You are not registered.
Registration allows you to subscribe to projects, open projects, and more. Click here to register.Website Source Code
<< Back
admin.php
admin.php
<?php
function get_admin($project_row, $prj_id)
{
$vars['CONTENT'] = '';
if (!isset($_GET['params'])) $_GET['params'] = '';
$ex = explode('/', $_GET['params']);
switch ($ex[0])
{
case 'news':
if ($ex[1] == '')
{
$vars['CONTENT'] = get_admin_news($project_row, $prj_id, 0);
}
else
{
$vars['CONTENT'] = get_admin_news($project_row, $prj_id, intval($ex[1]));
}
break;
case 'icon':
$vars['CONTENT'] = get_admin_icon($project_row, $prj_id);
break;
case 'logo':
$vars['CONTENT'] = get_admin_logo($project_row, $prj_id);
break;
case 'media':
switch ($ex[1])
{
case 'edit':
$vars['CONTENT'] = get_admin_edit_media($project_row, $prj_id, intval($ex[2]));
break;
case 'delete':
$vars['CONTENT'] = get_admin_remove_media($project_row, $prj_id, intval($ex[2]));
break;
case 'folder':
$vars['CONTENT'] = get_admin_folder($project_row, $prj_id);
break;
case 'edit_folder':
$vars['CONTENT'] = get_admin_edit_folder($project_row, $prj_id, intval($ex[2]));
break;
case 'remove_folder':
$vars['CONTENT'] = get_admin_remove_folder($project_row, $prj_id, intval($ex[2]));
break;
default:
$vars['CONTENT'] = get_admin_media_upload($project_row, $prj_id);
break;
}
break;
case 'bugtracker':
$vars['CONTENT'] = get_admin_bugtracker($project_row, $prj_id, intval($ex[1]));
break;
case 'info':
$vars['CONTENT'] = get_admin_info($project_row, $prj_id);
break;
case 'staff':
$vars['CONTENT'] = get_admin_staff($project_row, $prj_id, isset($ex[1]) ? $ex[1] : null);
break;
default:
$vars['CONTENT'] = get_admin_main($project_row, $prj_id);
break;
}
return get_template('admin', $vars);
}
function get_admin_main($project_row, $prj_id)
{
$vars['LINK'] = create_link($project_row[1], $prj_id, $project_row[0]);
return get_template('admin_main', $vars);
}
function get_admin_bugtracker($prj_row, $prj_id, $id)
{
global $url;
if (isset($_POST['sent']))
{
mysql_query('UPDATE `bugtracker` SET `status` = \'' . db_escape($_POST['status']) . '\' WHERE `id` = ' . $id . ' LIMIT 1;');
tell_users(16, $prj_id, 'Bug status changed in ' . $prj_row[0], "Read more:\n" . $url . create_link($prj_row[1], $prj_id, $prj_row[0]) . 'bugtracker/' . $id . '-empty');
}
$result = mysql_query('SELECT `status`, `title` FROM `bugtracker` WHERE `id` = ' . $id . ' AND `project` = ' . $prj_id . ' LIMIT 1;');
$row = mysql_fetch_row($result);
$status = array('Open', 'In Progress', 'Waiting for User Response', 'Resolved', 'Closed');
$colors = array('008000', '008000; font-style: italic', '8f8f8f', '8f8f8f; font-style: italic', 'ff0000');
$vars['COLOR'] = $colors[$row[0]];
$vars['STATUS'] = $status[$row[0]];
$vars['BUG'] = escape_html($row[1]);
$vars['OPTIONS'] = '';
for($i = 0; $i < 5; $i++)
{
if ($i == $row[0])
{
$vars['OPTIONS'] .= '<option value="' . $i . '" selected="selected">' . $status[$i] . '</option>';
}
else
{
$vars['OPTIONS'] .= '<option value="' . $i . '">' . $status[$i] . '</option>';
}
}
return get_template('bug_status', $vars);
}
function get_admin_info($project_row, $prj_id)
