function page_admin_menu_edit($parent_id = "", $act = "", $id = "")
{
requires_admin();
set_lang("other");
use_template("admin");
if (!$parent_id) {
$parent_id = 0;
}
$o = "";
if ($act == "del") {
$rec = db_object_get("menu", $id);
if ($rec->fixed == 'Y') {
$act = "-";
$o .= '<script>alert("Эту запись нельзя удалить.")</script>';
}
}
global $tables;
$tables['menu']['fields'][] = "title";
$tables['menu']['fields'][] = "link";
$tables['menu']['weight'] = true;
if ($parent_id) {
$o .= menu_path($parent_id);
}
$o .= table_edit("menu", "admin/menu/edit/{$parent_id}", $act, $id, "parent_id", $parent_id, "", "on_menu");
return $o;
}
function page_admin_news($act = "", $id = "")
{
requires_admin();
use_template("admin");
$o = table_edit("news", "admin/news", $act, $id);
return $o;
}
function page_admin_images($act = "", $id = "")
{
requires_admin();
use_template("admin");
if ($act == "add") {
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images");
}
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить", "submit");
form_end();
$o = form();
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("../{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
return $o;
}
function page_admin_menu_edit($parent_id = "", $act = "", $id = "")
{
requires_admin();
set_lang("other");
use_layout("admin");
if (!$parent_id) {
$parent_id = 0;
}
$o = "";
if ($act == "del") {
$rec = db_object_get("menu", $id);
if ($rec->fixed == 'Y') {
$act = "-";
$o .= '<script>alert("Эту запись нельзя удалить.")</script>';
}
}
global $tables;
$tables['menu']['fields'][] = "title";
$tables['menu']['fields'][] = "link";
$tables['menu']['weight'] = true;
if ($parent_id) {
$o .= menu_path($parent_id);
}
global $table_edit_props;
$table_edit_props->use_rename_icon_for_edit = true;
$o .= table_edit("menu", "admin/menu/edit/{$parent_id}", $act, $id, "parent_id", $parent_id, "", "on_menu");
$o .= "<style> input[type='submit'] { padding: 5px 10px; width: auto;}\r\n\t input{ width:400px; }\r\n\t</style>";
return $o;
}
function page_admin_images($act = "", $id = "")
{
requires_admin();
use_layout("admin");
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
$caption = "Загрузить картинку";
if ($act == "edit") {
$caption = "Изменить картинку";
}
form_submit($caption, "submit");
form_end();
$upload = form();
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
if ($act == "add") {
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
} else {
@unlink(db_result(db_query("SELECT link FROM images WHERE id=%d", $id)));
}
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images/edit/{$id}");
}
}
if ($act == "add") {
$o = $upload;
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
if ($act == 'edit') {
$im = db_object_get("images", $id);
$o .= "<img width=100px src={$im->link}><br>{$upload}";
}
return $o;
}
function page_admin_pages($act = "", $id = "")
{
requires_admin();
use_template("admin");
$o = "";
if ($act == "del") {
$p = db_object_get("pages", $id);
if ($p->fixed == 'Y') {
$act = "-";
$o .= '<script>alert("Эту страницу нельзя удалить.")</script>';
}
}
global $table_edit_props;
$table_edit_props->col_title_show = false;
// $table_edit_props->new_record_show = false;
// $table_edit_props->del_record_show = false;
// $table_edit_props->edit_record_show = false;
global $base_url;
$o .= table_edit("pages", "admin/pages", $act, $id, "", "", "", "<a href=admin/edit/pages/content/[id]><img src=images/text_edit.png atl='Редактировать' title='Редактировать'></a> <a href={$base_url}p/[id]>{$base_url}p/[id]</a>");
return $o;
}
function page_admin_table_edit($tablename, $act = "", $id = "")
{
requires_admin();
use_layout("admin");
global $tables;
if (!isset($tables[$tablename]['directedit'])) {
die("tables[{$tablename}]['directedit'] missing");
}
return table_edit($tablename, "admin/table/edit/{$tablename}", $act, $id);
}
function table_edit($tablename, $home = "", $action = "", $id = "", $masterfield = "", $mastervalue = "", $order = "", $actionstring_or_function = "")
{
if (!$home) {
$home = self_q();
}
if (!$action) {
$action = arg(0);
}
if (!$id) {
