Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/vidoe.top/admin_new/mod/ |
<?php
class news{
var $path_image = "upload/news/";
var $max_fsize = 1500000;//1,5M
function news (){
global $CORE;
$arr_mid = array();
switch($CORE->input['code']){
default : $this->goList(); break;
case 'post': $this->goPost(); break;
case 'del': $this->goDel($arr_mid); break;
case 'del2' : $this->goDel2(); break;
}
}
function goList(){
global $CORE, $DB, $smarty, $print;
$smarty->assign('module_name','Quản lý news');
$smarty->assign('title','newss');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','list');
$where = "WHERE title<>''";
$_SESSION['type'] = $CORE->input['type'];
$_SESSION['fstatus'] = $CORE->input['fstatus'];
$_SESSION['fkeyword'] = $CORE->input['fkeyword'];
if($_SESSION['fkeyword']!='')
{
$where .= " AND (title LIKE '%".$CORE->input['fkeyword']."%') ";
$nsearch = 1;
}
if($CORE->input['fstatus']==1){
$where .= " AND `type`='guest' ";
}
$smarty->assign('nsearch',$nsearch);
if($CORE->input['nosearch']){ unset( $_SESSION['fcat'],$_SESSION['fstatus'],$_SESSION['fkeyword']);}
// Filtering End --------------------------------------------------------
// Sorting Begin -----------------------------------------------------
if($CORE->input['sortby']) $_SESSION['prod_dirby'] = ($_SESSION['prod_dirby']==1) ? 0 : 1;
$dbsort = ($CORE->input['sortby']) ? $CORE->input['sortby'] : $_SESSION['prod_sortby'];
$_SESSION['prod_sortby'] = $dbsort;
// Sorting End --------------------------------------------------------
$pageNum = ($_GET['pageNum']>0) ? intval($_GET['pageNum']) : 1;
$pageSize = 20;
$from = (($pageNum * $pageSize) - $pageSize);
//$t = $DB->query("SELECT a.id FROM NNCCMS_news");
$t = $DB->fetch_row($DB->query("SELECT count(*) as total FROM NNCCMS_news ".$where));
$total = $t['total'];
$totalPage = ceil($total / $pageSize);
// Pagination2 DB
$query = $DB->query("SELECT * FROM NNCCMS_news ".$where." ORDER BY time DESC LIMIT $from, $pageSize");
//echo "SELECT * FROM NNCCMS_news ".$where." ".$sortby." LIMIT $from, $pageSize";
$c = 0;
while($row = $DB->fetch_row($query))
{
$c++;
$row['no'] = $c;
$arr2 = explode(',',$row['cid']);
$check_time = time()-(31*24*60*60);
//$data['time'] = date('D, d/m/Y: A',$data['time']);
$row['time'] = date('d-m-Y',$row['time']);
$arr[] = $row;
}
if(is_null($arr)) $arr[] = array();
$smarty->assign('list',$arr);
$nav = $print->Pagination($totalPage,$pageNum,'news','index.php?act=news&fkeyword='.$CORE->input['fkeyword']);
$smarty->assign('nav',$nav);
//del multi news
$arr_mid = $CORE->input['mid_for_del'];
if(!empty($arr_mid)){
$this->goDel($arr_mid);
}
}
function goPost(){
global $CORE, $DB, $func, $smarty, $print, $INFO;
$smarty->assign('module_name','Quản lý news');
$smarty->assign('title','newss');
$smarty->assign('status',$CORE->input['status']);
$smarty->assign('section','post');
if($_SESSION['error']) unset($CORE->input['bsubmit']);
// Show post -----------------------------------------------------------------------
if(!$CORE->input['bsubmit']){
$id = intval($CORE->input['id']);
if ($_SESSION['error']) $prevError = $_SESSION['error']; unset($_SESSION['error']);
if ($_SESSION['state']) $prevState = $_SESSION['state']; unset($_SESSION['state']);
if($prevState!=NULL){
$data = $prevState;
}else{
if($id==0){
$data['status'] = 1;
}else{
$query = $DB->query("SELECT * FROM NNCCMS_news WHERE id='".$id."'");
$data = $DB->fetch_row($query);
$data['eid'] = $func->encode($data['id']);
$data['ftitle'] = $func->format_string($data['title']);
}
}
$txt_theloai = '';
foreach($INFO['newscat'] as $key=>$val){
if($data['theloai']==$key) {
$txt_theloai .= '<option value="' . $key . '" selected>' . $val['vi'] . '</option>';
}else{
$txt_theloai .= '<option value="' . $key . '">' . $val['vi'] . '</option>';
}
}
$smarty->assign('theloai',$txt_theloai);
$data['body'] = $func->editor_new('body',$data['body'],15);
$data['noibat'] = $func->makebox($data['noibat'],'noibat');
$data['status'] = $func->yes_no($data['status'],'f[status]');
$data['checkadmin'] = $func->makebox($data['checkadmin'],'checkadmin');
// End u4 list ----------------------------------------------
$error[] = $prevError;
$post[] = $data;
$smarty->assign('error',$error);
$smarty->assign('post',$data);
// Do post -------------------------------------------
}else{
$f = $CORE->input['f'];
$id = $f['id'];
$body = trim($CORE->input['body']);
// -------------- check -------------------------
if($f['title']=='') exit('Xin nhập tiêu đề news');
if($id==0){
$row_check = $DB->fetch_row($DB->query(" SELECT count(*) as total FROM NNCCMS_news WHERE title='".$f['title']."' "));
if($row_check['total']>=1){
exit('news da ton tai');
}
$DB->query("INSERT INTO `NNCCMS_news` (`theloai`, `title`, `img`, `intro`, `body`, `tags`, `time`, `status`) VALUES ('".$f['theloai']."', '".$f['title']."', '".$f['img']."', '".$f['intro']."', '".$body."', '".$f['tags']."', '".time()."', '".$f['status']."');");
$insert_id = mysql_insert_id();
return $print->refresh("index.php?act=news&status=add_success");
// Do Edit -----------------
}else{
$row_check = $DB->fetch_row($DB->query("SELECT count(*) as total FROM NNCCMS_news WHERE id <> '$id' AND title='".$f['title']."' "));
if($row_check['total']>=1){
exit('news da ton tai');
}
$DB->query("UPDATE `NNCCMS_news` SET theloai='".$f['theloai']."',`title` = '".$f['title']."',`intro`='".$f['intro']."',`body`='".$body."',`img` = '".$f['img']."',`tags` = '".$f['tags']."',`status`='".$f['status']."' WHERE `id`='$id'");
return $print->refresh("index.php?act=news&code=post&status=edit_success&id=".$id);
}
}
}
function goDel($id){
global $CORE, $DB, $print;
if($CORE->admin_user['ug_id']!=4) exit('Chỉ có admin mới có quyền xóa bài!...');
if(empty($id)){
$id = intval($CORE->input['id']);
$DB->query("DELETE FROM NNCCMS_news WHERE id='".$id."'");
}else{
foreach($id as $val){
$DB->query("DELETE FROM NNCCMS_news WHERE id='".$val."'");
}
}
$print->refresh("index.php?act=news&status=del_success");
}
}
$run = new news();
?>