Файл: admin/posts_updates.php
Строк: 189
<?php
/**************************************************************************************************
| Scritter Script
| http://www.scritterscript.com
| webmaster@scritterscript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License
| Agreement available at http://www.scritterscript.com/eula.html and to be bound by it.
|
| Copyright (c) 2011 ScritterScript.com. All rights reserved.
|**************************************************************************************************/
include("../include/config.php");
include_once("../include/functions/import.php");
verify_login_admin();
$adminurl = $config['adminurl'];
// DELETE
if($_REQUEST[delete]=="1")
{
$DID = intval($_REQUEST['ID']);
$USERID = intval($_REQUEST['USERID']);
if($DID > 0 && $USERID > 0)
{
$query = "SELECT pic FROM posts where type='update' AND ID='".mysql_real_escape_string($DID)."' AND USERID='".mysql_real_escape_string($USERID)."'";
$executequery = $conn->execute($query);
$dpic = $executequery->fields['pic'];
if($dpic != "")
{
$delimg=$config['picdir']."/".$dpic;
if(file_exists($delimg))
{
unlink($delimg);
}
$delimg=$config['tpicdir']."/".$DID.".jpg";
if(file_exists($delimg))
{
unlink($delimg);
}
}
$query="DELETE FROM posts WHERE ID='".mysql_real_escape_string($DID)."' AND USERID='".mysql_real_escape_string($USERID)."' limit 1";
$result=$conn->execute($query);
$query="DELETE FROM posts WHERE UID='".mysql_real_escape_string($DID)."' AND UIDO='".mysql_real_escape_string($USERID)."'";
$result=$conn->execute($query);
$message = "Update Successfully Deleted.";
Stemplate::assign('message',$message);
}
}
// DELETE
if($_REQUEST['sortby']=="details")
{
$sortby = "details";
$sort =" order by A.msg";
$add1 = "&sortby=details";
}
elseif($_REQUEST['sortby']=="username")
{
$sortby = "username";
$sort =" order by B.username";
$add1 = "&sortby=username";
}
elseif($_REQUEST['sortby']=="time_added")
{
$sortby = "time_added";
$sort =" order by A.time_added";
$add1 = "&sortby=time_added";
}
elseif($_REQUEST['sortby']=="views")
{
$sortby = "views";
$sort =" order by A.views";
$add1 = "&sortby=views";
}
else
{
$sortby = "ID";
$sort =" order by A.ID";
$add1 = "&sortby=ID";
}
if($_REQUEST['sorthow']=="desc")
{
$sorthow ="desc";
$add1 .= "&sorthow=desc";
}
else
{
$sorthow ="asc";
$add1 .= "&sorthow=asc";
}
//Search
$fromid = intval($_REQUEST['fromid']);
$toid = intval($_REQUEST['toid']);
$details = htmlentities(strip_tags($_REQUEST['details']), ENT_COMPAT, "UTF-8");
$username = htmlentities(strip_tags($_REQUEST['username']), ENT_COMPAT, "UTF-8");
$views = htmlentities(strip_tags($_REQUEST['views']), ENT_COMPAT, "UTF-8");
$add1 .= "&fromid=$fromid&toid=$toid&details=$details&username=$username&views=$views";
if($_POST['submitform'] == "1" || ($_REQUEST['fromid']!="" || $toid>0 || $details!="" || $username!="" || $views!=""))
{
if($fromid > 0)
{
$addtosql = "AND A.ID>='".mysql_real_escape_string($fromid)."'";
Stemplate::assign('fromid',$fromid);
}
else
{
$addtosql = "AND A.ID>'".mysql_real_escape_string($fromid)."'";
}
if($toid > 0)
{
$addtosql .= "AND A.ID<='".mysql_real_escape_string($toid)."'";
Stemplate::assign('toid',$toid);
}
if($details != "")
{
