Changeset 151 for www/aktuality/index.php
- Timestamp:
- Feb 16, 2009, 1:04:24 PM (15 years ago)
- File:
-
- 1 edited
-
www/aktuality/index.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
www/aktuality/index.php
r27 r151 1 1 <?php 2 include_once('../style.php'); 3 ShowHeader('Aktualní informace', 'Aktuality'); 4 5 //ShowArray($GLOBALS); 6 // Zobrazení aktualit 7 8 $UploadedFilesFolder = 'uploads/'; 9 10 $Category = 1; 11 $CategoryName = ''; 12 if(array_key_exists('category', $_GET)) $_POST['category'] = $_GET['category']; 13 if(array_key_exists('category', $_POST)) 2 3 include_once('../global.php'); 4 5 class NewsPage extends Page 14 6 { 15 $Category = $_POST['category']; 16 $DbResult = $Database->select('news_category', '*', 'id='.$_POST['category']); 17 if($DbResult->num_rows > 0) 7 var $FullTitle = 'Aktualní informace'; 8 var $ShortTitle = 'Aktuality'; 9 var $UploadedFilesFolder = 'uploads/'; 10 11 function Show() 18 12 { 19 $Row = $DbResult->fetch_array(); 20 $CategoryName = $Row['caption']; 21 $Permission = $Row['permission']; 22 } 23 } 24 25 if(!array_key_exists('action',$_GET)) $_GET['action'] = ''; 26 switch(addslashes($_GET['action'])) 27 { 28 case 'add': 29 echo('<strong>Vložení aktuality do kategorie '.$CategoryName.':</strong><br>'); 30 if($Category == 2) echo('U inzerátů uvádějte co nejvíce informací ať případný zájemce víc co kupuje. Uvádějte kontaktní pdaje jako Jméno, email, tel. číslo, ICQ. Dále navrženou cenu, detajlní popis předmětu nejlépe s odkazem na stránky výrobce. Pokud váš inzerát není platný, připište do něj např. Prodáno pomocí editace.'); 31 echo('<form enctype="multipart/form-data" action="index.php?action=add2" method="post">'. 32 '<input type="hidden" value="'.$Category.'" name="category">'. 33 'Nadpis:<br><input type="text" size="54" name="title"><br> 34 Autor:<br><input type="text" size="54" name="author"><br> 35 Obsah:<br><textarea name="content" rows="20" cols="40"></textarea><br> 36 Přílohy(Max. velikost souboru 1 MB):<br><input type="hidden" name="MAX_FILE_SIZE" value="1000000"> 37 <input name="enclosure1" size="38" type="file"><br> 38 <input name="enclosure2" size="38" type="file"><br> 39 <input name="enclosure3" size="38" type="file"><br> 40 <input type="submit" value="Vložit"> 41 </form>'); 42 break; 43 case 'add2': 44 $RemoteAddr = GetRemoteAddress(); 45 $_POST['category'] = $_POST['category'] * 1; 46 if($Permission == 1) 47 { 48 49 //print_r($_FILES); 50 // Process uploaded file 51 $EnclosureFileNames = array('enclosure1', 'enclosure2', 'enclosure3'); 52 $Enclosures = ''; 53 foreach($EnclosureFileNames as $EnclosureName) 54 if(array_key_exists($EnclosureName, $_FILES) and ($_FILES[$EnclosureName]['name'] != '')) 55 { 56 57 $UploadedFilePath = $UploadedFilesFolder.basename($_FILES[$EnclosureName]['name']); 58 if(move_uploaded_file($_FILES[$EnclosureName]['tmp_name'], $UploadedFilePath)) 59 { 60 echo("Soubor ".basename($_FILES[$EnclosureName]['name'])." byl uložen na serveru.<br>"); 61 $Enclosures = $Enclosures.';'.basename($_FILES[$EnclosureName]['name']); 62 } else 63 { 64 echo("Soubor ".basename($_FILES[$EnclosureName]['name'])." se nepodařilo nahrát na server.<br>"); 65 } 66 } 67 $Enclosures = substr($Enclosures, 1); 68 69 $_POST['content'] = str_replace("\n",'<br>',$_POST['content']); 70 $Database->insert('news',array('category' => $_POST['category'], 'author' => $_POST['author'], 'title' => $_POST['title'], 'content' => $_POST['content'], 71 'date' => 'NOW()', 'ip' => $RemoteAddr, 'enclosure' => $Enclosures)); 72 echo('Aktualita přidána!