Просмотр файла MiniCMS/moduli.php

Размер файла: 20.04Kb
<?php
include("minicms/lang.inc.php");
include("minicms/config.php");
include("minicms/config_bd.php");
Error_Reporting(E_ALL & ~E_NOTICE);          /////////////// èãíîðèðóåì îøèáêè
header("Content-type:text/vnd.wap.wml;charset=utf-8");      //////// òèï è êîäèðîâêà äîêóìåíòà
print "<?xml version=\"1.0\" encoding=\"utf-8\"?>
	<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">
	<wml><card id=\"mas\" title=\"AdminPL\"><p>";
							///////////// âûâîäèì âìë çàãîëîâîê
$par=trim($par);
$adpar=trim($adpar);
if($par!=$adpar) {print"&#x0412;&#x044B; &#x043D;&#x0435; &#x0432;&#x0432;&#x0435;&#x043B;&#x0438; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;, &#x043B;&#x0438;&#x0431;&#x043E; &#x0432;&#x044B; &#x0432;&#x0432;&#x0435;&#x043B;&#x0438; &#x043D;&#x0435;&#x0432;&#x0435;&#x0440;&#x043D;&#x044B;&#x0439; &#x043F;&#x0430;&#x0440;&#x043E;&#x043B;&#x044C;.
	<br/>";}
////////////////////МОДУЛИ////////////////////////////////////////////////////////////////////////////
else{
if($st=="moduli"){
echo "<img src=\"stl/mod_cms.png\" alt=\"Admin\"/><br/><br/>";
print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=guest&amp;par=$par\">Гостевая Книга</a><br/>";
print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=news&amp;par=$par\">Новости</a><br/>";
///print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=links&amp;par=$par\">Ссылки</a><br/>";
}
/////////////////////////////////LINKS//////////////////////////////////////////////////////////////
if($st=="links"){echo "Ссылки<br/>";
// List existing link titles
print "<a href=\"moduli.php?st=linksAND&amp;par=$par\">Add Ссылку</a><br/>";
echo '-----<br/>';
$query = "SELECT * FROM wps_links ORDER BY ordering";
$result = mysql_query($query);
// Use mysql_fetch_row to display links
for ($count = 1; $row = mysql_fetch_row ($result); ++$count)
{
	print ">> $row[2]        <a href=\"moduli.php?st=linksED&amp;par=$par&amp;linkid=$row[0]\">$row[2]</a><br/>";
}
}
////////......
if($st=="linksED"){echo "EDIT Ссылку<br/>";
if (isset($linkid)) {
	$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
	$result = mysql_query($query);
	$row = mysql_fetch_row($result);}
?>
&#x0418;&#x043C;&#x044F;:<br/>
<input type="text" name="linktitle" value="<? if (isset($linkid)) { echo $row[2]; } ?>" /> 
<br/>
URL без http://:<br/>
<input type="text"  name="linkcontent" value="<? if (isset($linkid)) { echo $row[3]; } ?>"/><br/>
<?	
$query = "SELECT * FROM wps_links";
$result = mysql_query($query);
for ($num=1; $row = mysql_fetch_row ($result); ++$num) {
}
echo 'Место:<br/>';
echo '<select name="linkorder">';
if (isset($linkid)) {
	$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
	$result = mysql_query($query);
	$row = mysql_fetch_row ($result);
	for ($count=1; $count <> $num; ++$count) {
		if ($row[1] == $count) {
			print "              <option>$count</option>";
		} else {
			print "              <option>$count</option>";
		}
	}
} else {
	for ($count=1; $count <> $num; ++$count) {
		print "              <option>$count</option>";
	}
	print "              <option>$count</option>";
}

echo '</select><br/><br/>';

if (isset($linkid)) {echo'
<anchor>EDIT
<go href="moduli.php?st=linksED2&amp;par=$par&amp;link_id='.$linkid.'" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<anchor>DELT
<go href="moduli.php?st=linksDL&amp;par=$par&amp;del_id='.$linkid.'" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<br/><br/>
<do label="EDIT" type="accept">
<go href="moduli.php?st=llinksED2&amp;par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</do><br/>
';}
}
/////.......
if($st=="linksDL"){echo "Ссылка Удалина<br/>";
$query = "DELETE FROM `wps_links` WHERE `id` = '".$del_id."' LIMIT 1";
$result = mysql_query($query);
if (!$result) echo mysql_error();
else 
{
print ('УДАЛИНО!!<br/><do type="prev" label="НАЗАД"><prev/></do>');
echo "</p>";
        echo "</card></wml>";
}
              

