Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's
Author Message
izone
Involved
Involved



Joined: Sep 07, 2004
Posts: 354
Location: Sweden

PostPosted: Fri Sep 24, 2004 3:33 am Reply with quote

Hi!

Here I am with my problems again! Embarassed

I've installed BookCatalog Modules from http://www.basisconsultant.com on 2 nukes.

In the first installtion everything went well and and I can work with it without any problem. But in second installation:

I installed it as I did before and it makes tables in db and I can see these tables that are there. But when I try to add a book it works as it should (no error message) but it dosen't write to db tables. So when I come back to the list of books it is empty and I get no error message.

The 2nd. nuke (with this problem) has both Sentinel and Admin Secure installed and I checked them up and they don't cause any problem with this. (I turned them off and check this module and still same result).

Both of nukes are ver. 7.4 but on the second one (with problem) I might have done some changes when I was trying to make other modules to work (I'm not sure).

Here is the Addbook function in the main file of this module:
Code:


function AddBook() {
    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name;
    include ('header.php');
    topmenu();
    OpenTable();
    if (is_admin($admin)) {
      $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);
      while(list($catid,$cname) = sql_fetch_array($rcat, $dbi)){
      $cname_arr[] = $cname;
      }
      $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);
      while(list($aid,$aname) = sql_fetch_array($rauth, $dbi)){
      $aname_arr[] = $aname;
      }
      $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);
      while(list($pid,$pname) = sql_fetch_array($rpub, $dbi)){
      $pname_arr[] = $pname;
      }
      $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";
      $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";
      $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";

      echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">
         var cname_arr=new Array(500);
         var aname_arr=new Array(500);
         var pname_arr=new Array(500);
         function riscriviDue(form,fromField,toField,ArrList) {
            var selectobj=form.elements[fromField];
            var selNum= selectobj.selectedIndex;
            form.elements[toField].value = ArrList[selNum];
         }
      </s-c-r-i-p-t>\n";
//               echo "\n"
//                ."<form action=\"modules.php?name=".$module_name."&file=admin\" method=\"post\">"
//               ."<b>"._A_BCOMPANY.":</b><br>"
//               ."<input type=\"text\" name=\"cname\" size=\"20\" > ".$cname_sel."<br><br>";

      echo "<center><b><font class=booktitle>"._ADDNEWBOOK." </font></b><br><br>"
      ."<form method=\"post\" action=\"modules.php?name=$module_name\">"
      ."<table width=100%>"
      ."<tr><td valign=top width=100><b>"._BNAME.":<font color=ff0000>*</font></b></td><td valign=top align=left><input type=\"text\" name=\"bname\" size=\"50\" maxlength=\"150\"></td></tr>"
      ."<tr><td valign=top><b>"._BCAT.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"cname\" size=\"20\"> ".$cname_sel."";
       echo "</td></tr>"
      ."<tr><td valign=top><b>"._BAUTHOR.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"aname\" size=\"20\" > ".$aname_sel."";
       echo "</td></tr>"
      ."<tr><td valign=top><b>"._BPUBLISHER.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"pname\" size=\"20\" > ".$pname_sel."";
       echo "</td></tr>";   
      echo"<tr><td valign=top><b>"._BINFO.":<font color=ff0000>*</font></b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\"></textarea><BR>"._BINFOINFO."<BR><BR></td></tr>
      <tr><td valign=top><b>"._BKYEAR.":<font color=ff0000>*</font></b></td><td valign=top><input type=\"text\" name=\"byear\" size=\"10\" maxlength=\"10\"></td></tr>
      <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>
      <select name=\"bquality\">
            <option value=\"\"></option>
            <option value=\""._BHamur1."\">"._BHamur1."</option>
            <option value=\""._BHamur2."\">"._BHamur2."</option>
            <option value=\""._BHamur3."\">"._BHamur3."</option>
      </select></td></tr>
      <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\" size=\"20\" maxlength=\"15\"></td></tr>
      <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\" size=\"20\" maxlength=\"20\"></td></tr>
      <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\" size=\"20\" maxlength=\"50\"></td></tr>
      <tr><td valign=top><b>"._BLANG.":<font color=ff0000>*</font></b></td><td valign=top>
      <select name=\"blang\">
            <option value=\"\"></option>
            <option value=\""._FA."\">"._FA."</option>
            <option value=\""._TR."\">"._TR."</option>
            <option value=\""._EN."\">"._EN."</option>
            <option value=\""._DE."\">"._DE."</option>
            <option value=\""._FR."\">"._FR."</option>
      </select></td></tr>
      <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>
      <select name=\"bpic\">";
      $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");
      $path = "$path1[0]/$path1[1]";
      $handle=opendir($path);
      while (false !== ($file = readdir($handle))) {
      if ($file != "." && $file != "..") {
         $tlist .= "$file ";
      }
      }
      closedir($handle);
      $tlist = explode(" ", $tlist);
      sort($tlist);
      for ($i=0; $i < sizeof($tlist); $i++) {
      if($tlist[$i]!="") {
         echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";
      }
      }
      echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";

      echo "</table>";

      echo "<BR><i>"._CHECKINFO."</i><br><br>";
      echo "<input type=\"hidden\" name=\"op\" value=\"preview_book\">
      <input type=\"submit\" value=\""._PREVIEW."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";
   } else {
      echo "<center>";
      echo ""._ADMERROR."<br>";
    }

   

    CloseTable();
    include ("footer.php");
}


I can very very little about php so I can not see where the h... is this problem from. I have tryed to make it works in 3 days (almost 50 hours) without any result. So please help me .

Best regards
 
View user's profile Send private message
sixonetonoffun
Spouse Contemplates Divorce



Joined: Jan 02, 2003
Posts: 2496

PostPosted: Fri Sep 24, 2004 6:20 am Reply with quote

Is it happening in the preview part or the post part or both?
Can you post the url part from the email Nuke Sentinel sends out?
If I remember it was the script filter that was being flagged there are only a few on the $_POST script filter so its more then likely script or style tag being passed via $_POST and from a glance I'd guess that its in the script that throws the post info into the form field in there (nice feature).

_________________
[b][size=5]openSUSE 11.4-x86 | Linux 2.6.37.1-1.2desktop i686 | KDE: 4.6.41>=4.7 | XFCE 4.8 | AMD Athlon(tm) XP 3000+ | MSI K7N2 Delta-L | 3GB Black Diamond DDR
| GeForce 6200@433Mhz 512MB | Xorg 1.9.3 | NVIDIA 270.30[/size:2b8 
View user's profile Send private message
izone







PostPosted: Fri Sep 24, 2004 7:31 am Reply with quote

sixonetonoffun wrote:
Is it happening in the preview part or the post part or both?
Can you post the url part from the email Nuke Sentinel sends out?
If I remember it was the script filter that was being flagged there are only a few on the $_POST script filter so its more then likely script or style tag being passed via $_POST and from a glance I'd guess that its in the script that throws the post info into the form field in there (nice feature).


Oh, thank you very much for helping me.

I didn't get any email from Sentinel!