<br>Pokud budete chtít vaši aktualitu smazat, klikněte na odkaz Smazat v seznamu všech aktualit v kategorii.<br><br>'); 73 echo('<a href="index.php?category='.$_POST['category'].'">Zpět na seznam aktualit</a>'); 74 75 76 } else echo('Do této kategorie nelze vložit aktualitu!'); 77 break; 78 case 'edit': 79 $DbResult = $Database->query('SELECT * FROM news WHERE id='.$_GET['id']); 80 $Row = $DbResult->fetch_array(); 81 if($Row['ip'] == GetRemoteAddress()) 82 { 83 $Row['content'] = str_replace('<br>', "", $Row['content']); 84 echo('<strong>Editace aktuality v kategorii '.$CategoryName.':</strong><br>'); 85 echo('<form action="index.php?action=update" method="post">'. 86 '<input type="hidden" value="'.$_GET['id'].'" name="id">'. 87 'Nadpis:<br><input type="text" size="54" name="title" value="'.$Row['title'].'"><br>'. 88 'Autor:<br><input type="text" size="54" name="author" value="'.$Row['author'].'"><br>'. 89 'Obsah:<br><textarea name="content" rows="20" cols="40">'.$Row['content'].'</textarea><br>'. 90 '<input type="hidden" name="category" value="'.$_GET['category'].'"><br>'. 91 '<input type="submit" value="Uložit">'. 92 '</form>'); 93 } else echo('Nepovolená operace!'); 94 break; 95 case 'update': 96 $RemoteAddr = GetRemoteAddress(); 97 $_POST['id'] = $_POST['id'] * 1; 98 $DbResult = $Database->select('news','ip','id='.$_POST['id']); 99 if($DbResult->num_rows > 0) 13 $Output = ''; 14 $Category = 1; 15 $CategoryName = ''; 16 if(array_key_exists('category', $_GET)) $Category = $_GET['category'] * 1; 17 if(array_key_exists('category', $_POST)) $Category = $_POST['category'] * 1; 18 $DbResult = $this->Database->select('news_category', '*', 'id='.$Category); 19 if($DbResult->num_rows > 0) 100 20 { 101 21 $Row = $DbResult->fetch_array(); 102 if($Row['ip'] == GetRemoteAddress()) 22 $CategoryName = $Row['caption']; 23 } 24 25 if(!array_key_exists('action',$_GET)) $_GET['action'] = ''; 26 switch($_GET['action']) 27 { 28 case 'view': 29 if(!$this->System->Modules['User']->CheckPermission('News', 'Display', 'Item')) $Output .= 'Nemáte oprávnění'; 30 else 31 { 32 if(array_key_exists('id', $_GET)) $Id = $_GET['id'] * 1; 33 $DbResult = $this->Database->query('SELECT `news`.*, `User`.`Name` FROM `news` LEFT JOIN `User` ON `User`.`Id`=`news`.`User` WHERE `news`.`id`='.$Id); 34 if($DbResult->num_rows > 0) 35 { 36 $Row = $DbResult->fetch_array(); 37 $Output .= '<div style="border: thin dotted #97ADFF; background: #F6F7FF; margin-top: 5px; padding: 0px 5px 5px 5px;"><div style="padding-bottom: 1px; border-bottom-width: 1; border-bottom-style: solid; border-bottom-color: silver;"><strong>'.$Row['title'].' ('.HumanDate($Row['date']).', '.$Row['Name'].$Row['author'].')</strong>'; 38 if($this->System->Modules['User']->User['Id'] == $Row['User']) 39 { 40 $Output .= ' <a href="index.php?action=del&category='.$Category.'&id='.$Row['id'].'">Smazat</a>'; 41 $Output .= ' <a href="index.php?action=edit&category='.$Category.'&id='.$Row['id'].'">Editovat</a>'; 42 } 43 $Output .= '</div>'.$Row['content'].'<br />'; 44 if($Row['enclosure'] != '') 45 { 46 $Output .= '<br />Přílohy: '; 47 $Enclosures = explode(';', $Row['enclosure']); 48 foreach($Enclosures as $Enclosure) 49 { 50 if(file_exists($this->UploadedFilesFolder.$Enclosure)) $Output .= ' <a href="'.$this->UploadedFilesFolder.$Enclosure.'">'.$Enclosure.'</a>'; 51 } 52 } 53 $Output .= '</div>'; 54 } else $Output .= 'Položka nenalezena.'; 55 } 56 break; 57 case 'add': 58 $Output .= '<strong>Vložení nové aktuality:</strong><br />'; 59 if($Category == 2) $Output .