How to make this works? plz help

Involved Joined: Sep 07, 2004 Posts: 354 Location: Sweden

Hi!

Here I am with my problems again! Embarassed

I've installed BookCatalog Modules from Only registered users can see links on this board! Get registered or login! on 2 nukes.

In the first installtion everything went well and and I can work with it without any problem. But in second installation:

I installed it as I did before and it makes tables in db and I can see these tables that are there. But when I try to add a book it works as it should (no error message) but it dosen't write to db tables. So when I come back to the list of books it is empty and I get no error message.

The 2nd. nuke (with this problem) has both Sentinel and Admin Secure installed and I checked them up and they don't cause any problem with this. (I turned them off and check this module and still same result).

Both of nukes are ver. 7.4 but on the second one (with problem) I might have done some changes when I was trying to make other modules to work (I'm not sure).

Here is the Addbook function in the main file of this module:

Code:




function AddBook() {


    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name;


    include ('header.php');


    topmenu();


    OpenTable();


    if (is_admin($admin)) {


      $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);


      while(list($catid,$cname) = sql_fetch_array($rcat, $dbi)){


      $cname_arr[] = $cname;


      }


      $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);


      while(list($aid,$aname) = sql_fetch_array($rauth, $dbi)){


      $aname_arr[] = $aname;


      }


      $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);


      while(list($pid,$pname) = sql_fetch_array($rpub, $dbi)){


      $pname_arr[] = $pname;


      }


      $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";


      $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";


      $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";





      echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">


         var cname_arr=new Array(500);


         var aname_arr=new Array(500);


         var pname_arr=new Array(500);


         function riscriviDue(form,fromField,toField,ArrList) {


            var selectobj=form.elements[fromField];


            var selNum= selectobj.selectedIndex;


            form.elements[toField].value = ArrList[selNum];


         }


      </s-c-r-i-p-t>\n";


//               echo "\n"


//                ."<form action=\"modules.php?name=".$module_name."&file=admin\" method=\"post\">"


//               ."<b>"._A_BCOMPANY.":</b><br>"


//               ."<input type=\"text\" name=\"cname\" size=\"20\" > ".$cname_sel."<br><br>";





      echo "<center><b><font class=booktitle>"._ADDNEWBOOK." </font></b><br><br>"


      ."<form method=\"post\" action=\"modules.php?name=$module_name\">"


      ."<table width=100%>"


      ."<tr><td valign=top width=100><b>"._BNAME.":<font color=ff0000>*</font></b></td><td valign=top align=left><input type=\"text\" name=\"bname\" size=\"50\" maxlength=\"150\"></td></tr>"


      ."<tr><td valign=top><b>"._BCAT.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"cname\" size=\"20\"> ".$cname_sel."";


       echo "</td></tr>"


      ."<tr><td valign=top><b>"._BAUTHOR.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"aname\" size=\"20\" > ".$aname_sel."";


       echo "</td></tr>"


      ."<tr><td valign=top><b>"._BPUBLISHER.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"pname\" size=\"20\" > ".$pname_sel."";


       echo "</td></tr>";   


      echo"<tr><td valign=top><b>"._BINFO.":<font color=ff0000>*</font></b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\"></textarea><BR>"._BINFOINFO."<BR><BR></td></tr>


      <tr><td valign=top><b>"._BKYEAR.":<font color=ff0000>*</font></b></td><td valign=top><input type=\"text\" name=\"byear\" size=\"10\" maxlength=\"10\"></td></tr>


      <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>


      <select name=\"bquality\">


            <option value=\"\"></option>


            <option value=\""._BHamur1."\">"._BHamur1."</option>


            <option value=\""._BHamur2."\">"._BHamur2."</option>


            <option value=\""._BHamur3."\">"._BHamur3."</option>


      </select></td></tr>


      <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\" size=\"20\" maxlength=\"15\"></td></tr>


      <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\" size=\"20\" maxlength=\"20\"></td></tr>


      <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\" size=\"20\" maxlength=\"50\"></td></tr>


      <tr><td valign=top><b>"._BLANG.":<font color=ff0000>*</font></b></td><td valign=top>


      <select name=\"blang\">


            <option value=\"\"></option>


            <option value=\""._FA."\">"._FA."</option>


            <option value=\""._TR."\">"._TR."</option>


            <option value=\""._EN."\">"._EN."</option>


            <option value=\""._DE."\">"._DE."</option>


            <option value=\""._FR."\">"._FR."</option>


      </select></td></tr>


      <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>


      <select name=\"bpic\">";


      $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");


      $path = "$path1[0]/$path1[1]";


      $handle=opendir($path);


      while (false !== ($file = readdir($handle))) { 


      if ($file != "." && $file != "..") { 


         $tlist .= "$file ";


      }


      }


      closedir($handle);


      $tlist = explode(" ", $tlist);


      sort($tlist);


      for ($i=0; $i < sizeof($tlist); $i++) {


      if($tlist[$i]!="") {


         echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";


      }


      }


      echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";





      echo "</table>";





      echo "<BR><i>"._CHECKINFO."</i><br><br>";


      echo "<input type=\"hidden\" name=\"op\" value=\"preview_book\">


      <input type=\"submit\" value=\""._PREVIEW."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";


   } else {


      echo "<center>";


      echo ""._ADMERROR."<br>";


    }





   





    CloseTable();


    include ("footer.php");


}

I can very very little about php so I can not see where the h... is this problem from. I have tryed to make it works in 3 days (almost 50 hours) without any result. So please help me .

Best regards

Posted: Fri Sep 24, 2004 6:20 am

Is it happening in the preview part or the post part or both?
Can you post the url part from the email Nuke Sentinel sends out?
If I remember it was the script filter that was being flagged there are only a few on the $_POST script filter so its more then likely script or style tag being passed via $_POST and from a glance I'd guess that its in the script that throws the post info into the form field in there (nice feature).

Posted: Fri Sep 24, 2004 7:31 am

sixonetonoffun wrote:

Is it happening in the preview part or the post part or both?
Can you post the url part from the email Nuke Sentinel sends out?
If I remember it was the script filter that was being flagged there are only a few on the $_POST script filter so its more then likely script or style tag being passed via $_POST and from a glance I'd guess that its in the script that throws the post info into the form field in there (nice feature).

Oh, thank you very much for helping me.

I didn't get any email from Sentinel!

I didn't get any error messag nither. Well actually I got an ban message first time from Sentinel ( now when I remember) when I was changing the name of this module to something els. And I think Sentinel send me an email:

Quote:

Date & Time: 2004-09-22 21:34:05
Blocked IP: 81.228.48.202
User ID: Anonymous (1)
Reason: Abuse-Script
--------------------
User Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Query String: www.SITENAME.com/admin.php?custom_title=%D9%86%D8%B3%D9%83%D8%AE%D8%A7%D9%86%D9%87+%28%D9%83%D8%AA%D8%A7%D8%A8%D8%AE%D8%A7%D9%86%D9%87%29&inmenu=1&url=&mcat=1&view=0&mod_group=0&mid=39&op=module_edit_save
Forwarded For: none
Client IP: none
Remote Address: 81.228.48.202
Remote Port: 33056
Request Method: GET

But I am not sure if this email has to do with this. As I wrote before I turned Sentinel off (after installation and a few times trying) and tried again but gott same result.

Site Admin/Owner Joined: Aug 27, 2002 Posts: 17088

That custom_title decodes to

Code:

Ù†Ø³ÙƒØ®Ø§Ù†Ù‡ (ÙƒØªØ§Ø¨Ø®Ø§Ù†Ù‡)

I'm not sure what language that is, but there are () in there and that is why NukeSentinel traps it. Try changing the () to [].

