PageRenderTime 50ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/module/forum/admin/index.php

https://bitbucket.org/rafalwolak/cms2u
PHP | 199 lines | 154 code | 30 blank | 15 comment | 17 complexity | 6b1b8b4507c07904e61de3f580d98428 MD5 | raw file
Possible License(s): AGPL-3.0 
    

  1. <?php

    2. 

  2. /**

    3. 

  3. * Module Forum

    4. 

  4. * 

    5. 

  5. * @link	   http://www.cms.woli.pl/ CMS WOLI

    6. 

  6. * @author  Rafal Wolak <rafal.wolak@woli.pl>

    7. 

  7. * @license http://creativecommons.org/licenses/by/2.5/pl/ 

    8. 

  8.            Creative Commons Uznanie autorstwa 2.5

    9. 

  9. * @package module

    10. 

  10. */

    11. 

  11. 

    12. 

  12. /**

    13. 

  13. */

    14. 

  14. define('IN_SITE', true);

    15. 

  15. $phpEx = substr(strrchr(__FILE__, '.'), 1);

    16. 

  16. 

    17. 

  17. 

    18. 

  18. // Za?adowanie pliku konfiguracyjnego

    19. 

  19. if (!defined('IS_INSTALLED')) 

    20. 

  20. {

    21. 

  21.     require_once '../../inc/config.' . $phpEx;

    22. 

  22. }

    23. 

  23. require_once ROOT_DIR . 'inc/common.' . $phpEx;

    24. 

  24. require_once ROOT_DIR . 'inc/init.' . $phpEx;

    25. 

  25. 

    26. 

  26. 

    27. 

  27. /**

    28. 

  28. * Komentarze

    29. 

  29. */

    30. 

  30. if (!isset($_GET['o']))

    31. 

  31. {

    32. 

  32. 	if (request_var('go', 'false') == 'true') 

    33. 

  33. 	{

    34. 

  34. 		$postid = $_POST['postid'];

    35. 

  35. 		$rate = $_POST['rate'];

    36. 

  36. 		

    37. 

  37. 		for ($i = 0, $end = count($postid); $i < $end; $i++) 

    38. 

  38. 		{

    39. 

  39. 			$sql = 'UPDATE ' . $prefix . '_forum_post 

    40. 

  40. 				SET post_active="' . request_var('active-' . $postid[$i], 0) . '", 

    41. 

  41. 					post_rate="' . $rate[$i]. '" 

    42. 

  42. 				WHERE post_id="' . (int) $postid[$i] . '"';

    43. 

  43. 			$db->sql_query($sql);

    44. 

  44. 		}

    45. 

  45. 		

    46. 

  46. 		header('Location: ' . request_url());

    47. 

  47. 		exit;

    48. 

  48. 	}

    49. 

  49. 	else 

    50. 

  50. 	{

    51. 

  51. 		$pag['onsite'] = 20;

    52. 

  52. 		$userid = request_var('userid', 0);

    53. 

  53. 				

    54. 

  54. 		$sql = 'SELECT post_id 

    55. 

  55. 		    FROM ' . $prefix . '_forum_post';

    56. 

  56. 		$result = $db->sql_query($sql);

    57. 

  57. 		$pag['num']	= $db->sql_numrows($result);

    58. 

  58. 		$db->sql_freeresult($result);

    59. 

  59. 		

    60. 

  60. 		$smarty->assign('num', $pag['num']);

    61. 

  61. 			  

    62. 

  62. 			  

    63. 

  63. 		$sql = 'SELECT * 

    64. 

  64. 		    FROM ' . $prefix . '_forum_post 

    65. 

  65. 			ORDER BY post_adddate DESC 

    66. 

  66. 			LIMIT ' . (int) $pag['start'] . ', ' . (int) $pag['onsite'];

    67. 

  67. 		$result = $db->sql_query($sql);

    68. 

  68. 			

    69. 

  69. 		$lp = $pag['start'] + 1;	

    70. 

  70. 		while ($row = $db->sql_fetchrow($result))

    71. 

  71. 		{

    72. 

  72. 			$value[] = array(

    73. 

  73. 				'id' => $row['post_id'], 

    74. 

  74. 				'url' => $mod_forum->_url($row['post_id']), 

    75. 

  75. 				'title' => $row['post_title'], 

    76. 

  76. 				'text' => htmlspecialchars_decode($row['post_text'], ENT_QUOTES), 

    77. 

  77. 				'userid' => $row['post_userid'],

    78. 

  78. 				'username' => ($row['post_userid'] > 0) ? $user->username($row['post_userid']) : $row['post_username'],

    79. 

  79. 				'email' => $row['post_useremail'],

    80. 

  80. 				'ip' => $row['post_userip'],

    81. 

  81. 				'host' => $row['post_userhost'], 

    82. 

  82. 				'adddate' => $date->view($row['post_adddate'], '|d.m.Y \o H:i|', false),

    83. 

  83. 				'active' => $row['post_active'],

    84. 

  84. 				'rate' => $row['post_rate'],

    85. 

  85. 				'isbanuserid' => $core->is_ban($row['post_userid'], 'userid', 'text'), 

    86. 

  86. 				'isbanip' => $core->is_ban($row['post_userip'], 'ip', 'text'), 

    87. 

  87. 				'isbanemail' => $core->is_ban($row['post_useremail'], 'email', 'text'), 

    88. 

  88. 				'baniduserid' => $core->is_ban($row['post_userid'], 'userid', 'id'), 

    89. 

  89. 				'banidip' => $core->is_ban($row['post_userip'], 'ip', 'id'), 

    90. 

  90. 				'banidemail' => $core->is_ban($row['post_useremail'], 'email', 'id'), 

    91. 

