' . meetings_title() . '

' . msg(); if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { $page = $_REQUEST['page']; } else { $page = 0; } $news = sql_select(" SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum`DESC LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news) ); foreach ($news as $entry) { $html .= display_news($entry); } $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news); $html .= '
' . '
'; return $html; } /** * @param array $news * @return string */ function display_news($news) { global $privileges, $page; $html = ''; $html .= '
'; $html .= '
'; $html .= '

' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '

'; $html .= '
'; $html .= '
' . ReplaceSmilies(nl2br($news['Text'])) . '
'; $html .= '
'; if (in_array("admin_news", $privileges)) { $html .= '
' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '
'; } $html .= ' ' . date("Y-m-d H:i", $news['Datum']) . ' '; $user_source = User($news['UID']); $html .= User_Nick_render($user_source); if ($page != "news_comments") { $html .= ' ' . ' ' . _("Comments") . ' » ' . '' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ''; } $html .= '
'; $html .= '
'; return $html; } /** * @return string */ function user_news_comments() { global $user; $html = '

' . user_news_comments_title() . '

'; if ( isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0 ) { $nid = $_REQUEST["nid"]; list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1"); if (isset($_REQUEST["text"])) { $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); sql_query(" INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ( '" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "' ) "); engelsystem_log("Created news_comment: " . $text); $html .= success(_("Entry saved."), true); } $html .= display_news($news); $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); foreach ($comments as $comment) { $user_source = User($comment['UID']); $html .= '
'; $html .= '
' . nl2br($comment['Text']) . '
'; $html .= '
'; $html .= ' ' . $comment['Datum'] . ' '; $html .= User_Nick_render($user_source); $html .= '
'; $html .= '
'; } $html .= '

' . _("New Comment:") . '

'; $html .= form([ form_textarea('text', _("Message"), ''), form_submit('submit', _("Save")) ], page_link_to('news_comments') . '&nid=' . $news['ID']); } else { $html .= _("Invalid request."); } return $html . '
'; } /** * @return string */ function user_news() { global $display_news, $privileges, $user; $html = '

' . news_title() . '

' . msg(); if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) { if (!isset($_POST["treffen"]) || !in_array("admin_news", $privileges)) { $_POST["treffen"] = 0; } sql_query(" INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) VALUES ( '" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "' ) "); engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]); success(_("Entry saved.")); redirect(page_link_to('news')); } if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { $page = $_REQUEST['page']; } else { $page = 0; } $news = sql_select(" SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $display_news) . ", " . sql_escape($display_news) ); foreach ($news as $entry) { $html .= display_news($entry); } $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $display_news); $html .= '
' . '
'; if (in_array("admin_news", $privileges)) { $html .= '
'; $html .= '

' . _("Create news:") . '

'; $html .= form([ form_text('betreff', _("Subject"), ''), form_textarea('text', _("Message"), ''), form_checkbox('treffen', _("Meeting"), false, 1), form_submit('submit', _("Save")) ]); } return $html . '
'; }