diff options
| author | Philip Häusler <msquare@notrademark.de> | 2014-08-22 22:34:13 +0200 |
|---|---|---|
| committer | Philip Häusler <msquare@notrademark.de> | 2014-08-22 22:34:13 +0200 |
| commit | 74647e16d37fac9425a4561b49618b52cdc3e75c (patch) | |
| tree | 7bfd868f8ef2646e65ffd8dbdf63dd8bf91723e3 /includes/pages/admin_news.php | |
| parent | 721aa7f160db36e53d03081bbda73970b702eeb7 (diff) | |
add basic bootstrap theme
Diffstat (limited to 'includes/pages/admin_news.php')
| -rw-r--r-- | includes/pages/admin_news.php | 124 |
1 files changed, 46 insertions, 78 deletions
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 25807151..39b37068 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -1,93 +1,61 @@ <?php function admin_news() { global $user; - - if (!isset ($_GET["action"])) { + + if (! isset($_GET["action"])) { redirect(page_link_to("news")); } else { - $html = ""; - switch ($_GET["action"]) { - case 'edit' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing News ID.", true); - - $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); - if (count($news) > 0) { - list ($news) = $news; - + $html = '<div class="col-md-10"><h1>' . _("Edit news entry") . '</h1>'; + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) + $id = $_REQUEST['id']; + else + return error("Incomplete call, missing News ID.", true); + + $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); + if (count($news) > 0) { + switch ($_REQUEST["action"]) { + default: + redirect(page_link_to('news')); + case 'edit': + list($news) = $news; + $user_source = User($news['UID']); - if($user_source === false) + if ($user_source === false) engelsystem_error("Unable to load user."); - - $html .= '<a href="' . page_link_to("news") . '">« Back</a>'; - - $html .= "<form action=\"" . page_link_to("admin_news") . "&action=save\" method=\"post\">\n"; - - $html .= "<table>\n"; - $html .= " <tr><td>Datum</td><td>" . - date("Y-m-d H:i", $news['Datum']) . "</td></tr>\n"; - $html .= " <tr><td>Betreff</td><td><input type=\"text\" size=\"40\" name=\"eBetreff\" value=\"" . - $news["Betreff"] . "\"></td></tr>\n"; - $html .= " <tr><td>Text</td><td><textarea rows=\"10\" cols=\"80\" name=\"eText\">" . - $news["Text"] . "</textarea></td></tr>\n"; - $html .= " <tr><td>Engel</td><td>" . - User_Nick_render($user_source) . "</td></tr>\n"; - $html .= " <tr><td>Treffen</td><td>" . html_select_key('eTreffen', 'eTreffen', array ( - '1' => "Ja", - '0' => "Nein" - ), $news['Treffen']) . "</td></tr>\n"; - $html .= "</table>"; - - $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n"; - $html .= "<input type=\"submit\" name=\"submit\" value=\"Speichern\">\n"; - $html .= "</form>"; - - $html .= "<form action=\"" . page_link_to("admin_news") . "&action=delete\" method=\"POST\">\n"; - $html .= "<input type=\"hidden\" name=\"id\" value=\"" . $id . "\">\n"; - $html .= "<input type=\"submit\" name=\"submit\" value=\"Löschen\">\n"; - $html .= "</form>"; - } else - return error("No News found.", true); - break; - - case 'save' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing News ID.", true); - - $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); - if (count($news) > 0) { - list ($news) = $news; - - sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . - "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=".sql_escape($id)." LIMIT 1"); + + $html .= form(array( + form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), + form_info(_("Author"), User_Nick_render($user_source)), + form_text('eBetreff', _("Subject"), $news['Betreff']), + form_textarea('eText', _("Message"), $news['Text']), + form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), + form_submit('submit', _("Save")) + ), page_link_to('admin_news&action=save&id=' . $id)); + + $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; + break; + + case 'save': + list($news) = $news; + + sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("News updated: " . $_POST["eBetreff"]); + success(_("News entry updated.")); redirect(page_link_to("news")); - } else - return error("No News found.", true); - break; - - case 'delete' : - if (isset ($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) - $id = $_REQUEST['id']; - else - return error("Incomplete call, missing News ID.", true); - - $news = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); - if (count($news) > 0) { - list ($news) = $news; - + break; + + case 'delete': + list($news) = $news; + sql_query("DELETE FROM `News` WHERE `ID`=" . sql_escape($id) . " LIMIT 1"); engelsystem_log("News deleted: " . $news['Betreff']); + success(_("News entry deleted.")); redirect(page_link_to("news")); - } else - return error("No News found.", true); - break; - } + break; + } + } else + return error("No News found.", true); } - return $html; + return $html . '</div>'; } ?>
\ No newline at end of file |