<?php
/**********************************************/
/* Автор скрипта: Александр Есин */
/* E-Mail: [email protected] ([email protected]) */
/* ICQ: 6464729 */
/* Site: http://ticlove.ru */
/**********************************************/
?>
<?php if (!defined('SECURED')) die("SORRY! Unknown Error!"); ?>
<?php
$mode = isset($_GET['mode']) ? $_GET['mode'] : NULL;
switch($mode) {
case 'open':
?>
<?php
if (!isset($_SESSION['page_news'])) $_SESSION['page_news'] = 10;
if (isset($_POST['act_news']))
{
$page_news = intval($_POST['page_news']);
if ($page_news < 5 or $page_news > 50) $page_news = 10;
$_SESSION['page_news'] = $page_news;
}
?>
<?php
$col = $_SESSION['page_news'];
if (isset($_GET['start'])) $start = abs(intval($_GET['start']));
else $start = 0;
$count_p = mysql_result(mysql_query("SELECT COUNT(*) FROM `q_news`;"), 0);
if ($count_p > 0) {
if ($start >= $count_p) $start = 0;
$q = mysql_query("SELECT * FROM `q_news` ORDER BY `id_news` DESC LIMIT ".$start.", ".$col);
?>
<h3>Просмотр новостей</h3>
<div style="padding: 5px 0;">
Всего новостей: <strong><?php echo $count_p; ?></strong>
</div>
<div style="padding: 10px 0;">
<form action="apanel.php?page=news&mode=open" method="post">
<input type="hidden" name="act_news" value="1" />
Сколько новостей выводить на странице:
<select class="select" name="page_news">
<?php for ($i = 0; $i < 10; $i++) {
$arr = array('5', '10', '15', '20', '25', '30', '35', '40', '45', '50');
echo '<option value="'.$arr[$i].'" '.($_SESSION['page_news'] == $arr[$i] ? 'selected="selected"' : '').'>'.$arr[$i].'</option>';
}
?>
</select>
<input class="submit_green" type="submit" value="Применить" />
</form>
</div>
<table width="100%" cellspacing="1" cellpadding="0">
<tr>
<td class="td_users">Заголовок новости</td>
<td class="td_users">Комментарии</td>
<td class="td_users">Дата</td>
<td class="td_users">Действие</td>
</tr>
<?php $i = 1; ?>
<?php while ($array = mysql_fetch_array($q)) { ?>
<?php
if ($i == 1) $bg_td = 'td_users_cont_w';
else { $bg_td = 'td_users_cont_t'; $i = 0; }
?>
<tr>
<td class="<?php echo $bg_td; ?>"><?php echo htmlspecialchars($array['title'], ENT_QUOTES); ?></td>
<td class="<?php echo $bg_td; ?>"><?php echo ($array['comments'] > 0 ? '<a href="'.$_SERVER['PHP_SELF'].'?page=news&mode=comments&news_id='.$array['id_news'].'">'.$array['comments'].'</a>' : $array['comments']); ?></td>
<td class="<?php echo $bg_td; ?>"><?php echo htmlspecialchars($array['date'], ENT_QUOTES); ?></td>
<td class="<?php echo $bg_td; ?>"><a class="green" href="<?php echo $_SERVER['PHP_SELF']; ?>?page=news&mode=edit&news_id=<?php echo $array['id_news']; ?>">ред.</a> / <a class="red" href="javascript:void(0)" onclick="javascript:news_delete('<?php echo $array['id_news']; ?>')">удалить</a></td>
</tr>
<?php $i++; ?>
<?php } ?>
</table>
<?php function_page($_SERVER['PHP_SELF'].'?page=news&mode=open&', $col, $start, $count_p); ?>
<script type="text/javascript">
function news_delete(nid) {
$.arcticmodal({
type: 'ajax',
url: 'moduls/news_delete.php',
ajax: {
type: 'POST',
data: { auth_admin: <?php echo $_SESSION['auth_admin']; ?>, nid: nid },
dataType: 'html',
success: function(data, el, responce) {
var h = $(responce);
$('B', h).html(responce.title);
$('P:last', h).html(responce.text);
data.body.html(h);
}
}
});
}
</script>
<?php } else { ?>
<div style="padding-top: 10px; font-size: 16px; text-align : center;">Новостей нет</div>
<?php } ?>