Posted: Fri Sep 24, 2004 10:44 am

it is in persian (farsi) we use utf-8.

Raven, do you think that it's because of it that this module can not write to db?

But why I have the same problem even when I turn the Sentinel off from mainfile.php?

Do I have to anything els to make it works?

Best regards

Posted: Fri Sep 24, 2004 10:51 am

In mainfile.php you should have a line like this

Code:

(eregi("\([^>]*\"?[^)]*\)", $secvalue)) ||

which NukeSentinel mirrors. With NukeSentinel off, comment out that line and try it.

Posted: Fri Sep 24, 2004 11:52 am

No Raven.

It dosen't work. Crying or Very sad

Maybe I have to give this idea with library up.

Posted: Fri Sep 24, 2004 12:25 pm

Well, if it isn't writing to the database, then you should be seeing an error in your server error_log.

Posted: Fri Sep 24, 2004 2:11 pm

No Raven

There is no error message there. Not about this.

I inseted tables from my other site to this one. Now I can delete the comments but still can not add books!

I don't know what to do.

Posted: Fri Sep 24, 2004 3:36 pm

I just examined your code that you posted and there are no insert statements in that code. So, either you haven't posted the right code or you're missing code or something.

Posted: Sat Sep 25, 2004 2:29 am

Raven wrote:

I just examined your code that you posted and there are no insert statements in that code. So, either you haven't posted the right code or you're missing code or something.

Thanks Raven for helping me. I'm very gratful for this.

In my first topic I only show you the add function of index file for this. But here it is the code of index.php (sorry it is a long code):

Code:




<?php


######################################################################


# PHP-NUKE: Web Portal System


# ===========================


#


# Copyright (c) 2000 by Francisco Burzi (fbc@mandrakesoft.com)


# http://phpnuke.org


#


# This program is free software. You can redistribute it and/or modify


# it under the terms of the GNU General Public License as published by


# the Free Software Foundation; either version 2 of the License.


######################################################################





/*****************************************************************************/


/*Book Catalog Module ver1.0                                                 */


/*Author: Huseyin Bilgen                                                 */


/*---------------------------------------------------------------------------*/





#################################### Contact #################################


#                         admin@basisconsultant.com                          #


#                         http://www.basisconsultant.com                     #


##############################################################################








if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {


    die ("You can't access this file directly...");


}








require_once("mainfile.php");


require_once("config.php");


$module_name = basename(dirname(__FILE__));


get_lang($module_name);


$pagetitle = "- "._TITLE."";


$index=$sag;


global $bid;


       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";


      echo "<!--\n";


      echo "function uploadbookpic(){\n";


      echo "   window.open (\"modules/$module_name/upload.php\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=700,height=500\");\n";


      echo "}\n";


      echo "//-->\n";


      echo "</s-c-r-i-p-t>\n\n";


function cut($str,$max){ 


$count = strlen($str); 


if($count >= $max) { 


for ($pos=$max;$pos>0 && ord($str[$pos-1])>=127;$pos--); 


if (($max-$pos)%2 == 0) 


$str = substr($str, 0, $max) . "..."; 


else 


$str = substr($str, 0, $max+1) . "..."; 


return $str;


} 


else { 


$str = "$str"; 


return $str;


} 


}


function topmenu() {


    global $module_name, $prefix, $ltr, $dbi, $ThemeSel,$admin;


   echo "<head>";


    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";


   echo "</head>";


    OpenTable();


    echo "<br>";


    echo "<center><a href=\"modules.php?name=$module_name\"><img src=\"modules/$module_name/images/logo.gif\" border=\"0\" alt=\""._TITLE."\"></a></center>";


    echo "<center><form action=\"modules.php?name=$module_name\" method=\"post\">"


    ."<input type=\"text\" size=\"20\" name=\"query\">&nbsp;"


    ."<input type=\"submit\" value=\""._SEARCH."\"><br>"


    ."<input type=\"hidden\" name=\"op\" value=\"search\">"


    ."</form>"


    ."</center>";


       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";


      echo "<!--\n";


      echo "function uploadbookpic(){\n";


      echo "   window.open (\"modules/$module_name/upload.php\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=700,height=500\");\n";


      echo "}\n";


      echo "//-->\n";


      echo "</s-c-r-i-p-t>\n\n";





    echo "<center>[ <a href=\"modules.php?name=$module_name&op=listbooks\">"._LISTBOOKS."</a> ]\n\n";


//    echo "[ <a href=\"modules.php?name=$module_name&op=listauthors\">"._LISTAUTHORS."</a> ]\n\n";


//    echo "[ <a href=\"modules.php?name=$module_name&op=listpublishers\">"._LISTPUBLISHERS."</a> ]\n\n";


    echo "[ <a href=\"modules.php?name=$module_name&op=listcategory\">"._LISTCATEGORY."</a> ]\n\n";


     if (is_admin($admin)) {


   echo "[ <a href=\"modules.php?name=$module_name&op=addbook\">"._ADDBOOK."</a> ]\n\n";


   echo "[ <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._ADDBOOKIMG."</a> ]\n\n";


    }


    echo "</center><br>\n\n";


CloseTable();


}





function display_score($score) {


    $image = "<img src=\"images/blue.gif\" alt=\"\">";


    $halfimage = "<img src=\"images/bluehalf.gif\" alt=\"\">";


    $full = "<img src=\"images/star.gif\" alt=\"\">";





    if ($score == 10) {


        for ($i=0; $i < 5; $i++)


            echo "$full";


    } else if ($score % 2) {


        $score -= 1;


        $score /= 2;


        for ($i=0; $i < $score; $i++)


            echo "$image";


            echo "$halfimage";


    } else {


        $score /= 2;


        for ($i=0; $i < $score; $i++)


            echo "$image";


    }


}








function CategoryList() {


 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name, $limitdeger, $goster, $limit;


 include ('header.php');


 $result=sql_query("select * from ${prefix}_bcatalog_cats", $dbi);


 $rows=sql_num_rows($result,$dbi);


 if($rows > 0) {


    topmenu();


    echo "<br>";


    OpenTable();


    echo "<center><b><font class=booktitle>"._ALLCATS."</font></b></center>";


    echo "<blockquote><blockquote>";


    $catlist = sql_query("select catid,cname from ${prefix}_bcatalog_cats order by catid", $dbi);


    while (list($catid, $cname) = sql_fetch_row($catlist, $dbi)) {


    $cresult = sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);


    $cnumrows = sql_num_rows($cresult, $dbi);


    echo "<strong><big>&middot;</big> &nbsp;</strong> <a href=\"modules.php?name=$module_name&op=category&amp;catid=$catid\">$cname</a> ("._THISCAT." <b>$cnumrows</b> "._BOOKEXIST.")<br>";


    }


    echo "</blockquote></blockquote>";


    echo "<center><table border=0 cellspacing=5><tr>";


    echo "<td>$onceki</td><td>$sonraki</td></tr></table></center>";


   CloseTable();


     }  else {


    topmenu();


    echo "<br>";


    OpenTable();


    echo "<BR><center><b>"._NOCATEXIST."</b></center>";


    CloseTable();


    }


   include ("footer.php");


}





function BookList(){


 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name, $showlimit, $show, $limit;


 include ('header.php');


require_once("modules/$module_name/config.php"); 


$rowq=sql_query("select * from ${prefix}_bcatalog_books", $dbi);


 $row=sql_num_rows($rowq,$dbi);


     if($row>0) {


 $limit = $showlimit;


if(!$show) {


$show=0;


