Файл: panel/includes/news.php
Строк: 1345
<?php
/*
////////////////////////////////////////////////////////////////////////////////
// JohnCMS v.1.1.0 30.05.2008 //
// Официальный сайт сайт проекта: http://johncms.com //
// Дополнительный сайт поддержки: http://gazenwagen.com //
////////////////////////////////////////////////////////////////////////////////
// JohnCMS core team: //
// Евгений Рябинин aka john77 john77@gazenwagen.com //
// Олег Касьянов aka AlkatraZ alkatraz@gazenwagen.com //
// //
// Плагиат и удаление копирайтов заруганы на ближайших родственников!!! //
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNADM') or die('Error: restricted access');
if ($rights < 7)
die('Error: restricted access');
$lng_news = core::load_lng('news');
$shift = core::$system_set['timeshift'] * 3600;
function timer($var = '') {
global $lng_news;
if($var <= 0)
return;
if(86400 > $var) {
if(3600 > $var) {
if(60 > $var) {
$time = $var;
return $time . ' ' . $lng_news['sec'] . '.';
} else if(60 <= $var && (60 * 2) > $var) {
return $lng_news['one_minute'];
}
$hours = (60 - ceil((3600 - $var) / 60));
return $hours . ' ' . $lng_news['minute'] . '.';
} else if(3600 <= $var && (3600 * 2) > $var) {
return $lng_news['one_hour'];
}
$days = (24 - ceil((86400 - $var) / 3600));
return $days . ' ' . $lng_news['hour'] . '.';
} else if(86400 <= $var && (86400 * 2) > $var) {
return $lng_news['one_day'];
}
$days = ceil($var / 86400);
return $days . ' дн.';
}
echo '<div class="phdr"><a href="index.php"><b>' . $lng['admin_panel'] . '</b></a> | ' . $lng['news'] . '</div>';
switch ($mod) {
case 'add' :
if (isset ($_POST['submit'])) {
$name = isset ($_POST['name']) ? trim($_POST['name']) : '';
$desc_enable = isset ($_POST['desc_enable']) && $_POST['desc_enable'] > 0 && $_POST['desc_enable'] < 3 ? intval($_POST['desc_enable']) : 0;
$error = array();
if(empty($name))
$error[] = $lng_news['error_empty_category']. '!';
else if (mb_strlen($name) < 2 || mb_strlen($name) > 50)
$error[] = $lng_news['error_long_cat']. '!';
if(empty($error)) {
$q = db::query("SELECT * FROM `cms_news_cat` WHERE `name`='" . db::escape($name) . "' LIMIT 1");
if (mysqli_num_rows($q)) {
$error[] = $lng_news['category_already_exists']. '!';
}
}
if(empty($error)) {
$req = db::query("SELECT `realid` FROM `cms_news_cat` ORDER BY `realid` DESC LIMIT 1");
if (mysqli_num_rows($req)) {
$res = mysqli_fetch_assoc($req);
$sort_id = $res['realid'] + 1;
} else {
$sort_id = 1;
}
db::query("INSERT INTO `cms_news_cat` SET
`realid` = '$sort_id',
`name` = '" . db::escape($name) . "',
`desc_enable` = '" . $desc_enable . "' ");
$img_id = mysqli_insert_id();
require_once ('../incfiles/lib/class.upload.php');
$handle = new upload($_FILES['imagefile']);
if ($handle->uploaded) {
// Обрабатываем фото
$handle->file_new_name_body = 'ico_cat_' . $img_id;
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 16;
$handle->image_y = 16;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed)
@ chmod('../files/news/ico_cat_' . $img_id . '.png', 0666);
$handle->clean();
}
Header('Location: index.php?act=news');
} else {
echo functions::display_error($error, '<a href="index.php?act=news&mod=add">' . $lng['repeat'] . '</a>');
}
} else {
echo '<form action="index.php?act=news&mod=add" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
<b>' . $lng['title'] . ':</b><br />
<input type="text" name="name" /><br /><small>' . $lng_news['recommended_long_category'] . '</small><br />
<b>' . $lng_news['icon_category'] . ':</b><br />
<input type="file" name="imagefile"/><br />
<small>' . $lng_news['allowed_formats'] . ' ' . $set['flsz'] . ' ' . $lng_news['allowed_formats2'] . '</small><br />
<input type="hidden" name="MAX_FILE_SIZE" value="' . (1024 * $set['flsz']) . '" />
<input type="radio" name="desc_enable" value="0" checked="checked"/> Название + описание новостей<br />
<input type="radio" name="desc_enable" value="1"/> Только название новостей<br />
<input type="radio" name="desc_enable" value="2"/> Только описание новостей<br />
</p><p><input type="submit" value="' . $lng['add'] . '" name="submit" />
</p></div></form>';
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'up' :
////////////////////////////////////////////////////////////
// Displacement on one position upwards //
////////////////////////////////////////////////////////////
if ($id) {
$req = db::query("SELECT * FROM `cms_news_cat` WHERE `id` = '$id' LIMIT 1");
