My Little Scripts - blog-editor.php - PHP ASP Scripts, JavaScript, HTML

<?
$hostname = "localhost";
$database = "";
$username = "";
$password = "";

include("blog-functions.php");

mysql_connect($hostname, $username, $password);
mysql_select_db($database);

$userLogged = @userLogged();
?>

<html>
<head>
<title>FullPages.org edit</title>

<script>
function setCookie(name, value)
         {
         //If name is the empty string, it places a ; at the beginning
         //of document.cookie, causing clearCookies() to malfunction.
         if(name != '')
            document.cookie = name + '=' + value;
         }

function clearCookie(name)
         {
         expires = new Date();
         expires.setYear(expires.getYear() - 1);

         document.cookie = name + '=null' + '; expires=' + expires;
         }
</script>

<style>
.prompt
{
color:000000;
font-weight:bold;
}

.error
{
color:884444;
}

.background
{
background-color:ddddff;
border-style:solid;
border-color:000000;
border-width:1px;
}
</style>
</head>

<body>

<table width="100%" height="100%" cellpadding="0" cellspacing="0" class="background">
<tr><td align="center" valign="middle">
<table>
<? if($userLogged) { ?>
     <form method="post" enctype="multipart/form-data" name="edit">
     <?
     if(param("save") == "true")
        save(param("UserName"));

     if(param("build") == "true")
        build(param("UserName"));

     $user = mysql_query("select pages from users where user_name = '" . param("UserName") . "'");
     $user = mysql_fetch_assoc($user);

     $page_ids = getPageIDS(param("UserName"));

     $select = "select id, layout, title, keywords, width, number from " .
               param("UserName") . "_pages where id = " . $page_ids[0];

     $page = mysql_query($select);
     $page = mysql_fetch_assoc($page);

     $select = "select max(number) as number from " . param("UserName") . "_pages";

     $last_page = mysql_query($select);
     $last_page = mysql_fetch_assoc($last_page);
     ?>
     <input type="hidden" name="page_id" value="<?= $page_ids[0] ?>" />
     <tr><td>
         <table width="<?= $page["width"] ?>">
         <tr>
         <td>
         <? if($page_ids[2] != null) { ?><a href="blog-editor.php?page_id=<?= $page_ids[2] ?>">previous</a><? } ?>
         </td>

         <td>Page <?= $page["number"] ?></td>
         <td>Layout</td>
         <td>Title</td>
         <td>Key Words</td>
         <td>Width</td>

         <td align="right">
         <? if($last_page["number"] < $user["pages"]) { ?><a href="edit.php?page_number=<?= $last_page["number"] + 1 ?>">new page</a><? } ?>
         <? if($page_ids[1] != null) { ?><a href="blog-editor.php?page_id=<?= $page_ids[1] ?>">next</a><? } ?>
         </td>
         </tr>

         <tr>
         <td></td>

         <td></td>
         <td>
         <select name="page_layout">
         <? for($index = 0; $index < 4; $index++) { ?>
         <option value="<?= $index ?>" <? if($page["layout"] == $index) { ?>selected<? } ?>><?= $index ?></option>
         <? } ?>
         </select>
         </td>
         <td><input type="text" name="page_title" value="<?= $page["title"] ?>" /></td>
         <td><input type="text" name="page_keywords" value="<?= $page["keywords"] ?>" /></td>
         <td><input type="text" size="5" name="page_width" value="<?= $page["width"] ?>" /></td>

         <td></td>
         </tr>
         </table>
     </td></tr>

     <tr><td>
         <table bgcolor="ffffff" width="<?= $page["width"] ?>" border="1">
         <? switch($page["layout"]) {
            case 0: ?>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 0) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 1) ?></td>
         <td width="120" rowspan="2"><?= big_vertical_ad() ?></td>
         </tr>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 2) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 3) ?></td>
         </tr>
         <? break; ?>
         <? case 1: ?>
         <tr>
         <td width="120" rowspan="2"><?= big_vertical_ad() ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 0) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 1) ?></td>
         </tr>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 2) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 3) ?></td>
         </tr>
         <? break; ?>
         <? case 2: ?>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 0) ?></td>
         <td width="120" rowspan="2"><?= big_vertical_ad() ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 1) ?></td>
         </tr>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 2) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 3) ?></td>
         </tr>
         <? break; ?>
         <? case 3: ?>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 0) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 1) ?></td>
         </tr>
         <tr>
         <td align="center" colspan="2"><?= big_horizontal_ad() ?></td>
         </tr>
         <tr>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 2) ?></td>
         <td align="center"><?= EditParagraph(param("UserName"), $page["id"], 3) ?></td>
         </tr>
         <? break; ?>
         <? } ?>
         </table>
     </td></tr>