= 'U inzerátů uvádějte co nejvíce informací ať případný zájemce ví co kupuje. Uvádějte kontaktní údaje jako Jméno, email, tel. číslo, ICQ. Dále navrženou cenu, detajlní popis předmětu nejlépe s odkazem na stránky výrobce. Pokud váš inzerát již není platný, připište do něj např. "Prodáno" pomocí editace.'; 60 $Output .= '<form enctype="multipart/form-data" action="?action=add2" method="post">'. 61 'Kategorie: <select name="category">'; 62 $DbResult = $this->Database->select('news_category', '*'); 63 while($DbRow = $DbResult->fetch_array()) 64 { 65 if($this->System->Modules['User']->CheckPermission('News', 'Insert', 'Group', $DbRow['id'])) 103 66 { 104 $_POST['content'] = str_replace("\n",'<br>',$_POST['content']); 105 $Database->update('news','id='.$_POST['id'], array('author' => $_POST['author'], 'title' => $_POST['title'], 'content' => $_POST['content'])); 106 echo('Aktualita uložena!<br>'); 107 echo('<a href="index.php?category='.$_POST['category'].'">Zpět na seznam aktualit</a>'); 108 } else echo('Nelze měnit cizí aktualitu!<br>'); 109 } else echo('ID nenalezeno!'); 110 break; 111 case 'del': 112 $DbResult = $Database->query('SELECT * FROM news WHERE id='.$_GET['id']); 113 $Row = $DbResult->fetch_array(); 114 if($Row['ip'] == GetRemoteAddress()) 115 { 116 if($Row['enclosure'] != '') 117 { 118 echo('<br>Přílohy: '); 119 $Enclosures = explode(';', $Row['enclosure']); 67 if($DbRow['id'] == $Category) $Selected = ' selected="1"'; else $Selected = ''; 68 $Output .= '<option value="'.$DbRow['id'].'"'.$Selected.'>'.$DbRow['caption'].'</option>'; 69 } 70 } 71 $Output .= '</select><br />'. 72 'Nadpis:<br /><input type="text" size="54" name="title"><br /> 73 Obsah:<br /><textarea name="content" rows="20" cols="40"></textarea><br /> 74 Přílohy (Max. velikost souboru 1 MB):<br /><input type="hidden" name="MAX_FILE_SIZE" value="1000000"> 75 <input name="enclosure1" size="38" type="file"><br /> 76 <input name="enclosure2" size="38" type="file"><br /> 77 <input name="enclosure3" size="38" type="file"><br /> 78 <input type="submit" value="Vložit"> 79 </form>'; 80 break; 81 case 'add2': 82 $RemoteAddr = GetRemoteAddress(); 83 if($this->System->Modules['User']->CheckPermission('News', 'Insert', 'Group', $Category)) 84 { 85 //print_r($_FILES); 86 // Process uploaded file 87 $EnclosureFileNames = array('enclosure1', 'enclosure2', 'enclosure3'); 88 $Enclosures = ''; 89 foreach($EnclosureFileNames as $EnclosureName) 90 if(array_key_exists($EnclosureName, $_FILES) and ($_FILES[$EnclosureName]['name'] != '')) 91 { 92 $UploadedFilePath = $this->UploadedFilesFolder.basename($_FILES[$EnclosureName]['name']); 93 if(move_uploaded_file($_FILES[$EnclosureName]['tmp_name'], $UploadedFilePath)) 94 { 95 $Output .= "Soubor ".basename($_FILES[$EnclosureName]['name'])." byl uložen na serveru.<br />"; 96 $Enclosures = $Enclosures.';'.basename($_FILES[$EnclosureName]['name']); 97 } else 98 { 99 $Output .= "Soubor ".basename($_FILES[$EnclosureName]['name'])." se nepodařilo nahrát na server.<br />"; 100 } 101 } 102 $Enclosures = substr($Enclosures, 1); 103 104 $_POST['content'] = str_replace("\n",'<br />',$_POST['content']); 105 $this->Database->insert('news',array('category' => $Category, 'title' => $_POST['title'], 'content' => $_POST['content'], 'date' => 'NOW()', 'ip' => $RemoteAddr, 'enclosure' => $Enclosures, 'User' => $this->System->Modules['User']->User['Id'])); 106 $Output .= 'Aktualita přidána!<br />Pokud budete chtít vaši aktualitu smazat, klikněte na odkaz Smazat v seznamu všech aktualit v kategorii.<br /><br />'; 107 $Output .= '<a href="index.php?category='.