if (mysqli_num_rows($req)) {
$res1 = mysqli_fetch_assoc($req);
$sort = $res1['realid'];
$req = db::query("SELECT * FROM `cms_news_cat` WHERE `realid` < '$sort' ORDER BY `realid` DESC LIMIT 1");
if (mysqli_num_rows($req)) {
$res = mysqli_fetch_assoc($req);
$id2 = $res['id'];
$sort2 = $res['realid'];
db::query("UPDATE `cms_news_cat` SET `realid` = '$sort2' WHERE `id` = '$id'");
db::query("UPDATE `cms_news_cat` SET `realid` = '$sort' WHERE `id` = '$id2'");
}
}
}
header('Location: index.php?act=news');
break;
case 'down' :
////////////////////////////////////////////////////////////
// Displacement on one position downwards //
////////////////////////////////////////////////////////////
if ($id) {
$req = db::query("SELECT `realid` FROM `cms_news_cat` WHERE `id` = '$id' LIMIT 1");
if (mysqli_num_rows($req)) {
$res1 = mysqli_fetch_assoc($req);
$sort = $res1['realid'];
$req = db::query("SELECT `id`, `realid` FROM `cms_news_cat` WHERE `realid` > '$sort' ORDER BY `realid` ASC LIMIT 1");
if (mysqli_num_rows($req)) {
$res = mysqli_fetch_assoc($req);
$id2 = $res['id'];
$sort2 = $res['realid'];
db::query("UPDATE `cms_news_cat` SET `realid` = '$sort2' WHERE `id` = '$id'");
db::query("UPDATE `cms_news_cat` SET `realid` = '$sort' WHERE `id` = '$id2'");
}
}
}
header('Location: index.php?act=news');
break;
case 'edit' :
if($id) {
$q = db::query("SELECT * FROM `cms_news_cat` WHERE `id`='$id' LIMIT 1");
if (mysqli_num_rows($q)) {
$row = mysqli_fetch_assoc($q);
if (isset ($_POST['submit'])) {
$name = isset ($_POST['name']) ? trim($_POST['name']) : '';
$desc_enable = isset ($_POST['desc_enable']) && $_POST['desc_enable'] > 0 && $_POST['desc_enable'] < 3 ? intval($_POST['desc_enable']) : 0;
$error = array();
if(empty($name))
$error[] = $lng_news['error_empty_category']. '!';
else if (mb_strlen($name) < 2 || mb_strlen($name) > 50)
$error[] = $lng_news['error_long_cat']. '!';
if(empty($error)) {
if($name != $row['name']) {
$q = db::query("SELECT * FROM `cms_news_cat` WHERE `name`='" . db::escape($name) . "' LIMIT 1");
if (mysqli_num_rows($q)) {
$error[] = $lng_news['category_already_exists']. '!';
}
}
}
if(empty($error)) {
db::query("UPDATE `cms_news_cat` SET
`name` = '" . db::escape($name) . "',
`desc_enable` = '" . $desc_enable . "'
WHERE `id`='$id' LIMIT 1");
require_once ('../incfiles/lib/class.upload.php');
$handle = new upload($_FILES['imagefile']);
if ($handle->uploaded) {
// Обрабатываем фото
$handle->file_new_name_body = 'ico_cat_' . $id;
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 16;
$handle->image_y = 16;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed)
@ chmod('../files/news/ico_cat_' . $id . '.png', 0666);
$handle->clean();
}
Header('Location: index.php?act=news');
} else {
echo functions::display_error($error, '<a href="index.php?act=news&mod=add">' . $lng['repeat'] . '</a>');
}
} else {
echo '<form action="index.php?act=news&mod=edit&id=' . $id . '" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
<b>' . $lng['title'] . ':</b><br />
<input type="text" name="name" value="' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '"/><br /><small>Мин. 2, макс. 50 символов</small><br />
<b>' . $lng_news['icon_category'] . ':</b><br />
<input type="file" name="imagefile"/><br />
<small>' . $lng_news['allowed_formats'] . ' ' . $set['flsz'] . ' ' . $lng_news['allowed_formats2'] . '</small><br />
<input type="hidden" name="MAX_FILE_SIZE" value="' . (1024 * $set['flsz']) . '" />
<input type="radio" name="desc_enable" value="0"' . ($row['desc_enable'] == 0 ? 'checked="checked"' : '').'/> Название + описание новостей<br />
<input type="radio" name="desc_enable" value="1"' . ($row['desc_enable'] == 1 ? 'checked="checked"' : '').'/> Только название<br />
<input type="radio" name="desc_enable" value="2"' . ($row['desc_enable'] == 2 ? 'checked="checked"' : '').'/> Только описание<br />
</p><p><input type="submit" value="' . $lng['edit'] . '" name="submit" />
</p></div></form>';
}
} else {
echo functions::display_error($lng_news['category_does_not_exist']);
}
} else {
echo functions::display_error($lng_news['category_is_not_chose']);
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'delete' :
if($id) {
$q = db::query("SELECT * FROM `cms_news_cat` WHERE `id`='$id' LIMIT 1");
if (mysqli_num_rows($q)) {
if (isset ($_POST['submit'])) {
$cn = db::result(db::query("SELECT COUNT(*) FROM `cms_news` WHERE `refid` = '$id'"), 0);
if($cn) {