     <tr><td>
         <table width="<?= $page["width"] ?>">
         <tr>
         <td>
         <input type="hidden" name="save" value="true" />
         <input type="hidden" name="build" value="" />

         <input type="button" value="log out"
                onclick="clearCookie('UserName');
                         clearCookie('PassWord');
                         document.EmptyForm.submit();">

         <input type="submit" value="save" />

         <input type="button" value="build website"
                onclick="document.edit.build.value = 'true';
                         document.edit.submit();">

         <a href="<?= param("UserName") ?>" target="view">view site</a>
         </td>
         </tr>
         </table>
     </td></tr>
     </form>
<? } else { ?>
     <form name="login">
     <tr>
     <td class="prompt">User Name</td>
     <td><input type="text" name="UserName" /></td>
     </tr>

     <tr>
     <td class="prompt">Password</td>
     <td><input type="password" name="PassWord" /></td>
     </tr>

     <tr>
     <td colspan="2" align="right">
     <input type="button" value="log in"
            onclick="setCookie('UserName', document.login.UserName.value);
                     setCookie('PassWord', document.login.PassWord.value);
                     document.EmptyForm.submit();">
     </td>
     </tr>
     </form>
<? } ?>

<form name="EmptyForm" method="post">
</form>
</table></td></tr>
</table>

</body>
</html>

<?
function isLogged($LogInPage)
         {
         //Without this, PHP will create a local
         //variable called $HTTP_COOKIE_VARS.
         global $HTTP_COOKIE_VARS;

         $Host = "localhost";

         $Entered_UserName = "";
         $Entered_PassWord = "";

         if(isset($HTTP_COOKIE_VARS["UserName"]) &&
            isset($HTTP_COOKIE_VARS["PassWord"]))
           {
           $Entered_UserName = $HTTP_COOKIE_VARS["UserName"];
           $Entered_PassWord = $HTTP_COOKIE_VARS["PassWord"];
           }

         //I'm assuming that empty string user names and passwords are a no no.
         if(@mysql_connect($Host, $Entered_UserName, $Entered_PassWord) === false ||
           ($Entered_UserName == "" || $Entered_PassWord == ""))
           {
           //$LogInPage should be the name of an existing file
           //with alternative web content. If you don't wish to
           //provide such content, just pass the empty string.
           if($LogInPage != "") include($LogInPage);
           return(false);
           }
         else
           return(true);
         }

function userLogged($LogInPage)
         {
         //Without this, PHP will create a local
         //variable called $HTTP_COOKIE_VARS.
         global $HTTP_COOKIE_VARS;

         $Entered_UserName = "";
         $Entered_PassWord = "";

         if(isset($HTTP_COOKIE_VARS["UserName"]) &&
            isset($HTTP_COOKIE_VARS["PassWord"]))
           {
           $Entered_UserName = $HTTP_COOKIE_VARS["UserName"];
           $Entered_PassWord = $HTTP_COOKIE_VARS["PassWord"];
           }

         $user_name_password = mysql_query("select id from users where " .
                                           "user_name = '" . $Entered_UserName . "' and " .
                                           "password = '" . md5($Entered_PassWord) . "'");

         $user_name_password = mysql_fetch_assoc($user_name_password);

         if($user_name_password === false)
           {
           //$LogInPage should be the name of an existing file
           //with alternative web content. If you don't wish to
           //provide such content, just pass the empty string.
           if($LogInPage != "") include($LogInPage);
           return(false);
           }
         else
           return(true);
         }


function Table_Exists($table_name)
         {
         $Table = mysql_query("show tables like '" . $table_name . "'");

         if(mysql_fetch_row($Table) === false)
            return(false);

         return(true);
         }

function User_Name_Exists($User_Name)
         {
         $User = mysql_query("select id from users where user_name = '" . $User_Name . "'");

         if(@mysql_fetch_row($User) === false)
            return(false);

         return(true);
         }

function Validate_String($string, $return_invalid_chars)
         {
         $valid_chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_.0123456789";
         $invalid_chars = "";

         if($string == null || $string == "")
            return(true);

