function page_admin_menu_edit($parent_id = "", $act = "", $id = "") { requires_admin(); set_lang("other"); use_template("admin"); if (!$parent_id) { $parent_id = 0; } $o = ""; if ($act == "del") { $rec = db_object_get("menu", $id); if ($rec->fixed == 'Y') { $act = "-"; $o .= '<script>alert("Эту запись нельзя удалить.")</script>'; } } global $tables; $tables['menu']['fields'][] = "title"; $tables['menu']['fields'][] = "link"; $tables['menu']['weight'] = true; if ($parent_id) { $o .= menu_path($parent_id); } $o .= table_edit("menu", "admin/menu/edit/{$parent_id}", $act, $id, "parent_id", $parent_id, "", "on_menu"); return $o; }
function page_admin_news($act = "", $id = "") { requires_admin(); use_template("admin"); $o = table_edit("news", "admin/news", $act, $id); return $o; }
function page_admin_images($act = "", $id = "") { requires_admin(); use_template("admin"); if ($act == "add") { if (form_file_uploaded("file")) { $fname = $_FILES["file"]['name']; db_query("INSERT INTO images (link) VALUES ('')"); $id = db_last_id(); $fname = $id . "." . fileext($fname); form_file_uploaded_move("file", "img/" . $fname); db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id); redir("admin/images"); } form_start("", "post", " enctype='multipart/form-data' "); form_file("Файл", "file"); form_submit("Загрузить", "submit"); form_end(); $o = form(); return $o; } if ($act == "del") { $im = db_object_get("images", $id); @unlink("../{$im->link}"); } $o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func"); return $o; }
function page_admin_menu_edit($parent_id = "", $act = "", $id = "") { requires_admin(); set_lang("other"); use_layout("admin"); if (!$parent_id) { $parent_id = 0; } $o = ""; if ($act == "del") { $rec = db_object_get("menu", $id); if ($rec->fixed == 'Y') { $act = "-"; $o .= '<script>alert("Эту запись нельзя удалить.")</script>'; } } global $tables; $tables['menu']['fields'][] = "title"; $tables['menu']['fields'][] = "link"; $tables['menu']['weight'] = true; if ($parent_id) { $o .= menu_path($parent_id); } global $table_edit_props; $table_edit_props->use_rename_icon_for_edit = true; $o .= table_edit("menu", "admin/menu/edit/{$parent_id}", $act, $id, "parent_id", $parent_id, "", "on_menu"); $o .= "<style> input[type='submit'] { padding: 5px 10px; width: auto;}\r\n\t input{ width:400px; }\r\n\t</style>"; return $o; }
function page_admin_images($act = "", $id = "") { requires_admin(); use_layout("admin"); form_start("", "post", " enctype='multipart/form-data' "); form_file("Файл", "file"); $caption = "Загрузить картинку"; if ($act == "edit") { $caption = "Изменить картинку"; } form_submit($caption, "submit"); form_end(); $upload = form(); if (form_file_uploaded("file")) { $fname = $_FILES["file"]['name']; $ext = strtolower(fileext($fname)); if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) { $o = "Данный тип файла не является картинкой"; return $o; } else { if ($act == "add") { db_query("INSERT INTO images (link) VALUES ('')"); $id = db_last_id(); } else { @unlink(db_result(db_query("SELECT link FROM images WHERE id=%d", $id))); } $fname = $id . "." . fileext($fname); form_file_uploaded_move("file", "img/" . $fname); db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id); redir("admin/images/edit/{$id}"); } } if ($act == "add") { $o = $upload; return $o; } if ($act == "del") { $im = db_object_get("images", $id); @unlink("{$im->link}"); } $o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func"); if ($act == 'edit') { $im = db_object_get("images", $id); $o .= "<img width=100px src={$im->link}><br>{$upload}"; } return $o; }
function page_admin_pages($act = "", $id = "") { requires_admin(); use_template("admin"); $o = ""; if ($act == "del") { $p = db_object_get("pages", $id); if ($p->fixed == 'Y') { $act = "-"; $o .= '<script>alert("Эту страницу нельзя удалить.")</script>'; } } global $table_edit_props; $table_edit_props->col_title_show = false; // $table_edit_props->new_record_show = false; // $table_edit_props->del_record_show = false; // $table_edit_props->edit_record_show = false; global $base_url; $o .= table_edit("pages", "admin/pages", $act, $id, "", "", "", "<a href=admin/edit/pages/content/[id]><img src=images/text_edit.png atl='Редактировать' title='Редактировать'></a> <a href={$base_url}p/[id]>{$base_url}p/[id]</a>"); return $o; }
