diff options
| author | msquare <msquare@notrademark.de> | 2017-06-20 16:50:21 +0200 |
|---|---|---|
| committer | msquare <msquare@notrademark.de> | 2017-06-20 16:50:21 +0200 |
| commit | 56814fa2fdf58b4013f4d57c5ea87619c7122957 (patch) | |
| tree | 640945769b7e9626cdf43162c786147f5c962029 /includes/pages/user_news.php | |
| parent | a5fc5bd0979e8de1fce8a8addd351a6e7bd6aeb8 (diff) | |
| parent | cd30017b97afc3c7001fbb9eb14b54dbb980b7b6 (diff) | |
Merge branch 'pr/316' into feature-igel-rewrite
Diffstat (limited to 'includes/pages/user_news.php')
| -rw-r--r-- | includes/pages/user_news.php | 378 |
1 files changed, 230 insertions, 148 deletions
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 97f7ec83..b1e337b6 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -1,169 +1,251 @@ <?php -function user_news_comments_title() { - return _("News comments"); +use Engelsystem\Database\DB; + +/** + * @return string + */ +function user_news_comments_title() +{ + return _('News comments'); } -function news_title() { - return _("News"); +/** + * @return string + */ +function news_title() +{ + return _('News'); } -function meetings_title() { - return _("Meetings"); +/** + * @return string + */ +function meetings_title() +{ + return _('Meetings'); } -function user_meetings() { - global $DISPLAY_NEWS; - - $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); - - if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { - $page = $_REQUEST['page']; - } else { - $page = 0; - } - - $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); - foreach ($news as $entry) { - $html .= display_news($entry); - } - - $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); - $html .= '<div class="text-center">' . '<ul class="pagination">'; - for ($i = 0; $i < $dis_rows; $i ++) { - if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { - $html .= '<li class="active">'; - } elseif (! isset($_REQUEST['page']) && $i == 0) { - $html .= '<li class="active">'; +/** + * @return string + */ +function user_meetings() +{ + $display_news = config('display_news'); + $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); + + if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) { + $page = $_REQUEST['page']; } else { - $html .= '<li>'; + $page = 0; } - $html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; - } - $html .= '</ul></div></div>'; - - return $html; -} -function display_news($news) { - global $privileges, $page; - - $html = ''; - $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">'; - $html .= '<div class="panel-heading">'; - $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>'; - $html .= '</div>'; - $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>'; - - $html .= '<div class="panel-footer text-muted">'; - if (in_array("admin_news", $privileges)) { - $html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>'; - } - $html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . ' '; - - $user_source = User($news['UID']); - - $html .= User_Nick_render($user_source); - if ($page != "news_comments") { - $html .= ' <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' »</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>'; - } - $html .= '</div>'; - $html .= '</div>'; - return $html; + $news = DB::select(sprintf(' + SELECT * + FROM `News` + WHERE `Treffen`=1 + ORDER BY `Datum`DESC + LIMIT %u, %u', + $page * $display_news, + $display_news + )); + foreach ($news as $entry) { + $html .= display_news($entry); + } + + $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); + $html .= '<div class="text-center">' . '<ul class="pagination">'; + for ($i = 0; $i < $dis_rows; $i++) { + if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { + $html .= '<li class="active">'; + } elseif (!isset($_REQUEST['page']) && $i == 0) { + $html .= '<li class="active">'; + } else { + $html .= '<li>'; + } + $html .= '<a href="' . page_link_to('user_meetings') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; + } + $html .= '</ul></div></div>'; + + return $html; } -function user_news_comments() { - global $user; - - $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>'; - if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) { - $nid = $_REQUEST["nid"]; - list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1"); - if (isset($_REQUEST["text"])) { - $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); - sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); - engelsystem_log("Created news_comment: " . $text); - $html .= success(_("Entry saved."), true); +/** + * @param array $news + * @return string + */ +function display_news($news) +{ + global $privileges, $page; + + $html = ''; + $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">'; + $html .= '<div class="panel-heading">'; + $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>'; + $html .= '</div>'; + $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>'; + + $html .= '<div class="panel-footer text-muted">'; + if (in_array('admin_news', $privileges)) { + $html .= '<div class="pull-right">' + . button_glyph(page_link_to('admin_news') . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') + . '</div>'; } - - $html .= display_news($news); - - $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); - foreach ($comments as $comment) { - $user_source = User($comment['UID']); - - $html .= '<div class="panel panel-default">'; - $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; - $html .= '<div class="panel-footer text-muted">'; - $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . ' '; - $html .= User_Nick_render($user_source); - $html .= '</div>'; - $html .= '</div>'; + $html .= '<span class="glyphicon glyphicon-time"></span> ' . date('Y-m-d H:i', $news['Datum']) . ' '; + + $user_source = User($news['UID']); + + $html .= User_Nick_render($user_source); + if ($page != 'news_comments') { + $html .