PageRenderTime 54ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 0ms

/Quản lý website đọc truyện online PHP/library/includes/edit.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 122 lines | 97 code | 5 blank | 20 comment | 24 complexity | 7c4663d844eba8e417cc1f7a776b93bf MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * @package     JohnCMS
    4. 

  4.  * @link        http://johncms.com
    5. 

  5.  * @copyright   Copyright (C) 2008-2011 JohnCMS Community
    6. 

  6.  * @license     LICENSE.txt (see attached file)
    7. 

  7.  * @version     VERSION.txt (see attached file)
    8. 

  8.  * @author      http://johncms.com/about
    9. 

  9.  */
    10. 

  10. 

  11. defined('_IN_JOHNCMS') or die('Error: restricted access');
    12. 

  12. 

  13. if ($rights == 5 || $rights >= 6) {
    14. 

  14.     if ($_GET['id'] == "" || $_GET['id'] == "0") {
    15. 

  15.         echo "";
    16. 

  16.         require_once('../incfiles/end.php');
    17. 

  17.         exit;
    18. 

  18.     }
    19. 

  19.     $req = mysql_query("SELECT * FROM `lib` where `website` = '$website' AND  `id` = '" . $id . "'");
    20. 

  20.     $ms = mysql_fetch_array($req);
    21. 

  21.     if (isset($_POST['submit'])) {
    22. 

  22.         switch ($ms['type']) {
    23. 

  23.             case "bk":
    24. 

  24.                 ////////////////////////////////////////////////////////////
    25. 

  25.                 // Сохраняем отредактированную статью                     //
    26. 

  26.                 ////////////////////////////////////////////////////////////
    27. 

  27.                 if (empty($_POST['name'])) {
    28. 

  28.                     echo functions::display_error($lng['error_empty_title'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
    29. 

  29.                     require_once('../incfiles/end.php');
    30. 

  30.                     exit;
    31. 

  31.                 }
    32. 

  32.                 if (empty($_POST['text'])) {
    33. 

  33.                     echo functions::display_error($lng['error_empty_text'], '<a href="index.php?act=edit&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
    34. 

  34.                     require_once('../incfiles/end.php');
    35. 

  35.                     exit;
    36. 

  36.                 }
    37. 

  37.                 $text = trim($_POST['text']);
    38. 

  38.                 $autor = isset($_POST['autor']) ? functions::check($_POST['autor']) : '';
    39. 

  39.                 $count = isset($_POST['count']) ? abs(intval($_POST['count'])) : '0';
    40. 

  40.                 if (!empty($_POST['anons'])) {
    41. 

  41.                     $anons = mb_substr(trim($_POST['anons']), 0, 100);
    42. 

  42.                 } else {
    43. 

  43.                     $anons = mb_substr($text, 0, 100);
    44. 

  44.                 }
    45. 

  45.                 mysql_query("UPDATE `lib` SET
    46. 

  46.                     `name` = '" . mysql_real_escape_string(mb_substr(trim($_POST['name']), 0, 100)) . "',
    47. 

  47.                     `announce` = '" . mysql_real_escape_string($anons) . "',
    48. 

  48.                     `text` = '" . mysql_real_escape_string($text) . "',
    49. 

  49.                     `avtor` = '$autor',
    50. 

  50.                     `count` = '$count'
    51. 

  51.                     where `website` = '$website' AND  `id` = '$id'
    52. 

  52.                 ");
    53. 

  53.                 header('location: index.php?id=' . $id);
    54. 

  54.                 break;
    55. 

  55. 

  56.             case "cat":
    57. 

  57.                 ////////////////////////////////////////////////////////////
    58. 

  58.                 // Сохраняем отредактированную категорию                  //
    59. 

  59.                 ////////////////////////////////////////////////////////////
    60. 

  60.                 $text = functions::check($_POST['text']);
    61. 

  61.                 if (!empty($_POST['user'])) {
    62. 

  62.                     $user = intval($_POST['user']);
    63. 

  63.                 } else {
    64. 

  64.                     $user = 0;
    65. 

  65.                 }
    66. 

  66.                 $mod = intval($_POST['mod']);
    67. 

  67.                 mysql_query("UPDATE `lib` SET
    68. 

  68.                 `text` = '" . $text . "',
    69. 

  69.                 `ip` = '" . $mod . "',
    70. 

  70.                 `soft` = '" . $user . "'
    71. 