function page_admin_table_edit($tablename, $act = "", $id = "") { requires_admin(); use_layout("admin"); global $tables; if (!isset($tables[$tablename]['directedit'])) { die("tables[{$tablename}]['directedit'] missing"); } return table_edit($tablename, "admin/table/edit/{$tablename}", $act, $id); }
function table_edit($tablename, $home = "", $action = "", $id = "", $masterfield = "", $mastervalue = "", $order = "", $actionstring_or_function = "") { if (!$home) { $home = self_q(); } if (!$action) { $action = arg(0); } if (!$id) { $id = arg(1); } global $table_edit_props; $actionstring = $actionstring_or_function; ////////////// PREPARE $table_long_alias = $tablename; global $tables; if (isset($tables[$tablename]['weight'])) { weight_fix($tablename); } $table_long_alias = table_long_alias($tablename); ///////////////////////////////////// $master_cond = ""; if ($masterfield) { if (strtolower($mastervalue) == 'null') { $master_cond = " AND {$masterfield} is null"; } else { $master_cond = " AND {$masterfield}='{$mastervalue}' "; } } global $tables; if (!isset($tables[$tablename])) { die("error, table_edit - tables[{$tablename}] not set"); } if (isset($tables[$tablename]['weight'])) { if ($order) { $order .= ","; } $order .= " {$tablename}.weight "; } if ($order) { $order = " ORDER BY {$order} "; } //this is reaction on drag and drop reorder if ($action == "move") { $d = $_REQUEST['delta']; if ($d > 0) { for ($i = 0; $i < $d; $i++) { table_edit($tablename, "return!", "down", $id, $masterfield, $mastervalue); } } if ($d < 0) { $d = -$d; for ($i = 0; $i < $d; $i++) { table_edit($tablename, "return!", "up", $id, $masterfield, $mastervalue); } } die(""); } if ($action == "up") { $weight = db_result(db_query("SELECT weight FROM {$tablename} WHERE id=%d {$master_cond}", $id)); $prevweight = db_result(db_query("SELECT max(weight) FROM {$tablename} WHERE weight<%f {$master_cond}", $weight)); $previd = db_result(db_query("SELECT id FROM {$tablename} WHERE weight=%f {$master_cond}", $prevweight)); db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $prevweight, $id); db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $weight, $previd); if ($home == 'return!') { return; } redir($home); } if ($action == "down") { $weight = db_result(db_query("SELECT weight FROM {$tablename} WHERE id=%d {$master_cond}", $id)); $prevweight = db_result(db_query("SELECT min(weight) FROM {$tablename} WHERE weight>%f {$master_cond}", $weight)); if ($prevweight) { $previd = db_result(db_query("SELECT id FROM {$tablename} WHERE weight=%f {$master_cond}", $prevweight)); db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $prevweight, $id); db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $weight, $previd); } if ($home == 'return!') { return; } redir($home); } if ($action == "del") { db_query("DELETE FROM {$tablename} WHERE id=%d {$master_cond}", $id); } if ($action == "edit") { if (form_post("edit")) { $sets = ""; foreach ($tables[$tablename]['fields'] as $value) { if ($sets) { $sets .= ", "; } if (str_end($value, "_check")) { if (form_post($value)) { $sets .= "{$value}=1"; } else { $sets .= "{$value}=0"; } } else { if (str_end($value, "_time")) { //hms mdy $f = str_start($value, "_time"); $ts = mktime(form_post($f . "_hour"), form_post($f . "_min"), form_post($f . "_sec"), form_post($f . "_month"), form_post($f . "_day"), form_post($f . "_year")); $sets .= "{$value}={$ts}"; } else { $p = form_post($value); $p = SlashSymbolsFix($p); if (mysql || pdo_sqlite) { $p = mysql_real_escape_string($p); } if (sqlite2) { $p = sqlite_escape_string($p); } if (sqlite3) { $p = $GLOBALS['dbhandle']->escapeString($p); } if ($p == "null") { $sets .= "{$value}=null"; } else { $sets .= "{$value} = '" . $p . "' "; } } } } $s = "UPDATE {$tablename} SET {$sets} WHERE id={$id} {$master_cond}"; db_query($s); $callback = "table_" . $tablename . "_edit"; if (function_exists($callback)) { $callback($id); } redir($home); } page_header("Edit {$table_long_alias}"); if (isset($tables[$tablename]['fields'])) { $r = db_object_get($tablename, $id); form_start(); table_edit_form_generate($tablename, $r); form_submit("{~Save changes}", "edit"); form_end(); return form(); } else { return ""; } } if ($action == "add" && $table_edit_props->add_records) { if (form_post("add")) { //fixme: unsecure, sql injection $fields = ""; $values = ""; if (isset($tables[$tablename]['fields'])) { foreach ($tables[$tablename]['fields'] as $field) { if ($fields) { $fields .