{
global $categories;
$vars['ERRORS'] = '';
if (isset($_POST['sent']))
{
$title = $_POST['title'];
$selected = intval($_POST['category']);
$desc = $_POST['desc'];
$overview = $_POST['overview'];
$hiring = isset($_POST['hiring']) ? $_POST['hiring_text'] : '';
$m1 = isset($_POST['m1']);
$m2 = isset($_POST['m2']);
$m3 = isset($_POST['m3']);
$m4 = isset($_POST['m4']);
if (strlen($title) == 0)
$vars['ERRORS'] .= 'Please enter the project title.<br />';
//if (strlen($desc) == 0)
// $vars['ERRORS'] .= 'Please enter a description.<br />';
if (($selected < 0) or ($selected > 13))
$vars['ERRORS'] .= 'Invalid category.<br />';
if ($vars['ERRORS'] == '')
{
$sum = 0;
if ($m1) $sum += 1;
if ($m2) $sum += 2;
if ($m3) $sum += 4;
if ($m4) $sum += 8;
mysql_query('UPDATE `projects` SET `name` = \'' . db_escape($title) . '\', `category` = ' . $selected . ', `description` = \'' . db_escape($desc) . '\', `overview` = \'' . db_escape($overview) . '\', `hiring` = \'' . db_escape($hiring) . '\', `options` = ' . $sum . ' WHERE `id` = ' . $prj_id . ' LIMIT 1;');
update_project_members($prj_id);
$link = create_link($selected, $prj_id, $title);
$ret = '<div style="font-weight: bold; font-size: 20px; color: green"><br /><br />Your project has been successfuly updated!</div><br />';
$ret .= 'Click <a href="' . $link . '">here</a> to go to your project main page.';
return $ret;
}
}
else
{
$title = $project_row[0];
$selected = $project_row[1];
$options = $project_row[2];
$desc = $project_row[3];
$hiring = $project_row[6];
$overview = $project_row[8];
$m1 = (intval($project_row[2]) & 1);
$m2 = (intval($project_row[2]) & 2);
$m3 = (intval($project_row[2]) & 4);
$m4 = (intval($project_row[2]) & 8);
}
$vars['TITLE'] = escape_html($title);
$vars['ERRORS'] = '';
$vars['DESC'] = escape_html($desc);
$vars['OVERVIEW'] = escape_html($overview);
$vars['HIRING'] = ($hiring == '') ? '' : ' checked="checked"';
$vars['HIRING_TEXT'] = escape_html($hiring);
$nbsps = ' ';
$vars['CATEGORIES'] = '<option disabled="disabled">Applications</option>';
for($i = 0; $i < 5; $i++)
{
if ($i == $selected)
{
$vars['CATEGORIES'] .= '<option value="' . $i . '" selected="selected">' . $nbsps . $categories[$i] . '</option>';
}
else
{
$vars['CATEGORIES'] .= '<option value="' . $i . '">' . $nbsps . $categories[$i] . '</option>';
}
}
$vars['CATEGORIES'] .= '<option disabled="disabled">Games</option>';
for($i = 5; $i < 14; $i++)
{
if ($i == $selected)
{
$vars['CATEGORIES'] .= '<option value="' . $i . '" selected="selected">' . $nbsps . $categories[$i] . '</option>';
}
else
{
$vars['CATEGORIES'] .= '<option value="' . $i . '">' . $nbsps . $categories[$i] . '</option>';
}
}
$vars['M1'] = $m1 ? 'checked="checked"' : '';
$vars['M2'] = $m2 ? 'checked="checked"' : '';
$vars['M3'] = $m3 ? 'checked="checked"' : '';
$vars['M4'] = $m4 ? 'checked="checked"' : '';
return get_template('admin_info', $vars);
}
function get_admin_news($project_row, $prj_id, $news)
{
global $logged_user, $url;
if (isset($_POST['sent']))
{
$title = $_POST['title'];
$text = $_POST['text'];
}
$errors = '';
if ($news == 0)
{
$page = 'Post News';
