Файл: mpanel/news.php
Строк: 125
<?php
include('../core/core.php');
include(MAINDIR.'style/head.php');
title('Управление новостями');
if (is_admin(array(101, 102))) {
$my = DB::run() -> queryFetch("SELECT * FROM `users` WHERE `login`=? LIMIT 1",array(check($_COOKIE['login'])));
$admin = $my['status'];
echo'<div class="title">Управление новостями</div>';
$act = '<img src="/images/act.png">';
switch ($mode):
case 'index':
echo'<div class="menu">';
echo''.$act.' <a href="?mode=add">Добaвить новость</a><br />
'.$act.' <a href="?mode=edit">Изменить новость</a><br />
'.$act.' <a href="?mode=delet">Удалить новость</a><br />';
echo'</div>';
break;
case 'add':
echo'<div class="menu">
<form action="?mode=add_ok" method="post">
Название новости:<br />
<input name="title" type="text" value="" /><br />
Новость:<br />
<textarea name="msg" cols="45" rows="5"></textarea><br />
<input name="" type="submit" value="Добавить" />
</form>
</div>';
break;
case 'add_ok':
$msg = check($_POST['msg']);
$title = check($_POST['title']);
if (mb_strlen($msg) >= 50 && mb_strlen($msg) < 1000) {
$msg = no_br($msg);
$msg = smiles($msg);
$data = times();
$ss = time() + (86400 * 3);
DB::run()->query("INSERT INTO `news`(`title`, `data`,`msg`,`login`, `count`, `time`) VALUES (?,?,?,?,?,?)",array($title,$data,$msg,$my['login'],0,$ss));
echo'<div class="menu">Новость Добавлена!</div>';
} else { echo'Ошибка! Слишком длинное или короткое сообщение!'; }
break;
case 'delet_kom':
$id = abs(intval($_GET['id']));
DB::run()->query("ELETE FROM `news_kom` WHERE `id` =?",array($id));
$a = check($_SERVER['HTTP_REFERER']);
header ('location: '.$a.'');
break;
case 'delet':
$id = abs(intval($_GET['id']));
if($id == NULL){
define('TOPAGE',10); $num = TOPAGE;
$links = '?mode=delet&page=';
$page = intval($_GET['page']);
$posts = DB::run() -> query("SELECT * FROM `news`") -> rowCount();
$total = intval(($posts - 1) / $num) + 1;
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$themes = DB::run()->query("SELECT * FROM `news` ORDER BY `id` DESC LIMIT $start,".TOPAGE."");
$themes = $themes -> fetchAll();
foreach($themes AS $u){
echo'<div class="menu">
<a href="?mode=delet&id='.$u['id'].'" onclick="return confirm('Вы подтверждаете удаление?')">'.$u['title'].'</a>
</div>';
}
if ($page != 1) $pervpage = '<a href= '.$links.'1><<</a> <a href= '.$links.''. ($page - 1) .'><</a> ';
if ($page != $total) $nextpage = ' <a href= '.$links.''. ($page + 1) .'>></a> <a href= '.$links.'' .$total. '>>></a>';
if($page - 2 > 0) $page2left = ' <a href= '.$links.''. ($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = '<a href= '.$links.''. ($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 2 <= $total) $page2right = ' | <a href= '.$links.''. ($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href= '.$links.''. ($page + 1) .'>'. ($page + 1) .'</a>';
if($posts == 0){ echo'<div class="menu">Новостей не найдено</div>'; } else {echo '<div class="menu_2">'.$pervpage.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$nextpage.'</div>'; }
} else {
DB::run()->query("DELETE FROM `news` WHERE `id` =?",array($id));
DB::run()->query("DELETE FROM `news_kom` WHERE `id_news` =?",array($id));
echo'<div class="menu">Новость удалена!</div>';
}
break;
case 'edit':
$id = abs(intval($_GET['id']));
if($id == NULL){
define('TOPAGE',10); $num = TOPAGE;
$links = '?mode=edit&page=';
$page = intval($_GET['page']);
$posts = DB::run() -> query("SELECT * FROM `news`") -> rowCount();
$total = intval(($posts - 1) / $num) + 1;
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$themes = DB::run()->query("SELECT * FROM `news` ORDER BY `id` DESC LIMIT $start,".TOPAGE."");
$themes = $themes -> fetchAll();
foreach($themes AS $u){
echo'<div class="menu">
<a href="?mode=edit&id='.$u['id'].'">'.$u['title'].'</a>
</div>';
}
if ($page != 1) $pervpage = '<a href= '.$links.'1><<</a> <a href= '.$links.''. ($page - 1) .'><</a> ';
if ($page != $total) $nextpage = ' <a href= '.$links.''. ($page + 1) .'>></a> <a href= '.$links.'' .$total. '>>></a>';
if($page - 2 > 0) $page2left = ' <a href= '.$links.''. ($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = '<a href= '.$links.''. ($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 2 <= $total) $page2right = ' | <a href= '.$links.''. ($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href= '.$links.''. ($page + 1) .'>'. ($page + 1) .'</a>';
if($posts == 0){ echo'<div class="menu">Новостей не найдено</div>'; } else {echo '<div class="menu_2">'.$pervpage.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$nextpage.'</div>'; }
} else {
$n = mysql_query('SELECT * FROM news WHERE id = "'.$id.'"');
$n = mysql_fetch_assoc($n);
echo'<div class="menu">
<form action="?mode=edit_ok&id='.$id.'" method="post">
<input name="title" type="text" value="'.$n['title'].'" /><br />
<textarea name="msg" cols="45" rows="5">'.nosmiles($n['news']).'</textarea><br />
<input name="" type="submit" value="Редактировать" />
</form>
</div>';
}
break;
case 'edit_ok':
$id = abs($_GET['id']);
$msg = check($_POST['msg']);
$title = check($_POST['title']);
if (mb_strlen($msg) >= 50 && mb_strlen($msg) < 1000) {
$msg = no_br($msg);
$msg = smiles($msg);
DB::run()->query("UPDATE `news` SET `news`=?, `title`=? WHERE id =?",array($msg,$title,$id));
echo'<div class="menu">Новость изменена!!</div>';
} else { echo'Ошибка! Слишком длинное или короткое сообщение!'; }
break;
default:
header ('location: ?mode=index');
endswitch;
echo'<div class="menu"><a href="/mpanel/">В админку</a></div>';
} else {header ('location: /index.php?mode=index'); }
include(MAINDIR.'style/foot.php');
?>