<?
include_once "../SYSTEM/include/functions.php";
include_once BASEDIR."SYSTEM/include/mysql.php";
include_once BASEDIR."SYSTEM/include/param.php";
include_once BASEDIR."SYSTEM/include/ban.php";
include_once BASEDIR."SYSTEM/include/sess.php";
include_once BASEDIR."SYSTEM/include/ban_2.php";
include_once BASEDIR."SYSTEM/include/theme.php";
$title='Новости';
$mesto='В админке';
head();
if (!isset($user) || $user['level']<3)
{
header ("Location: ../index.php?".SID."");
exit;
}
echo "<div class=\"h\">Новости</div><hr />\n";
if ($mail_in_new>0)echo "<div class=\"privat\"><img src=\"../SYSTEM/themes/$them/img/mail0.gif\" alt=\"\" /> <a href=\"../mail.php?act=in\">Приват</a> [$mail_in_new]</div><hr />\n";
if (isset($_GET['msg']))
{
$msg=$_GET['msg'];
echo "<span style=\"color:$color[msg]\"><b>";
if ($msg=='add'){echo "Новость добавлена";}
echo "</b></span><br />";
}
if (isset($_GET['act']) && $_GET['act']=='add' && isset($_POST['msg']))
{
$msg=$_POST['msg'];
$msg = iconv('utf-8', 'windows-1251', $msg);
$msg=substr($msg, 0, 512);
$name=mysql_escape_string($_POST['title']);
$name=stripslashes(htmlspecialchars($name));
$name=trim($name);
$name = iconv('utf-8', 'windows-1251', $name);
$name=substr($name, 0, 32);
if (strlen($name)<3){$name=substr($msg, 0, 32);$name.='...';}
$name = iconv('windows-1251', 'utf-8', $name);
$msg = iconv('windows-1251', 'utf-8', $msg);
$msg=stripslashes(htmlspecialchars($msg));
$msg=str_replace("\r\n","<br />",$msg);
$msg=str_replace("\r","<br />",$msg);
$msg=str_replace("\n","<br />",$msg);
if (isset($_POST['tr']))
{
$name=translit($name);
$msg=translit($msg);
}
$msg=eregi_replace("((https?|ftp)://[[:alnum:]_=/-]+(\\.[[:alnum:]_=/-]+)*(/[[:alnum:]+&._=/~%#]*(\\?[[:alnum:]?+&_=/%#]*)?)?)", "<a href='\\1'>\\1</a>", $msg);
if ($msg=='')
{
header("Location: index.php?".SID."");
exit;
}
if (isset($_POST['mail']))
{
$q = mysql_query("SELECT email FROM `$mysql[pref]users` WHERE `send_news` = '1';");
while ($ank = mysql_fetch_array($q))
{
$email=$ank['email'];
$subject = "Новости ($set[title])";
$regmail = "$name\n\n$msg\n\nC уважением, администрация сайта";
$adds = "From: <$set[mail]>\n";
$adds .= "X-sender: <$set[mail]>\n";
$adds .= "Content-Type: text/plain; charset=utf-8\n";
mail($email,$subject,$regmail,$adds);
}
}
$id_t=rand(1,999999999);
mysql_query("INSERT INTO `$mysql[pref]forum_t` (id, name, t_create, time_last, autor, id_r, id_us, id_f, crep)
values('$id_t', '$name', '$time', '$time', '$user[nickname]', '$id_news_razd', '$user[id]', '$id_news_forum', '1')");
mysql_query("INSERT INTO `$mysql[pref]forum_p` (id_f, id_r, id_t, nick, time, msg, ip, ua, id_us)
values('$id_news_forum', '$id_news_razd', '$id_t', '$user[nickname]', '$time', '$msg', '$ip_p', '$ua_p', '$user[id]')");
mysql_query("INSERT INTO `$mysql[pref]news` (nick, time, text, title, id_t)
values('$user[nickname]', '$time', '$msg', '$name', '$id_t')");
action("Добавление новости");
header("Location: news.php?".SID."msg=add");
exit;
}
$q = mysql_query("SELECT COUNT(id) FROM `$mysql[pref]news`;");
if (mysql_result($q, 0)>0)
{
$q = mysql_query("SELECT MAX(id) FROM `$mysql[pref]news`;");
$max_id_news=mysql_fetch_array($q);
$q = mysql_query("SELECT * FROM `$mysql[pref]news` WHERE `id` = '$max_id_news[0]';");
$news = mysql_fetch_array($q);
echo "<div class=\"mess\">\n";
echo "<b>$news[title]</b><br />\n";
echo "".vremja($news['time'])."";
echo "<br />\n";
echo "<span style=\"color:$color[post]\">".smiles($news['text'])."</span>";
echo "</div>\n";
echo "<br />\n";
}
else
{
echo "Нет новостей<br />\n";
}
echo "<form method=\"post\" action=\"news.php?act=add\">\n";
echo "Новая новость:<br />\n";
echo "Заголовок:<br />\n<input name=\"title\" class=\"form\" value=\"\" type=\"text\" /><br />\n";
echo "Новость: <br />\n<textarea name=\"msg\" class=\"form\" rows=\"3\"></textarea><br />\n";
echo "<input type=\"checkbox\" name=\"tr\" value=\"1\" /> Транслит<br />\n";
echo "<input type=\"checkbox\" name=\"mail\" value=\"1\" /> Рассылка<br />\n";
echo "<input value=\"Добавить\" class=\"form\" type=\"submit\" />\n";
echo "</form>";
echo "<hr /><a href=\"index.php\"><< Админка</a>\n";
echo "<br /><a href=\"../index.php\"><< На главную</a>\n";
foot();
?>