if (isset($_POST['sent']))
{
if (strlen($_POST['title']) > 0)
{
if (strlen($_POST['title']) <= 255)
{
mysql_query('INSERT INTO `news` (`title`, `text`, `project`, `comments`, `author`, `date`) VALUES
(\'' . db_escape($title) . '\', \'' . db_escape($text) . '\', ' . $prj_id . ', \'\', ' . $logged_user . ', ' . time() . ');');
$id = mysql_insert_id();
update_last($prj_id);
header('Location: ' . $url . create_link($project_row[1], $prj_id, $project_row[0]) . 'news/' . $id . '-' . format_title_address($title) . '/');
tell_users(1, $prj_id, $project_row[0] . ': ' . $title, $project_row[0] . " posted news:\n$title\nRead more: " . $url . create_link($project_row[1], $prj_id, $project_row[0]) . 'news/' . $id . '-' . format_title_address($title));
}
else
{
$errors .= 'Title is too long (maximum of 255 characters).<br />';
}
}
else
{
$errors .= 'Please enter a title.<br />';
}
}
else
{
$title = '';
$text = '';
}
}
else
{
$page = 'Edit News';
$result = mysql_query('SELECT `title`, `text`, `project` FROM `news` WHERE `id` = ' . $news . ' LIMIT 1;');
$row = mysql_fetch_row($result);
if ($row[2] == $prj_id)
{
if (isset($_POST['sent']))
{
if (strlen($_POST['title']) > 0)
{
if (strlen($_POST['title']) <= 255)
{
mysql_query('UPDATE `news` SET `title` = \'' . db_escape($title) . '\', `text` = \'' . db_escape($text) . '\' WHERE `id` = ' . $news . ' LIMIT 1;');
header('Location: ' . $url . create_link($project_row[1], $prj_id, $project_row[0]) . 'news/' . $news . '-' . format_title_address($title) . '/');
}
else
{
$errors .= 'Title is too long (maximum of 255 characters).<br />';
}
}
else
{
$errors .= 'Please enter a title.<br />';
}
}
else
{
$title = $row[0];
$text = $row[1];
}
}
else
{
return '<div style="font-style: italic">You are not allowed to edit this entry.</div>';
}
}
$vars['TITLE'] = escape_html($title);
$vars['TEXT'] = escape_html($text);
$vars['ERRORS'] = $errors;
$vars['PAGE_TITLE'] = $page;
return get_template('admin_news', $vars);
}
function get_admin_logo($project_row, $prj_id)
{
$vars['ERRORS'] = '';
if (isset($_POST['sent']))
{
$image = '/';
switch ($_FILES['image']['type'])
{
case 'image/png':
$image = @imagecreatefrompng($_FILES['image']['tmp_name']);
break;
case 'image/jpeg':
$image = @imagecreatefromjpeg($_FILES['image']['tmp_name']);
break;
case 'image/gif':
$image = @imagecreatefromgif($_FILES['image']['tmp_name']);
break;
default:
$vars['ERRORS'] = 'File type is not supported.';
break;
}
if (!$image)
{
$vars['ERRORS'] = 'Invalid image.';
}
elseif ($image != '/')
{
if (!@imagepng($image, './projects_logos/' . $prj_id . '.png'))
$vars['ERRORS'] = 'Error while converting.';
}
}
$vars['WHAT'] = 'logos';
$vars['ID'] = $prj_id;
$vars['NOTE'] = '';
return get_template('admin_image', $vars);
}
function get_admin_icon($project_row, $prj_id)
{
$vars['ERRORS'] = '';
if (isset($_POST['sent']))
{
$image = '/';
switch ($_FILES['image']['type'])
{
case 'image/png':
$image = @imagecreatefrompng($_FILES['image']['tmp_name']);
break;
case 'image/jpeg':
$image = @imagecreatefromjpeg($_FILES['image']['tmp_name']);
break;
case 'image/gif':
$image = @imagecreatefromgif($_FILES['image']['tmp_name']);