$reqs = db::query("SELECT * FROM `cms_news` WHERE `refid`='$id'");
$massdel = array();
while (($row = mysqli_fetch_assoc($reqs)) !== false) {
$massdel[] = $row['id'];
if(file_exists('../files/news/news_' . $row['id'] . '.png') !== false) {
unlink('../files/news/news_' . $row['id'] . '.png');
unlink('../files/news/small_news_' . $row['id'] . '.png');
}
}
if($massdel) {
$result = implode(',', $massdel);
db::query("DELETE FROM `cms_news` WHERE `id` IN (" . $result . ")");
db::query("DELETE FROM `cms_news_comments` WHERE `refid` IN (" . $result . ")");
}
}
db::query("DELETE FROM `cms_news_cat` WHERE `id` = '$id'");
if(file_exists('../files/news/ico_cat_' . $id . '.png') !== false)
unlink('../files/news/ico_cat_' . $id . '.png');
Header('Location: index.php?act=news');
} else {
echo '<form action="index.php?act=news&mod=delete&id=' . $id . '" method="post">
<div class="gmenu"><p>
' . $lng_news['removing_category'] . '
</p><p><input type="submit" value="' . $lng['delete'] . '" name="submit" />
</p></div></form>';
}
} else {
echo functions::display_error($lng_news['category_does_not_exist']);
}
} else {
echo functions::display_error($lng_news['category_is_not_chose']);
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'delnews' :
if($id) {
if(db::result(db::query("SELECT COUNT(*) FROM `cms_news` WHERE `id`='$id'"), 0) != 0) {
if (isset ($_POST['submit'])) {
if(file_exists('../files/news/news_' . $id . '.png') !== false) {
unlink('../files/news/news_' . $id . '.png');
unlink('../files/news/small_news_' . $id . '.png');
}
db::query("DELETE FROM `cms_news` WHERE `id`='$id'");
db::query("DELETE FROM `cms_news_comments` WHERE `refid`='$id'");
echo '<div class="rmenu">Новость удалена.</div>';
} else {
echo '<form action="index.php?act=news&mod=delnews&id=' . $id . '" method="post">
<div class="gmenu"><p>
' . $lng_news['removing_news'] . '
</p><p><input type="submit" value="' . $lng['delete'] . '" name="submit" />
</p></div></form>';
}
} else {
echo functions::display_error($lng_news['news_does_not_exist']);
}
} else {
echo functions::display_error($lng_news['news_is_not_chose']);
}
break;
case 'clear' :
echo '<div class="phdr">' . $lng_news['cleaning_the_news'] . '</div>';
if (isset ($_POST['submit'])) {
$cl = isset ($_POST['cl']) ? intval($_POST['cl']) : '';
switch ($cl) {
case '1' :
$reqs = db::query("SELECT * FROM `cms_news` WHERE `time`<='" . ($realtime - 604800) . "'");
$massdel = array();
while (($row = mysqli_fetch_assoc($reqs)) !== false) {
$massdel[] = $row['id'];
if(file_exists('../files/news/news_' . $row['id'] . '.png') !== false) {
unlink('../files/news/news_' . $row['id'] . '.png');
unlink('../files/news/small_news_' . $row['id'] . '.png');
}
}
if($massdel) {
$result = implode(',', $massdel);
db::query("DELETE FROM `cms_news` WHERE `id` IN (" . $result . ")");
db::query("DELETE FROM `cms_news_comments` WHERE `refid` IN (" . $result . ")");
db::query("OPTIMIZE TABLE `cms_news`, `cms_news_comments`;");
}
echo '<p class="rmenu">' . $lng_news['clear_week_confirmation'] . '</p>';
break;
case '2' :
// Проводим полную очистку
$reqs = db::query("SELECT * FROM `cms_news` WHERE `time`<='" . ($realtime - 604800) . "'");
while (($row = mysqli_fetch_assoc($reqs)) !== false) {
if(file_exists('../files/news/news_' . $row['id'] . '.png') !== false) {
unlink('../files/news/news_' . $row['id'] . '.png');
unlink('../files/news/small_news_' . $row['id'] . '.png');
}
}
db::query("TRUNCATE TABLE `cms_news`");
db::query("TRUNCATE TABLE `cms_news_comments`");
echo '<p class="rmenu">' . $lng_news['clear_all_confirmation'] . '.</p>';
break;
default :
// Чистим сообщения, старше 1 месяца
$reqs = db::query("SELECT * FROM `cms_news` WHERE `time`<='" . ($realtime - 2592000) . "'");
$massdel = array();
while (($row = mysqli_fetch_assoc($reqs)) !== false) {
$massdel[] = $row['id'];
if(file_exists('../files/news/news_' . $row['id'] . '.png') !== false) {
unlink('../files/news/news_' . $row['id'] . '.png');
unlink('../files/news/small_news_' . $row['id'] . '.png');
}
}
if($massdel) {
$result = implode(',', $massdel);
db::query("DELETE FROM `cms_news` WHERE `id` IN (" . $result . ")");
db::query("DELETE FROM `cms_news_comments` WHERE `refid` IN (" . $result . ")");
db::query("OPTIMIZE TABLE `cms_news`, `cms_news_comments`;");
}
echo '<p class="rmenu">' . $lng_news['clear_month_confirmation'] . '.</p>';
}
} else {
echo '<div class="gmenu"><p><u>' . $lng_news['way_peelings'] . '</u>';
