File size: 20.04Kb
<?php
include("minicms/lang.inc.php");
include("minicms/config.php");
include("minicms/config_bd.php");
Error_Reporting(E_ALL & ~E_NOTICE); /////////////// èãíîðèðóåì îøèáêè
header("Content-type:text/vnd.wap.wml;charset=utf-8"); //////// òèï è êîäèðîâêà äîêóìåíòà
print "<?xml version=\"1.0\" encoding=\"utf-8\"?>
<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.2//EN\" \"http://www.wapforum.org/DTD/wml12.dtd\">
<wml><card id=\"mas\" title=\"AdminPL\"><p>";
///////////// âûâîäèì âìë çàãîëîâîê
$par=trim($par);
$adpar=trim($adpar);
if($par!=$adpar) {print"Вы не ввели пароль, либо вы ввели неверный пароль.
<br/>";}
////////////////////МОДУЛИ////////////////////////////////////////////////////////////////////////////
else{
if($st=="moduli"){
echo "<img src=\"stl/mod_cms.png\" alt=\"Admin\"/><br/><br/>";
print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=guest&par=$par\">Гостевая Книга</a><br/>";
print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=news&par=$par\">Новости</a><br/>";
///print"<img src=\"stl/icon07.gif\" alt=\"*\"/><a href=\"moduli.php?st=links&par=$par\">Ссылки</a><br/>";
}
/////////////////////////////////LINKS//////////////////////////////////////////////////////////////
if($st=="links"){echo "Ссылки<br/>";
// List existing link titles
print "<a href=\"moduli.php?st=linksAND&par=$par\">Add Ссылку</a><br/>";
echo '-----<br/>';
$query = "SELECT * FROM wps_links ORDER BY ordering";
$result = mysql_query($query);
// Use mysql_fetch_row to display links
for ($count = 1; $row = mysql_fetch_row ($result); ++$count)
{
print ">> $row[2] <a href=\"moduli.php?st=linksED&par=$par&linkid=$row[0]\">$row[2]</a><br/>";
}
}
////////......
if($st=="linksED"){echo "EDIT Ссылку<br/>";
if (isset($linkid)) {
$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
$result = mysql_query($query);
$row = mysql_fetch_row($result);}
?>
Имя:<br/>
<input type="text" name="linktitle" value="<? if (isset($linkid)) { echo $row[2]; } ?>" />
<br/>
URL без http://:<br/>
<input type="text" name="linkcontent" value="<? if (isset($linkid)) { echo $row[3]; } ?>"/><br/>
<?
$query = "SELECT * FROM wps_links";
$result = mysql_query($query);
for ($num=1; $row = mysql_fetch_row ($result); ++$num) {
}
echo 'Место:<br/>';
echo '<select name="linkorder">';
if (isset($linkid)) {
$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
$result = mysql_query($query);
$row = mysql_fetch_row ($result);
for ($count=1; $count <> $num; ++$count) {
if ($row[1] == $count) {
print " <option>$count</option>";
} else {
print " <option>$count</option>";
}
}
} else {
for ($count=1; $count <> $num; ++$count) {
print " <option>$count</option>";
}
print " <option>$count</option>";
}
echo '</select><br/><br/>';
if (isset($linkid)) {echo'
<anchor>EDIT
<go href="moduli.php?st=linksED2&par=$par&link_id='.$linkid.'" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<anchor>DELT
<go href="moduli.php?st=linksDL&par=$par&del_id='.$linkid.'" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<br/><br/>
<do label="EDIT" type="accept">
<go href="moduli.php?st=llinksED2&par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</do><br/>
';}
}
/////.......
if($st=="linksDL"){echo "Ссылка Удалина<br/>";
$query = "DELETE FROM `wps_links` WHERE `id` = '".$del_id."' LIMIT 1";
$result = mysql_query($query);
if (!$result) echo mysql_error();
else
{
print ('УДАЛИНО!!<br/><do type="prev" label="НАЗАД"><prev/></do>');
echo "</p>";
echo "</card></wml>";
}
}
////........