break;
default:
$vars['ERRORS'] = 'File type is not supported.';
break;
}
if (!$image)
{
$vars['ERRORS'] = 'Invalid image.';
}
elseif ($image != '/')
{
if (!@imagepng($image, './projects_images/' . $prj_id . '.png'))
$vars['ERRORS'] = 'Error while converting.';
}
}
$vars['WHAT'] = 'images';
$vars['ID'] = $prj_id;
$vars['NOTE'] = 'For best results, please use a 88x88 pixels image.';
return get_template('admin_image', $vars);
}
function get_image_size($width, $height, $target)
{
if ($width > $height)
{
$percent = ($target / $width);
}
else
{
$percent = ($target / $height);
}
$ret[0] = round($percent * $width);
$ret[1] = round($percent * $height);
return $ret;
}
function get_admin_folder($project_row, $prj_id)
{
$vars['NOTE'] = '';
$vars['NEK'] = 'Create a new folder';
$vars['TITLE'] = '';
$vars['DESCRIPTION'] = '';
if (isset($_POST['folder']) && ($_POST['folder'] != ''))
{
mysql_query('INSERT INTO `media_folders` (`title`, `description`, `project`) VALUES
(\'' . db_escape($_POST['folder']) . '\', \'' . db_escape($_POST['description']) . '\', ' . $prj_id . ');');
$vars['NOTE'] = 'The folder had created successfuly.';
}
return get_template('admin_media_folder', $vars);
}
function get_admin_remove_folder($project_row, $prj_id, $folder)
{
if (mysql_num_rows(mysql_query('SELECT `id` FROM `media_folders` WHERE `id` = ' . $folder . ' AND `project` = ' . $prj_id . ' LIMIT 1;')) == 0)
return '<div style="color: red"><br />Error!</div>';
$result = mysql_query('SELECT `file` FROM `media_entries` WHERE `project` = ' . $prj_id . ' AND `folder` = ' . $folder . ';');
while ($row = mysql_fetch_assoc($result))
@unlink('./projects_media/' . $prj_id . '/' . $row['file']);
mysql_query('DELETE FROM `media_entries` WHERE `project` = ' . $prj_id . ' AND `folder` = ' . $folder . ';');
mysql_query('DELETE FROM `media_folders` WHERE `project` = ' . $prj_id . ' AND `id` = ' . $folder . ';');
return '<div style="color: green"><br />The folder had deleted successfuly.</div>';
}
function get_admin_remove_media($project_row, $prj_id, $id)
{
$result = mysql_query('SELECT `file` FROM `media_entries` WHERE `id` = ' . $id . ' AND `project` = ' . $prj_id . ' LIMIT 1;');
if (mysql_num_rows($result) == 0)
return '<div style="color: red"><br />Error!</div>';
$row = mysql_fetch_row($result);
@unlink('./projects_media/' . $prj_id . '/' . $row[0]);
mysql_query('DELETE FROM `media_entries` WHERE `project` = ' . $prj_id . ' AND `id` = ' . $id . ';');
return '<div style="color: green"><br />The entry had deleted successfuly.</div>';
}
function get_admin_media_upload($project_row, $prj_id)
{
global $url;
$vars['ERRORS'] = '';
$vars['NOTE'] = '';
if (isset($_POST['sent']))
{
var_dump($_FILES['image']['type']);
switch ($_FILES['image']['type'])
{
case 'image/png': case 'image/jpeg': case 'image/gif': case 'image/bmp':
$name = strtolower($_FILES['image']['name']);
$ext = end(explode('.', $name));
if (file_exists('./projects_media/' . $prj_id . '/' . $name))
$vars['ERRORS'] = 'A file with this name already exists.';
