\r
if(queryvars.find("formaction")!=queryvars.end())\r
{\r
- if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end())\r
+ if((*queryvars.find("formaction")).second=="addboard" && queryvars.find("boardname")!=queryvars.end() && queryvars.find("boarddescription")!=queryvars.end() && ValidateFormPassword(queryvars))\r
{\r
std::string boardname="";\r
std::string boarddescription="";\r
addst.Bind(3,"Added manually");\r
addst.Step();\r
}\r
- if((*queryvars.find("formaction")).second=="remove0messages")\r
+ if((*queryvars.find("formaction")).second=="remove0messages" && ValidateFormPassword(queryvars))\r
{\r
m_db->Execute("DELETE FROM tblBoard WHERE BoardID IN (SELECT BoardID FROM vwBoardStats WHERE MessageCount=0 AND BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard));");\r
}\r
- if((*queryvars.find("formaction")).second=="update")\r
+ if((*queryvars.find("formaction")).second=="update" && ValidateFormPassword(queryvars))\r
{\r
int boardid;\r
std::vector<std::string> boardids;\r
std::vector<std::string> descriptions;\r
std::vector<std::string> oldsavemessages;\r
std::vector<std::string> savemessages;\r
+ std::vector<std::string> oldforums;\r
+ std::vector<std::string> forums;\r
\r
CreateArgArray(queryvars,"boardid",boardids);\r
CreateArgArray(queryvars,"oldboarddescription",olddescriptions);\r
CreateArgArray(queryvars,"boarddescription",descriptions);\r
CreateArgArray(queryvars,"oldsavereceivedmessages",oldsavemessages);\r
CreateArgArray(queryvars,"savereceivedmessages",savemessages);\r
+ CreateArgArray(queryvars,"oldforum",oldforums);\r
+ CreateArgArray(queryvars,"forum",forums);\r
\r
olddescriptions.resize(boardids.size(),"");\r
descriptions.resize(boardids.size(),"");\r
oldsavemessages.resize(boardids.size(),"");\r
savemessages.resize(boardids.size(),"");\r
+ oldforums.resize(boardids.size(),"");\r
+ forums.resize(boardids.size(),"");\r
\r
- SQLite3DB::Statement updatest=m_db->Prepare("UPDATE tblBoard SET BoardDescription=?, SaveReceivedMessages=? WHERE BoardID=?;");\r
+ SQLite3DB::Statement updatest=m_db->Prepare("UPDATE tblBoard SET BoardDescription=?, SaveReceivedMessages=?, Forum=? WHERE BoardID=?;");\r
\r
for(int i=0; i<boardids.size(); i++)\r
{\r
- if(olddescriptions[i]!=descriptions[i] || oldsavemessages[i]!=savemessages[i])\r
+ if(olddescriptions[i]!=descriptions[i] || oldsavemessages[i]!=savemessages[i] || oldforums[i]!=forums[i])\r
{\r
updatest.Bind(0,descriptions[i]);\r
if(savemessages[i]!="true")\r
{\r
updatest.Bind(1,"true");\r
}\r
+ if(forums[i]!="true")\r
+ {\r
+ updatest.Bind(2,"false");\r
+ }\r
+ else\r
+ {\r
+ updatest.Bind(2,"true");\r
+ }\r
boardid=0;\r
StringFunctions::Convert(boardids[i],boardid);\r
- updatest.Bind(2,boardid);\r
+ updatest.Bind(3,boardid);\r
updatest.Step();\r
updatest.Reset();\r
}\r
st.Finalize();\r
\r
\r
- sql="SELECT BoardID,BoardName,BoardDescription,SaveReceivedMessages,AddedMethod FROM tblBoard WHERE BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard)";\r
+ sql="SELECT BoardID,BoardName,BoardDescription,SaveReceivedMessages,AddedMethod,Forum FROM tblBoard WHERE BoardID NOT IN (SELECT BoardID FROM tblAdministrationBoard)";\r
if(boardsearch!="")\r
{\r
sql+=" AND (BoardName LIKE '%' || ? || '%' OR BoardDescription LIKE '%' || ? || '%')";\r
}\r
st.Step();\r
\r
- content+="<table>";\r
+ content+="<table class=\"small90\">";\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\"><input type=\"submit\" value=\"Search\"></form>";\r
