$cod='<?PHP
echo '$new = isset ( $_GET['new'] ) ? $_GET['new'] : NULL;
switch ($new)
{
default:
include ("bd.php");
$chislo = 3;
$kol2 = mysql_query("SELECT COUNT(*) FROM state");
$kol3 = mysql_result($kol2, 0);
$num_str = ceil($kol3/$chislo);
echo "<a href=\"".$_SERVER['PHP_SELF']."?new=form\">Добавить</a><br/>";
if($num_str==0){
echo "Статьи отсутствуют!";
exit;
}
if (isset($_GET['str'])) {
$nav = $_GET['str'];
}
else {
$nav = 1;
}
$nav = intval($nav);
for ($i=1; $i<=$num_str; $i++) {
if ($i != $nav) {
echo '<a href="' .$_SERVER['PHP_SELF']. '?str='.$i.'">'.$i.'</a> ';
}
else {
echo '<span>'.$i.'</span> ';
}
}
if (!isset($_GET['str'])) {
$str = 0;
}
else {
$str = $_GET['str']*$chislo - $chislo;
}
$statya = mysql_query("SELECT * from state ORDER by id_s asc limit $str, $chislo");
if(!$statya)
{
echo "НЕ удалось получить данные от базы данных!";
exit;
}
while($s = mysql_fetch_array($statya))
{
echo "<form action=\"profile.php\" method=\"POST\">";
echo "<b>".$s['title_s']."</b><br/>";
echo "Автор:<b>".$s['avtor_s']."</b><input type=\"image\" src=\"p.png\" name=\"submit\"><br/>";
echo "<input type=\"hidden\" name=\"login\" value=\"".$s['avtor_s']."\">";
echo "</form>";
echo "".$s['date_s']."<br/>";
echo "".$s['text_s']."<br/>";
echo "Тематика:<b>".$s['tematika_s']."</b><br/><br/>";
if(isset($_SESSION['login']) and $_SESSION['login']=='voskan')
{
echo "<form action=\"delete_s.php\" method=\"POST\">";
echo "<input type=\"hidden\" name=\"id_s\" value=\"".$s['id_s']."\">";
echo "<input type=\"hidden\" name=\"str\" value=\"".$_GET['str']."\">";
echo "<input type=\"image\" src=\"delete.png\" name=\"submit\">";
echo "</form>";
echo "<form action=\"edit_s.php\" method=\"POST\">";
echo "<input type=\"hidden\" name=\"id_s\" value=\"".$s['id_s']."\">";
echo "<input type=\"hidden\" name=\"str\" value=\"".$_GET['str']."\">";
echo "<input type=\"image\" src=\"edit.png\" name=\"submit\">";
echo "</form>";
}
}
break;
case 'form':
echo "<form action=\"" . $_SERVER['PHP_SELF'] . "?new=add\" method=\"post\">\n";
echo "Название статьи:<br/>\n";
echo "<input type=\"text\" name=\"title\"><br/>\n";
echo "Текст статьи:<br/>\n";
echo "<textarea name=\"text\" rows=\"5\" cols=\"60\"></textarea><br/>\n";
echo "Тематика статьи:<br/>\n";
echo "<select name=\"tematika\" size=\"1\">";
echo "<option value=\"Политика\">Политика</option>";
echo "<option value=\"Религия\">Религия</option>";
echo "<option value=\"Cайтостроение\">Cайтостроение</option>";
echo "</select><br/>";
echo "<input type=\"submit\" value=\"Добавить\">\n";
echo "</form>\n";
break;
case 'add':
if(isset($_POST['text'])) { $text_s = $_POST['text']; if ($text_s == '') { unset($text_s);} }
if(isset($_POST['title'])) { $title = $_POST['title']; if ($title == '') { unset($title);} }
if(isset($_POST['tematika'])) { $tematika = $_POST['tematika']; if ($tematika == '') { unset($tematika);} }
if(isset($_SESSION['login'])){$avtor_s = $_SESSION['login']; if($avtor_s == ''){unset($avtor_s);}}
if(empty($avtor_s))
{
echo "Вы не можете добавлять статью,вы не авторизованы!";
exit;
}
if(empty($title))
{
echo "Напишите название статьи!";
exit;
}
if(empty($text_s))
{
echo "Напишите текст статьи!";
exit;
}
if(empty($tematika))
{
echo "Напишите тематику статьи!";
exit;
}
$title = stripslashes($title);
$title = htmlspecialchars($title);
$title = mysql_escape_string($title);
$text_s = stripslashes($text_s);
$text_s = htmlspecialchars($text_s);
$text_s = mysql_escape_string($text_s);
$tematika = stripslashes($tematika);
$tematika = htmlspecialchars($tematika);
$tematika = mysql_escape_string($tematika);
include ('bd.php');
$add_statya = mysql_query("INSERT INTO state (avtor_s,title_s,tematika_s,text_s) VALUES('$avtor_s','$title','$tematika','$text_s')");
if($add_statya="TRUE")
{
echo "Статья добавлена!";
$chislo2 = 3;
$kol4 = mysql_query("SELECT COUNT(*) FROM state");
$kol5 = mysql_result($kol4, 0);
$num_str = ceil($kol5/$chislo2);
header ("location: state.php?str=$num_str");
}
else
{
echo "Статья не добавлена!";
}
break;
}';
?>';