Размер файла: 4.4Kb
<?php
define('_WBLIB',1);
require_once ('../inc/core.php');
if ($level < 1) {exit('Доступ закрыт');}
$query = mysql_query("SELECT * FROM `article` WHERE `id` = '$id' AND `type` = '2' LIMIT 1");
if (mysql_num_rows($query) == 0) {
require_once ('../inc/head.php');
echo '<div class="error">Статья не найдена</div>';
require_once ('../inc/foot.php');
exit();
}
$cat = mysql_fetch_array($query);
// Заголовки
$title = 'Редактирование статьи ';
require_once ('../inc/head.php');
#################################
$category = mysql_query("SELECT * FROM `article` WHERE `type` = '1'");
echo '<div class="title">Редактирование статьи</div>';
if (isset($_POST['submit'])) {
if (empty($_POST['name'])) {
$error = "Вы не ввели название статьи<br/>";
}
if (empty($_POST['text'])) {
$error .= "Вы не ввели текст статьи<br/>";
}
if ($error) {
echo '<div class="link"><div class="error">'.$error.'</div></div>';
echo '<div class="bar"><a href="edit_article.php?id='.$id.'">Еще раз</a></div>';
require_once ('../inc/foot.php');
exit();
}
if (!empty ($_POST['announce'])) {
$announc = trim($_POST['announce']);
$announce = mb_substr($announc, 0, 255);
}
else {
$announce = mb_substr($text, 0, 255);
}
$name = htmlspecialchars(trim($_POST['name']));
$text = trim($_POST['text']);
# Обработка редактирования статьи #
if (intval($_POST['cat']) != $cat['id_cat']){
$dirid1 = $cat['id_cat'];
$sql1 = '';
while ($dirid1 != '0' && $dirid1 != "") {
$res_down1 = mysql_fetch_assoc(mysql_query("SELECT `id_cat` FROM `article` WHERE `type` = 1 AND `id` = '$dirid1' LIMIT 1"));
if ($i1)
$sql1 .= ' OR ';
$sql1 .= '`id` = \'' . $dirid1 . '\'';
$dirid1 = $res_down1['id_cat'];
++$i1;
}
mysql_query("UPDATE `article` SET `count`= `count`-1 WHERE $sql1");
$dirid = intval($_POST['cat']);
$sql = '';
while ($dirid != '0' && $dirid != "") {
$res_down = mysql_fetch_assoc(mysql_query("SELECT `id_cat` FROM `article` WHERE `type` = 1 AND `id` = '$dirid' LIMIT 1"));
if ($i)
$sql .= ' OR ';
$sql .= '`id` = \'' . $dirid . '\'';
$dirid = $res_down['id_cat'];
++$i;
}
mysql_query("UPDATE `article` SET `count`= `count`+1 WHERE $sql");
}
mysql_query("UPDATE `article` SET
`name`='" .mysql_real_escape_string($name). "',
`who`='".$level."',
`announce` = '".mysql_real_escape_string($announce)."',
`id_cat` = '".mysql_real_escape_string(intval($_POST['cat']))."',
`text`='" .mysql_real_escape_string($text). "'
WHERE `id`='" .$id. "';");
header('Location: '.$home.'/article.php?id='.$id.'');
} else {
$t = htmlentities($cat['text'], ENT_QUOTES, 'UTF-8');
echo '<div class="link"><form action="edit_article.php?id=' . $id . '" method="post">';
echo 'Название статьи(max 255):<br/><input type="text" name="name" value ="'.$cat['name'].'"/><br/>';
echo 'Описание статьи(max. 255):<br/><input type="text" name="announce" value="'.htmlentities($cat['announce'], ENT_QUOTES, 'UTF-8').'"/><br/>';
echo '*Текст статьи:<br/><textarea rows="5" name="text">' . $t .'</textarea><br/>';
echo '<select name="cat">';
while ($c = mysql_fetch_array($category)) {
if ($cat['id_cat'] == $c['id']) echo '<option value="'.$c['id'].'" selected>'.$c['name'].'</option>';
else echo '<option value="'.$c['id'].'">'.$c['name'].'</option>';
}
echo '</select>';
echo '<input type="submit" name="submit" value="Изменить"/></form></div>';
}
echo '<div class="bar"><a href="'.$home.'/article.php?id='.$id.'">Назад</a></div>';
echo '<div class="func"><a href="'.$home.'">Главная</a></div>';
require_once ('../inc/foot.php');
?>