}


$count =  sql_query("select * from ${prefix}_bcatalog_books", $dbi);


$rowcount = sql_num_rows($count, $dbi);


if($show==0) {


} else {


$dif = $show - $limit;


$prev = "<a href=\"modules.php?name=$module_name&amp;op=listbooks&amp;show=$dif\"><img src=\"modules/$module_name/images/left.gif\" border=\"0\"  align=\"absmiddle\"> "._PREVIOUS." $limit "._BOOK."</a> |";


}


if($rowcount > $limit) {


$dif = $show + $limit;


if($dif<$rowcount)


$next = "<a href=\"modules.php?name=$module_name&amp;op=listbooks&amp;show=$dif\">"._NEXT." $limit  "._BOOK." <img src=\"modules/$module_name/images/right.gif\" border=\"0\" align=\"absmiddle\"></a>";


} else {





}


    topmenu();


    OpenTable();


    echo "<center><font class=booktitle>"._ALLBOOK."</font></center>";


   echo "<center><font class=bookcontent>"._TOTALINDB." <B>$rowcount </B>"._FOUND."</font></center>";


    echo "<blockquote>";


    $blist = sql_query("select bid, bname, hits from ${prefix}_bcatalog_books order by bname limit $show, $limit", $dbi);


   $c=1 + $show;


    while (list($bid, $bname,$hits) = sql_fetch_row($blist, $dbi)) {


    $cresult = sql_query("select * from ${prefix}_bcatalog_comments where cbookid=$bid", $dbi);


    $cnumrows = sql_num_rows($cresult, $dbi);


    $Bname=$bname;


   if ($hits==0){$hits=0;}


    echo "<b>$c.</b> </strong> <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$Bname</a> ("._TOTAL." <b>$cnumrows</b> "._COMMENTS." "._AND." <b>$hits</b> "._READ.")<br>";


   $c++;


    }


    echo "</blockquote>";


    echo "<center><table border=0 cellspacing=5><tr>";


    echo "<td>$prev</td><td>$next</td></tr></table></center>";


   CloseTable();


     }  else {


    topmenu();


    echo "<br>";


    OpenTable();


    echo "<center><b>"._NOCATEXIST."</b></center>";


    CloseTable();


    }


   include ("footer.php");





}


function Category($catid) {


 global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name,$showlimit, $show, $limit;


require_once("modules/$module_name/config.php"); 


 include ('header.php');


$res=sql_query("select cname from ${prefix}_bcatalog_cats where catid='$catid'", $dbi);


 $row=sql_fetch_array($res,$dbi);


 $cname=$row["cname"];


 $result=sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);


 $row=sql_num_rows($result,$dbi);


     if($row>0) {


 $limit = $showlimit;


if(!$show) {


$show=0;


}


$count =  sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);


$rowcount = sql_num_rows($count, $dbi);


if($show==0) {


} else {


$dif = $show - $limit;


$prev = "<a href=\"modules.php?name=$module_name&amp;op=category&catid=$catid&amp;show=$dif\"><img src=\"modules/$module_name/images/left.gif\" border=\"0\"  align=\"absmiddle\"> "._PREVIOUS." $limit "._BOOK."</a> |";


}


if($rowcount > $limit) {


$dif = $show + $limit;


if($dif<$rowcount)


$next = "<a href=\"modules.php?name=$module_name&amp;op=category&catid=$catid&amp;show=$dif\">"._NEXT." $limit  "._BOOK." <img src=\"modules/$module_name/images/right.gif\" border=\"0\" align=\"absmiddle\"></a>";


} else {





}


   topmenu();


    OpenTable();


    $catname = sql_query("select catid,cname from ${prefix}_bcatalog_cats where catid=$catid", $dbi);


    list($catid,$cname) = sql_fetch_row($catname, $dbi);


    echo "<center><font class=bookcontent>"._CATEGORY.": <b>$cname</b></font></center>";


    $bookq = sql_query("select * from ${prefix}_bcatalog_books where cname='$cname'", $dbi);


    $rows = sql_num_rows($bookq, $dbi);


    if($rows>0) {


    echo "<center><BR><b>"._CATBOOKS."</b></center>";


   echo "<BR><table width=100% border=0 cellpadding=0 cellspacing=2>";


    $bookq = sql_query("select bid, bname, bauthor, bpublisher,bpic from ${prefix}_bcatalog_books where cname='$cname' limit $show, $limit", $dbi);


    while (list($bid, $bname, $bauthor, $bpublisher,$bpic) = sql_fetch_row($bookq, $dbi)) {


   $Bauthor=$bauthor;


   $Bpublisher=$bpublisher;


    $comq = sql_query("select * from ${prefix}_bcatalog_comments where cbookid='$bid'", $dbi);


    $comnum = sql_num_rows($comq, $dbi);


   echo "<tr><td align=left valign=top width=50><img src=\"modules/$module_name/images/bookimg/$bpic\" border=0 width=40 height=50></td>";


    echo "<td valign=top><a href=\"modules.php?name=$module_name&op=showbook&bid=$bid\">$bname</a><BR>$Bauthor, $Bpublisher (<b>$comnum</b> "._COMMENT.")</td>";


    }


   echo "</table>";


    echo "<center><table border=0 cellspacing=5><tr>";


    echo "<td>$prev</td><td>$next</td></tr></table></center>";


    } else {


    echo "<BR><BR><center><b>"._NOBOOKFORCAT."</b></center>";


    }


  CloseTable();


    }  else {


    topmenu();


    echo "<br>";


    OpenTable();


    echo "<center><b>"._CATNOTFOUND."</b></center>";


    CloseTable();


    }


  include ("footer.php");


}


#################################################################################################





function copyright() {


global $Version_Num, $module_name;


$versiyon=substr($Version_Num,0,1);


  if(file_exists("modules/Kitap/copyright.php")) {


  } else {


  echo "<div align=\"right\"><a href=\"http://www.basisconsultant.com\" target=\"_blank\">&copy; $module_name</a></div>";


   }


}


 /*Do Not Change Information in this area. */


#################################################################################################


function CreateSelect($arr){


  if(!is_array($arr)) return;


  $arr = array_unique($arr);


  asort($arr);


  $string = "<option>\n";


        foreach($arr as $item){


          if(!empty($item)) $string .= "<option value=\"".$item."\">".$item."\n";


  }


  return($string);


}


function CreateJsArr($arr, $field){


        if(!is_array($arr)) return;


        $arr = array_unique($arr);


  asort($arr);


        $string = "\n<s-c-r-i-p-t language=\"Javas-c-r-i-p-t\">\n";


  $string .= "\t".$field."[0] = \"\"\n";


  $i = 1;


        foreach($arr as $item){


          if(!empty($item)){


            $string .= "\t".$field."[".$i."] = \"".$item."\"\n";


        $i++;


    }


  }


  $string .= "</s-c-r-i-p-t>\n";


  return($string);


}





function AddBook() {


    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $dbi, $module_name;


    include ('header.php');


    topmenu();


    OpenTable();


    if (is_admin($admin)) {


      $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);


      while(list($catid,$cname) = sql_fetch_array($rcat, $dbi)){


      $cname_arr[] = $cname;


      }


      $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);


      while(list($aid,$aname) = sql_fetch_array($rauth, $dbi)){


      $aname_arr[] = $aname;


      }


      $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);


      while(list($pid,$pname) = sql_fetch_array($rpub, $dbi)){


      $pname_arr[] = $pname;


      }


      $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";


      $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";