if($st=="linksED2"){echo "EDIT Ссылку<br/>";
$query = "UPDATE wps_links SET ordering = '".$linkorder."', linktext = '".$linktitle."', link = '".$linkcontent."', published = '".$published."' WHERE id = '".$link_id."'";
if (!$query) echo 'Error '.mysql_error();
$result = mysql_query($query);
if ($result)
{
echo "Ссылка изменина";
echo "</p>";
echo "</card></wml>";
exit;
}
else
{
echo "Error!<br/>";
echo mysql_error();
}
}
////////.......
if($st=="linksAND"){echo "AND Ссылку<br/>";
echo '
Имя:<br/>
<input type="text" name="linktitle"/>
<br/>
URL без http://:<br/>
<input type="text" name="linkcontent"/><br/>';
$query = "SELECT * FROM wps_links";
$result = mysql_query($query);
for ($num=1; $row = mysql_fetch_row ($result); ++$num) {
}
echo 'Место:<br/>';
echo '<select name="linkorder">';
if (isset($linkid)) {
$query = "SELECT * FROM wps_links WHERE id = '$linkid'";
$result = mysql_query($query);
$row = mysql_fetch_row ($result);
for ($count=1; $count <> $num; ++$count) {
if ($row[1] == $count) {
print " <option>$count</option>";
} else {
print " <option>$count</option>";
}
}
} else {
for ($count=1; $count <> $num; ++$count) {
print " <option>$count</option>";
}
print " <option>$count</option>";
}
echo '</select><br/><br/>
<anchor>Добавить
<go href="moduli.php?st=linksAND2&par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</anchor>
<br/><br/>
<do label="Добавить" type="accept">
<go href="moduli.php?st=linksAND2&par=$par" method="post">
<postfield name="linktitle" value="$(linktitle)"/>
<postfield name="linkcontent" value="$(linkcontent)"/>
<postfield name="linkorder" value="$(linkorder)"/>
</go>
</do>
';
}
if($st=="linksAND2"){echo "AND Ссылку<br/>";
$linktitle = htmlspecialchars($linktitle);
$linkcontent = htmlspecialchars($linkcontent);
$linkorde = htmlspecialchars($linkorde);
$query = "INSERT INTO wps_links VALUES ( '', '$linkorder', '$linktitle', '$linkcontent', '$published')
";
if (!$query) echo 'Error '.mysql_error();
$result = mysql_query($query);
if ($result)
{
echo "Ссылка Добавлена!!";
echo "</p>";
echo "</card></wml>";
exit;
}
else
{
echo "Error!<br/>";
echo mysql_error();
}
}
///////////////////////GOSTEVAZ/////////////////////////////////////////////////////////////////////
if($st=="guest"){echo "Гостевая Книга<br/>";
if (empty($page)) $page = 0;
if ($page < 0) $page = 0;
$count_query = 'select count(*) from `guestbook` where 1 ;';
$total_mess = mysql_query ($count_query);
$total_count = mysql_fetch_array ($total_mess);
$count = $total_count ['count(*)'];
if ($count == 0)
{
print ('Извените но в гостевой книге нет сообщений').'<br/>';
exit;
}
print ('Всего сообщений: ').$count.'<br/>';
$query = "SELECT * FROM `guestbook` ORDER BY `date` DESC LIMIT ".$page." , ".$max_mess.";";
if (!$query) echo mysql_error();
$result = mysql_query($query);
if (!$result) echo mysql_error();
while($otvet = mysql_fetch_array($result))
{
print '........<br/>';
print_r(('Дата: ').$id = $otvet ['date']);
print '<br/>';
print_r(('Имя:<u> ').($id = $otvet ['name']).'</u>');
print_r((':<i> ').($id = $otvet ['message']).'</i>');
if($id = $otvet ['email']!=""){print" <br/>e-mail: <a href=\"mailto:".($id = $otvet ['email'])."\">".($id = $otvet ['email'])."</a>";}
