<?php
//if(!isset($_SERVER['HTTP_REFERER'])){
// header("location: ../../access_denied.php?data=You don't have direct access to this page");
//}
require_once 'db/news_event_class.php';
require_once 'db/user_class.php';
if (!isset($_SESSION)) {
session_start();
}
$user = $_SESSION['user'];
echo "<table><tr><th>ID</th><th>Date</th><th>Description</th><th>URL</th><th>Type</th><th colspan='2'>Manage Detail</th></tr>";
if ($user->role_id == 1 || $user->role_id == 2) {
$a = news_event_class::getAllNewsEvents("CA");
if ($a != 0) {
foreach ($a as $arr) {
echo "<tr><td>{$arr->news_event_id}</td><td>{$arr->news_event_date}</td><td>{$arr->news_event_desc}</td><td>{$arr->news_event_url}</td><td>{$arr->news_event_type}</td>\r\n <td><a href='news-event_update_detail.php?id={$arr->news_event_id}'>update</a></td><td><a id='delete' href='server/news-event/news_delete_detail.php?id={$arr->news_event_id}'>delete</a></td></tr>";
}
}
}
$b = news_event_class::getAllNewsEvents("CASA");
if ($b != 0) {
foreach ($b as $arr) {
echo "<tr><td>{$arr->news_event_id}</td><td>{$arr->news_event_date}</td><td>{$arr->news_event_desc}</td><td>{$arr->news_event_url}</td><td>{$arr->news_event_type}</td>\r\n <td><a href='news-event_update_detail.php?id={$arr->news_event_id}'>update</a></td><td><a id='delete' href='server/news-event/news_delete_detail.php?id={$arr->news_event_id}'>delete</a></td></tr>";
}
}
echo "</table>";
<?php
//if(!isset($_SERVER['HTTP_REFERER'])){
// header("location: ../../access_denied.php?data=You don't have direct access to this page");
//}
require_once 'db/news_event_class.php';
if (!isset($_GET['id'])) {
die("go to news event management page");
}
$id = $_GET['id'];
$dd = news_event_class::getNewsEventsObject($id);
if ($dd === 0) {
die("news not exsist");
}
require_once 'db/user_class.php';
if (!isset($_SESSION)) {
session_start();
}
$user = $_SESSION['user'];
if ($user->role_id == 5) {
if ($dd->news_event_type != "CASA") {
header("location: access_denied.php?data=You can't update this news.");
}
}
?>
<script src="textEditor/ckeditor.js"></script>
<form method="post" id="updateNE" action="server/news-event/news_update_detail.php" >
<label for="newsEventsId">ID<span style="color:red;">*</span>: </label>
<input type="number" id="newsEventsId" value="<?php
session_start();
if (isset($_POST['newsEventsId'])) {
$NE_id = $_POST['newsEventsId'];
} else {
$NE_id = NULL;
}
if (isset($_POST['newsEventsDate'])) {
$NE_date = $_POST['newsEventsDate'];
} else {
$NE_date = NULL;
}
if (isset($_POST['newsEventsDesc'])) {
$NE_desc = $_POST['newsEventsDesc'];
} else {
$NE_desc = NULL;
}
if (isset($_POST['newsEventsUrl'])) {
$NE_Url = $_POST['newsEventsUrl'];
} else {
$NE_Url = NULL;
}
if (isset($_POST['type'])) {
$NE_type = $_POST['type'];
} else {
$NE_type = NULL;
}
$n = new news_event_class($NE_id, $NE_date, $NE_desc, $NE_Url, $NE_type);
echo $n->updateNewsEvent();
/* @var $_SESSION type */
$l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $NE_id . " news details updated");
$l->insertlog();
require_once '../../db/user_class.php';
session_start();
if (isset($_POST['newsEventsId'])) {
$NE_id = $_POST['newsEventsId'];
} else {
$NE_id = NULL;
}
if (isset($_POST['newsEventsDate'])) {
$NE_date = $_POST['newsEventsDate'];
} else {
$NE_date = NULL;
}
if (isset($_POST['newsEventsDesc'])) {
$NE_desc = $_POST['newsEventsDesc'];
} else {
$NE_desc = NULL;
}
if (isset($_POST['newsEventsUrl'])) {
$NE_Url = $_POST['newsEventsUrl'];
} else {
$NE_Url = NULL;
}
if (isset($_POST['type'])) {
$NE_type = $_POST['type'];
} else {
$NE_type = NULL;
}
$n = new news_event_class($NE_id, $NE_date, $NE_desc, $NE_Url, $NE_type);
echo $n->insertNewsEvent();
$l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $NE_id . " news details added");
$l->insertlog();
<?php
if (!isset($_SERVER['HTTP_REFERER'])) {
header("location: ../../access_denied.php?data=You don't have direct access to this page");
}
require_once '../../db/news_event_class.php';
require_once '../../db/site_log_class.php';
require_once '../../db/user_class.php';
if (!isset($_GET['id'])) {
die("go to news event management page");
}
$ti = $_GET['id'];
require_once '../../db/user_class.php';
if (!isset($_SESSION)) {
session_start();
}
$user = $_SESSION['user'];
if ($user->role_id == 5) {
$ob = news_event_class::getNewsEventsObject($ti);
if ($ob != 0) {
if ($ob->news_event_type != "CASA") {
header("location: ../../access_denied.php?data=You don't have access to delete this news.");
}
}
}
$a = news_event_class::deleteNewsEvents($ti);
$_SESSION['answer'] = $a;
$l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $ti . "news details deleted");
$l->insertlog();
header('Location: ../../news-event_manage_detail.php?ADS=' . $a);