I didn't get any error messag nither. Well actually I got an ban message first time from Sentinel ( now when I remember) when I was changing the name of this module to something els. And I think Sentinel send me an email:

Quote:
Date & Time: 2004-09-22 21:34:05
Blocked IP: 81.228.48.202
User ID: Anonymous (1)
Reason: Abuse-Script
--------------------
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Query String: [ Only registered users can see links on this board! Get registered or login! ]
Forwarded For: none
Client IP: none
Remote Address: 81.228.48.202
Remote Port: 33056
Request Method: GET


But I am not sure if this email has to do with this. As I wrote before I turned Sentinel off (after installation and a few times trying) and tried again but gott same result.
 
Raven
Site Admin/Owner



Joined: Aug 27, 2002
Posts: 17088

PostPosted: Fri Sep 24, 2004 8:58 am Reply with quote

That custom_title decodes to
Code:
نسكخانه (كتابخانه)
I'm not sure what language that is, but there are () in there and that is why NukeSentinel traps it. Try changing the () to [].
 
View user's profile Send private message
izone







PostPosted: Fri Sep 24, 2004 10:44 am Reply with quote

it is in persian (farsi) we use utf-8.

Raven, do you think that it's because of it that this module can not write to db?

But why I have the same problem even when I turn the Sentinel off from mainfile.php?

Do I have to anything els to make it works?

Best regards
 
Raven







PostPosted: Fri Sep 24, 2004 10:51 am Reply with quote

In mainfile.php you should have a line like this
Code:
(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||
which NukeSentinel mirrors. With NukeSentinel off, comment out that line and try it.
 
izone







PostPosted: Fri Sep 24, 2004 11:52 am Reply with quote

No Raven.

It dosen't work. Crying or Very sad Crying or Very sad Crying or Very sad

Maybe I have to give this idea with library up.
 
Raven







PostPosted: Fri Sep 24, 2004 12:25 pm Reply with quote

Well, if it isn't writing to the database, then you should be seeing an error in your server error_log.
 
izone







PostPosted: Fri Sep 24, 2004 2:11 pm Reply with quote

No Raven

There is no error message there. Not about this.

I inseted tables from my other site to this one. Now I can delete the comments but still can not add books!

I don't know what to do.
 
Raven







PostPosted: Fri Sep 24, 2004 3:36 pm Reply with quote

I just examined your code that you posted and there are no insert statements in that code. So, either you haven't posted the right code or you're missing code or something.
 
izone







PostPosted: Sat Sep 25, 2004 2:29 am Reply with quote

Raven wrote:
I just examined your code that you posted and there are no insert statements in that code. So, either you haven't posted the right code or you're missing code or something.


Thanks Raven for helping me. I'm very gratful for this.

In my first topic I only show you the add function of index file for this. But here it is the code of index.php (sorry it is a long code):
Code:


<?php
######################################################################
# PHP-NUKE: Web Portal System
# ===========================
#
# Copyright (c) 2000 by Francisco Burzi (fbc@mandrakesoft.com)
# http://phpnuke.org
#
# This program is free software. You can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License.
######################################################################

/*****************************************************************************/
/*Book Catalog Module ver1.0                                                 */
/*Author: Huseyin Bilgen                                                 */
/*---------------------------------------------------------------------------*/

#################################### Contact #################################
#                         admin@basisconsultant.com                          #
#                         http://www.basisconsultant.com                     #
##############################################################################


if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {
    die ("You can't access this file directly...");
}


require_once("mainfile.php");
require_once("config.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$pagetitle = "- "._TITLE."";
$index=$sag;
global $bid;
       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";
      echo "<!--\n";
      echo "function uploadbookpic(){\n";
      echo "   window.open (\"modules/$module_name/upload.php\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=700,height=500\");\n";
      echo "}\n";
      echo "//-->\n";
      echo "</s-c-r-i-p-t>\n\n";
function cut($str,$max){
$count = strlen($str);
if($count >= $max) {
for ($pos=$max;$pos>0 && ord($str[$pos-1])>=127;$pos--);
if (($max-$pos)%2 == 0)
$str = substr($str, 0, $max) . "...";
else
$str = substr($str, 0, $max+1) . "...";
return $str;
}
else {
$str = "$str";
return $str;
}
}
function topmenu() {
    global $module_name, $prefix, $ltr, $dbi, $ThemeSel,$admin;
   echo "<head>";
    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";
   echo "</head>";
    OpenTable();
    echo "<br>";
    echo "<center><a href=\"modules.php?name=$module_name\"><img src=\"modules/$module_name/images/logo.gif\" border=\"0\" alt=\""._TITLE."\"></a></center>";
    echo "<center><form action=\"modules.php?name=$module_name\" method=\"post\">"
    ."<input type=\"text\" size=\"20\" name=\"query\">&nbsp;"
    ."<input type=\"submit\" value=\""._SEARCH."\"><br>"
    ."<input type=\"hidden\" name=\"op\" value=\"search\">"
    ."</form>"
    ."</center>";
       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";
      echo "<!--\n";
      echo "function uploadbookpic(){\n";
      echo "   window.open (\"modules/$module_name/upload.php\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=700,height=500\");\n";
      echo "}\n";
      echo "//-->\n";
      echo "</s-c-r-i-p-t>\n\n";

    echo "<center>[ <a href=\"modules.php?name=$module_name&op=listbooks\">"._LISTBOOKS."</a> ]\n\n";
//    echo "[ <a href=\"modules.php?name=$module_name&op=listauthors\">"._LISTAUTHORS."</a> ]\n\n";
//    echo "[ <a href=\"modules.php?name=$module_name&op=listpublishers\">"._LISTPUBLISHERS."</a> ]\n\n";
    echo "[ <a href=\"modules.php?name=$module_name&op=listcategory\">"._LISTCATEGORY."</a> ]\n\n";
     if (is_admin($admin)) {
   echo "[ <a href=\"modules.php?name=$module_name&op=addbook\">"._ADDBOOK."</a> ]\n\n";
   echo "[ <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._ADDBOOKIMG."</a> ]\n\n";
    }
    echo "</center><br>\n\n";
CloseTable();
}

function display_score($score) {
    $image = "<img src=\"images/blue.gif\" alt=\"\">";
    $halfimage = "<img src=\"images/bluehalf.gif\" alt=\"\">";
    $full = "<img src=\"images/star.gif\" alt=\"\">";

    if ($score == 10) {
        for ($i=0; $i < 5; $i++)
            echo "$full";
    } else if ($score % 2) {
        $score -= 1;
        $score /= 2;
        for ($i=0; $i < $score; $i++)
            echo "$image";
            echo "$halfimage";
    } else {
        $score /= 2;
        for ($i=0; $i < $score; $i++)
            echo "$image";
    }
}


function CategoryList() {
 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name, $limitdeger, $goster, $limit;
 include ('header.php');
 $result=sql_query("select * from ${prefix}_bcatalog_cats", $dbi);
 $rows=sql_num_rows($result,$dbi);
 if($rows > 0) {
    topmenu();
    echo "<br>";
    OpenTable();
    echo "<center><b><font class=booktitle>"._ALLCATS."</font></b></center>";
    echo "<blockquote><blockquote>";
    $catlist = sql_query("select catid,cname from ${prefix}_bcatalog_cats order by catid", $dbi);
    while (list($catid, $cname) = sql_fetch_row($catlist, $dbi)) {
    $cresult = sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);
    $cnumrows = sql_num_rows($cresult, $dbi);
    echo "<strong><big>&middot;</big> &nbsp;</strong> <a href=\"modules.php?name=$module_name&op=category&amp;catid=$catid\">$cname</a> ("._THISCAT." <b>$cnumrows</b> "._BOOKEXIST.")<br>";
    }
    echo "</blockquote></blockquote>";
    echo "<center><table border=0 cellspacing=5><tr>";
    echo "<td>$onceki</td><td>$sonraki</td></tr></table></center>";
   CloseTable();
     }  else {
    topmenu();
    echo "<br>";
    OpenTable();
    echo "<BR><center><b>"._NOCATEXIST."</b></center>";
    CloseTable();
    }
   include ("footer.php");
}

