WB 2.08.x

09-Oct-2009 Dietmar Woellbrink

#	Ticket #770, #785, #792, #807, #809, 

#	fixes and recoded news module

09-Oct-2009 Dietmar Woellbrink

#	Ticket #815 Fix Warning: open_basedir restriction in effect. File is in wrong directory in load_module

#	same fix to load_template

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

$module_directory = 'news';

$module_name = 'News v3.1';

$module_function = 'page';

$module_version = '3.1';

$module_platform = '2.8';

$module_author = 'Ryan Djurovich, Rob Smith';

$module_license = 'GNU General Public License';

$module_description = 'This page type is designed for making a news page.';

	require(WB_PATH.'/modules/'.WYSIWYG_EDITOR.'/include.php');

<table class="row_a" cellpadding="2" cellspacing="0" width="100%">

					<option value="<?php echo $group['group_id']; ?>"<?php if($fetch_content['group_id'] == $group['group_id']) { echo ' selected="selected"'; } ?>><?php echo $group['title']; ?></option>

			<option value="public" <?php if($fetch_content['commenting'] == 'public') { echo ' selected="selected"'; } ?>><?php echo $TEXT['PUBLIC']; ?></option>

			<option value="private" <?php if($fetch_content['commenting'] == 'private') { echo ' selected="selected"'; } ?>><?php echo $TEXT['PRIVATE']; ?></option>

	show_wysiwyg_editor("short","short",htmlspecialchars($fetch_content['content_short']),"100%","150px");

	show_wysiwyg_editor("long","long",htmlspecialchars($fetch_content['content_long']),"100%","350px");

			<?php if(isset($jscal_use_time) && $jscal_use_time==TRUE)

            { ?>

			<?php

            } ?>

			<?php if(isset($jscal_use_time) && $jscal_use_time==TRUE)

            { ?>

			<?php

            } ?>

				<a href="<?php echo WB_URL; ?>/modules/news/modify_comment.php?page_id=<?php echo $page_id; ?>&amp;section_id=<?php echo $section_id; ?>&amp;comment_id=<?php echo $comment['comment_id']; ?>" title="<?php echo $TEXT['MODIFY']; ?>">

				<a href="<?php echo WB_URL; ?>/modules/news/modify_comment.php?page_id=<?php echo $page_id; ?>&amp;section_id=<?php echo $section_id; ?>&amp;comment_id=<?php echo $comment['comment_id']; ?>">

				<a href="javascript: confirm_link('<?php echo $TEXT['ARE_YOU_SURE']; ?>', '<?php echo WB_URL; ?>/modules/news/delete_comment.php?page_id=<?php echo $page_id; ?>&amp;section_id=<?php echo $section_id; ?>&amp;post_id=<?php echo $post_id; ?>&amp;comment_id=<?php echo $comment['comment_id']; ?>');" title="<?php echo $TEXT['DELETE']; ?>">

if(!defined('WB_URL')) {

/* check if frontend.css file needs to be included into the <body></body> of page  */

if(!file_exists(WB_PATH .'/modules/news/languages/'.LANGUAGE .'.php'))

{

}

else

{

if($query_settings->numRows() == 0)

{

	exit( 0 );

}

else

{

		<textarea name="comment_<?php echo date('W'); ?>" rows="10" cols="1" style="width: 90%; height: 150px;"><?php if(isset($_SESSION['comment_body'])) { echo $_SESSION['comment_body']; unset($_SESSION['comment_body']); } ?></textarea>

	</tr>

    </table>

	<table class="news-table">

	<tr>

	    <td>

            <input type="submit" name="submit" value="<?php echo $MOD_NEWS['TEXT_ADD_COMMENT']; ?>" />

        </td>

        <td>

		    <input type="button" value="<?php echo $TEXT['CANCEL']; ?>" onclick="history.go(-1)"  />

        </td>

	</tr>

    </table>

	</form>

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

// Include config file

require('../../config.php');

// Check if there is a post id

if(!isset($_GET['post_id']) OR !is_numeric($_GET['post_id'])

    OR !isset($_GET['section_id']) OR !is_numeric($_GET['section_id']))

{

	header("Location: ".WB_URL.PAGES_DIRECTORY."");

	exit( 0 );

}

$post_id = $_GET['post_id'];

$section_id = $_GET['section_id'];

// Query post for page id

$query_post = $database->query("SELECT post_id,title,section_id,page_id FROM ".TABLE_PREFIX."mod_news_posts WHERE post_id = '$post_id'");

if($query_post->numRows() == 0)

{

    header("Location: ".WB_URL.PAGES_DIRECTORY."");

	exit( 0 );

