Context Navigation

← Previous Revision
Next Revision →
Blame
Revision Log

News.php

Last change on this file was 901, checked in by chronos, 14 months ago
Fixed: More integer URL parameters checking. Modified: More explicit function types.
File size: 7.3 KB

Line
1	<?php
2
3	include_once(dirname(__FILE__).'/RSS.php');
4
5	class ModuleNews extends Module
6	{
7	public array $RSSChannels;
8	public array $RSSChannelsPos;
9
10	function __construct(System $System)
11	{
12	parent::__construct($System);
13	$this->Name = 'News';
14	$this->Version = '1.0';
15	$this->Creator = 'Chronos';
16	$this->License = 'GNU/GPL';
17	$this->Description = 'Web site annoucements management';
18	$this->Dependencies = array();
19	$this->RSSChannels = array();
20	}
21
22	function DoStart(): void
23	{
24	$this->System->RegisterPage(['news'], 'PageNews');
25	$this->System->RegisterPage(['rss'], 'PageRSS');
26	$this->RegisterRSS(array('Title' => T('News'), 'Channel' => 'news',
27	'Callback' => array('PageNews', 'ShowRSS'), 'Permission' => LICENCE_ANONYMOUS));
28	Core::Cast($this->System)->RegisterPageHeader('New', array($this, 'ShowRSSHeader'));
29	}
30
31	function ShowBox()
32	{
33	$Count = 10;
34	$Output = '<strong><a href="'.$this->System->Link('/news/').'">'.T('News').':</a></strong>'.
35	'<div class="box"><div class="NewsBox">';
36	$DbResult = $this->Database->query('SELECT `News`.`Time`, `User`.`Name`, `News`.`Text`,`News`.`Title`, `News`.`Id` '.
37	' FROM `News` JOIN `User` ON `User`.`ID` = `News`.`User` ORDER BY `Time` DESC LIMIT '.$Count);
38	while ($DbRow = $DbResult->fetch_assoc())
39	{
40	$Output .= '<h4><a href="'.$this->System->Link('/news/?a=item&i='.$DbRow['Id']).'">'.$DbRow['Title'].'</a> ('.HumanDate($DbRow['Time']).')</h4>'.
41	'<div>'.$DbRow['Text'].' ('.$DbRow['Name'].')</div>';
42	}
43	$Output .= '</div></div>';
44	return $Output;
45	}
46
47	function RegisterRSS($Channel, $Pos = NULL, $Callback = NULL)
48	{
49	$this->RSSChannels[$Channel['Channel']] = $Channel;
50
51	if (is_null($Pos)) $this->RSSChannelsPos[] = $Channel['Channel'];
52	else {
53	array_splice($this->RSSChannelsPos, $Pos, 0, $Channel['Channel']);
54	}
55	}
56
57	function ShowRSSHeader()
58	{
59	$User = ModuleUser::Cast($this->System->GetModule('User'))->User;
60	$Output = '';
61	foreach ($this->RSSChannels as $Channel)
62	{
63	if ($User->Licence($Channel['Permission']))
64	$Output .= ' <link rel="alternate" title="'.$Channel['Title'].'" href="'.
65	$this->System->Link('/rss/?channel='.$Channel['Channel']).'" type="application/rss+xml" />';
66	}
67	return $Output;
68	}
69	}
70
71	class PageNews extends Page
72	{
73	function Show(): string
74	{
75	$this->Title = T('News');
76	if (array_key_exists('a', $_POST)) $Action = $_POST['a'];
77	else if (array_key_exists('a', $_GET)) $Action = $_GET['a'];
78	else $Action = '';
79	if ($Action == 'add2') $Output = $this->SaveNew();
80	else if ($Action == 'add') $Output = $this->ShowAddForm();
81	else if ($Action == 'item') $Output = $this->ShowItem();
82	else $Output = $this->ShowList();
83	return $Output;
84	}
85
86	function ShowList()
87	{
88	$User = ModuleUser::Cast($this->System->GetModule('User'))->User;
89	$DbResult = $this->System->Database->query('SELECT COUNT(*) FROM `News`');
90	$DbRow = $DbResult->fetch_row();
91	$PageList = GetPageList($DbRow[0]);
92
93	$Output = '<h3>'.T('News').'</h3>';
94	if ($User->Licence(LICENCE_ADMIN))
95	$Output .= ' <a href="?a=add">'.T('Add').'</a>';
96	$Output .= $PageList['Output'];
97	$Output .= '<div class="shoutbox">';
98	$DbResult = $this->System->Database->query('SELECT `News`.`Time`, `News`.`Text`, `News`.`Title`, `News`.`Id`, '.
99	'`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` ORDER BY `News`.`Time` DESC '.$PageList['SQLLimit']);
100	while ($Line = $DbResult->fetch_assoc())
101	{
