1 | <?php
|
---|
2 | include '../includes/Global.php';
|
---|
3 |
|
---|
4 | TestLicence('1');
|
---|
5 |
|
---|
6 | if (array_key_exists('Mode', $_GET)) {
|
---|
7 | $Mode = $_GET['Mode'];
|
---|
8 | } else {
|
---|
9 | $Mode = '';
|
---|
10 | }
|
---|
11 |
|
---|
12 | If ($Mode == '') { // formuláø pøidání aktuality
|
---|
13 | ?>
|
---|
14 | <h4>Pøidání aktuality</h4>
|
---|
15 | <form enctype="multipart/form-data" action="AddNews.php?Mode=AddNews" method="post">
|
---|
16 | <table border="0">
|
---|
17 | <tr><td>Nadpis Aktuality:</td><td><input type="text" name="Name"></td></tr>
|
---|
18 | <tr><td>Uivatel: </td><td><input type="text" name="User" value="<?php echo $_SESSION['User']; ?>"></td></tr>
|
---|
19 | <tr><td>Popis: </td><td><input type="text" name="Description"></td></tr>
|
---|
20 | <tr><td>Text: </td><td><textarea cols="60" name="Text" rows="20"></textarea></td></tr>
|
---|
21 | <tr><td><input type="submit" value="Odeslat"></td></tr>
|
---|
22 | </table>
|
---|
23 | </form>
|
---|
24 |
|
---|
25 | <?php
|
---|
26 | }
|
---|
27 |
|
---|
28 | if ($Mode == 'AddNews') { //pøidání aktuality
|
---|
29 | $Name = mysql_escape_string($_POST['Name']);
|
---|
30 | $User = mysql_escape_string($_POST['User']);
|
---|
31 | $Description = mysql_escape_string($_POST['Description']);
|
---|
32 | $Text = mysql_escape_string($_POST['Text']);
|
---|
33 | echo('Jméno: '.$Name.'<br>');
|
---|
34 | echo('Uivatel: '.$User.'<br>');
|
---|
35 | echo('Popis: '.$Description.'<br>');
|
---|
36 | echo('Text: '.$Text.'<br>');
|
---|
37 |
|
---|
38 | $sql = "SELECT max(ID) FROM news";
|
---|
39 | $ID = $db->SQLCommand($sql);
|
---|
40 | $Line = mysql_fetch_row($ID);
|
---|
41 | $ID = $Line[0]+1;
|
---|
42 | $sql = "INSERT news VALUE('$ID','$Name',now(),'$Text','$Description', '1','$User')";
|
---|
43 | $db->SQLCommand($sql);
|
---|
44 | WriteLog('Aktualita byla uloena: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$User,'2');
|
---|
45 | echo 'Aktualita '.$Name.' byla uloena';
|
---|
46 | }
|
---|
47 |
|
---|
48 | if ($Mode == '') { //editování aktuality
|
---|
49 | echo '<h4>Editování aktualit</h4>';
|
---|
50 | $sql = "SELECT * FROM news order by 3 DESC";
|
---|
51 | $ID = $db->SQLCommand($sql);
|
---|
52 | while($Line = mysql_fetch_array($ID)) {
|
---|
53 | echo '<a href="AddNews.php?Mode=EditNewsForm&ID='.$Line['ID'].'">'.$Line['Name'].'</a><br />';
|
---|
54 | }
|
---|
55 | }
|
---|
56 |
|
---|
57 |
|
---|
58 | If ($Mode == 'EditNewsForm') { // formuláø editování aktuality
|
---|
59 |
|
---|
60 | $ID = mysql_escape_string($_GET['ID']);
|
---|
61 |
|
---|
62 | $sql = "SELECT * FROM news WHERE ID = '$ID'";
|
---|
63 | $ID = $db->SQLCommand($sql);
|
---|
64 | $Line = mysql_fetch_array($ID);
|
---|
65 | ?>
|
---|
66 | <h4>Editování aktuality</h4>
|
---|
67 | <form enctype="multipart/form-data" action="AddNews.php?Mode=EditNews" method="post">
|
---|
68 | <input type="hidden" name="ID" value="<?php echo $Line['ID']; ?>">
|
---|
69 | <table border="0">
|
---|
70 | <tr><td>Nadpis Aktuality:</td><td><input type="text" name="Name" value="<?php echo $Line['Name']; ?>"></td></tr>
|
---|
71 | <tr><td>Uivatel: </td><td><input type="text" name="User" value="<?php echo $Line['User']; ?>"></td></tr>
|
---|
72 | <tr><td>Popis: </td><td><input type="text" name="Description" value="<?php echo $Line['Description']; ?>"></td></tr>
|
---|
73 | <tr><td>Text: </td><td><textarea cols="60" name="Text" rows="20"><?php echo $Line['Text']; ?></textarea></td></tr>
|
---|
74 | <tr><td><input Name="Action" type="submit" value="Editovat"></td></tr>
|
---|
75 | </table>
|
---|
76 | </form>
|
---|
77 |
|
---|
78 | <?php
|
---|
79 | }
|
---|
80 |
|
---|
81 | if ($Mode == 'EditNews') { //editování aktuality
|
---|
82 | $ID = mysql_escape_string($_POST['ID']);
|
---|
83 | $Name = mysql_escape_string($_POST['Name']);
|
---|
84 | $User = mysql_escape_string($_POST['User']);
|
---|
85 | $Description = mysql_escape_string($_POST['Description']);
|
---|
86 | $Text = mysql_escape_string($_POST['Text']);
|
---|
87 | echo('Jméno: '.$Name.'<br>');
|
---|
88 | echo('Uivatel: '.$User.'<br>');
|
---|
89 | echo('Popis: '.$Description.'<br>');
|
---|
90 | echo('Text: '.$Text.'<br>');
|
---|
91 |
|
---|
92 | $sql = "UPDATE news SET ID = '$ID', Name = '$Name', Text = '$Text', Description = '$Description', User = '$User' WHERE ID = '$ID'";
|
---|
93 | $db->SQLCommand($sql);
|
---|
94 | echo 'Aktualita '.$Name.' byla editována!';
|
---|
95 | WriteLog('Aktualita byla editována: '.$Name.' ID: '.$ID.' Popis: '.$Description.' User: '.$User,'3');
|
---|
96 | }
|
---|
97 |
|
---|
98 | if ($Mode == 'Del') { //smazání aktuality
|
---|
99 | $ID = mysql_escape_string($_GET['ID']);
|
---|
100 |
|
---|
101 | $sql = "DELETE from news WHERE ID = '$ID'";
|
---|
102 | $db->SQLCommand($sql);
|
---|
103 | WriteLog('Aktualita byla smazána: ID='.$ID,'4');
|
---|
104 | echo 'Aktualita '.$Name.' byla Smazána!';
|
---|
105 | }
|
---|
106 |
|
---|
107 | ShowFooter()
|
---|
108 | ?>
|
---|