         //For every character on the string.
         for($index = 0; $index < strlen($string); $index++)
            {
            $char = substr($string, $index, 1);

            //Is it a valid character?
            if(strpos($valid_chars, $char) === false)
              {
              //If not, is it already on te list of invalid characters?
              if(strpos($invalid_chars, $char) === false)
                {
                //If it's not, add it.
                if($invalid_chars == "")
                   $invalid_chars .= $char;
                else
                   $invalid_chars .= ", " . $char;
                }
              }
            }

         //If the string does not contain invalid characters, the function will return true.
         //If it does, it will either return false or a list of the invalid characters used
         //in the string, depending on the value of the second parameter.
         if($return_invalid_chars == true && $invalid_chars != "")
           {
           $last_comma = strrpos($invalid_chars, ",");

           if($last_comma != false)
              $invalid_chars = substr($invalid_chars, 0, $last_comma) .
              " and " . substr($invalid_chars, $last_comma + 1, strlen($invalid_chars));

           return($invalid_chars);
           }
         else
           return($invalid_chars == "");
         }

function Verify_Email_Address($email_address)
         {
         //Assumes that valid email addresses consist of user_name@domain.tld
         $at = strpos($email_address, "@");
         $dot = strrpos($email_address, ".");

         if($at === false ||
            $dot === false ||
            $dot <= $at + 1 ||
            $dot == 0 ||
            $dot == strlen($email_address) - 1)
            return(false);

         $user_name = substr($email_address, 0, $at);
         $domain_name = substr($email_address, $at + 1, $dot - strlen($user_name) - 1);
         $top_level_domain = substr($email_address, $dot + 1,
                                    strlen($email_address) - strlen($user_name . $domain_name) - 2);

         if(@Validate_String($user_name) === false ||
            @Validate_String($domain_name) === false ||
            @Validate_String($top_level_domain) === false)
            return(false);

         return(true);
         }

function Check_Password($password)
         {
         //Makes it easy to implement grammar rules.
         $password_flaws = array();

         $strlen = strlen($password);

         if($strlen <= 5)
            $password_flaws[sizeof($password_flaws)] = "too short";

         $count_chars = count_chars($password, 3);

         if(strlen($count_chars) < $strlen / 2)
            $password_flaws[sizeof($password_flaws)] = "too simple";

         //The function returns an empty string if the password is "good".
         $return_string = "";
         $sizeof = sizeof($password_flaws);

         for($index = 0; $index < $sizeof; $index++)
            {
            if($index == 0)
               $return_string .= "The password you chose is ";

            if($index == $sizeof - 1 && $sizeof != 1)
               $return_string .= " and ";

            //this is in case i have more than 3 sources of error.
            if($index != 0 && $index != $sizeof - 1)
               $return_string .= ", ";

            $return_string .= $password_flaws[$index];
            }

         return($return_string);
         }

function param($Name)
         {
         global $HTTP_GET_VARS;
		 global $HTTP_POST_VARS;
		 global $HTTP_COOKIE_VARS;

         if(isset($HTTP_GET_VARS[$Name]))
            return($HTTP_GET_VARS[$Name]);

		 if(isset($HTTP_POST_VARS[$Name]))
            return($HTTP_POST_VARS[$Name]);

		 if(isset($HTTP_COOKIE_VARS[$Name]))
		    return($HTTP_COOKIE_VARS[$Name]);

		 return("");
         }

//Uploads and stores a file in a database.
function db_upload_file($input_name, $site, $caption, $layout_id)
         {
         //$input_name is the name of the input tag used to upload the file.
         global $HTTP_POST_FILES;
         $image_id = "";

         if(isset($HTTP_POST_FILES) && is_uploaded_file($HTTP_POST_FILES[$input_name]["tmp_name"]))
           {
           $file_handle = fopen($HTTP_POST_FILES[$input_name]["tmp_name"], "rb");
           $file_name = $HTTP_POST_FILES[$input_name]["name"];
           $file_bytes = addslashes(fread($file_handle, filesize($HTTP_POST_FILES[$input_name]["tmp_name"])));
           unlink($HTTP_POST_FILES[$input_name]["tmp_name"]);