}

else

{

	$fetch_post = $query_post->fetchRow();

	$page_id = $fetch_post['page_id'];

	$section_id = $fetch_post['section_id'];

	$post_id = $fetch_post['post_id'];

	$post_title = $fetch_post['title'];

	define('SECTION_ID', $section_id);

	define('POST_ID', $post_id);

	define('POST_TITLE', $post_title);

	// don't allow commenting if its disabled, or if post or group is inactive

	$t = time();

	$table_posts = TABLE_PREFIX."mod_news_posts";

	$table_groups = TABLE_PREFIX."mod_news_groups";

	$query = $database->query("

		SELECT p.post_id

		FROM $table_posts AS p LEFT OUTER JOIN $table_groups AS g ON p.group_id = g.group_id

		WHERE p.post_id='$post_id' AND p.commenting != 'none' AND p.active = '1' AND ( g.active IS NULL OR g.active = '1' )

		AND (p.published_when = '0' OR p.published_when <= $t) AND (p.published_until = 0 OR p.published_until >= $t)

	");

	if($query->numRows() == 0)

    {

		header("Location: ".WB_URL.PAGES_DIRECTORY."");

	    exit( 0 );

	}

	// don't allow commenting if ASP enabled and user doesn't comes from the right view.php

	if(ENABLED_ASP && (!isset($_SESSION['comes_from_view']) OR $_SESSION['comes_from_view']!=POST_ID))

    {

		header("Location: ".WB_URL.PAGES_DIRECTORY."");

	    exit( 0 );

	}

	// Get page details

	$query_page = $database->query("SELECT parent,page_title,menu_title,keywords,description,visibility FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'");

	if($query_page->numRows() == 0)

    {

		header("Location: ".WB_URL.PAGES_DIRECTORY."");

	    exit( 0 );

	}

    else

    {

		$page = $query_page->fetchRow();

		// Required page details

		define('PAGE_CONTENT', WB_PATH.'/modules/news/comment_page.php');

		// Include index (wrapper) file

		require(WB_PATH.'/index.php');

	}

}

?>

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

// Must include code to stop this file being access directly

if(defined('WB_PATH') == false)

{

  exit("Cannot access this file directly");

}

//get and remove all php files created for the news section

$query_details = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE section_id = '$section_id'");

if($query_details->numRows() > 0) {

	while($link = $query_details->fetchRow()) {

		if(is_writable(WB_PATH.PAGES_DIRECTORY.$link['link'].PAGE_EXTENSION)) {

		unlink(WB_PATH.PAGES_DIRECTORY.$link['link'].PAGE_EXTENSION);

		}

	}

}

//check to see if any other sections are part of the news page, if only 1 news is there delete it

$query_details = $database->query("SELECT * FROM ".TABLE_PREFIX."sections WHERE page_id = '$page_id'");

if($query_details->numRows() == 1) {

	$query_details2 = $database->query("SELECT * FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'");

	$link = $query_details2->fetchRow();

	if(is_writable(WB_PATH.PAGES_DIRECTORY.$link['link'].PAGE_EXTENSION)) {

		unlink(WB_PATH.PAGES_DIRECTORY.$link['link'].PAGE_EXTENSION);

	}

}

$database->query("DELETE FROM ".TABLE_PREFIX."mod_news_posts WHERE section_id = '$section_id'");

$database->query("DELETE FROM ".TABLE_PREFIX."mod_news_groups WHERE section_id = '$section_id'");

$database->query("DELETE FROM ".TABLE_PREFIX."mod_news_comments WHERE section_id = '$section_id'");

$database->query("DELETE FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

require('../../config.php');

require_once(WB_PATH."/include/jscalendar/jscalendar-functions.php");

// Get id

if(!isset($_POST['post_id']) OR !is_numeric($_POST['post_id']))

{

	header("Location: ".ADMIN_URL."/pages/index.php");

	exit( 0 );

}

else

{

	$id = $_POST['post_id'];

	$post_id = $id;

}

function create_file($filename, $filetime=NULL )

{

global $page_id, $section_id, $post_id;

	// We need to create a new file

	// First, delete old file if it exists

	if(file_exists(WB_PATH.PAGES_DIRECTORY.$filename.PAGE_EXTENSION))

    {

        $filetime = isset($filetime) ? $filetime :  filectime($filename);

		unlink(WB_PATH.PAGES_DIRECTORY.$filename.PAGE_EXTENSION);

	}

    else {

        $filetime = isset($filetime) ? $filetime : time();

    }

	// The depth of the page directory in the directory hierarchy

	// '/pages' is at depth 1

	$pages_dir_depth = count(explode('/',PAGES_DIRECTORY))-1;

	// Work-out how many ../'s we need to get to the index page

	$index_location = '../';

	for($i = 0; $i < $pages_dir_depth; $i++)

    {

		$index_location .= '../';

	}

	// Write to the filename

	$content = ''.

