Файл: backup/admin/zc.php
Строк: 168
<?
require_once('../core/start.php');
func::is_auth();
if($user['level']<2){
header('location:/');
exit;
}
$title = 'Управление ЗЦ';
require_once(root.'core/header.php');
func::head_menu();
switch($do){
default:
$array = core::$dbs-> query("SELECT * FROM down_r ORDER BY name DESC");
if($array->rowCount()==0)func::error('Категорий нет!');
while($arr = $array -> fetch()){
echo '<div class="main"><font color="red"><b>'.$arr['name'].'</b></font> [<a href="?do=red&id='.$arr['id'].'">ред</a>] [<a href="?do=delr&id='.$arr['id'].'">del</a>]<br/>'.$arr['value'].'</div>';
$praz = core::$dbs-> query("SELECT * FROM down_pr WHERE id_r = ? ORDER BY name DESC",array($arr['id']));
if($praz->rowCount()==0)func::error('Подкатегорий нет!');
while($pr = $praz -> fetch()){
echo '<div class="main">'.$pr['name'].' [<a href="?do=redpr&id='.$pr['id'].'">ред</a>] [<a href="?do=delpr&id='.$pr['id'].'">del</a>]<br/>'.$arr['about'].'</div>';
}
}
echo '<a class="l1" href="?do=add">Добавить раздел</a>';
echo '<a class="l1" href="?do=addpr">Добавить подраздел</a>';
break;
case 'delr':
core::$dbs->query("DELETE FROM `down_pr` WHERE `id_r` = ?",array($id));
core::$dbs->query("DELETE FROM `down_r` WHERE `id` = ?",array($id));
header('location:?');
break;
case 'delpr':
$file = core::$dbs->query("SELECT * FROM `down` WHERE `id_r` = ",array($id));
while($arr = $file->fetch()){
unlink(root.'files/'.$arr['file']);
core::$dbs->query("DELETE FROM `down` WHERE `id_r` = ?",array($id));
}
core::$dbs->query("DELETE FROM `down_pr` WHERE `id_r` = ?",array($id));
core::$dbs->query("DELETE FROM `down_r` WHERE `id` = ?",array($id));
header('location:?');
break;
case 'add':
if(isset($_POST['ok'])){
$name = func::check($_POST['name']);
$value = func::check($_POST['value']);
$type = func::check($_POST['type']);
if(empty($name)){
$err .='Введите название категории!';}
if(empty($type)){
$err .='Укажите форматы!';}
if(core::$dbs->querySingle("SELECT COUNT(id) from `down_r` where `name` = ?",array($name))==1){
$err .='Такая категория уже есть!';}
if(!isset($err)){
core::$dbs->query("INSERT INTO `down_r` SET `name` = ?, `value` = ?, `type` = ?",array($name,$value,$type));
header('location:?');
} else {
echo func::error($err);
}
}
echo '<form action="?do=addr" method="post">Название:<br/><input type="text" name="name"/><br/>Форматы(через запятую):<br/><input type="text" name="type"/><br/>Описание:<br/><textarea name="about"></textarea><br/><input type="submit" name="ok" value="Сохранить"/></form>';
break;
case 'red':
if($level<2){
header('location:/');
}
$inf = core::$dbs->queryFetch("SELECT * FROM `down_r` WHERE `id` = ? LIMIT 1",array($id));
if(empty($inf['id'])){
header('location:/');
exit;
}
if(isset($_POST['ok'])){
$name = func::check($_POST['name']);
$value = func::check($_POST['value']);
$type = func::check($_POST['type']);
if(empty($name)){
$err = 'Введите название!';
}
if(empty($err)){
core::$dbs->query("UPDATE `down_r` SET `name` = ?, `value` = ?, `type` = ? WHERE `id` = ? LIMIT 1",array($name,$value,$type,$id));
header('location:?');
} else {
echo func::error($err);
}
}
echo '<form action="?do=red&id='.$id.'" method="post">Название:<br/><input type="text" name="name" value="'.$inf['name'].'"/><br/>Форматы(через запятую):<br/><input type="text" name="type" value="'.$inf['type'].'"/><br/>Описание:<br/><textarea name="value">'.$inf['value'].'</textarea><br/><input type="submit" name="ok" value="Сохранить"/></form>';
