diff options
author | msquare <msquare@notrademark.de> | 2016-11-09 17:43:56 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2016-11-09 17:43:56 +0100 |
commit | d43eb41d25d0d5c0509417247030dd6c21118cf6 (patch) | |
tree | 2c3f78bf8fbd4215e70af7dbc2ce30cfef674816 /includes/pages/admin_news.php | |
parent | d5d2acc7d80920eef5f0ed779a3738a12d5db348 (diff) | |
parent | 22520532c78b3a032aec6ececb7623ba094da8de (diff) |
Merge pull request #274 from engelsystem/task-164-shift-view
Task 164 shift view
Diffstat (limited to 'includes/pages/admin_news.php')
-rw-r--r-- | includes/pages/admin_news.php | 100 |
1 files changed, 48 insertions, 52 deletions
diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 4226e6ba..789fc728 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -5,66 +5,62 @@ function admin_news() { if (! isset($_GET["action"])) { redirect(page_link_to("news")); + } + + $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg(); + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $news_id = $_REQUEST['id']; } else { - $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg(); - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $news_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing News ID.", true); - } + return error("Incomplete call, missing News ID.", true); + } + + $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); + if (empty($news)) { + return error("No News found.", true); + } + switch ($_REQUEST["action"]) { + default: + redirect(page_link_to('news')); + case 'edit': + list($news) = $news; + + $user_source = User($news['UID']); + + $html .= form([ + form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), + form_info(_("Author"), User_Nick_render($user_source)), + form_text('eBetreff', _("Subject"), $news['Betreff']), + form_textarea('eText', _("Message"), $news['Text']), + form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), + form_submit('submit', _("Save")) + ], page_link_to('admin_news&action=save&id=' . $news_id)); + + $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; + break; - $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); - if (count($news) > 0) { - switch ($_REQUEST["action"]) { - default: - redirect(page_link_to('news')); - case 'edit': - list($news) = $news; - - $user_source = User($news['UID']); - if ($user_source === false) { - engelsystem_error("Unable to load user."); - } - - $html .= form([ - form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), - form_info(_("Author"), User_Nick_render($user_source)), - form_text('eBetreff', _("Subject"), $news['Betreff']), - form_textarea('eText', _("Message"), $news['Text']), - form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), - form_submit('submit', _("Save")) - ], page_link_to('admin_news&action=save&id=' . $news_id)); - - $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; - break; - - case 'save': - list($news) = $news; - - sql_query("UPDATE `News` SET + case 'save': + list($news) = $news; + + sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`='" . sql_escape($news_id) . "'"); - engelsystem_log("News updated: " . $_POST["eBetreff"]); - success(_("News entry updated.")); - redirect(page_link_to("news")); - break; - - case 'delete': - list($news) = $news; - - sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); - engelsystem_log("News deleted: " . $news['Betreff']); - success(_("News entry deleted.")); - redirect(page_link_to("news")); - break; - } - } else { - return error("No News found.", true); - } + engelsystem_log("News updated: " . $_POST["eBetreff"]); + success(_("News entry updated.")); + redirect(page_link_to("news")); + break; + + case 'delete': + list($news) = $news; + + sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); + engelsystem_log("News deleted: " . $news['Betreff']); + success(_("News entry deleted.")); + redirect(page_link_to("news")); + break; } return $html . '</div>'; } |