$id = arg(1);
}
global $table_edit_props;
$actionstring = $actionstring_or_function;
////////////// PREPARE
$table_long_alias = $tablename;
global $tables;
if (isset($tables[$tablename]['weight'])) {
weight_fix($tablename);
}
$table_long_alias = table_long_alias($tablename);
/////////////////////////////////////
$master_cond = "";
if ($masterfield) {
if (strtolower($mastervalue) == 'null') {
$master_cond = " AND {$masterfield} is null";
} else {
$master_cond = " AND {$masterfield}='{$mastervalue}' ";
}
}
global $tables;
if (!isset($tables[$tablename])) {
die("error, table_edit - tables[{$tablename}] not set");
}
if (isset($tables[$tablename]['weight'])) {
if ($order) {
$order .= ",";
}
$order .= " {$tablename}.weight ";
}
if ($order) {
$order = " ORDER BY {$order} ";
}
//this is reaction on drag and drop reorder
if ($action == "move") {
$d = $_REQUEST['delta'];
if ($d > 0) {
for ($i = 0; $i < $d; $i++) {
table_edit($tablename, "return!", "down", $id, $masterfield, $mastervalue);
}
}
if ($d < 0) {
$d = -$d;
for ($i = 0; $i < $d; $i++) {
table_edit($tablename, "return!", "up", $id, $masterfield, $mastervalue);
}
}
die("");
}
if ($action == "up") {
$weight = db_result(db_query("SELECT weight FROM {$tablename} WHERE id=%d {$master_cond}", $id));
$prevweight = db_result(db_query("SELECT max(weight) FROM {$tablename} WHERE weight<%f {$master_cond}", $weight));
$previd = db_result(db_query("SELECT id FROM {$tablename} WHERE weight=%f {$master_cond}", $prevweight));
db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $prevweight, $id);
db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $weight, $previd);
if ($home == 'return!') {
return;
}
redir($home);
}
if ($action == "down") {
$weight = db_result(db_query("SELECT weight FROM {$tablename} WHERE id=%d {$master_cond}", $id));
$prevweight = db_result(db_query("SELECT min(weight) FROM {$tablename} WHERE weight>%f {$master_cond}", $weight));
if ($prevweight) {
$previd = db_result(db_query("SELECT id FROM {$tablename} WHERE weight=%f {$master_cond}", $prevweight));
db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $prevweight, $id);
db_query("UPDATE {$tablename} SET weight=%f WHERE id=%d {$master_cond}", $weight, $previd);
}
if ($home == 'return!') {
return;
}
redir($home);
}
if ($action == "del") {
db_query("DELETE FROM {$tablename} WHERE id=%d {$master_cond}", $id);
}
if ($action == "edit") {
if (form_post("edit")) {
$sets = "";
foreach ($tables[$tablename]['fields'] as $value) {
if ($sets) {
$sets .= ", ";
}
if (str_end($value, "_check")) {
if (form_post($value)) {
$sets .= "{$value}=1";
} else {
$sets .= "{$value}=0";
}
} else {
if (str_end($value, "_time")) {
//hms mdy
$f = str_start($value, "_time");
$ts = mktime(form_post($f . "_hour"), form_post($f . "_min"), form_post($f . "_sec"), form_post($f . "_month"), form_post($f . "_day"), form_post($f . "_year"));
$sets .= "{$value}={$ts}";
} else {
$p = form_post($value);
$p = SlashSymbolsFix($p);
if (mysql || pdo_sqlite) {
$p = mysql_real_escape_string($p);
}
if (sqlite2) {
$p = sqlite_escape_string($p);
}
if (sqlite3) {
$p = $GLOBALS['dbhandle']->escapeString($p);
}
if ($p == "null") {
$sets .= "{$value}=null";
} else {
$sets .= "{$value} = '" . $p . "' ";
}
}
}
}
$s = "UPDATE {$tablename} SET {$sets} WHERE id={$id} {$master_cond}";
db_query($s);
$callback = "table_" . $tablename . "_edit";
if (function_exists($callback)) {
$callback($id);
}
redir($home);
}
page_header("Edit {$table_long_alias}");
if (isset($tables[$tablename]['fields'])) {
$r = db_object_get($tablename, $id);
form_start();
table_edit_form_generate($tablename, $r);
form_submit("{~Save changes}", "edit");
form_end();
return form();
} else {
return "";
}
}
if ($action == "add" && $table_edit_props->add_records) {
if (form_post("add")) {
//fixme: unsecure, sql injection
$fields = "";
$values = "";
if (isset($tables[$tablename]['fields'])) {
foreach ($tables[$tablename]['fields'] as $field) {
if ($fields) {
$fields .= ", ";
}
$fields .= $field;
if ($values) {
$values .= ", ";
}
if (str_end($field, "_check")) {
if (form_post($field)) {
