Viewing file:  index.php (18.47 KB) -rw-r--r--
Select action/file-type:
 (+) |  (+) |  (+) | Code (+) | Session (+) |  (+) | SDB (+) |  (+) |  (+) |  (+) |  (+) |  (+) |
<?php
/********************************************************************************
- MemHT Portal -
Copyright (C) 2007-2008 by Miltenovik Manojlo
http://www.memht.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your opinion) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)
or write to the Free Software Foundation, Inc., 51 Franklin Street,
Fifth Floor, Boston, MA02110-1301, USA.
********************************************************************************/
if (!defined("_LOAD_PAGE_")) {
die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>");
}
if (isset($_GET['op'])) { $op = inCode($_GET['op']); } else { $op = ""; }
if (isset($_GET['id'])) { $id = inCode($_GET['id']); } else { $id = ""; }
if (isset($_GET['ok'])) { $ok = inCode($_GET['ok']); } else { $ok = false; }
if (isset($_POST['argomento'])) { $argomento = inCode($_POST['argomento']); } else { $argomento = ""; }
if (isset($_POST['nome'])) { $nome = eregi_replace("[/_']","-",inCode($_POST['nome'])); } else { $nome = ""; }
if (isset($_POST['testo_home'])) { $testo_home = inCode($_POST['testo_home']); } else { $testo_home = ""; }
if (isset($_POST['testo'])) { $testo = inCode($_POST['testo']); } else { $testo = ""; }
if (isset($_POST['tags'])) { $tags = inCode($_POST['tags']); } else { $tags = ""; }
if (isset($_POST['enabled'])) { $enabled = inCode($_POST['enabled']); } else { $enabled = ""; }
$usecomments = (isset($_POST['usecomments'])) ? intval($_POST['usecomments']) : 0 ;
////////////////////////////pop
global $dblink;
$cfgrow = $dblink->get_row("SELECT * FROM memht_gallery_config");
$rows = intval($cfgrow['rows']);
$cols = intval($cfgrow['cols']);
$cat_max_weight = intval($cfgrow['cat_max_weight']);
$cat_max_w = intval($cfgrow['cat_max_w']);
$cat_max_h = intval($cfgrow['cat_max_w']);
$thumb_max_weight = intval($cfgrow['thumb_max_weight']);
$thumb_max_w = intval($cfgrow['thumb_max_w']);
$thumb_max_h = intval($cfgrow['thumb_max_h']);
$img_max_weight = intval($cfgrow['img_max_weight']);
$img_max_w = intval($cfgrow['img_max_w']);
$img_max_h = intval($cfgrow['img_max_h']);
//////////////////////////
if (isset($_GET['pg'])) { $pg = inCode($_GET['pg']); } else { $pg = 1; }
$ofsppg = 30; //Items per page
$ofsbgn = ($pg*$ofsppg)-$ofsppg;
function newsList($ofsbgn,$ofsppg,$pg) {
global $dblink,$siteConfig;
$n = 0;
echo "<table width='100%' align='center' cellspacing='1' cellpadding='0' class='std_nicetable'>";
echo "<thead>\n";
echo "<tr><td>"._TITLE_."<td width='25%'>"._TAGS_."</td></td><td width='15%'>"._AUTHOR_."</td><td width='1%'> </td></tr>\n";
echo "</thead>\n";
echo "<tbody>\n";
if ($result = $dblink->get_list("SELECT *,DATE_FORMAT(data, '".$siteConfig['timestamp']."') as data2 FROM memht_news ORDER BY id DESC LIMIT $ofsbgn,$ofsppg")) {
foreach ($result as $row) {
$id = intval($row['id']);
$argomento = intval($row['argomento']);
$nome = outCode($row['nome']);
$autore = outCode($row['autore']);
$data = $row['data2'];
$hits = intval($row['hits']);
$enabled = intval($row['enabled']);
$off = ($enabled!="1") ? "<img src='images/off.gif' alt='"._OFF_."' title='"._OFF_."'>" : "" ;