           //Keeps the file names unique.
           $select = "select id from " . $site . "_images " .
                     " where file_name = '" . $file_name . "'";
           $record_of_stored_files = mysql_query($select);


           if(mysql_num_rows($record_of_stored_files) == 0)
             {
             $insert = "insert into " . $site . "_images " .
                       "(bytes, file_name, caption) values " .
                       "('" . $file_bytes . "', '" . $file_name . "', '" . $caption . "')";

             mysql_query($insert);
             $image_id = mysql_insert_id();
             }
           else
             {
             $record_of_stored_files = mysql_fetch_assoc($record_of_stored_files);
             $image_id = $record_of_stored_files["id"];

             $update = "update " . $site . "_images " .
                       "set file_bytes = '" . $file_bytes . "', " .
                       "set caption = '" . $caption . "' " .
                       "where file_name = '" . $file_name . "'";

             mysql_query($update);
             }
           }
         else
           {
           $select = "select image_id from " . $site . "_layout where id = " . $layout_id;

           $layout = mysql_query($select);
           $layout = mysql_fetch_assoc($layout);

           $image_id = $layout["image_id"];

           if($image_id != "")
             {
             $update = "update " . $site . "_images " .
                       "set caption = '" . $caption . "' " .
                       "where id = " . $image_id;

             mysql_query($update);
             }
           }

         return($image_id);
         }

//Makes a stored file available for download.
function db_download_file($image_id, $site)
         {
         $select = "select file_name, bytes, caption from " . $site . "_images " .
                   "where id = " . $image_id;

         $file_record = mysql_query($select);

         if(is_dir("./" . $site . "/images") == false)
           {
           mkdir("./" . $site . "/images", 0775);
           }

         if($file_record = mysql_fetch_assoc($file_record))
           {
           $file_handle = fopen($site . "/images/" . $file_record["file_name"], "wb");
           $file_bytes = $file_record["bytes"];
           fwrite($file_handle, $file_bytes, strlen($file_bytes));
           chmod($site . "/images/" . $file_record["file_name"], 0775);
           }

         return($file_record);
         }

function big_vertical_ad()
        {
        $html = "<table width=\"120\" height=\"600\"><tr><td align=\"center\"><font size=\"10\">" .
                "A<br />d<br /><br /> S<br />p<br />a<br />c<br />e</font></td></tr></table>";

        return($html);
        }

function big_horizontal_ad()
        {
        $html = "<table width=\"468\" height=\"60\"><tr><td align=\"center\"><font size=\"10\">" .
                "Ad Space</font></td></tr></table>";

        return($html);
        }

function save($site)
         {
         $page_id = param("page_id");
         $page_title = param("page_title");
         $page_keywords = param("page_keywords");
         $page_width = param("page_width");
         $page_layout = param("page_layout");

         $update = "update " . $site . "_pages set " .
                   "title = '" . $page_title . "', " .
                   "keywords = '" . $page_keywords . "', " .
                   "width = " . $page_width . ", " .
                   "layout = " . $page_layout .
                   " where id = " . $page_id;

         mysql_query($update);

         for($index = 0; param("layout_location_" . $index) != ""; $index++)
            {
            $layout_id = param("layout_id_" . $index);
            $paragraph_id = param("paragraph_id_" . $index);
            $paragraph_title = param("paragraph_title_" . $index);
            $paragraph_body = param("paragraph_body_" . $index);
            $image_caption = param("image_caption_" . $index);
            $delete_image = param("delete_image_" . $index);

            $image_id = db_upload_file("image_" . $index, $site, $image_caption, $layout_id);

            if($paragraph_id != "")
              {
              $update = "update " . $site . "_paragraphs set " .
                        "title = '" . $paragraph_title . "', " .
                        "body = '" . $paragraph_body . "' " .
                        "where id = " . $paragraph_id;
              mysql_query($update);
              }
            else
              {
              $insert = "insert into " . $site . "_paragraphs (title, body) values " .
                        "('" . $paragraph_title . "', '" . $paragraph_body . "')";
              mysql_query($insert);
              $paragraph_id = mysql_insert_id();
              }

            if($image_id == null)
               $image_id = "null";

            if($layout_id != "")
              {
              $update = "update " . $site . "_layout set " .
                        "page_id = " . $page_id . ", " .
                        "paragraph_id = " . $paragraph_id . ", " .
                        "image_id = " . $image_id . ", " .
                        "location = " . $index .
                        " where id = " . $layout_id;
              mysql_query($update);
              }
            else
              {
              $insert = "insert into " . $site . "_layout (page_id, paragraph_id, image_id, location) values " .
                        "(" . $page_id . ", " . $paragraph_id . ", " . $image_id . ", " . $index . ")";
              mysql_query($insert);
              }
            }
         }

