protected function main()
{
if (!is_logged_in()) {
redir(Nw::$lang['common']['need_login'], false, 'users-10.html');
}
// Si le paramètre ID manque
if (empty($_GET['id']) || !is_numeric($_GET['id'])) {
header('Location: ./');
}
inc_lib('news/news_exists');
$count_news_existe = news_exists($_GET['id']);
if ($count_news_existe == false) {
redir(Nw::$lang['news']['news_not_exist'], false, 'news-70.html');
}
// Récupération des données de la news
inc_lib('news/get_info_news');
$donnees_news = get_info_news($_GET['id']);
$droit_delete_news = $donnees_news['n_id_auteur'] == Nw::$dn_mbr['u_id'] && Nw::$droits['can_delete_mynews'] || Nw::$droits['can_delete_news'] ? true : false;
if (!$droit_delete_news) {
redir(Nw::$lang['news']['not_allowed_delete'], false, 'news-70.html');
}
// Pour rediriger le visiteur d'où il est venu
if (!empty($_SERVER['HTTP_REFERER']) && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url) !== false && strpos($_SERVER['HTTP_REFERER'], Nw::$site_url . 'news-65-' . $_GET['id'] . '.html') === false) {
$_SESSION['nw_referer_edit'] = $_SERVER['HTTP_REFERER'];
}
$link_redir = !empty($_SESSION['nw_referer_edit']) ? $_SESSION['nw_referer_edit'] : 'news-70.html';
$this->set_title(sprintf(Nw::$lang['news']['title_del_news'], $donnees_news['n_titre']));
$this->set_tpl('news/delete.html');
$this->add_css('forms.css');
$this->add_js('ajax.js');
$this->add_js('admin.js');
$this->add_form('contenu');
// Fil ariane
$this->set_filAriane(array(Nw::$lang['news']['news_section'] => array('news-70.html'), $donnees_news['c_nom'] => array($donnees_news['c_rewrite'] . '/'), $donnees_news['n_titre'] => array($donnees_news['c_rewrite'] . '/' . rewrite($donnees_news['n_titre']) . '-' . $_GET['id'] . '/'), Nw::$lang['news']['field_delete_news'] => array('')));
// Formulaire soumis
if (isset($_POST['submit'])) {
inc_lib('news/delete_news');
delete_news($_GET['id']);
redir(Nw::$lang['news']['news_deleted'], true, rtrim(Nw::$site_url, '/') . '/news-70.html');
}
if (isset($_POST['no'])) {
header('Location: ' . $link_redir);
}
Nw::$tpl->set(array('ID' => $_GET['id'], 'TITRE' => $donnees_news['n_titre'], 'PHRASE_DEL' => sprintf(Nw::$lang['news']['phrase_del_news'], $donnees_news['c_rewrite'], rewrite($donnees_news['n_titre']), $_GET['id'], $donnees_news['n_titre'])));
display_form(array('contenu' => ''));
}
<?php
require 'header.php';
//define page title
$title = 'Admin';
if (isset($_POST['delete_news_page'])) {
delete_news($_POST['url']);
}
?>
<div id="page-wrapper">
<div class="row">
<div class="col-lg-12">
<h1 class="page-header">Delete Latest News</h1>
</div>
<!-- /.col-lg-12 -->
</div>
<!-- /.row -->
<div class="row">
<!-- /.panel-heading -->
<div class="col-lg-12">
<div class="panel panel-default">
<div class="panel-heading">
All Latest News
</div>
<!-- /.panel-heading -->
<div class="panel-body">
<div class="table-responsive">
<table class="table table-striped table-bordered table-hover">
include dirname(__FILE__)."/../../../include/db.php";
include dirname(__FILE__)."/../../../include/authenticate.php";if (!checkperm("o")) {exit ("Permission denied.");}
include dirname(__FILE__)."/../../../include/general.php";
include_once dirname(__FILE__)."/../inc/news_functions.php";
global $baseurl;
$offset=getvalescaped("offset",0);
if (array_key_exists("findtext",$_POST)) {$offset=0;} # reset page counter when posting
$findtext=getvalescaped("findtext","");
$delete=getvalescaped("delete","");
if ($delete!="")
{
# Delete news
delete_news($delete);
}
if (getval("create","")!="")
{
header("location:".$baseurl."/plugins/news/pages/news_content_edit.php?ref=new");
}
include dirname(__FILE__)."/../../../include/header.php";
?>
<div class="BasicsBox">
<h1><?php echo $lang["news_manage"]?></h1>
<h2><?php echo $lang["news_intro"]?></h2>
/**
* generates proper text for confirmation question and removes range_id from news
*
*
* @param $remove_array array with $news_id as key and array of range_ids as value
* @param string $range_id
* @return string text for confirmation question or empty string after removal
*/
function remove_news($remove_array)
{
$confirmed = false;
$question_text = array();
if (!is_array($remove_array)) {
return false;
}
if (Request::submitted('yes') and Request::isPost()) {
CSRFProtection::verifySecurityToken();
$confirmed = true;
}
foreach ($remove_array as $news_id => $ranges) {
$remove_news = new StudipNews($news_id);
$remove_news_title = $remove_news->getValue('topic');
if (!is_array($ranges)) {
$ranges = array($ranges);
}
// should we delete news completely
if (count($ranges) == count($remove_news->getRanges())) {
$text = delete_news($news_id);
if ($text) {
$question_text[] = $text;
}
// or just remove range_id(s)?