}
////........
if($st=="linksED2"){echo "EDIT Ссылку<br/>";

$query = "UPDATE wps_links SET ordering = '".$linkorder."', linktext = '".$linktitle."', link = '".$linkcontent."', published = '".$published."' WHERE id = '".$link_id."'";
if (!$query) echo 'Error '.mysql_error();
$result = mysql_query($query);
if ($result)
{
echo "Ссылка изменина";
echo "</p>";
        echo "</card></wml>";
exit;
}
else
{
echo "Error!<br/>";
echo mysql_error();
}

}
////////.......
if($st=="linksAND"){echo "AND Ссылку<br/>";
echo '
&#x0418;&#x043C;&#x044F;:<br/>
<input type="text" name="linktitle"/> 
<br/>
URL без http://:<br/>
<input type="text"  name="linkcontent"/><br/>';
$query = "SELECT * FROM wps_links";
$result = mysql_query($query);
for ($num=1; $row = mysql_fetch_row ($result); ++$num) {
}
echo 'Место:<br/>';
echo '<select name="linkorder">';
if (isset($linkid)) {
	$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
	$result = mysql_query($query);
	$row = mysql_fetch_row ($result);
	for ($count=1; $count <> $num; ++$count) {
		if ($row[1] == $count) {
			print "              <option>$count</option>";
		} else {
			print "              <option>$count</option>";
		}
	}
} else {
	for ($count=1; $count <> $num; ++$count) {
		print "              <option>$count</option>";
	}
	print "              <option>$count</option>";
}

echo '</select><br/><br/>

<anchor>Добавить
<go href="moduli.php?st=linksAND2&amp;par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<br/><br/>
<do label="Добавить" type="accept">
<go href="moduli.php?st=linksAND2&amp;par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</do>
';
}
if($st=="linksAND2"){echo "AND Ссылку<br/>";
$linktitle = htmlspecialchars($linktitle);
$linkcontent = htmlspecialchars($linkcontent);
$linkorde = htmlspecialchars($linkorde);
$query = "INSERT INTO wps_links VALUES ( '', '$linkorder', '$linktitle', '$linkcontent', '$published')
";
if (!$query) echo 'Error '.mysql_error();
$result = mysql_query($query);
if ($result)
{
echo "Ссылка Добавлена!!";
echo "</p>";
        echo "</card></wml>";
exit;
}
else
{
echo "Error!<br/>";
echo mysql_error();
}
}
///////////////////////GOSTEVAZ/////////////////////////////////////////////////////////////////////
if($st=="guest"){echo "Гостевая Книга<br/>";


if (empty($page)) $page = 0;
if ($page < 0) $page = 0;

$count_query = 'select count(*) from `guestbook` where 1 ;';
$total_mess = mysql_query ($count_query);
$total_count = mysql_fetch_array ($total_mess);
$count = $total_count ['count(*)'];

if ($count == 0) 
{
print ('Извените но в гостевой книге нет сообщений').'<br/>';
exit;
}
print ('Всего сообщений: ').$count.'<br/>';

$query = "SELECT * FROM `guestbook` ORDER BY `date` DESC LIMIT ".$page." , ".$max_mess.";"; 
if (!$query) echo mysql_error();
$result = mysql_query($query);
if (!$result) echo mysql_error();
while($otvet = mysql_fetch_array($result)) 
  { 
   print '........<br/>';
    print_r(('Дата: ').$id = $otvet ['date']); 
	print '<br/>';
    print_r(('Имя:<u> ').($id = $otvet ['name']).'</u>');
	
