Файл: panel/sam.php
Строк: 172
<?php
require_once '../includes/sys.php';
require_once '../includes/auth_a.php';
require_once '../includes/header.php';
if (!access(2)) {
redirect(HTTPHOME);
}
switch ($act) {
default:
tp('<a href="./">АДМ</a>» Все самолёты');
note();
$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `sam`"), 0);
if ($total > 0) {
$pages = ceil($total / $config['onpage']);
if ($page > $pages or $page == 0) {
$page = 1;
}
$begin = ($page - 1) * $config['onpage'];
$news_r = mysql_query("SELECT * FROM `sam` ORDER BY `id` DESC LIMIT $begin, $config[onpage]");
while ($news = mysql_fetch_assoc($news_r)) {
echo '</div><div class="row370">'.$news['name'].'</br><span class="count11">У:'.$news['yron'].'</br>П:'.$news['proc'].'</br>С:'.$news['speed'].'</span>';
echo '<img src="/sam/'.$news['kar'].'" width="200"></br>';
echo ''.$news['opis'].'</br>';
echo 'Цена: '.$news['cena'].'</br>';
echo 'Страна: ';
if ($news['strana'] == 1) { echo "США</br>"; }
if ($news['strana'] == 2) { echo "БРИТАНИЯ</br>"; }
if ($news['strana'] == 3) { echo "СССР</br>"; }
if ($news['strana'] == 4) { echo "ЯПОНИЯ</br>"; }
if ($news['strana'] == 5) { echo "ГЕРМАНИЯ</br>"; }
echo "</div>";
}
}
echo '<div class="row"><a href="?act=add" class="button">'.$lang['add_news'].'</a></div>';
navig($page, '?', $pages);
break;
case 'add':
if ($ok) {
$_SESSION['kar'] = $_POST['kar'];
$_SESSION['opis'] = $_POST['opis'];
$_SESSION['strana'] = $_POST['strana'];
$_SESSION['name'] = $_POST['name'];
$_SESSION['cena'] = $_POST['cena'];
if ($_POST['opis'] and $_POST['strana'] and $_POST['name']) {
$kar = check($_POST['kar']);
$opis = check($_POST['opis']);
$strana = check($_POST['strana']);
$name = check($_POST['name']);
$cena = check($_POST['cena']);
$yron = check($_POST['yron']);
$proc = check($_POST['proc']);
$speed = check($_POST['speed']);
mysql_query("INSERT INTO `sam`(`cena`,`name`,`kar`,`opis`,`strana`,`yron`,`proc`,`speed`) VALUES('$cena','$name','$kar', '$opis', '$strana', '$yron', '$proc', '$speed')");
unset($_SESSION['kar']);
unset($_SESSION['opis']);
unset($_SESSION['strana']);
unset($_SESSION['name']);
unset($_SESSION['cena']);
redirect('?');
} else {
$_SESSION['note'] = $lang['the_fields_cant_be_blank'];
redirect('?act=add');
}
} else {
$ses_title = !empty($_SESSION['title']) ? $_SESSION['title'] : '';
$ses_text = !empty($_SESSION['text']) ? $_SESSION['text'] : '';
tp('<a href="?">Самалёты</a>» Добавить');
echo '<div class="body">';
note();
echo '<form name="form" action="?act=add&ok=1" method="post" name="form">
Название:<br/><input name="name" type="text" value="'.$ses_title.'" maxlength="100" /><br />';
echo 'Страна:</br>';
echo 'США <input name="strana" type="radio" value="1" checked /></br>';
echo 'БРИТАНИЯ <input name="strana" type="radio" value="2" checked /></br>';
echo 'СССР <input name="strana" type="radio" value="3" checked /></br>';
echo 'ЯПОНИЯ <input name="strana" type="radio" value="4" checked /></br>';
echo 'ГЕРМАНИЯ <input name="strana" type="radio" value="5" checked /></br>';
echo '<br />';
echo 'Описание:<br /><textarea name="opis" rows="5">'.$ses_text.'</textarea><br />
Урон:<br /><input name="yron" type="text" value="'.$ses_title.'" maxlength="20" /><br />
Прочность:<br /><input name="proc" type="text" value="'.$ses_title.'" maxlength="20" /><br />
Скорость:<br /><input name="speed" type="text" value="'.$ses_title.'" maxlength="20" /><br />
Цена:<br /><input name="cena" type="text" value="'.$ses_title.'" maxlength="20" /><br />
Адрес к картинке:<br /><input name="kar" type="text" value="'.$ses_title.'" maxlength="10000" /><br />
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?');
}
break;
case 'edit':
if ($ok) {
if (empty($_POST['del'])) {
if ($_POST['name'] && $_POST['text']) {
$name = check($_POST['name']);
$text = check($_POST['text']);
mysql_query("UPDATE `news` SET `name` = '$name', `text` = '$text' WHERE `id` = '$id'");
$_SESSION['note'] = $lang['all_changes_saved'];
redirect(HTTPHOME.'/news/index.php?act=view&id='.$id);
} else {
$_SESSION['note'] = $lang['the_fields_cant_be_blank'];
redirect('?act=edit&id='.$id);
}
} else {
mysql_query("DELETE FROM `news` WHERE `id` = '$id'");
mysql_query("DELETE FROM `news_comm` WHERE `id_news` = '$id'");
$_SESSION['note'] = 'Новость удалена';
redirect('?');
}
} else {
$news = mysql_fetch_assoc(mysql_query("SELECT `name`, `text` FROM `news` WHERE `id` = '$id'"));
tp('<a href="?">Новости</a>» Ред-е');
echo '<div class="body">';
note();
echo '<form name="form" action="?act=edit&id='.$id.'&ok=1" method="post" name="form">
'.$lang['title'].'(max50):<br /><input name="name" type="text" maxlength="50" value="'.$news['name'].'" /><br />
'.$lang['text'].':<br /><textarea name="text" rows="5">'.$news['text'].'</textarea><br />
<input name="del" type="checkbox" value="1" />'.$lang['delete'].'<br />
<input name="submit" type="submit" value="Ok" /></form>';
nav('?');
}
break;
}
require_once '../includes/tail.php';
?>