Файл: modules/route/admin.php
Строк: 103
<?php
##################################################################
## Development by CoMMoN web site author http://mirmastera.ru ##
## fportal web site scripts http://fportal.tk ##
## All rights reserved authors ##
##################################################################
if (!is_user()) {header('Location: /');} //Переадресация гостей
if (!is_admin(array(2,3,4))) {header('Location: /');} //Переадресация пользователей не являющихся админами
//Ещё одна проверка прав (на всякий случай)
if (is_admin(array(2,3,4))) {
$mod_name = 'Страницы'; //Имя модуля
$act_name = 'Админка'; //Имя действия
require_once(ROOT.'/kernel/kernelhead.php'); //Подключение шапки
echo '<div class="title">'.$mod_name.'</div>'; //Вывод заголовка
switch(filtr($_GET['do'])){
####################################################################
default;
echo'<table width="570pt">
<tr style="background-color: #CECECE;">
<th width="5%">id</th>
<th width="5%">idi</th>
<th width="10%">Type</th>
<th width="25%">name</th>
<th width="25%">modul</th>
<th width="10%">pos</th>
<th width="10%">view</th>
<th width="10%"> </th>
</tr>';
$query_spisoc = $mysql -> query("SELECT * FROM `".PREFIX."route` ORDER BY `id` DESC;");
while($arr_sp = $query_spisoc -> fetch_assoc())
{
$number++;
if ($number % 2) {
$color_row = '#F0FFFF';
} else {
$color_row = '#FFFFFF';
}
echo'<form action="/?mod=route&act=admin&do=editline" method="post">';
echo'<tr style="background-color: '.$color_row.';">
<td align="center"><input type="hidden" name="line_id" value="'.$arr_sp['id'].'"/><b>'.$arr_sp['id'].'</b></td>
<td align="center">';
echo'<select name="line_idi">';
$query_v_cat = $mysql -> query("SELECT * FROM `".PREFIX."route` WHERE `type`='cat' ORDER BY `id` DESC;");
echo'<option value="'.$arr_sp['id'].'">'.$arr_sp['idi'].'</option>';
while($arr_cat = $query_v_cat -> fetch_assoc())
{
echo'<option value="'.$arr_cat['id'].'">'.$arr_cat['id'].'</option>';
}
// echo''.$arr_sp['idi'].'';
echo' </select><br />';
echo'</td>
<td align="center">'.$arr_sp['type'].'</td>
<td align="center">'.$arr_sp['name'].'</td>
<td align="center">'.$arr_sp['modul'].'</td>
<td align="center">'.$arr_sp['pos'].'</td>
<td align="center">';
if($arr_sp['view'] == 1){
echo'<a href="/?mod=route&act=admin&do=editview&id='.$arr_sp['id'].'&type=0"><img src="design/'.STYLE.'/images/system/noview.png" alt="'.$arr_sp['view'].'" width="16" height="16"/></a>';
}else{
echo'<a href="/?mod=route&act=admin&do=editview&id='.$arr_sp['id'].'&type=1"><img src="design/'.STYLE.'/images/system/view.png" alt="'.$arr_sp['view'].'" width="16" height="16"/></a>';
}
echo'</td>
<td><img src="design/'.STYLE.'/images/system/up.png" alt="" width="16" height="16"/> <img src="design/'.STYLE.'/images/system/down.png" alt="" width="16" height="16"/>
<input type="image" src="design/'.STYLE.'/images/system/ok.png" value="" name="" style="width: 16px; height:16px;"/></td>
</tr>';
echo'</form>';
}
echo'</table>';
echo'<br/>';
echo'<hr/>';
if(!isset($_POST['submit'])){
echo'<form action="" method="post">';
echo'Name category<br/>';
echo'<input type="text" name="namecat" value=""/> ';
echo'<input type="submit" name="submit" value="Go"/>';
echo'</form>';
}else{
$namecat = filtr($_POST['namecat']);
if($mysql -> query('INSERT INTO `'.PREFIX.'route` SET `type` ="cat", `name` ="'.$namecat.'"'))
{
unset($namecat);
echo'<div class="success">Категория создана успешно.</div>';
echo'<meta http-equiv="refresh" content="5; URL=/?mod=route&act=admin">';
}else{
unset($namecat);
echo'<div class="error">Ошибка: Категория не создана.</div>';
echo'<meta http-equiv="refresh" content="5; URL=/?mod=route&act=admin">';
}
}
break;
case 'editline':
$id = num($_POST['line_id']);
$line_idi = num($_POST['line_idi']);
if($mysql -> query('UPDATE `'.PREFIX.'route` SET `idi` = '.num($line_idi).' WHERE `id` = '.$id.'')){
header("Location: /?mod=route&act=admin");
}
break;
case 'editview':
$id = num($_GET['id']);
if(num($_GET['type']) == 1){
if($mysql -> query('UPDATE `'.PREFIX.'route` SET `view` = '.num($_GET['type']).' WHERE `id` = '.$id.'')){
header("Location: /?mod=route&act=admin");
}
}elseif(num($_GET['type']) == 0){
if($mysql -> query('UPDATE `'.PREFIX.'route` SET `view` = '.num($_GET['type']).' WHERE `id` = '.$id.'')){
header("Location: /?mod=route&act=admin");
}
}else{
echo'Error';
}
break;
####################################################################
}
require_once(ROOT.'/kernel/kernelfoot.php'); //Вывод ног
} //Конец проверки прав доступа
?>