+ content+="<form name=\"frmboardsearch\" action=\"boards.htm\" method=\"POST\"><input type=\"text\" name=\"boardsearch\" value=\""+SanitizeOutput(boardsearch)+"\">"+CreateFormPassword()+"<input type=\"submit\" value=\"Search\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
content+="<td colspan=\"3\"><center>";\r
- content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
+ content+="<form name=\"frmremoveboard\" action=\"boards.htm\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"remove0messages\">Remove boards with 0 messages<input type=\"submit\" value=\"Remove\"></form>";\r
content+="</center></td>";\r
content+="</tr>";\r
\r
content+="<tr>";\r
- content+="<td><form name=\"frmaddboard\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
+ content+="<td><form name=\"frmaddboard\" method=\"POST\">"+CreateFormPassword()+"<input type=\"hidden\" name=\"formaction\" value=\"addboard\"><input type=\"text\" name=\"boardname\"></td><td><input type=\"text\" name=\"boarddescription\" size=\"40\" maxlength=\"50\"></td><td><input type=\"submit\" value=\"Add Board\"></form></td>";\r
content+="</tr>";\r
\r
- content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\"></td></tr>";\r
+ content+="<tr><td colspan=\"4\"><hr><form name=\"frmboards\" method=\"POST\"><input type=\"hidden\" name=\"formaction\" value=\"update\">"+CreateFormPassword()+"</td></tr>";\r
content+="<tr>";\r
- content+="<th>Name</th><th>Description</th><th>Save Received Messages *</th><th>Added Method</th>";\r
+ content+="<th>Name</th><th>Description</th><th>Save Received Messages *</th><th>Forum</th><th>Added Method</th>";\r
content+="</tr>"; \r
while(st.RowReturned() && rownum<rowsperpage)\r
{\r
std::string boarddescription="";\r
std::string savereceivedmessages="";\r
std::string addedmethod="";\r
+ std::string forum="";\r
\r
st.ResultText(0,boardidstr);\r
st.ResultText(1,boardname);\r
st.ResultText(2,boarddescription);\r
st.ResultText(3,savereceivedmessages);\r
st.ResultText(4,addedmethod);\r
+ st.ResultText(5,forum);\r
\r
StringFunctions::Convert(rownum,rownumstr);\r
\r
}\r
content+=">";\r
content+="</td>";\r
- content+="<td class=\"smaller\">"+SanitizeOutput(addedmethod)+"</td>";\r
+ content+="<td>";\r
+ content+="<input type=\"hidden\" name=\"oldforum["+rownumstr+"]\" value=\""+forum+"\">";\r
+ content+="<input type=\"checkbox\" name=\"forum["+rownumstr+"]\" value=\"true\"";\r
+ if(forum=="true")\r
+ {\r
+ content+=" CHECKED";\r
+ }\r
+ content+=">";\r
+ content+="</td>";\r
+ content+="<td>"+SanitizeOutput(addedmethod)+"</td>";\r
content+="</tr>\r\n";\r
st.Step();\r
rownum++;\r
if(startrow>0)\r
{\r
StringFunctions::Convert(startrow-rowsperpage,tempstr);\r
- content+="<td colspan=\"
1\" align=\"left\"><a href=\"boards.htm?"+BuildQueryString(startrow-rowsperpage,boardsearch)+"\"><-- Previous Page</a></td>";
\r- cols+=1;\r
+ content+="<td colspan=\"
2\" style=\"text-align:left;\"><a href=\"boards.htm?"+BuildQueryString(startrow-rowsperpage,boardsearch)+"\"><-- Previous Page</a></td>";
\r+ cols+=2;\r
}\r
if(startrow+rowsperpage<boardcount)\r
{\r
- while(cols<3)\r
+ while(cols<4)\r
{\r
content+="<td></td>";\r
cols++;\r
}\r
- content+="<td colspan=\"1\"
align=\"right\"><a href=\"boards.htm?"+BuildQueryString(startrow+rowsperpage,boardsearch)+"\">Next Page --></a></td>";
\r+ content+="<td colspan=\"1\"
style=\"text-align:left;\"><a href=\"boards.htm?"+BuildQueryString(startrow+rowsperpage,boardsearch)+"\">Next Page --></a></td>";
\r }\r
content+="</tr>";\r
}\r
projects / fms.git / blobdiff