function build($site)
         {
         $select = "select " . $site . "_pages.id, layout, title, keywords, width, number from " . $site . "_pages order by number";
         $pages = mysql_query($select);

         while($page = mysql_fetch_assoc($pages))
           {
           $page_id = $page["id"];
           $page_layout = $page["layout"];
           $page_title = $page["title"];
           $page_keywords = $page["keywords"];
           $page_width = $page["width"];
           $page_number = $page["number"];

           $file_name = "./" . $site . "/index.php";
           if($page_number != 1)
              $file_name = "./" . $site . "/index_" . $page_number . ".php";

           $file_handle = fopen($file_name, "w");

           $html = "<html>\n" .
                   "<head>\n" .
                   "<title>" . $page_title . "</title>\n" .
                   "<meta name=\"Keywords\" content=\"" . $page_keywords . "\">\n" .
                   "<style>\n" .
                   ".background\n" .
                   "{\n" .
                   "background-color:ddddff;\n" .
                   "border-style:solid;\n" .
                   "border-color:000000;\n" .
                   "border-width:1px;\n" .
                   "}\n" .
                   "</style>\n" .
                   "</head>\n\n" .
                   "<body>\n" .
                   "<table width=\"100%\" height=\"100%\" cellpadding=\"0\" cellspacing=\"0\" class=\"background\">\n" .
                   "<tr><td align=\"center\" valign=\"middle\">\n" .
                   "<table><tr><td>" .
                   "<table bgcolor=\"ffffff\" width=\"" . $page_width . "\" border=\"1\">\n";

           fwrite($file_handle, $html);

           $select = "select id, number from " . $site . "_pages where number > " . $page_number .
                     " order by number limit 1";
           $next_page = mysql_query($select);
           //If the current page is the last, the next page is page 1.
           if(!($next_page = mysql_fetch_assoc($next_page)))
             {
             $select = "select id, number  from " . $site . "_pages order by number limit 1";
             $next_page = mysql_query($select);
             $next_page = mysql_fetch_assoc($next_page);
             }


           $select = "select id, number from " . $site . "_pages where number < " . $page_number .
                     " order by number desc limit 1";
           $previous_page = mysql_query($select);
           //If the current page is the first, the previous page is the last page.
           if(!($previous_page = mysql_fetch_assoc($previous_page)))
             {
             $select = "select id, number  from " . $site . "_pages order by number desc limit 1";
             $previous_page = mysql_query($select);
             $previous_page = mysql_fetch_assoc($previous_page);
             }

           $html = "<tr>\n" .
                   "<td width=\"33%\">\n";

           if($previous_page["id"] != $page_id)
              if($previous_page["number"] == 1)
                 $html .= "<a href=\"index.php\">previous</a>";
              else
                 $html .= "<a href=\"index_" . $previous_page["number"] . ".php\">previous</a>";

           $html .= "</td>\n<td width=\"33%\" align=\"center\">" . $page_number . "</td>\n<td align=\"right\">";

           if($next_page["id"] != $page_id)
              if($next_page["number"] == 1)
                 $html .= "<a href=\"index.php\">next</a>";
              else
                 $html .= "<a href=\"index_" . $next_page["number"] . ".php\">next</a>";

           $html .= "</td></tr></table>\n" .
                    "<table bgcolor=\"ffffff\" width=\"" . $page_width . "\" border=\"1\">\n";

           fwrite($file_handle, $html);

