<?php require_once 'header.php'; $controller = new ControllerNews(); $news = $controller->getNews(); if (!empty($_SERVER['QUERY_STRING'])) { $extras = new Extras(); $news_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); if ($news_id != null) { $controller->deleteNews($news_id, 1); echo "<script type='text/javascript'>location.href='news.php';</script>"; } // if($news_id == null) { // echo "<script type='text/javascript'>location.href='403.php';</script>"; // } } $begin = 0; $page = 1; $count = count($news); $pages = intval($count / Constants::NO_OF_ITEMS_PER_PAGE); $search_criteria = ""; if (isset($_POST['button_search'])) { $search_criteria = trim(strip_tags($_POST['search'])); $news = $controller->getNewsBySearching($search_criteria); } else { if ($count % Constants::NO_OF_ITEMS_PER_PAGE != 0) { $pages += 1; } if (!empty($_GET['page'])) { $page = $_GET['page']; $begin = ($page - 1) * Constants::NO_OF_ITEMS_PER_PAGE;
<?php require_once 'header.php'; $controller = new ControllerNews(); $extras = new Extras(); $news_id = $extras->decryptQuery1(KEY_SALT, $_SERVER['QUERY_STRING']); if ($news_id != null) { $news = $controller->getNewsByNewsId($news_id); if (isset($_POST['submit'])) { $itm = $news; $itm->news_url = htmlspecialchars(trim(strip_tags($_POST['news_url'])), ENT_QUOTES); $itm->news_title = htmlspecialchars(trim(strip_tags($_POST['news_title'])), ENT_QUOTES); $news_content = preg_replace('~[\\r\\n]+~', '', $_POST['news_content']); $itm->news_content = htmlspecialchars(trim(strip_tags($news_content))); $itm->updated_at = time(); $itm->created_at = time(); $itm->photo_url = trim(strip_tags($_POST['photo_url'])); $count = count($_FILES["file"]["name"]); if (!empty($_FILES["file"]["name"][0])) { uploadFile($controller, $itm); } else { $controller->updateNews($itm); echo "<script type='text/javascript'>location.href='news.php';</script>"; } } } else { echo "<script type='text/javascript'>location.href='403.php';</script>"; } function uploadFile($controller, $itm) { $extras = new Extras();