elseif ((($ext == 'png') or ($ext == 'jpg') or ($ext == 'gif') or ($ext == 'bmp')) and move_uploaded_file($_FILES['image']['tmp_name'], './projects_media/' . $prj_id . '/' . $_FILES['image']['name']))
{
mysql_query("INSERT INTO `media_entries` (`file`, `title`, `description`, `folder`, `project`, `type`, `date`, `comments`) VALUES
('" . db_escape($_FILES['image']['name']) . "',
'" . db_escape($_POST['title']) . "',
'" . db_escape($_POST['description']) . "',
'" . db_escape($_POST['folder']) . "',
'" . $prj_id . "',
'0',
'" . time() . "',
'');");
$vars['NOTE'] = 'The file is now on the server.<br /><br />';
tell_users(32, $prj_id, 'A new file had been uploaded to ' . $project_row[0], "View the file:\n" . $url . create_link($project_row[1], $prj_id, $project_row[0]) . 'media/' . mysql_insert_id() . '-' . format_title_address($_POST['title']));
}
else
$vars['ERRORS'] = 'Error.';
break;
default:
$vars['ERRORS'] = 'File type isn\'t not supported!';
break;
}
}
$result = mysql_query('SELECT `id`, `title` FROM `media_folders` WHERE `project` = ' . $prj_id . ';');
$vars['FOLDERS'] = '';
while ($row = mysql_fetch_assoc($result))
$vars['FOLDERS'] .= '<option value="' . $row['id'] . '">' . escape_html($row['title']) . '</option>';
return get_template('admin_media_upload', $vars);
}
function get_admin_edit_media($project_row, $prj_id, $id)
{
if (mysql_num_rows(mysql_query('SELECT `id` FROM `media_entries` WHERE `id` = ' . $id . ' AND `project` = ' . $prj_id . ' LIMIT 1;')) == 0)
return '<div style="color: red">Error.</div>';
$vars['ERRORS'] = '';
$vars['NOTE'] = '';
if (isset($_POST['title']) && ($_POST['title'] != ''))
{
mysql_query('UPDATE `media_entries` SET `title` = \'' . db_escape($_POST['title']) . '\', `description` = \'' . db_escape($_POST['description']) . '\', `folder` = \'' . intval($_POST['folder']) . '\' WHERE `id` = ' . $id . ';');
$vars['NOTE'] = 'The entry is now updated.';
}
$result = mysql_query('SELECT `title`, `description`, `folder` FROM `media_entries` WHERE `id` = ' . $id . ';');
$row = mysql_fetch_row($result);
$fol_result = mysql_query('SELECT `id`, `title` FROM `media_folders` WHERE `project` = ' . $prj_id . ';');
$vars['FOLDERS'] = '';
while ($fol_row = mysql_fetch_assoc($fol_result))
$vars['FOLDERS'] .= '<option value="' . $fol_row['id'] . '"' . (($fol_row['id'] == $row[2]) ? ' selected="selected"' : '') . '>' . escape_html($fol_row['title']) . '</option>';
$vars['TITLE'] = escape_html($row[0]);
$vars['DESCRIPTION'] = escape_html($row[1]);
if ($row[2] == 0)
$vars['SEL'] = ' selected="selected"';
else
$vars['SEL'] = '';
return get_template('admin_edit_media', $vars);
}
function get_admin_edit_folder($project_row, $prj_id, $id)
{
if (mysql_num_rows(mysql_query('SELECT `id` FROM `media_folders` WHERE `id` = ' . $id . ' AND `project` = ' . $prj_id . ' LIMIT 1;')) == 0)
return '<div style="color: red">Error.</div>';
$vars['NOTE'] = '';
$vars['NEK'] = 'Edit a folder';
if (isset($_POST['folder']) && ($_POST['folder'] != ''))
{
mysql_query('UPDATE `media_folders` SET `title` = \'' . db_escape($_POST['folder']) . '\', `description` = \'' . db_escape($_POST['description']) . '\' WHERE `id` = ' . $id . ';');
