<?
include('../config.php');
if (!isset($_SERVER['PHP_AUTH_USER'])) {
header("WWW-Authenticate: Basic realm="Administrator CMS:"");
header("HTTP/1.0 401 Unauthorized");
die ("Доступ только для администраторов!n");
exit;
}
if($_SERVER['PHP_AUTH_USER'] != $adminlogin || $_SERVER['PHP_AUTH_PW']!= $adminpass)
{
header("WWW-Authenticate: Basic realm="Админ-панель CMS:"");
header("HTTP/1.0 401 Unauthorized");
die ("Доступ только для администраторов!n");
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<script language="javascript" type="text/javascript" src="../editor/jscripts/tiny_mce/tiny_mce.js"></script>
<script language="javascript" type="text/javascript">
tinyMCE.init({
mode : "textareas",
theme : "advanced",
plugins : "table,save,advhr,advimage,advlink,emotions,iespell,insertdatetime,preview,zoom,media,searchreplace,print,contextmenu,paste,directionality,fullscreen",
theme_advanced_buttons1_add_before : "save,newdocument,separator",
theme_advanced_buttons1_add : "fontselect,fontsizeselect",
theme_advanced_buttons2_add : "separator,insertdate,inserttime,preview,zoom,separator,forecolor,backcolor",
theme_advanced_buttons2_add_before: "cut,copy,paste,pastetext,pasteword,separator,search,replace,separator",
theme_advanced_buttons3_add_before : "tablecontrols,separator",
theme_advanced_buttons3_add : "emotions,iespell,media,advhr,separator,print,separator,ltr,rtl,separator,fullscreen",
theme_advanced_toolbar_location : "top",
theme_advanced_toolbar_align : "left",
theme_advanced_statusbar_location : "bottom",
content_css : "example_word.css",
plugi2n_insertdate_dateFormat : "%Y-%m-%d",
plugi2n_insertdate_timeFormat : "%H:%M:%S",
external_link_list_url : "example_link_list.js",
external_image_list_url : "example_image_list.js",
media_external_list_url : "example_media_list.js",
file_browser_callback : "fileBrowserCallBack",
paste_use_dialog : false,
theme_advanced_resizing : true,
theme_advanced_resize_horizontal : false,
theme_advanced_link_targets : "_something=My somthing;_something2=My somthing2;_something3=My somthing3;",
paste_auto_cleanup_on_paste : true,
paste_convert_headers_to_strong : false,
paste_strip_class_attributes : "all",
paste_remove_spans : false,
paste_remove_styles : false
});
</script>
<head>
<title>Админ-панель сайта</title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
</head>
<body>
<?php
if ( !isset( $_GET["action"] ) ) $_GET["action"] = "showlist";
$_GET["id_page"] = "showlist";
$action = $_GET["action"];
$id_page = $_GET["id_page"];
switch ( $action )
{
case "showlist":
show_list(); break;
case "delete":
delete_page( $id_page );
show_list(); break;
case "update":
update_page( $id_page );
show_list(); break;
case "editform":
get_edit_page_form( $id_page ); break;
default:
show_list();
}
function show_list()
{
$query = "SELECT id_page,title,description,keywords,orders,template,module,settings,startpage FROM pages WHERE 1";
$res = mysql_query( $query );
echo "<h2>Список</h2>";
echo "<table>";
echo "<tr><th>ID</th><th>Наименование</th><th>Описание</th>
<th>keywords</th><th>orders</th><th>template</th><th>module</th>
<th>settings</th><th>startpage</th><th>Ред.</th><th>Удл.</th></tr>";
while ( $page = mysql_fetch_array( $res ) )
{
echo "<tr>";
echo "<td>".$page["id_page"]."</td>";
echo "<td>".$page["title"]."</td>";
echo "<td>".$page["description"]."</td>";
echo "<td>".$page["keywords"]."</td>";
echo "<td>".$page["orders"]."</td>";
echo "<td>".$page["template"]."</td>";
echo "<td>".$page["module"]."</td>";
echo "<td>".$page["settings"]."</td>";
echo "<td>".$page["startpage"]."</td>";
echo "<td><a href='".$_SERVER["PHP_SELF"]."?action=editform&id_page=".$page["id_page"]."'>Ред.</a></td>";
echo "<td><a href='".$_SERVER["PHP_SELF"]."?action=delete&id_page=".$page["id_page"]."'>Удл.</a></td>";
echo "</tr>";
}
echo "</table>";
}
function get_edit_page_form( $id_page )
{
echo "<h2>Редактировать</h2>";
$query = "SELECT title,description,keywords,orders,template,module,settings,startpage FROM pages WHERE id=".$id_page;
$res = mysql_query( $query );
$page = mysql_fetch_array( $res );
echo "<form name='editform' action='".$_SERVER["PHP_SELF"]."?action=update&id_page=".$id_page."' method='POST'>";
echo "<table>";
echo "<tr>";
echo "<td>Наименование</td>";
echo "<td><input type='text' name='title' value='".$page["title"]."'></td>";
echo "</tr>";
echo "<tr>";
echo "<td>Описание</td>";
echo "<td><textarea name='description'>".$page["description"]."</textarea></td>";
echo "</tr>";
echo "<tr>";
echo "<td><input type='submit' value='Сохранить'></td>";
echo "<td><button type='button' onClick='javascript: history.back();'>Отменить</button></td>";
echo "</tr>";
echo "</table>";
echo "</form>";
}
function update_page( $id_page )
{
$title = mysql_escape_string( $_POST['title'] );
$description = mysql_escape_string( $_POST['description'] );
$query = "UPDATE pages SET title='".$title."', description='".$description."',
WHERE id=".$id_page;
mysql_query ( $query );
return true;
}
function delete_page( $id_page )
{
$query = "DELETE FROM pages WHERE id=".$id_page;
mysql_query ( $query );
return true;
}
?>
</body>
</html>