Файл: backup/admin/info.php
Строк: 110
<?
require_once('../core/start.php');
func::is_auth();
if($user['level']<2){
header('location:/');
die();
}
$title = 'Управление новостями';
require_once(root.'core/header.php');
func::head_menu();
switch($act){
default:
$array = core::$dbs->query("SELECT * FROM `info_r` ORDER BY `id` ASC");
while($arr = $array->fetch()){
echo '<div class="main"><a href="?act=view&id='.$arr['id'].'">'.$arr['name'].'</a> ('.core::$dbs->querySingle("SELECT COUNT(id) from `info` where `id_r` = ?",array($arr['id'])).') [<a href="?act=delr&id='.$arr['id'].'">del</a>]</div>';
}
echo '<a class="l1" href="?act=addr">Добавить раздел</a>';
echo '<a class="l1" href="?act=add_info">Добавить новость</a>';
break;
case 'add_info':
echo '<form action="?act=add_info" method="post">Заголовок:<br/><input type="text" name="theme" maxlength="150"/><br/>Новость:<br /><textarea name="text" ></textarea><br/>Создать обсуждение в:<br /><select name="razdel">';
echo '<option value="0">Не создавать</option>';
$q = core::$dbs->query("SELECT * FROM `forum_pr` ORDER BY `id` ASC");
while($r = $q->fetch()){
$f = core::$dbs->queryFetch("SELECT * FROM `forum_r` where `id` = ?",array($r['id_r']));
echo '<option value="'.$r['id'].'">'.$f['name'].'/'.$r['name'].'</option>';
}
echo '</select><br/>';
echo 'Раздел:<br /><select name="id_r">';
$array = core::$dbs->query("SELECT * FROM `info_r` ORDER BY `id` ASC");
while($arr = $array->fetch()){
echo '<option value="'.$arr['id'].'">'.$arr['name'].'</option>';
}
echo '</select><br/><input type="submit" name="ok" value="Добавить"/></form>';
if (isset($_POST['ok'])){
$theme = func::check($_POST['theme']);
$text = func::check($_POST['text']);
$razdel = abs(intval($_POST['razdel']));
$id_r = abs(intval($_POST['id_r']));
if(strlen($text)<5){
func::error('Новость слишком короткая!'); exit;}
if($razdel!=0){
$praz = core::$dbs->queryFetch("SELECT * FROM `forum_pr` where `id` = ?",array($razdel));
$raz = core::$dbs->queryFetch("SELECT * FROM `forum_r` where `id` = ?",array($praz['id_r']));
if (core::$dbs->query("INSERT INTO `forum_theme` SET `id_r` = ?, `user_id` = ?, `name` = ?, `time` = ?, `id_pr` = ?, `text` = ?, `last` = ?",array($raz['id'],$user['id'],$theme,time(),$praz['id'],$text,time()))){
$idl = core::$dbs->lastInsertId();
}
$razdel = $idl;
}
if(core::$dbs->query("INSERT INTO `info` SET `user_id` = ?, `time` = ?, `text` = ?, `name` = ?, `id_r` = ?, `razdel` = ?",array($user['id'],time(),$text,$theme,$id_r,$idl))){
func::done('Новость успешно создана!');
func::footer_menu();
require_once(root.'core/footer.php');
die();
} else func::error('Ошибка!');
}
break;
case 'addr':
if(isset($_POST['ok'])){
$name = func::check($_POST['name']);
$about = func::check($_POST['about']);
if(!empty($name)){
if(core::$dbs->querySingle("SELECT COUNT(id) FROM info_r WHERE name = ?",array($name))==0){
core::$dbs->query("INSERT INTO info_r SET name = ?, value = ?",array($name,$about));
func::done('Раздел создан!');
func::footer_menu();
require_once(root.'core/footer.php');
die();
} else func::error('Такой форум уже есть!');
} else func::error('Введите название!');
}
echo '<form action="?act=addr" method="post">Название:<br/><input type="text" name="name"/><br/>Описание:<br/><textarea name="about"></textarea><br/><input type="submit" name="ok" value="Добавить"/></form>';
break;
case 'view':
$raz = core::$dbs-> queryFetch("SELECT name,value,id FROM `info_r` WHERE `id` = ? LIMIT 1",array($id));
if(empty($raz['id'])){
header('location:/');
die();
}
$total = core::$dbs->querySingle("SELECT COUNT(id) from `info` where `id_r` = ?",array($id));
if($total==0){
func::error('Новостей нет!');
}
func::nav($total,$num);
$array = core::$dbs->query("SELECT * FROM `info` where `id_r` = ? ORDER BY `name` DESC LIMIT $start,$num",array($id));
while($arr = $array -> fetch()){
echo '<div class="main">[<a href="?act=delinfo&id='.$arr['id'].'">del</a>] <a href="/info/view/'.$arr['id'].'"><b>'.$arr['name'].'</b> </a>('.func::times($arr['time']).')<br/>'.mb_substr($arr['text'],0,140).'....</div>';
}
func::navig('?act=view&id='.$id.'&');
break;
case 'delinfo':
core::$dbs->query("DELETE FROM `info` WHERE `id` = ?",array($id));
func::done('Удалено!');
header('Refresh:3;url=/admin/info.php');
break;
case 'delr':
core::$dbs->query("DELETE FROM `info` WHERE `id_r` = ?",array($id));
core::$dbs->query("DELETE FROM `info_r` WHERE `id` = ?",array($id));
func::done('Удалено!');
header('Refresh:3;url=/admin/info.php');
break;
}
func::footer_menu();
require_once(root.'core/footer.php');
?>