$class = (($n++%2)!=0) ? "hlight" : "clean" ;
echo "<tr><td class='$class'><a href='index.php?page=news&op=readNews&id=$id&title=".mem_urlencode($nome)."' title='$nome'><b>$nome</b></a><td class='$class' id='info'>";
if ($result = $dblink->get_list("SELECT tag FROM memht_tags WHERE whr=3 AND cid=$id ORDER BY tag")) {
foreach ($result as $row) {
echo "<span style='padding: 0 4px;'><a href=\"index.php?page=tags&op=list&tag=".mem_urlencode(outCode($row['tag']))."\" title=\"".outCode($row['tag'])."\" target='_blank'>".outCode($row['tag'])."</a></span>";
}
}
echo "</td><td class='$class'>$autore</td><td class='$class' nowrap><a href='admin.php?page=news&op=editNews&id=$id' title='"._MODIFY_."'><img src='images/edit.gif' alt='Edit' border='0'></a> <a href='admin.php?page=news&op=deleteNews&id=$id' title='"._DELETE_."'><img src='images/delete.gif' alt='Delete' border='0'></a> $off</td></tr>\n";
}
} else {
echo "<tr><td align='center' id='errorText' colspan='4' class='clean'><b>"._EMPTY_."</b></td></tr>";
}
echo "</tbody>\n";
echo "</table>";
//Pages
include_once("inc/class/paginationSystem.class.php");
$ps = new paginationSystem();
$ps->items = $ofsppg;
$ps->actpg = $pg;
$ps->query = "SELECT id FROM memht_news";
$ps->url = "admin.php?page=news&op=showNews&pg={{N}}";
$ps->show();
}
function add($thumb_max_weight,$thumb_max_w,$thumb_max_h,$img_max_weight,$img_max_w,$img_max_h,$argomento,$nome,$testo_home,$testo,$tags,$usecomments,$enabled,$ok=false) {
global $dblink,$admin,$email,$tzNOW,$userid;
if (!$ok) {
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>";
echo "<form name='form_news' method='post' action='admin.php?page=news&op=addNews&ok=true' enctype='multipart/form-data'>";
echo "<tr><td width='25%'><b>"._TITLE_."</b></td><td><input type='text' name='nome' size='40' maxlength='255'></td></tr>\n";
//jane
echo "<tr><td width='25%'><b>"._IMAGE_."</b></td><td><input type='file' name='image' size='25'></td></tr>\n";
//
//pop
//echo $user;
$search_user = $dblink->get_row("SELECT id,rank FROM memht_utenti WHERE id='$userid'");
$id = outCode($search_user['id']);
$rank= outCode($search_user['rank']);
//check user not superadmin or admin
if($rank!="3" && $rank!= "4"){
$arg_list = $dblink->get_list("SELECT a.id, a.nome
FROM memht_argomenti a inner join memht_utenti_accesspages u on a.id=u.a_id
WHERE u.u_id='$id' and pages='news'
ORDER BY a.id");
echo "<tr><td><b>"._ARGUMENT_."</b></td><td>\n";
echo "<select name='argomento'>\n";
foreach ($arg_list as $row) {
$aid = intval($row['id']);
$nome = outCode($row['nome']);
echo "<option value='$aid'>$nome</option>\n";
}
echo "</select>";
echo "</td></tr>\n";
} else {
echo "<tr><td><b>"._ARGUMENT_."</b></td><td>\n";
echo "<select name='argomento'>\n";
//Lista argomenti
$result = $dblink->get_list("SELECT * FROM memht_argomenti ORDER BY nome");
foreach ($result as $row) {
$aid = intval($row['id']);
$nome = outCode($row['nome']);
echo "<option value='$aid'>$nome</option>\n";
}
echo "</select></td></tr>\n";
}
//pop
echo "<tr><td valign='top'><b>"._HOMETEXT_."</b></td><td>";
textarea("testo_home","100%","400px",1,"fulladmin");
echo "</td></tr>\n";
echo "<tr><td valign='top'><b>"._TEXT_."</b></td><td>";
textarea("testo","100%","600px",1,"fulladmin");
echo "</td></tr>\n";
