Файл: adm/ads.php
Строк: 42
<?php
include '../system/sys.php';
include '../system/funcs.php';
if (!isset ($us)) {
header ('location: /');
exit;
}
if ($us['level']<1) {
header ('location:/');
exit;
}
H ('Реклама', 'Реклама');
if (isset ($_GET['add'])) {
echo '<form action="/adm/ads.php?add&ok" method="post">';
echo '<div class="list1">';
echo 'Название:<br/><input name="name"/><br/>';
echo 'Ссылка:<br/><input name="link"/><br/>';
echo 'Время:<br/>';
echo '<input name="d" size="2"/> д.<br/>';
echo '<input name="h" size="2"/> ч.<br/>';
echo '<input name="m" size="2"/> м.<br/>';
echo '<input name="s" size="2"/> с.<br/>';
echo '</div>';
echo '<div class="lst">';
echo '<input type="submit" value="Добавить"/>';
echo '</div>';
echo '</form>';
if (isset ($_GET['ok'])) {
$_POST['name'] = htmlspecialchars (addslashes (trim ($_POST['name'])));
if (empty ($_POST['name'])) {
echo '<div class="list1"><b style="color:red;">Вы не указали назавние..</b></div>';
}
elseif (!preg_match ('/https?://(.*)/i', $_POST['link'])) {
echo '<div class="list1">Неверно указанна ссылка..</div>';
}
else {
$_POST['d'] = (int) $_POST['d'];
if ($_POST['d']<0) {
$_POST['d'] = 0;
}
$_POST['h'] = (int) $_POST['h'];
if ($_POST['h']<0) {
$_POST['h'] = 0;
}
if ($_POST['h']>24) {
$_POST['h'] = 24;
}
$_POST['m'] = (int) $_POST['m'];
if ($_POST['m']<0) {
$_POST['m'] = 0;
}
if ($_POST['m']>60) {
$_POST['m'] = 60;
}
$_POST['s'] = (int) $_POST['s'];
if ($_POST['s']<0) {
$_POST['s'] = 0;
}
if ($_POST['s']>60) {
$_POST['s'] = 60;
}
$time = ($_POST['d'] * 86400)+($_POST['h']*3600)+($_POST['m']*60)+$_POST['s'];
if ($time==0) {
echo '<div class="list1"><b style="color:red;">Вы не установили время..</b></div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `ads` (`name`,`link`,`time`) VALUES (?,?,'" . (time () + $time) . "')", array ($_POST['name'], $_POST['link']));
echo '<div class="list1">Ссылка успешно добавлена!</div>';
header('refresh:1; url=/adm/ads.php');
}
}
}
}
else {
echo '<div class="menu2"><a href="/adm/ads.php?add" style="color:white;">Добавить</a></div>';
}
if (isset ($_GET['del'])) {
$query = DB :: $dbs -> query ("SELECT * FROM `ads` WHERE (`id`=?)", array (intval ($_GET['del'])));
if ($query -> rowCount () == 0) {
header ('location: /adm/ads.php');
exit;
}
DB :: $dbs -> query ("DELETE FROM `ads` WHERE (`id`='" . $_GET['del'] . "')");
header ('location: /adm/ads.php');
}
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `ads`") != 0) {
$query = DB :: $dbs -> query ("SELECT * FROM `ads`");
while ($ads = $query -> fetch ()) {
echo '<div class="list1">';
echo '<a href="' . $ads['link'] . '">' . $ads['name'] . '</a> (' . ( ($ads['time']<time ()) ? 'отключена' : timef ($ads['time'] - time ()) ) . ') [<a href="/adm/ads.php?del=' . $ads['id'] . '">x</a>]';
echo '</div>';
}
}
else {
echo 'Рекламы нет..';
}
F ();
?>