function BookList(){
 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name, $showlimit, $show, $limit;
 include ('header.php');
require_once("modules/$module_name/config.php");
$rowq=sql_query("select * from ${prefix}_bcatalog_books", $dbi);
 $row=sql_num_rows($rowq,$dbi);
     if($row>0) {
 $limit = $showlimit;
if(!$show) {
$show=0;
}
$count =  sql_query("select * from ${prefix}_bcatalog_books", $dbi);
$rowcount = sql_num_rows($count, $dbi);
if($show==0) {
} else {
$dif = $show - $limit;
$prev = "<a href=\"modules.php?name=$module_name&amp;op=listbooks&amp;show=$dif\"><img src=\"modules/$module_name/images/left.gif\" border=\"0\"  align=\"absmiddle\"> "._PREVIOUS." $limit "._BOOK."</a> |";
}
if($rowcount > $limit) {
$dif = $show + $limit;
if($dif<$rowcount)
$next = "<a href=\"modules.php?name=$module_name&amp;op=listbooks&amp;show=$dif\">"._NEXT." $limit  "._BOOK." <img src=\"modules/$module_name/images/right.gif\" border=\"0\" align=\"absmiddle\"></a>";
} else {

}
    topmenu();
    OpenTable();
    echo "<center><font class=booktitle>"._ALLBOOK."</font></center>";
   echo "<center><font class=bookcontent>"._TOTALINDB." <B>$rowcount </B>"._FOUND."</font></center>";
    echo "<blockquote>";
    $blist = sql_query("select bid, bname, hits from ${prefix}_bcatalog_books order by bname limit $show, $limit", $dbi);
   $c=1 + $show;
    while (list($bid, $bname,$hits) = sql_fetch_row($blist, $dbi)) {
    $cresult = sql_query("select * from ${prefix}_bcatalog_comments where cbookid=$bid", $dbi);
    $cnumrows = sql_num_rows($cresult, $dbi);
    $Bname=$bname;
   if ($hits==0){$hits=0;}
    echo "<b>$c.</b> </strong> <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$Bname</a> ("._TOTAL." <b>$cnumrows</b> "._COMMENTS." "._AND." <b>$hits</b> "._READ.")<br>";
   $c++;
    }
    echo "</blockquote>";
    echo "<center><table border=0 cellspacing=5><tr>";
    echo "<td>$prev</td><td>$next</td></tr></table></center>";
   CloseTable();
     }  else {
    topmenu();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._NOCATEXIST."</b></center>";
    CloseTable();
    }
   include ("footer.php");

}
function Category($catid) {
 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name,$showlimit, $show, $limit;
require_once("modules/$module_name/config.php");
 include ('header.php');
$res=sql_query("select cname from ${prefix}_bcatalog_cats where catid='$catid'", $dbi);
 $row=sql_fetch_array($res,$dbi);
 $cname=$row["cname"];
 $result=sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);
 $row=sql_num_rows($result,$dbi);
     if($row>0) {
 $limit = $showlimit;
if(!$show) {
$show=0;
}
$count =  sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);
$rowcount = sql_num_rows($count, $dbi);
if($show==0) {
} else {
$dif = $show - $limit;
$prev = "<a href=\"modules.php?name=$module_name&amp;op=category&catid=$catid&amp;show=$dif\"><img src=\"modules/$module_name/images/left.gif\" border=\"0\"  align=\"absmiddle\"> "._PREVIOUS." $limit "._BOOK."</a> |";
}
if($rowcount > $limit) {
$dif = $show + $limit;
if($dif<$rowcount)
$next = "<a href=\"modules.php?name=$module_name&amp;op=category&catid=$catid&amp;show=$dif\">"._NEXT." $limit  "._BOOK." <img src=\"modules/$module_name/images/right.gif\" border=\"0\" align=\"absmiddle\"></a>";
} else {

}
   topmenu();
    OpenTable();
    $catname = sql_query("select catid,cname from ${prefix}_bcatalog_cats where catid=$catid", $dbi);
    list($catid,$cname) = sql_fetch_row($catname, $dbi);
    echo "<center><font class=bookcontent>"._CATEGORY.": <b>$cname</b></font></center>";
    $bookq = sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);
    $rows = sql_num_rows($bookq, $dbi);
    if($rows>0) {
    echo "<center><BR><b>"._CATBOOKS."</b></center>";
   echo "<BR><table width=100% border=0 cellpadding=0 cellspacing=2>";
    $bookq = sql_query("select bid, bname, bauthor, bpublisher,bpic from ${prefix}_bcatalog_books where cname='$cname' limit $show, $limit", $dbi);
    while (list($bid, $bname, $bauthor, $bpublisher,$bpic) = sql_fetch_row($bookq, $dbi)) {
   $Bauthor=$bauthor;
   $Bpublisher=$bpublisher;
    $comq = sql_query("select * from ${prefix}_bcatalog_comments where cbookid='$bid'", $dbi);
    $comnum = sql_num_rows($comq, $dbi);
   echo "<tr><td align=left valign=top width=50><img src=\"modules/$module_name/images/bookimg/$bpic\" border=0 width=40 height=50></td>";
    echo "<td valign=top><a href=\"modules.php?name=$module_name&op=showbook&bid=$bid\">$bname</a><BR>$Bauthor, $Bpublisher (<b>$comnum</b> "._COMMENT.")</td>";
    }
   echo "</table>";
    echo "<center><table border=0 cellspacing=5><tr>";
    echo "<td>$prev</td><td>$next</td></tr></table></center>";
    } else {
    echo "<BR><BR><center><b>"._NOBOOKFORCAT."</b></center>";
    }
  CloseTable();
    }  else {
    topmenu();
    echo "<br>";
    OpenTable();
    echo "<center><b>"._CATNOTFOUND."</b></center>";
    CloseTable();
    }
  include ("footer.php");
}
#################################################################################################

function copyright() {
global $Version_Num, $module_name;
$versiyon=substr($Version_Num,0,1);
  if(file_exists("modules/Kitap/copyright.php")) {
  } else {
  echo "<div align=\"right\"><a href=\"http://www.basisconsultant.com\" target=\"_blank\">&copy; $module_name</a></div>";
   }
}
 /*Do Not Change Information in this area. */
#################################################################################################
function CreateSelect($arr){
  if(!is_array($arr)) return;
  $arr = array_unique($arr);
  asort($arr);
  $string = "<option>\n";
        foreach($arr as $item){
          if(!empty($item)) $string .= "<option value=\"".$item."\">".$item."\n";
  }
  return($string);
}
function CreateJsArr($arr, $field){
        if(!is_array($arr)) return;
        $arr = array_unique($arr);
  asort($arr);
        $string = "\n<s-c-r-i-p-t language=\"Javas-c-r-i-p-t\">\n";
  $string .= "\t".$field."[0] = \"\"\n";
  $i = 1;
        foreach($arr as $item){
          if(!empty($item)){
            $string .= "\t".$field."[".$i."] = \"".$item."\"\n";
        $i++;
    }
  }
  $string .= "</s-c-r-i-p-t>\n";
  return($string);
}