$values .= "1";
} else {
$values .= "0";
}
} else {
if (str_end($field, "_time")) {
//hms mdy
$f = str_start($field, "_time");
$ts = mktime(form_post($f . "_hour"), form_post($f . "_min"), form_post($f . "_sec"), form_post($f . "_month"), form_post($f . "_day"), form_post($f . "_year"));
$values .= "{$ts}";
} else {
$p = form_post($field);
$p = SlashSymbolsFix($p);
if (mysql || pdo_sqlite) {
$p = mysql_real_escape_string($p);
} else {
if (sqlite2) {
$p = sqlite_escape_string($p);
} else {
if (sqlite3) {
$p = $GLOBALS['dbhandle']->escapeString($p);
}
}
}
if ($p == 'null') {
$values .= "null";
} else {
$values .= "'" . $p . "'";
}
}
}
}
}
if ($masterfield) {
if ($fields) {
$fields .= ", ";
}
$fields .= " {$masterfield}";
if (strtolower($mastervalue) == 'null') {
$values .= ", null ";
} else {
$values .= ", '{$mastervalue}'";
}
}
if (isset($tables[$tablename]['weight'])) {
if ($fields) {
$fields .= ", ";
}
$fields .= " weight";
$values .= ", " . (db_result(db_query("SELECT max(id) FROM {$tablename}")) + 1);
}
if ($values && $values[0] == ',') {
$values = substr($values, 1, strlen($values));
}
db_query("INSERT INTO {$tablename} (id, {$fields}) VALUES (null, {$values})");
$id = db_last_id();
$callback = "table_" . $tablename . "_edit";
if (function_exists($callback)) {
$callback($id);
}
if ($table_edit_props->add_redir) {
redir($home);
}
}
page_header("Add {$table_long_alias}");
form_start("", "post", " name=add_form ");
table_edit_form_generate($tablename);
if ($table_edit_props->add_record_html) {
global $form;
$form .= "<tr><td><td>" . $table_edit_props->add_record_html;
}
if ($table_edit_props->add_record_button_show) {
form_submit("{~Add record}", "add");
} else {
form_hidden("add", "1");
}
form_end();
return form();
}
if (strlen($GLOBALS['pageheader'] == 0)) {
if (!str_end($table_long_alias, "s")) {
page_header("{$table_long_alias}" . "s List");
} else {
page_header($table_long_alias);
}
}
$ff = array();
$ff = @$tables[$tablename]['fields'];
$fields = "";
$joins = "{$tablename}";
$titles = array();
if ($ff) {
foreach ($ff as $f) {
if ($fields) {
$fields .= ", ";
}
$type = substr($f, strlen($f) - 3, 3);
if ($type == "_id") {
$cap = substr($f, 0, strlen($f) - 3);
$table = $cap . "s";
if (!isset($tables[$table])) {
$table = str_prefix($tablename) . $table;
}
$titlefield = "";
foreach ($tables[$table]['fields'] as $v) {
$titlefield = $v;
break;
}
$fields .= " {$table}.{$titlefield} as {$cap} ";
$joins .= " LEFT JOIN {$table} ON {$tablename}.{$f} = {$table}.id ";
$titles[] = $cap;
} else {
$fields .= "{$tablename}.{$f}";
$titles[] = $f;
}
}
}
$where = "";
if ($masterfield) {
if (strtolower($mastervalue) == 'null') {
$where = " WHERE {$masterfield} is null ";
} else {
$where = " WHERE {$masterfield}='{$mastervalue}' ";
}
}
if ($fields) {
$fields_s = ", {$fields}";
} else {
$fields_s = "";
}
$q = "SELECT {$tablename}.id as id {$fields_s} FROM {$joins} {$where} {$order}";
$act = "";
if ($table_edit_props->edit_record_show) {
$edit_image = "edit.png";
if ($table_edit_props->use_rename_icon_for_edit) {
$edit_image = "rename.png";
}
$act .= "<a href=?q={$home}/edit/[id]><img src=images/bios/{$edit_image} border=0></a>";
}
if ($table_edit_props->del_record_show) {
$act .= "<a href=?q={$home}/del/[id]><img onclick=\"return confirm('{~Are you sure?}');\"src=images/bios/del.png border=0></a>";
}
//up down arrows
/* if(isset($tables[$tablename]['weight'])) {
$act = " <a href=?q=$home/up/[id]><img src=images/up.png></a> <a href=?q=$home/down/[id]><img src=images/down.png></a> ".$act;
}*/
$rr = db_query($q);
$s = "";
$rr = db_fetch_objects($rr);
if (count($rr) == 0) {
$s .= "{~no records}<br>";
} else {
if ($table_edit_props->action_string_left) {
table_start(count($ff) + 2);
if ($table_edit_props->col_title_show) {
table_add("", " class=table_edit_header ");
}
} else {
table_start(count($ff) + 1);
}
///HEADERS
if ($table_edit_props->col_title_show) {
foreach ($titles as $v) {
if (str_end($v, "_check")) {
$v = str_start($v, "_check");
} else {
if (str_end($v, "_text")) {
$v = str_start($v, "_text");
}
}
