1 <?php

     2 

     3 /**

     4  * EnanoBot - copyright (C) 2008 Dan Fuhry

     5  * All rights reserved.

     6  */

     7 

     8 /*****************************************************************

     9  * YOU NEED TO SET THE PATH TO THE REST OF THE EnanoBot FILES HERE.

    10  * Include a trailing slash.

    11  * This script MUST be placed in an Enano installation directory.

    12  *****************************************************************/

    13 

    14 define('ENANOBOT_ROOT', dirname(__FILE__) . '/');

    15 

    16 // load Enano for auth

    17 /*

    18 require('includes/common.php');

    19 if ( $session->user_level < USER_LEVEL_ADMIN )

    20 {

    21   die_friendly('Access denied', '<p>Admin rights needed to use this script.</p>');

    22 }

    23 

    24 $db->close();

    25 unset($db, $session, $paths, $template, $plugins);

    26 */

    27 

    28 // We're authed.

    29 // Load config

    30 require(ENANOBOT_ROOT . 'config.php');

    31 

    32 // check config

    33 if ( empty($mysql_host) || empty($mysql_user) || empty($mysql_dbname) )

    34 {

    35   die("Bad config file - have a look at config-sample.php.\n");

    36 }

    37 

    38 // connect to MySQL

    39 $mysql_conn = @mysql_connect($mysql_host, $mysql_user, $mysql_pass);

    40 if ( !$mysql_conn )

    41 {

    42   $m_e = mysql_error();

    43   echo "Error connecting to MySQL: $m_e\n";

    44   exit(1);

    45 }

    46 $q = @mysql_query('USE `' . $mysql_dbname . '`;', $mysql_conn);

    47 if ( !$q )

    48 {

    49   $m_e = mysql_error();

    50   echo "Error selecting database: $m_e\n";

    51   exit(1);

    52 }

    53 

    54 function mysql_die()

    55 {

    56   $m_e = mysql_error();

    57   die("MySQL error: $m_e");

    58 }

    59 

    60 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

    61 <html>

    62   <head>

    63     <title>EnanoBot snippet management</title>

    64     <meta http-equiv="Content-type" content="text/html; charset=utf-8" />

    65   </head>

    66   <body>

    67     <h1>EnanoBot snippet management</h1>

    68     <form action="snippets.php" method="post" enctype="multipart/form-data">

    69       <fieldset>

    70         <legend>Add a snippet</legend>

    71         <table border="1" cellspacing="0" cellpadding="4">

    72           <tr>

    73             <td>Snippet code<br />

    74                 <small>all lowercase, no spaces; ex: mysnippet</small></td>

    75             <td><input type="text" name="snippet_add_code" size="100" tabindex="1" /></td>

    76           </tr>

    77           <tr>

    78             <td>Text<br />

    79                 <small>anything you want, keep it relatively short.</small></td>

    80             <td><input type="text" name="snippet_add_text" size="100" tabindex="2" /></td>

    81           </tr>

    82           <tr>

    83             <td>Channels<br />

    84                 <small>separate with pipe characters, ex: #enano|#enano-dev|#ubuntu</small></td>

    85             <td><input type="text" name="snippet_add_channels" size="100" tabindex="3" /></td>

    86           </tr>

    87         </table>

    88       </fieldset>

    89       <fieldset>

    90         <legend>Edit existing snippets</legend>

    91         <table border="1" cellspacing="0" cellpadding="4">

    92           <tr>

    93             <th>Code</th>

    94             <th>Snippet text</th>

    95             <th>Channels</th>

    96             <th>Delete</th>

    97           </tr>

    98         <?php

    99             if ( !empty($_POST['snippet_add_code']) && !empty($_POST['snippet_add_text']) && !empty($_POST['snippet_add_channels']) )

   100             {

   101               $code = mysql_real_escape_string($_POST['snippet_add_code']);

   102               $text = mysql_real_escape_string($_POST['snippet_add_text']);

   103               $channels = mysql_real_escape_string($_POST['snippet_add_channels']);

   104               $q2 = @mysql_query("INSERT INTO snippets(snippet_code, snippet_text, snippet_channels) VALUES

   105                                     ( '$code', '$text', '$channels' );", $mysql_conn);

   106               if ( !$q2 )

   107                 mysql_die();

   108             }

   109             $q = @mysql_query('SELECT snippet_id, snippet_code, snippet_text, snippet_channels FROM snippets ORDER BY snippet_code ASC;');

   110             if ( !$q )

   111               mysql_die();

   112             while ( $row = @mysql_fetch_assoc($q) )

   113             {

   114               if ( isset($_POST['snippet']) && @is_array(@$_POST['snippet']) )

   115               {

   116                 if ( isset($_POST['snippet'][$row['snippet_id']]) )

   117                 {

   118                   // delete it?

   119                   if ( isset($_POST['snippet'][$row['snippet_id']]['delete']) )

   120                   {

   121                     $q2 = mysql_query("DELETE FROM snippets WHERE snippet_id = {$row['snippet_id']};", $mysql_conn);

   122                     if ( !$q2 )

   123                       mysql_die();

   124                     continue;

   125                   }

   126                   // has it changed?

   127                   else if ( $_POST['snippet'][$row['snippet_id']]['code'] != $row['snippet_code'] ||

   128                        $_POST['snippet'][$row['snippet_id']]['text'] != $row['snippet_text'] ||

   129                        $_POST['snippet'][$row['snippet_id']]['channels'] != $row['snippet_channels'] )

   130                   {

   131                     // yeah, update it.

   132                     $code = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['code']);

   133                     $text = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['text']);

   134                     $channels = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['channels']);

   135                     $q2 = mysql_query("UPDATE snippets SET snippet_code = '$code', snippet_text = '$text', snippet_channels = '$channels' WHERE snippet_id = {$row['snippet_id']};", $mysql_conn);

   136                     if ( !$q2 )

   137                       mysql_die();

   138                     $row = array(

   139                         'snippet_id' => $row['snippet_id'],

   140                         'snippet_code' => $_POST['snippet'][$row['snippet_id']]['code'],

   141                         'snippet_text' => $_POST['snippet'][$row['snippet_id']]['text'],

   142                         'snippet_channels' => $_POST['snippet'][$row['snippet_id']]['channels']

   143                       );

   144                   }

   145                 }

   146               }

   147               echo '  <tr>';

   148               echo '<td><input type="text" name="snippet[' . $row['snippet_id'] . '][code]" value="' . htmlspecialchars($row['snippet_code']) . '" /></td>';

   149               echo '<td><input type="text" size="100" name="snippet[' . $row['snippet_id'] . '][text]" value="' . htmlspecialchars($row['snippet_text']) . '" /></td>';

   150               echo '<td><input type="text" name="snippet[' . $row['snippet_id'] . '][channels]" value="' . htmlspecialchars($row['snippet_channels']) . '" /></td>';

   151               echo '<td style="text-align: center;"><input type="checkbox" name="snippet[' . $row['snippet_id'] . '][delete]" /></td>';

   152               echo '</tr>' . "\n        ";

   153             }

   154           ?></table>

   155       </fieldset>

   156       <div style="text-align: center; margin-top: 20px;">

   157         <input type="submit" value="Save changes" />

   158       </div>

   159     </form>

   160   </body>

   161 </html><?php

   162 

   163 mysql_close($mysql_conn);

   164