	print_r((':<i> ').($id = $otvet ['message']).'</i>'); 
if($id = $otvet ['email']!=""){print" <br/>e-mail: <a href=\"mailto:".($id = $otvet ['email'])."\">".($id = $otvet ['email'])."</a>";}
if($id = $otvet ['sait']!="") {print"<br/> Сайт: <a href=\"".($id = $otvet ['sait'])."\">".($id = $otvet ['sait'])."</a><br/>";}	
	print ' I<a href="moduli.php?st=guestdl&amp;par=$par&amp;id_mess='.$id = $otvet ['message'].'">Удалить</a>I<br/><br/>';
print 'Ответ :
<input type="text" name="otvet"/>
<anchor>Ok
<go href="moduli.php?st=guestOTVF&amp;par=$par&amp;id_mess='.$id = $otvet ['message'].'" method="post">
<postfield name="otvet" value="$(otvet)"/>
</go>
</anchor>
<do label="Ok" type="accept">
<go href="moduli.php?st=guestOTVF&amp;par=$par&amp;id_mess='.$id = $otvet ['message'].'">
<postfield name="name" value="$(name)"/>
<postfield name="mess" value="$(mess)"/>
</go>
</do>';
	print '<br/>........<br/>';
	  } 
	  }
//////////////////////DLGUS//////////////////////////////////////////////////////////////////////////
if($st=="guestdl"){
$query = "DELETE FROM `guestbook` WHERE `message` = '".$id_mess."' LIMIT 1";
$result = mysql_query($query);
if (!$result) echo mysql_error();
else 
{
print ('УДАЛИНО!!<br/><do type="prev" label="НАЗАД"><prev/></do>');
echo "</p>";
        echo "</card></wml>";
}
              
}

/////////////////OTvetGUEST//////////////////////////////////////////////////////////////////////////
if($st=="guestOTVF"){
$otvet = htmlspecialchars($otvet);
$updatecp=mysql_query("UPDATE guestbook SET otvet='".$otvet."' WHERE  message='".$id_mess."'");
echo "Ответ добавлен!<br/>";
echo "</p>";
        echo "</card></wml>";
}
/////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////НОВОСТИ/////////////////////////////////////////////////////
if($st=="news"){echo "Новости<br/>";
echo '<a href="moduli.php?st=news_and&amp;par=$par">Добавить</a><br/>
';

if (!@$s) $s=0;
if ($act=='del') mysql_query("delete from `news` where id=$id");
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
if ($s*$lim+$lim>$count) $limit=$count-$s*$lim; else $limit=$lim;
//print $s*$lim;
print $lang['show'].($s*$lim+1).'-'.($s*$lim+$limit).'<br/>';
$q=mysql_query("select * from `news` where 1 order by id desc limit ".($s*$lim).", $limit");
while($data = @mysql_fetch_array($q)){
	$date=(int)(date('d',$data['date'])).' '.$lang[date('m',$data['date'])];
	print '<b><u>'.$date.'</u></b><br/>'.$data['text'].'<br/>';
	print '<a href="moduli.php?st=news_DLT&amp;par='.$par.'&amp;id='.$data['id'].'">Удалить</a><br/>';
	$r1=@mysql_fetch_array(mysql_query("select count(*) from `news_com` where nid='".$data['id']."';"));
	print '<a href="moduli.php?st=news_com&amp;par='.$par.'&amp;id='.$data['id'].'">'.$lang['opinion'].'</a> ['.$r1['count(*)'].']<br/><br/>';
}
if ($s!=0)  echo '<a href="moduli.php?st=news&amp;par='.$par.'&amp;s='.($s-1).'">&#x041F;&#x0440;&#x0435;&#x0434;&#x044B;&#x0434;&#x0443;&#x0449;&#x0438;&#x0435;</a> ';
if ($count>$s*$lim+$lim)  echo ' <a href="moduli.php?st=news&amp;par='.$par.'&amp;s='.($s+1).'">&#x0421;&#x043B;&#x0435;&#x0434;&#x0443;&#x044E;&#x0449;&#x0438;&#x0435;</a><br/>';

}
/////////////////////////ANDNEWS??????????????//////////////////////////////////////////
if($st=="news_and"){echo "AND Новости<br/>";
echo 'Новость: <br/>
<input type="text" value="" name="text"/>
<br/>
<anchor>Добавить
<go href="moduli.php?st=news_and2&amp;par=$par" method="post">
<postfield name="text" value="$(text)"/>
</go>
</anchor>
<br/><br/>
<do label="Добавить" type="accept">
<go href="moduli.php?st=news_and2&amp;par=$par" method="post">
<postfield name="text" value="$(text)"/>
</go>
</do>
';
}
//////////////////AND2......................
/////////////////////////КоментNEWS??????????????//////////////////////////////////////////
if($st=="news_com"){echo "Kомментарии<br/>";
$fl='false';