<?php
break;
case 'comments':
$news_id = intval($_GET['news_id']);
$sql = mysql_query("SELECT * FROM `q_news` WHERE `id_news` = '".$news_id."' LIMIT 1;");
if (mysql_num_rows($sql) == 0)
{
?>
<script type="text/javascript">
location="apanel.php";
</script>
<?php
exit;
} else {
?>
<?php $array = mysql_fetch_array($sql); ?>
<div style="font-size: 20px; font-family: Georgia; font-style: italic;"><?php echo htmlspecialchars($array['title'], ENT_QUOTES); ?></div>
<div style="color: #8000e6; font-size: 12px;">[<?php echo htmlspecialchars($array['date'], ENT_QUOTES); ?>]</div>
<div style="padding: 0 15px;"><?php echo nl2br(function_smile(htmlspecialchars($array['news'], ENT_QUOTES))); ?></div>
<div>
<?php $cool_all = mysql_result(mysql_query("SELECT COUNT(*) FROM `q_news_class` WHERE `id_news` = '".$array['id_news']."';"), 0); ?>
<div class="brnews">
<span class="comm_img"></span> Комментариев: <?php echo $array['comments']; ?>
<span class="class_img"></span> <?php echo $cool_all; ?>
</div>
</div>
<?php
$col = COMMENTS_PAGE;
if (isset($_GET['start'])) $start = abs(intval($_GET['start']));
else $start = 0;
$count_p = mysql_result(mysql_query("SELECT COUNT(*) FROM `q_news_comm` WHERE `id_news` = '".$news_id."';"), 0);
if ($count_p > 0) {
echo '<div style="margin: 20px 0 5px 0; font-size: 16px; color: #ff6633; font-weight: bold;">Комментарии ('.$count_p.'):</div>';
if ($start >= $count_p) $start = 0;
$q = mysql_query("SELECT * FROM `q_news_comm` INNER JOIN `q_users` ON `q_users`.`id_user` = `q_news_comm`.`id_user` WHERE `q_news_comm`.`id_news` = '".$news_id."' ORDER BY `q_news_comm`.`id_news_comm` DESC LIMIT ".$start.", ".$col);
$i = 1;
?>
<table cellspacing="0" cellpadding="0" width="100%">
<?php while ($array = mysql_fetch_array($q)) { ?>
<tr>
<td width="80%" align="left">
<table width="100%" cellspacing="5" cellpadding="0">
<tr>
<td width="50">
<strong>ID: <?php echo $array['id_news_comm']; ?></strong>
</td>
<td width="60" valign="top">
<a href="user.php?id=<?php echo $array['id_user']; ?>">
<?php if (!empty($array['avatar'])) { ?>
<img src="../<?php echo DIR_PHOTOS; ?>/<?php echo $array['id_user']; ?>/<?php echo $array['avatar']; ?>" alt="" />
<?php } else { ?>
<img src="../images/no_photo_small.png" alt="" />
<?php } ?>
</a>
</td>
<td valign="top">
<a href="/user.php?id=<?php echo $array['id_user']; ?>"><?php echo htmlspecialchars($array['name'], ENT_QUOTES); ?></a>, <span class="vozrast"><?php echo function_vozrast_n($array['god'].'-'.$array['mes'].'-'.$array['day']); ?></span>
<?php if (function_online($array['online']) == TRUE) { ?>
<img src="../images/on.gif" alt="Онлайн" title="Онлайн" />
<?php } ?>
<br/>
<span class="city"><?php echo htmlspecialchars($array['city'], ENT_QUOTES); ?>, <?php echo htmlspecialchars($array['country'], ENT_QUOTES); ?></span><br/>
<span style="font-size: 11px; color: #069de5;">Написал<?php echo ($array['pol'] == 1 ? '' : 'а'); ?> <?php echo function_vizit($array['date_comm']); ?></span><br/>
<?php echo nl2br(function_smile(htmlspecialchars(function_bigword($array['comments'], 45), ENT_QUOTES))); ?>
</td>
</tr>
</table>
</td>
<td width="20%" align="right">
<a class="red" href="javascript:void(0)" onclick="javascript:news_comments_delete('<?php echo $array['id_news_comm']; ?>')">[удалить]</a>
</td>
</tr>
<tr>
<td colspan="2">
<?php
if ($i <> $col) {
?>
<div style="margin: 10px 0; border-top: 5px dotted #eee; font-size: 16px; color: #ff6633; width: 100%;"></div>
