Файл: users/gifts/admin.php
Строк: 289
<?
require_once ("../../core/cuctema/core.php");
if ($user['level']<3){header("Location: /index.php?");exit();}
$set['title']='Админка - Редактор подарков';
require_once ("../../core/cuctema/head.php");
title();
aut();
if(isset($_GET['cat']) && intval($_GET['cat'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift_cat` WHERE `id` = '".intval($_GET['cat'])."'"),0)!=0)
{
$cat=mysql_fetch_array(mysql_query("SELECT * FROM `gift_cat` WHERE `id` = '".intval($_GET['cat'])."'"));
if(isset($_GET['add']))
{
if(isset($_POST['submited']))
{
if(isset($_FILES['file']))
{
$type = $_FILES['file']['type'];
if ($type!=='image/jpeg' && $type!=='image/jpg' && $type!=='image/gif' && $type!=='image/png')$err[]='Это не картинка';
}
else $err[]='Выберите картинку';
$name=$_POST['name'];
if(strlen2($name)<1)$err[]='Слишком короткое название';
$cena=intval($_POST['cena']);
if(!is_numeric($cena) || strlen2($cena)<1)$err[]='Неверная цена';
if(!isset($err))
{
$tmp = $_FILES['file']['tmp_name'];
$namei = $_FILES['file']['name'];
mysql_query("INSERT INTO `gift` SET `name` = '$name', `cena` = '$cena', `id_cat` = '$cat[id]', `image` = 'gift_large_$namei'");
$id=mysql_insert_id();
copy($tmp, H."users/gifts/images/gift_large_$namei");
header("location: ?cat=$cat[id]&act=admin");
}
}
err();
?>
<div class="main">
<div class="main123">
<?
echo "<form method="post" action="" enctype='multipart/form-data'>n";
echo "<span style='color:grey'><b>Название подарка:</b></span><br />n";
echo "<input name="name" type="text" maxlength='100' value='' /><br />n";
echo "<span style='color:grey'><b>Цена:</b></span><br />n";
echo "<input name="cena" type="text" maxlength='100' value='' /><br />n";
echo "<span style='color:grey'><b>Изображение подарка:</b></span><br/>n";
echo "<input type='file' name='file' /><br/>n";
echo "<input value='Добавить' type='submit' name='submited' /> <a href='?cat=$cat[id]&act=admin'>Назад</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
if(isset($_GET['edit']) && intval($_GET['edit'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift` WHERE `id` = '".intval($_GET['edit'])."'"),0)!=0)
{
$edit=mysql_fetch_array(mysql_query("SELECT * FROM `gift` WHERE `id` = '".intval($_GET['edit'])."'"));
if(isset($_GET['change_img']))
{
if(isset($_POST['submited']))
{
if(isset($_FILES['file']))
{
$type = $_FILES['file']['type'];
if ($type!=='image/jpeg' && $type!=='image/jpg' && $type!=='image/gif' && $type!=='image/png')$err[]='Это не картинка';
}
else $err[]='Выберите картинку';
if (!isset($err))
{
$tmp = $_FILES['file']['tmp_name'];
$namei = $_FILES['file']['name'];
unlink(H."users/gifts/images/$edit[image]");
copy($tmp, H."users/gifts/images/gift_large_$namei");
mysql_query("UPDATE `gift` SET `image` = 'gift_large_$namei' WHERE `id` = '$edit[id]'");
header("Location:?cat=$cat[id]&act=admin&edit=$edit[id]");
exit();
}
}
err();
?>
<div class="main">
<div class="main123">
<?
