Файл: modules/news/edit.php
Строк: 204
<?php
/* DCMS S (Special)
* Версия файла 0.0.1
* Дата последнего редактирования 25.11.2015
* Модифицировал densnet
*/
require_once H . 'sys/inc/start.php';
require_once H . 'sys/inc/compress.php';
require_once H . 'sys/inc/sess.php';
require_once H . 'sys/inc/settings.php';
require_once H . 'sys/inc/db_connect.php';
require_once H . 'sys/inc/ipua.php';
require_once H . 'sys/inc/fnc.php';
require_once H . 'sys/inc/user.php';
user::access('adm_news_edit', null, 'index.php?' . SID);
$news = mysql_fetch_assoc(mysql_query("SELECT * FROM `news` WHERE `id` = '" . intval($_GET['edit']) . "' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `news` WHERE `id` = '$news[id]'"), 0) == 0) {
header("Location:?");
exit;
}
if (isset($_GET['img'])) {
if (isset($_GET['save']) && isset($_POST['save:ok:add:in:base'])) {
if (isset($_FILES['file'])) {
$type = $_FILES['file']['type'];
if ($type !== 'image/jpeg' && $type !== 'image/jpg' && $type !== 'image/gif' && $type !== 'image/png') {
$err = 'Это не изображение.';
}
}
if (!isset($err)) {
$tmp = $_FILES['file']['tmp_name'];
unlink(H . 'modules/news/images/' . $news['id'] . '.png');
move_uploaded_file($tmp, H . 'modules/news/images/' . $news['id'] . '.png');
chmod(H . 'modules/news/images/' . $news['id'] . '.png', 0777);
header("location: ?edit=$news[id]");
}
}
err();
echo "<form method = 'post' class = 'list-group-item' action = '?edit=$news[id]&img&save' enctype = 'multipart/form-data'>";
echo "<b>Изображение</b> <br/>";
echo "<input class='form-control' type = 'file' name = 'file' /><br />";
echo "<button class = 'btn btn-success' name = 'save:ok:add:in:base'>Добавить</button>";
echo "</form>";
echo "<div class = 'list-group-item'><a href = '?edit=$news[id]'><span class='fa fa-arrow-left'></span> Вернуться</a></div>";
} else {
if (isset($_POST['close']) && ($_POST['close'] == 1 || $_POST['close'] == 0)) {
$news['close'] = intval($_POST['close']);
mysql_query("UPDATE `news` SET `close` = '$news[close]' WHERE `id` = '$news[id]' LIMIT 1");
}
if (isset($_POST['title']) && isset($_POST['msg']) && isset($_POST['link']) && isset($_POST['ok'])) {
$title = text::esc($_POST['title'], 1);
$link = text::esc($_POST['link'], 1);
if ($link != NULL && !preg_match('#^https?://#i', $link) && !preg_match('#^/#', $link)) {
$link = '/' . $link;
}
$msg = text::esc($_POST['msg']);
if (text::utf8_strlen($title) > 250) {
$err = 'Заголовок длинее 250-ти символов';
}
if (text::utf8_strlen($title) < 3) {
$err = 'Заголовок короче 3-х символов';
}
$mat = text::antimat($title);
if ($mat) {
$err[] = 'В заголовке обнаружен мат: ' . $mat;
}
if (text::utf8_strlen($msg) > 10024) {
$err = 'Содержание длинее 10024-х символов';
}
if (text::utf8_strlen($msg) < 5) {
$err = 'Содержание короче 5-ти символов';
}
$mat = text::antimat($msg);
if ($mat) {
$err[] = 'В содержании обнаружен мат: ' . $mat;
}
$title = mysql_real_escape_string($_POST['title']);
$msg = mysql_real_escape_string($_POST['msg']);
if (!isset($err)) {
$ch = intval($_POST['ch']);
$mn = intval($_POST['mn']);
$main_time = time() + $ch * $mn * 60 * 60 * 24;
if ($main_time <= time()) {
$main_time = 0;
}
mysql_query("UPDATE `news` SET `title` = '$title', `msg` = '$msg', `link` = '$link', `main_time` = '$main_time', `time` = '$time' WHERE `id` = '$news[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `news_read` = '0'");
