$strWhere = "id_user IN (" . secure::escQuoteData($arrUser['id']) . ") AND token IN ('correction')"; $arrArticles = $articles->getArticles($strWhere, false, false, false); $smarty->assignByRef('arrArticles', $arrArticles); } elseif ($arrActions['archived'] && !empty($_SESSION['sd_' . DB_PREFIX . 'codex']['rights']['arc_articles'])) { /** ДЕЙСТВИЯ **/ if (!empty($_POST['action'])) { // удаление if ('delete' === $_POST['action'] && !empty($_SESSION['sd_' . DB_PREFIX . 'codex']['rights']['del_articles']) && !empty($_POST['articles'])) { $strWhere = "id_user IN (" . secure::escQuoteData($arrUser['id']) . ")"; !$articles->deleteArticles(array_keys($_POST['articles']), $strWhere) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, chpu::createChpuUrl(CONF_SCRIPT_URL . 'index.php?ut=' . $_SESSION['sd_user'][DB_PREFIX . 'conf']['user_type'] . '&do=user.articles&action=archived')); } // Извлечение из архива if ('extract' === $_POST['action'] && !empty($_SESSION['sd_' . DB_PREFIX . 'codex']['rights']['arc_articles']) && !empty($_POST['articles'])) { $arrData = array('token' => 'active'); $strWhere = "id_user IN (" . secure::escQuoteData($arrUser['id']) . ")"; !$articles->updateArticles($arrData, array_keys($_POST['articles']), $strWhere) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, chpu::createChpuUrl(CONF_SCRIPT_URL . 'index.php?ut=' . $_SESSION['sd_user'][DB_PREFIX . 'conf']['user_type'] . '&do=user.articles&action=archived')); } } // инициируем "Наименование страницы" отображаемое в заголовке формы $arrNamePage[] = array('name' => constant('MENU_ACTION_ARCHIVED'), 'link' => false); $strWhere = "id_user IN (" . secure::escQuoteData($arrUser['id']) . ") AND token IN ('archived')"; $arrArticles = $articles->getArticles($strWhere, false, false, false); $smarty->assignByRef('arrArticles', $arrArticles); } elseif ($arrActions['active']) { /** ДЕЙСТВИЯ **/ if (!empty($_POST['action'])) { // удаление if ('delete' === $_POST['action'] && !empty($_SESSION['sd_' . DB_PREFIX . 'codex']['rights']['del_articles']) && !empty($_POST['articles'])) { $strWhere = "id_user IN (" . secure::escQuoteData($arrUser['id']) . ")"; !$articles->deleteArticles(array_keys($_POST['articles']), $strWhere) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, chpu::createChpuUrl(CONF_SCRIPT_URL . 'index.php?ut=' . $_SESSION['sd_user'][DB_PREFIX . 'conf']['user_type'] . '&do=user.articles&action=active')); }
} } else { messages::error404(); } } else { messages::error404(); } } elseif ($arrActions['moderate']) { // инициируем "Наименование страницы" отображаемое в форме $arrNamePage[] = array('name' => MENU_ACTION_MODERATE, 'link' => false); /** * Массовая активация, отправка на редактирование, удаление статей */ if (isset($_POST['action'])) { if ('active' === $_POST['action'] && !empty($_POST['articles'])) { !$articles->updateArticles(array('token' => 'active'), array_keys($_POST['articles'])) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?' . $qString); } elseif ('correction' === $_POST['action'] && !empty($_POST['articles'])) { //date(terms::dateFormatFromSmarty(CONF_DATE_FORMAT, CONF_TIME_FORMAT), strtotime(terms::calcDateTimeOfTerm(CONF_ARTICLES_CORRECTION_THERM))), $updData = array('token' => 'correction', 'token_datetime' => terms::calcDateTimeOfTerm(CONF_ARTICLES_CORRECTION_THERM)); !$articles->updateArticles($updData, array_keys($_POST['articles'])) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?' . $qString); } elseif ('delete' === $_POST['action'] && !empty($_POST['articles'])) { !$articles->deleteArticles(array_keys($_POST['articles'])) ? $arrErrors[] = db::$message_error : messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?' . $qString); } } elseif (!empty($_POST['arrData']['action']) && !empty($_POST['arrData']['id'])) { if ('active' === $_POST['arrData']['action'] && !empty($_POST['arrData']['title']) && !empty($_POST['arrData']['datetime']) && !empty($_POST['arrData']['id_user'])) { if ($articles->updateArticle(array('token' => 'active', 'token_datetime' => ''), $_POST['arrData']['id'])) { $articles->sendUserActiveArticle($_POST['arrData']); messages::messageChangeSaved(MESSAGE_CHANGE_SAVED, false, CONF_ADMIN_FILE . '?' . $qString); } else { $arrErrors[] = db::$message_error; }
$_POST['author'] = trim(htmlentities($_POST['author'])); $_POST['content'] = trim(htmlentities($_POST['content'])); $articles->addArticles($pdo, $date); if (isset($_SESSION['userId'])) { header("Location: index.php?pages=articles"); exit; } else { header("Location: index.php?pages=listArticles"); exit; } } else { //Poster une modification d'articles $_POST['title'] = trim(htmlentities($_POST['title'])); $_POST['author'] = trim(htmlentities($_POST['author'])); $_POST['content'] = trim(htmlentities($_POST['content'])); $articles->updateArticles($pdo, $date); header("Location: index.php?pages=listArticles"); exit; } } if (isset($_GET['deleteArticles'])) { //Supprimer un article $articles->deleteArticles($pdo, $date); if (isset($_SESSION['userId'])) { header("Location: index.php?pages=articles"); exit; } else { header("Location: index.php?pages=listArticles"); exit; } }