$_POST['category'].'">Zpět na seznam aktualit</a>'; 108 $this->System->Modules['Log']->NewRecord('News', 'Aktualita přidána', $this->Database->insert_id); 109 } else $Output .= 'Do této kategorie nemůžete vkládat aktuality!'; 110 break; 111 case 'edit': 112 $DbResult = $this->Database->query('SELECT * FROM news WHERE id='.$_GET['id']); 113 $Row = $DbResult->fetch_array(); 114 if($this->System->Modules['User']->User['Id'] == $Row['User']) 115 { 116 $Row['content'] = str_replace('<br />', "", $Row['content']); 117 $Output .= '<strong>Editace aktuality v kategorii '.$CategoryName.':</strong><br />'; 118 $Output .= '<form action="index.php?action=update" method="post">'. 119 '<input type="hidden" value="'.$_GET['id'].'" name="id">'. 120 'Nadpis:<br /><input type="text" size="54" name="title" value="'.$Row['title'].'"><br />'. 121 'Obsah:<br /><textarea name="content" rows="20" cols="40">'.$Row['content'].'</textarea><br />'. 122 '<input type="hidden" name="category" value="'.$Category.'"><br />'. 123 '<input type="submit" value="Uložit">'. 124 '</form>'; 125 } else $Output .= 'Nepovolená operace!'; 126 break; 127 case 'update': 128 $RemoteAddr = GetRemoteAddress(); 129 $_POST['id'] = $_POST['id'] * 1; 130 $DbResult = $this->Database->select('news', '*', 'id='.$_POST['id']); 131 if($DbResult->num_rows > 0) 132 { 133 $Row = $DbResult->fetch_array(); 134 if($this->System->Modules['User']->User['Id'] == $Row['User']) 135 { 136 $_POST['content'] = str_replace("\n",'<br />',$_POST['content']); 137 $this->Database->update('news', 'id='.$_POST['id'], array('title' => $_POST['title'], 'content' => $_POST['content'])); 138 $Output .= 'Aktualita uložena!<br />'; 139 $Output .= '<a href="index.php?category='.$Category.'">Zpět na seznam aktualit</a>'; 140 } else $Output .= 'Nelze měnit cizí aktualitu!<br />'; 141 } else $Output .= 'ID nenalezeno!'; 142 break; 143 case 'del': 144 $DbResult = $this->Database->query('SELECT * FROM news WHERE id='.$_GET['id']); 145 $Row = $DbResult->fetch_array(); 146 if($this->System->Modules['User']->User['Id'] == $Row['User']) 147 { 148 if($Row['enclosure'] != '') 149 { 150 $Output .= '<br />Přílohy: '; 151 $Enclosures = explode(';', $Row['enclosure']); 152 foreach($Enclosures as $Enclosure) 153 { 154 if(file_exists($this->UploadedFilesFolder.$Enclosure)) unlink($this->UploadedFilesFolder.$Enclosure); 155 } 156 } 157 $this->Database->query('DELETE FROM news WHERE id='.$_GET['id']); 158 $Output .= 'Aktualita smazána!<br /><a href="index.php?category='.$Category.'">Zpět na seznam aktualit</a>'; 159 } else $Output .= 'Nemáte oprávnění.'; 160 break; 161 default: 162 if($this->System->Modules['User']->CheckPermission('News', 'Display', 'Group', $Category)) 163 { 164 $PerPage = 20; 165 $DbResult = $this->Database->select('news', 'COUNT(*)', ' category='.$Category); 166 $RowTotal = $DbResult->fetch_array(); 167 $PageMax = $RowTotal[0]; 168 if(array_key_exists('page', $_GET)) $Page = $_GET['page']; else $Page = 0; //round($PageMax/$PerPage); 169 $Output .= '<strong>Seznam aktualit kategorie '.$CategoryName.':</strong><div style="font-size: small;">'; 170 $Output .= PagesList('?category='.$Category.'&page=',$Page,$PageMax,$PerPage); 171 172 //echo(GetRemoteAddress().','.$_SERVER['HTTP_X_FORWARDED_FOR'].'<br />'); 173 $DbResult = $this->Database->query('SELECT `news`.*, `User`.`Name` FROM `news` LEFT JOIN `User` ON `User`.`Id`=`news`.`User` WHERE `category`='.$Category.' ORDER BY `news`.`id` DESC LIMIT '.($Page * $PerPage).','.$PerPage); 174 while($Row = $DbResult->fetch_array()) 175 { 176 $Output .