/**
* Creates a new model.
* If creation is successful, the browser will be redirected to the 'view' page.
*/
public function actionCreate()
{
$model = new News();
// Uncomment the following line if AJAX validation is needed
// $this->performAjaxValidation($model);
if (isset($_POST['News'])) {
$model->attributes = $_POST['News'];
if ($model->save()) {
if (!empty($model->img)) {
$photo = $model->img;
$img = Yii::app()->image->load($_SERVER['DOCUMENT_ROOT'] . '/userfiles/editor/images/' . $photo);
$pname = 'news_' . $model->id . '_' . $photo;
$img->save($_SERVER['DOCUMENT_ROOT'] . '/userfiles/original/' . $pname);
$img->resize(600, 600);
$img->save($_SERVER['DOCUMENT_ROOT'] . '/userfiles/large/' . $pname);
$img->resize(200, 200);
$img->save($_SERVER['DOCUMENT_ROOT'] . '/userfiles/medium/' . $pname);
$img->resize(100, 100);
$img->save($_SERVER['DOCUMENT_ROOT'] . '/userfiles/small/' . $pname);
$model->img = $pname;
$model->update();
}
if (isset($_POST['savebutton'])) {
$this->redirect($this->createUrl('index', array('News_page' => $_GET['News_page'], 'msg' => '[!] Новость успешно создана', 'msgtype' => 'success')));
} else {
$this->redirect($this->createUrl('update', array('id' => $model->id, 'msg' => '[!] Новость успешно создана', 'msgtype' => 'success')));
}
} else {
$model->date = $model->viewDate();
}
}
$this->render('create', array('model' => $model));
}
public function actionUpdate()
{
$NewsRecord = new News();
$NewsRecord->NewsHeader = isset($_POST['NewsHeader']) ? $_POST['NewsHeader'] : null;
$NewsRecord->NewsPreview = isset($_POST['NewsPreview']) ? $_POST['NewsPreview'] : null;
$NewsRecord->NewsText = isset($_POST['NewsText']) ? $_POST['NewsText'] : null;
$NewsRecord->NewsTags = isset($_POST['NewsTags']) ? $_POST['NewsTags'] : null;
$NewsId = isset($_GET['id']) ? (int) $_GET['id'] : null;
$NewsRecord->WHERE = [':NewsId' => $NewsId];
$NewsRecord->update();
header('Location: ./index.php');
}
public function newsFormSubmited(NAppForm $form)
{
if ($form['addnews']->isSubmittedBy()) {
$values = $form->getValues();
$id = (int) $this->getParam('id');
$ref = new News(array('id' => $id));
if ($id > 0) {
$ref->update($id, $values);
} else {
$ref->insert($values);
}
$this->flashMessage('Novinka uložena.');
}
$this->redirect('News:default');
}
/**
* Updates the news item.
*
* @param int $id
* @return Redirect
*/
public function update($id)
{
$input = Input::except('_token', '_method');
$news = $this->news->byId($id);
if ($news->title === $input['title']) {
//dont check for title uniqueness when updating if
//title was not updated.