102	$Output .= '<h4><a href="?a=item&i='.$Line['Id'].'">'.$Line['Title'].'</a> ('.HumanDate($Line['Time']).')</h4><div>'.$Line['Text'].' ('.$Line['User'].')</div>';
103	}
104	$Output .= '</div>'.$PageList['Output'];
105	return $Output;
106	}
107
108	function ShowItem()
109	{
110	$Id = 0;
111	if (TryGetUrlParameterInt('i', $Id))
112	{
113	$Output = '<h3>'.T('News').'</h3>';
114	$DbResult = $this->System->Database->query('SELECT `News`.`Time`, `News`.`Text`, `News`.`Title`, `News`.`Id`, '.
115	'`User`.`Name` AS `User` FROM `News` JOIN `User` ON `User`.`Id`=`News`.`User` WHERE `News`.`Id` = '.$Id);
116	if ($DbResult->num_rows == 1)
117	{
118	$Line = $DbResult->fetch_assoc();
119	$Output .= '<h4>'.$Line['Title'].' ('.HumanDate($Line['Time']).')</h4><div>'.$Line['Text'].' ('.$Line['User'].')</div>';
120	} else $Output = ShowMessage(T('Item not found'), MESSAGE_CRITICAL);
121	} else $Output = ShowMessage(T('Id not valid'), MESSAGE_CRITICAL);
122	$Output .= '<br/><a href="'.$this->System->Link('/news/').'">'.T('All news').'</a>';
123	return $Output;
124	}
125
126	function ShowAddForm()
127	{
128	$User = ModuleUser::Cast($this->System->GetModule('User'))->User;
129	if ($User->Licence(LICENCE_ADMIN))
130	{
131	$Output = '<form action="?" method="POST">'.
132	'<fieldset><legend>'.T('New news').'</legend>'.
133	T('User').': '.$User->Name.'('.$User->Id.')<br/> '.
134	T('Title').': <input type="text" name="title" size="40"/><br/>'.
135	T('Content').': <textarea rows="8" cols="40" onkeydown="ResizeTextArea(this)" class="textedit" id="Text" name="text"></textarea><br/>'.
136	'<input type="hidden" name="a" value="add2"/>'.
137	'<input type="submit" value="'.T('Save').'"/><br/></fieldset>'.
138	'</form>';
139	} else $Output = ShowMessage(T('Access denied'), MESSAGE_CRITICAL);
140	$Output .= $this->ShowList();
141	return $Output;
142	}
143
144	function SaveNew()
145	{
146	$User = ModuleUser::Cast($this->System->GetModule('User'))->User;
147	if ($User->Licence(LICENCE_ADMIN))
148	{
149	if (array_key_exists('text', $_POST) and array_key_exists('title', $_POST))
150	{
151	$querty = 'INSERT INTO `News` (`Title`, `Time` ,`User` ,`Text`) VALUES ( "'.$_POST['title'].'", NOW( ) , '.
152	$User->Id.', "'.$_POST['text'].'")';
153	$this->System->Database->query($querty);
154	$Output = ShowMessage(T('News added'));
155	$this->System->ModuleManager->Modules['Log']->WriteLog('Vložena nová aktualita', LOG_TYPE_ADMINISTRATION);
156	$Output .= $this->ShowList();
157	} else $Output = ShowMessage(T('Data not specified'), MESSAGE_CRITICAL);
158	} else $Output = ShowMessage(T('Access denied'), MESSAGE_CRITICAL);
159	return $Output;
160	}
161
162	function ShowRSS()
163	{
164	$Items = array();
165	$DbResult = $this->Database->query('SELECT UNIX_TIMESTAMP(`News`.`Time`) AS `UnixTime`, '.
166	'`News`.`Title`, `News`.`Time`, `User`.`Name`, `News`.`Text`, `News`.`Id` '.
167	'FROM `News` JOIN `User` ON `User`.`ID` = `News`.`User` ORDER BY `Time` DESC LIMIT 10');
168	while ($DbRow = $DbResult->fetch_assoc())
169	{
170	$Items[] = array
171	(
172	'Title' => $DbRow['Title'],
173	'Link' => 'https://'.Core::Cast($this->System)->Config['Web']['Host'].$this->System->Link('/news/?a=item&i='.$DbRow['Id']),
174	'Description' => $DbRow['Text'].' ('.$DbRow['Name'].')',
175	'Time' => $DbRow['UnixTime'],
176	);
177	}
178	$Output = GenerateRSS(array
179	(
180	'Title' => Core::Cast($this->System)->Config['Web']['Title'].' - '.T('System changes'),
181	'Link' => 'https://'.Core::Cast($this->System)->Config['Web']['Host'].$this->System->Link('/news/'),
182	'Description' => Core::Cast($this->System)->Config['Web']['Description'],
183	'WebmasterEmail' => Core::Cast($this->System)->Config['Web']['AdminEmail'],
184	'Items' => $Items,
185	));
186	return $Output;
187	}
188	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: trunk/Modules/News/News.php

Download in other formats: