سلام.این رو امتهان کنید به جوابتون میرسید.
<?php
if(!isset($_SESSION)){
session_start();
}
require_once str_replace('\', '/', dirname(dirname(__FILE__))) . '/config.php';
require_once ROOT .'inc/db.php';
require_once ROOT .'inc/functions.php';
require_once ROOT .'inc/jdf.php';
require_once ROOT .'admin/header.php';
if(!isset($_SESSION['uid'], $_SESSION['uname'])) {
Redirect(ADDR . 'admin/login.php');
}
?>
<?php
$post=array(
'id'=>0,
'user_id'=>'',
'cat_id'=>'',
'title'=>'',
'body' =>'',
'ts'=>'',
'visible'=>'',
);
if(isset($_GET['cmd'],$_GET['id'])){
$ID=intval($_GET['id']);
settype($_GET['cmd'],'string');
switch(strtolower($_GET['cmd'])){
case 'delete':
Query("DELETE FROM `posts` WHERE (`id`='{$ID}')");
if(Affected_Rows()>0){
echo '<p class="alert alert-info"> پست مورد نظر با موقیت حذف گردید.</p>'.PHP_EOL;
}
else{echo '<p class="alert alert-warning"> پست مورد نظر یافت نشد.</p>'.PHP_EOL;}
break;
case 'edit':
$posts=ArrayQuery("SELECT * FROM `posts` WHERE (`id`='{$ID}') ");
if(Affected_Rows()>0){
if(count($posts)>0){
$post=$posts[0];
}
}
break;
case 'change':
$posts=ArrayQuery("SELECT * FROM `posts` WHERE (`id`='{$ID}') ");
if(Affected_Rows()>0){
if(count($posts)>0){
$visible=($posts[0]['visible']? '0' : '1');
}
Query("UPDATE `posts` SET `visible`='{$visible}' WHERE (`id`='{$ID}') ");
}
break;
}
}
//-----------------//
if(count($_POST)>0){
$row=intval($_POST['id']);
$userid=$_POST['user_id'];
$catid=dbEscape($_POST['cat_id']);
$title=dbEscape($_POST['title']);
$body=dbEscape($_POST['body']);
$ts=time();
$visible = (isset($_POST['visible']) ? '1' : '0');
if($row==0){
Query("INSERT INTO `posts` (`id`, `user_id`, `cat_id`, `title`, `body`, `ts`, `visible`)
VALUES(NULL,'$userid','{$catid}','{$title}','{$body}','$ts','$visible')");
}
else{
Query("UPDATE `posts` SET
`user_id`='{$userid}',`cat_id`='{$catid}',`title`='{$title}',`body`='{$body}',`ts`='{$ts}',
`visible`='{$visible}' WHERE `id`='{$row}'");
}
if(Affected_Rows()>0){
echo '<p class="alert alert-info"> عملیات با موفقیت انجام شد.</p>'.PHP_EOL;
$posti = ArrayQuery("SELECT * FROM `posts` WHERE (`id`='{$row}')");
if(count($posti) > 0) {
$post = $posti[0];
}
}
else{
echo '<p class="alert alert-warning"> عملیات با موفقیت انجام نشد.</p>'.PHP_EOL;
}
}
?>
<div class="well">
<p class="alert alert-info">ثبت پست</p>
<form action="" class="form-horizontal" method="post">
<input type="hidden" name="id" value="<?PHP echo $post['id'];?>">
<div class="form-group">
<label for="inputParent" class="col-sm-2 control-label"> نویسنده</label>
<div class="col-sm-3">
<select class="form-control" id="inputParent" name="user_id" name="parent">
<?php
$sql=Query("SELECT * FROM `users` ");
while($_u=mysql_fetch_assoc($sql)){
$state="";
if($_u['id']==$post['user_id'])
$state="selected";
echo '<option '.$state.' value="'.$_u['id'].'"> '.HTMLEscape($_u['name']).'</option>'.PHP_EOL;
}
?>
</select>
</div>
</div>
<div class="form-group">
<label for="inputParent" class="col-sm-2 control-label">گروه</label>
<div class="col-sm-3">
