0 ) { $content = "Here you may utilize three functions. Approve, Decline, and Remove.
\n"; $content .= "When you Approve a link, an email will be sent to the person who submitted it to let them know that their site has been approved.\n"; $content .= "Same with Decline, only they will get a declination notice and their site will be removed from the database. If you click Remove, the \n"; $content .= "link will be removed from the database, but, no email will be sent.
\n"; $content .= "
\nUnapproved Sites:
\n"; while ($row = mysql_fetch_assoc($result)) { $content .= "
\n"; $content .= "\n"; $content .= "\n"; $content .= "\n"; $content .= "
\n"; $content .= "\t
" . $row["link_title"] . " - Posted on: " . $row["post_date"] ."
"; $content .= "
" . $row["link_desc"] . "
\n"; $content .= "
\n"; $content .= "
"; $content .= "
"; } $content .= "
"; } free_result($result); $result = db_connect("SELECT link_id, link_title, link_url, link_poster, link_desc, DATE_FORMAT(link_date,'%M %d, %Y') AS post_date FROM links WHERE link_approved='Y' ORDER BY link_date"); if ( mysql_num_rows($result) > 0 ) { $content .= "
\nApproved Sites:
\n"; while ($row = mysql_fetch_assoc($result)) { $content .= "
\n"; $content .= "\n"; $content .= "\n"; $content .= "\n"; $content .= "
\n"; $content .= "\t
" . $row["link_title"] . " - Posted on: " . $row["post_date"] ."
"; $content .= "
" . $row["link_desc"] . "
\n"; $content .= "
\n"; $content .= "
"; $content .= "
"; } $content .= "
"; } } else { $content = "This area is restricted to administrators only."; } return $content; } /* Performs all steps necessary to insert a link into the database. The function also checks to make sure the person suggesting the link is a member of the site with a username and password. It also checks to see if the link being submitted has already been sent. */ function new_link($link_url,$link_title,$uname,$link_desc,$pass) { global $administrator,$site_url; $sql = "SELECT * FROM links WHERE (link_url='" . $link_url ."')"; $result = db_connect($sql); if ( mysql_num_rows($result) == 0 ) { free_result($result); switch ( validate($uname,$pass) ) { // If the user is not registered... case 0: $content = "Your user name and password combination is not recognized. Please click 'Back' and try again.
If you know you have registered with us you may not have been verified by an administrator yet, which is necessary to log into the site.\n"; break; // If the user is registered but not an admin case 1: $sql = "INSERT INTO links (link_title,link_url,link_poster,link_desc,link_date) VALUES ('" . $link_title . "','" . $link_url . "','" . $uname . "','" . $link_desc . "',NOW())"; db_connect($sql); $content = "Your site has been submitted. Once approved it will appear on the Useful Sites page."; $body = $uname . " has submitted a a link for your approve on the Oklahoma Reading Association Useful Sites page "; $body .= "\nTo approve or decline this link please visit " . $site_url . "/usefulsites.php?action=Admin and login."; $header = "From: <" . $uname . ">"; send_mail('','',$administrator,"A site has been submitted to the Useful Sites page!",$body,$header); break; // If the user is an admin case 2: $sql = "INSERT INTO links (link_title,link_url,link_poster,link_desc,link_date,link_approved) VALUES ('" . $link_title . "','" . $link_url . "','" . $uname . "','" . $link_desc . "',NOW(),'Y')"; db_connect($sql); $content = "Your site has been posted."; break; } } else { $content = "That link has already been posted.\n"; } return $content; } /* Displays the suggest link form for registered users to suggest a site. Once the site goes into the databases it must be approved by an admin in order to be posted on the website. */ function suggest() { $content =<<Suggest a Link
Website Title
Website URL
Your Email
Your Password
Website Description
EOD; return $content; } /* Displays approved links to everyone. Shows by default when someone visits this page. */ function list_sites() { $result = db_connect("SELECT link_id, link_title, link_url, link_poster, link_desc, DATE_FORMAT(link_date,'%M %d, %Y') AS post_date, name FROM links,users WHERE (users.username=links.link_poster) AND (link_approved='Y')"); $content = "Useful Sites
\n"; if ( mysql_num_rows($result) == 0 ) { $content .= "No Links Posted.\n"; } else { $content .= "\n"; } free_result($result); return $content; } /* Admin function, approves a link so that it displays on the main page. */ function approve($user,$pass,$link_id) { $sql = "SELECT admin FROM users WHERE ((passwd='" . $pass . "') AND (username='" . $user . "'))"; $result = db_connect($sql); if ( mysql_num_rows($result) > 0 ) { $row = mysql_fetch_assoc($result); if ( $row['admin'] == 'Y' ) { $sql = "UPDATE links SET link_approved='Y' WHERE link_id=" . $link_id; free_result($result); db_connect($sql); # Send Email send_mail("Approve",$link_id,'','','',''); $content = "The link was successfully added to the Useful Links page."; } else { $content = "Only administrators are allowed to approve links."; } } else { $content = "There was an error. Please copy the following and paste into into an email to garret06@nsuok.edu.
