	Removed Database Settings from Administration Settings (options will not be
     	available in 3.x, so trying to match interface with WB 3.x plans
     !	Changed the name of Path Settings to Filesystem Settings in Administration
     	Settings, and removed ability to change path/url options - matching interface
     	plans for WB 3.x
     +	Added same options for OS and file permissions as installer to Settings
     !	Sessions now named with APP_NAME.'_session_id' (e.g. default is wb_session_id)
 -Mar-2005 Ryan Djurovich
     +	New functions available to templates to simplify creation of them. This aims
     	to "future-proof" templates for WB 3.x plans.
     !	Default templates updated to support some of the new functions
     +	Added field to pages table "page_trail" which stores a list of the pages
     	parents. This field was needed by the new page_menu function
     +	Added option for page visibility "heading" to enabled support for multiple
     	menu's. Also, this helps to "future-proof" templates for WB 3.x plans
     +	Added option for page visibility "registered", which acts a little like
     	private, but is still shown in the menu (although users need to log in to view
     	the pages content)
     +	Form module submissions now saved to database, and feature now added to
     	limit number of submissions per hour to prevent spamming
     +	New field for Form module: email. Allows you to specify their email in
     	"from" field on module settings.
     #	Fixed bug when displaying comments in News module (WB Bug #14)
     +	New "under contruction" message if no pages exist
     !	Cleaned-up wb/index.php
 -Mar-2005 Ryan Djurovich
     +	Created advanced mkdir and chmod functions
     #	Fixed bug in media where wrong file/folder is deleted
     +	Complete overhall of installer - now only one step! It has been greatly
     	simplified in many ways, has much better validation, reports error much more
     	nicely, and automatically logs the user into the Administrations
     +	Must now specify OS type - allows for customizable file permission settings
     +	Sections can now have a language code assigned to them
     +	Sections can now have a block name/id assigned to them
     !	Home section of Administration renamed to Start, to save confusion with saying
     	Homepage (because this term could either mean the main website or Home section
     	in	Administration). Also, this aims to unify the interface with WB 3.x plans
     !	Moved Users and Groups sections under Access section. This aims to unify the
     	interface with WB 3.x plans, which help to unclutter the menu
     !	Interface for Settings section has been imporved for usability purposes
     #	Fixed HTMLArea where no scrollbar for "insert link" and "insert image" dialogs
     	by placing media list inside an iframe
     #	Fixed stripslashes problem for viewing news comments
     !	Added code from Formesque module (an advanced version of the original Form
     	module, modified by Rudolph Lartey from www.carbonect.com), and made further
     	interface improvements for select box/checkbox group/radio group options.
     #	Possibly fixed bugs where an S appears before file and dir modes
     #	Fixed bug where users can be added with same emails (in Administration)
     -	Removed support for PEAR, as it was deemed an unnecessary addition which only
     	makes code more bulky, and removing it will decrease package size a lot
     +	New "homepage redirect" option so first page is included and not redirected to
     #	Fixed text not being shown when module uninstalled
     !	Imporved interface for basic group permissions
 -Mar-2005 Stefan Braunewell
     #	Fixed bug with front-end logins
     #	Fixed bug when saving intro page
     +	Added check on sign-up if e-mail exists (thanks to P. Melief)
     #	Fixed bugs concerning moving/deleting pages
     #	Fixed list of parents in page settings
     #	Fixed mkdir without mode parameter
     #	Added a check on install to ensure PHP 4.1.x compatibility (thanks to Wanderer)
     +	Added support for PAGES_DIRECTORY set to root
     +	Search form now supports quotes (thanks to Manafta)
     #	Fixed page section ordering
     #	News items are displayed with name of poster instead of "Unknown"
     #	Deletion confirmation popup window in media section now shows correct file name
     ------------------------------------- 2.3.1 -------------------------------------
 -Fed-2005 Ryan Djurovich
     +	Now there is two types of "filesystem modes", one for directories and one
     	for files. Having different settings is very common for most servers, so
     	this addition should fix many problems people had with 2.3.0.
     -	Removed filesystem mode options from installation
     !	Removed duplicate text on installation step 3 for timezone
     !	All "access files" for the news module now stored in pages/posts instead
     	of a sub-dir relative to the page (this fixes many bugs)
     #	Fixed major bugs when deleting pages with sub-pages
     !	Removed the restrictions that prevent a user for changing a pages level
     #	Fixed bug with "toggle" plus/minus in IE for pages list
     #	Fixed some bugs where /pages was not replaced with PAGES_DIRECTORY constant
     ------------------------------------- 2.3.0 -------------------------------------
 -Jan-2005 Ryan Djurovich
     #	Fixed bug in framework/functions.php that made root parent always equal 8
     #	Added missing braces in lines 182 and 208 of admin/pages/settings2.php
     #	Fixed SQL-query on line 172, placing a / after $old_link
     #	Added eregi checks for PAGES_DIRECTORY on lines 140 and 150 of
     	admin/pages/settings2.php
     #	Added ordering cleaning to delete_post.php on line 53 for news module
     !	GMT option is selected for "Default Timezone" in the installer, instead
     	of the old "Please select" message (which had the same value as GMT)
 -Jan-2005 Ryan Djurovich
     !	Ability to specify the chmod number when WB uploads files, etc.
     !	Modified file headers (copyright/license notice) so they now look almost the
     	same, independant of font. Also, it now covers copyright for 2005.
