Файл: 4mast/profmas.ru/codes/index.php
Строк: 33
<?php
require_once('../includes/Headers.php');
require_once('../includes/PDO_func.php');
include_once('csrf.php');
$csrf = new csrf ();
H ('Полезные куски кодов', 'Полезные куски кодов');
$db = DB::$dbs;
if (isset($_GET['del']) AND $us['level'] >= 3)
{
$csrf -> _check();
$id = $db -> quote($_GET['del']);
$db->query('DELETE FROM `codes_r` WHERE `id` = '.$id);
$db->query('DELETE FROM `codes` WHERE `ref` = '.$id);
echo '<div class="access">Удалил</div>';
}
if (isset($_GET['new']))
{
if (isset($_GET['create']) AND $us['level'] >= 3)
{
$csrf -> check ();
$error = array();
if (empty($_POST['name'])) $error[]='Имя раздела не введено';
if (mb_strlen($_POST['name']) > 50) $error[] = 'Низзя более 50 символов';
if (empty($error))
{
$phq = 'INSERT INTO `codes_r` SET `id` = "NULL", `name` = ?';
$db -> query($phq, array($_POST['name']));
?><div class="access">Успешно</div><?php
}
else
{
foreach ($error as $err)
{
?><div class="error"><?=$err?></div><?php
}
}
}
?>
<div class="menu2"><a href="?">Назад</a></div>
<div class="block">
<form action = "?create&new" method = "POST">
<?=$csrf -> hidden(); ?>
<input type="text" name="name" placeholder="Имя папки"><br>
<input type="submit">
</form>
</div>
<?php
require_once('../includes/Footers.php');
exit();
}
echo '<div class="menu2">Полезные коды ',($us['level'] >= 3 ? '/ <a href="?new">Создать раздел</a></div>' : '</div>');
$phq = 'SELECT `id` FROM `codes_r`';
if ($db->query($phq)->rowCount() == 0)
{
?><div class="error">Разделов нет</div><?php
}
else
{
$phq = 'SELECT * FROM `codes_r` ORDER BY `id` DESC';
$query = $db -> query($phq);
while ($row = $query -> fetch(PDO::FETCH_LAZY))
{
?><a href="/codes/show_dir.php?id=<?=$row -> id;?>" class="block"><img src="/images/p2.png" class="ico" alt="*"/>
<?=$row -> name?> (<?=$db->query('SELECT `id` FROM `codes` WHERE `ref` = "'.$row->id.'"')->rowCount();?>)</a></div><?php
}
}
require_once('../includes/Footers.php');
?>