$posi ) { if( $posi != "" ) { $posi = intval( $posi ); $id = intval( $id ); $db->query( "UPDATE " . PREFIX . "_category SET posi='{$posi}' WHERE id = '{$id}'" ); } } $cache->delete('category.php'); header( "Location:$PHP_SELF?mod=categories" ); } // ******************************************************************************** // Добавление категории // ******************************************************************************** if( $action == "add" ) { if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );} $quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r" ); $cat_name = $db->safesql( htmlspecialchars( strip_tags( stripslashes($_POST['cat_name'] ) ), ENT_QUOTES) ); $alt_cat_name = totranslit( stripslashes( $_POST['alt_cat_name'] ), true, false ); if( ! $cat_name ) {msg( "error", $lang['cat_error'], $lang['cat_ername'], "javascript:history.go(-1)" );} if( ! $alt_cat_name ) {msg( "error", $lang['cat_error'], $lang['cat_erurl'], "javascript:history.go(-1)" );} if ( in_array($_POST['news_sort'], array("date", "rating", "news_read", "title")) ) { $news_sort = $db->safesql( $_POST['news_sort'] ); } else $news_sort = ""; if ( in_array($_POST['news_msort'], array("ASC", "DESC")) ) { $news_msort = $db->safesql( $_POST['news_msort'] ); } else $news_msort = ""; if ( $_POST['news_number'] > 0) $news_number = intval( $_POST['news_number'] ); else $news_number = 0; if ( $_POST['category'] > 0) $category = intval( $_POST['category'] ); else $category = 0; $meta_title = $db->safesql( htmlspecialchars ( strip_tags( stripslashes( $_POST['meta_title'] ) ) ) ); $description = $db->safesql( substr( strip_tags( stripslashes( $_POST['descr'] ) ), 0, 200 ) ); $keywords = $db->safesql( str_replace( $quotes, " ", strip_tags( stripslashes( $_POST['keywords'] ) ) ) ); $row = $db->super_query( "SELECT alt_name FROM " . PREFIX . "_category WHERE alt_name ='{$alt_cat_name}'" ); if( $row['alt_name'] ) {msg( "error", $lang['cat_error'], $lang['cat_eradd'], "?mod=categories" );} $db->query( "INSERT INTO " . PREFIX . "_category (parentid, name, alt_name, descr, keywords, news_sort, news_msort, news_number, metatitle) values ('$category', '$cat_name', '$alt_cat_name', '$description', '$keywords', '$news_sort', '$news_msort', '$news_number', '$meta_title')" ); $cache->delete('category.php'); $cache->clear(); msg( "info", $lang['cat_addok'], $lang['cat_addok_1'], "?mod=categories" ); } // ******************************************************************************** // Удаление категории // ******************************************************************************** elseif( $action == "remove" ) { if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );} function DeleteSubcategories($parentid) { global $db; $subcategories = $db->query( "SELECT id FROM " . PREFIX . "_category WHERE parentid = '$parentid'" ); while ( $subcategory = $db->get_row( $subcategories ) ) { DeleteSubcategories( $subcategory['id'] ); $db->query( "DELETE FROM " . PREFIX . "_category WHERE id = '" . $subcategory['id'] . "'" ); } } if( ! $catid ) { msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" ); } $row = $db->super_query( "SELECT count(*) as count FROM " . PREFIX . "_post WHERE category regexp '[[:<:]]($catid)[[:>:]]'" ); if( $row['count'] ) { if( is_array( $_REQUEST['new_category'] ) ) { if( ! in_array( $catid, $new_category ) ) { $category_list = $db->safesql( htmlspecialchars( strip_tags( stripslashes( implode( ',', $_REQUEST['new_category']))), ENT_QUOTES ) ); $db->query( "UPDATE " . PREFIX . "_post set category='$category_list' WHERE category regexp '[[:<:]]($catid)[[:>:]]'" ); $db->query( "DELETE FROM " . PREFIX . "_category WHERE id='$catid'" ); DeleteSubcategories( $catid ); $cache->delete('category.php'); $cache->clear(); msg( "info", $lang['cat_delok'], $lang['cat_delok_1'], "?mod=categories" ); } } msg( "info", $lang['all_info'], "
{$lang['comm_move']}
", "$PHP_SELF?mod=categories" ); } else { $db->query( "DELETE FROM " . PREFIX . "_category WHERE id='$catid'" ); DeleteSubcategories( $catid ); $cache->delete('category.php' ); $cache->clear(); msg( "info", $lang['cat_delok'], $lang['cat_delok_1'], "?mod=categories" ); } } // ******************************************************************************** // Редактирование категории // ******************************************************************************** elseif( $action == "edit" ) { echoheader( "options", $lang['cat_head'] ); $catid = intval( $_GET['catid'] ); if( ! $catid ) {msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );} $row = $db->super_query( "SELECT * FROM " . PREFIX . "_category WHERE id = '$catid'" ); if( ! $row['id'] ) msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" ); $categorylist = CategoryNewsSelection( $row['parentid'], 0 ); $row['name'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['name'] ) ); $row['metatitle'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['metatitle'] ) ); $row['descr'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['descr'] ) ); $row['keywords'] = stripslashes( preg_replace( array ("'\"'", "'\''" ), array (""", "'" ), $row['keywords'] ) ); $row['news_sort'] = makeDropDown( array ("" => $lang['sys_global'], "date" => $lang['opt_sys_sdate'], "rating" => $lang['opt_sys_srate'], "news_read" => $lang['opt_sys_sview'], "title" => $lang['opt_sys_salph'] ), "news_sort", $row['news_sort'] ); $row['news_msort'] = makeDropDown( array ("" => $lang['sys_global'], "DESC" => $lang['opt_sys_mminus'], "ASC" => $lang['opt_sys_mplus'] ), "news_msort", $row['news_msort'] ); echo <<
{$lang['cat_edit']}
{$lang['cat_name']} [?]
