engelsystem/includes/pages/user_news.php

139 lines
4.7 KiB
PHP
Raw Normal View History

2011-06-02 01:45:46 +02:00
<?php
2011-06-03 05:12:50 +02:00
function display_news($news) {
global $privileges, $p;
$html .= "";
$html .= '<article class="news' . ($news['Treffen'] == 1 ? ' meeting' : '') . '">';
$html .= '<details>';
$html .= date("Y-m-d H:i",$news['Datum']) . ', ';
$html .= UID2Nick($news['UID']);
if ($p != "news_comments")
$html .= ', <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '">Kommentare (' . sql_num_query("SELECT * FROM `news_comments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') &raquo;</a>';
$html .= '</details>';
$html .= '<h3>'.($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>';
$html .= '<p>' . ReplaceSmilies(nl2br($news['Text'])) . '</p>';
if (in_array("admin_news", $privileges))
$html .= "<details><a href=\"" . page_link_to("admin_news") . "&action=edit&id=" . $news['ID'] . "\">Edit</a></details>\n";
$html .= '</article>';
return $html;
2011-06-02 01:45:46 +02:00
}
2011-06-03 05:12:50 +02:00
function user_news_comments() {
global $user;
2011-06-02 18:06:28 +02:00
$html = "";
2011-06-03 05:12:50 +02:00
if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) {
$nid = $_REQUEST["nid"];
list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1");
if (isset ($_REQUEST["text"])) {
$text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text']));
sql_query("INSERT INTO `news_comments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')");
$html .= success("Eintrag wurde gespeichert");
}
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
$html .= '<a href="' . page_link_to("news") . '">&laquo; Back</a>';
$html .= display_news($news);
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
$html .= '<h2>Comments</h2>';
$comments = sql_select("SELECT * FROM `news_comments` WHERE `Refid`='" . $nid . "' ORDER BY 'ID'");
foreach ($comments as $comment) {
$html .= '<article class="news_comment">';
$html .= DisplayAvatar($comment['UID']);
$html .= '<details>';
$html .= $comment['Datum'] . ', ';
$html .= UID2Nick($comment['UID']);
$html .= '</details>';
$html .= '<p>' . nl2br($comment['Text']) . '</p>';
$html .= '</article>';
}
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
$html .= "</table>";
$html .= '
<br />
<hr>
<h2>Neuer Kommentar:</h2>
<a name="Neu">&nbsp;</a>
<form action="' . page_link_to("news_comments") . '" method="post">
<input type="hidden" name="nid" value="' . $_REQUEST["nid"] . '">
<table>
<tr>
<td align="right" valign="top">Text:</td>
<td><textarea name="text" cols="50" rows="10"></textarea></td>
</tr>
</table>
<br />
<input type="submit" value="sichern...">
</form>';
} else {
$html .= "Fehlerhafter Aufruf!";
}
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
return $html;
}
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
function user_news() {
global $DISPLAY_NEWS, $privileges, $user;
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
$html = "";
2011-06-02 01:45:46 +02:00
2011-06-03 05:12:50 +02:00
if (isset ($_POST["text"]) && isset ($_POST["betreff"])) {
if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges))
$_POST["treffen"] = 0;
sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " .
"VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) .
"', '" . sql_escape($_POST["treffen"]) . "');");
$html .= success(Get_Text(4));
2011-06-02 01:45:46 +02:00
}
2011-06-03 05:12:50 +02:00
if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page']))
$page = $_REQUEST['page'];
else
$page = 0;
$news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . ($page * $DISPLAY_NEWS) . ", " . $DISPLAY_NEWS);
foreach ($news as $entry)
$html .= display_news($entry);
$html .= "<div class=\"pagination\">\n\n";
$dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS);
2011-06-02 01:45:46 +02:00
$html .= Get_Text(5);
2011-06-03 05:12:50 +02:00
for ($i = 0; $i < $dis_rows; $i++) {
if ($i == $_REQUEST['page'])
$html .= ($i +1) . "&nbsp; ";
else
$html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i +1) . '</a>&nbsp; ';
2011-06-02 01:45:46 +02:00
}
$html .= '</div>
2011-06-03 05:12:50 +02:00
<br /><hr />
<h2>' . Get_Text(6) . '</h2>
<a name="Neu">&nbsp;</a>
<form action="" method="post">
<table>
<tr>
<td align="right">' . Get_Text(7) . '</td>
<td><input type="text" name="betreff" size="60"></td>
</tr>
<tr>
<td align="right">' . Get_Text(8) . '</td>
<td><textarea name="text" cols="50" rows="10"></textarea></td>
</tr>';
if (in_array('admin_news', $privileges)) {
2011-06-02 01:45:46 +02:00
$html .= ' <tr>
2011-06-03 05:12:50 +02:00
<td align="right">' . Get_Text(9) . '</td>
<td><input type="checkbox" name="treffen" size="1" value="1"></td>
</tr>';
2011-06-02 01:45:46 +02:00
}
$html .= '</table>
2011-06-03 05:12:50 +02:00
<br />
<input type="submit" value="' . Get_Text("save") . '">
</form>';
2011-06-02 01:45:46 +02:00
return $html;
}
?>