echo '<form id="clean" method="post" action="index.php?act=news&mod=clear"><div>';
echo '<input type="radio" name="cl" value="0" checked="checked" />' . $lng_news['clear_month'] . '<br />';
echo '<input type="radio" name="cl" value="1" />' . $lng_news['clear_week'] . '<br />';
echo '<input type="radio" name="cl" value="2" />' . $lng['clear_all'] . '<br />';
echo '<input type="submit" name="submit" value="' . $lng['clear'] . '" /></div>';
echo '</form></p></div>';
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'ico' :
if($id) {
$q = db::query("SELECT * FROM `cms_news_cat` WHERE `id`='$id' LIMIT 1");
if (mysqli_num_rows($q)) {
if (isset ($_POST['submit'])) {
if(file_exists('../files/news/ico_cat_' . $id . '.png') !== false)
unlink('../files/news/ico_cat_' . $id . '.png');
Header('Location: index.php?act=news');
} else {
echo '<form action="index.php?act=news&mod=ico&id=' . $id . '" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
' . $lng_news['confirm_removing_icon'] . '
</p><p><input type="submit" value="' . $lng['delete'] . '" name="submit" />
</p></div></form>';
}
} else {
echo functions::display_error($lng_news['category_does_not_exist']);
}
} else {
echo functions::display_error($lng_news['category_is_not_chose']);
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'list' :
$total = db::result(db::query("SELECT COUNT(*) FROM `cms_news`"), 0);
if($total) {
$req = db::query("SELECT `id`, `name`, `text`, `time` FROM `cms_news` ORDER BY `time` DESC LIMIT "
. $start . "," . $kmess);
$i = 1;
while (($row = mysqli_fetch_assoc($req)) !== false) {
echo $i % 2 ? '<div class="list1">' : '<div class="list2">';
if(file_exists('../files/news/small_news_' . $row['id'] . '.png') !== false) {
echo '<table cellpadding="0" cellspacing="0" width="100%"><tr><td width="32">';
echo '<img style="margin: 0 0 -3px 0;border: 0px;" src="../files/news/small_news_' . $row['id'] . '.png" alt="" width="32" height="32"/> ';
echo '</td><td>';
echo '<a href="../news/index.php?act=view&id=' . $row['id'] . '">' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '</a> <br />(' . date('d.m.o / H:i', $row['time'] + (core::$system_set['timeshift'] + core::$user_set['timeshift']) * 3600) . ')<br />';
echo '</td></tr></table>';
} else {
echo '<a href="../news/index.php?act=view&id=' . $row['id'] . '">' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '</a> (' . date('d.m.o / H:i', $row['time'] + (core::$system_set['timeshift'] + core::$user_set['timeshift']) * 3600) . ')<br />';
}
echo '<div class="sub"></div>';
$text = $row['text'];
if(mb_strlen($text) > 100) {
$str = mb_substr($text, 0, 100);
$text = mb_substr($str, 0, mb_strrpos($str, ' ')) . '...';
}
echo functions::checkout($text, 2, 1);
if($row['time'] > time())
echo '<div class="sub func">' . $lng_news['begin_show_through'] . ': ' . timer($row['time'] - time()) . '</div>';
echo '</div>
<div class="bmenu"><a href="index.php?act=news&mod=newsedit&id=' . $row['id'] . '">Изменить</a> | <a href="index.php?act=news&mod=delnews&id=' . $row['id'] . '">Удилить</a></div>';
++$i;
}
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
if ($total > $kmess) {
echo '<p>' . functions::display_pagination('index.php?act=news&mod=list&', $start, $total, $kmess) . '</p>';
echo '<p><form action="index.php" method="get">
<input type="hidden" name="act" value="mod_news"/>
<input type="hidden" name="mod" value="list"/>
<input type="text" name="page" size="2"/>
<input type="submit" value="' . $lng['to_page'] . ' >>"/></form></p>';
}
} else {
echo '<div class="rmenu">' . $lng_news['news_no'] . '</div>';
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'news' :
$total = db::result(db::query("SELECT COUNT(*) FROM `cms_news_cat`"), 0);
if($total) {
if (isset ($_POST['submit'])) {
$time = time() + $shift;
$timer = true;
$date['day'] = date('d', $time);
$date['year'] = date('o', $time);
$date['month'] = date('m', $time);
$date['i'] = date('i', $time);
$date['h'] = date('h', $time);
$name = isset ($_POST['name']) ? trim($_POST['name']) : '';
$text = isset ($_POST['text']) ? trim($_POST['text']) : '';
$cat = isset($_POST['cat']) ? abs(intval($_POST['cat'])) : 0;
$day = isset($_POST['day']) && $_POST['day'] >= 1 && $_POST['day'] <= 31 ? abs(intval($_POST['day'])) : 0;
$month = isset($_POST['month']) && $_POST['month'] >= 1 && $_POST['month'] <= 12 ? abs(intval($_POST['month'])) : 0;