\n"; $content .= "--- Start Copy ---
\n"; $content .= "Date: " . date("F j, Y, g:i a") . "
\n"; $content .= "Link ID: " . $link_id . "
\n"; $content .= "User: " . $user . "
\n"; # user $content .= "EP: " . $pass . "
\n"; # encrypted pass $content .= "EU: " . md5($user) . "
\n"; # encrypted user $content .= "Area: Link Approval
\n"; $content .= "--- End Copy ---
\n"; } return $content; } /* Admin function, declines a suggested link and removes it from the database. */ function decline($user,$pass,$link_id) { $sql = "SELECT admin FROM users WHERE ((passwd='" . $pass . "') AND (username='" . $user . "'))"; $result = db_connect($sql); if ( mysql_num_rows($result) > 0 ) { $row = mysql_fetch_assoc($result); if ( $row['admin'] == 'Y' ) { # Send Email send_mail("Decline",$link_id,'','','',''); $sql = "DELETE FROM links WHERE link_id=" . $link_id; free_result($result); db_connect($sql); $content = "The link has been removed from the database."; } else { $content = "Only administrators are allowed to approve links."; } } else { $content = "There was an error. Please copy the following and paste into into an email to garret06@nsuok.edu.
\n"; $content .= "--- Start Copy ---
\n"; $content .= "Date: " . date("F j, Y, g:i a") . "
\n"; $content .= "Link ID: " . $link_id . "
\n"; $content .= "User: " . $user . "
\n"; # user $content .= "EP: " . $pass . "
\n"; # encrypted pass $content .= "EU: " . md5($user) . "
\n"; # encrypted user $content .= "Area: Link Denial
\n"; $content .= "--- End Copy ---
\n"; } return $content; } /* Admin function, remove link from the database. */ function remove($user,$pass,$link_id) { $sql = "SELECT admin FROM users WHERE ((passwd='" . $pass . "') AND (username='" . $user . "'))"; $result = db_connect($sql); if ( mysql_num_rows($result) > 0 ) { $row = mysql_fetch_assoc($result); if ( $row['admin'] == 'Y' ) { $sql = "DELETE FROM links WHERE link_id=" . $link_id; free_result($result); db_connect($sql); $content = "The link has been removed from the database."; } else { $content = "Only administrators are allowed to approve links."; } } else { $content = "There was an error. Please copy and paste the following into into an email to garret06@nsuok.edu with a short description of what was trying to being accomplished
\n"; $content .= "--- Start Copy ---
\n"; $content .= "Date: " . date("F j, Y, g:i a") . "
\n"; $content .= "Link ID: " . $link_id . "
\n"; $content .= "User: " . $user . "
\n"; # user $content .= "EP: " . $pass . "
\n"; # encrypted pass $content .= "EU: " . md5($user) . "
\n"; # encrypted user $content .= "Area: Link Removal
\n"; $content .= "--- End Copy ---
\n"; } return $content; } ?> Oklahoma Reading Association
Useful Sites











     Copyright 2005 Oklahoma Reading Association