Файл: news.php
Строк: 54
<?php
include 'core/sys.php';
include 'core/func_smiles.php';
head('Вести');
reg();
if(isset($_GET['dele']) AND !empty($_GET['news']) AND $user['admins']>0){
$news_id = int($_GET['news']);
$test_news = mysql_fetch_assoc(mysql_query("SELECT * FROM `news` WHERE `id`='".$news_id."'"));
if(!$test_news){
header("Location: index.php");
exit;
}
header("Location: news.php");
mysql_query("DELETE FROM `news` WHERE `id`='".$news_id."'");
foot();
exit;
}
if(isset($_GET['new']) AND $user['admins']>0){
if(empty($_POST['text'])){
echo '<div class="name">Добавить весть</div><div class="row"><form action="news.php?new" method="post">
<textarea name="text"></textarea><br>
<input type="submit" value="Добавить">
</form><a href="news.php">Вести</a></div>';
}else{
$text = protect($_POST['text']);
mysql_query("INSERT INTO `news` SET
`text`='".$text."',
`time`='".time()."',
`user_id`='".$user['id']."'");
header('Location: news.php');
}
foot();
exit;
}
echo '<div class="name">Вести<br>';
if($user['admins']>0){
echo '<a href="news.php?new">Новая весть</a>';
}
echo '</div>';
$total = mysql_result(mysql_query("SELECT COUNT(id) FROM `news`"),0);
if($total==0){
echo '<div class="row">Новостей еще нет.</div>';
foot();
exit;
}
$news_q = mysql_query("SELECT * FROM `news` ORDER BY `time` DESC LIMIT ".$page.",".$set['str']." ");
while($news = mysql_fetch_assoc($news_q)){
$ank = mysql_fetch_assoc(mysql_query("SELECT `id`,`login` FROM `users` WHERE `id`='".$news['user_id']."' LIMIT 1"));
echo '<div class="row">[<b>'.clock($news['time']).'</b>]';
if($user['admins']>0){
echo '<a href="news.php?dele&news='.$news['id'].'"> [удалить]</a>';
}
echo smile($news['text']).'<br>
Опубликовал: <a href="pers.php?ank='.$ank['id'].'">'.$ank['login'].'</a></div>';
}
if($total > $set['str'])
{
pages($page, $total, 'news.php?', $set['str']);
}
foot();
?>