$addtosql .= "AND A.msg like'%".mysql_real_escape_string($details)."%'";
Stemplate::assign('details',$details);
}
if($username != "")
{
$addtosql .= "AND B.username like'%".mysql_real_escape_string($username)."%'";
Stemplate::assign('username',$username);
}
if($views != "")
{
$addtosql .= "AND A.views>='".mysql_real_escape_string($views)."'";
Stemplate::assign('views',$views);
}
Stemplate::assign('search',"1");
}
//Search End
$page = intval($_REQUEST['page']);
if($page=="")
{
$page = "1";
}
$currentpage = $page;
if ($page >=2)
{
$pagingstart = ($page-1)*$config['items_per_page'];
}
else
{
$pagingstart = "0";
}
$queryselected = "select A.ID,B.username from posts A, members B WHERE A.ID>0 AND A.USERID=B.USERID AND A.type='update' $addtosql $sort $sorthow limit $config[maximum_results]";
$query2 = "select A.*,B.username from posts A, members B WHERE A.ID>0 AND A.USERID=B.USERID AND A.type='update' $addtosql $sort $sorthow limit $pagingstart, $config[items_per_page]";
$executequeryselected = $conn->Execute($queryselected);
$totalposts = $executequeryselected->rowcount();
if ($totalposts > 0)
{
if($totalposts<=$config[maximum_results])
{
$total = $totalposts;
}
else
{
$total = $config[maximum_results];
}
$toppage = ceil($total/$config[items_per_page]);
if($toppage==0)
{
$xpage=$toppage+1;
}
else
{
$xpage = $toppage;
}
$executequery2 = $conn->Execute($query2);
$results = $executequery2->getrows();
$beginning=$pagingstart+1;
$ending=$pagingstart+$executequery2->recordcount();
$pagelinks="";
$k=1;
$theprevpage=$currentpage-1;
$thenextpage=$currentpage+1;
if ($currentpage > 0)
{
if($currentpage > 1)
{
$pagelinks.="<a href='$adminurl/posts_updates.php?page=1$add1' title='first page'>First</a> ";
$pagelinks.="<a href='$adminurl/posts_updates.php?page=$theprevpage$add1'>Previous</a> ";
};
$counter=0;
$lowercount = $currentpage-5;
if ($lowercount <= 0) $lowercount = 1;
while ($lowercount < $currentpage)
{
$pagelinks.="<a href='$adminurl/posts_updates.php?page=$lowercount$add1'>$lowercount</a> ";
$lowercount++;
$counter++;
}
$pagelinks.=$currentpage." ";
$uppercounter = $currentpage+1;
while (($uppercounter < $currentpage+10-$counter) && ($uppercounter<=$toppage))
{
$pagelinks.="<a href='$adminurl/posts_updates.php?page=$uppercounter$add1'>$uppercounter</a> ";
$uppercounter++;
}
if($currentpage < $toppage)
{
$pagelinks.="<a href='$adminurl/posts_updates.php?page=$thenextpage$add1'>Next</a> ";
$pagelinks.="<a href='$adminurl/posts_updates.php?page=$toppage$add1' title='last page'>Last</a> ";
};
}
}
else
{
$error = "Sorry, no update posts were found.";
}
$mainmenu = "4";
$submenu = "1";
Stemplate::assign('mainmenu',$mainmenu);
Stemplate::assign('submenu',$submenu);
Stemplate::assign('sorthow',$sorthow);
Stemplate::assign('sortby',$sortby);
Stemplate::assign('currentpage',$currentpage);
STemplate::display("administrator/global_header.tpl");
STemplate::assign('beginning',$beginning);
STemplate::assign('ending',$ending);
STemplate::assign('pagelinks',$pagelinks);
STemplate::assign('total',$total+0);
STemplate::assign('results',$results);
Stemplate::assign('error',$error);
STemplate::display("administrator/posts_updates.tpl");
STemplate::display("administrator/global_footer.tpl");
?>