<?php
require_once "../database.php";
require_once "../models/articles.php";
$link = db_connect();
if (isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = "";
}
if ($action == "add") {
if (!empty($_POST)) {
article_new($link, $_POST['title'], $_POST['date'], $_POST['content']);
header("Location: index.php");
}
$article = ['date' => '', 'title' => '', 'content' => ''];
include "../views/article_admin.php";
} else {
if ($action == "edit") {
if (!isset($_GET['id'])) {
header("Location: index.php");
}
$id = (int) $_GET['id'];
if (!empty($_POST) && $id > 0) {
article_edit($link, $id, $_POST['title'], $_POST['date'], $_POST['content']);
header("Location: index.php");
}
$article = article_get($link, $id);
include "../views/article_admin.php";
} else {
if ($action == "delete") {
if (isset($_REQUEST[session_name()])) {
session_start();
} else {
header("Location: http://news-site.ru/");
}
$check = md5(crypt($_SESSION['login'], $_SESSION['pass']));
// Если на страницу зашел авторизованный пользователь, выводим контент.
if ($_SESSION['usr'] == $check) {
if (isset($_GET['action'])) {
$action = $_GET['action'];
} else {
$action = "";
}
if ($action == "add") {
if (!empty($_POST)) {
article_new($link, $_POST['title'], $_POST['author'], $_POST['date'], $_POST['short_content'], $_POST['content']);
echo '<script>history.go(-2);</script>';
}
include "/views/article_view_admin.php";
} elseif ($action == "edit") {
if (!isset($_GET['id'])) {
header("Location: http://news-site.ru/admin.php");
}
$id = (int) $_GET['id'];
if (!empty($_POST) && $id > 0) {
article_edit($link, $id, $_POST['title'], $_POST['author'], $_POST['date'], $_POST['short_content'], $_POST['content']);
echo '<script>history.go(-2);</script>';
}
$article = article_get($link, $id);
include "/views/article_view_admin.php";
} elseif ($action == "delete") {