 -Jan-2005 Ryan Djurovich
     #	Added code on wb/admin/pages/delete.php to remove sections from the sections
     	table when a page is deleted.
     +	New 'Smart Login' prevents users from using external password managers,
     	and can be set to remember the users password using cookies.
     !	SourceForge CVS module now called websitebaker2 (instead of just
     	websitebaker). Also, all file versions have been reset.
 -Fed-2005 Ryan Djurovich
     !	Added code to prevent from changing a pages level (it simply disables
     	the select box), to prevent many possible bugs.
     ------------------------------------- 2.2.4 -------------------------------------
 -Dec-2004 Ryan Djurovich
     !	Change 'EXACT_PHRASE' to 'EXACT_MATCH' on line 261 of wb/languages/EN.php
     #	Fixed multi-language support in search
     +	Added more detailed options to list of PHP error reporting level's
     -	Removed ability to change language and PHP error reporting level
     	on installation to make things easier for newbie's
     +	Ability to select custom spacer for page filename's
     !	Changed the way a language code is found on language installation
     +	Added template permissions to groups
     #	Fixed bug when trying to change email from Preferences (admin and frontend)
     #	Fixed bug with auto-selection of "System Default" for Preferences
     !	News module now use's WYSIWYG for modifying news posts
     +	Ability to specify both the pages and media target directories
     ------------------------------------ 2.2.3-c ------------------------------------
 -Dec-2004 Ryan Djurovich
     #	Fixed problem with DB password being reset if Settings saved in basic mode
     ------------------------------------ 2.2.3-b ------------------------------------
 -Dec-2004 Ryan Djurovich
     #	Fixed minor bug on admin templates section
     #	Fixed bug on rename.php and rename2.php in admin media section
     ------------------------------------- 2.2.3 -------------------------------------
 -Dec-2004 Ryan Djurovich
     +	Added WB release version in Administration (top right corner)
     !	New option to prevent users from adding level 0 pages
     #	Fixed bug when deleting post's in News module
     +	Added new field in pages table for "root" parent (level 0 parent), for
     	extra flexability in creating templates
     !	Round template now supports unlimited page levels
     ------------------------------------- 2.2.2 -------------------------------------
 -Dec-2004 Ryan Djurovich
     +	New option under Search Settings for selecting custom template for search
     +	New option when changing page settings to set the target
     #	Fixed error when saving a user after editing
     !	Users can now modify sub-page if they dont have permissions on the parent
     ------------------------------------- 2.2.1 -------------------------------------
 -Dec-2004 Ryan Djurovich
     #	Fixed bug when changing password on preferences form (front-end)
     #	Fixed bug when retrieving user details (administration)
     #	Added check to see if module, template, or language is in use when deleting
     #	Fixed up email that is sent to user from a submitted form
     #	Fixed major problem with module permissions which stopped it from working
     ------------------------------------- 2.2.0 -------------------------------------
 -Dec-2004 (Correct date[s] unkown) Ryan Djurovich
     +	Multiple-level page support
     +	Multiple section's for pages (including interface)
     !	Removed text created using two words on all areas
     	(e.g. {Intro} {PAGE} is now {INTRO_PAGE})
     	this is for better language support
     +	Added Languages section
     !	Moved Templates and Modules under Add-ons section
     !	Changed name of "Default" template to "Round"
     +	Added "All CSS" template
     +	Added "Jump"
     +	Added
     !	Modified "Box" template to support multiple page levels
     +	Added "Menu Link" module
     +	Added "News" module
     +	Added "Code" module
     +	Added "Form" module
     +	Added "Wrapper" module
     !	Changed name of "Normal Page" module to "WYSIWYG"
     +	Created new admin wrapper script to ease module develpment
     +	Media now automatically creates index.php file for every
     	sub-folder made (for security purposes)
     !	Change "Help" link in Administration menu so it now directs
     	to the the new Website Baker documentation website found at:
     	http://www.websitebaker.org/documentation
     !	Password is now required to change email in preferences
     +	User can now select custom Language and Date & Time Formats
     +	Added search functionality, with three different "methods":
 . Using all words  2. Using any words  3. Exact match
     +	Added native MySQL database support

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Check that GET values have been supplied
     if(isset($_GET['page_id']) AND is_numeric($_GET['page_id'])) {
     	$page_id = $_GET['page_id'];
     	define('PAGE_ID', $page_id);
     } else {
     	header('Location: '.WB_URL);
+    }
     if(isset($_GET['group_id']) AND is_numeric($_GET['group_id'])) {
     	$group_id = $_GET['group_id'];
     	define('GROUP_ID', $group_id);
+    }
     // Include WB files
     require_once('../../config.php');
     require_once(WB_PATH.'/framework/class.frontend.php');
     $database = new database();
     $wb = new frontend();
     $wb->page_id = $page_id;
     $wb->get_page_details();
     $wb->get_website_settings();
     // Sending XML header
     header("Content-type: text/xml");
     // Header info
     // Required by CSS 2.0
     echo "<rss version='2.0'>";
     echo "<channel>";
     echo "<title>".PAGE_TITLE."</title>";
     echo "<link>".WB_URL."</link>";
     echo "<description>".PAGE_DESCRIPTION."</description>";
     // Optional header info
     echo "<language>".DEFAULT_LANGUAGE."</language>";
     echo "<copyright>".WB_URL."</copyright>";
     echo "<managingEditor>".SERVER_EMAIL."</managingEditor>";
     echo "<webMaster>".SERVER_EMAIL."</webMaster>";
     echo "<category>".WEBSITE_TITLE."</category>";
     echo "<generator>Website Baker Content Management System</generator>";
     // Get news items from database
     //Query
     if(isset($group_id)) {
     	$query = "SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE group_id=".$group_id." AND page_id = ".$page_id." AND active=1 ORDER BY posted_when DESC";
     } else {
     	$query = "SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE page_id=".$page_id." AND active=1 ORDER BY posted_when DESC";
+    }
     $result = $database->query($query);
     //Generating the news items
     while($item = $result->fetchRow($result)){
         echo "<item>";
         echo "<title>".$item["title"]."</title>";
         // Stripping HTML Tags for text-only visibility
         echo "<description>".strip_tags($item["content_short"])."</description>";
         echo "<link>".WB_URL."/pages".$item["link"].PAGE_EXTENSION."</link>";
         /* Add further (non required) information here like ie.