$this->validator->rules['title'] = 'required|min:2|max:255';
}
if (!$this->validator->with($input)->passes()) {
return Redirect::back()->withErrors($this->validator->errors())->withInput($input);
}
//escape double qoutes
$input['title'] = htmlspecialchars($input['title']);
$this->news->update($news, $input);
return Redirect::back()->withSuccess(trans('main.news update success'));
}
public function actionUpdate()
{
if (!isset($_GET['id'])) {
header("HTTP/1.0 404 Not Found");
throw new E404Exception('Requested param cannot be null');
}
if (!isset($_POST['NewsHeader']) || !isset($_POST['NewsPreview']) || !isset($_POST['NewsText']) || !isset($_POST['NewsTags'])) {
header("HTTP/1.0 404 Not Found");
throw new E404Exception('Required params can not be null');
}
$NewsRecord = new News();
$NewsRecord->NewsHeader = $_POST['NewsHeader'];
$NewsRecord->NewsPreview = $_POST['NewsPreview'];
$NewsRecord->NewsText = $_POST['NewsText'];
$NewsRecord->NewsTags = $_POST['NewsTags'];
$NewsId = (int) $_GET['id'];
$NewsRecord->WHERE = [':NewsId' => $NewsId];
$NewsRecord->update();
header('Location: ./index.php');
}
<?php
require_once __DIR__ . '/autoload.php';
$a = new News();
$a->assign();
News::update();
?>
<form method="post" action="/test.php" enctype="multipart/form-data">
<div class="form-group">
<label for="title">Title</label>
<input type="text" class="form-control" id="title" name="title" placeholder="Title">
</div>
<div class="form-group">
<label for="date">Date</label>
<input type="date" class="form-control" id="date" name="date">
</div>
<div class="form-group">
<label for="image">Image</label>
<input type="text" id="image" name="image">
</div>
<div class="form-group">
<label for="desc_min">Description min</label>
<textarea class="form-control" rows="5" id="desc_min" name="desc_min"></textarea>
</div>
<div class="form-group">
<label for="desc">Description full</label>
<textarea class="form-control" rows="5" id="desc" name="desc"></textarea>
</div>
<button type="submit" class="btn btn-default">Submit</button>
</form>
list($result, $totalCount) = $forum->getUserPosts((int) $params[1], (int) $_GET["limit"] ?: 10, (int) $_GET["index"] ?: 0);
httpResponse($result, $totalCount);
break;
case validateRoute('GET', 'news'):
$news = new News($db, $user);
$arr = $news->query((int) $_GET["limit"] ?: 2, $_GET["markAsRead"] ?: "false");
httpResponse($arr);
break;
case validateRoute('POST', 'news'):
$forum = new Forum($db, $user);
$news = new News($db, $user, $forum);
httpResponse($news->create($postdata));
break;
case validateRoute('PATCH', 'news/\\d+'):
$news = new News($db, $user);
httpResponse($news->update($params[1], $postdata));
break;
case validateRoute('DELETE', 'news/\\d+'):
$news = new News($db, $user);
httpResponse($news->delete($params[1]));
break;
case validateRoute('GET', 'suggestions'):
$suggestions = new Suggestions($db, $user);
$arr = $suggestions->get($_GET["view"] ?: 'top', (int) $_GET["limit"] ?: 10);
httpResponse($arr);
break;
case validateRoute('POST', 'suggestions/\\d+/votes'):
$suggestions = new Suggestions($db, $user);
$arr = $suggestions->vote($params[1], $postdata["direction"]);
httpResponse($arr);
break;
public function save_order()
{
$news_array = $_POST['news_id'];
$order_array = $_POST['order'];
$news = new News();
foreach ($news_array as $key => $value) {
$news_id = $value;
$news_order = $order_array[$key];
$news->update('News', array('sequence' => $news_order), 'id=' . $news_id);
}
Flash::set('success', __('This promo sequence has been saved.'));
redirect(get_url('news'));
}
include_once "../config.inc.php";
include_once APP_INC_PATH . "class.template.php";
include_once APP_INC_PATH . "class.auth.php";
include_once APP_INC_PATH . "class.project.php";
include_once APP_INC_PATH . "class.news.php";
include_once APP_INC_PATH . "db_access.php";
$tpl = new Template_API();
$tpl->setTemplate("manage/index.tpl.html");
Auth::checkAuthentication(APP_COOKIE);
$tpl->assign("type", "news");
$role_id = Auth::getCurrentRole();
if ($role_id == User::getRoleID('administrator') || $role_id == User::getRoleID('manager')) {
if ($role_id == User::getRoleID('administrator')) {
$tpl->assign("show_setup_links", true);
}
if (@$HTTP_POST_VARS["cat"] == "new") {
$tpl->assign("result", News::insert());
} elseif (@$HTTP_POST_VARS["cat"] == "update") {
$tpl->assign("result", News::update());
} elseif (@$HTTP_POST_VARS["cat"] == "delete") {
News::remove();
}
if (@$HTTP_GET_VARS["cat"] == "edit") {
$tpl->assign("info", News::getAdminDetails($HTTP_GET_VARS["id"]));
}
$tpl->assign("list", News::getList());
$tpl->assign("project_list", Project::getAll());
} else {
$tpl->assign("show_not_allowed_msg", true);
}
$tpl->displayTemplate();
* @license GNU General Public License, version 2 or later (GPL-2+)
*
* For the full copyright and license information,
* please see the COPYING and AUTHORS files
* that were distributed with this source code.