$year = isset($_POST['year']) && $_POST['year'] >= $date['year'] && $_POST['year'] <= ($date['year'] + 1) ? abs(intval($_POST['year'])) : 0;
$hour = isset($_POST['hour']) && $_POST['hour'] >= 0 && $_POST['hour'] <= 24 ? abs(intval($_POST['hour'])) : 0;
$minutes = isset($_POST['minutes']) && $_POST['minutes'] >= 0 && $_POST['minutes'] <= 60 ? abs(intval($_POST['minutes'])) : 0;
$error = array();
$error = array();
if(empty($name))
$error[] = $lng_news['news_name_not_empty'] . '!';
else if (mb_strlen($name) < 2 || mb_strlen($name) > 150)
$error[] = $lng_news['error_long_news'] . '!';
if(empty($text))
$error[] = $lng_news['news_text_not_empty'] . '!';
else if (mb_strlen($text) < 2)
$error[] = $lng_news['error_long_news_text'] . '!';
if(!$cat)
$error[] = $lng_news['category_is_not_chose'] . '!';
if(empty($day) || empty($month) || empty($year))
$timer = false;
else
$time = mktime ($hour,$minutes,date("s"), $month, $day, $year);
if(($timer === false) && ($time < time()))
$error[] = 'Не верная дата!';
if(!$error) {
$data = db::query("SELECT * FROM `cms_news_cat` WHERE `id`='$cat';");
if(!mysqli_num_rows($data))
$error[] = $lng_news['category_does_not_exist'] . '!';
}
if(empty($error)) {
$q = db::query("SELECT * FROM `cms_news` WHERE `name`='" . db::escape($name) . "' LIMIT 1");
if (mysqli_num_rows($q)) {
$error[] = $lng_news['news_already_exists'] . '!';
}
}
if(empty($error)) {
db::query("INSERT INTO `cms_news` SET
`refid` = '$cat',
`name` = '" . db::escape($name) . "',
`text` = '" . db::escape($text) . "',
`user_id` = '" . $user_id . "',
`time` = '" . $time . "'");
$img_id = mysqli_insert_id();
require_once ('../incfiles/lib/class.upload.php');
$handle = new upload($_FILES['imagefile']);
if ($handle->uploaded) {
// Обрабатываем фото
$handle->file_new_name_body = 'news_' . $img_id;
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 100;
$handle->image_ratio_y = true;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed) {
@ chmod('../files/news/news_' . $img_id . '.png', 0666);
}
$handle->file_new_name_body = 'small_news_' . $img_id;
$handle->image_x = 32;
$handle->image_y = 32;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed) {
@ chmod('../files/news/small_news_' . $img_id . '.png', 0666);
}
}
$handle->clean();
Header('Location: ../news/index.php?act=view&id='.$img_id);
} else {
echo functions::display_error($error, '<a href="index.php?act=news&mod=news">' . $lng['repeat'] . '</a>');
}
} else {
echo '<form name="form" action="index.php?act=news&mod=news" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
<b>' . $lng_news['name_news'] . ':</b><br />
<input type="text" name="name" /><br />
<small>' . $lng_news['recom_long_news_name'] . '</small><br />
<b>' . $lng_news['name_text'] . ':</b><br />
' .(!$is_mobile ? bbcode::auto_bb('form', 'text') : '') . '
<textarea name="text" cols="24" rows="4"></textarea><br />
<small>' . $lng_news['recom_long_news_text'] . '</small><br />
<b>' . $lng['category'] . ':</b><br />
<select name="cat">';
$req = db::query("SELECT * FROM `cms_news_cat` ORDER BY `realid` ASC");
while (($row = mysqli_fetch_assoc($req)) !== false) {
echo '<option value="' . $row['id'] . '">' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '</option>';
}
echo '</select><br /><b>' . $lng_news['its_date'] . ':</b><br />
<table><tr>
<td><span style="text-decoration: underline;">' . $lng['day'] . '</span><br />
<input type="text" value="" size="2" maxlength="2" name="day" />.</td>
<td><span style="text-decoration: underline;">' . $lng_news['month'] . '</span><br />
<input type="text" value="" size="2" maxlength="2" name="month" />.</td>
<td><span style="text-decoration: underline;">' . $lng_news['year'] . '</span><br />
<input type="text" value="" size="4" maxlength="4" name="year" />-</td>
<td><span style="text-decoration: underline;">' . $lng_news['hour'] . '</span><br />
<input type="text" value="" size="2" maxlength="2" name="hour" />:</td>
<td><span style="text-decoration: underline;">' . $lng_news['minutes'] . '</span><br />
<input type="text" value="" size="2" maxlength="2" name="minutes" /></td>
</tr></table>
<small>' . $lng_news['unnecessary_field'] . ' ' . date('d.m.o / H:i', time() + $shift) . '<br />
' . $lng_news['unnecessary_field2'] . '</small><br />
<b>' . $lng_news['picture_to_news'] . ':</b><br />
<input type="file" name="imagefile"/><br />
<small>' . $lng_news['allowed_formats'] . ' ' . $set['flsz'] . ' кб.<br />
</small>