echo "<form method="post" action="" enctype='multipart/form-data'>n";
echo "<span style='color:grey'><b>Изображение подарка:</b></span><br/>n";
echo "<input type='file' name='file' /><br/>n";
echo "<input value='Сохранить' type='submit' name='submited' /> <a href='?cat=$cat[id]&act=admin&edit=$edit[id]'>Назад</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
if(isset($_POST['submited']))
{
$name=$_POST['name'];
if(strlen2($name)<1)$err[]='Слишком короткое название';
$cena=intval($_POST['cena']);
if(!is_numeric($cena) || strlen2($cena)<1)$err[]='Неверная цена';
if (!isset($err))
{
mysql_query("UPDATE `gift` SET `name` = '$name', `cena` = '$cena' WHERE `id` = '$edit[id]'");
header("Location:?cat=$cat[id]&act=admin");
}
}
err();
?>
<div class="main">
<div class="main123">
<?
echo "<form method="post" action="?cat=$cat[id]&act=admin&edit=$edit[id]&ok">n";
echo "<span style='color:grey'><b>Название подарка:</b></span><br />n";
echo "<input name="name" type="text" maxlength='100' value='$edit[name]' /><br />n";
echo "<span style='color:grey'><b>Цена:</b></span><br />n";
echo "<input name="cena" type="text" maxlength='100' value='$edit[cena]' /><br />n";
echo "<input value='Сохранить' type='submit' name='submited' /> <a href='?cat=$cat[id]&act=admin'>Назад</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
if(isset($_GET['del']) && intval($_GET['del'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift` WHERE `id` = '".intval($_GET['del'])."'"),0)!=0)
{
$del=mysql_fetch_array(mysql_query("SELECT * FROM `gift` WHERE `id` = '".intval($_GET['del'])."'"));
if(isset($_POST['submited']))
{
mysql_query("DELETE FROM `gift` WHERE `id` = '$del[id]'");
mysql_query("DELETE FROM `gifts` WHERE `id_gift` = '$del[id]'");
unlink(H."users/gifts/images/$del[image]");
header("Location: ?cat=$cat[id]&act=admin");
exit();
}
?>
<div class="main">
<div class="main123">
<?
echo "<form method='POST' action=''>n";
echo "Вы уверены, что хотите удалить этот подарок?<br />n";
echo "<input type='submit' name='submited' value='Удалить' /> <a href='?cat=$cat[id]&act=admin'>Отмена</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
?><div class="menu123"><img src='img/add.png'> <a href='?cat=<? echo $cat['id'];?>&act=admin&add'>Добавить подарок</a></div>
<div class="main">
<div class="main123"><?
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gift` WHERE `id_cat` = '$cat[id]'"),0);
if ($k_post==0)
{
echo "Список пуст...";
}
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `gift` WHERE `id_cat` = '$cat[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while($post=mysql_fetch_array($q))
{
?><div class="overfl_hid">
<a href="?cat=<? echo $cat['id'];?>&act=admin&edit=<? echo $post['id'];?>&change_img">
<img src="/users/gifts/images/<? echo $post['image'];?>" alt="" class="middle" height="30" width="30" />
</a>
<span style='float: right;'><a href='?cat=<? echo $cat['id'];?>&act=admin&edit=<? echo $post['id'];?>'><img src='img/edit.png'/></a> <a href='?cat=<? echo $cat['id'];?>&act=admin&del=<? echo $post['id'];?>'><img src='img/delete.png'/></a></span>
<span class="middle"><? echo htmlspecialchars($post['name']);?></span></a> <span class="middle">(<? echo $post['cena']?> монет)</span><br />
</div><?
}
echo "</div>n";
if ($k_page>1)
{
?><div clss="pagination "><?
str("?cat=$cat[id]&act=admin&",$k_page,$page); // Вывод страниц
?></div><?
}
?>
<div class="menu123">
<a class="arrow_link" href="?"> ← <span>Назад</span></a>
</div><?
echo "</div>";
require_once ("../../core/cuctema/foot.php");
exit;
}
elseif(isset($_GET['edit']) && intval($_GET['edit'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift_cat` WHERE `id` = '".intval($_GET['edit'])."'"),0)!=0)
{
$edit=mysql_fetch_array(mysql_query("SELECT * FROM `gift_cat` WHERE `id` = '".intval($_GET['edit'])."'"));
if(isset($_POST['submited']))
{
$name=$_POST['name'];
if(strlen2($name)<1)$err[]='Слишком короткое название';
if (!isset($err))
{
if (isset($_POST['show']) && $_POST['show'] == 1)$show = 0; else $show = 1;
mysql_query("UPDATE `gift_cat` SET `name` = '$name', `show` = '$show' WHERE `id` = '$edit[id]'");
header("Location:?act=admin");
}
}
err();
?>
<div class="main">
<div class="main123">
<?
