Размер файла: 3.57Kb
<?php
/*********************************************************************/
#---------------------------KokirCMS Соц сети-------------------------#
#---------------------Kiriyan и kokir Сайт kiriyan.org----------------#
#-------------------------------2012 г.-------------------------------#
#------------------Связь ICQ 455002004. [email protected]#
#----------------------------Пример ewwap.ru--------------------------#
/*********************************************************************/
require('../inc/head.php');
if($user['rights'] < 2)
header("Location: index.php");
switch($mode)
{
case 'edit':
if(empty($_GET['id']) || !ctype_digit($_GET['id']))
header("Location: index.php");
$id = $_GET['id'];
$n = mysql_fetch_array(mysql_query("SELECT * FROM `news` WHERE `id` = $id;"));
if(!$n)
header("Location: index.php");
if(isset($_POST['save']))
{
$caption = mb_substr(escstr($_POST['caption']), 0, 50);
$text = escstr($_POST['text']);
if($text && $caption)
{
mysql_query("UPDATE `news` SET `caption` = '" . $caption . "', `text` = '" . $text . "' WHERE `id` = $id;");
header("Location: index.php");
}
}
echo '<div class="caption"><a href="index.php">Новости</a> » Редактировать</div>';
echo '<div class="menu">';
echo '<form action="" method="post">';
echo '<label>Заголовок:<br/><input type="text" name="caption" maxlength="50" value="' . $n['caption'] . '"/>(max.50)</label><br/>';
echo '<label>Текст:<br/><textarea name="text">' . $n['text'] . '</textarea></label><br/>';
echo '<input type="submit" name="save" value="Сохранить"/>';
echo '</form>';
echo '</div>';
break;
/*********************************************************************/
case 'trunc':
if(isset($_GET['accept']))
{
mysql_query("DELETE FROM `news`;");
header("Location: index.php");
}
echo '<div class="menu adm">';
echo 'Вы уверены, что хотите удалить все новости?<br/>';
echo '<a href="?mode=trunc&accept">Да</a> | <a href="index.php">Нет</a>';
echo '</div>';
break;
/*********************************************************************/
case 'delete':
if(empty($_GET['id']) || !ctype_digit($_GET['id']))
header("Location: index.php");
$id = $_GET['id'];
mysql_query("DELETE FROM `news` WHERE `id` = $id;");
header("Location: index.php");
break;
/*********************************************************************/
default:
if(isset($_POST['add']))
{
$caption = mb_substr(escstr($_POST['caption']), 0, 50);
$text = escstr($_POST['text']);
if($text && $caption)
{
mysql_query("INSERT INTO `news` VALUES(0, '" . $caption . "', '" . $text . "', '" . $time . "');");
header("Location: index.php");
}
}
echo '<div class="caption"><a href="index.php">Новости</a> » Добавить</div>';
echo '<div class="menu">';
echo '<form action="" method="post">';
echo '<label>Заголовок:<br/><input type="text" name="caption" maxlength="50"/>(max.50)</label><br/>';
echo '<label>Текст:<br/><textarea name="text"></textarea></label><br/>';
echo '<input type="submit" name="add" value="Добавить"/>';
echo '</form>';
echo '</div>';
}
require('../inc/end.php');
?>