File "news.php"
Full path: C:/xampp/htdocs/www_real/news.php
File
size: 7.33 B (7.33 KB bytes)
MIME-type: text/x-php
Charset: utf-8
Download Open Edit Advanced Editor &nnbsp; Back
<?php
$sql_ws = new ClassMysql();
$sql_ws->connect($dbhost,$dbuser,$dbpassword,$dbnews);
$res = $sql_ws->query("SELECT `id_news`,`title`,`date`,`content` FROM `news`");
while ($row = $sql_ws->fetch_assoc($res))
{
$id_news = $row['id_news'];
$title = $row['title'];
$date = $row['date'];
$content = $row['content'];
}
if ( !isset( $_GET["action"] ) ) $_GET["action"] = "showlist";
switch ( $_GET["action"] ) {
// Withdraw all the news
case "showlist":
show_list(); break;
// Form for adding news
case "addnews":
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
get_add_item_form(); break;
}
else {echo "Error";}
// Add news
case "add":
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
add_item(); break;
}
else return;
// Output separate news
case "get_news":
get_news(); break;
// Form for news editing
case "editform":
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
get_edit_item_form();
}
else {echo "Error";}
break;
// Update news
case "update":
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
update_item(); break;
}
else {echo "Error";}
// Remove the news
case "delete":
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
delete_item(); break;
}
else return;
// By default, - the withdrawal of all news
default:
show_list();
}
$sql_ws->close();
// Lists all records in the database table
function show_list()
{
global $sql_ws;
global $news_amt;
global $access_level;
if (isset($_GET['page'])) {
$page = intval($_GET['page']);
}
else {
$page = 1;
}
$elements = $sql_ws->result($sql_ws->query("SELECT COUNT(*) AS `counter` FROM `news`"),0);
$pages = ceil($elements/$news_amt);
if ($page < 1) {
$page = 1;
}
elseif ($page > $pages) {
$page = $pages;
}
$start = ($page-1)*$news_amt;
if ($start < 0) $start = 0;
$bef = "SELECT * FROM news ORDER BY id_news DESC LIMIT {$start}, {$news_amt}";
$res = $sql_ws->query($bef);
while ($item = $sql_ws->fetch_assoc($res))
{
$id_news = $item['id_news'];
echo '<div class="news">';
echo '<div class="news_title"><a href="'.$_SERVER['PHP_SELF'].'?action=get_news&id_news='.$item['id_news'].'">'.$item['title'].'</a></div>';
echo '<div class="news-text"><hr style="color:#000">'.$item['content'].'</div>';
echo '<div class="news-date"><hr style="color:#000">'.$item['date'].'</div>';
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >="$access_level") {
echo '<a href="'.$_SERVER['PHP_SELF'].'?action=editform&id_news='.$item['id_news'].'"><div class="button-edit border shadow">Edit</div></a>';
}
echo '<div class="clear"></div>';
echo '</div>';
}
echo '<div class="nav_news">';
echo '<div class="nextprev" id="paginator3"></div>';
echo '<script type="text/javascript"> pag3 = new Paginator(\'paginator3\', '.$pages.', 5, '.$page.', ""); </script>';
echo '</div>';
}
// Conclusion news separately
function get_news() {
global $sql_ws, $access_level;
$id_news = intval($_GET['id_news']);
$res = $sql_ws->query("SELECT * FROM `news` WHERE `id_news` = ".$id_news);
while ($item = $sql_ws->fetch_assoc($res))
{
$title = $item['title'];
$date = $item['date'];
$content = $item['content'];
echo '<div class="news">';
echo '<div class="news-title">'.$title.'</div>';
echo '<div class="news-date">'.$date.'</div>';
echo '<div class="news-text">'.$content.'</div>';
if (isset($_SESSION['id']) AND $_SESSION['access_level'] >= "$access_level") {
echo '<a href="'.$_SERVER['PHP_SELF'].'?action=editform&id_news='.$item['id_news'].'"><div class="button-edit border shadow">Edit</div></a>';