         echo "<author>".$item["posted_by"]."</author>");
         etc.
         */
         echo "</item>";
+    }
     // Writing footer information
     echo "</channel>";
     echo "</rss>";
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Make sure page cannot be accessed directly
     if(!defined('WB_URL')) { header('Location: ../index.php'); }
     // Get comments page template details from db
     $query_settings = $database->query("SELECT comments_page,use_captcha FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '".SECTION_ID."'");
     if($query_settings->numRows() == 0) {
     	header('Location: '.WB_URL.'/pages/');
     } else {
     	$settings = $query_settings->fetchRow();
     	// Print comments page
     	echo str_replace('[POST_TITLE]', POST_TITLE, ($settings['comments_page']));
     	?>
     	<form name="comment" action="<?php echo WB_URL.'/modules/news/submit_comment.php?page_id='.PAGE_ID.'&section_id='.SECTION_ID.'&post_id='.POST_ID; ?>" method="post">
     	<?php echo $TEXT['TITLE']; ?>:
     	<br />
     	<input type="text" name="title" maxlength="255" style="width: 90%;"<?php if(isset($_SESSION['comment_title'])) { echo ' value="'.$_SESSION['comment_title'].'"'; unset($_SESSION['comment_title']); } ?> />
     	<br /><br />
     	<?php echo $TEXT['COMMENT']; ?>:
     	<br />
     	<textarea name="comment" style="width: 90%; height: 150px;"><?php if(isset($_SESSION['comment_body'])) { echo $_SESSION['comment_body']; unset($_SESSION['comment_body']); } ?></textarea>
     	<br /><br />
     	<?php
     	if(isset($_SESSION['captcha_error'])) {
     		echo '<font color="#FF0000">'.$_SESSION['captcha_error'].'</font><br />';
     		unset($_SESSION['captcha_error']);
+    	}
     	// Captcha
     	if($settings['use_captcha']) {
     	$_SESSION['captcha'] = '';
     	for($i = 0; $i < 5; $i++) {
     		$_SESSION['captcha'] .= rand(0,9);
+    	}
     	?>
     	<table cellpadding="2" cellspacing="0" border="0">
     	<tr>
     	<td><?php echo $TEXT['VERIFICATION']; ?>:</td>
     	<td><img src="<?php echo WB_URL; ?>/include/captcha.php" alt="Captcha" /></td>
     	<td><input type="text" name="captcha" maxlength="5" /></td>
     	</tr></table>
     	<br />
     	<?php
+    	}
     	?>
     	<input type="submit" name="submit" value="<?php echo $TEXT['ADD']; ?> <?php echo $TEXT['COMMENT']; ?>" />
     	</form>
     	<?php
+    }
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     if(defined('WB_URL')) {
     	$database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_posts`");
     	$mod_news = 'CREATE TABLE `'.TABLE_PREFIX.'mod_news_posts` ( '
     					 . '`post_id` INT NOT NULL AUTO_INCREMENT,'
     					 . '`section_id` INT NOT NULL,'
     					 . '`page_id` INT NOT NULL,'
     					 . '`group_id` INT NOT NULL,'
     					 . '`active` INT NOT NULL,'
     					 . '`position` INT NOT NULL,'
     					 . '`title` VARCHAR(255) NOT NULL,'
     					 . '`link` TEXT NOT NULL,'
     					 . '`content_short` TEXT NOT NULL,'
     					 . '`content_long` TEXT NOT NULL,'
     					 . '`commenting` VARCHAR(7) NOT NULL,'
     		   	    	 . '`posted_when` INT NOT NULL ,'
     					 . '`posted_by` INT NOT NULL ,'
     					 . 'PRIMARY KEY (post_id)'
                     . ' )';
     	$database->query($mod_news);
     	$database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_groups`");
     	$mod_news = 'CREATE TABLE `'.TABLE_PREFIX.'mod_news_groups` ( '
     					 . '`group_id` INT NOT NULL AUTO_INCREMENT,'
     					 . '`section_id` INT NOT NULL,'
     					 . '`page_id` INT NOT NULL,'
     					 . '`active` INT NOT NULL,'
     					 . '`position` INT NOT NULL,'
     					 . '`title` VARCHAR(255) NOT NULL,'
     					 . 'PRIMARY KEY (group_id)'
                     . ' )';
     	$database->query($mod_news);
     	$database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_comments`");
     	$mod_news = 'CREATE TABLE `'.TABLE_PREFIX.'mod_news_comments` ( '
     					 . '`comment_id` INT NOT NULL AUTO_INCREMENT,'
     					 . '`section_id` INT NOT NULL,'
     					 . '`page_id` INT NOT NULL,'
     					 . '`post_id` INT NOT NULL,'
     					 . '`title` VARCHAR(255) NOT NULL,'
     					 . '`comment` TEXT NOT NULL,'
     		   	    . '`commented_when` INT NOT NULL ,'
     					 . '`commented_by` INT NOT NULL ,'
     					 . 'PRIMARY KEY (comment_id)'
                     . ' )';
     	$database->query($mod_news);
     	$database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_settings`");
     	$mod_news = 'CREATE TABLE `'.TABLE_PREFIX.'mod_news_settings` ( '
     					 . '`section_id` INT NOT NULL,'
     					 . '`page_id` INT NOT NULL,'
     					 . '`header` TEXT NOT NULL,'
     					 . '`post_loop` TEXT NOT NULL,'
     					 . '`footer` TEXT NOT NULL,'
     					 . '`posts_per_page` INT NOT NULL,'
     					 . '`post_header` TEXT NOT NULL,'
     					 . '`post_footer` TEXT NOT NULL,'
     					 . '`comments_header` TEXT NOT NULL,'
     					 . '`comments_loop` TEXT NOT NULL,'
     					 . '`comments_footer` TEXT NOT NULL,'
     					 . '`comments_page` TEXT NOT NULL,'
     					 . '`commenting` VARCHAR(7) NOT NULL,'
     					 . '`resize` INT NOT NULL,'
     					 . ' `use_captcha` INT NOT NULL,'
     					 . 'PRIMARY KEY (section_id)'
                     . ' )';
     	$database->query($mod_news);
     	// Insert info into the search table
     	// Module query info