table_add("{~{$v}}", " class=table_edit_header ");
}
table_add("", " class=table_edit_header ");
}
foreach ($rr as $r) {
$r = (array) $r;
////// table add id attribute to tr
global $table_row_attributes;
$table_row_attributes = " id=" . $r['id'] . " ";
///////////////////////////////////////
$acts_left = "";
if ($table_edit_props->action_string_left) {
$acts_left = $table_edit_props->action_string_left;
$acts_left = str_replace("[id]", $r['id'], $acts_left);
table_add($acts_left);
}
foreach ($r as $key => $value) {
if (str_end($key, "_check")) {
if ($value == 1) {
table_add("<INPUT TYPE=CHECKBOX READONLY readonly='readonly' checked onclick='javascript:return false'>");
} else {
table_add("<INPUT TYPE=CHECKBOX READONLY readonly='readonly' onclick='javascript:return false'>");
}
} else {
if (str_end($key, "_time")) {
table_add(@date("Y/m/d H:i:s", $value));
} else {
if ($key != 'id') {
table_add($value, " class=table_edit_cell ");
}
}
}
}
$useract = "";
if (function_exists($actionstring)) {
$useract = $actionstring($r['id'], $r);
} else {
$useract = $actionstring;
}
$acts = str_replace("[id]", $r['id'], $act . " " . $useract);
table_add($acts);
}
$s = "";
$s .= table_flush(" class=table_edit ");
/// table drag reorder
if (isset($tables[$tablename]['weight']) && $tables[$tablename]['weight']) {
$s .= table_edit_drag_code($home);
}
/////
}
if ($table_edit_props->new_record_show && $table_edit_props->add_records) {
$html = "<img src=images/bios/add.png border=0> {~Add a new record}";
if ($table_edit_props->new_record_html) {
$html = $table_edit_props->new_record_html;
}
$s .= "<br><a href=?q={$home}/add>{$html}</a>";
}
return $s;
}
function page_admin_catalog_images($catalog_id = "", $act = "", $id = "")
{
requires_admin();
use_template("admin");
global $tables;
$tables['catalog_images']['weight'] = 1;
$o = "";
if ($act == "edit") {
$o .= "<a href=admin/catalog/images/{$catalog_id}><<Назад</a><br>";
} else {
$catalog = db_object_get("catalog", $catalog_id);
$o .= "<a href=admin/catalog/edit/{$catalog->parent_id}/edit/{$catalog_id}><<Назад</a><br>";
}
if ($act == "del") {
$fname = db_object_get("catalog_images", $id)->image_file;
@unlink("img/upload/catalog/{$fname}");
}
if ($act == "edit") {
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить картинку", "submit");
form_end();
$upload = form();
$upload .= "<script>\r\n \$(function() {\r\n\t\t\t\t \$('input[name=submit]').remove();\r\n \$('input[name=file]').change( function() {\r\n\t\t\t\t\t \$('form').submit();\r\n\t });\r\n\t });\r\n\t\t </script>";
$o .= $upload;
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
@unlink("img/upload/catalog/" . db_result(db_query("SELECT image_file FROM catalog_images WHERE id=%d", $id)));
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/upload/catalog/" . $fname);
db_query("UPDATE catalog_images SET image_file='{$fname}' WHERE id=%d", $id);
redir("admin/catalog/images/{$catalog_id}");
}
}
}
if ($act == "add") {
$_REQUEST['add'] = true;
}
global $table_edit_props;
$table_edit_props->add_redir = false;
$o .= table_edit("catalog_images", "admin/catalog/images/{$catalog_id}", $act, $id, "catalog_id", $catalog_id, "", "on_catalog_image");
if ($act == "add") {
$id = db_last_id();
redir("admin/catalog/images/{$catalog_id}/edit/" . $id);
die;
}
return $o;
}
function page_users($action = "", $id = "")
{
requires_authorization();
return table_edit("users", "users", $action, $id);
}
function page_admin_pages($act = "", $id = "")
{
requires_admin();
use_layout("admin");
$o = "";
if ($act == "del") {
$p = db_object_get("pages", $id);
if ($p->fixed == 'Y') {
$act = "-";
$o .= '<script>alert("Эту страницу нельзя удалить.")</script>';
}
}
global $table_edit_props;
$table_edit_props->col_title_show = false;
// $table_edit_props->new_record_show = false;
// $table_edit_props->del_record_show = false;
// $table_edit_props->edit_record_show = false;
$table_edit_props->use_rename_icon_for_edit = true;
global $base_url;
$o .= table_edit("pages", "admin/pages", $act, $id, "category", "null", "weight", "admin_on_page");
return $o;
}