if($id = $otvet ['sait']!="") {print"<br/> Сайт: <a href=\"".($id = $otvet ['sait'])."\">".($id = $otvet ['sait'])."</a><br/>";}
print ' I<a href="moduli.php?st=guestdl&par=$par&id_mess='.$id = $otvet ['message'].'">Удалить</a>I<br/><br/>';
print 'Ответ :
<input type="text" name="otvet"/>
<anchor>Ok
<go href="moduli.php?st=guestOTVF&par=$par&id_mess='.$id = $otvet ['message'].'" method="post">
<postfield name="otvet" value="$(otvet)"/>
</go>
</anchor>
<do label="Ok" type="accept">
<go href="moduli.php?st=guestOTVF&par=$par&id_mess='.$id = $otvet ['message'].'">
<postfield name="name" value="$(name)"/>
<postfield name="mess" value="$(mess)"/>
</go>
</do>';
print '<br/>........<br/>';
}
}
//////////////////////DLGUS//////////////////////////////////////////////////////////////////////////
if($st=="guestdl"){
$query = "DELETE FROM `guestbook` WHERE `message` = '".$id_mess."' LIMIT 1";
$result = mysql_query($query);
if (!$result) echo mysql_error();
else
{
print ('УДАЛИНО!!<br/><do type="prev" label="НАЗАД"><prev/></do>');
echo "</p>";
echo "</card></wml>";
}
}
/////////////////OTvetGUEST//////////////////////////////////////////////////////////////////////////
if($st=="guestOTVF"){
$otvet = htmlspecialchars($otvet);
$updatecp=mysql_query("UPDATE guestbook SET otvet='".$otvet."' WHERE message='".$id_mess."'");
echo "Ответ добавлен!<br/>";
echo "</p>";
echo "</card></wml>";
}
/////////////////////////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////НОВОСТИ/////////////////////////////////////////////////////
if($st=="news"){echo "Новости<br/>";
echo '<a href="moduli.php?st=news_and&par=$par">Добавить</a><br/>
';
if (!@$s) $s=0;
if ($act=='del') mysql_query("delete from `news` where id=$id");
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
if ($s*$lim+$lim>$count) $limit=$count-$s*$lim; else $limit=$lim;
//print $s*$lim;
print $lang['show'].($s*$lim+1).'-'.($s*$lim+$limit).'<br/>';
$q=mysql_query("select * from `news` where 1 order by id desc limit ".($s*$lim).", $limit");
while($data = @mysql_fetch_array($q)){
$date=(int)(date('d',$data['date'])).' '.$lang[date('m',$data['date'])];
print '<b><u>'.$date.'</u></b><br/>'.$data['text'].'<br/>';
print '<a href="moduli.php?st=news_DLT&par='.$par.'&id='.$data['id'].'">Удалить</a><br/>';
$r1=@mysql_fetch_array(mysql_query("select count(*) from `news_com` where nid='".$data['id']."';"));
print '<a href="moduli.php?st=news_com&par='.$par.'&id='.$data['id'].'">'.$lang['opinion'].'</a> ['.$r1['count(*)'].']<br/><br/>';
}
if ($s!=0) echo '<a href="moduli.php?st=news&par='.$par.'&s='.($s-1).'">Предыдущие</a> ';
if ($count>$s*$lim+$lim) echo ' <a href="moduli.php?st=news&par='.$par.'&s='.($s+1).'">Следующие</a><br/>';
}
/////////////////////////ANDNEWS??????????????//////////////////////////////////////////
if($st=="news_and"){echo "AND Новости<br/>";
echo 'Новость: <br/>
<input type="text" value="" name="text"/>
<br/>
<anchor>Добавить
<go href="moduli.php?st=news_and2&par=$par" method="post">
<postfield name="text" value="$(text)"/>
</go>
</anchor>
<br/><br/>
<do label="Добавить" type="accept">
<go href="moduli.php?st=news_and2&par=$par" method="post">
<postfield name="text" value="$(text)"/>
</go>
</do>
';
}
//////////////////AND2......................