<?php } ?>
<?php $i++; ?>
<?php } ?>
</td>
</tr>
</table>
<script type="text/javascript">
function news_comments_delete(cid) {
$.arcticmodal({
type: 'ajax',
url: 'moduls/news_comments_delete.php',
ajax: {
type: 'POST',
data: { auth_admin: <?php echo $_SESSION['auth_admin']; ?>, cid: cid },
dataType: 'html',
success: function(data, el, responce) {
var h = $(responce);
$('B', h).html(responce.title);
$('P:last', h).html(responce.text);
data.body.html(h);
}
}
});
}
</script>
<?php
function_page($_SERVER['PHP_SELF'].'?page=news&mode=comments&news_id='.$news_id.'&', $col, $start, $count_p);
} else echo '<div style="font-size: 18px; text-align: center; padding: 30px 0;">К данной новости комментариев нет</div>';
?>
<div style="padding-top: 10px;"><a href="apanel.php?page=news&mode=open">Все новости</a></div>
<?php
}
break;
case 'edit':
$news_id = intval($_GET['news_id']);
$sql = mysql_query("SELECT * FROM `q_news` WHERE `id_news` = '".$news_id."' LIMIT 1;");
if (mysql_num_rows($sql) == 0)
{
?>
<script type="text/javascript">
location="apanel.php";
</script>
<?php
exit;
} else {
?>
<?php $array = mysql_fetch_array($sql); ?>
<?php
if (isset($_POST['action']))
{
$news_date = trim($_POST['news_date']);
$news_title = trim($_POST['news_title']);
$news_msg = trim($_POST['news_msg']);
$date_explode = explode('-', $news_date);
if (strlen($date_explode[0]) <> 2 or !preg_match("|^[0-9]+$|", $date_explode[0])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (strlen($date_explode[1]) <> 2 or !preg_match("|^[0-9]+$|", $date_explode[1])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (strlen($date_explode[2]) <> 4 or !preg_match("|^[0-9]+$|", $date_explode[2])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (empty($news_title)) echo '<div style="text-align: center; color: #ff0000;">Введите заголовок новости</div>';
else if (strlen(iconv('utf-8', 'windows-1251', $news_title)) > 200) echo '<div style="text-align: center; color: #ff0000;">В заголовке разрешено не более 200 символов!</div>';
else if (empty($news_msg)) echo '<div style="text-align: center; color: #ff0000;">Введите содержание новости</div>';
else if (strlen(iconv('utf-8', 'windows-1251', $news_msg)) > 10000) echo '<div style="text-align: center; color: #ff0000;">В содержании разрешено не более 10000 символов!</div>';
else
{
if (mysql_query("UPDATE `q_news` SET `title` = '".function_sql($news_title)."', `news` = '".function_sql($news_msg)."', `date` = '".function_sql($news_date)."' WHERE `id_news` = '".$news_id."';")) echo '<div style="text-align: center; color: #009900;">Изменения сохранены!</div>';
}
}
?>
<h3>Добавление новости</h3>
<form action="apanel.php?page=news&mode=edit&news_id=<?php echo $news_id; ?>" method="post" name="forma">
<input type="hidden" name="action" value="1" />
<div style="padding-top: 10px;">
<div class="left" style="padding-top: 2px; width: 120px;">Дата:</div>
<div class="left"><input class="input" type="text" name="news_date" maxlength="10" value="<?php echo (isset($_POST['news_date']) ? htmlspecialchars($_POST['news_date'], ENT_QUOTES) : htmlspecialchars($array['date'], ENT_QUOTES)); ?>" size="10" /></div>
<div class="clear"></div>
</div>
<div style="padding-top: 10px;">
<div class="left" style="padding-top: 2px; width: 120px;">Заголовок:</div>
