\n\n"; $dis_rows = ceil(sql_num_query("SELECT * FROM `News` WHERE `Treffen`=1") / $DISPLAY_NEWS); $html .= _("Page:"); for ($i = 0; $i < $dis_rows; $i++) { if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) $html .= ($i +1) . "  "; else $html .= '' . ($i +1) . '  '; } $html .= ''; return $html; } function display_news($news) { global $privileges, $p; $html = ""; $html .= '
'; $html .= '
'; $html .= date("Y-m-d H:i", $news['Datum']) . ', '; $user_source = User($news['UID']); if($user_source === false) engelsystem_error(_("Unable to load user.")); $html .= User_Nick_render($user_source); if ($p != "news_comments") $html .= ', ' . _("Comments") . ' (' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . ') »'; $html .= '
'; $html .= '

' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '

'; $html .= '

' . ReplaceSmilies(nl2br($news['Text'])) . '

'; if (in_array("admin_news", $privileges)) $html .= '
' . _("edit") . '
'; $html .= '
'; return $html; } function user_news_comments() { global $user; $html = ""; if (isset ($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`=" . sql_escape($_REQUEST['nid']) . " LIMIT 1") > 0) { $nid = $_REQUEST["nid"]; list ($news) = sql_select("SELECT * FROM `News` WHERE `ID`=" . sql_escape($nid) . " LIMIT 1"); if (isset ($_REQUEST["text"])) { $text = preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['text'])); sql_query("INSERT INTO `NewsComments` (`Refid`, `Datum`, `Text`, `UID`) VALUES ('" . sql_escape($nid) . "', '" . date("Y-m-d H:i:s") . "', '" . sql_escape($text) . "', '" . sql_escape($user["UID"]) . "')"); engelsystem_log("Created news_comment: " . $text); $html .= success(_("Entry saved."), true); } $html .= '« ' . _("back") . ''; $html .= display_news($news); $html .= '

' . _("Comments") . '

'; $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); foreach ($comments as $comment) { $user_source = User($comment['UID']); if($user_source === false) engelsystem_error(_("Unable to load user.")); $html .= '
'; $html .= User_Avatar_render($user_source); $html .= '
'; $html .= $comment['Datum'] . ', '; $html .= User_Nick_render($user_source); $html .= '
'; $html .= '

' . nl2br($comment['Text']) . '

'; $html .= '
'; } $html .= ""; $html .= '

' . _("New Comment:") . '

 
' . _("Message:") . '

'; } else { $html .= _("Invalid request."); } return $html; } function user_news() { global $DISPLAY_NEWS, $privileges, $user; $html = msg(); if (isset ($_POST["text"]) && isset ($_POST["betreff"]) && in_array("admin_news", $privileges)) { if (!isset ($_POST["treffen"]) || !in_array("admin_news", $privileges)) $_POST["treffen"] = 0; sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');"); engelsystem_log("Created news: " . $_POST["betreff"] . ", treffen: " . $_POST["treffen"]); success(_("Entry saved.")); redirect(page_link_to('news')); } if (isset ($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) $page = $_REQUEST['page']; else $page = 0; $news = sql_select("SELECT * FROM `News` ORDER BY `ID` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); foreach ($news as $entry) $html .= display_news($entry); $html .= "
\n\n"; $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $html .= _("Page:"); for ($i = 0; $i < $dis_rows; $i++) { if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) $html .= ($i +1) . "  "; else $html .= '' . ($i +1) . '  '; } $html .= '
'; if (in_array("admin_news", $privileges)) { $html .= '

' . _("Create news:") . '

 
'; if (in_array('admin_news', $privileges)) { $html .= ' '; } $html .= '
' . _("Subject") . ':
' . _("Message") . ':
' . _("Meeting") . ':

'; } return $html; } ?>