     	$field_info = array();
     	$field_info['page_id'] = 'page_id';
     	$field_info['title'] = 'page_title';
     	$field_info['link'] = 'link';
     	$field_info['description'] = 'description';
     	$field_info['modified_when'] = 'modified_when';
     	$field_info['modified_by'] = 'modified_by';
     	$field_info = serialize($field_info);
     	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('module', 'news', '$field_info')");
     	// Query start
     	$query_start_code = "SELECT [TP]pages.page_id, [TP]pages.page_title,	[TP]pages.link, [TP]pages.description, [TP]pages.modified_when, [TP]pages.modified_by	FROM [TP]mod_news_posts, [TP]mod_news_groups, [TP]mod_news_comments, [TP]mod_news_settings, [TP]pages WHERE ";
     	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_start', '$query_start_code', 'news')");
     	// Query body
     	$query_body_code = "
     	[TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.title LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.content_short LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.content_long LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_comments.page_id AND [TP]mod_news_comments.title LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_comments.page_id AND [TP]mod_news_comments.comment LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.header LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.footer LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.post_header LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.post_footer LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.comments_header LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.comments_footer LIKE \'%[STRING]%\'
     	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.comments_footer LIKE \'%[STRING]%\'";
     	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_body', '$query_body_code', 'news')");
     	// Query end
     	$query_end_code = "";
     	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_end', '$query_end_code', 'news')");
     	// Insert blank row (there needs to be at least on row for the search to work)
     	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_posts (section_id,page_id) VALUES ('0', '0')");
     	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_groups (section_id,page_id) VALUES ('0', '0')");
     	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_comments (section_id,page_id) VALUES ('0', '0')");
     	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_settings (section_id,page_id) VALUES ('0', '0')");
     	// Make news post access files dir
     	make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/');
+
+    }
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     require('../../config.php');
     // Include WB admin wrapper script
     require(WB_PATH.'/modules/admin.php');
     // Get header and footer
     $query_content = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
     $fetch_content = $query_content->fetchRow();
     // Set raw html <'s and >'s to be replace by friendly html code
     $raw = array('<', '>');
     $friendly = array('&lt;', '&gt;');
     ?>
     <style type="text/css">
     .setting_name {
     	vertical-align: top;
+    }
     </style>
     <form name="modify" action="<?php echo WB_URL; ?>/modules/news/save_settings.php" method="post" style="margin: 0;">
     <input type="hidden" name="section_id" value="<?php echo $section_id; ?>">
     <input type="hidden" name="page_id" value="<?php echo $page_id; ?>">
     <table cellpadding="2" cellspacing="0" border="0" width="100%">
     <tr>
     	<td class="setting_name" width="100"><?php echo $TEXT['HEADER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="header" style="width: 100%; height: 80px;"><?php echo ($fetch_content['header']); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['POST'].' '.$TEXT['LOOP']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="post_loop" style="width: 100%; height: 60px;"><?php echo ($fetch_content['post_loop']); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['FOOTER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="footer" style="width: 100%; height: 80px;"><?php echo str_replace($raw, $friendly, ($fetch_content['footer'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['POST_HEADER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="post_header" style="width: 100%; height: 60px;"><?php echo str_replace($raw, $friendly, ($fetch_content['post_header'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['POST_FOOTER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="post_footer" style="width: 100%; height: 60px;"><?php echo str_replace($raw, $friendly, ($fetch_content['post_footer'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['POSTS_PER_PAGE']; ?>:</td>
     	<td class="setting_name">
     		<select name="posts_per_page" style="width: 100%;">
     			<option value=""><?php echo $TEXT['UNLIMITED']; ?></option>
     			<?php
     			for($i = 1; $i <= 20; $i++) {
     				if($fetch_content['posts_per_page'] == ($i*5)) { $selected = ' selected'; } else { $selected = ''; }
     				echo '<option value="'.($i*5).'"'.$selected.'>'.($i*5).'</option>';
+    			}
     			?>
     		</select>
     	</td>
     </tr>
     <tr>
     	<td><?php echo $TEXT['COMMENTING']; ?>:</td>
     	<td>
