<?php
require_once 'header.php';
$controller = new ControllerNews();
$news = $controller->getNews();
if (!empty($_SERVER['QUERY_STRING'])) {
$extras = new Extras();
$news_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']);
if ($news_id != null) {
$controller->deleteNews($news_id, 1);
echo "<script type='text/javascript'>location.href='news.php';</script>";
}
// if($news_id == null) {
// echo "<script type='text/javascript'>location.href='403.php';</script>";
// }
}
$begin = 0;
$page = 1;
$count = count($news);
$pages = intval($count / Constants::NO_OF_ITEMS_PER_PAGE);
$search_criteria = "";
if (isset($_POST['button_search'])) {
$search_criteria = trim(strip_tags($_POST['search']));
$news = $controller->getNewsBySearching($search_criteria);
} else {
if ($count % Constants::NO_OF_ITEMS_PER_PAGE != 0) {
$pages += 1;
}
if (!empty($_GET['page'])) {
$page = $_GET['page'];
$begin = ($page - 1) * Constants::NO_OF_ITEMS_PER_PAGE;
<?php
require_once 'header.php';
$controller = new ControllerNews();
$extras = new Extras();
$news_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']);
if ($news_id != null) {
$news = $controller->getNewsByNewsId($news_id);
if (isset($_POST['submit'])) {
$itm = $news;
$itm->news_url = htmlspecialchars(trim(strip_tags($_POST['news_url'])), ENT_QUOTES);
$itm->news_title = htmlspecialchars(trim(strip_tags($_POST['news_title'])), ENT_QUOTES);
$news_content = preg_replace('~[\\r\\n]+~', '', $_POST['news_content']);
$itm->news_content = htmlspecialchars(trim(strip_tags($news_content)));
$itm->updated_at = time();
$itm->created_at = time();
$itm->photo_url = trim(strip_tags($_POST['photo_url']));
$count = count($_FILES["file"]["name"]);
if (!empty($_FILES["file"]["name"][0])) {
uploadFile($controller, $itm);
} else {
$controller->updateNews($itm);
echo "<script type='text/javascript'>location.href='news.php';</script>";
}
}
} else {
echo "<script type='text/javascript'>location.href='403.php';</script>";
}
function uploadFile($controller, $itm)
{
$extras = new Extras();