<input type="hidden" name="MAX_FILE_SIZE" value="' . (1024 * $set['flsz']) . '" />
</p><p><input type="submit" value="' . $lng['add'] . '" name="submit" />
</p></div></form>';
}
} else {
echo '<div class="rmenu">' . $lng_news['not_nor_one_categories'] . '</div>';
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'newsedit' :
if($id) {
$q = db::query("SELECT * FROM `cms_news` WHERE `id`='$id' LIMIT 1");
if (mysqli_num_rows($q)) {
$row = mysqli_fetch_assoc($q);
$day = date('d', $row['time']);
$year= date('o', $row['time']);
$month = date('m', $row['time']);
$minutes = date('i', $row['time']);
$hour = date('H', $row['time']);
if (isset ($_POST['submit'])) {
$time = time() + $shift;
$timer = true;
$date['day'] = date('d', $time);
$date['year'] = date('o', $time);
$date['month'] = date('m', $time);
$date['i'] = date('i', $time);
$date['h'] = date('H', $time);
$name = isset ($_POST['name']) ? trim($_POST['name']) : '';
$text = isset ($_POST['text']) ? trim($_POST['text']) : '';
$cat = isset($_POST['cat']) ? abs(intval($_POST['cat'])) : 0;
$day = isset($_POST['day']) && $_POST['day'] >= 1 && $_POST['day'] <= 31 ? abs(intval($_POST['day'])) : $date['day'];
$month = isset($_POST['month']) && $_POST['month'] >= 1 && $_POST['month'] <= 12 ? abs(intval($_POST['month'])) : $date['month'];
$year = isset($_POST['year']) && $_POST['year'] >= $date['year'] && $_POST['year'] <= ($date['year'] + 1) ? abs(intval($_POST['year'])) : $date['year'];
$hour = isset($_POST['hour']) && $_POST['hour'] >= 0 && $_POST['hour'] <= 24 ? abs(intval($_POST['hour'])) : $date['h'];
$minutes = isset($_POST['minutes']) && $_POST['minutes'] >= 0 && $_POST['minutes'] <= 60 ? abs(intval($_POST['minutes'])) : $date['i'];
$error = array();
$error = array();
if(empty($name))
$error[] = $lng_news['news_name_not_empty'] . '!';
else if (mb_strlen($name) < 2 || mb_strlen($name) > 150)
$error[] = $lng_news['error_long_news'] . '!';
if(empty($text))
$error[] = $lng_news['news_text_not_empty'] . '!';
else if (mb_strlen($text) < 2)
$error[] = $lng_news['error_long_news_text'] . '!';
if(!$cat)
$error[] = $lng_news['category_is_not_chose'] . '!';
if(empty($day) || empty($month) || empty($year))
$timer = false;
else
$time = mktime ($hour,$minutes,date("s"), $month, $day, $year);
if(($timer === false) && ($time < time()))
$error[] = 'Не верная дата!';
if(!$error) {
$data = db::query("SELECT * FROM `cms_news_cat` WHERE `id`='$cat';");
if(!mysqli_num_rows($data))
$error[] = $lng_news['category_does_not_exist'] . '!';
}
if(empty($error)) {
if($name != $row['name']) {
$q = db::query("SELECT * FROM `cms_news` WHERE `name`='" . db::escape($name) . "' LIMIT 1");
if (mysqli_num_rows($q)) {
$error[] = $lng_news['news_already_exists'] . '!';
}
}
}
if(empty($error)) {
db::query("UPDATE `cms_news` SET
`refid` = '$cat',
`name` = '" . db::escape($name) . "',
`text` = '" . db::escape($text) . "',
`user_id` = '" . $user_id . "',
`time` = '" . $time . "' WHERE `id`='$id'");
//$img_id = mysqli_insert_id();
require_once ('../incfiles/lib/class.upload.php');
$handle = new upload($_FILES['imagefile']);
if ($handle->uploaded) {
// Обрабатываем фото
$handle->file_new_name_body = 'news_' . $id;
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 100;
$handle->image_ratio_y = true;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed) {
@ chmod('../files/news/news_' . $id . '.png', 0666);
}
$handle->file_new_name_body = 'small_news_' . $id;
$handle->allowed = array('image/jpeg', 'image/jpg', 'image/gif', 'image/png');
$handle->file_max_size = 1024 * $set['flsz'];
$handle->file_overwrite = true;
$handle->image_resize = true;
$handle->image_x = 32;
$handle->image_y = 32;
$handle->image_convert = 'png';
$handle->process('../files/news/');
if($handle->processed) {
@ chmod('../files/news/small_news_' . $id . '.png', 0666);
}
}
$handle->clean();
Header('Location: ../news/index.php?act=view&id='.$id);
} else {
echo functions::display_error($error, '<a href="index.php?act=news&mod=news">' . $lng['repeat'] . '</a>');
}
} else {
echo '<form name="form" action="index.php?act=news&mod=newsedit&id=' . $id . '" method="post" enctype="multipart/form-data">
<div class="gmenu"><p>
<b>' . $lng_news['name_news'] . ':</b><br />
<input type="text" name="name" value="' . htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . '" /><br />
<small>' . $lng_news['recom_long_news_name'] . '</small><br />
<b>' . $lng_news['name_text'] . ':</b><br />
