diff options
author | Philip Häusler <msquare@notrademark.de> | 2011-06-03 05:12:50 +0200 |
---|---|---|
committer | Philip Häusler <msquare@notrademark.de> | 2011-06-03 05:12:50 +0200 |
commit | 91f6e7bbaf7c9ed8820fea59e041c8fa17bcea91 (patch) | |
tree | 7ffca3c05a482093c91ddd62781edf81681984f3 /includes | |
parent | d5d3db847e5202d2e0cc52881c5ecb970f2c7b98 (diff) |
news refined
Diffstat (limited to 'includes')
-rw-r--r-- | includes/pages/user_news.php | 197 | ||||
-rw-r--r-- | includes/sys_user.php | 6 |
2 files changed, 117 insertions, 86 deletions
diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index 56c5bb68..34c346dd 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -1,108 +1,139 @@ <?php -function user_news() { - return "<a href=\"#Neu\">" . Get_Text(3) . "</a>" . user_news_output(); +function display_news($news) { + global $privileges, $p; + + $html .= ""; + $html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">'; + $html .= '<details>'; + $html .= date("Y-m-d H:i",$news['Datum']) . ', '; + $html .= UID2Nick($news['UID']); + if ($p != "news_comments") + $html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »</a>'; + $html .= '</details>'; + $html .= '<h3>'.($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>'; + $html .= '<p>' . ReplaceSmilies(nl2br($news['Text'])) . '</p>'; + if (in_array("admin_news", $privileges)) + $html .= "<details><a href=\"" . page_link_to("admin_news") . "&action=edit&id=" . $news['ID'] . "\">Edit</a></details>\n"; + + $html .= '</article>'; + return $html; } -function user_news_output() { - global $DISPLAY_NEWS, $privileges; - +function user_news_comments() { + global $user; + $html = ""; + if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) { + $nid = $_REQUEST["nid"]; + list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1"); + if (isset ($_REQUEST["text"])) { + $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); + sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); + $html .= success("Eintrag wurde gespeichert"); + } - if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && IsSet ($_POST["date"])) { - if (!isset ($_POST["treffen"])) - $_POST["treffen"] = 0; - $SQL = "INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . - "VALUES ('" . sql_escape($_POST["date"]) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($_SESSION['uid']) . - "', '" . sql_escape($_POST["treffen"]) . "');"; - $Erg = sql_query($SQL); - if ($Erg == 1) - $html .= Get_Text(4); - } + $html .= '<a href="' . page_link_to("news") . '">« Back</a>'; + $html .= display_news($news); - if (!IsSet ($_GET["news_begin"])) - $_GET["news_begin"] = 0; + $html .= '<h2>Comments</h2>'; + + $comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'"); + foreach ($comments as $comment) { + $html .= '<article class="news_comment">'; + $html .= DisplayAvatar($comment['UID']); + $html .= '<details>'; + $html .= $comment['Datum'] . ', '; + $html .= UID2Nick($comment['UID']); + $html .= '</details>'; + $html .= '<p>' . nl2br($comment['Text']) . '</p>'; + $html .= '</article>'; + } - if (!IsSet ($_GET["DISPLAY_NEWS"])) - $_GET["DISPLAY_NEWS"] = 5; + $html .= "</table>"; + $html .= ' + <br /> + <hr> + <h2>Neuer Kommentar:</h2> + <a name="Neu"> </a> + + <form action="' . page_link_to("news_comments") . '" method="post"> + <input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '"> + <table> + <tr> + <td align="right" valign="top">Text:</td> + <td><textarea name="text" cols="50" rows="10"></textarea></td> + </tr> + </table> + <br /> + <input type="submit" value="sichern..."> + </form>'; + } else { + $html .= "Fehlerhafter Aufruf!"; + } - $SQL = "SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . intval($_GET["news_begin"]) . ", " . intval($_GET["DISPLAY_NEWS"]); - $Erg = sql_query($SQL); + return $html; +} - // anzahl zeilen - $news_rows = mysql_num_rows($Erg); +function user_news() { + global $DISPLAY_NEWS, $privileges, $user; - for ($n = 0; $n < $news_rows; $n++) { + $html = ""; - if (mysql_result($Erg, $n, "Treffen") == 0) - $html .= "<p class='question'>"; - else - $html .= "<p class='engeltreffen'>"; - - $html .= "<u>" . ReplaceSmilies(mysql_result($Erg, $n, "Betreff")) . "</u>\n"; - - // Schow Admin Page - if ($_SESSION['CVS']["admin/news.php"] == "Y") - $html .= " <a href=\"./../admin/news.php?action=change&date=" . mysql_result($Erg, $n, "Datum") . "\">[edit]</a><br />\n\t\t"; - - $html .= "<br /> <font size=1>" . mysql_result($Erg, $n, "Datum") . ", "; - $html .= UID2Nick(mysql_result($Erg, $n, "UID")) . "</font>"; - // avatar anzeigen? - $html .