}
echo '<div class="clear"></div>';
echo '</div>';
}
}
// Function generates a form to add a record to a database table
function get_add_item_form()
{
$date=date("d M Y, H:i");
echo '<div class="news">';
echo '<div class="news-title">Add News</div>';
echo '<div>
<form name="addnews" action="'.$_SERVER['PHP_SELF'].'?action=add" method="POST">';
echo '<div class="mb10"><b>Header:</b> <input type="text" class="field" name="title"></div>';
echo '<div class="mb10"><b>Date:</b> '.$date.'</div>';
echo '<div><textarea type="text" id="input" name="content"></textarea></div>';
echo '<div align="center"><input type="submit" class="button-submit dark-shadow" name="button" value="Add"/> <button type="button" class="button-submit dark-shadow" onClick="history.back();">Cancel</button></div>';
echo '</form>';
echo '</div>';
if(!empty($add_error)) echo '<center><div class="error">'.$add_error.'</div>';
if(!empty($add_success)) echo '<div class="accept">'.$add_success.'</center></div>';
echo '</div>';
echo '<div class="clear"></div>';
}
// This function adds a new record to the database table
function add_item()
{
global $sql_ws;
$date=date("d M Y, H:i");
$title = mysql_escape_string( $_POST['title'] );
$content = mysql_escape_string( $_POST['content'] );
$sql_ws->query("INSERT INTO news (title, date, content) VALUES ('".$title."', '".$date."', '".$content."');");
echo "<script language='JavaScript'>window.location.href = 'index.php'; </script>";
die();
}
// Function generates a form to edit records in the database table
function get_edit_item_form()
{
global $sql_ws;
$date=date("d M Y, H:i");
$res = $sql_ws->query( 'SELECT id_news, title, content FROM news WHERE id_news='.$_GET['id_news'] );
$item = $sql_ws->fetch_array( $res );
echo '<div class="news">';
echo '<div class="news_lc">Edit News</div><br>';
echo '<div>
<form name="editform" action="'.$_SERVER['PHP_SELF'].'?action=update&id_news='.$_GET['id_news'].'" method="POST">';
echo '<div class="mb10"><b>Header:</b> <input type="text" class="field" name="title" value="'.$item['title'].'"></div>';
echo '<div class="mb10"><b>Date:</b> '.$date.'</div>';
echo '<div><textarea type="text" id="input" name="content">'.$item['content'].'</textarea></div>';
echo '<div align="center">
<input type="submit" class="button_reg" name="button" value="Save"/>
<button type="button" class="button_reg" onClick="history.back();">Cancel</button>
<button type="button" class="button_reg" ONCLICK="stat()">Remove</button>
<script>function stat(){location.href="'.$_SERVER['PHP_SELF'].'?action=delete&id_news='.$item['id_news'].'";}</script>
</div>';
echo '</form>';
echo '</div>';
if(!empty($add_error)) echo '<center><div class="error">'.$add_error.'</div>';
if(!empty($add_success)) echo '<div class="accept">'.$add_success.'</center></div>';
echo '</div>';
echo '<div class="clear"></div>';
}
// Function updates the record in the database table
function update_item()
{
global $sql_ws;
$title = mysql_escape_string( $_POST['title'] );
$content = mysql_escape_string( $_POST['content'] );
$sql_ws->query( "UPDATE news SET title='".$title."', content='".$content."' WHERE id_news=".$_GET['id_news']);
echo "<script language='JavaScript'>window.location.href = 'index.php'; </script>";
die();
}
// Function deletes a record in the database table
function delete_item()
{
global $sql_ws;
$sql_ws->query( "DELETE FROM news WHERE id_news=".$_GET['id_news'] );
echo "<script language='JavaScript'>window.location.href = 'index.php'; </script>";
die();
}