      $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";





      echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">


         var cname_arr=new Array(500);


         var aname_arr=new Array(500);


         var pname_arr=new Array(500);


         function riscriviDue(form,fromField,toField,ArrList) {


            var selectobj=form.elements[fromField];


            var selNum= selectobj.selectedIndex;


            form.elements[toField].value = ArrList[selNum];


         }


      </s-c-r-i-p-t>\n";


//               echo "\n"


//                ."<form action=\"modules.php?name=".$module_name."&file=admin\" method=\"post\">"


//               ."<b>"._A_BCOMPANY.":</b><br>"


//               ."<input type=\"text\" name=\"cname\" size=\"20\" > ".$cname_sel."<br><br>";





      echo "<center><b><font class=booktitle>"._ADDNEWBOOK." </font></b><br><br>"


      ."<form method=\"post\" action=\"modules.php?name=$module_name\">"


      ."<table width=100%>"


      ."<tr><td valign=top width=100><b>"._BNAME.":<font color=ff0000>*</font></b></td><td valign=top align=left><input type=\"text\" name=\"bname\" size=\"50\" maxlength=\"150\"></td></tr>"


      ."<tr><td valign=top><b>"._BCAT.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"cname\" size=\"20\"> ".$cname_sel."";


       echo "</td></tr>"


      ."<tr><td valign=top><b>"._BAUTHOR.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"aname\" size=\"20\" > ".$aname_sel."";


       echo "</td></tr>"


      ."<tr><td valign=top><b>"._BPUBLISHER.":<font color=ff0000>*</font></b></td><td valign=top align=left>"


      ."<input type=\"text\" name=\"pname\" size=\"20\" > ".$pname_sel."";


       echo "</td></tr>";   


      echo"<tr><td valign=top><b>"._BINFO.":<font color=ff0000>*</font></b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\"></textarea><BR>"._BINFOINFO."<BR><BR></td></tr>


      <tr><td valign=top><b>"._BKYEAR.":<font color=ff0000>*</font></b></td><td valign=top><input type=\"text\" name=\"byear\" size=\"10\" maxlength=\"10\"></td></tr>


      <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>


      <select name=\"bquality\">


            <option value=\"\"></option>


            <option value=\"1. Hamur\">1. Hamur</option>


            <option value=\"2. Hamur\">2. Hamur</option>


            <option value=\"3. Hamur\">3. Hamur</option>


      </select></td></tr>


      <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\" size=\"20\" maxlength=\"15\"></td></tr>


      <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\" size=\"20\" maxlength=\"20\"></td></tr>


      <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\" size=\"20\" maxlength=\"50\"></td></tr>


      <tr><td valign=top><b>"._BLANG.":<font color=ff0000>*</font></b></td><td valign=top>


      <select name=\"blang\">


            <option value=\"\"></option>


            <option value=\""._TR."\">"._TR."</option>


            <option value=\""._EN."\">"._EN."</option>


            <option value=\""._DE."\">"._DE."</option>


            <option value=\""._FR."\">"._FR."</option>


      </select></td></tr>


      <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>


      <select name=\"bpic\">";


      $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");


      $path = "$path1[0]/$path1[1]";


      $handle=opendir($path);


      while (false !== ($file = readdir($handle))) { 


      if ($file != "." && $file != "..") { 


         $tlist .= "$file ";


      }


      }


      closedir($handle);


      $tlist = explode(" ", $tlist);


      sort($tlist);


      for ($i=0; $i < sizeof($tlist); $i++) {


      if($tlist[$i]!="") {


         echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";


      }


      }


      echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";





      echo "</table>";





      echo "<BR><i>"._CHECKINFO."</i><br><br>";


      echo "<input type=\"hidden\" name=\"op\" value=\"preview_book\">


      <input type=\"submit\" value=\""._PREVIEW."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";


   } else {


      echo "<center>";


      echo ""._ADMERROR."<br>";


    }





   





    CloseTable();


    include ("footer.php");


}





function PreviewBook($bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {


    global $admin, $module_name, $dbi, $prefix,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic;





    $text = ereg_replace("\n","<br>",$text);


    $title = stripslashes(check_html($title, "nohtml"));


    $text = stripslashes(check_html($text, ""));


    include ('header.php');


    topmenu();


    OpenTable();


      $result = sql_query("select * from ${prefix}_bcatalog_books where bname='$bname'", $dbi);


    $total = sql_num_rows($result, $dbi);





    if($total == 0 OR $id!=0) {


    echo "<form method=\"post\" action=\"modules.php?name=$module_name\">";


    if ($bname == "") {


            $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDBNAME."</font></center><br>";


    }


    if ($cname =="") {


    $error =1;


    echo "<center><font color=\"#FF0000\">"._INVALIDCNAME."</font></center><br>";


    }


    if ($aname == "") {


            $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDANAME."</font></center><br>";


    }





    if ($pname == "") {


        $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDPNAME."</font></center><br>";


    }


     if ($binfo == "") {


        $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDBINFO."</font></center><br>";


    }


     if ($byear == "") {


        $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDBYEAR."</font></center><br>";


    }


     if ($blang == "") {


        $error = 1;


        echo "<center><font color=\"#FF0000\">"._INVALIDBLANG."</font></center><br>";


    }


        if ($error == 1)


            echo "<br><center><a href=\"javas-c-r-i-p-t:window.history.back();\">"._BACK."</center></a>";


        else


        {





        if ($date == "")


            $tarih = getdate();


           $ay=array(1=>""._JANUARY."",2=>""._FEBRUARY."",3=>""._MARCH."",4=>""._APRIL."",5=>""._MAY."",6=>""._JUNE."",7=>""._JULY."",8=>""._AUGUST."",9=>""._SEPTEMBER."",10=>""._OCTOBER."",11=>""._NOVEMBER."",12=>""._DECEMBER."");     $date = date("d.m.Y");


            $year2 = substr($date,0,4);


            $month = substr($date,5,2);


            $day = substr($date,8,2);


            $fdate = "$day ".$ay[$tarih['mon']]." $year2";


         echo"<table width=100%>"


         ."<tr><td valign=top width=100><b>"._BNAME.":</b></td><td valign=top align=left>$bname</td></tr>"


         ."<tr><td valign=top><b>"._BCAT.":</b></td><td valign=top align=left>$cname</td></tr>"


         ."<tr><td valign=top><b>"._BAUTHOR.":</b></td><td valign=top align=left>$aname</td></tr>"


         ."<tr><td valign=top><b>"._BPUBLISHER.":</b></td><td valign=top align=left>$pname</td></tr>";   


         echo"<tr><td valign=top><b>"._BINFO.":</b></td><td valign=top>$binfo</td></tr>


         <tr><td valign=top><b>"._BKYEAR.":</b></td><td valign=top>$byear</td></tr>


         <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>$bquality</td></tr>


         <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top>$bpages</td></tr>


         <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top>$bdims</td></tr>


         <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top>$bisbn</td></tr>


         <tr><td valign=top><b>"._BLANG.":</b></td><td valign=top>$blang</td></tr>


         <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top><img src=\"modules/$module_name/images/bookimg/$bpic\" border=0 width=40 height=50></td></tr>


         <tr><td valign=top><b>"._BADDDATE.":</b></td><td valign=top>$date</td></tr>


         </table>";


