Просмотр файла bolcms-3.0.1./panel/loads.php

Размер файла: 9.04Kb
<?php
/*
*Manag-Develop BolCmS-Suptesat
*Syte- bolcms.cf
*/
$title = 'Админка';
require("../system/core.php");
if($_SESSION['id'] != '1'){header("location: ../"); exit();}


switch($_GET['act']){

default:

echo '<div class="phdr">' .$lng ['loads'] . ' </div><div class="bmenu">';

$result = mysql_query("SELECT * FROM `loads_cats`");
$row = mysql_fetch_assoc($result);

if($row > 0){
 do
 {
printf('<a href="?act=cat_view&amp;id=%s">%s</a> (<a href="?act=cat_edit&amp;id=%s">' .$lng ['edit'] . ' </a>/<a href="?act=cat_del&amp;id=%s">' .$lng ['del'] . ' </a>)<br/>', $row['id'], $row['name'], $row['id'], $row['id']);
 }
 while($row = mysql_fetch_assoc($result));
}else{
echo '' .$lng ['fno'] . ' <br/>';
}

echo '<br/><form action="?act=cat_added" method="post" name="form">';
echo '<input name="name" type="text" maxlength="50"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['adtd'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="./index.php">' .$lng ['admin'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';

break;

case 'cat_added':

if(!empty($_POST['name'])){
 $name = sec($_POST['name']);
 
 mysql_query("INSERT INTO `loads_cats`(`name`) VALUES('$name')");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['edtd'] . ' !</div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;

case 'cat_edit':

$id = intval($_REQUEST['id']);

$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads_cats` WHERE `id` = '$id'"));

echo '<div class="phdr">' .$lng ['editraz'] . ' </div><div class="bmenu">';
echo '<form action="?act=cat_edited&amp;id='.$id.'" method="post" name="form">';
echo '' .$lng ['natrl'] . ' :<br/><input name="name" type="text" maxlength="50" value="'.$row['name'].'" /><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['edit'] . ' " /></form></div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';

break;

case 'cat_edited':

$id = intval($_REQUEST['id']);

if(!empty($_POST['name'])){
 $name = sec($_POST['name']);
 
 mysql_query("UPDATE `loads_cats` SET `name` = '$name' WHERE `id` = '$id'");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['edtd'] . ' </div>';
echo '<div class="phdr"><a href="loads.php?act=cat_edit&amp;id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;

case 'cat_del':

$id = intval($_REQUEST['id']);

$result = mysql_query("DELETE FROM `loads_cats` WHERE `id` = '$id'");
if($result == true){
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">ERROR</div><div class="rmenu">' .$lng ['vvv'] . ' </div>';
echo '<div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;

case 'cat_view':

$id = intval($_REQUEST['id']);

// вывод названия раздела
$cat = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads_cats` WHERE `id` = '$id'"));
echo '<div class="phdr">'.$cat['name'].'</div><div class="bmenu">';

// вывод файлов
$result = mysql_query("SELECT * FROM `loads` WHERE `id_cat` = '$id' ORDER BY `time` DESC");
$row = mysql_fetch_assoc($result);

if($row > 0){
 do
 {
printf('<a href="../loads/index.php?act=file_view&amp;id=%s">%s</a> (<a href="?act=file_edit&amp;&amp;cat=%s&amp;id=%s">' .$lng ['edit'] . ' </a>/<a href="?act=file_del&amp;cat=%s&amp;id=%s">' .$lng ['del'] . ' </a>)<br/>', $row['id'], $row['name'], $id, $row['id'], $id, $row['id']);
 }
 while($row = mysql_fetch_assoc($result));
}else{
echo '' .$lng ['fno'] . ' <br/>';
}

echo '<br/><a href="loads.php?act=file_add&amp;id='.$id.'" class="button">' .$lng ['adf'] . ' </a></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';

break;

case 'file_add':