echo "<tr><td><b>"._TAGS_."</b></td><td><input type='text' name='tags' size='40' maxlength='255'> <span id='info'>("._SEPARATEDBYCOMMAS_.")</span></td></tr>\n";
echo "<tr><td><b>"._COMMENTSENABLED_."</b></td><td>";
echo "<select name='usecomments'>\n";
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
echo "</select></td></tr>\n";
echo "<tr><td><b>"._ENABLED_."</b></td><td>";
echo "<select name='enabled'>\n";
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
echo "</select></td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._ADD_."'></td></tr>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($nome=="") { $save = false; $msg = _TITLE_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($testo_home=="") { $save = false; $msg = _HOMETEXT_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
//jane /////////
//====================================================
if ($save) {
require_once("inc/class/uploadFile.class.php");
$upload = new uploadFile();
$upload->show_errors = false;
$upload->mime = array('image/gif','image/pjpeg','image/jpeg','image/png','image/tiff','image/bmp');
$upload->path = "pages/news/news/";
$upload->path_thumb = "pages/news/news/thumb/";
$upload->max_width = $img_max_w;
$upload->max_height = $img_max_h;
$upload->max_size = $img_max_weight;
$upload->field = "image";
if (!$imgfile = $upload->upload()) { $save = false; $msg = $upload->error; }
}
//====================================================
/////////////////
if ($save) {
if (memRunHooks('AddNews',array($nome,$argomento,$testo_home,$testo,$admin,$email))) {
$dblink->query("INSERT INTO memht_news (id,argomento,nome,testo_home,testo,autore,email,data,usecomments,enabled,imgfile)
VALUES (null,'$argomento','$nome','$testo_home','$testo','$admin','$email',$tzNOW,'$usecomments','$enabled','$imgfile')");
if ($tags!="") {
$row = $dblink->get_row("SELECT id FROM memht_news ORDER BY id DESC LIMIT 1");
$lastid = intval($row['id']);
$tags = explode(",",$tags);
foreach ($tags as $tag) {
$dblink->query("INSERT INTO memht_tags (tag,cid,whr) VALUES ('".inCode(trim($tag))."','$lastid','3')");
}
}
memRunHooks('AddNewsEnd',array($nome,$argomento,$testo_home,$testo,$admin,$email));
}
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=news'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
}
function edit($thumb_max_weight,$thumb_max_w,$thumb_max_h,$img_max_weight,$img_max_w,$img_max_h,$argomento,$nome,$testo_home,$testo,$tags,$usecomments,$enabled,$ok=false,$id) {
global $dblink,$userid;
$id = intval($id);
$row_edit = $dblink->get_row("SELECT * FROM memht_news WHERE id='$id'");
$nargomento = intval($row_edit['argomento']);
$nnome = outCode($row_edit['nome']);
$ntesto_home = outCode($row_edit['testo_home']);
$ntesto = outCode($row_edit['testo']);
$nenabled = intval($row_edit['enabled']);
$iimgfile = outCode($row_edit['imgfile']);
if (!$ok) {
$row_edit = $dblink->get_row("SELECT * FROM memht_news WHERE id=$id");
$nargomento = intval($row_edit['argomento']);
$nnome = outCode($row_edit['nome']);
$ntesto_home = outCode($row_edit['testo_home']);
$ntesto = outCode($row_edit['testo']);
$usecomments = intval($row_edit['usecomments']);
$nenabled = intval($row_edit['enabled']);
$iimgfile = outCode($row_edit['imgfile']);