           switch($page_layout) {
                  case 0:
                  $paragraph_with = floor(($page_width - 120) / 2);
                  $html = "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page_id, 0) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page_id, 1) . "</td>\n" .
                          "<td width=\"120\" rowspan=\"2\">" . big_vertical_ad() . "</td>\n" .
                          "</tr>\n" .
                          "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page["id"], 2) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page["id"], 3) . "</td>\n" .
                          "</tr>\n";
                  break;
                  case 1:
                  $paragraph_with = floor(($page_width - 120) / 2);
                  $html = "<tr>\n" .
                          "<td width=\"120\" rowspan=\"2\">" . big_vertical_ad() . "</td>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page_id, 0) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page_id, 1) . "</td>\n" .
                          "</tr>\n" .
                          "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page["id"], 2) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page["id"], 3) . "</td>\n" .
                          "</tr>\n";
                  break;
                  case 2:
                  $paragraph_with = floor(($page_width - 120) / 2);
                  $html = "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page_id, 0) . "</td>\n" .
                          "<td width=\"120\" rowspan=\"2\">" . big_vertical_ad() . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page_id, 1) . "</td>\n" .
                          "</tr>\n" .
                          "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page["id"], 2) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page["id"], 3) . "</td>\n" .
                          "</tr>\n";
                  break;
                  case 3:
                  $paragraph_with = floor($page_width / 2);
                  $html = "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page_id, 0) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page_id, 1) . "</td>\n" .
                          "</tr>\n" .
                          "<tr>\n" .
                          "<td align=\"center\" colspan=\"2\">" . big_horizontal_ad() . "</td>\n" .
                          "</tr>\n" .
                          "<tr>\n" .
                          "<td align=\"center\" width=\"" . $paragraph_with . "\">" . Paragraph($site, $page["id"], 2) . "</td>\n" .
                          "<td align=\"center\">" . Paragraph($site, $page["id"], 3) . "</td>\n" .
                          "</tr>\n";
                  break;
                  }

           fwrite($file_handle, $html);

           $html = "</table></td></tr>" .
                   "</table></td></tr>" .
                   "</table>\n" .
                   "</body>\n" .
                   "</html>";

           fwrite($file_handle, $html);

           fclose($file_handle);
           }
         }

function getPageIDS($site)
         {
         $page_id = param("page_id");
         $page_number = param("page_number");
         $page_ids = array();

         //If no page is specified, go to page one.
         if($page_id != "" || $page_number != "")
            $select = "select id, number from " . $site . "_pages where id = " . $page_id;
         else
            {
            $select = "select id, number from " . $site . "_pages order by number limit 1";
            $page_number = 1;
            }

         $page = mysql_query($select);

         //If the site has no pages, this function will return an empty array.
         if($page = mysql_fetch_assoc($page))
           {
           $page_ids[0] = $page["id"];

           $select = "select id from " . $site . "_pages where number > " . $page["number"] .
                     " order by number limit 1";
           $next_page = mysql_query($select);
           //If the current page is the last, the next page is page 1.
           if(!($next_page = mysql_fetch_assoc($next_page)))
             {
             $select = "select id  from " . $site . "_pages order by number limit 1";
             $next_page = mysql_query($select);
             $next_page = mysql_fetch_assoc($next_page);
             }

           $select = "select id from " . $site . "_pages where number < " . $page["number"] .
                     " order by number desc limit 1";
           $previous_page = mysql_query($select);
           //If the current page is the first, the previous page is the last page.
           if(!($previous_page = mysql_fetch_assoc($previous_page)))
             {
             $select = "select id  from " . $site . "_pages order by number desc limit 1";
             $previous_page = mysql_query($select);
             $previous_page = mysql_fetch_assoc($previous_page);
             }

           //If there's only one page, there is no previous or next.
           if($next_page["id"] != $page_ids[0] && $previous_page["id"] !=  $page_ids[0])
             {
             $page_ids[1] = $next_page["id"];
             $page_ids[2] = $previous_page["id"];
             }
           }
         else
           {
           $insert = "insert into " . $site . "_pages (layout, width, number) " .
                     "values (0, 800, " . $page_number . ")";

           mysql_query($insert);

           $page_ids[0] = mysql_insert_id();

           $select = "select id from " . $site . "_pages where number > " . $page_number .
                     " order by number limit 1";
           $next_page = mysql_query($select);
           //If the current page is the last, the next page is page 1.
           if(!($next_page = mysql_fetch_assoc($next_page)))
             {
             $select = "select id  from " . $site . "_pages order by number limit 1";
             $next_page = mysql_query($select);
             $next_page = mysql_fetch_assoc($next_page);
             }

           $select = "select id from " . $site . "_pages where number < " . $page_number .
                     " order by number desc limit 1";
           $previous_page = mysql_query($select);
           //If the current page is the first, the previous page is the last page.
           if(!($previous_page = mysql_fetch_assoc($previous_page)))
             {
             $select = "select id  from " . $site . "_pages order by number desc limit 1";
             $previous_page = mysql_query($select);
             $previous_page = mysql_fetch_assoc($previous_page);
             }