{$lang['cat_url']} [?]
{$lang['meta_title']} ({$lang['meta_descr_max']})
{$lang['meta_descr_cat']} ({$lang['meta_descr_max']})
{$lang['meta_keys']}
{$lang['cat_parent']}
{$lang['opt_sys_sort']} {$row['news_sort']}
{$lang['opt_sys_msort']} {$row['news_msort']}
{$lang['opt_sys_newc']} [?]
 
HTML; echofooter(); die(); } // ******************************************************************************** // Запись отредактированной категории // ******************************************************************************** elseif( $action == "doedit" ) { if( $_REQUEST['user_hash'] == "" or $_REQUEST['user_hash'] != $dle_login_hash ) {die( "Hacking attempt! User not found" );} $quotes = array ("\x27", "\x22", "\x60", "\t", "\n", "\r", '"' ); $cat_name = $db->safesql( htmlspecialchars( strip_tags( stripslashes($_POST['cat_name'] ) ), ENT_QUOTES) ); $alt_cat_name = totranslit( stripslashes( $_POST['alt_cat_name'] ), true, false ); $catid = intval( $_POST['catid'] ); $parentid = intval( $_POST['parentid'] ); $meta_title = $db->safesql( htmlspecialchars ( strip_tags( stripslashes( $_POST['meta_title'] ) ) ) ); $description = $db->safesql( substr( strip_tags( stripslashes( $_POST['descr'] ) ), 0, 200 ) ); $keywords = $db->safesql( str_replace( $quotes, " ", strip_tags( stripslashes( $_POST['keywords'] ) ) ) ); if ( in_array($_POST['news_sort'], array("date", "rating", "news_read", "title")) ) { $news_sort = $db->safesql( $_POST['news_sort'] ); } else $news_sort = ""; if ( in_array($_POST['news_msort'], array("ASC", "DESC")) ) { $news_msort = $db->safesql( $_POST['news_msort'] ); } else $news_msort = ""; if ( $_POST['news_number'] > 0)$news_number = intval( $_POST['news_number'] ); else $news_number = 0; if( ! $catid ) {msg( "error", $lang['cat_error'], $lang['cat_noid'], "$PHP_SELF?mod=categories" );} if( $cat_name == "" ) {msg( "error", $lang['cat_error'], $lang['cat_noname'], "javascript:history.go(-1)" );} $row = $db->super_query( "SELECT id, alt_name FROM " . PREFIX . "_category WHERE alt_name = '$alt_cat_name'" ); if( $row['id'] and $row['id'] != $catid ) { msg( "error", $lang['cat_error'], $lang['cat_eradd'], "javascript:history.go(-1)" ); } if( in_array( $parentid, get_sub_cats( $catid ) ) ) { msg( "error", $lang['cat_error'], $lang['cat_noparentid'], "$PHP_SELF?mod=categories" ); } $db->query( "UPDATE " . PREFIX . "_category set parentid='$parentid', name='$cat_name', alt_name='$alt_cat_name', descr='$description', keywords='$keywords', news_sort='$news_sort', news_msort='$news_msort', news_number='$news_number', metatitle='$meta_title' WHERE id='$catid'" ); $cache->delete('category.php' ); $cache->clear(); msg( "info", $lang['cat_editok'], $lang['cat_editok_1'], "$PHP_SELF?mod=categories" ); } // ******************************************************************************** // List all Categories // ******************************************************************************** echoheader( "options", $lang['cat_head'] ); $categorylist = CategoryNewsSelection( 0, 0 ); echo <<
{$lang['cat_add']}
{$lang['cat_name']} [?]
{$lang['cat_url']} [?]
{$lang['meta_title']} ({$lang['meta_descr_max']})
{$lang['meta_descr_cat']} ({$lang['meta_descr_max']})
{$lang['meta_keys']}
{$lang['cat_parent']}
{$lang['opt_sys_sort']}
{$lang['opt_sys_msort']}
{$lang['opt_sys_newc']} [?]
 
HTML; if( ! count( $cat_info ) ) { echo <<
{$lang['cat_list']}
{$lang['cat_nocat']}
HTML; } else { function DisplayCategories($parentid = 0, $sublevelmarker = '') { global $lang, $cat_info, $config, $dle_login_hash; // start table if( $parentid == 0 ) { echo <<
{$lang['stat_all']}
HTML; } else { $sublevelmarker .= '--'; } if( count( $cat_info ) ) { foreach ( $cat_info as $cats ) { if( $cats['parentid'] == $parentid ) $root_category[] = $cats['id']; } if( count( $root_category ) ) { foreach ( $root_category as $id ) { $category_name = $cat[$id]; if( $config['allow_alt_url'] == "yes" ) $link = "" . stripslashes( $cat_info[$id]['name'] ) . ""; else $link = "" . stripslashes( $cat_info[$id]['name'] ) . ""; echo ""; DisplayCategories( $id, $sublevelmarker ); } } } // end table if( $parentid == 0 ) { echo <<
ID Position {$lang['cat_cat']} {$lang['cat_url']} {$lang['cat_action']}
 " . $cat_info[$id]['id'] . "  $sublevelmarker " . $link . " "; if( $cat_info[$id]['alt_name'] != "" ) { echo $cat_info[$id]['alt_name']; } else { echo "---"; } echo " [$lang[cat_ed]] [$lang[cat_del]]
HTML; } } DisplayCategories(); } echofooter(); ?>