function preview(){"; echo "if(document.addnews.short_story.value == '' || document.addnews.title.value == ''){ alert('$lang[addnews_alert]'); } else{ dd=window.open('','prv','height=400,width=750,resizable=1,scrollbars=1') document.addnews.mod.value='preview';document.addnews.target='prv' document.addnews.submit();dd.focus() setTimeout(\"document.addnews.mod.value='addnews';document.addnews.target='_self'\",500) }} function auto_keywords ( key ){ var short_txt = document.getElementById('short_story').value; var full_txt = document.getElementById('full_story').value; ShowLoading(''); $.post(\"system/ajax/keywords.php\", { short_txt: short_txt, full_txt: full_txt, key: key }, function(data){ HideLoading(''); if (key == 1) { $('#autodescr').val(data); } else { $('#keywords').val(data); } }); return false; } function find_relates ( ) { var title = document.getElementById('title').value; ShowLoading(''); $.post('system/ajax/find_relates.php', { title: title }, function(data){ HideLoading(''); $('#related_news').html(data); }); return false; }; "; echo "
HTML; echofooter(); } // ******************************************************************************** // Do add News // ******************************************************************************** elseif( $action == "doaddnews" ) { include_once SYSTEM_DIR . '/classes/parse.class.php'; $parse = new ParseFilter( Array (), Array (), 1, 1 ); $allow_comm = isset( $_POST['allow_comm'] ) ? intval( $_POST['allow_comm'] ) : 0; $allow_main = isset( $_POST['allow_main'] ) ? intval( $_POST['allow_main'] ) : 0; $approve = isset( $_POST['approve'] ) ? intval( $_POST['approve'] ) : 0; $allow_rating = isset( $_POST['allow_rating'] ) ? intval( $_POST['allow_rating'] ) : 0; $news_fixed = isset( $_POST['news_fixed'] ) ? intval( $_POST['news_fixed'] ) : 0; $category = $_POST['category']; if( ! count( $category ) ) { $category = array (); $category[] = '0'; } $category_list = array(); foreach ( $category as $value ) {$category_list[] = intval($value);} $category_list = $db->safesql( implode( ',', $category ) ); $allow_list = explode( ',', $user_group[$member_id['user_group']]['cat_add'] ); foreach ( $category as $selected ) { if( $allow_list[0] != "all" and ! in_array( $selected, $allow_list ) and $member_id['user_group'] != "1" ) $approve = 0; } if( !$user_group[$member_id['user_group']]['moderation'] ) $approve = 0; $title = $parse->process( trim( strip_tags ($_POST['title']) ) ); $full_story = $parse->process( $_POST['full_story'] ); $short_story = $parse->process( $_POST['short_story'] ); $full_story = $db->safesql( $parse->BB_Parse( $full_story, false ) ); $short_story = $db->safesql( $parse->BB_Parse( $short_story, false ) ); if( $parse->not_allowed_text ) { msg( "error", $lang['addnews_error'], $lang['news_err_39'], "javascript:history.go(-1)" ); } $alt_name = $_POST['alt_name']; $remote_addr = $_POST['remote_addr']; if( trim( $alt_name ) == "" or ! $alt_name ) $alt_name = totranslit( stripslashes( $title ), true, false ); else $alt_name = totranslit( stripslashes( $alt_name ), true, false ); $title = $db->safesql( $title ); $metatags = create_metatags( $short_story . $full_story ); if( preg_match( "/[\||\'|\<|\>|\"|\!|\?