           //If there's only one page, there is no previous or next.
           if($next_page["id"] != $page_ids[0] && $previous_page["id"] !=  $page_ids[0])
             {
             $page_ids[1] = $next_page["id"];
             $page_ids[2] = $previous_page["id"];
             }
           }

         return($page_ids);
         }

function Paragraph($site, $page_id, $layout_location)
         {
         $layout_id = "";
         $paragraph_title = "";
         $paragraph_body = "";
         $paragraph_id = "";
         $image_file_name = "";
         $image_caption = "";

         $select = "select id, paragraph_id, image_id from " . $site . "_layout where page_id = " .
                   $page_id . " and location = " . $layout_location;
         $layout = mysql_query($select);
         $layout = mysql_fetch_assoc($layout);

         if($layout !== false)
           {
           $layout_id = $layout["id"];
           $select = "select id, title, body from " . $site . "_paragraphs where id = " . $layout["paragraph_id"];

           $paragraph = mysql_query($select);
           $paragraph = mysql_fetch_assoc($paragraph);

           if($paragraph !== false)
             {
             $paragraph_id = $paragraph["id"];
             $paragraph_title = $paragraph["title"];
             $paragraph_body = $paragraph["body"];
             }

           $image = db_download_file($layout["image_id"], $site);

           $img = "";

           if($image != false)
             {
             $image_file_name = $image["file_name"];
             $image_caption = $image["caption"];

             $img = "<img src=\"images/" . $image_file_name . "\" alt=\"" . $image_caption . "\" align=\"texttop\" />\n";
             }
           }

         $html = $img .
                 "<p align=\"justify\">\n" .
                 "<b>" . $paragraph_title . "</b><br />\n" .
                 nl2br($paragraph_body) . "</p>";

         return($html);
         }

function EditParagraph($site, $page_id, $layout_location)
         {
         $layout_id = "";
         $paragraph_title = "";
         $paragraph_body = "";
         $paragraph_id = "";
         $image_file_name = "";
         $image_caption = "";

         $select = "select id, paragraph_id, image_id from " . $site . "_layout where page_id = " .
                   $page_id . " and location = " . $layout_location;
         $layout = mysql_query($select);
         $layout = mysql_fetch_assoc($layout);

         if($layout !== false)
           {
           $layout_id = $layout["id"];
           $select = "select id, title, body from " . $site . "_paragraphs where id = " . $layout["paragraph_id"];

           $paragraph = mysql_query($select);
           $paragraph = mysql_fetch_assoc($paragraph);

           if($paragraph !== false)
             {
             $paragraph_id = $paragraph["id"];
             $paragraph_title = $paragraph["title"];
             $paragraph_body = $paragraph["body"];
             }

           $image = db_download_file($layout["image_id"], $site);

           $img = "";

           if($image != false)
             {
             $image_file_name = $image["file_name"];
             $image_caption = $image["caption"];

             $img = "<img src=\"" . $site . "/images/" . $image_file_name . "\" />\n" .
                    "<input type=\"checkbox\" name=\"delete_image_" . $layout_location . "\">delete image<br />";
             }
           }

         $html = "<table><tr><td>\n" . $img .
                 "<input type=\"file\" name=\"image_" . $layout_location . "\" /><br />" .
                 "<input type=\"text\" name=\"image_caption_" . $layout_location . "\" value=\"" . $image_caption . "\" /> image caption<br />" .
                 "<input type=\"text\" name=\"paragraph_title_" . $layout_location . "\" value=\"" . $paragraph_title . "\" />\n" .
                 "paragraph title<br />" .
                 "<textarea cols=\"30\" rows=\"5\" name=\"paragraph_body_" . $layout_location . "\" wrap=\"off\">" .
                 $paragraph_body . "</textarea>\n" .
                 "<input type=\"hidden\" name=\"paragraph_id_" . $layout_location . "\" value=\"" . $paragraph_id . "\" />\n" .
                 "<input type=\"hidden\" name=\"layout_id_" . $layout_location . "\" value=\"" . $layout_id . "\" />\n" .
                 "<input type=\"hidden\" name=\"layout_location_" . $layout_location . "\" value=\"" . $layout_location . "\" />\n" .
                 "</td></tr></table>";

         return($html);
         }
?>

BLOG-EDITOR.PHP