     		<select name="commenting" style="width: 100%;">
     			<option value="none"><?php echo $TEXT['DISABLED']; ?></option>
     			<option value="public" <?php if($fetch_content['commenting'] == 'public') { echo 'selected'; } ?>><?php echo $TEXT['PUBLIC']; ?></option>
     			<option value="private" <?php if($fetch_content['commenting'] == 'private') { echo 'selected'; } ?>><?php echo $TEXT['PRIVATE']; ?></option>
     		</select>
     	</td>
     </tr>
     <?php if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) { /* Make's sure GD library is installed */ ?>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['CAPTCHA_VERIFICATION']; ?>:</td>
     	<td>
     		<input type="radio" name="use_captcha" id="use_captcha_true" value="1"<?php if($fetch_content['use_captcha'] == true) { echo ' checked'; } ?> />
     		<label for="use_captcha_true"><?php echo $TEXT['ENABLED']; ?></label>
     		<input type="radio" name="use_captcha" id="use_captcha_false" value="0"<?php if($fetch_content['use_captcha'] == false) { echo ' checked'; } ?> />
     		<label for="use_captcha_false"><?php echo $TEXT['DISABLED']; ?></label>
     	</td>
     </tr>
     <tr>
     	<td>
     		<?php echo $TEXT['RESIZE_IMAGE_TO']; ?>:
     	</td>
     	<td>
     		<select name="resize" style="width: 100%;">
     			<option value=""><?php echo $TEXT['NONE']; ?></option>
     			<?php
     			$SIZES['50'] = '50x50px';
     			$SIZES['75'] = '75x75px';
     			$SIZES['100'] = '100x100px';
     			$SIZES['125'] = '125x125px';
     			$SIZES['150'] = '150x150px';
     			foreach($SIZES AS $size => $size_name) {
     				if($fetch_content['resize'] == $size) { $selected = ' selected'; } else { $selected = ''; }
     				echo '<option value="'.$size.'"'.$selected.'>'.$size_name.'</option>';
+    			}
     			?>
     		</select>
     	</td>
     </tr>
     <?php } ?>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['COMMENTS'].' '.$TEXT['HEADER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="comments_header" style="width: 100%; height: 60px;"><?php echo str_replace($raw, $friendly, ($fetch_content['comments_header'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['COMMENTS'].' '.$TEXT['LOOP']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="comments_loop" style="width: 100%; height: 60px;"><?php echo str_replace($raw, $friendly, ($fetch_content['comments_loop'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['COMMENTS'].' '.$TEXT['FOOTER']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="comments_footer" style="width: 100%; height: 60px;"><?php echo str_replace($raw, $friendly, ($fetch_content['comments_footer'])); ?></textarea>
     	</td>
     </tr>
     <tr>
     	<td class="setting_name"><?php echo $TEXT['COMMENTS'].' '.$TEXT['PAGE']; ?>:</td>
     	<td class="setting_name">
     		<textarea name="comments_page" style="width: 100%; height: 80px;"><?php echo str_replace($raw, $friendly, ($fetch_content['comments_page'])); ?></textarea>
     	</td>
     </tr>
     </table>
     <table cellpadding="0" cellspacing="0" border="0" width="100%">
     <tr>
     	<td width="105">&nbsp;</td>
     	<td align="left">
     		<input name="save" type="submit" value="<?php echo $TEXT['SAVE'].' '.$TEXT['SETTINGS']; ?>" style="width: 200px; margin-top: 5px;"></form>
     	</td>
     	<td align="right">
     		<input type="button" value="<?php echo $TEXT['CANCEL']; ?>" onclick="javascript: window.location = '<?php echo ADMIN_URL; ?>/pages/modify.php?page_id=<?php echo $page_id; ?>';" style="width: 100px; margin-top: 5px;" />
     	</td>
     </tr>
     </table>
     <?php
     // Print admin footer
     $admin->print_footer();
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     require('../../config.php');
     // Include WB admin wrapper script
     $update_when_modified = true; // Tells script to update when this page was last updated
     require(WB_PATH.'/modules/admin.php');
     // This code removes any <?php tags and adds slashes
     $friendly = array('&lt;', '&gt;', '?php');
     $raw = array('<', '>', '');
     $header = $admin->add_slashes(str_replace($friendly, $raw, $_POST['header']));
     $post_loop = $admin->add_slashes(str_replace($friendly, $raw, $_POST['post_loop']));
     $footer = $admin->add_slashes(str_replace($friendly, $raw, $_POST['footer']));
     $post_header = $admin->add_slashes(str_replace($friendly, $raw, $_POST['post_header']));
     $post_footer = $admin->add_slashes(str_replace($friendly, $raw, $_POST['post_footer']));
     $comments_header = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_header']));
     $comments_loop = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_loop']));
     $comments_footer = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_footer']));
     $comments_page = $admin->add_slashes(str_replace($friendly, $raw, $_POST['comments_page']));
     $commenting = $_POST['commenting'];
     $posts_per_page = $_POST['posts_per_page'];
     if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) {
     	$resize = $_POST['resize'];
     	$use_captcha = $_POST['use_captcha'];
     } else {
     	$resize = '';
     	$use_captcha = false;
+    }
     // Update settings
