PageRenderTime 56ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/Quản lý website đọc truyện online PHP/library/includes/edit.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 122 lines | 97 code | 5 blank | 20 comment | 24 complexity | 7c4663d844eba8e417cc1f7a776b93bf MD5 | raw file
  1. <?php
  2. /**
  3. * @package JohnCMS
  4. * @link http://johncms.com
  5. * @copyright Copyright (C) 2008-2011 JohnCMS Community
  6. * @license LICENSE.txt (see attached file)
  7. * @version VERSION.txt (see attached file)
  8. * @author http://johncms.com/about
  9. */
  10. defined('_IN_JOHNCMS') or die('Error: restricted access');
  11. if ($rights == 5 || $rights >= 6) {
  12. if ($_GET['id'] == "" || $_GET['id'] == "0") {
  13. echo "";
  14. require_once('../incfiles/end.php');
  15. exit;
  16. }
  17. $req = mysql_query("SELECT * FROM `lib` where `website` = '$website' AND `id` = '" . $id . "'");
  18. $ms = mysql_fetch_array($req);
  19. if (isset($_POST['submit'])) {
  20. switch ($ms['type']) {
  21. case "bk":
  22. ////////////////////////////////////////////////////////////
  23. // Сохраняем отредактированную статью //
  24. ////////////////////////////////////////////////////////////
  25. if (empty($_POST['name'])) {
  26. echo functions::display_error($lng['error_empty_title'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
  27. require_once('../incfiles/end.php');
  28. exit;
  29. }
  30. if (empty($_POST['text'])) {
  31. echo functions::display_error($lng['error_empty_text'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
  32. require_once('../incfiles/end.php');
  33. exit;
  34. }
  35. $text = trim($_POST['text']);
  36. $autor = isset($_POST['autor']) ? functions::check($_POST['autor']) : '';
  37. $count = isset($_POST['count']) ? abs(intval($_POST['count'])) : '0';
  38. if (!empty($_POST['anons'])) {
  39. $anons = mb_substr(trim($_POST['anons']), 0, 100);
  40. } else {
  41. $anons = mb_substr($text, 0, 100);
  42. }
  43. mysql_query("UPDATE `lib` SET
  44. `name` = '" . mysql_real_escape_string(mb_substr(trim($_POST['name']), 0, 100)) . "',
  45. `announce` = '" . mysql_real_escape_string($anons) . "',
  46. `text` = '" . mysql_real_escape_string($text) . "',
  47. `avtor` = '$autor',
  48. `count` = '$count'
  49. where `website` = '$website' AND `id` = '$id'
  50. ");
  51. header('location: index.php?id=' . $id);
  52. break;
  53. case "cat":
  54. ////////////////////////////////////////////////////////////
  55. // Сохраняем отредактированную категорию //
  56. ////////////////////////////////////////////////////////////
  57. $text = functions::check($_POST['text']);
  58. if (!empty($_POST['user'])) {
  59. $user = intval($_POST['user']);
  60. } else {
  61. $user = 0;
  62. }
  63. $mod = intval($_POST['mod']);
  64. mysql_query("UPDATE `lib` SET
  65. `text` = '" . $text . "',
  66. `ip` = '" . $mod . "',
  67. `soft` = '" . $user . "'
  68. where `website` = '$website' AND `id` = '" . $id . "'");
  69. header('location: index.php?id=' . $id);
  70. break;
  71. default :
  72. ////////////////////////////////////////////////////////////
  73. // Сохраняем отредактированный комментарий //
  74. ////////////////////////////////////////////////////////////
  75. $text = functions::check($_POST['text']);
  76. mysql_query("update `lib` set text='" . $text . "' where `website` = '$website' AND id='" . $id . "';");
  77. header("location: index.php?id=$ms[refid]");
  78. break;
  79. }
  80. } else {
  81. switch ($ms['type']) {
  82. case 'bk':
  83. ////////////////////////////////////////////////////////////
  84. // Форма редактирования статьи //
  85. ////////////////////////////////////////////////////////////
  86. echo '<div class="phdr"><b>' . $lng_lib['edit_article'] . '</b></div>' .
  87. '<form action="index.php?act=edit&amp;id=' . $id . '" method="post">' .
  88. '<div class="menu"><p><h3>' . $lng['title'] . '</h3><input type="text" name="name" value="' . htmlentities($ms['name'], ENT_QUOTES, 'UTF-8') . '"/></p>' .
  89. '<p><h3>' . $lng_lib['announce'] . '</h3><small>' . $lng_lib['announce_help'] . '</small><br/><input type="text" name="anons" value="' . htmlentities($ms['announce'], ENT_QUOTES, 'UTF-8') . '"/></p>' .
  90. '<p><h3>' . $lng['text'] . '</h3><textarea rows="5" name="text">' . htmlentities($ms['text'], ENT_QUOTES, 'UTF-8') . '</textarea></p></div>' .
  91. '<div class="rmenu"><p><h3>' . $lng['author'] . '</h3><input type="text" name="autor" value="' . $ms['avtor'] . '"/></p>' .
  92. '<p><h3>' . $lng_lib['reads'] . '</h3><input type="text" name="count" value="' . $ms['count'] . '" size="4"/></p></div>' .
  93. '<div class="bmenu"><input type="submit" name="submit" value="' . $lng['save'] . '"/></div></form>' .
  94. '<p><a href="index.php?id=' . $id . '">' . $lng['back'] . '</a></p>';
  95. break;
  96. case "cat":
  97. echo $lng_lib['edit_category'] . "<br/><form action='index.php?act=edit&amp;id=" . $id . "' method='post'><input type='text' name='text' value='" . $ms['text'] .
  98. "'/><br/>" . $lng_lib['edit_category_help'] . ":<br/><select name='mod'>";
  99. if ($ms['ip'] == 1) {
  100. echo "<option value='1'>" . $lng['categories'] . "</option><option value='0'>" . $lng_lib['articles'] . "</option>";
  101. } else {
  102. echo "<option value='0'>" . $lng_lib['articles'] . "</option><option value='1'>" . $lng['categories'] . "</option>";
  103. }
  104. echo "</select><br/>";
  105. if ($ms['soft'] == 1) {
  106. echo $lng_lib['allow_to_add'] . "<br/><input type='checkbox' name='user' value='1' checked='checked' /><br/>";
  107. } else {
  108. echo $lng_lib['allow_to_add'] . "<br/><input type='checkbox' name='user' value='1'/><br/>";
  109. }
  110. echo "<input type='submit' name='submit' value='" . $lng['save'] . "'/></form><br/><a href='index.php?id=" . $ms['refid'] . "'>" . $lng['back'] . "</a><br/>";
  111. break;
  112. }
  113. }
  114. } else {
  115. header("location: index.php");
  116. }
  117. ?>