' .(!$is_mobile ? bbcode::auto_bb('form', 'text') : '') . '
<textarea name="text" cols="24" rows="4">' . htmlentities($row['text'], ENT_QUOTES, 'UTF-8') . '</textarea><br />
<small>' . $lng_news['recom_long_news_text'] . '</small><br />
<b>' . $lng['category'] . ':</b><br />
<select name="cat">';
$req = db::query("SELECT * FROM `cms_news_cat` ORDER BY `realid` ASC");
while (($rows = mysqli_fetch_assoc($req)) !== false) {
echo '<option value="' . $rows['id'] . '"' . ($rows['id'] == $row['refid'] ? ' selected="selected"':'') . '>' . htmlentities($rows['name'], ENT_QUOTES, 'UTF-8') . '</option>';
}
echo '</select><br /><b>' . $lng_news['its_date'] . ':</b><br />
<table><tr>
<td><span style="text-decoration: underline;">' . $lng['day'] . '</span><br />
<input type="text" value="' . $day . '" size="2" maxlength="2" name="day" />.</td>
<td><span style="text-decoration: underline;">' . $lng_news['month'] . '</span><br />
<input type="text" value="' . $month . '" size="2" maxlength="2" name="month" />.</td>
<td><span style="text-decoration: underline;">' . $lng_news['year'] . '</span><br />
<input type="text" value="' . $year . '" size="4" maxlength="4" name="year" />-</td>
<td><span style="text-decoration: underline;">' . $lng_news['hour'] . '</span><br />
<input type="text" value="' . $hour . '" size="2" maxlength="2" name="hour" />:</td>
<td><span style="text-decoration: underline;">' . $lng_news['minutes'] . '</span><br />
<input type="text" value="' . $minutes . '" size="2" maxlength="2" name="minutes" /></td>
</tr></table>
<small>' . $lng_news['unnecessary_field'] . ' ' . date('d.m.o / H:i', time() + $sdvigclock * 3600) . '<br />
' . $lng_news['unnecessary_field2'] . '</small><br />
<b>' . $lng_news['picture_to_news'] . ':</b><br />
<input type="file" name="imagefile"/><br />
<small>' . $lng_news['allowed_formats'] . ' ' . $set['flsz'] . ' кб.<br />
</small><br />
<input type="hidden" name="MAX_FILE_SIZE" value="' . (1024 * $set['flsz']) . '" />
</p><p><input type="submit" value="' . $lng['edit'] . '" name="submit" />
</p></div></form>';
}
} else {
echo '<div class="rmenu">' . $lng_news['news_does_not_exist'] . '</div>';
}
} else {
echo '<div class="rmenu">' . $lng_news['news_is_not_chose'] . '</div>';
}
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
case 'settings':
/*
-----------------------------------------------------------------
Настройки Новостей
-----------------------------------------------------------------
*/
$settings = unserialize($set['news']);
if (!isset($set['news']) || isset($_GET['reset'])) {
// Задаем настройки по умолчанию
$settings = array (
'view' => '1',
'size' => '200',
'quantity' => '3',
'days' => '7',
'breaks' => '1',
'smileys' => '0',
'tags' => '1',
'kom' => '1'
);
@db::query("DELETE FROM `cms_settings` WHERE `key` = 'news'");
db::query("INSERT INTO `cms_settings` SET
`key` = 'news',
`val` = '" . db::escape(serialize($settings)) . "'
");
echo '<div class="rmenu"><p>' . $lng['settings_default'] . '</p></div>';
} elseif (isset($_POST['submit'])) {
// Принимаем настройки из формы
$settings['view'] = isset($_POST['view']) && $_POST['view'] >= 0 && $_POST['view'] < 4 ? intval($_POST['view']) : 1;
$settings['size'] = isset($_POST['size']) && $_POST['size'] > 50 && $_POST['size'] < 500 ? intval($_POST['size']) : 200;
$settings['quantity'] = isset($_POST['quantity']) && $_POST['quantity'] > 0 && $_POST['quantity'] < 16 ? intval($_POST['quantity']) : 3;
$settings['days'] = isset($_POST['days']) && $_POST['days'] >= 0 && $_POST['days'] < 16 ? intval($_POST['days']) : 7;
$settings['breaks'] = isset($_POST['breaks']);
$settings['smileys'] = isset($_POST['smileys']);
$settings['tags'] = isset($_POST['tags']);
$settings['kom'] = isset($_POST['kom']);
db::query("UPDATE `cms_settings` SET
`val` = '" . db::escape(serialize($settings)) . "'
WHERE `key` = 'news'
");
echo '<div class="gmenu"><p>' . $lng['settings_saved'] . '</p></div>';
} else {
// Получаем сохраненные настройки
$settings = unserialize($set['news']);
}
/*
-----------------------------------------------------------------
Форма ввода настроек
-----------------------------------------------------------------
*/
echo '<form action="index.php?act=news&mod=settings" method="post"><div class="menu"><p>' .
'<h3>' . $lng['apperance'] . '</h3>' .
'<input type="radio" value="1" name="view" ' . ($settings['view'] == 1 ? 'checked="checked"' : '') . '/> ' . $lng['heading_and_text'] . '<br />' .