if ($result = $dblink->get_list("SELECT tag FROM memht_tags WHERE whr=3 AND cid=$id")) {
$ntags = array();
foreach ($result as $row) {
$ntags[] = outCode($row['tag']);
}
$ntags = implode(",",$ntags);
} else {
$ntags = "";
}
echo "<table width='100%' align='center' cellspacing='0' cellpadding='1'>";
echo "<form name='form_news' method='post' action='admin.php?page=news&op=editNews&id=$id&ok=true' enctype='multipart/form-data'>";
echo "<tr><td width='25%'><b>"._TITLE_."</b></td><td><input type='text' name='nome' size='40' maxlength='255' value=\"$nnome\"></td></tr>\n";
//jane
echo "<tr><td width='25%'><b>"._IMAGE_."</b></td><td><input type='file' name='image' size='25'><span id='info'>"._COMPILEONLYIFCHANGING_."</span></td></tr>\n";
//
//pop
//echo $user;
$search_user = $dblink->get_row("SELECT id,rank FROM memht_utenti WHERE id='$userid'");
$id = outCode($search_user['id']);
$rank= outCode($search_user['rank']);
//echo $id."jjj".$rank;
//check user not superadmin or admin
if($rank!="3" && $rank!= "4"){
$arg_list = $dblink->get_list("SELECT a.id, a.nome
FROM memht_argomenti a inner join memht_utenti_accesspages u on a.id=u.a_id
WHERE u.u_id='$id' and pages='news'
ORDER BY a.id");
echo "<tr><td><b>"._ARGUMENT_."</b></td><td>\n";
echo "<select name='argomento'>\n";
foreach ($arg_list as $row) {
$aid = intval($row['id']);
$nome = outCode($row['nome']);
echo "<option value='$aid'>$nome</option>\n";
}
echo "</select>";
echo "</td></tr>\n";
} else {
echo "<tr><td><b>"._ARGUMENT_."</b></td><td>\n";
echo "<select name='argomento'>\n";
//Lista argomenti
$result = $dblink->get_list("SELECT * FROM memht_argomenti ORDER BY nome");
foreach ($result as $row) {
$aid = intval($row['id']);
$nome = outCode($row['nome']);
echo "<option value='$aid'>$nome</option>\n";
}
echo "</select></td></tr>\n";
}
//pop
echo "<tr><td valign='top'><b>"._HOMETEXT_."</b></td><td>";
textarea("testo_home","100%","400px",1,"fulladmin",$ntesto_home);
echo "</td></tr>\n";
echo "<tr><td valign='top'><b>"._TEXT_."</b></td><td>";
textarea("testo","100%","600px",1,"fulladmin",$ntesto);
echo "</td></tr>\n";
echo "<tr><td><b>"._TAGS_."</b></td><td><input type='text' name='tags' value=\"$ntags\" size='40' maxlength='255'> <span id='info'>("._SEPARATEDBYCOMMAS_.")</span></td></tr>\n";
echo "<tr><td><b>"._COMMENTSENABLED_."</b></td><td>";
echo "<select name='usecomments'>\n";
if ($usecomments==1) {
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
} else {
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
}
echo "</select></td></tr>\n";
echo "<tr><td><b>"._ENABLED_."</b></td><td>";
echo "<select name='enabled'>\n";
if ($nenabled==1) {
echo "<option value='1' selected>"._YES_."</option>\n";
echo "<option value='0'>"._NO_."</option>\n";
} else {
echo "<option value='1'>"._YES_."</option>\n";
echo "<option value='0' selected>"._NO_."</option>\n";
}
echo "</select></td></tr>\n";
echo "<tr><td colspan='2'><input type='submit' name='Submit' value='"._MODIFY_."'></td></tr>\n";
echo "</form>\n";
echo "</table>\n";
} else {
$save = true;
if ($nome=="") { $save = false; $msg = _TITLE_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($testo_home=="") { $save = false; $msg = _HOMETEXT_." ".strtolower(_FIELD_)." ".strtolower(_REQUIRED_); }
if ($save) {
//janeojane
require_once("inc/class/uploadFile.class.php");