     $database->query("UPDATE ".TABLE_PREFIX."mod_news_settings SET header = '$header', post_loop = '$post_loop', footer = '$footer', posts_per_page = '$posts_per_page', post_header = '$post_header', post_footer = '$post_footer', comments_header = '$comments_header', comments_loop = '$comments_loop', comments_footer = '$comments_footer', comments_page = '$comments_page', commenting = '$commenting', resize = '$resize', use_captcha = '$use_captcha' WHERE section_id = '$section_id'");
     // Check if there is a db error, otherwise say successful
     if($database->is_error()) {
     	$admin->print_error($database->get_error(), ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
     } else {
     	$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
+    }
     // Print admin footer
     $admin->print_footer();
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Include config file
     require('../../config.php');
     require_once(WB_PATH.'/framework/class.wb.php');
     $wb = new wb;
     // Check if we should show the form or add a comment
     if(is_numeric($_GET['page_id']) AND is_numeric($_GET['section_id']) AND isset($_GET['post_id']) AND is_numeric($_GET['post_id']) AND isset($_POST['comment']) AND $_POST['comment'] != '') {
     	// Check captcha
     	if(extension_loaded('gd') AND function_exists('imageCreateFromJpeg')) { /* Make's sure GD library is installed */
     		if(isset($_POST['captcha']) AND $_POST['captcha'] != ''){
     			// Check for a mismatch
     			if(!isset($_POST['captcha']) OR !isset($_SESSION['captcha']) OR $_POST['captcha'] != $_SESSION['captcha']) {
     				$_SESSION['captcha_error'] = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA'];
     				$_SESSION['comment_title'] = $_POST['title'];
     				$_SESSION['comment_body'] = $_POST['comment'];
     				exit(header('Location: '.WB_URL.'/modules/news/comment.php?id='.$_GET['post_id']));
+    			}
     		} else {
     			$_SESSION['captcha_error'] = $MESSAGE['MOD_FORM']['INCORRECT_CAPTCHA'];
     			$_SESSION['comment_title'] = $_POST['title'];
     			$_SESSION['comment_body'] = $_POST['comment'];
     			exit(header('Location: '.WB_URL.'/modules/news/comment.php?id='.$_GET['post_id']));
+    		}
+    	}
     	if(isset($_SESSION['catpcha'])) { unset($_SESSION['captcha']); }
     	// Insert the comment into db
     	$page_id = $_GET['page_id'];
     	$section_id = $_GET['section_id'];
     	$post_id = $_GET['post_id'];
     	$title = $wb->add_slashes(strip_tags($_POST['title']));
     	$comment = $wb->add_slashes(strip_tags($_POST['comment']));
     	$commented_when = mktime();
     	if($wb->is_authenticated() == true) {
     		$commented_by = $wb->get_user_id();
     	} else {
     		$commented_by = '';
+    	}
     	$query = $database->query("INSERT INTO ".TABLE_PREFIX."mod_news_comments (section_id,page_id,post_id,title,comment,commented_when,commented_by) VALUES ('$section_id','$page_id','$post_id','$title','$comment','$commented_when','$commented_by')");
     	// Get page link
     	$query_page = $database->query("SELECT link FROM ".TABLE_PREFIX."mod_news_posts WHERE post_id = '$post_id'");
     	$page = $query_page->fetchRow();
     	header('Location: '.$wb->page_link($page['link']).'?id='.$post_id);
     } else {
     	header('Location: '.WB_URL.'/pages/');
+    }
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Must include code to stop this file being access directly
     if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
     $header = '<style type=\"text/css\">
     .post_title, .post_date { border-bottom: 1px solid #DDDDDD; }
     .post_title { font-weight: bold; font-size: 12px; color: #000000; }
     .post_date { text-align: right; font-weight: bold; }
     .post_short { text-align: justify; padding-bottom: 5px; }
     </style>
     <table cellpadding=\"0\" cellspacing=\"0\" border=\"0\" width=\"100%\">';
     $post_loop = '<tr class=\"post_top\">
     <td class=\"post_title\"><a href=\"[LINK]\">[TITLE]</a></td>
     <td class=\"post_date\">[TIME], [DATE]</td>
     </tr>
     <tr>
     <td class=\"post_short\" colspan=\"2\">
     [SHORT]
     <a href=\"[LINK]\">[TEXT_READ_MORE]</a>
     </td>
     </tr>';
     $footer = '</table>
     <table cellpadding="0" cellspacing="0" border="0" width="100%" style="display: [DISPLAY_PREVIOUS_NEXT_LINKS]">
     <tr>
     <td width="35%" align="left">[PREVIOUS_PAGE_LINK]</td>
     <td width="30%" align="center">[OF]</td>
     <td width="35%" align="right">[NEXT_PAGE_LINK]</td>
     </tr>
     </table>';
     $post_header = addslashes('<table cellpadding="0" cellspacing="0" border="0" width="100%">
     <tr>
     <td height="30"><h1>[TITLE]</h1></td>
     <td rowspan="3" style="display: [DISPLAY_IMAGE]"><img src="[GROUP_IMAGE]" alt="[GROUP_TITLE]" /></td>
     </tr>
     <tr>
     <td valign="top"><b>Posted by [DISPLAY_NAME] ([USERNAME]) on [DATE] at [TIME]</b></td>
     </tr>
     <tr style="display: [DISPLAY_GROUP]">
     <td valign="top"><a href="[BACK]">[PAGE_TITLE]</a> >> <a href="[BACK]?g=[GROUP_ID]">[GROUP_TITLE]</a></td>
     </tr>
     </table>
     <p style="text-align: justify;">');
     $post_footer = '</p>
     <a href=\"[BACK]\">Back</a>';
     $comments_header = addslashes('<br /><br />
     <style type="text/css">
     .comment_title { font-weight: bold; }
     .comment_text { font-weight: bold; background-color: #FDFDFD; border-bottom: 1px solid #DDDDDD; padding-bottom: 15px; }
     .comment_title, .comment_text { border-left: 1px solid #DDDDDD; }
     .comment_info { text-align: right; border-right: 1px solid #DDDDDD; }