            $text = urlencode($text);


            echo "<BR><p><i>"._LOOKSRIGHT."</i> ";


            echo "<input type=\"hidden\" name=\"bid\" value=$bid>


                  <input type=\"hidden\" name=\"bname\" value=\"$bname\">


                  <input type=\"hidden\" name=\"op\" value=sendbook>


                  <input type=\"hidden\" name=\"date\" value=\"$date\">


                  <input type=\"hidden\" name=\"cname\" value=\"$cname\">


                  <input type=\"hidden\" name=\"aname\" value=\"$aname\">


                  <input type=\"hidden\" name=\"pname\" value=\"$pname\">


                  <input type=\"hidden\" name=\"binfo\" value=\"$binfo\">


                   <input type=\"hidden\" name=\"byear\" value=\"$byear\">


                  <input type=\"hidden\" name=\"bquality\" value=\"$bquality\">


                  <input type=\"hidden\" name=\"bpages\" value=\"$bpages\">


                  <input type=\"hidden\" name=\"bdims\" value=\"$bdims\">


                  <input type=\"hidden\" name=\"bisbn\" value=\"$bisbn\">


                  <input type=\"hidden\" name=\"blang\" value=\"$blang\">


                  <input type=\"hidden\" name=\"bpic\" value=\"$bpic\">";


            echo "<input type=\"submit\" name=\"op\" value=\""._YES."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._NO."\">";


            if(is_admin($admin))


                    echo "<br><br><b>"._NOTE."</b> "._ADMINLOGGED."";


        }


          } else {


    echo "<center><font color=\"#FF0000\">"._BOOKALREADYINDB."</font></center>";


   echo "<center><br><br>[ <a href=\"javas-c-r-i-p-t:history.back();\">"._BACK."</a> ]<br></center>";


    }


    CloseTable();


    include ("footer.php");


}





function SendBook($date, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {


    global $admin, $prefix, $dbi, $module_name, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic;


    include ('header.php');


    topmenu();


    echo "<br>";


   $bname=$bname;


   $cname=$cname;


   $aname=$aname;


   $pname=$pname;


   $binfo = stripslashes(Fixquotes(urldecode(check_html($binfo, ""))));


    OpenTable();


    sql_query("INSERT INTO ${prefix}_bcatalog_books values('','$cname', '$bname', '$aname', '$pname', '$binfo', '$byear', '$bquality', '$bpages', '$bdims','$bisbn','$blang','$bpic','','$date')", $dbi);





   $ccname = sql_query("select * from ${prefix}_bcatalog_cats where cname='$cname'", $dbi);


    $ctotal = sql_num_rows($ccname, $dbi);


   if ($ctotal==0){ sql_query("insert into ${prefix}_bcatalog_cats  values('','$cname')",$dbi);}


   $caname = sql_query("select * from ${prefix}_bcatalog_authors where aname='$aname'", $dbi);


    $atotal = sql_num_rows($caname, $dbi);


   if ($atotal==0){ sql_query("insert into ${prefix}_bcatalog_authors  values('','$aname','')",$dbi);}


   $cpname = sql_query("select * from ${prefix}_bcatalog_publishers where pname='$pname'", $dbi);


    $ptotal = sql_num_rows($cpname, $dbi);


   if ($ptotal==0){ sql_query("insert into ${prefix}_bcatalog_publishers values('','$pname','')",$dbi);} 


    echo "<br><center>"._THANKS."";


    Header("Refresh: 3; url=modules.php?name=$module_name");


    CloseTable();


    include ("footer.php");


}


function UpdateBook($bid,$date, $bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic) {


    global $admin, $prefix,$bid, $dbi, $module_name;


    include ('header.php');


    topmenu();


    echo "<br>";


   $binfo = stripslashes(Fixquotes(urldecode(check_html($binfo, ""))));


    OpenTable();


    sql_query("update ${prefix}_bcatalog_books set cname='$cname' , bname='$bname' , bauthor='$aname' , bpublisher='$pname' , binfo='$binfo' , byear='$byear' , bquality='$bquality' , bpages='$bpages' , bdims='$bdims' , bisbn='$bisbn' , blang='$blang' , bpic='$bpic' where bid='$bid'", $dbi);





   $ccname = sql_query("select * from ${prefix}_bcatalog_cats where cname='$cname'", $dbi);


    $ctotal = sql_num_rows($ccname, $dbi);


   if ($ctotal==0){ sql_query("insert into ${prefix}_bcatalog_cats  values('','$cname')",$dbi);}


   $caname = sql_query("select * from ${prefix}_bcatalog_authors where aname='$aname'", $dbi);


    $atotal = sql_num_rows($caname, $dbi);


   if ($atotal==0){ sql_query("insert into ${prefix}_bcatalog_authors  values('','$aname','')",$dbi);}


   $cpname = sql_query("select * from ${prefix}_bcatalog_publishers where pname='$pname'", $dbi);


    $ptotal = sql_num_rows($cpname, $dbi);


   if ($ptotal==0){ sql_query("insert into ${prefix}_bcatalog_publishers values('','$pname','')",$dbi);} 


    echo "<center><font class=bookcontent><B>"._THANKSFORUPDATE."</B></font>";


    Header("Refresh: 2; url=modules.php?name=$module_name&op=showbook&bid=$bid");


    CloseTable();


    include ("footer.php");


}


function index() {


    global $bid,$bgcolor4, $bgcolor2, $prefix, $dbi, $module_name, $top, $admin;


    include ('header.php');


    OpenTable();


    echo "<table border=\"0\" width=\"100%\" CELLPADDING=\"2\" CELLSPACING=\"0\" align=\"center\"><tr><td colspan=\"2\">";


    topmenu();


    echo "</td></tr></table>";


   $result_cat = sql_query("select catid, cname from ${prefix}_bcatalog_cats", $dbi);


   opentable();


   echo "<tr><td width=100% colspan=2><CENTER><FONT class=bookcathead>"._CATEGORIES."</FONT></CENTER></td><tr>";


   echo "<tr><td width=100% colspan=2><CENTER>";


   while (list($catid,$cname)=sql_fetch_row($result_cat)){


   echo "<a href=modules.php?name=$module_name&op=category&catid=$catid><FONT class=bookcat>$cname</FONT></a>&nbsp;";


   }


   echo "<BR></td></tr>";


   closetable();


   opentable();


    echo "<table border=\"0\" width=\"100%\" CELLPADDING=\"2\" CELLSPACING=\"2\" align=\"center\"><tr><td colspan=\"2\">";


    echo "<tr><td width=\"50%\" >";


    echo "<b>"._POP." $top "._BOOK."</b></td>";


    echo "<td width=\"50%\" ><b>"._NEW." $top "._BOOK."</b></td></tr>";


    $result_pop = sql_query("select bid, bname, hits from ${prefix}_bcatalog_books order by hits DESC limit 10", $dbi);


    $result_rec = sql_query("select bid, bname from ${prefix}_bcatalog_books order by bid DESC limit 10", $dbi);


    $y = 1;


    for ($x = 0; $x < $top; $x++)        {


        $myrow = sql_fetch_array($result_pop, $dbi);


        $bid = $myrow["bid"];


        $bname = $myrow["bname"];


        $hits = $myrow["hits"];


      $bname=cut($bname,40);


        if ($hits!="") {


        echo "<tr><td width=\"50%\" >$y) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td>";


        } else {


       echo "<tr><td width=\"50%\" >$y) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td>";


        }


        $myrow = sql_fetch_array($result_rec, $dbi);


        $id = $myrow["id"];


        $title = $myrow["title"];


        $hits = $myrow["hits"];


        $date = $myrow["date"];


        if ($date !="") {


        echo "<td width=\"50%\" >$y ) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a> ($date)</td></tr>";


        } else {


        echo "<td width=\"50%\" >$y ) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a></td></tr>";


        }


        $y++;


    }


    echo "<tr><td colspan=\"2\"><br></td></tr>";


    $result = sql_query("SELECT * FROM ${prefix}_bcatalog_books", $dbi);