function AddBook() {
    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name;
    include ('header.php');
    topmenu();
    OpenTable();
    if (is_admin($admin)) {
      $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);
      while(list($catid,$cname) = sql_fetch_array($rcat, $dbi)){
      $cname_arr[] = $cname;
      }
      $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);
      while(list($aid,$aname) = sql_fetch_array($rauth, $dbi)){
      $aname_arr[] = $aname;
      }
      $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);
      while(list($pid,$pname) = sql_fetch_array($rpub, $dbi)){
      $pname_arr[] = $pname;
      }
      $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";
      $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";
      $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";

      echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">
         var cname_arr=new Array(500);
         var aname_arr=new Array(500);
         var pname_arr=new Array(500);
         function riscriviDue(form,fromField,toField,ArrList) {
            var selectobj=form.elements[fromField];
            var selNum= selectobj.selectedIndex;
            form.elements[toField].value = ArrList[selNum];
         }
      </s-c-r-i-p-t>\n";
//               echo "\n"
//                ."<form action=\"modules.php?name=".$module_name."&file=admin\" method=\"post\">"
//               ."<b>"._A_BCOMPANY.":</b><br>"
//               ."<input type=\"text\" name=\"cname\" size=\"20\" > ".$cname_sel."<br><br>";

      echo "<center><b><font class=booktitle>"._ADDNEWBOOK." </font></b><br><br>"
      ."<form method=\"post\" action=\"modules.php?name=$module_name\">"
      ."<table width=100%>"
      ."<tr><td valign=top width=100><b>"._BNAME.":<font color=ff0000>*</font></b></td><td valign=top align=left><input type=\"text\" name=\"bname\" size=\"50\" maxlength=\"150\"></td></tr>"
      ."<tr><td valign=top><b>"._BCAT.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"cname\" size=\"20\"> ".$cname_sel."";
       echo "</td></tr>"
      ."<tr><td valign=top><b>"._BAUTHOR.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"aname\" size=\"20\" > ".$aname_sel."";
       echo "</td></tr>"
      ."<tr><td valign=top><b>"._BPUBLISHER.":<font color=ff0000>*</font></b></td><td valign=top align=left>"
      ."<input type=\"text\" name=\"pname\" size=\"20\" > ".$pname_sel."";
       echo "</td></tr>";   
      echo"<tr><td valign=top><b>"._BINFO.":<font color=ff0000>*</font></b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\"></textarea><BR>"._BINFOINFO."<BR><BR></td></tr>
      <tr><td valign=top><b>"._BKYEAR.":<font color=ff0000>*</font></b></td><td valign=top><input type=\"text\" name=\"byear\" size=\"10\" maxlength=\"10\"></td></tr>
      <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>
      <select name=\"bquality\">
            <option value=\"\"></option>
            <option value=\"1. Hamur\">1. Hamur</option>
            <option value=\"2. Hamur\">2. Hamur</option>
            <option value=\"3. Hamur\">3. Hamur</option>
      </select></td></tr>
      <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\" size=\"20\" maxlength=\"15\"></td></tr>
      <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\" size=\"20\" maxlength=\"20\"></td></tr>
      <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\" size=\"20\" maxlength=\"50\"></td></tr>
      <tr><td valign=top><b>"._BLANG.":<font color=ff0000>*</font></b></td><td valign=top>
      <select name=\"blang\">
            <option value=\"\"></option>
            <option value=\""._TR."\">"._TR."</option>
            <option value=\""._EN."\">"._EN."</option>
            <option value=\""._DE."\">"._DE."</option>
            <option value=\""._FR."\">"._FR."</option>
      </select></td></tr>
      <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>
      <select name=\"bpic\">";
      $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");
      $path = "$path1[0]/$path1[1]";
      $handle=opendir($path);
      while (false !== ($file = readdir($handle))) {
      if ($file != "." && $file != "..") {
         $tlist .= "$file ";
      }
      }
      closedir($handle);
      $tlist = explode(" ", $tlist);
      sort($tlist);
      for ($i=0; $i < sizeof($tlist); $i++) {
      if($tlist[$i]!="") {
         echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";
      }
      }
      echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";

      echo "</table>";

      echo "<BR><i>"._CHECKINFO."</i><br><br>";
      echo "<input type=\"hidden\" name=\"op\" value=\"preview_book\">
      <input type=\"submit\" value=\""._PREVIEW."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";
   } else {
      echo "<center>";
      echo ""._ADMERROR."<br>";
    }

   

    CloseTable();
    include ("footer.php");
}

function PreviewBook($bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {
    global $admin, $module_name, $dbi, $prefix,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic;

    $text = ereg_replace("\n","<br>",$text);
    $title = stripslashes(check_html($title, "nohtml"));
    $text = stripslashes(check_html($text, ""));
    include ('header.php');
    topmenu();
    OpenTable();
      $result = sql_query("select * from ${prefix}_bcatalog_books where bname='$bname'", $dbi);
    $total = sql_num_rows($result, $dbi);

    if($total == 0 OR $id!=0) {
    echo "<form method=\"post\" action=\"modules.php?name=$module_name\">";
    if ($bname == "") {
            $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDBNAME."</font></center><br>";
    }
    if ($cname =="") {
    $error =1;
    echo "<center><font color=\"#FF0000\">"._INVALIDCNAME."</font></center><br>";
    }
    if ($aname == "") {
            $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDANAME."</font></center><br>";
    }

    if ($pname == "") {
        $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDPNAME."</font></center><br>";
    }
     if ($binfo == "") {
        $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDBINFO."</font></center><br>";
    }
     if ($byear == "") {
        $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDBYEAR."</font></center><br>";
    }
     if ($blang == "") {
        $error = 1;
        echo "<center><font color=\"#FF0000\">"._INVALIDBLANG."</font></center><br>";
    }
        if ($error == 1)
            echo "<br><center><a href=\"javas-c-r-i-p-t:window.history.back();\">"._BACK."</center></a>";
        else
        {