<div class="left"><input class="input" type="text" name="news_title" maxlength="200" value="<?php echo (isset($_POST['news_title']) ? htmlspecialchars($_POST['news_title'], ENT_QUOTES) : htmlspecialchars($array['title'], ENT_QUOTES)); ?>" size="70" /></div>
<div class="clear"></div>
</div>
<div style="padding-top: 10px;">
<div>Содержание:</div>
<div>
<script type="text/javascript">
var ie=document.all?1:0;
var ns=document.getElementById&&!document.all?1:0;
function InsertSmile(SmileId)
{
if(ie)
{
document.all.news_msg.focus();
document.all.news_msg.value+=" "+SmileId+" ";
}
else if(ns)
{
document.forms['forma'].elements['news_msg'].focus();
document.forms['forma'].elements['news_msg'].value+=" "+SmileId+" ";
}
else alert("Ваш браузер не поддерживается!");
}
</script>
<script type="text/javascript">
function smiles() {
$(document).ready(function() {
$.arcticmodal({
type: 'ajax',
url: 'moduls/smiles.php',
ajax: {
type: 'POST',
data: { auth_admin: <?php echo $_SESSION['auth_admin']; ?> },
dataType: 'html',
success: function(data, el, responce) {
var h = $(responce);
$('B', h).html(responce.title);
$('P:last', h).html(responce.text);
data.body.html(h);
}
}
});
});
}
jQuery.fn.maxlength = function(options) {
var settings = jQuery.extend({
maxChars: 10000, // максимальное колличество символов
leftChars: "символов" // текст в конце строки информера
}, options);
return this.each(function() {
var me = $(this);
var l = settings.maxChars;
me.bind('keydown keypress keyup',function(e) {
if(me.val().length>settings.maxChars) me.val(me.val().substr(0,settings.maxChars));
l = settings.maxChars - me.val().length;
me.next('span').html(l + ' ' + settings.leftChars);
});
me.after('Осталось <span class="maxlen">' + settings.maxChars + ' ' + settings.leftChars + '</span>');
});
};
</script>
<script type="text/javascript">
$(document).ready(function(){
$("#news_msg").maxlength();
});
</script>
<textarea class="textarea" id="news_msg" name="news_msg" style="width: 720px; max-width: 720px; min-width: 720px; height: 400px; padding: 3px;"><?php echo (isset($_POST['news_msg']) ? htmlspecialchars($_POST['news_msg'], ENT_QUOTES) : htmlspecialchars($array['news'], ENT_QUOTES)); ?></textarea>
</div>
</div>
<div style="padding-top: 10px;">
<input class="submit" type="submit" value="Отправить" /> <input class="submit_green" type="submit" onclick="javascript:smiles(); return false;" value="Смайлики" />
</div>
</form>
<?php
}
break;
default:
if (isset($_POST['action']))
{
$news_date = trim($_POST['news_date']);
$news_title = trim($_POST['news_title']);
$news_msg = trim($_POST['news_msg']);
$date_explode = explode('-', $news_date);
if (strlen($date_explode[0]) <> 2 or !preg_match("|^[0-9]+$|", $date_explode[0])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (strlen($date_explode[1]) <> 2 or !preg_match("|^[0-9]+$|", $date_explode[1])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (strlen($date_explode[2]) <> 4 or !preg_match("|^[0-9]+$|", $date_explode[2])) echo '<div style="text-align: center; color: #ff0000;">Неверный формат даты! Пример дд-мм-гггг</div>';
else if (empty($news_title)) echo '<div style="text-align: center; color: #ff0000;">Введите заголовок новости</div>';
else if (strlen(iconv('utf-8', 'windows-1251', $news_title)) > 200) echo '<div style="text-align: center; color: #ff0000;">В заголовке разрешено не более 200 символов!</div>';
else if (empty($news_msg)) echo '<div style="text-align: center; color: #ff0000;">Введите содержание новости</div>';