/////////////////////////КоментNEWS??????????????//////////////////////////////////////////
if($st=="news_com"){echo "Kомментарии<br/>";
$fl='false';
{
$ipsoft=getenv("REMOTE_ADDR").'**'.getenv("HTTP_USER_AGENT");
$q3=mysql_query("select plus, minus, ipsoft from news where id='$id'");
$r3=mysql_fetch_array($q3);
if ($ipsoft!=$r3['ipsoft']) mysql_query("update news set $op='".($r3[$op]+1)."', ipsoft='$ipsoft' where id=$id;");
$fl=true;
};
if (@$act=='del') {mysql_query("delete from `news_com` where id=$mid;"); $fl=true;};
if ((empty($act))||$fl=='true'){
if (!@$s) $s=0;
$q=mysql_query("select count(id) from `news_com` where nid='$id';");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
if ($s*$lim+$lim>$count) $limit=$count-$s*$lim; else $limit=$lim;
print $lang['que1'].'<br/>';
$q3=mysql_query("select plus, minus, ipsoft from news where id='$id'");
$r3=mysql_fetch_array($q3);
if ($r3['plus']+$r3['minus']>0) { $prplus=round(($r3['plus']/($r3['plus']+$r3['minus']))*100,2); $prminus=round(($r3['minus']/($r3['plus']+$r3['minus']))*100,2);}
else {$prplus=0; $prminus=0;}
print $lang['good'].': '.$r3['plus'].'('.$prplus.'%)<br/>'.$lang['bad'].': '.$r3['minus'].'('.$prminus.'%)<br/>';
print '---<br/>';
print $lang['showop'].' '.$count.'<br/>';
$q=mysql_query("select * from `news_com` where nid='$id' order by id desc limit ".($s*$lim).", $limit");
while($data = @mysql_fetch_array($q)){
$date=date('h:i d ',$data['date']).' '.$lang[date('m',$data['date'])];
print '<b>'.$data['name'].'</b>('.$date.'):<br/> '.$data['text'].'<br/>';
print '<a href="moduli.php?st=news_comDLT&par=$par&nid='.$data['id'].'&id='.$id.'">Удалить</a><br/>';
}
if ($s!=0) echo '<a href="moduli.php?st=news_kom&par='.$par.'&s='.($s-1).'">Предыдущие</a> ';
if ($count>$s*$lim+$lim) echo ' <a href="moduli.php?st=news_kom&par='.$par.'&s='.($s+1).'">Следующие</a>';
}}
//////////////////AND2......................
if($st=="news_and2"){echo "AND Новости<br/>";
$text = htmlspecialchars($text);
if (mysql_query("insert into `news` values(0, '".time()."', '$text','0','0','');")) print 'Новость добавлена!';
}
//////////////////DELT.КОМЕНТАРИИ//////////////////////////////////////////////////////////////////////
if($st=="news_comDLT"){echo "УДАЛИНО<br/>";
mysql_query("delete from `news_com` where id=$nid;"); $fl=true;
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
}
//////////////////DELT./////////////////////////////////////////////////////////////////////////////
if($st=="news_DLT"){echo "УДАЛИНО<br/>";
mysql_query("delete from `news` where id=$id");
$q=mysql_query("select count(id) from `news` where 1;");
$r=mysql_fetch_array($q);
$count=$r['count(id)'];
}
//////////////////////MODGL//////////////////////////////////////////////////////////////////////////
if($st=="pmoduli"){
echo "+МОДУЛЬ НА ГЛ.<br/>";
?>
<select name="action">
<option value="guest">Гостевая Книга</option>
<option value="news">Новости</option>
</select><br/>
Aвтo<br/>:<br/>
<select name="abr">
<option value="yes">Дa</option>
<option value="no">Нeт</option>
</select><br/>
Pacпoлoжeниe:<br/>
<select name="location">
<option value="below">Hиже</option>