     .comment_title, .comment_info { border-top: 1px solid #DDDDDD; background-color: #EEEEEE; }
     </style>
     <h2>Comments</h2>
     <table cellpadding="2" cellspacing="0" border="0" width="100%">');
     $comments_loop = addslashes('<tr>
     <td class="comment_title">[TITLE]</td>
     <td class="comment_info">By [DISPLAY_NAME] on [DATE] at [TIME]</td>
     </tr>
     <tr>
     <td colspan="2" class="comment_text">[COMMENT]</td>
     </tr>');
     $comments_footer = '</table>
     <br /><a href=\"[ADD_COMMENT_URL]\">Add Comment</a>';
     $comments_page = '<h1>Comment</h1>
     <h2>[POST_TITLE]</h2>
     <br />';
     $commenting = 'none';
     $use_captcha = true;
     $database->query("INSERT INTO ".TABLE_PREFIX."mod_news_settings (section_id,page_id,header,post_loop,footer,post_header,post_footer,comments_header,comments_loop,comments_footer,comments_page,commenting,use_captcha) VALUES ('$section_id','$page_id','$header','$post_loop','$footer','$post_header','$post_footer','$comments_header','$comments_loop','$comments_footer','$comments_page','$commenting','$use_captcha')");
     ?>

     <?php
     // $Id$
     /*
      Website Baker Project <http://www.websitebaker.org/>
      Copyright (C) 2004-2005, Ryan Djurovich
      Website Baker is free software; you can redistribute it and/or modify
      it under the terms of the GNU General Public License as published by
      the Free Software Foundation; either version 2 of the License, or
      (at your option) any later version.
      Website Baker is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
      MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
      GNU General Public License for more details.
      You should have received a copy of the GNU General Public License
      along with Website Baker; if not, write to the Free Software
      Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     */
     // Must include code to stop this file being access directly
     if(defined('WB_PATH') == false) { exit("Cannot access this file directly"); }
     // Check if there is a start point defined
     if(isset($_GET['p']) AND is_numeric($_GET['p']) AND $_GET['p'] >= 0) {
     	$position = $_GET['p'];
     } else {
     	$position = 0;
+    }
     // Get user's username, display name, email, and id - needed for insertion into post info
     $users = array();
     $query_users = $database->query("SELECT user_id,username,display_name,email FROM ".TABLE_PREFIX."users");
     if($query_users->numRows() > 0) {
     	while($user = $query_users->fetchRow()) {
     		// Insert user info into users array
     		$user_id = $user['user_id'];
     		$users[$user_id]['username'] = $user['username'];
     		$users[$user_id]['display_name'] = $user['display_name'];
     		$users[$user_id]['email'] = $user['email'];
+    	}
+    }
     // Get groups (title, if they are active, and their image [if one has been uploaded])
     $groups[0]['title'] = '';
     $groups[0]['active'] = true;
     $groups[0]['image'] = '';
     $query_users = $database->query("SELECT group_id,title,active FROM ".TABLE_PREFIX."mod_news_groups WHERE section_id = '$section_id' ORDER BY position ASC");
     if($query_users->numRows() > 0) {
     	while($group = $query_users->fetchRow()) {
     		// Insert user info into users array
     		$group_id = $group['group_id'];
     		$groups[$group_id]['title'] = ($group['title']);
     		$groups[$group_id]['active'] = $group['active'];
     		if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg')) {
     			$groups[$group_id]['image'] = WB_URL.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg';
     		} else {
     			$groups[$group_id]['image'] = '';
+    		}
+    	}
+    }
     // Check if we should show the main page or a post itself
     if(!defined('POST_ID') OR !is_numeric(POST_ID)) {
     	// Check if we should only list posts from a certain group
     	if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
     		$query_extra = " AND group_id = '".$_GET['g']."'";
     		?>
     		<style type="text/css">.selected_group_title { font-size: 14px; text-align: center; }</style>
     		<?php
     	} else {
     		$query_extra = '';
+    	}
     	// Get settings
     	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
     	if($query_settings->numRows() > 0) {
     		$fetch_settings = $query_settings->fetchRow();
     		$setting_header = ($fetch_settings['header']);
     		$setting_post_loop = ($fetch_settings['post_loop']);
     		$setting_footer = ($fetch_settings['footer']);
     		$setting_posts_per_page = $fetch_settings['posts_per_page'];
     	} else {
     		$setting_header = '';
     		$setting_post_loop = '';
     		$setting_footer = '';
     		$setting_posts_per_page = '';
+    	}
     	// Get total number of posts
     	$query_total_num = $database->query("SELECT post_id FROM ".TABLE_PREFIX."mod_news_posts WHERE section_id = '$section_id' AND active = '1' AND title != ''$query_extra");
     	$total_num = $query_total_num->numRows();
     	// Work-out if we need to add limit code to sql
     	if($setting_posts_per_page != 0) {
     		$limit_sql = " LIMIT $position,$setting_posts_per_page";
     	} else {
     		$limit_sql = "";
+    	}
     	// Query posts (for this page)
     	$query_posts = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE section_id = '$section_id' AND active = '1' AND title != ''$query_extra ORDER BY position DESC".$limit_sql);
