File size: 1.46Kb
<?php
include 'includes/config.php';
include 'includes/connect.php';
include 'includes/admin.valid.php';
include 'themes/head.php';
if (!empty($_USER['login'])) {
$id = trim(intval($_GET['id']));
$news = mysql_escape_string(trim($_POST['news']));
if (empty($news)) {
$sql = mysql_query("SELECT * FROM `".$db_pref."news` WHERE `id` = '$id'");
$row = mysql_fetch_assoc($sql);
echo <<<HTML
<div class="t">$row[date]</div>
<div class="m">
<div class="menu2">
ID: $row[id] <br />
Комментарии: <a href="$home_url/comment.php?news_id=$row[id]">$row[comm]</a> <br />
<br />
Новость: <br />
<form action="" method="POST">
<textarea name="news" class="form" cols="30" rows="6">$row[news]</textarea>
<br /><br />
<input type="submit" value="Сохранить" class="form" />
</form>
</div></div>
HTML;
} else {
$sql = mysql_query("UPDATE `".$db_pref."news` SET `news` = '$news' WHERE `id` = '$id'");
if ($sql) {
echo <<<HTML
<div class="t">Редактировать новость</div>
<div class="m">
<div class="menu2">
Новость "ID: $id" успешно изменена.
</div></div>
HTML;
} else {
echo <<<HTML
<div class="t">Ошибка</div>
<div class="m">
<div class="menu2">
Произошла ошибка!
</div></div>
HTML;
}
}
} else {
echo <<<HTML
<div class="t">Ошибка</div>
<div class="m">
<div class="menu2">
Доступ запрещен!
</div></div>
HTML;
}
include 'themes/foot.php';
?>