  91. 				'lp' => $lp

    92. 

  92. 			);

    93. 

  93. 			

    94. 

  94. 			$lp++;

    95. 

  95. 		}	

    96. 

  96. 		

    97. 

  97. 		$db->sql_freeresult($result);		

    98. 

  98. 		

    99. 

  99. 		$smarty->assign('value', $value);

    100. 

  100. 				

    101. 

  101. 		if ($pag['num'] > 0)

    102. 

  102. 			$smarty->assign('pagination', ($pag['num'] > 0) ? pag(append_sid(SITE_URL . 'admin/?q=' . request_var('q', '') . '&p=#')) : '');

    103. 

  103. 	}

    104. 

  104. }

    105. 

  105. else

    106. 

  106. {

    107. 

  107. 	switch (request_var('w', 'error'))

    108. 

  108. 	{

    109. 

  109. 		case 'edit':

    110. 

  110. 		

    111. 

  111. 			if (request_var('go', 'false') == 'true')

    112. 

  112. 			{

    113. 

  113. 				$sql = 'UPDATE ' . $prefix . '_forum_post  

    114. 

  114. 					SET post_title="' . request_var('title', '') . '", 

    115. 

  115. 				   		post_text="' . request_var('text', '') . '", 

    116. 

  116. 				   		post_moddate="' . time() . '", 

    117. 

  117. 						post_active="' . request_var('active', 0) . '" 

    118. 

  118. 					WHERE ad_id="' . (int) request_var('id', 0) . '"';

    119. 

  119. 									

    120. 

  120. 	            if ($db->sql_query($sql))

    121. 

  121. 	            {

    122. 

  122. 	            	$msg = array(

    123. 

  123. 	                	'text' => '<strong>' . lang('GLOBAL: CONGRATULATIONS') . '</strong> ' . lang('GLOBAL: OPTIONS HAVE BEEN SAVED'), 

    124. 

  124. 		                'url' => SITE_URL . '?q=' . request_var('q', '') . '&o=ad', 

    125. 

  125. 		                'time' => 2

    126. 

  126. 					);

    127. 

  127. 	            }

    128. 

  128. 	        	else

    129. 

  129. 	            {

    130. 

  130. 	            	$msg = array(

    131. 

  131. 	                	'text' => '<strong>' . lang('GLOBAL: ATTENTION') . '</strong> ' . lang('GLOBAL: FAILED TO SAVE OPTIONS'), 

    132. 

  132. 		                'url' => request_url(), 

    133. 

  133. 		                'time' => 5

    134. 

  134. 					);

    135. 

  135. 	            }

    136. 

  136. 				

    137. 

  137. 				$smarty->assign('msg', $msg);

    138. 

  138. 			}

    139. 

  139. 			else

    140. 

  140. 			{

    141. 

  141. 				$sql = 'SELECT post_id, post_title, post_text, post_active  

    142. 

  142. 					FROM ' . $prefix . '_forum_post 

    143. 

  143. 					WHERE post_id="' . (int) request_var('id', 0) . '"';

    144. 

  144. 		        $result = $db->sql_query($sql);

    145. 

  145. 							

    146. 

  146. 		        while ($row = $db->sql_fetchrow($result))

    147. 

  147. 		        {

    148. 

  148. 		        	$edit = array(

    149. 

  149. 		            	'id' => $row['post_id'], 

    150. 

  150. 						'title' => $row['post_title'], 

    151. 

  151. 						'text' => $row['post_text'], 

    152. 

  152. 			            'active' => $row['post_active']

    153. 

  153. 					);

    154. 

  154. 		        }

    155. 

  155. 				

    156. 

  156. 		        $db->sql_freeresult($result);

    157. 

  157. 				

    158. 

  158. 		        $smarty->assign('edit', $edit);

    159. 

  159. 			}

    160. 

  160. 			

    161. 

  161. 			break;

    162. 

  162. 	

    163. 

  163. 		case 'del':

    164. 

  164. 		

    165. 

  165. 			if (request_var('go', 'false') == 'true') 

    166. 

  166. 			{

    167. 

  167. 				$sql = 'DELETE 

    168. 

  168. 					FROM ' . $prefix . '_forum_post 

    169. 

  169. 					WHERE post_id="' . (int) request_var('id', 0) . '"';

    170. 

  170. 					

    171. 

  171. 				if ($db->sql_query($sql)) 

    172. 

  172. 				{

    173. 

  173. 					$msg = array(

    174. 

  174. 						'text' => '<strong>Gratulacje!</strong> Dane zosta?y usuni?te.' . $msetext,

    175. 

  175. 						'url' => SITE_URL . '?q=' . request_var('q', ''), 

    176. 

  176. 						'time' => 5

    177. 

  177. 					);

    178. 

  178. 				} 

    179. 

  179. 				else 

    180. 

  180. 				{

    181. 

  181. 					$msg = array(

    182. 

  182. 						'text' => '<strong>Uwaga!</strong> Dane nie zosta3y usuni?te.', 

    183. 

  183. 						'url' => request_url(), 

    184. 

  184. 						'time' => 5

    185. 

  185. 					);

    186. 

  186. 				}

    187. 

  187. 				

    188. 

  188. 				$smarty->assign('msg', $msg);

    189. 

  189. 			}

    190. 

  190. 			

    191. 

  191. 			break;

    192. 

  192. 	}

    193. 

  193. }

    194. 

  194. 

    195. 

  195. 

    196. 

  196. $smarty->caching = 0;

    197. 

  197. $cache_lifetime = 0;

    198. 

  198. $smarty->display(template('admin/index', 'mod', 'forum'), $my_cache_id);

    199. 

  199. ?>
    200.