1 <?php

     2 

     3 /**

     4  * EnanoBot - copyright (C) 2008 Dan Fuhry

     5  * All rights reserved.

     6  */

     7 

     8 /*****************************************************************

     9  * YOU NEED TO SET THE PATH TO THE REST OF THE EnanoBot FILES HERE.

    10  * Include a trailing slash.

    11  * This script MUST be placed in an Enano installation directory.

    12  *****************************************************************/

    13 

    14 define('ENANOBOT_ROOT', './');

    15 

    16 // load Enano for auth

    17 require('includes/common.php');

    18 if ( $session->user_level < USER_LEVEL_ADMIN )

    19 {

    20   die_friendly('Access denied', '<p>Admin rights needed to use this script.</p>');

    21 }

    22 

    23 $db->close();

    24 unset($db, $session, $paths, $template, $plugins);

    25 

    26 // We're authed.

    27 // Load config

    28 require(ENANOBOT_ROOT . 'config.php');

    29 

    30 // check config

    31 if ( empty($mysql_host) || empty($mysql_user) || empty($mysql_dbname) )

    32 {

    33   die("Bad config file - have a look at config-sample.php.\n");

    34 }

    35 

    36 // connect to MySQL

    37 $mysql_conn = @mysql_connect($mysql_host, $mysql_user, $mysql_pass);

    38 if ( !$mysql_conn )

    39 {

    40   $m_e = mysql_error();

    41   echo "Error connecting to MySQL: $m_e\n";

    42   exit(1);

    43 }

    44 $q = @mysql_query('USE `' . $mysql_dbname . '`;', $mysql_conn);

    45 if ( !$q )

    46 {

    47   $m_e = mysql_error();

    48   echo "Error selecting database: $m_e\n";

    49   exit(1);

    50 }

    51 

    52 function mysql_die()

    53 {

    54   $m_e = mysql_error();

    55   die("MySQL error: $m_e");

    56 }

    57 

    58 ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">

    59 <html>

    60   <head>

    61     <title>EnanoBot snippet management</title>

    62     <meta http-equiv="Content-type" content="text/html; charset=utf-8" />

    63   </head>

    64   <body>

    65     <h1>EnanoBot snippet management</h1>

    66     <form action="enanobot-snippets.php" method="post" enctype="multipart/form-data">

    67       <fieldset>

    68         <legend>Add a snippet</legend>

    69         <table border="1" cellspacing="0" cellpadding="4">

    70           <tr>

    71             <td>Snippet code<br />

    72                 <small>all lowercase, no spaces; ex: mysnippet</small></td>

    73             <td><input type="text" name="snippet_add_code" size="100" tabindex="1" /></td>

    74           </tr>

    75           <tr>

    76             <td>Text<br />

    77                 <small>anything you want, keep it relatively short.</small></td>

    78             <td><input type="text" name="snippet_add_text" size="100" tabindex="2" /></td>

    79           </tr>

    80           <tr>

    81             <td>Channels<br />

    82                 <small>separate with pipe characters, ex: #enano|#enano-dev|#ubuntu</small></td>

    83             <td><input type="text" name="snippet_add_channels" size="100" tabindex="3" /></td>

    84           </tr>

    85         </table>

    86       </fieldset>

    87       <fieldset>

    88         <legend>Edit existing snippets</legend>

    89         <table border="1" cellspacing="0" cellpadding="4">

    90           <tr>

    91             <th>Code</th>

    92             <th>Snippet text</th>

    93             <th>Channels</th>

    94             <th>Delete</th>

    95           </tr>

    96         <?php

    97             if ( !empty($_POST['snippet_add_code']) && !empty($_POST['snippet_add_text']) && !empty($_POST['snippet_add_channels']) )

    98             {

    99               $code = mysql_real_escape_string($_POST['snippet_add_code']);

   100               $text = mysql_real_escape_string($_POST['snippet_add_text']);

   101               $channels = mysql_real_escape_string($_POST['snippet_add_channels']);

   102               $q2 = @mysql_query("INSERT INTO snippets(snippet_code, snippet_text, snippet_channels) VALUES

   103                                     ( '$code', '$text', '$channels' );", $mysql_conn);

   104               if ( !$q2 )

   105                 mysql_die();

   106             }

   107             $q = @mysql_query('SELECT snippet_id, snippet_code, snippet_text, snippet_channels FROM snippets ORDER BY snippet_code ASC;');

   108             if ( !$q )

   109               mysql_die();

   110             while ( $row = @mysql_fetch_assoc($q) )

   111             {

   112               if ( isset($_POST['snippet']) && @is_array(@$_POST['snippet']) )

   113               {

   114                 if ( isset($_POST['snippet'][$row['snippet_id']]) )

   115                 {

   116                   // delete it?

   117                   if ( isset($_POST['snippet'][$row['snippet_id']]['delete']) )

   118                   {

   119                     $q2 = mysql_query("DELETE FROM snippets WHERE snippet_id = {$row['snippet_id']};", $mysql_conn);

   120                     if ( !$q2 )

   121                       mysql_die();

   122                     continue;

   123                   }

   124                   // has it changed?

   125                   else if ( $_POST['snippet'][$row['snippet_id']]['code'] != $row['snippet_code'] ||

   126                        $_POST['snippet'][$row['snippet_id']]['text'] != $row['snippet_text'] ||

   127                        $_POST['snippet'][$row['snippet_id']]['channels'] != $row['snippet_channels'] )

   128                   {

   129                     // yeah, update it.

   130                     $code = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['code']);

   131                     $text = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['text']);

   132                     $channels = mysql_real_escape_string($_POST['snippet'][$row['snippet_id']]['channels']);

   133                     $q2 = mysql_query("UPDATE snippets SET snippet_code = '$code', snippet_text = '$text', snippet_channels = '$channels' WHERE snippet_id = {$row['snippet_id']};", $mysql_conn);

   134                     if ( !$q2 )

   135                       mysql_die();

   136                     $row = array(

   137                         'snippet_id' => $row['snippet_id'],

   138                         'snippet_code' => $_POST['snippet'][$row['snippet_id']]['code'],

   139                         'snippet_text' => $_POST['snippet'][$row['snippet_id']]['text'],

   140                         'snippet_channels' => $_POST['snippet'][$row['snippet_id']]['channels']

   141                       );

   142                   }

   143                 }

   144               }

   145               echo '  <tr>';

   146               echo '<td><input type="text" name="snippet[' . $row['snippet_id'] . '][code]" value="' . htmlspecialchars($row['snippet_code']) . '" /></td>';

   147               echo '<td><input type="text" size="100" name="snippet[' . $row['snippet_id'] . '][text]" value="' . htmlspecialchars($row['snippet_text']) . '" /></td>';

   148               echo '<td><input type="text" name="snippet[' . $row['snippet_id'] . '][channels]" value="' . htmlspecialchars($row['snippet_channels']) . '" /></td>';

   149               echo '<td style="text-align: center;"><input type="checkbox" name="snippet[' . $row['snippet_id'] . '][delete]" /></td>';

   150               echo '</tr>' . "\n        ";

   151             }

   152           ?></table>

   153       </fieldset>

   154       <div style="text-align: center; margin-top: 20px;">

   155         <input type="submit" value="Save changes" />

   156       </div>

   157     </form>

   158   </body>

   159 </html><?php

   160 

   161 mysql_close($mysql_conn);

   162