<option value="rewrite">Пepeзaпиcь</option>
<option value="above">Вышe</option>
</select><br/>
Резать теги:<br/>
<select name="strip">
<option value="yes">Да</option>
<option value="no">Нет</option>
</select><br/>
<anchor title="go">OK<go href="moduli.php?st=anddmm&par=<?php echo $par; ?>&page=<?php echo $_GET['page']; ?>&i=<?php echo $_GET['i']; ?>" method="post">
<postfield name="action" value="$(action)"/>
<postfield name="location" value="$(location)"/>
<postfield name="abr" value="$(abr)"/>
<postfield name="strip" value="$(strip)"/>
</go></anchor><br/>
<br/>
<?php
}
/////////////////////////////////ANDMODLIII//////////////////////////////////////////////////////
if($st=="anddmm"){
echo "добавлен в меню";
if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>
111
<?php
exit;
}
$contents = file("wml/" . addslashes($_GET['page']));
for($i = 0; $i < count($contents); $i++)
{
if($banner == 'top' && $i == 6)
{
}
else
{
$contents2[] = $contents[$i];
}
if(trim($contents[$i]) == '<p align="center">' || trim($contents[$i]) == '<p align="left">' || trim($contents[$i]) == '<p align="right">')
{
if($banner == 'top')
$contents2[] = get_random_link();
}
if((isset($contents[$i+1]) && trim($contents[$i+1]) == '</p>') || (isset($contents[$i+2]) && trim($contents[$i+2]) == '</card>'))
{
if($banner == 'bottom')
{
array_pop($contents2);
$contents2[] = get_random_link();
}
}
if($i == $_GET['i'])
{
if($i == 5 && $_POST['location'] == 'rewrite' && $_POST['action'] != 'left' && $_POST['action'] != 'center' && $_POST['action'] != 'right')
{
?>
222<br/>
<?php
exit;
}
switch($_POST['action'])
{
case 'br':
$new_line = '<br/>' . "\n";
break;
case 'guest':
if($_GET['i'] == 5)
$new_line = '<a href="index.php?action=guest">Гостевая Книга</a>' . "\n";
else
$new_line = '<a href="index.php?action=guest">Гостевая Книга</a>' . "\n";
break;
case 'news':
if($_GET['i'] == 5)
$new_line = '<a href="index.php?action=news">Новости</a>' . "\n";
else
$new_line = '<a href="index.php?action=news">Новости</a>' . "\n";
break;
case 'right':
if($_GET['i'] == 5)
$new_line = '<p align="right">' . "\n";
else
$new_line = '</p><p align="right">' . "\n";
break;
default:
$new_line = '';
}
if($_POST['abr'] == 'yes')
$new_line .= "\n<br/>\n";
if($_POST['location'] == 'below')
{
// adding new line
$contents2[] = $new_line;
}
if($_POST['location'] == 'rewrite')
{
// adding new line
if($_GET['i'] == 5)
{
$adv_link = array_pop($contents2);
array_pop($contents2);
$contents2[] = $new_line;
//$contents2[] = $adv_link;
}
else
{
array_pop($contents2);
$contents2[] = $new_line;
}
}
if($_POST['location'] == 'above')
{
// adding new line
$curr_row = array_pop($contents2);
$contents2[] = $new_line;
array_push($contents2, $curr_row);
}
}
}
$fp = fopen("wml/" . addslashes($_GET['page']), 'wb');
fputs($fp, join('', $contents2));
fclose($fp);
}
if(!isset($_GET['page']))
$_GET['page'] = 'index.cms';
if(preg_match('/[^\w\.]/', $_GET['page']))
{
?>
4444
<?php
exit;
}
/////////////////////////////////////////////////////////////////////////////////////////////////////
}
print"<br/>__________<br/>
<a href=\"admin.php?par=$par&st=amPL\">Админ панель</a>
<br/>
</p></card></wml>";
?>