<select class="form-control" id="inputParent" name="cat_id" name="parent" >
<?php
$sql=Query("SELECT * FROM `categories`");
while ($_h=mysql_fetch_assoc($sql)){
$state="";
if($_h['id']==$post['cat_id'])
$state="selected";
echo '<option '.$state.' value="'.$_h['id'].'"> '.HTMLEscape($_h['name']).'</option>'.PHP_EOL;
}
?>
</select>
</div>
</div>
<div class="form-group">
<label for="inputname" class="col-sm-2 control-label">عنوان</label>
<div class="col-sm-3">
<input class="form-control" id="inputname" name="title" placeholder="عنوان" type="text" value="<?php echo $post['title'];?>" />
</div>
</div>
<div class="form-group">
<label for="inputname" class="col-sm-2 control-label">متن</label>
<div class="col-sm-3">
<textarea class="form-control"
id="inputBody" name="body" placeholder="متن" required rows="5" style="resize: none;"><?php echo $post['body'];?>
</textarea>
</div>
</div>
<div class="form-group">
<label for="inputvisible" class="col-sm-2 control-label">نمایش</label>
<div class="col-sm-1">
<input <?PHP echo ($post['visible']? 'checked ="checked"' :'');?> class="form-control" id="inputvisible" name="visible" placeholder="نمایش" type="checkbox" />
</div>
</div>
<div class="form-group">
<div class="col-sm-offset-2 col-sm-10">
<?php
if($post['id']==0){
?>
<button class="btn btn-success" type="submit">ثبت</button>
<?php
}
else{
?>
<button class="btn btn-warning" type="submit">ویرایش</button>
<?php
}
?>
</div>
</div>
</form>
</div>
<?php
$post=ArrayQuery("SELECT * FROM `posts` ORDER BY `id` ASC");
if(count ($post)>0){
echo '<table class="table table-striped" >'.PHP_EOL;
echo '<tr class="warning"><th width="50px">ردیف</th><th>نام کاربر</th><th>نام گروه</th><th>عنوان</th><th>متن</th><th>تاریخ</th><th width="205px" >عملیات</th></tr>'.PHP_EOL;
foreach($post as $p){
echo '<tr class="'.($p['visible'] ? 'success' : 'danger').'">';
echo '<td> '.$p['id'].'</td>';
$user=ArrayQuery("SELECT `name` From `users` WHERE(`id`='{$p['user_id']}')");
foreach($user as $u){
echo '<td>'.HTMLEscape($u['name']).'</td>';
}
$catname=ArrayQuery("SELECT `name` FROM `categories` WHERE (`id`='{$p['cat_id']}')");
foreach ($catname as $c){
echo '<td>'.HTMLEscape($c['name']).'</td>';
}
echo '<td>'.HTMLEscape($p['title']).'</td>';
echo '<td>'.HTMLEscape($p['body']).'</td>';
echo '<td>'.tr_num(jdate('Y/m/d H:i:s',$p['ts']),'fa').'</td>'.PHP_EOL;
echo '<td>';
echo '<a class="btn btn-warning btn-sm " href="posts.php?cmd=edit&id='.$p['id'].' ">ویرایش</a>';
echo '<a class="btn btn-danger btn-sm" href="posts.php?cmd=delete&id='.$p['id'].' "onClick="return confirm('آیا برای حذف رکورد مورد نظر مطمئن هستید؟');">حذف</a>';
echo '<a class="btn btn-info btn-sm" href="posts.php?cmd=change&id='.$p['id'].' ">'.($p['visible'] ? 'نمایش' : 'عدم نمایش').'</a>';
echo '</td>';
echo '</tr>'.PHP_EOL;
}
echo '</table>'.PHP_EOL;
}
else{echo '<p class="alert alert-danger">متاسفانه هیچ گروهی یافت نگردید.</p>'.PHP_EOL;}
?>
![[عکس: packages.gif]](http://forum.ncis.ir/images/ads/packages.gif)