= DisplayAvatar(mysql_result($Erg, $n, "UID")); - $html .= "</p>\n"; - $html .= "<p class='answer'>" . ReplaceSmilies(nl2br(mysql_result($Erg, $n, "Text"))) . "</p>\n"; - $RefID = mysql_result($Erg, $n, "ID"); - $countSQL = "SELECT COUNT(*) FROM `news_comments` WHERE `Refid`='$RefID'"; - $countErg = sql_query($countSQL); - $countcom = mysql_result($countErg, 0, "COUNT(*)"); - $html .= "<p class='comment' align='right'><a href=\"./news_comments.php?nid=$RefID\">$countcom comments</a></p>\n\n"; + if (isset ($_POST["text"]) && isset ($_POST["betreff"])) { + if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges)) + $_POST["treffen"] = 0; + sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . + "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . + "', '" . sql_escape($_POST["treffen"]) . "');"); + $html .= success(Get_Text(4)); } - $html .= "<div align=\"center\">\n\n"; - $rowerg = sql_query("SELECT * FROM `News`"); - $rows = mysql_num_rows($rowerg); - $dis_rows = round(($rows / $DISPLAY_NEWS) + 0.5); + if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) + $page = $_REQUEST['page']; + else + $page = 0; + + $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS); + foreach ($news as $entry) + $html .= display_news($entry); + + $html .= "<div class=\"pagination\">\n\n"; + $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $html .= Get_Text(5); - for ($i = 1; $i <= $dis_rows; $i++) { - if (!((($i * $DISPLAY_NEWS) - $_GET["news_begin"]) == $DISPLAY_NEWS)) { - $html .= '<a href="' . page_link_to("news") . '&news_begin=' . (($i * $DISPLAY_NEWS) - $DISPLAY_NEWS -1) . '">' . $i . '</a> '; - } else { - $html .= "$i "; - } + for ($i = 0; $i < $dis_rows; $i++) { + if ($i == $_REQUEST['page']) + $html .= ($i +1) . " "; + else + $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a> '; } $html .= '</div> - <br /><hr /> - <h2>' . Get_Text(6) . '</h2> - <a name="Neu"> </a> - - <form action="" method="post"> - <?PHP - - // Datum mit uebergeben, um doppelte Eintraege zu verhindern - // (Reload nach dem Eintragen!) - ?> - <input type="hidden" name="date" value="' . date("Y-m-d H:i:s") . '"> - <table> - <tr> - <td align="right">' . Get_Text(7) . '</td> - <td><input type="text" name="betreff" size="60"></td> - </tr> - <tr> - <td align="right">' . Get_Text(8) . '</td> - <td><textarea name="text" cols="50" rows="10"></textarea></td> - </tr>'; - if (in_array('news_add_meeting', $privileges)) { + <br /><hr /> + <h2>' . Get_Text(6) . '</h2> + <a name="Neu"> </a> + + <form action="" method="post"> + <table> + <tr> + <td align="right">' . Get_Text(7) . '</td> + <td><input type="text" name="betreff" size="60"></td> + </tr> + <tr> + <td align="right">' . Get_Text(8) . '</td> + <td><textarea name="text" cols="50" rows="10"></textarea></td> + </tr>'; + if (in_array('admin_news', $privileges)) { $html .= ' <tr> - <td align="right">' . Get_Text(9) . '</td> - <td><input type="checkbox" name="treffen" size="1" value="1"></td> - </tr>'; + <td align="right">' . Get_Text(9) . '</td> + <td><input type="checkbox" name="treffen" size="1" value="1"></td> + </tr>'; } $html .= '</table> - <br /> - <input type="submit" value="' . Get_Text("save") . '"> - </form>'; + <br /> + <input type="submit" value="' . Get_Text("save") . '"> + </form>'; return $html; } ?>
\ No newline at end of file diff --git a/includes/sys_user.php b/includes/sys_user.php index 6274003d..5dcf3f1f 100644 --- a/includes/sys_user.php +++ b/includes/sys_user.php @@ -75,9 +75,9 @@ function displayPictur($UID, $height = "30") { global $url, $ENGEL_ROOT; if ($height > 0) - return ("<img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\">"); + return ("<div class=\"avatar\"><img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" height=\"$height\" alt=\"picture of USER$UID\" class=\"photo\"></div>"); else - return ("<img src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\">"); + return ("<div class=\"avatar\"><img class=\"avatar\" src=\"" . $url . $ENGEL_ROOT . "ShowUserPicture.php?UID=$UID\" alt=\"picture of USER$UID\"></div>"); } function displayavatar($UID, $height = "30") { @@ -92,7 +92,7 @@ function displayavatar($UID, $height = "30") { if (mysql_num_rows($aerg)) if (mysql_result($aerg, 0, "Avatar") > 0) - return (" <img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . mysql_result($aerg, 0, "Avatar") . ".gif\">"); + return'<div class="avatar">'. (" <img src=\"" . $url . $ENGEL_ROOT . "pic/avatar/avatar" . mysql_result($aerg, 0, "Avatar") . ".gif\">").'</div>'; } function UIDgekommen($UID) { |