$twig->loadTemplate('news/edit.twig')->display(array('PMF_LANG' => $PMF_LANG, 'comments' => $comments, 'commentType' => PMF_Comment::COMMENT_TYPE_NEWS, 'dateEnd' => $dateEnd, 'dateStart' => $dateStart, 'languageSelector' => PMF_Language::selectLanguages($newsData['lang'], false, array(), 'langTo'), 'newsData' => $newsData));
} elseif ('savenews' == $action && $user->perm->checkRight($user->getUserId(), "addnews")) {
$dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING);
$dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING);
$header = PMF_Filter::filterInput(INPUT_POST, 'newsheader', FILTER_SANITIZE_STRIPPED);
$content = PMF_Filter::filterInput(INPUT_POST, 'news', FILTER_SANITIZE_SPECIAL_CHARS);
$author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED);
$email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL);
$active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING);
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
$link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL);
$linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED);
$newslang = PMF_Filter::filterInput(INPUT_POST, 'langTo', FILTER_SANITIZE_STRING);
$target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED);
$newsData = array('lang' => $newslang, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target);
$success = $news->addNewsEntry($newsData);
$twig->loadTemplate('news/save.twig')->display(array('PMF_LANG' => $PMF_LANG, 'success' => $success));
} elseif ('updatenews' == $action && $user->perm->checkRight($user->getUserId(), "editnews")) {
$dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING);
$dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING);
$header = PMF_Filter::filterInput(INPUT_POST, 'newsheader', FILTER_SANITIZE_STRIPPED);
$content = PMF_Filter::filterInput(INPUT_POST, 'news', FILTER_SANITIZE_SPECIAL_CHARS);
$author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED);
$email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL);
$active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING);
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
$link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL);
$linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED);
$newslang = PMF_Filter::filterInput(INPUT_POST, 'langTo', FILTER_SANITIZE_STRING);
$target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED);
$newsData = array('lang' => $newslang, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => empty($dateStart) ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => empty($dateEnd) ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target);
<?php
}
} elseif ('savenews' == $action && $permission["addnews"]) {
$dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING, '00000000000000');
$dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING, '99991231235959');
$header = PMF_Filter::filterInput(INPUT_POST, 'header', FILTER_SANITIZE_STRIPPED);
$content = PMF_Filter::filterInput(INPUT_POST, 'content', FILTER_SANITIZE_SPECIAL_CHARS);
$author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED);
$email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL);
$active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING);
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
$link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL);
$linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED);
$target = PMF_Filter::filterInput(INPUT_POST, 'target', FILTER_SANITIZE_STRIPPED);
$newsData = array('lang' => $LANGCODE, 'header' => $header, 'content' => html_entity_decode($content), 'authorName' => $author, 'authorEmail' => $email, 'active' => is_null($active) ? 'n' : 'y', 'comment' => is_null($comment) ? 'n' : 'y', 'dateStart' => '' == $dateStart ? '00000000000000' : str_replace('-', '', $dateStart) . '000000', 'dateEnd' => '' == $dateEnd ? '99991231235959' : str_replace('-', '', $dateEnd) . '235959', 'link' => $link, 'linkTitle' => $linktitle, 'date' => date('YmdHis'), 'target' => is_null($target) ? '' : $target);
if ($news->addNewsEntry($newsData)) {
printf("<p>%s</p>", $PMF_LANG['ad_news_updatesuc']);
} else {
printf("<p>%s</p>", $PMF_LANG['ad_news_insertfail']);
}
} elseif ('updatenews' == $action && $permission["editnews"]) {
$dateStart = PMF_Filter::filterInput(INPUT_POST, 'dateStart', FILTER_SANITIZE_STRING, '00000000000000');
$dateEnd = PMF_Filter::filterInput(INPUT_POST, 'dateEnd', FILTER_SANITIZE_STRING, '99991231235959');
$header = PMF_Filter::filterInput(INPUT_POST, 'header', FILTER_SANITIZE_STRIPPED);
$content = PMF_Filter::filterInput(INPUT_POST, 'content', FILTER_SANITIZE_SPECIAL_CHARS);
$author = PMF_Filter::filterInput(INPUT_POST, 'authorName', FILTER_SANITIZE_STRIPPED);
$email = PMF_Filter::filterInput(INPUT_POST, 'authorEmail', FILTER_VALIDATE_EMAIL);
$active = PMF_Filter::filterInput(INPUT_POST, 'active', FILTER_SANITIZE_STRING);
$comment = PMF_Filter::filterInput(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
$link = PMF_Filter::filterInput(INPUT_POST, 'link', FILTER_VALIDATE_URL);
$linktitle = PMF_Filter::filterInput(INPUT_POST, 'linkTitle', FILTER_SANITIZE_STRIPPED);
