public function act_lang_newsAction()
{
if (empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
error404();
}
$model = new AdminModel();
$lang = $model->getLangNewsByID(post('lnid', 'int'));
if ($lang->id) {
$act = post('act');
if ($act == 'delete') {
$model->delete('news_lang', "`id` = '{$lang->id}'");
$response['target_h']['#n_' . $lang->id] = '-';
$response['target_h']['#status'] = Lang::translate('LANG_NEWS_DELETED');
} elseif ($act == 'edit') {
$response['target_v']['#lnid'] = $lang->id;
$response['target_v']['#name'] = reFilter($lang->name);
$response['target_v']['#lang'] = reFilter($lang->lang);
$response['target_v']['#text'] = reFilter($lang->text);
$response['target_h']['#preview'] = bb($lang->text);
}
} else {
$response['target_h']['#status'] = Lang::translate('LANG_NEWS_NOT_FOUND');
}
$response['error'] = 0;
echo json_encode($response);
exit;
}
/**
* Function filter
* @param $data
* @param bool|string $mode
* @return array|int|mixed|string
*/
function filter($data, $mode = true)
{
if ($mode === false) {
return $data;
} else {
if (!is_array($data)) {
if ($mode == 'string' or $mode === true) {
$data = reFilter($data);
$data = str_replace("", "", trim($data));
$data = htmlentities($data, ENT_QUOTES, "UTF-8");
if (Mysqli_DB::$_db) {
$data = Mysqli_DB::$_db->escape_string($data);
}
//$data = htmlspecialchars($data);
//$data = addslashes($data);
return $data;
} else {
return intval($data);
}
} else {
foreach ($data as $key => $value) {
$data[$key] = filter($value, $mode);
}
return $data;
}
}
}
<a class="btn" href="{URL:profile/read_all_notice}" style="float: right;">{L:NOTICE_READ_ALL}</a>
<h1>{L:NOTICE_TITLE}</h1>
<table class="case-table">
<tr>
<th style="width: 150px;">{L:NOTICE_TIME}</th>
<th>{L:NOTICE_MESSAGE}</th>
<th style="width: 150px;">{L:NOTICE_ACTION}</th>
</tr>
<?php
while ($list = mysqli_fetch_object($this->list)) {
echo '<tr ' . ($list->read == 0 ? 'class="gray"' : '') . '>' . '<td style="font-size: 12px;">' . printTime($list->time, "H:i / m.d.Y") . '</td>' . '<td style="font-size: 12px;">' . reFilter($list->text) . '</td>' . '<td>';
if ($list->read == 0) {
echo '<div id="nt' . $list->id . '"><div class="btn" onclick="' . ajaxLoad(url('profile', 'read_notice'), 'read_notice', 'id:' . $list->id) . ' delClass(this);">{L:NOTICE_READ}</div></div>';
} else {
echo '-';
}
echo '</td>';
echo '</tr>';
}
?>
</table>
<?php
echo '<div class="pagin">' . Pagination::printPagination() . '</div>';