{
$ipsoft=getenv("REMOTE_ADDR").'**'.getenv("HTTP_USER_AGENT");
$q3=mysql_query("select plus, minus, ipsoft from news where id='$id'");
$r3=mysql_fetch_array($q3);
if ($ipsoft!=$r3['ipsoft']) mysql_query("update news set $op='".($r3[$op]+1)."', ipsoft='$ipsoft' where id=$id;");
$fl=true;
};
if (@$act=='del') {mysql_query("delete from `news_com` where id=$mid;"); $fl=true;};
if ((empty($act))||$fl=='true'){
if (!@$s) $s=0;
$q=mysql_query("select count(id) from `news_com` where nid='$id';");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
if ($s*$lim+$lim>$count) $limit=$count-$s*$lim; else $limit=$lim;
print $lang['que1'].'<br/>';
$q3=mysql_query("select plus, minus, ipsoft from news where id='$id'");
$r3=mysql_fetch_array($q3);
if ($r3['plus']+$r3['minus']>0) { $prplus=round(($r3['plus']/($r3['plus']+$r3['minus']))*100,2); $prminus=round(($r3['minus']/($r3['plus']+$r3['minus']))*100,2);}
else {$prplus=0; $prminus=0;}
print $lang['good'].': '.$r3['plus'].'('.$prplus.'%)<br/>'.$lang['bad'].': '.$r3['minus'].'('.$prminus.'%)<br/>';
print '---<br/>';
print $lang['showop'].' '.$count.'<br/>';
$q=mysql_query("select * from `news_com` where nid='$id' order by id desc limit ".($s*$lim).", $limit");
while($data = @mysql_fetch_array($q)){
	$date=date('h:i d ',$data['date']).' '.$lang[date('m',$data['date'])];
	print '<b>'.$data['name'].'</b>('.$date.'):<br/> '.$data['text'].'<br/>';
	print '<a href="moduli.php?st=news_comDLT&amp;par=$par&amp;nid='.$data['id'].'&amp;id='.$id.'">Удалить</a><br/>';
}
if ($s!=0)  echo '<a href="moduli.php?st=news_kom&amp;par='.$par.'&amp;s='.($s-1).'">&#x041F;&#x0440;&#x0435;&#x0434;&#x044B;&#x0434;&#x0443;&#x0449;&#x0438;&#x0435;</a> ';
if ($count>$s*$lim+$lim)  echo ' <a href="moduli.php?st=news_kom&amp;par='.$par.'&amp;s='.($s+1).'">&#x0421;&#x043B;&#x0435;&#x0434;&#x0443;&#x044E;&#x0449;&#x0438;&#x0435;</a>';
}}
//////////////////AND2......................
if($st=="news_and2"){echo "AND Новости<br/>";
$text = htmlspecialchars($text);
if (mysql_query("insert into `news` values(0, '".time()."', '$text','0','0','');")) print '&#1053;&#1086;&#1074;&#1086;&#1089;&#1090;&#1100; &#1076;&#1086;&#1073;&#1072;&#1074;&#1083;&#1077;&#1085;&#1072;!';
}
//////////////////DELT.КОМЕНТАРИИ//////////////////////////////////////////////////////////////////////
if($st=="news_comDLT"){echo "УДАЛИНО<br/>";
mysql_query("delete from `news_com` where id=$nid;"); $fl=true;
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
}
//////////////////DELT./////////////////////////////////////////////////////////////////////////////

if($st=="news_DLT"){echo "УДАЛИНО<br/>";
mysql_query("delete from `news` where id=$id");
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
}
//////////////////////MODGL//////////////////////////////////////////////////////////////////////////

if($st=="pmoduli"){
echo "+МОДУЛЬ НА ГЛ.<br/>";
?>
<select name="action">

<option value="guest">Гостевая Книга</option>
<option value="news">Новости</option>