break;
case 'addpr':
if(isset($_POST['ok'])){
$name = func::check($_POST['name']);
$value = func::check($_POST['value']);
$id_r = func::num($_POST['id_r']);
if(empty($name)){
$err .='Введите название категории!';}
if(core::$dbs->querySingle("SELECT COUNT(id) from `down_pr` where `name` = ? and `id_r` = ?",array($name,$id))==1){
$err ='Такая категория уже есть!';}
if(!isset($err)){
core::$dbs->query("INSERT INTO `down_pr` SET `name` = ?, `value` = ?, `id_r` = ?",array($name,$value,$id_r));
header('location:?');
} else {
echo func::error($err);
}
}
echo '<form action="?do=addpr&id='.$id.'" method="post">Название:<br/><input type="text" name="name"/><br/>Описание:<br/><textarea name="value"></textarea><br/>Категория:<br/><select name="id_r">';
$array = core::$dbs->query("SELECT * FROM `down_r` ORDER BY `name` DESC");
while($arr = $array->fetch()){
echo '<option value="'.$arr['id'].'">'.$arr['name'].'</option>';
}
echo '</select><br/><input type="submit" name="ok" value="Сохранить"/></form>';
break;
case 'redpr':
if($level<2){
header('location:/');
}
$inf = core::$dbs->queryFetch("SELECT * FROM `down_pr` WHERE `id` = ? LIMIT 1",array($id));
if(empty($inf['id'])){
header('location:/');
exit;
}
if(isset($_POST['ok'])){
$name = func::check($_POST['name']);
$value = func::check($_POST['value']);
if(empty($name)){
$err = 'Введите название!';
}
if(empty($err)){
core::$dbs->query("UPDATE `down_pr` SET `name` = ?, `value` = ? WHERE `id` = ? LIMIT 1",array($name,$value,$id));
header('location:?');
} else {
echo func::error($err);
}
}
echo '<form action="?do=redpr&id='.$id.'" method="post">Название:<br/><input type="text" name="name" value="'.$inf['name'].'"/><br/>Описание:<br/><textarea name="value">'.$inf['value'].'</textarea><br/><input type="submit" name="ok" value="Сохранить"/></form>';
break;
case 'mod':
if(isset($_GET['no'])){
$files = core::$dbs->queryFetch("SELECT * FROM down where id = ? limit 1",array($id));
unlink(root.'files/'.$files['file']);
core::$dbs->query("DELETE FROM `down` where `id` = ?",array($id));
header('location:?do=mod');
}
if(isset($_GET['ok'])){
$files = core::$dbs->queryFetch("SELECT * FROM down where id = ? limit 1",array($id));
core::$dbs->query("UPDATE `down` SET `type` = ? where `id` = ? limit 1",array(1,$id));
header('location:?do=mod');
}
$count = core::$dbs->querySingle("SELECT COUNT(id) from `down` where `type` = ?",array(0));
if($count==0){
func::error('Файлов на модерации нет');}
$q = core::$dbs->query("SELECT * FROM `down` where `type` = ? order by `time` desc",array(0));
while($a = $q->fetch()){
$raz = core::$dbs->queryFetch("SELECT * FROM `down_r` where `id` = ? limit 1",array($a['id_r']));
$praz = core::$dbs->queryFetch("SELECT * FROM `down_pr` where `id` = ? limit 1",array($a['id_pr']));
echo '<div class="main"><a href="/down/file/'.$a['id'].'">'.htmlspecialchars($a['name']).'</a> ['.func::times($a['time']).']<br/>Категория: <a href="/down/pr/'.$raz['id'].'">'.$raz['name'].'</a> » <a href="/down/files/'.$praz['id'].'">'.$praz['name'].'</a><br/>[<a href="?do=mod&id='.$a['id'].'&ok">Принять</a> | <a href="?do=mod&id='.$a['id'].'&no">Не принимать</a>]</div>';
}
break;
}
echo '<a class="l1" href="?">Админка</a>';
func::footer_menu();
require_once(root.'core/footer.php');
?>