  71.                 where `website` = '$website' AND  `id` = '" . $id . "'");
    72. 

  72.                 header('location: index.php?id=' . $id);
    73. 

  73.                 break;
    74. 

  74.                 default :
    75. 

  75.             ////////////////////////////////////////////////////////////
    76. 

  76.             // Сохраняем отредактированный комментарий                //
    77. 

  77.             ////////////////////////////////////////////////////////////
    78. 

  78.             $text = functions::check($_POST['text']);
    79. 

  79.                 mysql_query("update `lib` set text='" . $text . "' where `website` = '$website' AND  id='" . $id . "';");
    80. 

  80.                 header("location: index.php?id=$ms[refid]");
    81. 

  81.                 break;
    82. 

  82.         }
    83. 

  83.     } else {
    84. 

  84.         switch ($ms['type']) {
    85. 

  85.             case 'bk':
    86. 

  86.                 ////////////////////////////////////////////////////////////
    87. 

  87.                 // Форма редактирования статьи                            //
    88. 

  88.                 ////////////////////////////////////////////////////////////
    89. 

  89.                 echo '<div class="phdr"><b>' . $lng_lib['edit_article'] . '</b></div>' .
    90. 

  90.                     '<form action="index.php?act=edit&amp;id=' . $id . '" method="post">' .
    91. 

  91.                     '<div class="menu"><p><h3>' . $lng['title'] . '</h3><input type="text" name="name" value="' . htmlentities($ms['name'], ENT_QUOTES, 'UTF-8') . '"/></p>' .
    92. 

  92.                     '<p><h3>' . $lng_lib['announce'] . '</h3><small>' . $lng_lib['announce_help'] . '</small><br/><input type="text" name="anons" value="' . htmlentities($ms['announce'], ENT_QUOTES, 'UTF-8') . '"/></p>' .
    93. 

  93.                     '<p><h3>' . $lng['text'] . '</h3><textarea rows="5" name="text">' . htmlentities($ms['text'], ENT_QUOTES, 'UTF-8') . '</textarea></p></div>' .
    94. 

  94.                     '<div class="rmenu"><p><h3>' . $lng['author'] . '</h3><input type="text" name="autor" value="' . $ms['avtor'] . '"/></p>' .
    95. 

  95.                     '<p><h3>' . $lng_lib['reads'] . '</h3><input type="text" name="count" value="' . $ms['count'] . '" size="4"/></p></div>' .
    96. 

  96.                     '<div class="bmenu"><input type="submit" name="submit" value="' . $lng['save'] . '"/></div></form>' .
    97. 

  97.                     '<p><a href="index.php?id=' . $id . '">' . $lng['back'] . '</a></p>';
    98. 

  98.                 break;
    99. 

  99. 

  100.             case "cat":
    101. 

  101.                 echo $lng_lib['edit_category'] . "<br/><form action='index.php?act=edit&amp;id=" . $id . "' method='post'><input type='text' name='text' value='" . $ms['text'] .
    102. 

  102.                     "'/><br/>" . $lng_lib['edit_category_help'] . ":<br/><select name='mod'>";
    103. 

  103.                 if ($ms['ip'] == 1) {
    104. 

  104.                     echo "<option value='1'>" . $lng['categories'] . "</option><option value='0'>" . $lng_lib['articles'] . "</option>";
    105. 

  105.                 } else {
    106. 

  106.                     echo "<option value='0'>" . $lng_lib['articles'] . "</option><option value='1'>" . $lng['categories'] . "</option>";
    107. 

  107.                 }
    108. 

  108.                 echo "</select><br/>";
    109. 

  109.                 if ($ms['soft'] == 1) {
    110. 

  110.                     echo $lng_lib['allow_to_add'] . "<br/><input type='checkbox' name='user' value='1' checked='checked' /><br/>";
    111. 

  111.                 } else {
    112. 

  112.                     echo $lng_lib['allow_to_add'] . "<br/><input type='checkbox' name='user' value='1'/><br/>";
    113. 

  113.                 }
    114. 

  114.                 echo "<input type='submit' name='submit' value='" . $lng['save'] . "'/></form><br/><a href='index.php?id=" . $ms['refid'] . "'>" . $lng['back'] . "</a><br/>";
    115. 

  115.                 break;
    116. 

  116.         }
    117. 

  117.     }
    118. 

  118. } else {
    119. 

  119.     header("location: index.php");
    120. 

  120. }
    121. 

  121. 

  122. ?>
    123.