View file panel/news.php

File size: 4.06Kb
<?php
// by mides (Mike O.), coolcms.mobi

require_once '../system/sys.php';
require_once '../system/auth_a.php';
require_once '../system/header.php';

if (!access(1)) {
    redirect(HTTPHOME);
}

switch ($act) {
   default:
       tp($lang['news_management']);
       note();
       $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `news`"), 0);
       if ($total > 0) {
           $pages = ceil($total / $config['onpage']);
           if ($page > $pages or $page == 0) {
               $page = 1;
           }
           $begin = ($page - 1) * $config['onpage'];

           $news_r = mysql_query("SELECT * FROM `news` ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
           while ($news = mysql_fetch_assoc($news_r)) {
               echo '<a href="../news.php?act=view&amp;id='.$news['id'].'">'.$news['name'].'</a> ('.ccdate($news['time'], 0).') <a href="?act=edit&amp;id='.$news['id'].'">'.$lang['edit'].'</a><br />';
           }
           navig($page, '?', $pages);
       }
       echo '<br /><a href="?act=add" class="button">'.$lang['add_news'].'</a></div>';
       nav('./');
    break;
        
    case 'add':
        if ($ok) {
            $_SESSION['title'] = $_POST['title'];
            $_SESSION['text'] = $_POST['text'];
            if ($_POST['name'] and $_POST['text']) {
                $name = check($_POST['name']);
                $text = check($_POST['text']);
                mysql_query("INSERT INTO `news`(`name`,`text`,`time`) VALUES('$name', '$text', '".TIME."')");
                redirect('?');
            } else {
                $_SESSION['note'] = $lang['the_fields_cant_be_blank'];
                redirect('?act=add');
            }
        } else {
            $ses_title = !empty($_SESSION['title']) ? $_SESSION['title'] : '';
            $ses_text = !empty($_SESSION['text']) ? $_SESSION['text'] : '';
            tp($lang['add_news']);
            note();
            echo '<form name="form" action="?act=add&amp;ok=1" method="post" name="form">
            '.$lang['title'].'(max50):<br/><input name="name" type="text" value="'.$ses_title.'" maxlength="50" /><br />
            '.$lang['text'].':<br /><textarea name="text" rows="5">'.$ses_text.'</textarea><br />
            <input name="submit" type="submit" value="Ok" /></form>
            </div>';
            nav('?');
        }
    break;
	
    case 'edit':
        if ($ok) {
            if (empty($_POST['del'])) {
                if ($_POST['name'] && $_POST['text']) {
                     $name = check($_POST['name']);
                     $text = check($_POST['text']);
                     mysql_query("UPDATE `news` SET `name` = '$name', `text` = '$text' WHERE `id` = '$id'");
                     $_SESSION['note'] = $lang['all_changes_saved'];
                     redirect(HTTPHOME.'/news.php?act=view&id='.$id);
                 } else {
                     $_SESSION['note'] = $lang['the_fields_cant_be_blank'];
                     redirect('?act=edit&id='.$id);
                 }
            } else {
                mysql_query("DELETE FROM `news` WHERE `id` = '$id'");
                mysql_query("DELETE FROM `news_comm` WHERE `id_news` = '$id'");
                $_SESSION['note'] = $lang['the_news_has_been_del'];
                redirect('?');
            }
        } else {
            $news = mysql_fetch_assoc(mysql_query("SELECT `name`, `text` FROM `news` WHERE `id` = '$id'"));
            tp($lang['editing_news']);
            note();
            echo '<form name="form" action="?act=edit&amp;id='.$id.'&amp;ok=1" method="post" name="form">
            '.$lang['title'].'(max50):<br /><input name="name" type="text" maxlength="50" value="'.$news['name'].'" /><br />
            '.$lang['text'].':<br /><textarea name="text" rows="5">'.$news['text'].'</textarea><br />
            <input name="del" type="checkbox" value="1" />'.$lang['delete'].'<br />
            <input name="submit" type="submit" value="Ok" /></form>';
            nav('?');
         }
    break;
	
}

require_once '../system/tail_p.php';
?>