= '<div style="border: thin dotted #97ADFF; background: #F6F7FF; margin-top: 5px; padding: 0px 5px 5px 5px;"><div style="padding-bottom: 1px; border-bottom-width: 1; border-bottom-style: solid; border-bottom-color: silver;"><strong><a href="?action=view&id='.$Row['id'].'">'.$Row['title'].'</a> ('.HumanDate($Row['date']).', '.$Row['Name'].$Row['author'].')</strong>'; 177 if($this->System->Modules['User']->User['Id'] == $Row['User']) 178 { 179 $Output .= ' <a href="index.php?action=del&category='.$Category.'&id='.$Row['id'].'">Smazat</a>'; 180 $Output .= ' <a href="index.php?action=edit&category='.$Category.'&id='.$Row['id'].'">Editovat</a>'; 181 } 182 $Output .= '</div>'.$Row['content'].'<br />'; 183 if($Row['enclosure'] != '') 184 { 185 $Output .= '<br />Přílohy: '; 186 $Enclosures = explode(';', $Row['enclosure']); 120 187 foreach($Enclosures as $Enclosure) 121 {122 if(file_exists($ UploadedFilesFolder.$Enclosure)) unlink($UploadedFilesFolder.$Enclosure);188 { 189 if(file_exists($this->UploadedFilesFolder.$Enclosure)) $Output .= ' <a href="'.$this->UploadedFilesFolder.$Enclosure.'">'.$Enclosure.'</a>'; 123 190 } 124 } 125 126 $Database->query('DELETE FROM news WHERE id='.$_GET['id']); 127 echo('Aktualita smazána!<br><a href="index.php?category='.$_GET['category'].'">Zpět na seznam aktualit</a>'); 191 } 192 $Output .= '</div>'; 193 } 194 $Output .= PagesList('?category='.$Category.'&page=', $Page, $PageMax, $PerPage); 195 $Output .= '</div>'; 196 } else $Output .= 'Nemáte oprávnění.'; 128 197 } 129 break; 130 default: 131 $PerPage = 20; 132 $DbResult = $Database->select('news','COUNT(*)',' category='.$Category); 133 $RowTotal = $DbResult->fetch_array(); 134 $PageMax = $RowTotal[0]; 135 if(array_key_exists('page', $_GET)) $Page = $_GET['page']; else $Page = 0; //round($PageMax/$PerPage); 136 echo('<strong>Seznam aktualit kategorie '.$CategoryName.':</strong><div style="font-size: small;">'); 137 echo(PagesList('?category='.$Category.'&page=',$Page,$PageMax,$PerPage)); 138 139 //echo(GetRemoteAddress().','.$_SERVER['HTTP_X_FORWARDED_FOR'].'<br>'); 140 $DbResult = $Database->query('SELECT * FROM news WHERE category='.$Category.' ORDER BY id DESC LIMIT '.$Page*$PerPage.','.$PerPage); 141 while($Row = $DbResult->fetch_array()) 142 { 143 echo('<div style="border: thin dotted #97ADFF; background: #F6F7FF; margin-top: 5px; padding: 0px 5px 5px 5px;">'. 144 '<div style="padding-bottom: 1px; border-bottom-width: 1; border-bottom-style: solid; border-bottom-color: silver;"><strong>'.$Row['title'].' ('.HumanDate($Row['date']).', '.$Row['author'].')</strong>'); 145 if($Row['ip'] == GetRemoteAddress()) 146 { 147 echo(' <a href="index.php?action=del&category='.$Category.'&id='.$Row['id'].'">Smazat</a>'); 148 echo(' <a href="index.php?action=edit&category='.$Category.'&id='.$Row['id'].'">Editovat</a>'); 149 } 150 echo('</div>'.$Row['content'].'<br>'); 151 if($Row['enclosure'] != '') 152 { 153 echo('<br>Přílohy: '); 154 $Enclosures = explode(';', $Row['enclosure']); 155 foreach($Enclosures as $Enclosure) 156 { 157 if(file_exists($UploadedFilesFolder.$Enclosure)) echo(' <a href="'.$UploadedFilesFolder.$Enclosure.'">'.$Enclosure.'</a>'); 158 } 159 } 160 echo('</div>'); 161 } 162 echo(PagesList('?category='.$Category.'&page=',$Page,$PageMax,$PerPage)); 163 echo('</div>'); 198 return($Output); 199 } 164 200 } 165 ShowFooter(); 201 202 $System->AddModule(new NewsPage()); 203 $System->Modules['NewsPage']->GetOutput(); 204 166 205 ?>
Note:
See TracChangeset
for help on using the changeset viewer.