        if ($date == "")
            $tarih = getdate();
           $ay=array(1=>""._JANUARY."",2=>""._FEBRUARY."",3=>""._MARCH."",4=>""._APRIL."",5=>""._MAY."",6=>""._JUNE."",7=>""._JULY."",8=>""._AUGUST."",9=>""._SEPTEMBER."",10=>""._OCTOBER."",11=>""._NOVEMBER."",12=>""._DECEMBER."");     $date = date("d.m.Y");
            $year2 = substr($date,0,4);
            $month = substr($date,5,2);
            $day = substr($date,8,2);
            $fdate = "$day ".$ay[$tarih['mon']]." $year2";
         echo"<table width=100%>"
         ."<tr><td valign=top width=100><b>"._BNAME.":</b></td><td valign=top align=left>$bname</td></tr>"
         ."<tr><td valign=top><b>"._BCAT.":</b></td><td valign=top align=left>$cname</td></tr>"
         ."<tr><td valign=top><b>"._BAUTHOR.":</b></td><td valign=top align=left>$aname</td></tr>"
         ."<tr><td valign=top><b>"._BPUBLISHER.":</b></td><td valign=top align=left>$pname</td></tr>";   
         echo"<tr><td valign=top><b>"._BINFO.":</b></td><td valign=top>$binfo</td></tr>
         <tr><td valign=top><b>"._BKYEAR.":</b></td><td valign=top>$byear</td></tr>
         <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>$bquality</td></tr>
         <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top>$bpages</td></tr>
         <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top>$bdims</td></tr>
         <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top>$bisbn</td></tr>
         <tr><td valign=top><b>"._BLANG.":</b></td><td valign=top>$blang</td></tr>
         <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top><img src=\"modules/$module_name/images/bookimg/$bpic\" border=0 width=40 height=50></td></tr>
         <tr><td valign=top><b>"._BADDDATE.":</b></td><td valign=top>$date</td></tr>
         </table>";
            $text = urlencode($text);
            echo "<BR><p><i>"._LOOKSRIGHT."</i> ";
            echo "<input type=\"hidden\" name=\"bid\" value=$bid>
                  <input type=\"hidden\" name=\"bname\" value=\"$bname\">
                  <input type=\"hidden\" name=\"op\" value=sendbook>
                  <input type=\"hidden\" name=\"date\" value=\"$date\">
                  <input type=\"hidden\" name=\"cname\" value=\"$cname\">
                  <input type=\"hidden\" name=\"aname\" value=\"$aname\">
                  <input type=\"hidden\" name=\"pname\" value=\"$pname\">
                  <input type=\"hidden\" name=\"binfo\" value=\"$binfo\">
                   <input type=\"hidden\" name=\"byear\" value=\"$byear\">
                  <input type=\"hidden\" name=\"bquality\" value=\"$bquality\">
                  <input type=\"hidden\" name=\"bpages\" value=\"$bpages\">
                  <input type=\"hidden\" name=\"bdims\" value=\"$bdims\">
                  <input type=\"hidden\" name=\"bisbn\" value=\"$bisbn\">
                  <input type=\"hidden\" name=\"blang\" value=\"$blang\">
                  <input type=\"hidden\" name=\"bpic\" value=\"$bpic\">";
            echo "<input type=\"submit\" name=\"op\" value=\""._YES."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._NO."\">";
            if(is_admin($admin))
                    echo "<br><br><b>"._NOTE."</b> "._ADMINLOGGED."";
        }
          } else {
    echo "<center><font color=\"#FF0000\">"._BOOKALREADYINDB."</font></center>";
   echo "<center><br><br>[ <a href=\"javas-c-r-i-p-t:history.back();\">"._BACK."</a> ]<br></center>";
    }
    CloseTable();
    include ("footer.php");
}

function SendBook($date, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {
    global $admin, $prefix, $dbi, $module_name, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic;
    include ('header.php');
    topmenu();
    echo "<br>";
   $bname=$bname;
   $cname=$cname;
   $aname=$aname;
   $pname=$pname;
   $binfo = stripslashes(Fixquotes(urldecode(check_html($binfo, ""))));
    OpenTable();
    sql_query("INSERT INTO ${prefix}_bcatalog_books values('','$cname', '$bname', '$aname', '$pname', '$binfo', '$byear', '$bquality', '$bpages', '$bdims','$bisbn','$blang','$bpic','','$date')", $dbi);

   $ccname = sql_query("select * from ${prefix}_bcatalog_cats where cname='$cname'", $dbi);
    $ctotal = sql_num_rows($ccname, $dbi);
   if ($ctotal==0){ sql_query("insert into ${prefix}_bcatalog_cats  values('','$cname')",$dbi);}
   $caname = sql_query("select * from ${prefix}_bcatalog_authors where aname='$aname'", $dbi);
    $atotal = sql_num_rows($caname, $dbi);
   if ($atotal==0){ sql_query("insert into ${prefix}_bcatalog_authors  values('','$aname','')",$dbi);}
   $cpname = sql_query("select * from ${prefix}_bcatalog_publishers where pname='$pname'", $dbi);
    $ptotal = sql_num_rows($cpname, $dbi);
   if ($ptotal==0){ sql_query("insert into ${prefix}_bcatalog_publishers values('','$pname','')",$dbi);}
    echo "<br><center>"._THANKS."";
    Header("Refresh: 3; url=modules.php?name=$module_name");
    CloseTable();
    include ("footer.php");
}
function UpdateBook($bid,$date, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {
    global $admin, $prefix,$bid, $dbi, $module_name;
    include ('header.php');
    topmenu();
    echo "<br>";
   $binfo = stripslashes(Fixquotes(urldecode(check_html($binfo, ""))));
    OpenTable();
    sql_query("update ${prefix}_bcatalog_books set cname='$cname' , bname='$bname' , bauthor='$aname' , bpublisher='$pname' , binfo='$binfo' , byear='$byear' , bquality='$bquality' , bpages='$bpages' , bdims='$bdims' , bisbn='$bisbn' , blang='$blang' , bpic='$bpic' where bid='$bid'", $dbi);

   $ccname = sql_query("select * from ${prefix}_bcatalog_cats where cname='$cname'", $dbi);
    $ctotal = sql_num_rows($ccname, $dbi);
   if ($ctotal==0){ sql_query("insert into ${prefix}_bcatalog_cats  values('','$cname')",$dbi);}
   $caname = sql_query("select * from ${prefix}_bcatalog_authors where aname='$aname'", $dbi);
    $atotal = sql_num_rows($caname, $dbi);
   if ($atotal==0){ sql_query("insert into ${prefix}_bcatalog_authors  values('','$aname','')",$dbi);}
   $cpname = sql_query("select * from ${prefix}_bcatalog_publishers where pname='$pname'", $dbi);
    $ptotal = sql_num_rows($cpname, $dbi);
   if ($ptotal==0){ sql_query("insert into ${prefix}_bcatalog_publishers values('','$pname','')",$dbi);}
    echo "<center><font class=bookcontent><B>"._THANKSFORUPDATE."</B></font>";
    Header("Refresh: 2; url=modules.php?name=$module_name&op=showbook&bid=$bid");
    CloseTable();
    include ("footer.php");
}
function index() {
    global $bid,$bgcolor4, $bgcolor2, $prefix, $dbi, $module_name, $top, $admin;
    include ('header.php');
    OpenTable();
    echo "<table border=\"0\" width=\"100%\" CELLPADDING=\"2\" CELLSPACING=\"0\" align=\"center\"><tr><td colspan=\"2\">";
    topmenu();
    echo "</td></tr></table>";
   $result_cat = sql_query("select catid, cname from ${prefix}_bcatalog_cats", $dbi);
   opentable();
   echo "<tr><td width=100% colspan=2><CENTER><FONT class=bookcathead>"._CATEGORIES."</FONT></CENTER></td><tr>";
   echo "<tr><td width=100% colspan=2><CENTER>";
   while (list($catid,$cname)=sql_fetch_row($result_cat)){
   echo "<a href=modules.php?name=$module_name&op=category&catid=$catid><FONT class=bookcat>$cname</FONT></a>&nbsp;";
   }
   echo "<BR></td></tr>";
   closetable();
   opentable();
    echo "<table border=\"0\" width=\"100%\" CELLPADDING=\"2\" CELLSPACING=\"2\" align=\"center\"><tr><td colspan=\"2\">";
    echo "<tr><td width=\"50%\" >";
    echo "<b>"._POP." $top "._BOOK."</b></td>";
    echo "<td width=\"50%\" ><b>"._NEW." $top "._BOOK."</b></td></tr>";
    $result_pop = sql_query("select bid, bname, hits from ${prefix}_bcatalog_books order by hits DESC limit 10", $dbi);
    $result_rec = sql_query("select bid, bname from ${prefix}_bcatalog_books order by bid DESC limit 10", $dbi);
    $y = 1;
    for ($x = 0; $x < $top; $x++)        {
        $myrow = sql_fetch_array($result_pop, $dbi);
        $bid = $myrow["bid"];
        $bname = $myrow["bname"];
        $hits = $myrow["hits"];
      $bname=cut($bname,40);
        if ($hits!="") {
        echo "<tr><td width=\"50%\" >$y) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td>";
        } else {
       echo "<tr><td width=\"50%\" >$y) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td>";
        }
        $myrow = sql_fetch_array($result_rec, $dbi);
        $id = $myrow["id"];
        $title = $myrow["title"];
        $hits = $myrow["hits"];
        $date = $myrow["date"];
        if ($date !="") {
        echo "<td width=\"50%\" >$y ) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a> ($date)</td></tr>";
        } else {
        echo "<td width=\"50%\" >$y ) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td></tr>";
        }
        $y++;
    }
    echo "<tr><td colspan=\"2\"><br></td></tr>";
    $result = sql_query("SELECT * FROM ${prefix}_bcatalog_books", $dbi);
    $numresults = sql_num_rows($result, $dbi);
    echo "<tr><td colspan=\"2\"><br><center>"._DATABASE." <b>$numresults</b> "._BOOK."  "._REGISTERED."</center></td></tr></table>";
   closetable();
    CloseTable();
    copyright();
    include ("footer.php");
}

