Файл: mysite/my_games/inc/admin.php
Строк: 82
<?
$set['title']="Мои игры - Админка";
require_once ("../../core/cuctema/head.php");
aut();
if(isset($_GET['add']))
{
if(isset($_GET['ok']) && isset($_POST['ok']))
{
$name=$_POST['name'];
$link=$_POST['link'];
$img=$_POST['img'];
if(strlen2($name)<1 || strlen2($link)<1 || strlen2($img)<1)$err[]='Слишком короткие данные';
err();
if(!isset($err))
{
mysql_query("INSERT INTO `games` SET `name` = '$name', `link` = '$link', `img` = '$img'");
header("Location:?admin=1");
exit;
}
}
echo "<form method='post' action='?admin=1&add=2&ok'>";
echo "Название:<br/><input type='text' name='name' value=''><br/>";
echo "Ссылка:<br/><input type='text' name='link' value=''><br/>";
echo "Картинка:<br/><input type='text' name='img' value=''><br/>";
echo "<input type='submit' name='ok' value='Добавить'></form>";
echo "<div class='foot'>» <a href='?admin=1'>Назад</a></div>";
include_once '../../sys/inc/tfoot.php';
}
if(isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `games` WHERE `id` = '".intval($_GET['edit'])."'"),0)!=0)
{
$edit=mysql_fetch_array(mysql_query("SELECT * FROM `games` WHERE `id` = '".intval($_GET['edit'])."'"));
if(isset($_GET['ok']) && isset($_POST['ok']))
{
$name=$_POST['name'];
$link=$_POST['link'];
$img=$_POST['img'];
if(strlen2($name)<1 || strlen2($link)<1 || strlen2($img)<1)$err[]='Слишком короткие данные';
err();
if(!isset($err))
{
mysql_query("UPDATE `games` SET `name` = '$name', `link` = '$link', `img` = '$img' WHERE `id` = '$edit[id]'");
header("Location:?admin=1");
exit;
}
}
echo "<form method='post' action='?admin=1&edit=$edit[id]&ok'>";
echo "Название:<br/><input type='text' name='name' value='".htmlspecialchars($edit['name'])."'><br/>";
echo "Ссылка:<br/><input type='text' name='link' value='".htmlspecialchars($edit['link'])."'><br/>";
echo "Картинка:<br/><input type='text' name='img' value='".htmlspecialchars($edit['img'])."'><br/>";
echo "<input type='submit' name='ok' value='Сохранить'></form>";
echo "<div class='foot'>» <a href='?admin=1'>Назад</a></div>";
require_once ("../../core/cuctema/foot.php");
}
if(isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `games` WHERE `id` = '".intval($_GET['delete'])."'"),0)!=0)
{
mysql_query("DELETE FROM `games` WHERE `id` = '".intval($_GET['delete'])."'");
mysql_query("DELETE FROM `user_games` WHERE `id_game` = '".intval($_GET['delete'])."'");
header("Location:?admin=1");
exit;
}
echo "<div class='menu123'>+ <a href='?admin=1&add=2'>Добавить игру</a></div>";
$q=mysql_query("SELECT * FROM `games` ORDER BY `id` DESC");
if(mysql_num_rows($q)==0)echo "<div class='main123'>Список пуст</div>";
while($post=mysql_fetch_array($q))
{
echo "<div class='main123'>";
echo "<img src='".htmlspecialchars($post['img'])."' height='16'> ".htmlspecialchars($post['name'])."";
echo "<span style='float:right'><a href='?admin=1&edit=$post[id]'>ред</a> | <a href='?admin=1&delete=$post[id]'>удалить</a></span>";
echo "</div>";
}
require_once ("../../core/cuctema/foot.php");
?>