*/
require_once __DIR__ . '/../../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('manage/news.tpl.html');
Auth::checkAuthentication();
$role_id = Auth::getCurrentRole();
if ($role_id < User::ROLE_MANAGER) {
Misc::setMessage(ev_gettext('Sorry, you are not allowed to access this page.'), Misc::MSG_ERROR);
$tpl->displayTemplate();
exit;
}
if (@$_POST['cat'] == 'new') {
$res = News::insert();
Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the news entry was added successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to add the news entry.'), Misc::MSG_ERROR), -2 => array(ev_gettext('Please enter the title for this news entry.'), Misc::MSG_ERROR), -3 => array(ev_gettext('Please enter the message for this news entry.'), Misc::MSG_ERROR)));
} elseif (@$_POST['cat'] == 'update') {
$res = News::update();
Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the news entry was updated successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to update the news entry.'), Misc::MSG_ERROR), -2 => array(ev_gettext('Please enter the title for this news entry.'), Misc::MSG_ERROR), -3 => array(ev_gettext('Please enter the message for this news entry.'), Misc::MSG_ERROR)));
} elseif (@$_POST['cat'] == 'delete') {
News::remove();
}
if (@$_GET['cat'] == 'edit') {
$tpl->assign('info', News::getAdminDetails($_GET['id']));
}
$tpl->assign('list', News::getList());
$tpl->assign('project_list', Project::getAll());
$tpl->displayTemplate();
* Free up space which otherwise will go unused forever
*/
unset($histories);
unset($companies);
unset($history);
unset($key);
unset($stock);
unset($stocks);
}
while (1) {
$stocks = Stock::getAllStocks();
$news = new News(0);
/*
* First Start Releasing News Which We Have Stored With us
*/
$news->update();
/*
*Then Start Updating The Stocks
*/
foreach ($stocks as $stock) {
$stock->stockUpdate();
}
StockHolder::updateLeaderBoard();
/*
* TODO : update stocks bought by each company now
* right now it gets updated in stock update only when no news or override is present!
*/
unset($news);
unset($stock);
unset($stocks);
/*
static function update($post_id)
{
parent::update($post_id, self::$category_id, self::$acf_id);
}
$data = $aa . "-" . $mm . "-" . $gg;
}
if (isset($_POST["home"]) and $_POST["home"] == "t") {
$home = "t";
} else {
$home = "f";
}
$news = new News();
if (isset($_POST["insert"]) and $_POST["insert"] == "si") {
$news->add($data, $link, $titolo, $abstract, $descrizione, $titolo_ita, $abstract_ita, $descrizione_ita, $titolo_ted, $abstract_ted, $descrizione_ted, $home);
//recupero l'ultimo id inserito
$db = new Db();
$id = $db->get_last_id();
} elseif (isset($_POST["update"]) and $_POST["update"] == "si") {
$id = aggiusta_post($_GET["id"]);
$news->update($id, $data, $link, $titolo, $abstract, $descrizione, $titolo_ita, $abstract_ita, $descrizione_ita, $titolo_ted, $abstract_ted, $descrizione_ted, $home);
//upload dei file
update_file("news", "news_dettaglio.php?errore=file&id=" . $id, $id);
}
print "<script language='Javascript'>window.location.replace('news_dettaglio.php?id=" . $id . "&ins=si');</script>";
}
$data = date("d") . "/" . date("m") . "/" . date("Y");
$link = "";
$titolo = "";
$abstract = "";
$descrizione = "";
$titolo_ita = "";
$abstract_ita = "";
$descrizione_ita = "";
$titolo_ted = "";
$abstract_ted = "";
<?php
session_start();
require "../includes/checkPermission.php";
require "../../deny/connector.php";
require "class/class.News.php";
require "../includes/injection.php";
$newstitle = sqlInjection($_POST['NewsTitle']);
$newssummary = mysql_real_escape_string($_POST['NewsSummary']);
$newsimage = sqlInjection($_POST['NewsImage']);
$newscontent = mysql_real_escape_string($_POST['textContent']);
$newsid = sqlInjection($_GET['newsID']);
//echo $newstitle."<br>".$newssummary."<br>".$newsimage."<br>".$newscontent."<br>".$newsid;
$cate = new News();
$cate->update($newstitle, $newssummary, $newsimage, $newscontent, $newsid);
echo "<meta http-equiv='refresh' content='0;url=../admincp.php?opt=listnews'>";
//header("location: ../admincp.php?opt=listnews");
//exit();