function showbook($bid) {
    global $bid,$bgcolor4, $sitename, $prefix, $dbi, $module_name, $limit, $limitdeger, $goster,$admin,$nukeurl,$bgcolor2;
    include ('header.php');
    $limit = $limitdeger;   

    topmenu();
    OpenTable();
    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);
    $result_com = sql_query("select * from ${prefix}_bcatalog_comments where cbookid='$bid'", $dbi);
   $cresult_com=sql_num_rows($result_com,$dbi);
   $res_auth=sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);
   $myrow=sql_fetch_array($res_auth,$dbi);
   // SET HIT=HIT+1
   sql_query("update ${prefix}_bcatalog_books SET hits=hits+1 where bid='$bid'", $dbi);
   
   while (list($bid,$cname,$bname,$bauthor,$bpublisher,$binfo,$byear,$bquality,$bpages,$bdims,$bisbn,$blang,$bpic,$hits,$date)=sql_fetch_row($result)){
   $Bauthor=$bauthor;
   $Bpublisher=$bpublisher;

     echo"<table border=\"0\" width=\"100%\">"
     . "   <tr>"
     . "      <td width=\"100\">&nbsp;</td>"
     . "      <td style=\"border-bottom: 1 solid #660000\"><FONT class=booktitle>$bname</FONT></td>"
     . "   </tr>"
     . "   <tr>"
     . "      <td width=\"100\" valign=\"top\" align=center >";
       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";
      echo "<!--\n";
      echo "function showbookpic(){\n";
      echo "   window.open (\"modules.php?name=$module_name&op=viewpic&bid=$bid\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=500,height=600\");\n";
      echo "}\n";
      echo "//-->\n";
      echo "</s-c-r-i-p-t>\n\n";
      echo " <a href=\"javas-c-r-i-p-t:showbookpic()\">     <img src=\"$nukeurl/modules/$module_name/images/bookimg/$bpic\" border=0 height=80 width=60 alt=\"$bname\"><BR><font class=pictext>"._CLKTOENLARGE."</font></a></td>"
     . "      <td >"
     . "<p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$Bauthor</font></p>"
     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$Bpublisher</p>"
     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>&nbsp;</p>"
     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$binfo</p>"
     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>&nbsp;</p>"
     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>Yayýn Yýlý: $byear<br>";
if ($bquality<>""){echo "      $bquality<br>";}
if ($bpages<>""){echo      "      $bpages Sayfa<br>";}
if ($bisbn<>""){   echo "      $bdims cm<br>";}
if ($bisbn<>""){echo "      ISBN: $bisbn<br>";}
if ($blang<>""){   echo "      Dili: $blang</p></font>";}
     echo "      <p>&nbsp;</td>"
     . "   </tr>"
     . "<tr><td>&nbsp;</td>"
     . "<td><a href=\"modules.php?name=$module_name&op=postcomment&bid=$bid\"><img src=\"modules/$module_name/images/addcomment.gif\" border=0 alt=\""._POSTCOMMENT."\"></a>&nbsp;<a href=\"modules.php?name=$module_name&file=friend&bid=$bid\"><img src=\"modules/$module_name/images/sendfriend.gif\" border=0 alt=\""._SENDFRIEND."\"></a>";
     if (is_admin($admin)) {
     echo "&nbsp;<a href=\"modules.php?name=$module_name&op=editbook&bid=$bid\"><img src=\"modules/$module_name/images/change.gif\" border=0></a>";
    }
    echo "</td>"
     . "   </table>";
   }
    CloseTable();
   $bname=$myrow["bname"];
   $bpublisher=$myrow["bpublisher"];
   $bauthor=$myrow["bauthor"];
   $bname=$myrow["bname"];
   $Bauthor=$bauthor;
   $res_author=sql_query("select bid,bname from ${prefix}_bcatalog_books where bauthor='$Bauthor' and bname<>'$bname' order by bid desc limit 0,5", $dbi);
   $cres_author=sql_num_rows($res_author,$dbi);
   $res_publisher=sql_query("select bid,bname from ${prefix}_bcatalog_books where bpublisher='$bpublisher' and bname<>'$bname' order by bid desc limit 0,5", $dbi);
   $cres_publisher=sql_num_rows($res_publisher,$dbi);
if (($cres_author>'0') && ($cres_publisher>'0')){
if ($cres_author<>'0'){
   opentable();
   echo "<table width=100%><tr><td width=50% class=booktitle>"._AUTHOROTHERBOOKS."</td><td width=50% class=booktitle>"._PUBLISHEROTHERBOOKS."</td></tr>";
   echo "<tr>";
   echo "<td valign=top>";
   $i=1;
   while (list($bid,$bname)=sql_fetch_row($res_author)){
      echo "$i) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a><BR>";
      $i++;
   }
   echo "</td>";
}
if ($cres_publisher<>'0'){
   echo"<td valign=top>";
   $i=1;
   while (list($bid,$bname)=sql_fetch_row($res_publisher)){
      echo "$i) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a><BR>";
      $i++;