    $numresults = sql_num_rows($result, $dbi);


    echo "<tr><td colspan=\"2\"><br><center>"._DATABASE." <b>$numresults</b> "._BOOK."  "._REGISTERED."</center></td></tr></table>";


   closetable();


    CloseTable();


    copyright();


    include ("footer.php");


}





function showbook($bid) {


    global $bid,$bgcolor4, $sitename, $prefix, $dbi, $module_name, $limit, $limitdeger, $goster,$admin,$nukeurl,$bgcolor2;


    include ('header.php');


    $limit = $limitdeger;    





    topmenu();


    OpenTable();


    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);


    $result_com = sql_query("select * from ${prefix}_bcatalog_comments where cbookid='$bid'", $dbi);


   $cresult_com=sql_num_rows($result_com,$dbi);


   $res_auth=sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);


   $myrow=sql_fetch_array($res_auth,$dbi);


   // SET HIT=HIT+1


   sql_query("update ${prefix}_bcatalog_books SET hits=hits+1 where bid='$bid'", $dbi);


   


   while (list($bid,$cname,$bname,$bauthor,$bpublisher,$binfo,$byear,$bquality,$bpages,$bdims,$bisbn,$blang,$bpic,$hits,$date)=sql_fetch_row($result)){


   $Bauthor=$bauthor;


   $Bpublisher=$bpublisher;





     echo"<table border=\"0\" width=\"100%\">"


     . "   <tr>"


     . "      <td width=\"100\">&nbsp;</td>"


     . "      <td style=\"border-bottom: 1 solid #660000\"><FONT class=booktitle>$bname</FONT></td>"


     . "   </tr>"


     . "   <tr>"


     . "      <td width=\"100\" valign=\"top\" align=center >";


       echo "<s-c-r-i-p-t type=\"text/javas-c-r-i-p-t\">\n";


      echo "<!--\n";


      echo "function showbookpic(){\n";


      echo "   window.open (\"modules.php?name=$module_name&op=viewpic&bid=$bid\",\"Copyright\",\"toolbar=no,location=no,directories=no,status=no,scrollbars=yes,resizable=no,copyhistory=no,width=500,height=600\");\n";


      echo "}\n";


      echo "//-->\n";


      echo "</s-c-r-i-p-t>\n\n";


      echo " <a href=\"javas-c-r-i-p-t:showbookpic()\">     <img src=\"$nukeurl/modules/$module_name/images/bookimg/$bpic\" border=0 height=80 width=60 alt=\"$bname\"><BR><font class=pictext>"._CLKTOENLARGE."</font></a></td>"


     . "      <td >"


     . "<p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$Bauthor</font></p>"


     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$Bpublisher</p>"


     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>&nbsp;</p>"


     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>$binfo</p>"


     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>&nbsp;</p>"


     . "      <p style=\"margin-top: 0; margin-bottom: 0\" class=bookcontent>Yayýn Yýlý: $byear<br>";


if ($bquality<>""){echo "      $bquality<br>";}


if ($bpages<>""){echo      "      $bpages Sayfa<br>";}


if ($bisbn<>""){   echo "      $bdims cm<br>";}


if ($bisbn<>""){echo "      ISBN: $bisbn<br>";}


if ($blang<>""){   echo "      Dili: $blang</p></font>";}


     echo "      <p>&nbsp;</td>"


     . "   </tr>"


     . "<tr><td>&nbsp;</td>"


     . "<td><a href=\"modules.php?name=$module_name&op=postcomment&bid=$bid\"><img src=\"modules/$module_name/images/addcomment.gif\" border=0 alt=\""._POSTCOMMENT."\"></a>&nbsp;<a href=\"modules.php?name=$module_name&file=friend&bid=$bid\"><img src=\"modules/$module_name/images/sendfriend.gif\" border=0 alt=\""._SENDFRIEND."\"></a>";


     if (is_admin($admin)) {


     echo "&nbsp;<a href=\"modules.php?name=$module_name&op=editbook&bid=$bid\"><img src=\"modules/$module_name/images/change.gif\" border=0></a>";


    }


    echo "</td>"


     . "   </table>";


   }


    CloseTable();


   $bname=$myrow["bname"];


   $bpublisher=$myrow["bpublisher"];


   $bauthor=$myrow["bauthor"];


   $bname=$myrow["bname"];


   $Bauthor=$bauthor;


   $res_author=sql_query("select bid,bname from ${prefix}_bcatalog_books where bauthor='$Bauthor' and bname<>'$bname' order by bid desc limit 0,5", $dbi);


   $cres_author=sql_num_rows($res_author,$dbi);


   $res_publisher=sql_query("select bid,bname from ${prefix}_bcatalog_books where bpublisher='$bpublisher' and bname<>'$bname' order by bid desc limit 0,5", $dbi);


   $cres_publisher=sql_num_rows($res_publisher,$dbi);


if (($cres_author>'0') && ($cres_publisher>'0')){


if ($cres_author<>'0'){


   opentable();


   echo "<table width=100%><tr><td width=50% class=booktitle>"._AUTHOROTHERBOOKS."</td><td width=50% class=booktitle>"._PUBLISHEROTHERBOOKS."</td></tr>";


   echo "<tr>";


   echo "<td valign=top>";


   $i=1;


   while (list($bid,$bname)=sql_fetch_row($res_author)){


      echo "$i) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a><BR>";


      $i++;


   }


   echo "</td>";


}


if ($cres_publisher<>'0'){


   echo"<td valign=top>";


   $i=1;


   while (list($bid,$bname)=sql_fetch_row($res_publisher)){


      echo "$i) <a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a><BR>";


      $i++;





   }


   echo "</td>";


}


   echo"</tr>";


   echo "</table>";


   closetable();


}


if ($cresult_com >'0'){


   Opentable();


   global $bid,$bauthor;


   echo "<font class=booktitle ><H4>"._COMMENTHEADER."</H4></font>";


   while (list($comid,$csender,$cbookid,$comment,$cdate)=sql_fetch_row($result_com)){


   echo "<table width=100%>";


   echo "<tr bgcolor=$bgcolor2><td >$cdate&nbsp;&nbsp;<B>$csender</B></td>";


if (is_admin($admin)) {


      global $bid,$bauthor;


   echo "   <td align=center width=25><a href=\"modules.php?name=$module_name&op=delcomment&comid=$comid&cbookid=$cbookid\">"._DELETE."</a></td></tr>";


}else{ echo "</tr>";}


   echo "<tr><td>$comment</td></tr>";


   echo "</table><BR>";


   }


   closetable();


}





    include ("footer.php");


}





function PostComment($bid) {


    global $user, $cookie, $AllowableHTML, $anonymous, $module_name,$bid,$dbi,$module_name;


    include("header.php");


   echo "<head>";


    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";


   echo "</head>";


    cookiedecode($user);


    $title = urldecode($title);


    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);


   $myrow=sql_fetch_array($result,$dbi);


   $bname=$myrow["bname"];


    OpenTable();


    if (!is_user($user)) {


       echo "<center><FONT class=booktitle>"._BOOKCOMMENT.": $bname</FONT></center><BR>";


        echo "<CENTER><b>"._ALERT."</b>&nbsp;"._NICKNAME2." $anonymous<BR><BR>";


      echo ""._TOPOSTCOMMENT."";


      echo "</CENTER><br><br>";


        $uname = $anonymous;


    }


     else {


       echo "<center><FONT class=booktitle>"._BOOKCOMMENT.": $bname</FONT></center>"


        ."<form action=modules.php?name=$module_name method=post>";


        echo "<b>"._NICKNAME2.":</b> $cookie[1]<br>


        <br>";