else if (strlen(iconv('utf-8', 'windows-1251', $news_msg)) > 10000) echo '<div style="text-align: center; color: #ff0000;">В содержании разрешено не более 10000 символов!</div>';
else
{
if (mysql_query("INSERT INTO `q_news` (`title`, `news`, `date`) VALUES ('".function_sql($news_title)."', '".function_sql($news_msg)."', '".function_sql($news_date)."');")) echo '<div style="text-align: center; color: #009900;">Новость добавлена</div>';
}
}
?>
<h3>Добавление новости</h3>
<form action="apanel.php?page=news" method="post" name="forma">
<input type="hidden" name="action" value="1" />
<div style="padding-top: 10px;">
<div class="left" style="padding-top: 2px; width: 120px;">Дата:</div>
<div class="left"><input class="input" type="text" name="news_date" maxlength="10" value="<?php echo (isset($_POST['news_date']) ? htmlspecialchars($_POST['news_date'], ENT_QUOTES) : date('d-m-Y')); ?>" size="10" /></div>
<div class="clear"></div>
</div>
<div style="padding-top: 10px;">
<div class="left" style="padding-top: 2px; width: 120px;">Заголовок:</div>
<div class="left"><input class="input" type="text" name="news_title" maxlength="200" value="<?php echo (isset($_POST['news_title']) ? htmlspecialchars($_POST['news_title'], ENT_QUOTES) : ''); ?>" size="70" /></div>
<div class="clear"></div>
</div>
<div style="padding-top: 10px;">
<div>Содержание:</div>
<div>
<script type="text/javascript">
var ie=document.all?1:0;
var ns=document.getElementById&&!document.all?1:0;
function InsertSmile(SmileId)
{
if(ie)
{
document.all.news_msg.focus();
document.all.news_msg.value+=" "+SmileId+" ";
}
else if(ns)
{
document.forms['forma'].elements['news_msg'].focus();
document.forms['forma'].elements['news_msg'].value+=" "+SmileId+" ";
}
else alert("Ваш браузер не поддерживается!");
}
</script>
<script type="text/javascript">
function smiles() {
$(document).ready(function() {
$.arcticmodal({
type: 'ajax',
url: 'moduls/smiles.php',
ajax: {
type: 'POST',
data: { auth_admin: <?php echo $_SESSION['auth_admin']; ?> },
dataType: 'html',
success: function(data, el, responce) {
var h = $(responce);
$('B', h).html(responce.title);
$('P:last', h).html(responce.text);
data.body.html(h);
}
}
});
});
}
jQuery.fn.maxlength = function(options) {
var settings = jQuery.extend({
maxChars: 10000, // максимальное колличество символов
leftChars: "символов" // текст в конце строки информера
}, options);
return this.each(function() {
var me = $(this);
var l = settings.maxChars;
me.bind('keydown keypress keyup',function(e) {
if(me.val().length>settings.maxChars) me.val(me.val().substr(0,settings.maxChars));
l = settings.maxChars - me.val().length;
me.next('span').html(l + ' ' + settings.leftChars);
});
me.after('Осталось <span class="maxlen">' + settings.maxChars + ' ' + settings.leftChars + '</span>');
});
};
</script>
<script type="text/javascript">
$(document).ready(function(){
$("#news_msg").maxlength();
});
</script>
<textarea class="textarea" id="news_msg" name="news_msg" style="width: 720px; max-width: 720px; min-width: 720px; height: 400px; padding: 3px;"><?php echo (isset($_POST['news_msg']) ? htmlspecialchars($_POST['news_msg'], ENT_QUOTES) : ''); ?></textarea>
</div>
</div>
<div style="padding-top: 10px;">
<input class="submit" type="submit" value="Отправить" /> <input class="submit_green" type="submit" onclick="javascript:smiles(); return false;" value="Смайлики" />
</div>
</form>
<?php
break;
}