   }
   echo "</td>";
}
   echo"</tr>";
   echo "</table>";
   closetable();
}
if ($cresult_com >'0'){
   Opentable();
   global $bid,$bauthor;
   echo "<font class=booktitle ><H4>"._COMMENTHEADER."</H4></font>";
   while (list($comid,$csender,$cbookid,$comment,$cdate)=sql_fetch_row($result_com)){
   echo "<table width=100%>";
   echo "<tr bgcolor=$bgcolor2><td >$cdate&nbsp;&nbsp;<B>$csender</B></td>";
if (is_admin($admin)) {
      global $bid,$bauthor;
   echo "   <td align=center width=25><a href=\"modules.php?name=$module_name&op=delcomment&comid=$comid&cbookid=$cbookid\">"._DELETE."</a></td></tr>";
}else{ echo "</tr>";}
   echo "<tr><td>$comment</td></tr>";
   echo "</table><BR>";
   }
   closetable();
}

    include ("footer.php");
}

function PostComment($bid) {
    global $user, $cookie, $AllowableHTML, $anonymous, $module_name,$bid,$dbi,$module_name;
    include("header.php");
   echo "<head>";
    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";
   echo "</head>";
    cookiedecode($user);
    $title = urldecode($title);
    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);
   $myrow=sql_fetch_array($result,$dbi);
   $bname=$myrow["bname"];
    OpenTable();
    if (!is_user($user)) {
       echo "<center><FONT class=booktitle>"._BOOKCOMMENT.": $bname</FONT></center><BR>";
        echo "<CENTER><b>"._ALERT."</b>&nbsp;"._NICKNAME2." $anonymous<BR><BR>";
      echo ""._TOPOSTCOMMENT."";
      echo "</CENTER><br><br>";
        $uname = $anonymous;
    }
     else {
       echo "<center><FONT class=booktitle>"._BOOKCOMMENT.": $bname</FONT></center>"
        ."<form action=modules.php?name=$module_name method=post>";
        echo "<b>"._NICKNAME2.":</b> $cookie[1]<br>
        <br>";
        $uname = $cookie[1];
          echo "
         <input type=hidden name=bid value=$bid>
         <b>"._YOURCOMMENT."</b><br>
         <textarea name=comment rows=10 cols=70></textarea><br>
         "._ALLOWEDHTML."<br>";
         while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";
         echo "<br><br>
         <input type=hidden name=op value=savecomment>
         <input type=submit value=\""._SEND."\">
         </form>
         ";

    }
    $ip = getenv("REMOTE_ADDR");
    CloseTable();
    include("footer.php");
}

function savecomment($uname, $bid, $score, $comment, $ip) {
    global $anonymous, $user, $cookie, $prefix, $dbi, $module_name, $ip,$bid;
     cookiedecode($user);
        $uname = $cookie[1];
    $comment = stripslashes(FixQuotes(check_html($comment)));
     $now = date("d.m.Y");
    sql_query("insert into ${prefix}_bcatalog_comments values ('', '$uname','$bid', '$comment', '$now')", $dbi);
    Header("Location: modules.php?name=$module_name&op=showbook&bid=$bid");
}

function EditBook($bid) {
        global $admin, $prefix, $dbi, $module_name;
        include ('header.php');
   echo "<head>";
    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";
   echo "</head>";
        OpenTable();
        if (($bid != 0) && (is_admin($admin)))
        {
                $result = sql_query("select * from ${prefix}_bcatalog_books where bid = '$bid'", $dbi);
                while($myrow =  sql_fetch_array($result, $dbi))
                {
                        $bid =  $myrow["bid"];
                        $cname = $myrow["cname"];
                        $bname = $myrow["bname"];
                        $aname = $myrow["bauthor"];
                        $pname = $myrow["bpublisher"];
                        $binfo = $myrow["binfo"];
                        $byear = $myrow["byear"];
                        $bquality = $myrow["bquality"];
                        $bpages = $myrow["bpages"];
                        $bdims = $myrow["bdims"];
                        $bisbn = $myrow["bisbn"];
                        $blang = $myrow["blang"];
                        $bpic = $myrow["bpic"];
            }
                echo "<center><font class=booktitle>"._MODIFYBOOK."</font></center><br><br>";
         $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);
         while(list($catid,$catname) = sql_fetch_array($rcat, $dbi)){
         $cname_arr[] = $catname;
         }
         $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);
         while(list($aid,$auname) = sql_fetch_array($rauth, $dbi)){
         $aname_arr[] = $auname;
         }
         $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);
         while(list($pid,$puname) = sql_fetch_array($rpub, $dbi)){
         $pname_arr[] = $puname;
         }
         $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";
         $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";
         $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";

         echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">
            var cname_arr=new Array(500);
            var aname_arr=new Array(500);
            var pname_arr=new Array(500);
            function riscriviDue(form,fromField,toField,ArrList) {
               var selectobj=form.elements[fromField];
               var selNum= selectobj.selectedIndex;
               form.elements[toField].value = ArrList[selNum];
            }
         </s-c-r-i-p-t>\n";
            echo "<form method=POST action=modules.php?name=$module_name&op=updatebook&bid=$bid>";
         echo"<table width=100%>"
         ."<tr><td valign=top width=100><b>"._BNAME.":</b></td><td valign=top align=left><input type=\"text\" name=\"bname\" value=\"$bname\" size=\"50\" maxlength=\"150\"></td></tr>"
         ."<tr><td valign=top><b>"._BCAT.":</b></td><td valign=top align=left>"
         ."<input type=\"text\" name=\"cname\" size=\"20\"  value=\"$cname\"> ".$cname_sel."";
          echo "</td></tr>"
         ."<tr><td valign=top><b>"._BAUTHOR.":</b></td><td valign=top align=left>"
         ."<input type=\"text\" name=\"aname\" size=\"20\"  value=\"$aname\"> ".$aname_sel."";
          echo "</td></tr>"
         ."<tr><td valign=top><b>"._BPUBLISHER.":</b></td><td valign=top align=left>"
         ."<input type=\"text\" name=\"pname\" size=\"20\"  value=\"$pname\"> ".$pname_sel."";
          echo "</td></tr>";   
         echo"<tr><td valign=top><b>"._BINFO.":</b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\">$binfo</textarea><BR>"._BINFOINFO."<BR><BR></td></tr>
         <tr><td valign=top><b>"._BKYEAR.":</b></td><td valign=top><input type=\"text\" name=\"byear\"  value=\"$byear\"  size=\"10\" maxlength=\"10\"></td></tr>
         <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>
         <select name=\"bquality\">
               <option value=\"$bquality\">$bquality</option>
               <option value=\"1. Hamur\">1. Hamur</option>
               <option value=\"2. Hamur\">2. Hamur</option>
               <option value=\"3. Hamur\">3. Hamur</option>
         </select></td></tr>
         <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\"   value=\"$bpages\" size=\"20\" maxlength=\"15\"></td></tr>
         <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\"   value=\"$bdims\" size=\"20\" maxlength=\"20\"></td></tr>
         <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\"   value=\"$bisbn\" size=\"20\" maxlength=\"50\"></td></tr>
         <tr><td valign=top><b>"._BLANG.":</b></td><td valign=top>
         <select name=\"blang\">
               <option value=\"$blang\">$blang</option>
               <option value=\"Türkçe\">Türkçe</option>
               <option value=\"Ýngilizce\">Ýngilizce</option>
               <option value=\"Almanca\">Almanca</option>
         </select></td></tr>
         <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>
         <select name=\"bpic\"><option value=\"$bpic\">$bpic</option>";
         $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");
         $path = "$path1[0]/$path1[1]";
         $handle=opendir($path);
         while (false !== ($file = readdir($handle))) {
         if ($file != "." && $file != "..") {
            $tlist .= "$file ";
         }
         }
         closedir($handle);
         $tlist = explode(" ", $tlist);
         sort($tlist);
         for ($i=0; $i < sizeof($tlist); $i++) {
         if($tlist[$i]!="") {
            echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";
         }
         }
         echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";

