<?php //if(!isset($_SERVER['HTTP_REFERER'])){ // header("location: ../../access_denied.php?data=You don't have direct access to this page"); //} require_once 'db/news_event_class.php'; require_once 'db/user_class.php'; if (!isset($_SESSION)) { session_start(); } $user = $_SESSION['user']; echo "<table><tr><th>ID</th><th>Date</th><th>Description</th><th>URL</th><th>Type</th><th colspan='2'>Manage Detail</th></tr>"; if ($user->role_id == 1 || $user->role_id == 2) { $a = news_event_class::getAllNewsEvents("CA"); if ($a != 0) { foreach ($a as $arr) { echo "<tr><td>{$arr->news_event_id}</td><td>{$arr->news_event_date}</td><td>{$arr->news_event_desc}</td><td>{$arr->news_event_url}</td><td>{$arr->news_event_type}</td>\r\n <td><a href='news-event_update_detail.php?id={$arr->news_event_id}'>update</a></td><td><a id='delete' href='server/news-event/news_delete_detail.php?id={$arr->news_event_id}'>delete</a></td></tr>"; } } } $b = news_event_class::getAllNewsEvents("CASA"); if ($b != 0) { foreach ($b as $arr) { echo "<tr><td>{$arr->news_event_id}</td><td>{$arr->news_event_date}</td><td>{$arr->news_event_desc}</td><td>{$arr->news_event_url}</td><td>{$arr->news_event_type}</td>\r\n <td><a href='news-event_update_detail.php?id={$arr->news_event_id}'>update</a></td><td><a id='delete' href='server/news-event/news_delete_detail.php?id={$arr->news_event_id}'>delete</a></td></tr>"; } } echo "</table>";
<?php //if(!isset($_SERVER['HTTP_REFERER'])){ // header("location: ../../access_denied.php?data=You don't have direct access to this page"); //} require_once 'db/news_event_class.php'; if (!isset($_GET['id'])) { die("go to news event management page"); } $id = $_GET['id']; $dd = news_event_class::getNewsEventsObject($id); if ($dd === 0) { die("news not exsist"); } require_once 'db/user_class.php'; if (!isset($_SESSION)) { session_start(); } $user = $_SESSION['user']; if ($user->role_id == 5) { if ($dd->news_event_type != "CASA") { header("location: access_denied.php?data=You can't update this news."); } } ?> <script src="textEditor/ckeditor.js"></script> <form method="post" id="updateNE" action="server/news-event/news_update_detail.php" > <label for="newsEventsId">ID<span style="color:red;">*</span>: </label> <input type="number" id="newsEventsId" value="<?php
session_start(); if (isset($_POST['newsEventsId'])) { $NE_id = $_POST['newsEventsId']; } else { $NE_id = NULL; } if (isset($_POST['newsEventsDate'])) { $NE_date = $_POST['newsEventsDate']; } else { $NE_date = NULL; } if (isset($_POST['newsEventsDesc'])) { $NE_desc = $_POST['newsEventsDesc']; } else { $NE_desc = NULL; } if (isset($_POST['newsEventsUrl'])) { $NE_Url = $_POST['newsEventsUrl']; } else { $NE_Url = NULL; } if (isset($_POST['type'])) { $NE_type = $_POST['type']; } else { $NE_type = NULL; } $n = new news_event_class($NE_id, $NE_date, $NE_desc, $NE_Url, $NE_type); echo $n->updateNewsEvent(); /* @var $_SESSION type */ $l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $NE_id . " news details updated"); $l->insertlog();
require_once '../../db/user_class.php'; session_start(); if (isset($_POST['newsEventsId'])) { $NE_id = $_POST['newsEventsId']; } else { $NE_id = NULL; } if (isset($_POST['newsEventsDate'])) { $NE_date = $_POST['newsEventsDate']; } else { $NE_date = NULL; } if (isset($_POST['newsEventsDesc'])) { $NE_desc = $_POST['newsEventsDesc']; } else { $NE_desc = NULL; } if (isset($_POST['newsEventsUrl'])) { $NE_Url = $_POST['newsEventsUrl']; } else { $NE_Url = NULL; } if (isset($_POST['type'])) { $NE_type = $_POST['type']; } else { $NE_type = NULL; } $n = new news_event_class($NE_id, $NE_date, $NE_desc, $NE_Url, $NE_type); echo $n->insertNewsEvent(); $l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $NE_id . " news details added"); $l->insertlog();
<?php if (!isset($_SERVER['HTTP_REFERER'])) { header("location: ../../access_denied.php?data=You don't have direct access to this page"); } require_once '../../db/news_event_class.php'; require_once '../../db/site_log_class.php'; require_once '../../db/user_class.php'; if (!isset($_GET['id'])) { die("go to news event management page"); } $ti = $_GET['id']; require_once '../../db/user_class.php'; if (!isset($_SESSION)) { session_start(); } $user = $_SESSION['user']; if ($user->role_id == 5) { $ob = news_event_class::getNewsEventsObject($ti); if ($ob != 0) { if ($ob->news_event_type != "CASA") { header("location: ../../access_denied.php?data=You don't have access to delete this news."); } } } $a = news_event_class::deleteNewsEvents($ti); $_SESSION['answer'] = $a; $l = new site_log(NULL, NULL, $_SESSION['user']->username, $_SERVER['REMOTE_ADDR'], $ti . "news details deleted"); $l->insertlog(); header('Location: ../../news-event_manage_detail.php?ADS=' . $a);