summaryrefslogtreecommitdiff
path: root/includes/pages/admin_faq.php
blob: 4a0a11704561d2472b0321260b42e52c0d7c76e3 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
function admin_faq_create_edit_table($languages, $prefills = array()) {
	$form_questions = array('Question');
	$form_answers = array('Answer');
	foreach ($languages as $language) {
		$form_questions[] = '<textarea name="question[' . $language . ']" style="height: 4em;">'
			. (!empty($prefills[$language])? $prefills[$language]['question'] : '')
			. '</textarea>';
		$form_answers[] = '<textarea name="answer[' . $language . ']" style="height: 4em;">'
			. (!empty($prefills[$language])? $prefills[$language]['answer'] : '')
			. '</textarea>';
	}

	return table(
		array_merge(array(''), $languages),
		array($form_questions, $form_answers),
		false);
}

function admin_faq() {
	$languages = sql_select("SELECT DISTINCT `Sprache` FROM `FAQ`");
	$languages = array_map('array_shift', $languages);
	if (!isset ($_REQUEST['action'])) {
		$faqs = array();
		foreach ($languages as $language) {
			$lang_html .= '<th>' . $language . "</th>\n";
			$langfaqs = sql_select("SELECT `QID`, `Frage`, `Antwort` FROM `FAQ` WHERE `Sprache` = '" . sql_escape($language) . "'");
			foreach ($langfaqs as $langfaq) {
				if (!isset($faqs[$langfaq['QID']]))
					$faqs[$langfaq['QID']] = array();
				$faqs[$langfaq['QID']][$language] = sprintf('<dl><dt>%s</dt><dd>%s</dd></dl>', $langfaq['Frage'], $langfaq['Antwort']);
				$faqs[$langfaq['QID']]['edit'] = sprintf('<a href="%s&action=edit&id=%s">Edit</a>', page_link_to('admin_faq'), $langfaq['QID']);
			}
		}
		$faqs_html = table(array_merge(array_combine($languages, $languages), array('edit' => '')), $faqs);
		return template_render('../templates/admin_faq.html', array (
			'link' => page_link_to("admin_faq"),
			'faqs' => $faqs_html,
			'new_form' => admin_faq_create_edit_table($languages)
		));
	} else {
		switch ($_REQUEST['action']) {
			case 'create' :
			case 'save' :
				if ($_REQUEST['action'] == 'create') {
					sql_query("START TRANSACTION");
					$qid = sql_select("SELECT MAX(`QID`)+1 AS QID FROM `FAQ`");
					$qid = $qid[0]['QID'];
				}
				else {
					if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
						$qid = $_REQUEST['id'];
					else
						return error("Incomplete call, missing FAQ ID.", true);

					$faq = sql_select("SELECT `QID` FROM `FAQ` WHERE `QID`=" . sql_escape($qid));
					if (count($faq) == 0)
						return error("No FAQ found.", true);
				}
				$values = array();
				foreach ($_POST['question'] as $lang => $question) {
					if (!in_array($lang, $languages))
						continue;
					if (empty($question))
						sql_query("DELETE IGNORE FROM `FAQ` WHERE `QID` = $qid AND `Sprache` = '" . sql_escape($lang) . "'");
					else {
						$question = strip_item($question);
						$answer = strip_item($_POST['answer'][$lang]);
						$values[] = "('" . sql_escape($lang) . "', '" . sql_escape($question) . "', '" . sql_escape($answer) . "', $qid)";
					}
				}
				if (!empty($values))
					sql_query("REPLACE INTO `FAQ` (`Sprache`, `Frage`, `Antwort`, `QID`) VALUES " . implode(', ', $values));
				sql_query("COMMIT");

				header("Location: " . page_link_to("admin_faq"));
				break;

			case 'edit' :
				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
					$id = $_REQUEST['id'];
				else
					return error("Incomplete call, missing FAQ ID.", true);

				$faq = sql_select("SELECT `Sprache`, `Frage`, `Antwort` FROM `FAQ` WHERE `QID`=" . sql_escape($id));
				if (count($faq) > 0) {
					$prefills = array();
					foreach ($faq as $row) {
						$prefills[$row['Sprache']] = array('question' => $row['Frage'], 'answer' => $row['Antwort']);
					}

					return template_render('../templates/admin_faq_edit_form.html', array (
						'link' => page_link_to("admin_faq"),
						'id' => $id,
						'form' => admin_faq_create_edit_table($languages, $prefills)
					));
				} else
					return error("No FAQ found.", true);
				break;

			case 'delete' :
				if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id']))
					$id = $_REQUEST['id'];
				else
					return error("Incomplete call, missing FAQ ID.", true);

				$deleted = sql_query("DELETE FROM `FAQ` WHERE `QID`=" . sql_escape($id));
				if ($deleted) {
					header("Location: " . page_link_to("admin_faq"));
				} else
					return error("No FAQ found.", true);
				break;
		}
	}
}
?>