113 lines
3.7 KiB
PHP
113 lines
3.7 KiB
PHP
<?php
|
|
require_once '../../misuzu.php';
|
|
|
|
$newsPerms = perms_get_user(MSZ_PERMS_NEWS, user_session_current('user_id', 0));
|
|
|
|
switch ($_GET['v'] ?? null) {
|
|
default:
|
|
case 'posts':
|
|
if (!perms_check($newsPerms, MSZ_PERM_NEWS_MANAGE_POSTS)) {
|
|
echo render_error(403);
|
|
break;
|
|
}
|
|
|
|
$postsPagination = pagination_create(news_posts_count(null, false, true, false), 15);
|
|
$postsOffset = pagination_offset($postsPagination, pagination_param());
|
|
|
|
if (!pagination_is_valid_offset($postsOffset)) {
|
|
echo render_error(404);
|
|
break;
|
|
}
|
|
|
|
$posts = news_posts_get($postsOffset, $postsPagination['range'], null, false, true, false);
|
|
|
|
echo tpl_render('manage.news.posts', [
|
|
'news_posts' => $posts,
|
|
'posts_pagination' => $postsPagination,
|
|
]);
|
|
break;
|
|
|
|
case 'categories':
|
|
if (!perms_check($newsPerms, MSZ_PERM_NEWS_MANAGE_CATEGORIES)) {
|
|
echo render_error(403);
|
|
break;
|
|
}
|
|
|
|
$categoriesPagination = pagination_create(news_categories_count(true), 15);
|
|
$categoriesOffset = pagination_offset($categoriesPagination, pagination_param());
|
|
|
|
if (!pagination_is_valid_offset($categoriesOffset)) {
|
|
echo render_error(404);
|
|
break;
|
|
}
|
|
|
|
$categories = news_categories_get($categoriesOffset, $categoriesPagination['range'], true, false, true);
|
|
|
|
echo tpl_render('manage.news.categories', [
|
|
'news_categories' => $categories,
|
|
'categories_pagination' => $categoriesPagination,
|
|
]);
|
|
break;
|
|
|
|
case 'category':
|
|
$category = [];
|
|
$categoryId = (int)($_GET['c'] ?? null);
|
|
|
|
if (!empty($_POST['category']) && csrf_verify('news_category', $_POST['csrf'] ?? '')) {
|
|
$originalCategoryId = (int)($_POST['category']['id'] ?? null);
|
|
$categoryId = news_category_create(
|
|
$_POST['category']['name'] ?? null,
|
|
$_POST['category']['description'] ?? null,
|
|
!empty($_POST['category']['hidden']),
|
|
$originalCategoryId
|
|
);
|
|
|
|
audit_log(
|
|
$originalCategoryId === $categoryId
|
|
? MSZ_AUDIT_NEWS_CATEGORY_EDIT
|
|
: MSZ_AUDIT_NEWS_CATEGORY_CREATE,
|
|
user_session_current('user_id'),
|
|
[$categoryId]
|
|
);
|
|
}
|
|
|
|
if ($categoryId > 0) {
|
|
$category = news_category_get($categoryId);
|
|
}
|
|
|
|
echo tpl_render('manage.news.category', compact('category'));
|
|
break;
|
|
|
|
case 'post':
|
|
$post = [];
|
|
$postId = (int)($_GET['p'] ?? null);
|
|
$categories = news_categories_get(0, 0, false, false, true);
|
|
|
|
if (!empty($_POST['post']) && csrf_verify('news_post', $_POST['csrf'] ?? '')) {
|
|
$originalPostId = (int)($_POST['post']['id'] ?? null);
|
|
$currentUserId = user_session_current('user_id');
|
|
$postId = news_post_create(
|
|
$_POST['post']['title'] ?? null,
|
|
$_POST['post']['text'] ?? null,
|
|
(int)($_POST['post']['category'] ?? null),
|
|
user_session_current('user_id'),
|
|
!empty($_POST['post']['featured']),
|
|
null,
|
|
$originalPostId
|
|
);
|
|
audit_log(
|
|
$originalPostId === $postId
|
|
? MSZ_AUDIT_NEWS_POST_EDIT
|
|
: MSZ_AUDIT_NEWS_POST_CREATE,
|
|
$currentUserId,
|
|
[$postId]
|
|
);
|
|
}
|
|
|
|
if ($postId > 0) {
|
|
$post = news_post_get($postId);
|
|
}
|
|
|
|
echo tpl_render('manage.news.post', compact('post', 'categories'));
|
|
break;
|
|
}
|