         echo "</table>";

         echo "<BR><i>"._CHECKINFO."</i><br><br>
               <input type=\"hidden\" name=\"bid\" value=\"$bid\">
         <input type=\"submit\" value=\""._UPDATE."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";
        }
        CloseTable();
        include ("footer.php");
}

function DelComment($comid, $cbookid,$bid) {
    global $admin, $prefix, $dbi, $module_name,$cbookid,$bid;
    if (is_admin($admin)) {
        sql_query("delete from ${prefix}_bcatalog_comments where comid='$comid'", $dbi);
        Header("Location: modules.php?name=$module_name&op=showbook&bid=$cbookid");
    } else {
        echo ""._ACCDENY."";
    }
}

function ViewPic($bid){
[/code]


Last edited by izone on Sat Sep 25, 2004 2:40 am; edited 1 time in total 
izone







PostPosted: Sat Sep 25, 2004 2:38 am Reply with quote

Sorry the whole code didn't apeared. This here is the rest of it:

Code:



function ViewPic($bid){
   global $cookie,$newbgcolor,$dbi,$user,$prefix,$bgcolor1,$currentlang,$bgcolor2,$module_name,$bid,$nukeurl;
    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);
   $row=sql_fetch_array($result,$dbi);
   $bname=$row["bname"];
   $bpic=$row["bpic"];
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><? echo $bname; ?></title>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso8859-9">
</head>

<body bgcolor="#FFFFFF" text="#000000" link="#035D8A" vlink="#035D8A">
<?
      echo "<CENTER><img src=\"$nukeurl/modules/$module_name/images/bookimg/$bpic\" border=0 alt=\"$bname\"></CENTER>";
      sql_free_result($result);
      echo "<BR>";
      echo "<CENTER>[ <a href=\"javas-c-r-i-p-t:window.parent.close()\">"._CLOSEWIN."</a> ]</CENTER>";
      echo "</body></html>";

}

function search($query) {
global $module_name, $prefix, $query, $dbi;
include("header.php");
topmenu();
    $result = sql_query("select bid, bname,bauthor,bpublisher from ${prefix}_bcatalog_books where bname LIKE '%$query%' or cname LIKE '%$query%' or bauthor LIKE '%$query%' or bpublisher LIKE '%$query%'", $dbi);
   $count=sql_num_rows($result,$dbi);
    OpenTable();
   echo "<CENTER><font class=booktitle>"._SEARCHRESULT."</font>: <font class=bookcontent >'$query'</font></CENTER>";
    echo "<blockquote>" ;
    if (sql_num_rows($result, $dbi) == 0) {
        echo ""._NORESULT."";
    } else {
    echo "<center><i> "._FOUNDRECORDS."</i><B>&nbsp;:&nbsp;$count</B><BR><BR></center>";
        while(list($bid, $bname,$bauthor,$bpublisher) = sql_fetch_row($result, $dbi)) {
            echo "<strong><big>&middot</big></strong><a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a>, <B>"._BAUTHOR.":</B>&nbsp;$bauthor, <B>"._BPUBLISHER.":</B>&nbsp;$bpublisher <BR>";
        }
    }

   echo"<BR><CENTER>[ <a href=\"modules.php?name=$module_name\">"._BACK."</a> ]</CENTER><br>";

    CloseTable();
include("footer.php");
}

function UploadImg() {
global $module_name, $prefix, $query, $dbi;
include("header.php");
topmenu();
OpenTable();
echo "<CENTER><font class=booktitle>"._IMGUPLOAD."</font><BR>";
echo "<form enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
echo"<input name=\"userfile\" type=\"file\">&nbsp;<input type=\"submit\" name=\"submit\" value=\"Dosyayý Yükle\">";
echo "<BR><BR><hr noshade size=1 color=660000 width=60%><table width=50% border=1><TR bgcolor=dbdbdb><TD>Dosya Adý</TD><TD>Dosya Boyutu</TD></TR>";
$dir="modules/$module_name/images/bookimg/";

// copy the file to the server
if (isset($submit)){
   copy($userfile,$dir.$userfile_name);
   if (!is_uploaded_file ($userfile)){
      echo "<CENTER><b>$userfile_name</b> "._CANTUPLOAD."</CENTER>";
   }
}
// check whether it has been uploaded
if (is_uploaded_file ($userfile)){
   echo "<CENTER><b>$userfile_name</b> "._UPLOADSUCCESS."</CENTER><BR>";
}

if ($handle = opendir("$dir")) {
   while (false !== ($file = readdir($handle))) {
      if ($file != "." && $file != "..") {
         echo "<TR><TD><B><A HREF=$dir$file>$file</A></B></TD>" . "" . 
         "<TD>". filesize($dir . $file)  ."&nbsp;&nbsp;byte". "</TD></TR>";
      }
   }
   closedir($handle);
}
echo "</table>";
echo "</form>";   
   CloseTable();
include("footer.php");
}

function DeleteBook($bid) {
    global $admin, $prefix, $dbi, $module_name,$cbookid,$bid;
    global $admin, $prefix, $dbi, $module_name;
    include ('header.php');
    topmenu();
      opentable();
    if (is_admin($admin)) {
        sql_query("delete from ${prefix}_bcatalog_books where bid='$bid'", $dbi);
       echo "<center><font class=bookcontent><B>"._SUCCDELETED."</B></font>";
        Header("Location: modules.php?name=$module_name");
    } else {
        echo ""._ACCDENY."";
    }
      closetable();
}

switch($op) {

        case "showbook":
        showbook($bid);
        break;

        case "viewpic":
        ViewPic($bid);
        break;

        case "postcomment":
        PostComment($id, $title);
        break;

        case "savecomment":
        savecomment($uname, $bid, $score, $comment, $ip);
        break;

        case "delcomment":
        DelComment($comid, $bid,$cbookid);
        break;

       case "listcategory":
        CategoryList();
        break;

        case "uploadimg":
        UploadImg();
        break;

      case "category":
        Category($catid);
        break;

        case "listauthors":
        AuthorList($t,$bauthor);
        break;

        case "listbooks":
        BookList();
        break;

        case "addbook":
        AddBook();
        break;

        case "editbook":
        EditBook($bid);
        break;
        case "deletebook":
        DeleteBook($bid);
        break;

        case "preview_book":
        PreviewBook($bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);
        break;

        case "sendbook":
        SendBook($date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);
        break;

        case "updatebook":
        UpdateBook($bid,$date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);
        break;
      case ""._YES."":
        SendBook($date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);
        break;


      case "print":
        PrintPage($id);
        break;

        case "search":
        search($query);
        break;

        default:
        index();
        break;
}

?>
 
izone







PostPosted: Sat Sep 25, 2004 4:13 am Reply with quote

Raven!

Do you think thak it could be something for me:
[ Only registered users can see links on this board! Get registered or login! ]

Can I use it for books too???
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> How To's

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©