Просмотр файла news/adminka/enter.php

Размер файла: 4.38Kb
<?php
error_reporting(0);
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header('Cache-Control: no-cache, must-relative');
include('../conf/index.php');

if(isset($_POST['auth']))
{
$pass = anti($_POST['pass']);

if($pass != $adpass)
{
echo '<?xml version=\'1.0\' encoding=\'UTF-8\'?><!DOCTYPE wml PUBLIC \'-//WAPFORUM//DTD WML 1.3//EN\' \'http://www.wapforum.org/DTD/wml13.dtd\'><wml><card title=\'Ошибка!\' ontimer=\'index.php?'.$r.'\'><timer value=\'15\'/><p align=\'left\'><small>Пароль неверный!</small></p></card></wml>';
exit;
}
}
else
{
$pass = anti($_GET['pass']);

if($pass != $adpass)
{
echo '<?xml version=\'1.0\' encoding=\'UTF-8\'?><!DOCTYPE wml PUBLIC \'-//WAPFORUM//DTD WML 1.3//EN\' \'http://www.wapforum.org/DTD/wml13.dtd\'><wml><card title=\'Ошибка!\' ontimer=\'index.php?'.$r.'\'><timer value=\'15\'/><p align=\'left\'><small>Пароль неверный!</small></p></card></wml>';
exit;
}
}

echo '<?xml version=\'1.0\' encoding=\'UTF-8\'?><!DOCTYPE wml PUBLIC \'-//WAPFORUM//DTD WML 1.3//EN\' \'http://www.wapforum.org/DTD/wml13.dtd\'><wml><head><meta http-equiv=\'Cache-Control\' content=\'no-cache\' forua=\'true\'/></head><card id=\'index\' title=\'Админка\'><p align=\'left\'>';

$n = intval($_GET['n']);

if($n > 3 && $n < 1) $n = 1;

switch($n)
{
default:
if(!isset($_POST['addnews']))
{
echo 'Добавить новость:<br/><input type=\'text\' name=\'news'.$r.'\' maxlength=\'500\'/><br/><anchor>Добавить&#187;<go href=\'enter.php?pass='.$pass.'&amp;'.$r.'\' method=\'post\'><postfield name=\'news\' value=\'$(news'.$r.')\'/><postfield name=\'addnews\' value=\'addnews\'/></go></anchor><br/><a href=\'enter.php?n=1&amp;pass='.$pass.'&amp;'.$r.'\'>Редактировать/Удалить</a><br/><br/>';
}
else
{
$news = anti($_POST['news']);

$q = mysql_query("SELECT * FROM news WHERE news = '".$news."';");

if(mysql_num_rows($q) != 0)
{
echo 'Такая новость уже существует.<br/><br/>';
}
else
{
$date = date('d.m.Y');
$date = anti($date);

mysql_query("INSERT INTO news SET date = '".$date."', news = '".$news."';");

echo 'Новость добавлена!<br/><br/>';
}
}
break;

case '1':
if(empty($_GET['s'])) $s = 0; else $s = intval($_GET['s']);

if ($s < 0) $s = 0;
$num = 6;
$num = intval($num);

$all = mysql_num_rows(mysql_query("SELECT id FROM news"));
$all = intval($all);

if($all == 0)
{
echo 'Новостей нет.<br/><br/>';
}
else
{
$q = mysql_query("SELECT id,date,news FROM news ORDER BY id DESC LIMIT $s,$num;");

while($arr = mysql_fetch_array($q))
{
$id = $arr['id'];
$date = $arr['date'];
$news = $arr['news'];

echo '<b><u>'.$date.'</u></b><br/>'.$news.'<br/><a href=\'enter.php?n=2&amp;pass='.$pass.'&amp;id='.$id.'&amp;'.$r.'\'>[Ред.]</a> <a href=\'enter.php?n=3&amp;pass='.$pass.'&amp;id='.$id.'&amp;'.$r.'\'>[Удал.]</a><br/><br/>';
}
}

if($all > $s + $num) echo '<a href=\'enter.php?s='.($s+$num).'&amp;'.$r.'&amp;pass='.$pass.'&amp;n=1\'>Далее&#187;</a><br/>';

if($s != 0) echo '<a href=\'enter.php?s='.($s-$num).'&amp;'.$r.'&amp;pass='.$pass.'&amp;n=1\'>&#171;Назад</a><br/>';
break;

case '2':
$id = intval($_GET['id']);

$q = mysql_query("SELECT news FROM news WHERE id = '".$id."';");

if(mysql_num_rows($q) == 0)
{
echo 'Такой новости не существует.<br/><br/>';
}
else
{
if(!isset($_POST['editnews']))
{
$arr = mysql_fetch_array($q);
$news = $arr['news'];

echo 'Новость:<br/><input type=\'text\' name=\'news'.$r.'\' value=\''.$news.'\' maxlength=\'500\'/><br/><anchor>Изменить&#187;<go href=\'enter.php?n=2&amp;'.$r.'&amp;pass='.$pass.'&amp;id='.$id.'\' method=\'post\'><postfield name=\'news\' value=\'$(news'.$r.')\'/><postfield name=\'editnews\' value=\'editnews\'/></go></anchor><br/><br/>';
}
else
{
$news = anti($_POST['news']);

mysql_query("UPDATE news SET news = '".$news."' WHERE id = '".$id."';");

echo 'Новость изменена.<br/><br/>';
}
}
break;

case '3':
$id = intval($_GET['id']);

$q = mysql_query("SELECT * FROM news WHERE id = '".$id."';");

if(mysql_num_rows($q) == 0)
{
echo 'Такой новости не существует.<br/><br/>';
}
else
{
mysql_query("DELETE FROM news WHERE id = '".$id."';");

echo 'Новость удалена.<br/><br/>';
}
break;
}

if(!empty($n)) echo '<a href=\'enter.php?pass='.$pass.'&amp;'.$r.'\'>Админка</a><br/>';
echo '<a href=\'http://'.$site.'\'>Главная</a></p></card></wml>';
?>