= ' <a href="' . page_link_to('news_comments') . '&nid=' . $news['ID'] . '">' + . '<span class="glyphicon glyphicon-comment"></span> ' + . _('Comments') . ' »</a> ' + . '<span class="badge">' + . count(DB::select('SELECT `ID` FROM `NewsComments` WHERE `Refid`=?', [$news['ID']])) + . '</span>'; } - - $html .= '<hr /><h2>' . _("New Comment:") . '</h2>'; - $html .= form([ - form_textarea('text', _("Message"), ''), - form_submit('submit', _("Save")) - ], page_link_to('news_comments') . '&nid=' . $news['ID']); - } else { - $html .= _("Invalid request."); - } - - return $html . '</div>'; + $html .= '</div>'; + $html .= '</div>'; + return $html; } -function user_news() { - global $DISPLAY_NEWS, $privileges, $user; - - $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); - - if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) { - if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) { - $_POST["treffen"] = 0; +/** + * @return string + */ +function user_news_comments() +{ + global $user; + + $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>'; + if ( + isset($_REQUEST['nid']) + && preg_match('/^\d{1,}$/', $_REQUEST['nid']) + && count(DB::select('SELECT `ID` FROM `News` WHERE `ID`=? LIMIT 1', [$_REQUEST['nid']])) > 0 + ) { + $nid = $_REQUEST['nid']; + $news = DB::select('SELECT * FROM `News` WHERE `ID`=? LIMIT 1', [$nid]); + $news = array_shift($news); + if (isset($_REQUEST['text'])) { + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + DB::insert(' + INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) + VALUES (?, ?, ?, ?) + ', + [ + $nid, + date('Y-m-d H:i:s'), + $text, + $user["UID"], + ] + ); + engelsystem_log('Created news_comment: ' . $text); + $html .= success(_('Entry saved.'), true); + } + + $html .= display_news($news); + + $comments = DB::select( + 'SELECT * FROM `NewsComments` WHERE `Refid`=? ORDER BY \'ID\'', + [$nid] + ); + foreach ($comments as $comment) { + $user_source = User($comment['UID']); + + $html .= '<div class="panel panel-default">'; + $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; + $html .= '<div class="panel-footer text-muted">'; + $html .= '<span class="glyphicon glyphicon-time"></span> ' . $comment['Datum'] . ' '; + $html .= User_Nick_render($user_source); + $html .= '</div>'; + $html .= '</div>'; + } + + $html .= '<hr /><h2>' . _('New Comment:') . '</h2>'; + $html .= form([ + form_textarea('text', _('Message'), ''), + form_submit('submit', _('Save')) + ], page_link_to('news_comments') . '&nid=' . $news['ID']); + } else { + $html .= _('Invalid request.'); + } + + return $html . '</div>'; +} + +/** + * @return string + */ +function user_news() +{ + global $privileges, $user; + $display_news = config('display_news'); + + $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); + + if (isset($_POST['text']) && isset($_POST['betreff']) && in_array('admin_news', $privileges)) { + if (!isset($_POST['treffen']) || !in_array('admin_news', $privileges)) { + $_POST['treffen'] = 0; + } + DB::insert(' + INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) + VALUES (?, ?, ?, ?, ?) + ', + [ + time(), + $_POST['betreff'], + $_POST['text'], + $user['UID'], + $_POST['treffen'], + ] + ); + engelsystem_log('Created news: ' . $_POST['betreff'] . ', treffen: ' . $_POST['treffen']); + success(_('Entry saved.')); + redirect(page_link_to('news')); } - sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');"); - engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]); - success(_("Entry saved.")); - redirect(page_link_to('news')); - } - - if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { - $page = $_REQUEST['page']; - } else { - $page = 0; - } - - $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); - foreach ($news as $entry) { - $html .= display_news($entry); - } - - $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); - $html .= '<div class="text-center">' . '<ul class="pagination">'; - for ($i = 0; $i < $dis_rows; $i ++) { - if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { - $html .= '<li class="active">'; - } elseif (! isset($_REQUEST['page']) && $i == 0) { - $html .= '<li class="active">'; + + if (isset($_REQUEST['page']) && preg_match('/^\d{1,}$/', $_REQUEST['page'])) { + $page = $_REQUEST['page']; } else { - $html .= '<li>'; + $page = 0; + } + + $news = DB::select(sprintf(' + SELECT * + FROM `News` + ORDER BY `Datum` + DESC LIMIT %u, %u + ', + $page * $display_news, + $display_news + )); + foreach ($news as $entry) { + $html .= display_news($entry); + } + + $dis_rows = ceil(count(DB::select('SELECT `ID` FROM `News`')) / $display_news); + $html .= '<div class="text-center">' . '<ul class="pagination">'; + for ($i = 0; $i < $dis_rows; $i++) { + if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { + $html .= '<li class="active">'; + } elseif (!isset($_REQUEST['page']) && $i == 0) { + $html .= '<li class="active">'; + } else { + $html .= '<li>'; + } + $html .= '<a href="' . page_link_to('news') . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; + } + $html .= '</ul></div>'; + + if (in_array('admin_news', $privileges)) { + $html .= '<hr />'; + $html .= '<h2>' . _('Create news:') . '</h2>'; + + $html .= form([ + form_text('betreff', _('Subject'), ''), + form_textarea('text', _('Message'), ''), + form_checkbox('treffen', _('Meeting'), false, 1), + form_submit('submit', _('Save')) + ]); } - $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; - } - $html .= '</ul></div>'; - - if (in_array("admin_news", $privileges)) { - $html .= '<hr />'; - $html .= '<h2>' . _("Create news:") . '</h2>'; - - $html .= form([ - form_text('betreff', _("Subject"), ''), - form_textarea('text', _("Message"), ''), - form_checkbox('treffen', _("Meeting"), false, 1), - form_submit('submit', _("Save")) - ]); - } - return $html . '</div>'; + return $html . '</div>'; } -?> |