$upload = new uploadFile();
$upload->show_errors = false;
$upload->mime = array('image/gif','image/pjpeg','image/jpeg','image/png','image/tiff','image/bmp');
$upload->path = "pages/news/news/";
$upload->path_thumb = "pages/news/news/thumb/";
$upload->max_width = $img_max_w;
$upload->max_height = $img_max_h;
$upload->max_size = $img_max_weight;
$upload->field = "image";
if ($imgfile = $upload->upload()) {
$ckupdate = 1;
// @unlink($upload->path.$iimgfile);
//echo $iimgfile;exit();
if ($iimgfile!="") { @unlink("pages/news/news/".$iimgfile); }
} else {
if ($upload->selected) {
//$ckupdate = 1;
$msg = $upload->error;
} else {
$imgfile = $iimgfile;
}
}
if($ckupdate=="1"){
$dblink->query("UPDATE memht_news SET imgfile='$imgfile' WHERE id='$id'");
}
//exit();
/////////
$dblink->query("UPDATE memht_news SET argomento='$argomento',nome='$nome',testo_home='$testo_home',testo='$testo',usecomments='$usecomments',enabled='$enabled' WHERE id=$id");
$dblink->query("DELETE FROM memht_tags WHERE whr=3 AND cid=$id");
if ($tags!="") {
$tags = explode(",",$tags);
foreach ($tags as $tag) {
$dblink->query("INSERT INTO memht_tags (tag,cid,whr) VALUES ('".inCode(trim($tag))."','$id','3')");
}
}
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=news'>";
} else {
echo "<div align='center' id='errorText'><b>$msg</b></div>";
}
}
}
function delete($id,$ok=false) {
global $dblink;
$id = intval($id);
if ($ok) {
//jane
$imgfile = outCode($drow['imgfile']);
$fname = file_name($imgfile);
$fext = file_ext($imgfile);
$imgfile_th = $fname."_thumb.".$fext;
if ($imgfile!="") { @unlink("pages/news/news/".$imgfile); }
if ($imgfile_th!="") { @unlink("pages/news/news/thumb/".$imgfile_th); }
//
$dblink->query("DELETE FROM memht_news WHERE id=$id");
$dblink->query("DELETE FROM memht_comments WHERE whr=3 AND wid=$id");
$dblink->query("DELETE FROM memht_ratings WHERE whr=3 AND wid=$id");
$dblink->query("DELETE FROM memht_tags WHERE whr=3 AND cid=$id");
echo "<meta http-equiv='refresh' content='0;URL=admin.php?page=news'>";
} else {
echo "<div align='center'><b>"._SUREDELETENEWS_."</b><br><a href='admin.php?page=news&op=deleteNews&id=$id&ok=true' title='"._YES_."'>"._YES_."</a> - <a href='admin.php?page=news' title='"._NO_."'>"._NO_."</a></div>";
}
}
require_once("admin/inc/inc_header.php");
admin_page_title($page);
openTable();
echo "<div align='center' class='box'>";
echo "<a href='admin.php?page=news' title='"._LIST_."'><img src='admin/icons/messages.png' border='0' title='"._LIST_."' align='top'> "._LIST_."</a>";
echo " - <a href='admin.php?page=news&op=addNews' title='"._ADD_."'><img src='admin/icons/add.png' border='0' title='"._ADD_."' align='top'> "._ADD_."</a>";
echo "</div>";
closeTable();
openTable();
switch($op) {
case "addNews":
add($thumb_max_weight,$thumb_max_w,$thumb_max_h,$img_max_weight,$img_max_w,$img_max_h,$argomento,$nome,$testo_home,$testo,$tags,$usecomments,$enabled,$ok);
break;
case "deleteNews":
delete($id,$ok);
break;
case "editNews":
edit($thumb_max_weight,$thumb_max_w,$thumb_max_h,$img_max_weight,$img_max_w,$img_max_h,$argomento,$nome,$testo_home,$testo,$tags,$usecomments,$enabled,$ok,$id);
break;
case "showNews":
default:
newsList($ofsbgn,$ofsppg,$pg);
break;
}
closeTable();
require_once("admin/inc/inc_footer.php");
?>
|