Was ist daran falsch?
Kann da mal jemand drüber schauen?
Dieses modul is von ilchmod..
-----------------------------------------------------------------------
<?php
# Copyright by: Manuel Staechele
# Support: www.ilch.de
defined ('main') or die ( 'no direct access' );
defined ('admin') or die ( 'only admin access' );
$design = new design ( 'Admins Area', 'Admins Area', 2 );
$design->header();
//-----------------------------------------------------------|
##
###
####
##### F u n k t i o n e n
function getKats ( $akt ) {
$katAR = array();
$kats = '';
$erg = db_query("SELECT DISTINCT news_kat FROM `prefix_news`");
while ($row = db_fetch_object($erg)) {
$katAr[] = $row->news_kat;
}
$katAr[] = 'Allgemein';
$katAr = array_unique($katAr);
foreach($katAr as $a) {
if (trim($a) == trim($akt)) {
$sel = ' selected';
} else {
$sel = '';
}
$kats .= '<option'.$sel.'>'.$a.'</option>';
}
return ($kats);
}
//Rechtearray auslesen
$grechte = array();
$sql = db_query("SELECT id,name FROM `prefix_groups` ORDER BY id");
echo mysql_error();
while($r = db_fetch_object($sql)){
$grechte[$r->name] = $r->id;
}
$grechte['Newsletterempfänger'] = 'newsletter';
##### F u n k t i o n
####
###
##
#
##
###
####
##### A k t i o n e n
if ( !empty($_REQUEST['um']) ) {
$um = $_REQUEST['um'];
if ( $um == 'insert' ) {
# insert
$text = escape($_POST['txt'], 'textarea');
if ( $_POST['katLis'] == 'neu' ) {
$_POST['katLis'] = $_POST['kat'];
}
db_query("INSERT INTO `prefix_news` (news_title,user_id,news_time,news_recht,news_kat,news_text)
VALUES ('".$_POST['titel']."',".$_SESSION['authid'].",NOW(),".$_POST['grecht'].",'".$_POST['katLis']."','".$text."')");
# mails verschicken
$tosend = '';
$snl = false;
$tmp_ar = $grechte;
unset($tmp_ar['Newsletterempfänger']);
foreach( $tmp_ar as $v ){
if (strtolower($_POST[$v]) == 'on') {
$tosend .= $v.',';
$snl = true;
}
}
$tosend = substr($tosend,0,-1 );
if(strtolower($_POST['newsletter']) == 'on') {
$tosend2 = "UNION SELECT email FROM `prefix_newsletter`";
$snl = true;
} else {
$tosend2 = '';
}
if ($snl) {
$sql = db_query("SELECT email FROM `prefix_user` WHERE recht IN ($tosend) $tosend2;");
$mailtxt = bbcode($text);
$serverurl = 'http://'.$_SERVER["HTTP_HOST"].dirname($_SERVER["SCRIPT_NAME"]).'/';
$mailtxt = str_replace('href="include','href="'.$serverurl.'include',$mailtxt);
$mailtxt = str_replace('src="include','src="'.$serverurl.'include',$mailtxt);
while ($row = db_fetch_object($sql,0)) {
if (preg_match('/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i',$row->email)) {
icmail($row->email,$_POST['titel'],$mailtxt,"admins@cs-in.de",'html');
}
}
}
} elseif ( $um == 'change' ) {
# edit
$text = addslashes($_POST['txt']);
if ( $_POST['katLis'] == 'neu' ) {
$_POST['katLis'] = $_POST['kat'];
}
$row = db_fetch_object(db_query("SELECT * FROM `prefix_news` WHERE news_id = ".$_POST['newsID']));
db_query('UPDATE `prefix_news` SET
news_title = "'.$_POST['titel'].'",
news_recht = "'.$_POST['grecht'].'",
news_kat = "'.$_POST['katLis'].'",
news_text = "'.$text.'",
editor_id = "'.$_SESSION['authid'].'" WHERE news_id = "'.$_POST['newsID'].'" LIMIT 1');
$edit = $_POST['newsID'];
}
}
# edit
# del
if ( $menu->get(1) == 'del' ) {
db_query('DELETE FROM `prefix_news` WHERE news_id = "'.$menu->get(2).'" LIMIT 1');
}
#del
##### A k t i o n e n
####
###
##
#
##
###
####
##### h t m l E i n g a b e n
if ( empty ($doNoIn) ) {
$limit = 30; // Limit
$page = ($menu->getA(1) == 'p' ? $menu->getE(1) : 1 );
$MPL = db_make_sites ($page , '' , $limit , "?news" , 'news' );
$anfang = ($page - 1) * $limit;
if ( $menu->get(1) != 'edit' ) {
$FnewsID = '';
$Faktion = 'insert';
$Fueber = '';
$Fstext = '';
$Ftxt = '';
$Fgrecht = '';
$FkatLis = '';
$Fsub = 'Eintragen';
//Checkboxen erstellen
$nlcb = '';
foreach($grechte as $k => $v){
$nlcb.= "<input type=\"checkbox\" name=\"$v\" id=\"$v\"/><label for=\"$v\">$k</label>";
}
$Fnewsletter = $nlcb;
} else {
$row = db_fetch_object(db_query("SELECT * FROM `prefix_news` WHERE news_id = ".$menu->get(2)));
$FnewsID = $row->news_id;
$Faktion = 'change';
$Fueber = $row->news_title;
$Ftxt = stripslashes($row->news_text);
$Fgrecht = $row->news_recht;
$FkatLis = $row->news_kat;
$Fsub = 'Ändern';
$Fnewsletter = 'Beim Ändern werden keine Newsletter verschickt';
}
$tpl = new tpl ( 'news', 1);
$ar = array (
'NEWSID' => $FnewsID,
'AKTION' => $Faktion,
'MPL' => $MPL,
'UEBER' => $Fueber,
'txt' => $Ftxt,
'SMILIS' => getsmilies(),
'grecht' => dbliste($Fgrecht,$tpl,'grecht',"SELECT id,name FROM prefix_grundrechte ORDER BY id DESC"),
'KATS' => getKats($FkatLis),
'FSUB' => $Fsub,
'newsletter' => $Fnewsletter
);
$tpl->set_ar_out($ar,0);
# e d i t , d e l e t e
$abf = 'SELECT news_id,news_title
FROM `prefix_news`
ORDER BY news_time DESC
LIMIT '.$anfang.','.$limit;
$erg = db_query($abf);
$class = '';
while ($row = db_fetch_object($erg) ) {
$class = ($class == 'Cmite' ? 'Cnorm' : 'Cmite' );
$tpl->set_ar_out( array ( 'ID' => $row->news_id, 'class' => $class, 'TITEL' => $row->news_title ) , 1 );
}
# e d i t , d e l e t e
$tpl->set_ar_out( array ('MPL' => $MPL ) , 2 );
}
$design->footer();
?>