</select><br/>
A&#x0432;&#x0442;o&lt;br/&gt;:<br/>
<select name="abr">
<option value="yes">&#x0414;a</option>
<option value="no">&#x041D;e&#x0442;</option>
</select><br/>
Pac&#x043F;o&#x043B;o&#x0436;e&#x043D;&#x0438;e:<br/>
<select name="location">
<option value="below">H&#x0438;&#x0436;&#x0435;</option>
<option value="rewrite">&#x041F;epe&#x0437;a&#x043F;&#x0438;c&#x044C;</option>
<option value="above">&#x0412;&#x044B;&#x0448;e</option>
</select><br/>
&#x0420;&#x0435;&#x0437;&#x0430;&#x0442;&#x044C; &#x0442;&#x0435;&#x0433;&#x0438;:<br/>
<select name="strip">
<option value="yes">&#x0414;&#x0430;</option>
<option value="no">&#x041D;&#x0435;&#x0442;</option>
</select><br/>
<anchor title="go">OK<go href="moduli.php?st=anddmm&amp;par=<?php echo $par; ?>&amp;page=<?php echo $_GET['page']; ?>&amp;i=<?php echo $_GET['i']; ?>" method="post">
<postfield name="action" value="$(action)"/>
<postfield name="location" value="$(location)"/>
<postfield name="abr" value="$(abr)"/>
<postfield name="strip" value="$(strip)"/>
</go></anchor><br/>
<br/>
<?php 
}
/////////////////////////////////ANDMODLIII//////////////////////////////////////////////////////
if($st=="anddmm"){
echo "добавлен в меню";
if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>

111

<?php
   exit;
}

   $contents = file("wml/" . addslashes($_GET['page']));
   for($i = 0; $i < count($contents); $i++)
   {
      if($banner == 'top' && $i == 6)
      {
      }
      else
      {
         $contents2[] = $contents[$i];
      }
      if(trim($contents[$i]) == '<p align="center">' || trim($contents[$i]) == '<p align="left">' || trim($contents[$i]) == '<p align="right">')
      {
         if($banner == 'top')
            $contents2[] = get_random_link();
      }

      if((isset($contents[$i+1]) && trim($contents[$i+1]) == '</p>') || (isset($contents[$i+2]) && trim($contents[$i+2]) == '</card>'))
      {
         if($banner == 'bottom')
         {
            array_pop($contents2);
            $contents2[] = get_random_link();
         }
      }

      if($i == $_GET['i'])
      {
         if($i == 5 && $_POST['location'] == 'rewrite' && $_POST['action'] != 'left' && $_POST['action'] != 'center' && $_POST['action'] != 'right')
         {
?>

222<br/>

<?php
       
            exit;
         }

         switch($_POST['action'])
         {
           
            case 'br':
               $new_line = '<br/>' . "\n";
               break;
            case 'guest':
               if($_GET['i'] == 5)
                  $new_line = '<a href="index.php?action=guest">Гостевая Книга</a>' . "\n";
               else
                  $new_line = '<a href="index.php?action=guest">Гостевая Книга</a>' . "\n";
               break;
            case 'news':
               if($_GET['i'] == 5)
                  $new_line = '<a href="index.php?action=news">Новости</a>' . "\n";
               else
                  $new_line = '<a href="index.php?action=news">Новости</a>' . "\n";
               break;
           case 'right':
               if($_GET['i'] == 5)
                  $new_line = '<p align="right">' . "\n";
               else
                  $new_line = '</p><p align="right">' . "\n";
               break;
            default:
               $new_line = '';
         }

         if($_POST['abr'] == 'yes')
            $new_line .= "\n<br/>\n";

         if($_POST['location'] == 'below')
         {
            // adding new line
            $contents2[] = $new_line;
         }
         if($_POST['location'] == 'rewrite')
         {
            // adding new line
            if($_GET['i'] == 5)
            {
               $adv_link = array_pop($contents2);
               array_pop($contents2);
               $contents2[] = $new_line;
               //$contents2[] = $adv_link;
            }
            else
            {
               array_pop($contents2);
               $contents2[] = $new_line;
            }
         }
         if($_POST['location'] == 'above')
         {
            // adding new line
            $curr_row = array_pop($contents2);
            $contents2[] = $new_line;
            array_push($contents2, $curr_row);
         }
      }
   }
   $fp = fopen("wml/" . addslashes($_GET['page']), 'wb');
   fputs($fp, join('', $contents2));
   fclose($fp);

}

if(!isset($_GET['page']))
   $_GET['page'] = 'index.cms';

if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>

4444

<?php
   exit;


}

/////////////////////////////////////////////////////////////////////////////////////////////////////
}
print"<br/>__________<br/>
<a href=\"admin.php?par=$par&amp;st=amPL\">&#x0410;&#x0434;&#x043C;&#x0438;&#x043D; &#x043F;&#x0430;&#x043D;&#x0435;&#x043B;&#x044C;</a>
<br/>
</p></card></wml>";

?>