        $uname = $cookie[1];


          echo "


         <input type=hidden name=bid value=$bid>


         <b>"._YOURCOMMENT."</b><br>


         <textarea name=comment rows=10 cols=70></textarea><br>


         "._ALLOWEDHTML."<br>";


         while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";


         echo "<br><br>


         <input type=hidden name=op value=savecomment>


         <input type=submit value=\""._SEND."\">


         </form>


         ";





    }


    $ip = getenv("REMOTE_ADDR");


    CloseTable();


    include("footer.php");


}





function savecomment($uname, $bid, $score, $comment, $ip) {


    global $anonymous, $user, $cookie, $prefix, $dbi, $module_name, $ip,$bid;


     cookiedecode($user);


        $uname = $cookie[1];


    $comment = stripslashes(FixQuotes(check_html($comment)));


     $now = date("d.m.Y"); 


    sql_query("insert into ${prefix}_bcatalog_comments values ('', '$uname','$bid', '$comment', '$now')", $dbi);


    Header("Location: modules.php?name=$module_name&op=showbook&bid=$bid");


}





function EditBook($bid) {


        global $admin, $prefix, $dbi, $module_name;


        include ('header.php');


   echo "<head>";


    echo "<LINK REL=\"StyleSheet\" HREF=\"modules/$module_name/bookstyle.css\" TYPE=\"text/css\">\n\n\n";


   echo "</head>";


        OpenTable();


        if (($bid != 0) && (is_admin($admin)))


        {


                $result = sql_query("select * from ${prefix}_bcatalog_books where bid = '$bid'", $dbi);


                while($myrow =  sql_fetch_array($result, $dbi))


                {


                        $bid =  $myrow["bid"];


                        $cname = $myrow["cname"];


                        $bname = $myrow["bname"];


                        $aname = $myrow["bauthor"];


                        $pname = $myrow["bpublisher"];


                        $binfo = $myrow["binfo"];


                        $byear = $myrow["byear"];


                        $bquality = $myrow["bquality"];


                        $bpages = $myrow["bpages"];


                        $bdims = $myrow["bdims"];


                        $bisbn = $myrow["bisbn"];


                        $blang = $myrow["blang"];


                        $bpic = $myrow["bpic"];


            }


                echo "<center><font class=booktitle>"._MODIFYBOOK."</font></center><br><br>";


         $rcat = sql_query("select * from ".$prefix."_bcatalog_cats order by cname", $dbi);


         while(list($catid,$catname) = sql_fetch_array($rcat, $dbi)){


         $cname_arr[] = $catname;


         }


         $rauth = sql_query("select * from ".$prefix."_bcatalog_authors order by aname", $dbi);


         while(list($aid,$auname) = sql_fetch_array($rauth, $dbi)){


         $aname_arr[] = $auname;


         }


         $rpub = sql_query("select * from ".$prefix."_bcatalog_publishers order by pname", $dbi);


         while(list($pid,$puname) = sql_fetch_array($rpub, $dbi)){


         $pname_arr[] = $puname;


         }


         $cname_sel = CreateJsArr($cname_arr, 'cname_arr')."\n<select name=\"cname_sel\" onchange=\"riscriviDue(this.form,this.name,'cname',cname_arr)\">".CreateSelect($cname_arr)."</select>\n";


         $aname_sel = CreateJsArr($aname_arr, 'aname_arr')."\n<select name=\"aname_sel\" onchange=\"riscriviDue(this.form,this.name,'aname',aname_arr)\">".CreateSelect($aname_arr)."</select>\n";


         $pname_sel = CreateJsArr($pname_arr, 'pname_arr')."\n<select name=\"pname_sel\" onchange=\"riscriviDue(this.form,this.name,'pname',pname_arr)\">".CreateSelect($pname_arr)."</select>\n";





         echo "\n<s-c-r-i-p-t LANGUAGE=\"Javas-c-r-i-p-t\">


            var cname_arr=new Array(500);


            var aname_arr=new Array(500);


            var pname_arr=new Array(500);


            function riscriviDue(form,fromField,toField,ArrList) {


               var selectobj=form.elements[fromField];


               var selNum= selectobj.selectedIndex;


               form.elements[toField].value = ArrList[selNum];


            }


         </s-c-r-i-p-t>\n";


            echo "<form method=POST action=modules.php?name=$module_name&op=updatebook&bid=$bid>";


         echo"<table width=100%>"


         ."<tr><td valign=top width=100><b>"._BNAME.":</b></td><td valign=top align=left><input type=\"text\" name=\"bname\" value=\"$bname\" size=\"50\" maxlength=\"150\"></td></tr>"


         ."<tr><td valign=top><b>"._BCAT.":</b></td><td valign=top align=left>"


         ."<input type=\"text\" name=\"cname\" size=\"20\"  value=\"$cname\"> ".$cname_sel."";


          echo "</td></tr>"


         ."<tr><td valign=top><b>"._BAUTHOR.":</b></td><td valign=top align=left>"


         ."<input type=\"text\" name=\"aname\" size=\"20\"  value=\"$aname\"> ".$aname_sel."";


          echo "</td></tr>"


         ."<tr><td valign=top><b>"._BPUBLISHER.":</b></td><td valign=top align=left>"


         ."<input type=\"text\" name=\"pname\" size=\"20\"  value=\"$pname\"> ".$pname_sel."";


          echo "</td></tr>";   


         echo"<tr><td valign=top><b>"._BINFO.":</b></td><td valign=top><textarea name=\"binfo\" rows=\"25\" wrap=\"virtual\" cols=\"70\">$binfo</textarea><BR>"._BINFOINFO."<BR><BR></td></tr>


         <tr><td valign=top><b>"._BKYEAR.":</b></td><td valign=top><input type=\"text\" name=\"byear\"  value=\"$byear\"  size=\"10\" maxlength=\"10\"></td></tr>


         <tr><td valign=top><b>"._BQUALITY.":</b></td><td valign=top>


         <select name=\"bquality\">


               <option value=\"$bquality\">$bquality</option>


               <option value=\"1. Hamur\">1. Hamur</option>


               <option value=\"2. Hamur\">2. Hamur</option>


               <option value=\"3. Hamur\">3. Hamur</option>


         </select></td></tr>


         <tr><td valign=top><b>"._BPAGES.":</b></td><td valign=top><input type=\"text\" name=\"bpages\"   value=\"$bpages\" size=\"20\" maxlength=\"15\"></td></tr>


         <tr><td valign=top><b>"._BDIMS.":</b></td><td valign=top><input type=\"text\" name=\"bdims\"   value=\"$bdims\" size=\"20\" maxlength=\"20\"></td></tr>


         <tr><td valign=top><b>"._BISBN.":</b></td><td valign=top><input type=\"text\" name=\"bisbn\"   value=\"$bisbn\" size=\"20\" maxlength=\"50\"></td></tr>


         <tr><td valign=top><b>"._BLANG.":</b></td><td valign=top>


         <select name=\"blang\">


               <option value=\"$blang\">$blang</option>


               <option value=\"Türkçe\">Türkçe</option>


               <option value=\"Ýngilizce\">Ýngilizce</option>


               <option value=\"Almanca\">Almanca</option>


         </select></td></tr>


         <tr><td valign=top><b>"._BPIC.":</b></td><td valign=top>


         <select name=\"bpic\"><option value=\"$bpic\">$bpic</option>";


         $path1 = explode ("/kt", "modules/$module_name/images/bookimg/");


         $path = "$path1[0]/$path1[1]";


         $handle=opendir($path);


         while (false !== ($file = readdir($handle))) { 


         if ($file != "." && $file != "..") { 


            $tlist .= "$file ";