     	$num_posts = $query_posts->numRows();
     	// Create previous and next links
     	if($setting_posts_per_page != 0) {
     		if($position > 0) {
     			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
     				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'&g='.$_GET['g'].'"><< ';
     			} else {
     				$pl_prepend = '<a href="?p='.($position-$setting_posts_per_page).'"><< ';
+    			}
     			$pl_append = '</a>';
     			$previous_link = $pl_prepend.$TEXT['PREVIOUS'].$pl_append;
     			$previous_page_link = $pl_prepend.$TEXT['PREVIOUS_PAGE'].$pl_append;
     		} else {
     			$previous_link = '';
     			$previous_page_link = '';
+    		}
     		if($position+$setting_posts_per_page >= $total_num) {
     			$next_link = '';
     			$next_page_link = '';
     		} else {
     			if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
     				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'&g='.$_GET['g'].'"> ';
     			} else {
     				$nl_prepend = '<a href="?p='.($position+$setting_posts_per_page).'"> ';
+    			}
     			$nl_append = ' >></a>';
     			$next_link = $nl_prepend.$TEXT['NEXT'].$nl_append;
     			$next_page_link = $nl_prepend.$TEXT['NEXT_PAGE'].$nl_append;
+    		}
     		if($position+$setting_posts_per_page > $total_num) {
     			$num_of = $position+$num_posts;
     		} else {
     			$num_of = $position+$setting_posts_per_page;
+    		}
     		$out_of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OUT_OF']).' '.$total_num;
     		$of = ($position+1).'-'.$num_of.' '.strtolower($TEXT['OF']).' '.$total_num;
     		$display_previous_next_links = '';
     	} else {
     		$display_previous_next_links = 'none';
+    	}
     	// Print header
     	if($display_previous_next_links == 'none') {
     		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_header);
     	} else {
     		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_header);
+    	}
     	if($num_posts > 0) {
     		if($query_extra != '') {
     			?>
     			<div class="selected_group_title">
     				<?php echo '<a href="'.$_SERVER['PHP_SELF'].'">'.PAGE_TITLE.'</a> >> '.$groups[$_GET['g']]['title']; ?>
     			</div>
     			<?php
+    		}
     		while($post = $query_posts->fetchRow()) {
     			if(isset($groups[$post['group_id']]['active']) AND $groups[$post['group_id']]['active'] != false) { // Make sure parent group is active
     				$uid = $post['posted_by']; // User who last modified the post
     				// Workout date and time of last modified post
     				$post_date = gmdate(DATE_FORMAT, $post['posted_when']+TIMEZONE);
     				$post_time = gmdate(TIME_FORMAT, $post['posted_when']+TIMEZONE);
     				// Work-out the post link
     				$post_link = page_link($post['link']);
     				if(isset($_GET['p']) AND $position > 0) {
     					$post_link .= '?p='.$position;
+    				}
     				if(isset($_GET['g']) AND is_numeric($_GET['g'])) {
     					if(isset($_GET['p']) AND $position > 0) { $post_link .= '&'; } else { $post_link .= '?'; }
     					$post_link .= 'g='.$_GET['g'];
+    				}
     				// Get group id, title, and image
     				$group_id = $post['group_id'];
     				$group_title = $groups[$group_id]['title'];
     				$group_image = $groups[$group_id]['image'];
     				if($group_image == '') { $display_image = 'none'; } else { $display_image = ''; }
     				if($group_id == 0) { $display_group = 'none'; } else { $display_group = ''; }
     				// Replace [wblink--PAGE_ID--] with real link
     				$short = ($post['content_short']);
     				$wb->preprocess($short);
     				// Replace vars with values
     				$post_long_len = strlen($post['content_long']);
     				$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[LINK]', '[DATE]', '[TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]', '[TEXT_READ_MORE]');
     				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
     					if($post_long_len < 9) {
     						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], '');
     					} else {
     						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $TEXT['READ_MORE']);
+    					}
     				} else {
     					if($post_long_len < 9) {
     						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, '', '', '', '', '');
     					} else {
     						$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $post['title'], $short, $post_link, $post_date, $post_time, '', '', '', '', $TEXT['READ_MORE']);
+    					}
+    				}
     				echo str_replace($vars, $values, $setting_post_loop);
+    			}
+    		}
+    	}
     	// Print footer
     	if($display_previous_next_links == 'none') {
     		echo  str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array('','','','','','', $display_previous_next_links), $setting_footer);
     	} else {
     		echo str_replace(array('[NEXT_PAGE_LINK]','[NEXT_LINK]','[PREVIOUS_PAGE_LINK]','[PREVIOUS_LINK]','[OUT_OF]','[OF]','[DISPLAY_PREVIOUS_NEXT_LINKS]'), array($next_page_link, $next_link, $previous_page_link, $previous_link, $out_of, $of, $display_previous_next_links), $setting_footer);
+    	}
     } elseif(defined('POST_ID') AND is_numeric(POST_ID)) {

... This diff was truncated because it exceeds the maximum size that can be displayed.

Also available in: Unified diff

Project

General

Profile

WB 2.08.x

Revision 274

Added by ryan over 18 years ago