'<input type="radio" value="2" name="view" ' . ($settings['view'] == 2 ? 'checked="checked"' : '') . '/> ' . $lng['heading'] . '<br />' .
'<input type="radio" value="3" name="view" ' . ($settings['view'] == 3 ? 'checked="checked"' : '') . '/> ' . $lng['text'] . '<br />' .
'<input type="radio" value="0" name="view" ' . (!$settings['view'] ? 'checked="checked"' : '') . '/> <b>' . $lng['dont_display'] . '</b></p>' .
'<p><input name="breaks" type="checkbox" value="1" ' . ($settings['breaks'] ? 'checked="checked"' : '') . ' /> ' . $lng['line_foldings'] . '<br />' .
'<input name="smileys" type="checkbox" value="1" ' . ($settings['smileys'] ? 'checked="checked"' : '') . ' /> ' . $lng['smileys'] . '<br />' .
'<input name="tags" type="checkbox" value="1" ' . ($settings['tags'] ? 'checked="checked"' : '') . ' /> ' . $lng['bbcode'] . '<br />' .
'<input name="kom" type="checkbox" value="1" ' . ($settings['kom'] ? 'checked="checked"' : '') . ' /> ' . $lng['comments'] . '</p>' .
'<p><h3>' . $lng['text_size'] . '</h3> ' .
'<input type="text" size="3" maxlength="3" name="size" value="' . $settings['size'] . '" /> (50 - 500)</p>' .
'<p><h3>' . $lng['news_count'] . '</h3> ' .
'<input type="text" size="3" maxlength="2" name="quantity" value="' . $settings['quantity'] . '" /> (1 - 15)</p>' .
'<p><h3>' . $lng['news_howmanydays_display'] . '</h3><input type="text" size="3" maxlength="2" name="days" value="' . $settings['days'] . '" /> (0 - 15)<br />' .
'<small>0 - ' . $lng['without_limit'] . '</small></p>' .
'<p><input type="submit" value="' . $lng['save'] . '" name="submit" /></p></div>' .
'<div class="phdr"><a href="index.php?act=news&mod=settings&reset">' . $lng['reset_settings'] . '</a>' .
'</div></form>';
echo '<div class="phdr"><a href="index.php?act=news">' . $lng_news['management_news'] . '</a></div>';
break;
default:
$total = db::result(db::query("SELECT COUNT(*) FROM `cms_news_cat`"), 0);
if($total) {
$req = db::query("SELECT `id`, `name` FROM `cms_news_cat`
ORDER BY `realid` ASC LIMIT "
. $start . "," . $kmess);
$i = 1;
while (($row = mysqli_fetch_assoc($req)) !== false) {
echo $i % 2 ? '<div class="list1">' : '<div class="list2">';
if(file_exists('../files/news/ico_cat_' . $row['id'] . '.png') !== false)
echo '<a href="index.php?act=news&mod=ico&id=' . $row['id'] . '"><img style="margin: 0 0 -3px 0;border: 0px;" src="../files/news/ico_cat_' . $row['id'] . '.png" alt="" width="16" height="16"/></a> ';
echo htmlentities($row['name'], ENT_QUOTES, 'UTF-8') . ' <a href="../news/index.php?id=' . $row['id'] . '">»</a>';
echo '<div class="sub">
<a href="index.php?act=news&mod=up&id=' . $row['id'] . '">' . $lng['up'] . '</a> | <a href="index.php?act=news&mod=down&id=' . $row['id'] . '">' . $lng['down'] . '</a> | <a href="index.php?act=news&mod=edit&id=' . $row['id'] . '">' . $lng['edit'] . '</a> | <a href="index.php?act=news&mod=delete&id=' . $row['id'] . '">' . $lng['delete'] . '</a>
</div>';
echo '</div>';
++$i;
}
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
if ($total > $kmess) {
echo '<p>' . functions::display_pagination('index.php?act=news&', $start, $total, $kmess) . '</p>';
echo '<p><form action="index.php" method="get">
<input type="hidden" name="act" value="mod_news"/>
<input type="text" name="page" size="2"/>
<input type="submit" value="' . $lng['to_page'] . ' >>"/></form></p>';
}
} else {
echo '<div class="rmenu">' . $lng_news['not_nor_one_categories'] . '</div>';
}
echo '<div class="gmenu"><form action="index.php?act=news&mod=add" method="post"><input type="submit" value="' . $lng_news['add_category'] . '" /></form></div>';
if($total) {
echo '<div class="gmenu"><form action="index.php?act=news&mod=news" method="post"><input type="submit" value="' . $lng_news['add_news'] . '" /></form></div>';
echo '<div class="bmenu"><a href="index.php?act=news&mod=list">' . $lng_news['list_news'] . '</a></div>';
echo '<div class="bmenu"><a href="index.php?act=news&mod=clear">' . $lng_news['clear_news'] . '</a></div>';
}
echo '<div class="bmenu"><a href="index.php?act=news&mod=settings">' . $lng['settings'] . '</a></div>';
}
echo '<p class="menu"><a href="../news/">' . $lng['news'] . '</a></p>';
?>