'<?php

$page_id = '.$page_id.';

$section_id = '.$section_id.';

$post_id = '.$post_id.';

define("POST_SECTION", $section_id);

define("POST_ID", $post_id);

require("'.$index_location.'config.php");

require(WB_PATH."/index.php");

?>';

	if($handle = fopen($filename, 'w+'))

    {

    	fwrite($handle, $content);

    	fclose($handle);

        if($filetime)

        {

        touch($filename, $filetime);

        }

    	change_mode($filename);

    }

}

// Include WB admin wrapper script

$update_when_modified = true; // Tells script to update when this page was last updated

require(WB_PATH.'/modules/admin.php');

// Validate all fields

if($admin->get_post('title') == '' AND $admin->get_post('url') == '')

{

	$admin->print_error($MESSAGE['GENERIC']['FILL_IN_ALL'], WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.'&section_id='.$section_id.'&post_id='.$id);

}

else

{

	$title = $admin->get_post_escaped('title');

	$short = $admin->get_post_escaped('short');

	$long = $admin->get_post_escaped('long');

	$commenting = $admin->get_post_escaped('commenting');

	$active = $admin->get_post_escaped('active');

	$old_link = $admin->get_post_escaped('link');

	$group_id = $admin->get_post_escaped('group');

}

// Get page link URL

$query_page = $database->query("SELECT level,link FROM ".TABLE_PREFIX."pages WHERE page_id = '$page_id'");

$page = $query_page->fetchRow();

$page_level = $page['level'];

$page_link = $page['link'];

// Include WB functions file

require(WB_PATH.'/framework/functions.php');

// Work-out what the link should be

$post_link = '/posts/'.page_filename($title).PAGE_SPACER.$post_id;

// Make sure the post link is set and exists

// Make news post access files dir

make_dir(WB_PATH.PAGES_DIRECTORY.'/posts/');

$file_create_time = '';

if(!is_writable(WB_PATH.PAGES_DIRECTORY.'/posts/'))

{

	$admin->print_error($MESSAGE['PAGES']['CANNOT_CREATE_ACCESS_FILE']);

}

elseif($old_link != $post_link OR !file_exists(WB_PATH.PAGES_DIRECTORY.$post_link.PAGE_EXTENSION))

{

	// We need to create a new file

	// First, delete old file if it exists

	if(file_exists(WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION))

    {

        $file_create_time = filectime($old_link);

		unlink(WB_PATH.PAGES_DIRECTORY.$old_link.PAGE_EXTENSION);

	}

    // Specify the filename

    $filename = WB_PATH.PAGES_DIRECTORY.'/'.$post_link.PAGE_EXTENSION;

    create_file($filename, $file_create_time);

}

// get publisedwhen and publisheduntil

$publishedwhen = jscalendar_to_timestamp($admin->get_post_escaped('publishdate'));

if($publishedwhen == '' || $publishedwhen < 1)

	$publishedwhen=0;

$publisheduntil = jscalendar_to_timestamp($admin->get_post_escaped('enddate'), $publishedwhen);

if($publisheduntil == '' || $publisheduntil < 1)

	$publisheduntil=0;

// Update row

$database->query("UPDATE ".TABLE_PREFIX."mod_news_posts SET group_id = '$group_id', title = '$title', link = '$post_link', content_short = '$short', content_long = '$long', commenting = '$commenting', active = '$active', published_when = '$publishedwhen', published_until = '$publisheduntil', posted_when = '".time()."', posted_by = '".$admin->get_user_id()."' WHERE post_id = '$post_id'");

// Check if there is a db error, otherwise say successful

if($database->is_error())

{

	$admin->print_error($database->get_error(), WB_URL.'/modules/news/modify_post.php?page_id='.$page_id.'&section_id='.$section_id.'&post_id='.$id);

}

else

{

	$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);

}

// Print admin footer

$admin->print_footer();

	// $database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_posts`");

	$mod_news = 'CREATE TABLE IF NOT EXISTS `'.TABLE_PREFIX.'mod_news_posts` ( '

	// $database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_groups`");

	$mod_news = 'CREATE TABLE IF NOT EXISTS `'.TABLE_PREFIX.'mod_news_groups` ( '

	// $database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_comments`");

