Файл: adm/news.php
Строк: 55
<?
include_once '../system/sys.php';
include '../system/funcs.php';
if(!$cms->us['id']){
header('location: /');
exit;
}
if($cms->us['level']<4){
header('location:/');
exit;
}
verh('Новости','Новости');
echo '<div class="list1"><a href="/adm/news.php?add">Добавить</a></div>';
if(isset($_GET['red'])){
$new = DB::$dbs->queryFetch("SELECT * from `news` where `id` = ? limit 1",array(secure($_GET['red'])));
if(empty($new['id'])){
echo'<div class="news">Ошибка!</div>'; }else{
echo'<div class="list1"><form action="?red='.secure($_GET['red']).'&ok" method="post">
Текст:<br/>
<textarea name="textr">'.$new['text'].'</textarea><br/>
<input type="submit" value="Сохранить"/></form></div>';
if(isset($_GET['ok'])){
if($_POST['textr']!==$new['textr']){
$_POST['textr'] = secure($_POST['textr']);
}
if(empty($_POST['textr'])){ echo'<div class="news">Вы не заполнили одно из полей...</div>'; niz(); exit;}else{
DB::$dbs->query("UPDATE `news` set `text` = ? where `id` = ? limit 1",array($_POST['textr'],secure($_GET['red'])));
header('location:/adm/news.php'); exit;
}
}
if(isset($_GET['del'])){
DB::$dbs->query("DELETE from `news` where `id` = ? limit 1",array(secure($_GET['red'])));
echo'<div class="list1">Новость успешно удалена!</div>'; header('refresh:1; url=/adm/news.php');
}
}
}
if(isset($_GET['add'])){
echo '<div class="list1">
<form action="/adm/news.php?add&ok" method="post">
Текст:<br/>
<textarea name="text"></textarea><br/>
<input type="submit" value="Добавить"/>
</form></div>';
if(isset($_GET['ok'])){
$text = secure($_POST['text']);
if(empty($text)){ echo'<div class="news">Вы не ввели название или текст новости...</div>'; }else{
DB::$dbs->query("INSERT INTO `news` set `text` = ?, `t` = ?, `us` = ?",array($text,time(),$cms->us['id']));
echo'<div class="list1">Новость успешно добавлена!</div>'; header('refresh:1; url=/adm/news.php');
}
}
}
if($func->getCount('id','news')==0){
echo '<div class="lst">Новостей пока что нет...</div>';
}else{
$num = 10;
$posts = $func->getCount('id','news');
$total = intval(($posts - 1) / $num) + 1;
$page = abs(intval($_GET['page']));
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$news = DB::$dbs->query("SELECT * FROM `news` order by `id` desc limit $start,$num");
while($n = $news -> fetch()){
echo'<div class="lst">'.$func->text($n['text']).' ('.t($n['t']).') [<a href="?red='.$n['id'].'">ред</a>] [<a href="?red='.$n['id'].'&del">x</a>]</div>';
}
echo '<div class="lst">';
$func->page('?');
echo '</div>';
}
niz();
?>