$vars['NOTE'] = 'The folder is now updated.';
}
$result = mysql_query('SELECT `title`, `description` FROM `media_folders` WHERE `id` = ' . $id . ';');
$row = mysql_fetch_row($result);
$vars['TITLE'] = escape_html($row[0]);
$vars['DESCRIPTION'] = escape_html($row[1]);
return get_template('admin_media_folder', $vars);
}
function get_admin_staff($project_row, $prj_id, $what)
{
if ($what == null)
{
$do = 0;
}
else
{
$ex = explode('-', $what);
$do = $ex[0];
$id = intval($ex[1]);
}
$pos_ex = explode(';', $project_row[4]);
$team_ex = explode(';', $project_row[5]);
$vars['ERRORS'] = '';
$vars['NOTE'] = '';
if (isset($_POST['remove']))
{
if ($_POST['remove'] == 'true')
{
$new = '';
$rem_id = null;
for ($i = 0; $i < sizeof($team_ex); $i++)
{
$ex = explode('-', $team_ex[$i]);
if ($i != $id)
{
if ($new != '')
$new .= ';';
$new .= $team_ex[$i];
}
else
{
$rem_id = $ex[0];
}
}
$team_ex = explode(';', $new);
mysql_query('UPDATE `projects` SET `staff` = \'' . $new . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
if ($rem_id != null)
update_member_of($rem_id);
update_project_members($prj_id);
$vars['NOTE'] = 'Updated successfuly.';
}
else
{
$new = '';
$rem_id = null;
for ($i = 0; $i < sizeof($team_ex); $i++)
{
$ex = explode('-', $team_ex[$i]);
if ($new != '')
$new .= ';';
if ($i != $id)
{
$new .= $team_ex[$i];
}
else
{
$rem_id = $ex[0];
$new .= $ex[0] . '-' . intval($_POST['position']);
}
}
$team_ex = explode(';', $new);
mysql_query('UPDATE `projects` SET `staff` = \'' . $new . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
if ($rem_id != null)
update_member_of($rem_id);
update_project_members($prj_id);
$vars['NOTE'] = 'Updated successfuly.';
}
}
elseif (isset($_POST['remove_pos']))
{
if ($_POST['remove_pos'] == 'true')
{
$new = '';
for ($i = 0; $i < sizeof($pos_ex); $i++)
{
if ($i != $id)
{
if ($new != '')
$new .= ';';
$new .= $pos_ex[$i];
}
}
$team_new = '';
for ($i = 0; $i < sizeof($team_ex); $i++)
{
$ex = explode('-', $team_ex[$i]);
if ($team_new != '')
$team_new .= ';';
if ($ex[0] < $id)
$team_new .= $team_ex[$i];
else
$team_new .= $ex[0] . '-' . (intval($ex[1]) - 1);
}
$pos_ex = explode(';', $new);
$team_ex = explode(';', $team_new);
mysql_query('UPDATE `projects` SET `staff` = \'' . $team_new . '\', `positions` = \'' . $new . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
update_project_members($prj_id);
$vars['NOTE'] = 'Updated successfuly.';
}
else
{
if (str_replace(';', '', $_POST['rename']) != '')
{
$new = '';
for ($i = 0; $i < sizeof($pos_ex); $i++)
{
if ($new != '')
$new .= ';';
if ($i != $id)
$new .= $pos_ex[$i];
else
$new .= str_replace(';', '', $_POST['rename']);
}
$pos_ex = explode(';', $new);
mysql_query('UPDATE `projects` SET `positions` = \'' . db_escape($new) . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
update_project_members($prj_id);
$vars['NOTE'] = 'Updated successfuly.';
}
}
}
elseif (isset($_POST['add_mem']))
{
$user = get_id_by_username($_POST['name']);
if ($user === false)
$vars['ERRORS'] = 'Username could not be found.';
else
{
$new = '';
if ($project_row[5] != '')
$new = $project_row[5] . ';';
$new .= $user . '-0';