	$mod_news = 'CREATE TABLE IF NOT EXISTS `'.TABLE_PREFIX.'mod_news_comments` ( '

	// $database->query("DROP TABLE IF EXISTS `".TABLE_PREFIX."mod_news_settings`");

	$mod_news = 'CREATE TABLE IF NOT EXISTS `'.TABLE_PREFIX.'mod_news_settings` ( '

    $mod_search = "SELECT * FROM ".TABLE_PREFIX."search  WHERE value = 'mod_wysiwyg_query'";

    $database->query($mod_search);

    $insert_search = $database->is_error();

    if( $insert_search )

    {

    	// Insert info into the search table

    	// Module query info

    	$field_info = array();

    	$field_info['page_id'] = 'page_id';

    	$field_info['title'] = 'page_title';

    	$field_info['link'] = 'link';

    	$field_info['description'] = 'description';

    	$field_info['modified_when'] = 'modified_when';

    	$field_info['modified_by'] = 'modified_by';

    	$field_info = serialize($field_info);

    	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('module', 'news', '$field_info')");

    	// Query start

    	$query_start_code = "SELECT [TP]pages.page_id, [TP]pages.page_title,	[TP]pages.link, [TP]pages.description, [TP]pages.modified_when, [TP]pages.modified_by	FROM [TP]mod_news_posts, [TP]mod_news_groups, [TP]mod_news_comments, [TP]mod_news_settings, [TP]pages WHERE ";

    	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_start', '$query_start_code', 'news')");

    	// Query body

    	$query_body_code = "

    	[TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.title LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.content_short LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_posts.page_id AND [TP]mod_news_posts.content_long LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_comments.page_id AND [TP]mod_news_comments.title LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_comments.page_id AND [TP]mod_news_comments.comment LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.header LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.footer LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.post_header LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.post_footer LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.comments_header LIKE \'%[STRING]%\'

    	OR [TP]pages.page_id = [TP]mod_news_settings.page_id AND [TP]mod_news_settings.comments_footer LIKE \'%[STRING]%\'";

    	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_body', '$query_body_code', 'news')");

    	// Query end

    	$query_end_code = "";

    	$database->query("INSERT INTO ".TABLE_PREFIX."search (name,value,extra) VALUES ('query_end', '$query_end_code', 'news')");

    	// Insert blank row (there needs to be at least on row for the search to work)

    	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_posts (section_id,page_id) VALUES ('0', '0')");

    	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_groups (section_id,page_id) VALUES ('0', '0')");

    	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_comments (section_id,page_id) VALUES ('0', '0')");

    	$database->query("INSERT INTO ".TABLE_PREFIX."mod_news_settings (section_id,page_id) VALUES ('0', '0')");

    }

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

// Check that GET values have been supplied

if(isset($_GET['page_id']) AND is_numeric($_GET['page_id']))

{

	$page_id = $_GET['page_id'];

	define('PAGE_ID', $page_id);

}

else

{

	header('Location: '.WB_URL);

	exit( 0 );

}

if(isset($_GET['group_id']) AND is_numeric($_GET['group_id'])) {

	$group_id = $_GET['group_id'];

	define('GROUP_ID', $group_id);

}

// Include WB files

require_once('../../config.php');

require_once(WB_PATH.'/framework/class.frontend.php');

$database = new database();

$wb = new frontend();

$wb->page_id = $page_id;

$wb->get_page_details();

$wb->get_website_settings();

//checkout if a charset is defined otherwise use UTF-8

if(defined('DEFAULT_CHARSET')) {

	$charset=DEFAULT_CHARSET;

} else {

	$charset='utf-8';

}

// Sending XML header

header("Content-type: text/xml; charset=$charset" );

// Header info

// Required by CSS 2.0

echo '<?xml version="1.0" encoding="'.$charset.'"?>';

?>

<rss version="2.0">

<channel>

<title><?php echo PAGE_TITLE; ?></title>

<link>http://<?php echo $_SERVER['SERVER_NAME']; ?></link>

<description> <?php echo PAGE_DESCRIPTION; ?></description>

<?php

// Optional header info

?>

<language><?php echo strtolower(DEFAULT_LANGUAGE); ?></language>

<copyright><?php $thedate = date('Y'); $websitetitle = WEBSITE_TITLE; echo "Copyright {$thedate}, {$websitetitle}"; ?></copyright>

<managingEditor><?php echo SERVER_EMAIL; ?></managingEditor>

<webMaster><?php echo SERVER_EMAIL; ?></webMaster>

<category><?php echo WEBSITE_TITLE; ?></category>

<generator>Website Baker Content Management System</generator>

<?php

// Get news items from database

$t = TIME();