|\$|\@|\/|\\\|\&\~\*\+]/", $_POST['tags'] ) ) $_POST['tags'] = ""; else $_POST['tags'] = $db->safesql( htmlspecialchars( strip_tags( stripslashes( trim( $_POST['tags'] ) ) ), ENT_QUOTES ) ); if ( $_POST['tags'] ) { $temp_array = array(); $tags_array = array(); $temp_array = explode (",", $_POST['tags']); if (count($temp_array)) {foreach ( $temp_array as $value ) {if( trim($value) ) $tags_array[] = trim( $value );}} if ( count($tags_array) ) $_POST['tags'] = implode(", ", $tags_array); else $_POST['tags'] = ""; } // обработка опроса if( trim( $_POST['vote_title'] != "" ) ) { $add_vote = 1; $vote_title = trim( $db->safesql( $parse->process( $_POST['vote_title'] ) ) ); $frage = trim( $db->safesql( $parse->process( $_POST['frage'] ) ) ); $vote_body = $db->safesql( $parse->BB_Parse( $parse->process( $_POST['vote_body'] ), false ) ); $allow_m_vote = intval( $_POST['allow_m_vote'] ); } else $add_vote = 0; // обработка доступа if( $member_id['user_group'] < 3 ) { $group_regel = array (); foreach ( $_POST['group_extra'] as $key => $value ) {if( $value ) $group_regel[] = intval( $key ) . ':' . intval( $value );} if( count( $group_regel ) ) $group_regel = implode( "||", $group_regel ); else $group_regel = ""; } else $group_regel = ''; // Обработка даты и времени $added_time = time() + ($config['date_adjust'] * 60); $newdate = $_POST['newdate']; if( $_POST['allow_date'] != "yes" ) { if( (($newsdate = strtotime( $newdate )) === - 1) or !$newsdate ) {msg( "error", $lang['addnews_error'], $lang['addnews_erdate'], "javascript:history.go(-1)" ); } else {$thistime = date( "Y-m-d H:i:s", $newsdate );} if( ! intval( $config['no_date'] ) and $newsdate > $added_time ) {$thistime = date( "Y-m-d H:i:s", $added_time );} } else $thistime = date( "Y-m-d H:i:s", $added_time ); //////////////////////////// if( trim( $title ) == "") {msg( "error", $lang['addnews_error'], $lang['addnews_alert'], "javascript:history.go(-1)" );} if( strlen( $title ) > 255 ) {msg( "error", $lang['addnews_error'], $lang['addnews_error'], "javascript:history.go(-1)" );} $db->query( "INSERT INTO " . PREFIX . "_post (date, autor, short_story, full_story, title, descr, keywords, category, alt_name, allow_comm, approve, allow_main, fixed, allow_rate, votes, access, remote_addr, tags, metatitle) values ('$thistime', '{$member_id['name']}', '$short_story', '$full_story', '$title', '{$metatags['description']}', '{$metatags['keywords']}', '$category_list', '$alt_name', '$allow_comm', '$approve', '$allow_main', '$news_fixed', '$allow_rating', '$add_vote', '$group_regel', '$remote_addr', '{$_POST['tags']}', '{$metatags['title']}')" ); $row = $db->insert_id(); include (system_DIR . '/inc/newsimg/doaddimg.php'); if( $add_vote ) { $db->query( "INSERT INTO " . PREFIX . "_poll (news_id, title, frage, body, votes, multiple) VALUES('{$row}', '$vote_title', '$frage', '$vote_body', 0, '$allow_m_vote')" ); } if( $_POST['tags'] != "" and $approve ) { $tags = array (); $_POST['tags'] = explode( ",", $_POST['tags'] ); foreach ( $_POST['tags'] as $value ) {$tags[] = "('" . $row . "', '" . trim( $value ) . "')";} $tags = implode( ", ", $tags ); $db->query( "INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags ); } $db->query( "UPDATE " . PREFIX . "_images set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" ); $db->query( "UPDATE " . PREFIX . "_torrents set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" ); $db->query( "UPDATE " . PREFIX . "_files set news_id='{$row}' where author = '{$member_id['name']}' AND news_id = '0'" ); $db->query( "UPDATE " . USERPREFIX . "_users set news_num=news_num+1 where user_id='{$member_id['user_id']}'" ); $cache->clear(); msg( "info", $lang['addnews_ok'], $lang['addnews_ok_1'] . " \"" . stripslashes( stripslashes( $title ) ) . "\" " . $lang['addnews_ok_2'] ); } ?>