mysql_query('UPDATE `projects` SET `staff` = \'' . $new . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
update_member_of($user);
update_project_members($prj_id);
$team_ex = explode(';', $new);
$vars['NOTE'] = 'Added successfuly.';
}
}
elseif (isset($_POST['add_pos']))
{
if (str_replace(';', '', $_POST['name']) != '')
{
$new = '';
if ($project_row[4] != '')
$new = $project_row[4] . ';';
$new .= str_replace(';', '', $_POST['name']);
mysql_query('UPDATE `projects` SET `positions` = \'' . $new . '\' WHERE `id` = ' . $prj_id . ' LIMIT 1');
update_project_members($prj_id);
$pos_ex = explode(';', $new);
$vars['NOTE'] = 'Added successfuly.';
}
}
$vars['STAFF'] = '';
$i = 0;
foreach ($team_ex as $member)
{
$mem_ex = explode('-', $member);
$id = $mem_ex[0];
$pos = $mem_ex[1];
$positions = '';
for ($x = 0; $x < sizeof($pos_ex); $x++)
{
if ($pos == $x)
$positions .= '<option value="' . $x . '" selected="selected">' . escape_html($pos_ex[$x]) . '</option>';
else
$positions .= '<option value="' . $x . '">' . escape_html($pos_ex[$x]) . '</option>';
}
$user = get_user($id);
if ($i == 0)
$vars['STAFF'] .= '<form method="post" action="' . create_link($project_row[1], $prj_id, $project_row[0]) . 'admin/staff/member-' . $i . '">
<img src="images/arrow.png" alt="arrow" style="text-align: center; border: none" /> ' . escape_html($user[1]) . '
</form>';
else
$vars['STAFF'] .= '<form method="post" action="' . create_link($project_row[1], $prj_id, $project_row[0]) . 'admin/staff/member-' . $i . '">
<img src="images/arrow.png" alt="arrow" style="text-align: center; border: none" /> ' . escape_html($user[1]) . ' <input type="submit" value="Remove" onclick="document.getElementById(\'staff' . $i . '\').value = \'true\';" /><input type="hidden" name="remove" id="staff' . $i . '" /> - <select name="position" onchange="submit()">' . $positions . '</select>
</form>';
$i++;
}
$vars['POSITIONS'] = '';
$i = 0;
foreach ($pos_ex as $pos)
{
if ($i == 0)
$vars['POSITIONS'] .= '<form method="post" action="' . create_link($project_row[1], $prj_id, $project_row[0]) . 'admin/staff/pos-' . $i . '">
<img src="images/arrow.png" alt="arrow" style="text-align: center; border: none" /> ' . escape_html($pos) . ' - <input type="text" name="rename" value="' . escape_html($pos) . '" /> <input type="submit" value="Rename" /> <input type="hidden" name="remove_pos" id="mem' . $i . '" />
</form>';
else
$vars['POSITIONS'] .= '<form method="post" action="' . create_link($project_row[1], $prj_id, $project_row[0]) . 'admin/staff/pos-' . $i . '">
<img src="images/arrow.png" alt="arrow" style="text-align: center; border: none" /> ' . escape_html($pos) . ' <input type="submit" value="Remove" onclick="document.getElementById(\'mem' . $i . '\').value = \'true\';" /> - <input type="text" name="rename" value="' . escape_html($pos) . '" /> <input type="submit" value="Rename" /> <input type="hidden" name="remove_pos" id="mem' . $i . '" />
</form>';
$i++;
}
return get_template('admin_staff', $vars);
}
function update_last($id)
{
mysql_query('UPDATE `projects` SET `last` = ' . time() . ' WHERE `id` = ' . $id . ';');
}
?>
