Файл: adm_panel/user_menu.php
Строк: 262
<?php
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/adm_check.php';
include_once '../sys/inc/user.php';
user_access('user_cab', null, 'index.php?' . SID);
adm_check();
$set['title'] = lang('Управление кабинетом');
include_once H . 'sys/inc/thead.php';
title();
$get_type = (@$_GET['get_type'] && @$_GET['get_type'] == 2 ? 2 : null);
$get_type_set = ($get_type == null ? 'index' : 'settings');
lang::start('default');
if (isset($_POST['add'])) {
$type_set = my_esc($_POST['type_set']);
$name = my_esc($_POST['name']);
$type = my_esc($_POST['type']);
$url = my_esc($_POST['url']);
$pos = my_esc($_POST['pos']);
$pos2 = my_esc($_POST['pos2']);
if ($type_set == 'index') {
$pos = mysql_result(query("SELECT MAX(`pos`) FROM `user_menu`"), 0) + 1;
} else {
$pos = 0;
}
if ($type_set == 'settings') {
$pos2 = mysql_result(query("SELECT MAX(`pos2`) FROM `user_menu`"), 0) + 1;
} else {
$pos2 = 0;
}
query("INSERT INTO `user_menu` (`type_set`, `name`,`type`,`url`,`pos`,`pos2`) VALUES ('$type_set','$name', '$type', '$url', '$pos', '$pos2')");
$_SESSION['message'] = lang('Ссылка успешно добавлена');
exit(header('Location: ?'));
}
if (isset($_POST['name'], $_POST['url'], $_POST['change'], $_GET['id']) && $_POST['name'] != NULL && $_POST['url'] != NULL) {
$id = intval($_GET['id']);
$name = my_esc($_POST['name']);
$url = my_esc($_POST['url']);
$type = my_esc($_POST['type']);
$type_set = my_esc($_POST['type_set']);
query("UPDATE `user_menu` SET `name` = '$name', `url` = '$url', `type` = '$type', `type_set` = '$type_set' WHERE `id` = '$id' LIMIT 1");
$_SESSION['message'] = lang('Пункт меню успешно изменен');
exit(header('Location: ?'));
}
if (isset($_GET['id']) && isset($_GET['act']) && mysql_result(query("SELECT COUNT(*) FROM `user_menu` WHERE `id` = '" . intval($_GET['id']) . "'"), 0)) {
$menu = mysql_fetch_assoc(query("SELECT * FROM `user_menu` WHERE `id` = '" . intval($_GET['id']) . "' LIMIT 1"));
$pos = 'pos' . $get_type;
if ($_GET['act'] == 'up') {
query("UPDATE `user_menu` SET `$pos` = '" . ($menu[$pos]) . "' WHERE `$pos` = '" . ($menu[$pos] - 1) . "' LIMIT 1");
query("UPDATE `user_menu` SET `$pos` = '" . ($menu[$pos] - 1) . "' WHERE `id` = '" . intval($_GET['id']) . "' LIMIT 1");
$_SESSION['message'] = lang('Пункт меню сдвинут на позицию вверх');
exit(header('Location: ?get_type=' . $get_type));
}
if ($_GET['act'] == 'down') {
query("UPDATE `user_menu` SET `$pos` = '" . ($menu[$pos]) . "' WHERE `$pos` = '" . ($menu[$pos] + 1) . "' LIMIT 1");
query("UPDATE `user_menu` SET `$pos` = '" . ($menu[$pos] + 1) . "' WHERE `id` = '" . intval($_GET['id']) . "' LIMIT 1");
$_SESSION['message'] = lang('Пункт меню сдвинут на позицию вниз');
exit(header('Location: ?get_type=' . $get_type));
}
if ($_GET['act'] == 'del') {
query("DELETE FROM `user_menu` WHERE `id` = '" . intval($_GET['id']) . "' LIMIT 1");
$_SESSION['message'] = lang('Пункт меню удален');
exit(header('Location: ?get_type=' . $get_type));
}
}
err();
aut();
echo "<div class='card'>";
echo "<div class='card-header'>" . lang('Управление кабинетом') . "</div>";
echo "<div class='card-block'>";
echo "<ul class='nav nav-tabs'>";
if ($get_type == 2) {
echo "<li class='nav-item'><a href='?get_type=1' class='nav-link'>" . lang('Кабинет') . "</a></li>";
echo "<li class='nav-item'><a href='?get_type=2' class='nav-link active'>" . lang('Настройки') . "</a></li>";
} else {
echo "<li class='nav-item'><a href='?get_type=1' class='nav-link active'>" . lang('Кабинет') . "</a></li>";
echo "<li class='nav-item'><a href='?get_type=2' class='nav-link'>" . lang('Настройки') . "</a></li>";
}
echo "</ul>";
echo "<center>" . lang('Редактирование ссылок и разделов кабинета') . "</center>";
echo "</div>";
echo "<ul class='list-group list-group-flush'>";
$q = query("SELECT * FROM `user_menu` where `type_set` = '$get_type_set' ORDER BY `pos$get_type` ASC");
while ($post = mysql_fetch_assoc($q)) {
echo "<li class='list-group-item'>";
if ($post['pos' . $get_type] <= 0) {
$pos = 'pos' . $get_type;