echo "<form method="post" action="">n";
echo "<span style='color:grey'><b>Название категории:</b></span><br />n";
echo "<input name="name" type="text" maxlength='100' value='$edit[name]' /><br />n";
echo "<input type='checkbox' name='show' value='1'".($edit['show'] == 0?" checked='checked'":NULL)." /> Только для администрации<br />n";
echo "<input value='Сохранить' type='submit' name='submited' /> <a href='?act=admin'>Назад</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
elseif(isset($_GET['add']))
{
if(isset($_POST['submited']))
{
$name=$_POST['name'];
if(strlen2($name)<1)$err[]='Слишком короткое название';
if (!isset($err))
{
mysql_query("INSERT INTO `gift_cat` SET `name` = '$name'");
header("Location:?act=admin");
}
}
err();
?>
<div class="main">
<div class="main123">
<?
echo "<form method="post" action="?act=admin&add&ok">n";
echo "<span style='color:grey'><b>Название категории:</b></span><br /><input name="name" type="text" maxlength='100' value='' /><br />n";
echo "<input value='Добавить' type='submit' name='submited' /> <a href='?act=admin'>Назад</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
if(isset($_GET['del']) && intval($_GET['del'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift_cat` WHERE `id` = '".intval($_GET['del'])."'"),0)!=0)
{
$del=mysql_fetch_array(mysql_query("SELECT * FROM `gift_cat` WHERE `id` = '".intval($_GET['del'])."'"));
if(isset($_POST['submited']))
{
$q=mysql_query("SELECT * FROM `gift` WHERE `id_cat` = '$del[id]'");
while ($post=mysql_fetch_array($q))
{
mysql_query("DELETE FROM `gift` WHERE `id` = '$post[id]'");
mysql_query("DELETE FROM `gifts` WHERE `id_gift` = '$post[id]'");
unlink("images/gifts/$post[image]");
}
mysql_query("DELETE FROM `gift_cat` WHERE `id` = '$del[id]'");
header("Location:?act=admin");
exit();
}
?>
<div class="main">
<div class="main123">
<?
echo "<form method='POST'>n";
echo "Вы уверены, что хотите удалить эту категорию?<br />n";
echo "<input type='submit' name='submited' value='Удалить' /> <a href='?act=admin'>Отмена</a>n";
echo "</form>n";
?></div></div><?
require_once ("../../core/cuctema/foot.php");
exit;
}
?><div class="menu123"><img src='img/add.png'> <a href='?act=admin&add'>Добавить кaтегорию</a></div>
<div class="main">
<div class="main123"><?
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gift_cat`"),0);
if ($k_post==0)
{
echo "Список пуст...";
}
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `gift_cat` ORDER BY `id` ASC LIMIT $start, $set[p_str]");
while($post=mysql_fetch_array($q))
{
?><div class="overfl_hid"><?
echo "<span style='float: right; font-size: small; color: grey'><a href='?act=admin&edit=$post[id]'><img src='img/edit.png'/></a> <a href='?act=admin&del=$post[id]'><img src='img/delete.png'/></a></span>n";
echo "<img src='img/category.png' /> <a href='?cat=$post[id]'>".htmlspecialchars($post['name'])."</a>";
echo "</div>n";
}
?></div><?
if ($k_page>1)
{
?><div clss="pagination "><?
str("?act=admin&",$k_page,$page); // Вывод страниц
?></div><?
}
?><div class="menu123">
<a class="arrow_link" href="/adm_panel"> ← <span>Админка</span></a>
</div><?
echo "</div>";
require_once ("../../core/cuctema/foot.php");
exit;
?>