【php开源代码栏目提醒】:网学会员鉴于大家对php开源代码十分关注,论文会员在此为大家搜集整理了“general_admin.php”一文,供大家参考学习
<?
/******************************************************************************\
* Copyright (C) 2002 B Squared (b^2) by Josh Sherman <josh@cleancode.org> *
* *
* This script displays the contents for the 'General Administration' page. *
* Don't forget the 12 space indent for all content pages. *
* *
* Last modified : September 13th, 2002 (JJS) *
\******************************************************************************/
/* As always, don't let them access the file directly */
$file_name = "general_admin.php";
/* Get the negative length of $file_name */
$file_name_length = -(strlen($file_name));
/* Check if the values match, if so, redirect */
if (substr($_SERVER['SCRIPT_NAME'], $file_name_length) == $file_name)
header("Location: ../index.php");
/* Grab the veriables held by superglobals */
$board_name = GetVars("board_name");
$title_image = GetVars("title_image");
$action = GetVars("action");
/* Parse any user input */
CheckVars(&$step, 1);
CheckVars(&$board_name, 64);
CheckVars(&$title_image, 128);
/* Make sure someone isn't trying to feed the step number via the querystring */
if ( $step == "" || ( $step != 1 && $step != 2 && $step != 3 && $step != 4 ) )
$step = 1;
/* Make sure the user isn't feeding information via the query string, thwart all attempts!! */
if ( ( ( $board_name == "" || $title_image == "" ) && ( $step == 3 || $step == 4 ) ) ||
( ( $step == 1 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 2 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 3 && $QUERY_STRING != "pid=general_admin" ) ||
( $step == 4 && $QUERY_STRING != "pid=general_admin" ) ) ||
( ( $step != 1 && $step != 2 ) &&
( strlen(trim($board_name)) == 0 || strlen(trim($title_image)) == 0 ) ) )
{
/* Give them an error if they are */
echo " <CENTER class=\"error_message\">Malformed request detected!</CENTER><BR>\n";
$step = 1;
}
/* Determine which step to use */
if ($action == "Edit Properties")
$step = 2;
else if ($action == "Preview Properties")
$step = 3;
else if ($action == "Submit Properties")
$step = 4;
/* Strip out all escape characters */
if ( $step == 3 || $step == 4 )
$board_name = stripslashes(strip_tags($board_name));
/* Display the desired step */
switch ($step)
{
/* Show the forum list */
default:
case 1:
ShowProperties();
break;
/* Show edit form */
case 2:
ShowPropertyForm( $board_name, $title_image );
break;
/* Show preview */
case 3:
echo " <FORM action=\"index.php?pid=general_admin\" method=\"POST\" name=\"general_admin\">\n"
. " <TABLE cellpadding=\"5\" cellspacing=\"0\" width=\"100%\" border class=\"table_border\">\n"
. " <TR class=\"table_header\">\n"
. " <TD colspan=\"2\">Properties Preview</TD>\n"
. " </TR>\n"
. " <TR bgcolor=\"" . TABLE_COLOR_1 . "\" class=\"regular_text\">\n"
. " <TD width=\"25%\" valign=\"top\"><B>Board Name:</B></TD>\n"
. " <TD width=\"50%\">\n"
. " $board_name\n"
. " <INPUT type=\"hidden\" name=\"board_name\" value=\"$board_name\">\n"
. " </TD>\n"
. " </TR>\n"
. " <TR bgcolor=\"" . TABLE_COLOR_2 . "\" class=\"regular_text\">\n"
. " <TD width=\"25%\" valign=\"top\"><B>Title Image:</B></TD>\n"
. " <TD width=\"50%\">\n"
. " $title_image<BR><BR>\n"
. " <TABLE border class=\"table_border\" cellspacing=\"0\" cellpadding=\"0\">\n"
. " <TR>\n"
. " <TD><IMG src=\"$title_image\" border=\"0\"></TD>\n"
. " </TR>\n"
. " </TABLE>\n"
. " <INPUT type=\"hidden\" name=\"title_image\" value=\"$title_image\">\n"
. " </TD>\n"
. " </TR>\n"
. " </TABLE>\n"
. " <CENTER>\n"
. " <BR>\n"
. " <INPUT type=\"submit\" value=\"Edit Properties\" name=\"action\">\n"
. " \n"
. " <INPUT type=\"submit\" value=\"Submit Properties\" name=\"action\">\n"
. " </CENTER>\n"
. " </FORM>\n";
break;
/* Add the new forum to the database */
case 4:
/* Check if the page was POSTed */
if ( $REQUEST_METHOD == "POST" )
{
/* Set the error to zero */
$no_err = 0;
/* Delete the existing properties */
$SQL = "DELETE FROM " . TABLE_PREFIX . "properties;";
$results = ExeSQL($SQL);
/* Add the new ones in */
$SQL = "INSERT INTO " . TABLE_PREFIX . "properties (board_name, title_image) VALUES ('$board_name', '$title_image');";
$results = ExeSQL($SQL);
/* Let the user know what's up, then show the properties */
echo " <CENTER class=\"normal_message\">The properties have successfully been modified!</CENTER><BR>\n";
ShowProperties();
return;
}
else
ShowMessageForm( $message_name, $message_body, $message_id );
break;
}
/*
* Show th