         }


         }


         closedir($handle);


         $tlist = explode(" ", $tlist);


         sort($tlist);


         for ($i=0; $i < sizeof($tlist); $i++) {


         if($tlist[$i]!="") {


            echo "<option  value=\"$tlist[$i]\">$tlist[$i]\n</option>";


         }


         }


         echo "</select>&nbsp;"._ADDBPIC." <a href=\"javas-c-r-i-p-t:uploadbookpic()\">"._CLICK."</a></td></tr>";





         echo "</table>";





         echo "<BR><i>"._CHECKINFO."</i><br><br>


               <input type=\"hidden\" name=\"bid\" value=\"$bid\">


         <input type=\"submit\" value=\""._UPDATE."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>";


        }


        CloseTable();


        include ("footer.php");


}





function DelComment($comid, $cbookid,$bid) {


    global $admin, $prefix, $dbi, $module_name,$cbookid,$bid;


    if (is_admin($admin)) {


        sql_query("delete from ${prefix}_bcatalog_comments where comid='$comid'", $dbi);


        Header("Location: modules.php?name=$module_name&op=showbook&bid=$cbookid");


    } else {


        echo ""._ACCDENY."";


    }


}





function ViewPic($bid){

[/code]

Posted: Sat Sep 25, 2004 2:38 am

Sorry the whole code didn't apeared. This here is the rest of it:

Code:







function ViewPic($bid){


   global $cookie,$newbgcolor,$dbi,$user,$prefix,$bgcolor1,$currentlang,$bgcolor2,$module_name,$bid,$nukeurl;


    $result = sql_query("select * from ${prefix}_bcatalog_books where bid='$bid'", $dbi);


   $row=sql_fetch_array($result,$dbi);


   $bname=$row["bname"];


   $bpic=$row["bpic"];


?>


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">


<html>


<head>


<title><? echo $bname; ?></title>


<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso8859-9">


</head>





<body bgcolor="#FFFFFF" text="#000000" link="#035D8A" vlink="#035D8A">


<?


      echo "<CENTER><img src=\"$nukeurl/modules/$module_name/images/bookimg/$bpic\" border=0 alt=\"$bname\"></CENTER>";


      sql_free_result($result);


      echo "<BR>";


      echo "<CENTER>[ <a href=\"javas-c-r-i-p-t:window.parent.close()\">"._CLOSEWIN."</a> ]</CENTER>";


      echo "</body></html>";





}





function search($query) {


global $module_name, $prefix, $query, $dbi;


include("header.php");


topmenu();


    $result = sql_query("select bid, bname,bauthor,bpublisher from ${prefix}_bcatalog_books where bname LIKE '%$query%' or cname LIKE '%$query%' or bauthor LIKE '%$query%' or bpublisher LIKE '%$query%'", $dbi);


   $count=sql_num_rows($result,$dbi);


    OpenTable();


   echo "<CENTER><font class=booktitle>"._SEARCHRESULT."</font>: <font class=bookcontent >'$query'</font></CENTER>";


    echo "<blockquote>" ;


    if (sql_num_rows($result, $dbi) == 0) {


        echo ""._NORESULT."";


    } else {


    echo "<center><i> "._FOUNDRECORDS."</i><B>&nbsp;:&nbsp;$count</B><BR><BR></center>";


        while(list($bid, $bname,$bauthor,$bpublisher) = sql_fetch_row($result, $dbi)) {


            echo "<strong><big>&middot</big></strong><a href=\"modules.php?name=$module_name&op=showbook&amp;bid=$bid\">$bname</a>, <B>"._BAUTHOR.":</B>&nbsp;$bauthor, <B>"._BPUBLISHER.":</B>&nbsp;$bpublisher <BR>";


        }


    }





   echo"<BR><CENTER>[ <a href=\"modules.php?name=$module_name\">"._BACK."</a> ]</CENTER><br>";





    CloseTable();


include("footer.php");


}





function UploadImg() {


global $module_name, $prefix, $query, $dbi;


include("header.php");


topmenu();


OpenTable();


echo "<CENTER><font class=booktitle>"._IMGUPLOAD."</font><BR>";


echo "<form enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";


echo"<input name=\"userfile\" type=\"file\">&nbsp;<input type=\"submit\" name=\"submit\" value=\"Dosyayý Yükle\">";


echo "<BR><BR><hr noshade size=1 color=660000 width=60%><table width=50% border=1><TR bgcolor=dbdbdb><TD>Dosya Adý</TD><TD>Dosya Boyutu</TD></TR>";


$dir="modules/$module_name/images/bookimg/";





// copy the file to the server


if (isset($submit)){


   copy($userfile,$dir.$userfile_name);


   if (!is_uploaded_file ($userfile)){


      echo "<CENTER><b>$userfile_name</b> "._CANTUPLOAD."</CENTER>";


   }


}


// check whether it has been uploaded


if (is_uploaded_file ($userfile)){


   echo "<CENTER><b>$userfile_name</b> "._UPLOADSUCCESS."</CENTER><BR>";


}





if ($handle = opendir("$dir")) {


   while (false !== ($file = readdir($handle))) { 


      if ($file != "." && $file != "..") { 


         echo "<TR><TD><B><A HREF=$dir$file>$file</A></B></TD>" . "" .  


         "<TD>". filesize($dir . $file)  ."&nbsp;&nbsp;byte". "</TD></TR>"; 


      } 


   }


   closedir($handle); 


}


echo "</table>";


echo "</form>";   


   CloseTable();


include("footer.php");


}





function DeleteBook($bid) {


    global $admin, $prefix, $dbi, $module_name,$cbookid,$bid;


    global $admin, $prefix, $dbi, $module_name;


    include ('header.php');


    topmenu();


      opentable();


    if (is_admin($admin)) {


        sql_query("delete from ${prefix}_bcatalog_books where bid='$bid'", $dbi);


       echo "<center><font class=bookcontent><B>"._SUCCDELETED."</B></font>";


        Header("Location: modules.php?name=$module_name");


    } else {


        echo ""._ACCDENY."";


    }


      closetable();


}





switch($op) {





        case "showbook":


        showbook($bid);


        break;





        case "viewpic":


        ViewPic($bid);


        break;





        case "postcomment":


        PostComment($id, $title);


        break;





        case "savecomment":


        savecomment($uname, $bid, $score, $comment, $ip);


        break;





        case "delcomment":


        DelComment($comid, $bid,$cbookid);


        break;





       case "listcategory":


        CategoryList();


        break;





        case "uploadimg":


        UploadImg();


        break;





      case "category":


        Category($catid);


        break;





        case "listauthors":


        AuthorList($t,$bauthor);


        break;





        case "listbooks":


        BookList();


        break;





        case "addbook":


        AddBook();


        break;





        case "editbook":


        EditBook($bid);


        break;


        case "deletebook":


        DeleteBook($bid);


        break;





        case "preview_book":


        PreviewBook($bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);


        break;





        case "sendbook":


        SendBook($date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);


        break;





        case "updatebook":


        UpdateBook($bid,$date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);


        break;


      case ""._YES."":


        SendBook($date,$bname, $cname, $aname, $pname, $binfo, $byear, $bquality, $bpages, $bdims,$bisbn,$blang,$bpic);


        break;








      case "print":


        PrintPage($id);


        break;





        case "search":


        search($query);


        break;





        default:


        index();


        break;


}





?>

Posted: Sat Sep 25, 2004 4:13 am

Raven!

Do you think thak it could be something for me:

http://www.ravenphpscripts.com/postt2282.html

Can I use it for books too???