} else {
$text = '';
if ($confirmed and !$remove_news->isNew() and count($ranges)) {
foreach ($ranges as $key => $range_id) {
if ($remove_news->havePermission('unassign', $range_id)) {
$remove_news->deleteRange($range_id);
} else {
unset($ranges[$key]);
PageLayout::postMessage(MessageBox::error(sprintf(_('Keine Berechtigung zum Entfernen der Ankündigung "%s" aus diesem Bereich.'), htmlReady($remove_news->getValue('topic')))));
}
if (count($ranges)) {
if (count($ranges) == 1) {
PageLayout::postMessage(MessageBox::success(sprintf(_('Ankündigung "%s" wurde aus dem Bereich entfernt.'), htmlReady($remove_news->getValue('topic')))));
} else {
PageLayout::postMessage(MessageBox::success(sprintf(_('Ankündigung "%s" wurde aus %s Bereichen entfernt.'), htmlReady($remove_news->getValue('topic')), count($ranges))));
}
$remove_news->store();
}
}
} elseif (!$confirmed) {
if (count($ranges) == 1) {
$text = sprintf(_('- Die Ankündigung "%s" wird aus dem aktiven Bereich entfernt. ' . 'Sie wird dadurch nicht endgültig gelöscht. Es wird nur die Zuordnung entfernt.'), $remove_news_title) . "\n";
} elseif (count($ranges) > 1) {
$text = sprintf(_('- Die Ankündigung "%s" wird aus den %s gewählten Bereichen entfernt. ' . 'Sie wird dadurch nicht endgültig gelöscht. Es werden nur die Zuordnungen entfernt.'), $remove_news_title, count($ranges)) . "\n";
}
}
if ($text) {
$question_text[] = $text;
}
}
}
if (count($question_text) > 1) {
return _('Wollen Sie die folgenden Aktionen jetzt ausführen?') . "\n" . implode($question_text);
} elseif (count($question_text) == 1) {
return _('Wollen Sie diese Aktion jetzt ausführen?') . "\n" . implode($question_text);
}
}
function route($action)
{
global $html_main_content, $title;
show_err();
switch ($action) {
case '':
main();
break;
case 'user_show':
$title = print_lg('Show all users', $_SESSION['lang']);
user_show();
break;
case 'user_info':
$title = print_lg('User info', $_SESSION['lang']);
user_info();
break;
case 'show_news':
show_news();
break;
case 'logout':
logout();
break;
case 'add_news':
$title = print_lg('Add news', $_SESSION['lang']);
add_news();
break;
case 'registration':
$title = print_lg('Registration', $_SESSION['lang']);
registration();
break;
case 'delete_news':
delete_news();
break;
case 'edit_news':
$title = print_lg('Edit news', $_SESSION['lang']);
edit_news();
break;
case 'pages':
main();
break;
case 'profileview':
$title = print_lg('You information', $_SESSION['lang']);
profileview();
break;
case 'delete_user':
delete_user();
break;
case 'user_delete':
user_delete();
break;
case 'user_edit':
$title = print_lg('Edit user', $_SESSION['lang']);
user_edit();
break;
case 'edit_language':
$title = print_lg('Edit language', $_SESSION['lang']);
edit_language();
break;
case 'delete_comments':
delete_comments();
break;
case 'delete_vote':
delete_vote();
break;
default:
$html_main_content .= print_lg('Page not found', $_SESSION['lang']);
break;
}
}
/**
* Standard aed_module delete actualiser.
*
* @param ID_TEXT The entry being deleted
*/
function delete_actualisation($_id)
{
$id = intval($_id);
delete_news($id);
}
case "settings":
if ($_SESSION['access_level'] == 100) {
switch ($id) {
case "view":
print_settings_view();
break;
case "updatenews":
update_news();
header("Location: ./index.php?kat=settings&id=view");
break;
case "addnews":
add_news();
header("Location: ./index.php?kat=settings&id=view");
break;
case "deletenews":
delete_news();
header("Location: ./index.php?kat=settings&id=view");
break;
case "updatebln":
update_blacklist_number();
header("Location: ./index.php?kat=settings&id=view");
break;
case "deletebln":
remove_number_from_blacklist();
header("Location: ./index.php?kat=settings&id=view");
break;
case "addblacklistnumber":
add_number_to_blacklist();
header("Location: ./index.php?kat=settings&id=view");
break;
}
function tearDown()
{
delete_news($this->news_id);
parent::tearDown();
}