header("Location: ?news=$news[id]");
exit;
}
}
$set['title'] = 'Новости - Редактирование';
require_once H . 'sys/inc/thead.php';
err();
if (isset($_GET['del_img']) && is_file(H . 'modules/news/images/' . $news['id'] . '.png')) {
unlink(H . 'modules/news/images/' . $news['id'] . '.png');
header("Location:?edit=$news[id]");
}
echo "<form class = 'list-group-item' name = 'edit' method = 'POST' action = '?edit=$news[id]'>";
echo "<b>Заголовок новости</b> <br />";
echo "<input class='form-control' name = 'title' size = '16' maxlength = '250' value = '$news[title]' type = 'text' /><br />";
echo "<b>Ссылка на источник</b> <br />";
echo "<input class='form-control' name = 'link' size = '16' maxlength = '64' value = '$news[link]' type = 'text' /><br />";
echo "<b>Изображение</b> ";
if (is_file(H . 'modules/news/images/' . $news['id'] . '.png')) {
echo "<a href = '?edit=$news[id]&img'><small>Заменить</small></a> | ";
echo "<a href = '?edit=$news[id]&del_img'><small>Удалить</small></a>";
} else {
echo "<a href = '?edit=$news[id]&img' title = 'Прикрепить изображение'><span class='fa fa-paperclip'></span></a>";
}
if (is_file(H . 'modules/news/images/' . $news['id'] . '.png')) {
echo "<br /><img src = '/modules/news/images/$news[id].png' style = 'border: 1px solid #CCDDED; padding: 2px; border-radius: 5px; max-width: 150px;' />";
}
echo "<br />";
echo "<b>Содержание новости</b><br />";
//echo text::auto_bb("edit", "msg");
echo "<textarea class='form-control' name='msg' rows='3'>$news[msg]</textarea><br />";
echo "<b>Показывать на главной</b> <br />";
echo '<div class="col-xs-2">';
echo "<input class='form-control' type = 'text' name = 'ch' size = '3' value = '" . (isset($_POST['ch']) ? intval($_POST['ch']) : '1') . "' />";
echo '</div><div class="col-xs-3">';
echo "<select class='form-control' name = 'mn'>";
echo "<option value = '0' " . (isset($_POST['mn']) && $_POST['mn'] == 0 ? "selected = 'selected'" : null) . ">Выбрать</option>";
echo "<option value = '1' " . (isset($_POST['mn']) && $_POST['mn'] == 1 ? "selected = 'selected'" : null) . ">Дней</option>";
echo "<option value = '7' " . (isset($_POST['mn']) && $_POST['mn'] == 7 ? "selected = 'selected'" : null) . ">Недель</option>";
echo "<option value = '31' " . (isset($_POST['mn']) && $_POST['mn'] == 31 ? "selected = 'selected'" : null) . ">Месяцев</option>";
echo "</select></div><br /><br />";
echo "<b>Состояние обсуждения</b><br />";
echo "<div class='radio'>";
echo "<label><input name = 'close' type = 'radio' " . ($news['close'] == 0 ? ' checked = "checked"' : null) . " value = '0' /><span class='fa fa-unlock-alt'></span> Открытое</label><br />";
echo "<label><input name = 'close' type = 'radio' " . ($news['close'] == 1 ? ' checked = "checked"' : null) . " value = '1' /><span class='fa fa-lock'></span> Закрытое</label><br/>";
echo "</div>";
echo "<button class='btn btn-success' name='ok'><span class='fa fa-save'></span> Сохранить</button>";
echo "</form>";
echo "<div class='list-group-item'><a href = '?index'><span class='fa fa-arrow-left'></span> Новости</a></div>";
echo "<div class='list-group-item'><a href = '?news=$news[id]'><span class='fa fa-arrow-left'></span> $news[title]</a></div>";
}
require_once H . 'sys/inc/tfoot.php';