<?php
/* +--------------------------------------------
* |
* | Product: PHPEchoCMS
* | Author: Tigran Abrahamyan
* | License: GPL
* | Last updated: 16.02.07
* | For version: 1.6
* | Desc: Module for working with News module
* |
* +--------------------------------------------
*/
if( !ADMIN_LOAD )
{
die( "Base not loaded!" );
}
$mlang = $core->getlang("admin_news");
echo "<Br /><center><a href='index.php?module=admin&act=news'>".$mlang['001']."</a> | <a href='index.php?module=admin&act=news&op=add'>".$mlang['002']."</a><br /><br />";
switch ( @$_GET['op'] )
{
case "add":
add($mlang);
break;
case "edit":
edit($mlang);
break;
case "delete":
del($mlang);
break;
default:
nlist($mlang);
}
function add($lang)
{
$mlang = $lang;
if ( @$_POST['title'] && $_POST['text'] )
{
query ( "INSERT INTO ".PREFIX."news VALUES ('', '".addslashes($_POST['title'])."', '".str_replace("\n", "<br>", addslashes($_POST['text']))."', '".addslashes($_POST['detailtext'])."', '".$_SESSION['username']."', '0')", 1);
echo "<font size='3' color='blue'><u>".$mlang['003']."</u></font><br><br><br>";
nlist($mlang);
}
else
{
echo "
<center>
<form action='index.php?module=admin&act=news&op=add' method='post'>
".$mlang['004']."<br /><input type='text' name='title' size='50'><Br />
".$mlang['005']."<br />
<textarea name='text' rows='15' cols='100' style='padding: 2px; margin: 0;'></textarea><br />
".$mlang['006']."<br />
<textarea name='detailtext' rows='20' cols='100' style='padding: 2px; margin: 0;'></textarea><br />
<input type='submit' value='".$mlang['002']."'>
</form>
</center>
";
}
}
function edit($lang)
{
$mlang = $lang;
$news = query ( "SELECT * FROM ".PREFIX."news WHERE id = '".addslashes(@$_GET['id'])."'", 4);
if ( @$_POST['title'] && $_POST['text'] )
{
query ( "UPDATE ".PREFIX."news SET title = '".addslashes($_POST['title'])."', text = '".addslashes($_POST['text'])."', detailtext = '".addslashes($_POST['detailtext'])."' WHERE id = '".addslashes($_GET['id'])."'", 1);
echo "<font size='3' color='blue'><u>".$mlang['007']."</u></font><br><br><br>";
nlist($mlang);
}
else if ( $news['id'] )
{
echo "
<center>
<form action='index.php?module=admin&act=news&op=edit&id=".$_GET['id']."' method='post'>
".$mlang['004']."<br /><input type='text' name='title' size='50' value='".$news['title']."'><Br />
".$mlang['005']."<br />
<textarea name='text' rows='15' cols='100' style='padding: 2px; margin: 0;'>".$news['text']."</textarea><br />
".$mlang['006']."<br />
<textarea name='detailtext' rows='20' cols='100' style='padding: 2px; margin: 0;'>".$news['detailtext']."</textarea><br />
<input type='submit' value='".$mlang['008']."'>
</form>
</center>
";
}
}
function del($lang)
{
$mlang = $lang;
$news_exist = query ( "SELECT id FROM ".PREFIX."news WHERE id = '".addslashes($_GET['id'])."'", 4);
if ($news_exist['id'])
{
query ( "DELETE FROM ".PREFIX."news WHERE id = '".$news_exist['id']."'", 1); //delete news
query ( "DELETE FROM ".PREFIX."news_comments WHERE news_id = '".$news_exist['id']."'", 1); //delete news comments
echo "<font size='3' color='blue'><u>".$mlang['009']."</u></font><br><br><br>";
nlist($mlang);
}
}
function nlist($lang)
{
$mlang = $lang;
$list = query ("SELECT * FROM ".PREFIX."news", 1);
echo "<table width='100%'>
<tr>
<td width='5%'>
<b>#</b>
</td>
<td width='55%'>
<b>".$mlang['010']."</b>
</td>
<td width='20%'>
<b>".$mlang['011']."</b>
</td>
<td width='10%'>
<b>".$mlang['012']."</b>
</td>
<td width='10%'>
<b>".$mlang['013']."</b>
</td>
</tr>
";
while ( $news = mysql_fetch_array ( $list ) )
{
echo "
<tr>
<td width='5%'>
".$news['id']."
</td>
<td width='55%'>
".$news['title']."
</td>
<td width='20%'>
".$news['author']."
</td>
<td width='10%'>
<a href='index.php?module=admin&act=news&op=delete&id=".$news['id']."'>".$mlang['012']."</a>
</td>
<td width='10%'>
<a href='index.php?module=admin&act=news&op=edit&id=".$news['id']."'>".$mlang['013']."</a>
</td>
</tr>
";
}
echo "</table></center>";
}
?>