= ", "; } $fields .= $field; if ($values) { $values .= ", "; } if (str_end($field, "_check")) { if (form_post($field)) { $values .= "1"; } else { $values .= "0"; } } else { if (str_end($field, "_time")) { //hms mdy $f = str_start($field, "_time"); $ts = mktime(form_post($f . "_hour"), form_post($f . "_min"), form_post($f . "_sec"), form_post($f . "_month"), form_post($f . "_day"), form_post($f . "_year")); $values .= "{$ts}"; } else { $p = form_post($field); $p = SlashSymbolsFix($p); if (mysql || pdo_sqlite) { $p = mysql_real_escape_string($p); } else { if (sqlite2) { $p = sqlite_escape_string($p); } else { if (sqlite3) { $p = $GLOBALS['dbhandle']->escapeString($p); } } } if ($p == 'null') { $values .= "null"; } else { $values .= "'" . $p . "'"; } } } } } if ($masterfield) { if ($fields) { $fields .= ", "; } $fields .= " {$masterfield}"; if (strtolower($mastervalue) == 'null') { $values .= ", null "; } else { $values .= ", '{$mastervalue}'"; } } if (isset($tables[$tablename]['weight'])) { if ($fields) { $fields .= ", "; } $fields .= " weight"; $values .= ", " . (db_result(db_query("SELECT max(id) FROM {$tablename}")) + 1); } if ($values && $values[0] == ',') { $values = substr($values, 1, strlen($values)); } db_query("INSERT INTO {$tablename} (id, {$fields}) VALUES (null, {$values})"); $id = db_last_id(); $callback = "table_" . $tablename . "_edit"; if (function_exists($callback)) { $callback($id); } if ($table_edit_props->add_redir) { redir($home); } } page_header("Add {$table_long_alias}"); form_start("", "post", " name=add_form "); table_edit_form_generate($tablename); if ($table_edit_props->add_record_html) { global $form; $form .= "<tr><td><td>" . $table_edit_props->add_record_html; } if ($table_edit_props->add_record_button_show) { form_submit("{~Add record}", "add"); } else { form_hidden("add", "1"); } form_end(); return form(); } if (strlen($GLOBALS['pageheader'] == 0)) { if (!str_end($table_long_alias, "s")) { page_header("{$table_long_alias}" . "s List"); } else { page_header($table_long_alias); } } $ff = array(); $ff = @$tables[$tablename]['fields']; $fields = ""; $joins = "{$tablename}"; $titles = array(); if ($ff) { foreach ($ff as $f) { if ($fields) { $fields .= ", "; } $type = substr($f, strlen($f) - 3, 3); if ($type == "_id") { $cap = substr($f, 0, strlen($f) - 3); $table = $cap . "s"; if (!isset($tables[$table])) { $table = str_prefix($tablename) . $table; } $titlefield = ""; foreach ($tables[$table]['fields'] as $v) { $titlefield = $v; break; } $fields .= " {$table}.{$titlefield} as {$cap} "; $joins .= " LEFT JOIN {$table} ON {$tablename}.{$f} = {$table}.id "; $titles[] = $cap; } else { $fields .= "{$tablename}.{$f}"; $titles[] = $f; } } } $where = ""; if ($masterfield) { if (strtolower($mastervalue) == 'null') { $where = " WHERE {$masterfield} is null "; } else { $where = " WHERE {$masterfield}='{$mastervalue}' "; } } if ($fields) { $fields_s = ", {$fields}"; } else { $fields_s = ""; } $q = "SELECT {$tablename}.id as id {$fields_s} FROM {$joins} {$where} {$order}"; $act = ""; if ($table_edit_props->edit_record_show) { $edit_image = "edit.png"; if ($table_edit_props->use_rename_icon_for_edit) { $edit_image = "rename.png"; } $act .= "<a href=?q={$home}/edit/[id]><img src=images/bios/{$edit_image} border=0></a>"; } if ($table_edit_props->del_record_show) { $act .= "<a href=?q={$home}/del/[id]><img onclick=\"return confirm('{~Are you sure?}');\"src=images/bios/del.png border=0></a>"; } //up down arrows /* if(isset($tables[$tablename]['weight'])) { $act = " <a href=?q=$home/up/[id]><img src=images/up.png></a> <a href=?q=$home/down/[id]><img src=images/down.png></a> ".$act; }*/ $rr = db_query($q); $s = ""; $rr = db_fetch_objects($rr); if (count($rr) == 0) { $s .