$posI = mysql_result(query("SELECT MAX(`$pos`) FROM `user_menu`"), 0) + 1;
query("UPDATE `user_menu` SET `$pos` = '" . ($posI) . "' WHERE `id` = '" . $post['id'] . "' LIMIT 1");
}
echo "<span style='color: grey;'>";
#Выводим иконку раздела
if ($post['type'] == 'razd') {
echo "<span class='fa fa-th-large'></span> ";
}
echo lang($post['name']) . "</span>";
echo "<span style='float:right'>";
echo "<a href='?id=$post[id]&act=edit&get_type=$get_type' title='" . lang('Редактировать') . "'><span class='label label-default'><span class='fa fa-cog fa-2x'></span></span></a> ";
echo "<a href='?id=$post[id]&act=del&' title='" . lang('Удалить') . "'><span class='label label-default'><span class='fa fa-trash-o fa-2x'></span></span></a><br /><br />";
echo "</span>";
echo " <br />";
if ($post['type'] == 'razd') {
echo lang('Файл') . ": <span style='color: grey;'>" . lang('Отсутствует') . "</span><br />";
} else {
echo lang('Файл') . ": <span style='color: grey;'>" . output_text($post['url']) . "</span><br />";
}
if (isset($_GET['id']) && $_GET['id'] == $post['id'] && isset($_GET['act']) && $_GET['act'] == 'edit') {
echo "<form action='?id=$post[id]' method='post'>";
echo "<br />";
echo lang('Название') . ":<br />";
echo "<input class='form-control' placeholder='" . lang('Название') . "' type='text' name='name' value='" . lang($post['name']) . "' />";
echo lang('Ссылка на виджет') . ":<br />";
echo "<input class='form-control' placeholder='" . lang('Ссылка на виджет') . "' type='text' name='url' value='" . ($post['url']) . "' />";
echo lang('Тип') . ": <br />";
echo "<select name='type' class='form-control'>";
echo "<option value='inc'> " . lang('Виджет') . "</option>";
echo "<option value='razd'> " . lang('Раздел') . "</option>";
echo "</select>";
echo lang('Раздел') . ": <br />";
echo "<select name='type_set' class='form-control'>";
echo "<option value='index'> " . lang('Кабинет') . "</option>";
echo "<option value='settings'> " . lang('Настройки') . "</option>";
echo "</select><br />";
echo "<button name='change' class='btn btn-success'><span class='fa fa-save'></span> " . lang('Сохранить') . "</button> ";
echo "<a class='btn btn-secondary' href='?'>" . lang('Отмена') . "</a>";
echo "</form>";
} else {
echo "<a href='?id=$post[id]&act=up&get_type=$get_type' title='" . lang('Выше') . "'><span class='label label-success'><span class='fa fa-arrow-up fa-2x'></span></span></a> ";
echo "<a href='?id=$post[id]&act=down&get_type=$get_type' title='" . lang('Ниже') . "'><span class='label label-success'><span class='fa fa-arrow-down fa-2x'></span></span></a> ";
}
echo "</li>";
}
echo "</ul>";
echo "<div class='card-block'>";
if (isset($_GET['add'])) {
echo "<form action='?' method="post">";
echo lang('Тип') . ":<br />";
echo "<select name='type' class='form-control'>";
echo "<option value='inc'> " . lang('Виджет') . "</option>";
echo "<option value='razd'> " . lang('Раздел') . "</option>";
echo "</select>";
echo lang('Раздел') . ":<br />";
echo "<select name='type_set' class='form-control'>";
echo "<option value='index'> " . lang('Кабинет') . "</option>";
echo "<option value='settings'> " . lang('Настройки') . "</option>";
echo "</select>";
echo lang('Название') . ":<br />";
echo "<input class='form-control' placeholder='" . lang('Название') . "' type='text' name='name' value='' />";
echo lang('Ссылка на виджет') . ":<br />";
echo "<input class='form-control' placeholder='" . lang('Ссылка на виджет') . "' type='text' name='url' value='' /><br />";
echo "<button name='add' class='btn btn-success'><span class='fa fa-plus'></span> " . lang('Добавить пункт') . "</button> ";
echo "<a class='btn btn-secondary' href='?$passgen'>" . lang('Отмена') . "</a>";
echo "</form>";
} else {
echo "<a class='btn btn-success' href='?add=$passgen'><span class='fa fa-plus'></span> " . lang('Добавить пункт') . "</a>";
}
echo "<br /><a href='" . APANEL . "/'><span class='fa fa-arrow-left'></span> " . lang('В админку') . "</a>";
echo "</div>";
echo "</div>";
include_once '../sys/inc/tfoot.php';