$time_check_str= "(published_when = '0' OR published_when <= ".$t.") AND (published_until = 0 OR published_until >= ".$t.")";

//Query

if(isset($group_id)) {

	$query = "SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE group_id=".$group_id." AND page_id = ".$page_id." AND active=1 AND ".$time_check_str." ORDER BY posted_when DESC";

} else {

	$query = "SELECT * FROM ".TABLE_PREFIX."mod_news_posts WHERE page_id=".$page_id." AND active=1 AND ".$time_check_str." ORDER BY posted_when DESC";

}

$result = $database->query($query);

//Generating the news items

while($item = $result->fetchRow($result)){ ?>

<item>

<title><![CDATA[<?php echo stripslashes($item["title"]); ?>]]></title>

<description><![CDATA[<?php echo stripslashes($item["content_short"]); ?>]]></description>

<guid><?php echo WB_URL.PAGES_DIRECTORY.$item["link"].PAGE_EXTENSION; ?></guid>

<link><?php echo WB_URL.PAGES_DIRECTORY.$item["link"].PAGE_EXTENSION; ?></link>

</item>

<?php } ?>

</channel>

if(function_exists('edit_module_css'))

{

	<input type="hidden" name="section_id" value="<?php echo $section_id; ?>" />

	<input type="hidden" name="page_id" value="<?php echo $page_id; ?>" />

	<table class="row_a" cellpadding="2" cellspacing="0" width="100%">

		</tr>

						if($fetch_content['posts_per_page'] == ($i*5)) { $selected = ' selected="selected"'; } else { $selected = ''; }

	<table class="row_a" cellpadding="2" cellspacing="0" width="100%" style="margin-top: 3px;">

					<option value="public" <?php if($fetch_content['commenting'] == 'public') { echo ' selected="selected"'; } ?>><?php echo $TEXT['PUBLIC']; ?></option>

					<option value="private" <?php if($fetch_content['commenting'] == 'private') { echo 'selected="selected"'; } ?>><?php echo $TEXT['PRIVATE']; ?></option>

						if($fetch_content['resize'] == $size) { $selected = ' selected="selected"'; } else { $selected = ''; }

<input type="hidden" name="section_id" value="<?php echo $section_id; ?>" />

<input type="hidden" name="page_id" value="<?php echo $page_id; ?>" />

<input type="hidden" name="post_id" value="<?php echo $fetch_content['post_id']; ?>" />

<input type="hidden" name="comment_id" value="<?php echo $comment_id; ?>" />

		<input name="save" type="submit" value="<?php echo $TEXT['SAVE']; ?>" style="width: 100px; margin-top: 5px;" />

		<input type="button" value="<?php echo $TEXT['CANCEL']; ?>" onclick="javascript: window.location = '<?php echo WB_URL; ?>/modules/news/modify_post.php?page_id=<?php echo $page_id; ?>&amp;section_id=<?php echo $section_id; ?>&amp;post_id=<?php echo $fetch_content['post_id']; ?>';" style="width: 100px; margin-top: 5px;" />

</form>

<?php

// $Id$

/*

 Website Baker Project <http://www.websitebaker.org/>

 Copyright (C) 2004-2009, Ryan Djurovich

 Website Baker is free software; you can redistribute it and/or modify

 it under the terms of the GNU General Public License as published by

 the Free Software Foundation; either version 2 of the License, or

 (at your option) any later version.

 Website Baker is distributed in the hope that it will be useful,

 but WITHOUT ANY WARRANTY; without even the implied warranty of

 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License

 along with Website Baker; if not, write to the Free Software

 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

*/

require('../../config.php');

// Get id

if(!isset($_GET['post_id']) OR !is_numeric($_GET['post_id'])) {

	if(!isset($_GET['group_id']) OR !is_numeric($_GET['group_id'])) {

		header("Location: index.php");

	    exit( 0 );

	} else {

		$id = $_GET['group_id'];

		$id_field = 'group_id';

		$table = TABLE_PREFIX.'mod_news_groups';

	}

} else {

	$id = $_GET['post_id'];

	$id_field = 'post_id';

	$table = TABLE_PREFIX.'mod_news_posts';

}

// Include WB admin wrapper script

require(WB_PATH.'/modules/admin.php');

// Include the ordering class

require(WB_PATH.'/framework/class.order.php');

// Create new order object an reorder

$order = new order($table, 'position', $id_field, 'section_id');

if($order->move_up($id)) {

	$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);

} else {

	$admin->print_error($TEXT['ERROR'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);

}

// Print admin footer

$admin->print_footer();