Размер файла: 9.04Kb
<?php
/*
*Manag-Develop BolCmS-Suptesat
*Syte- bolcms.cf
*/
$title = 'Админка';
require("../system/core.php");
if($_SESSION['id'] != '1'){header("location: ../"); exit();}
switch($_GET['act']){
default:
echo '<div class="phdr">' .$lng ['loads'] . ' </div><div class="bmenu">';
$result = mysql_query("SELECT * FROM `loads_cats`");
$row = mysql_fetch_assoc($result);
if($row > 0){
do
{
printf('<a href="?act=cat_view&id=%s">%s</a> (<a href="?act=cat_edit&id=%s">' .$lng ['edit'] . ' </a>/<a href="?act=cat_del&id=%s">' .$lng ['del'] . ' </a>)<br/>', $row['id'], $row['name'], $row['id'], $row['id']);
}
while($row = mysql_fetch_assoc($result));
}else{
echo '' .$lng ['fno'] . ' <br/>';
}
echo '<br/><form action="?act=cat_added" method="post" name="form">';
echo '<input name="name" type="text" maxlength="50"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['adtd'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="./index.php">' .$lng ['admin'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
break;
case 'cat_added':
if(!empty($_POST['name'])){
$name = sec($_POST['name']);
mysql_query("INSERT INTO `loads_cats`(`name`) VALUES('$name')");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['edtd'] . ' !</div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
case 'cat_edit':
$id = intval($_REQUEST['id']);
$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads_cats` WHERE `id` = '$id'"));
echo '<div class="phdr">' .$lng ['editraz'] . ' </div><div class="bmenu">';
echo '<form action="?act=cat_edited&id='.$id.'" method="post" name="form">';
echo '' .$lng ['natrl'] . ' :<br/><input name="name" type="text" maxlength="50" value="'.$row['name'].'" /><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['edit'] . ' " /></form></div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
break;
case 'cat_edited':
$id = intval($_REQUEST['id']);
if(!empty($_POST['name'])){
$name = sec($_POST['name']);
mysql_query("UPDATE `loads_cats` SET `name` = '$name' WHERE `id` = '$id'");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['edtd'] . ' </div>';
echo '<div class="phdr"><a href="loads.php?act=cat_edit&id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
case 'cat_del':
$id = intval($_REQUEST['id']);
$result = mysql_query("DELETE FROM `loads_cats` WHERE `id` = '$id'");
if($result == true){
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['vvv'] . ' </div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
case 'cat_view':
$id = intval($_REQUEST['id']);
// вывод названия раздела
$cat = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads_cats` WHERE `id` = '$id'"));
echo '<div class="phdr">'.$cat['name'].'</div><div class="bmenu">';
// вывод файлов
$result = mysql_query("SELECT * FROM `loads` WHERE `id_cat` = '$id' ORDER BY `time` DESC");
$row = mysql_fetch_assoc($result);
if($row > 0){
do
{
printf('<a href="../loads/index.php?act=file_view&id=%s">%s</a> (<a href="?act=file_edit&&cat=%s&id=%s">' .$lng ['edit'] . ' </a>/<a href="?act=file_del&cat=%s&id=%s">' .$lng ['del'] . ' </a>)<br/>', $row['id'], $row['name'], $id, $row['id'], $id, $row['id']);
}
while($row = mysql_fetch_assoc($result));
}else{
echo '' .$lng ['fno'] . ' <br/>';
}
echo '<br/><a href="loads.php?act=file_add&id='.$id.'" class="button">' .$lng ['adf'] . ' </a></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
break;
case 'file_add':
$id = intval($_REQUEST['id']);
echo '<div class="phdr">' .$lng ['adf'] . ' </div><div class="menu">';
echo '<form action="?act=file_added&id='.$id.'" method="post" enctype="multipart/form-data" name="form">';
echo '' .$lng ['natrl'] . ' :*<br/><input name="name" type="text" maxlength="50"><br/>';
echo '' .$lng ['opt'] . ' :*<br/><textarea name="desc" rows="5"></textarea><br/>';
echo '' .$lng ['gve'] . ' :<br/><input name="authour" type="text" maxlength="50"><br/>';
echo '' .$lng ['reper'] . ' :<br/><input name="site" type="text" maxlength="50"><br/>';
echo '' .$lng ['vendor'] . ' :*<br/><input name="file" type="file"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['adf'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
break;
case 'file_added':
$id = intval($_REQUEST['id']);
if(!empty($_POST['name']) && !empty($_POST['desc']) && !empty($_FILES['file'])){
$name = sec($_POST['name']);
$desc = sec($_POST['desc']);
$authour = sec($_POST['authour']);
$site = sec($_POST['site']);
$file = sec($_FILES['file']['name']);
mysql_query("INSERT INTO `loads`(`id_cat`, `name`, `desc`, `authour`, `site`, `file`, `time`) VALUES('$id', '$name', '$desc', '$authour', '$site', '$file', '".time()."')") or die(mysql_error());
copy($_FILES['file']['tmp_name'], '../loads/files/'.$file);
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['laba'] . ' </div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=file_add&id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
case 'file_edit':
$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);
$file = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads` WHERE `id` = '$id'"));
echo '<div class="phdr">' .$lng ['edir'] . ' </div><div class="rmenu">';
echo '<form action="?act=file_edited&cat='.$cat.'&id='.$id.'" method="post" name="form">';
echo '' .$lng ['natrl'] . ' :*<br/><input name="name" type="text" maxlength="50" value="'.$file['name'].'"><br/>';
echo '' .$lng ['opt'] . ' :*<br/><textarea name="desc" rows="5">'.$file['desc'].'</textarea><br/>';
echo '' .$lng ['gve'] . ' :<br/><input name="authour" type="text" maxlength="50" value="'.$file['authour'].'"><br/>';
echo '' .$lng ['reper'] . ' :<br/><input name="site" type="text" maxlength="50" value="'.$file['site'].'"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['edit'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
break;
case 'file_edited':
$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);
if(!empty($_POST['name']) && !empty($_POST['desc'])){
$name = sec($_POST['name']);
$desc = sec($_POST['desc']);
$authour = sec($_POST['authour']);
$site = sec($_POST['site']);
mysql_query("UPDATE `loads` SET `name` = '$name', `desc` = '$desc', `authour` = '$authour', `site` = '$site' WHERE `id` = '$id'");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php?act=cat_view&id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['laba'] . ' </div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php?act=file_edit&cat='.$cat.'&id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
case 'file_del':
$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);
$result = mysql_query("DELETE FROM `loads` WHERE `id` = '$id'") or die(mysql_error());
if($result == true){
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}
break;
}
require("../system/end.php");
?>