$id = intval($_REQUEST['id']);

echo '<div class="phdr">' .$lng ['adf'] . ' </div><div class="menu">';
echo '<form action="?act=file_added&amp;id='.$id.'" method="post" enctype="multipart/form-data" name="form">';
echo '' .$lng ['natrl'] . ' :*<br/><input name="name" type="text" maxlength="50"><br/>';
echo '' .$lng ['opt'] . ' :*<br/><textarea name="desc" rows="5"></textarea><br/>';
echo '' .$lng ['gve'] . ' :<br/><input name="authour" type="text" maxlength="50"><br/>';
echo '' .$lng ['reper'] . ' :<br/><input name="site" type="text" maxlength="50"><br/>';
echo '' .$lng ['vendor'] . ' :*<br/><input name="file" type="file"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['adf'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&amp;id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';

break;


case 'file_added':

$id = intval($_REQUEST['id']);

if(!empty($_POST['name']) && !empty($_POST['desc']) && !empty($_FILES['file'])){
 $name = sec($_POST['name']);
 $desc = sec($_POST['desc']);
 $authour = sec($_POST['authour']);
 $site = sec($_POST['site']);
 $file = sec($_FILES['file']['name']);
 
 mysql_query("INSERT INTO `loads`(`id_cat`, `name`, `desc`, `authour`, `site`, `file`, `time`) VALUES('$id', '$name', '$desc', '$authour', '$site', '$file', '".time()."')") or die(mysql_error());
 copy($_FILES['file']['tmp_name'], '../loads/files/'.$file);
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&amp;id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['laba'] . ' </div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=file_add&amp;id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;

case 'file_edit':

$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);

$file = mysql_fetch_assoc(mysql_query("SELECT * FROM `loads` WHERE `id` = '$id'"));

echo '<div class="phdr">' .$lng ['edir'] . ' </div><div class="rmenu">';
echo '<form action="?act=file_edited&amp;cat='.$cat.'&amp;id='.$id.'" method="post" name="form">';
echo '' .$lng ['natrl'] . ' :*<br/><input name="name" type="text" maxlength="50" value="'.$file['name'].'"><br/>';
echo '' .$lng ['opt'] . ' :*<br/><textarea name="desc" rows="5">'.$file['desc'].'</textarea><br/>';
echo '' .$lng ['gve'] . ' :<br/><input name="authour" type="text" maxlength="50" value="'.$file['authour'].'"><br/>';
echo '' .$lng ['reper'] . ' :<br/><input name="site" type="text" maxlength="50" value="'.$file['site'].'"><br/>';
echo '<input name="submit" type="submit" value="' .$lng ['edit'] . ' "></form></div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&amp;id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';

break;

case 'file_edited':

$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);

if(!empty($_POST['name']) && !empty($_POST['desc'])){
 $name = sec($_POST['name']);
 $desc = sec($_POST['desc']);
 $authour = sec($_POST['authour']);
 $site = sec($_POST['site']);
 
 mysql_query("UPDATE `loads` SET `name` = '$name', `desc` = '$desc', `authour` = '$authour', `site` = '$site' WHERE `id` = '$id'");
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="menu">' .$lng ['vlv'] . ' </div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php?act=cat_view&amp;id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}else{
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['laba'] . ' </div>';
echo '<div class="phdr"></div><div class="bmenu"><a href="loads.php?act=file_edit&amp;cat='.$cat.'&amp;id='.$id.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;


case 'file_del':

$cat = intval($_REQUEST['cat']);
$id = intval($_REQUEST['id']);

$result = mysql_query("DELETE FROM `loads` WHERE `id` = '$id'") or die(mysql_error());
if($result == true){
echo '<div class="phdr">' .$lng ['inf'] . ' </div><div class="rmenu">' .$lng ['vlv'] . ' !</div>';
echo '<div class="phdr"></div><div class="phdr"><a href="loads.php?act=cat_view&amp;id='.$cat.'">' .$lng ['nd'] . ' </a><br/><a href="../">' .$lng ['niz'] . ' </a></div>';
}

break;

}

require("../system/end.php");
?>