= "{~no records}<br>"; } else { if ($table_edit_props->action_string_left) { table_start(count($ff) + 2); if ($table_edit_props->col_title_show) { table_add("", " class=table_edit_header "); } } else { table_start(count($ff) + 1); } ///HEADERS if ($table_edit_props->col_title_show) { foreach ($titles as $v) { if (str_end($v, "_check")) { $v = str_start($v, "_check"); } else { if (str_end($v, "_text")) { $v = str_start($v, "_text"); } } table_add("{~{$v}}", " class=table_edit_header "); } table_add("", " class=table_edit_header "); } foreach ($rr as $r) { $r = (array) $r; ////// table add id attribute to tr global $table_row_attributes; $table_row_attributes = " id=" . $r['id'] . " "; /////////////////////////////////////// $acts_left = ""; if ($table_edit_props->action_string_left) { $acts_left = $table_edit_props->action_string_left; $acts_left = str_replace("[id]", $r['id'], $acts_left); table_add($acts_left); } foreach ($r as $key => $value) { if (str_end($key, "_check")) { if ($value == 1) { table_add("<INPUT TYPE=CHECKBOX READONLY readonly='readonly' checked onclick='javascript:return false'>"); } else { table_add("<INPUT TYPE=CHECKBOX READONLY readonly='readonly' onclick='javascript:return false'>"); } } else { if (str_end($key, "_time")) { table_add(@date("Y/m/d H:i:s", $value)); } else { if ($key != 'id') { table_add($value, " class=table_edit_cell "); } } } } $useract = ""; if (function_exists($actionstring)) { $useract = $actionstring($r['id'], $r); } else { $useract = $actionstring; } $acts = str_replace("[id]", $r['id'], $act . " " . $useract); table_add($acts); } $s = ""; $s .= table_flush(" class=table_edit "); /// table drag reorder if (isset($tables[$tablename]['weight']) && $tables[$tablename]['weight']) { $s .= table_edit_drag_code($home); } ///// } if ($table_edit_props->new_record_show && $table_edit_props->add_records) { $html = "<img src=images/bios/add.png border=0> {~Add a new record}"; if ($table_edit_props->new_record_html) { $html = $table_edit_props->new_record_html; } $s .= "<br><a href=?q={$home}/add>{$html}</a>"; } return $s; }
function page_admin_catalog_images($catalog_id = "", $act = "", $id = "") { requires_admin(); use_template("admin"); global $tables; $tables['catalog_images']['weight'] = 1; $o = ""; if ($act == "edit") { $o .= "<a href=admin/catalog/images/{$catalog_id}><<Назад</a><br>"; } else { $catalog = db_object_get("catalog", $catalog_id); $o .= "<a href=admin/catalog/edit/{$catalog->parent_id}/edit/{$catalog_id}><<Назад</a><br>"; } if ($act == "del") { $fname = db_object_get("catalog_images", $id)->image_file; @unlink("img/upload/catalog/{$fname}"); } if ($act == "edit") { form_start("", "post", " enctype='multipart/form-data' "); form_file("Файл", "file"); form_submit("Загрузить картинку", "submit"); form_end(); $upload = form(); $upload .= "<script>\r\n \$(function() {\r\n\t\t\t\t \$('input[name=submit]').remove();\r\n \$('input[name=file]').change( function() {\r\n\t\t\t\t\t \$('form').submit();\r\n\t });\r\n\t });\r\n\t\t </script>"; $o .= $upload; if (form_file_uploaded("file")) { $fname = $_FILES["file"]['name']; $ext = strtolower(fileext($fname)); if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) { $o = "Данный тип файла не является картинкой"; return $o; } else { @unlink("img/upload/catalog/" . db_result(db_query("SELECT image_file FROM catalog_images WHERE id=%d", $id))); $fname = $id . "." . fileext($fname); form_file_uploaded_move("file", "img/upload/catalog/" . $fname); db_query("UPDATE catalog_images SET image_file='{$fname}' WHERE id=%d", $id); redir("admin/catalog/images/{$catalog_id}"); } } } if ($act == "add") { $_REQUEST['add'] = true; } global $table_edit_props; $table_edit_props->add_redir = false; $o .= table_edit("catalog_images", "admin/catalog/images/{$catalog_id}", $act, $id, "catalog_id", $catalog_id, "", "on_catalog_image"); if ($act == "add") { $id = db_last_id(); redir("admin/catalog/images/{$catalog_id}/edit/" . $id); die; } return $o; }
function page_users($action = "", $id = "") { requires_authorization(); return table_edit("users", "users", $action, $id); }
function page_admin_pages($act = "", $id = "") { requires_admin(); use_layout("admin"); $o = ""; if ($act == "del") { $p = db_object_get("pages", $id); if ($p->fixed == 'Y') { $act = "-"; $o .= '<script>alert("Эту страницу нельзя удалить.")</script>'; } } global $table_edit_props; $table_edit_props->col_title_show = false; // $table_edit_props->new_record_show = false; // $table_edit_props->del_record_show = false; // $table_edit_props->edit_record_show = false; $table_edit_props->use_rename_icon_for_edit = true; global $base_url; $o .= table_edit("pages", "admin/pages", $act, $id, "category", "null", "weight", "admin_on_page"); return $o; }