source: trunk/admin/modules/Elezioni/ele_come.php@ 418

Last change on this file since 418 was 344, checked in by roby, 4 years ago

Segue modifiche per la compatibilità php7.x

File size: 9.4 KB
RevLine 
[2]1<?php
2/************************************************************************/
3/* Eleonline - Raccolta e diffusione dei dati elettorali */
4/* by Roberto Gigli & Luciano Apolito */
5/* http://www.eleonline.it */
6/* info@eleonline.it luciano@aniene.net rgigli@libero.it */
7/************************************************************************/
8/* Modulo Come si vota, servizi, numeri e link */
9/* Amministrazione */
10/************************************************************************/
11
12
13if (!defined('ADMIN_FILE')) {
14 die ("You can't access this file directly...");
15}
[257]16global $dbi;
[2]17$aid=$_SESSION['aid'];
18$prefix=$_SESSION['prefix'];
19$currentlang=$_SESSION['lang'];
20$id_comune=$_SESSION['id_comune'];
21$param=strtolower($_SERVER['REQUEST_METHOD']) == 'get' ? $_GET : $_POST;
22$id_cons_gen=$param['id_cons_gen'];
23$perms=ChiSei(0);
24
25
[344]26if (isset($param['add_title'])) $add_title=addslashes($param['add_title']); else $add_title='';
27if (isset($param['add_preamble'])) $add_preamble=addslashes($param['add_preamble']); else $add_preamble='';
28if (isset($param['add_content'])) $add_content=addslashes($param['add_content']); else $add_content='';
29if (isset($param['vai'])) $vai=addslashes($param['vai']); else $vai='come';
30if (isset($param['mid'])) $mid=addslashes($param['mid']); else $mid='';
31if (isset($param['ok'])) $ok=addslashes($param['ok']); else $ok='';
32if (isset($param['op'])) $op=addslashes($param['op']); else $op='come';
[2]33$tab='_ele_'.$op;
34
35/*********************************************************/
36/* come Functions */
37/*********************************************************/
38$sql="SELECT t1.descrizione,t1.tipo_cons,t2.id_cons FROM ".$prefix."_ele_consultazione as t1, ".$prefix."_ele_cons_comune as t2 where t1.id_cons_gen=t2.id_cons_gen and t2.id_cons_gen='$id_cons_gen' and t2.id_comune='$id_comune'";
[257]39$res = $dbi->prepare("$sql");
40$res->execute();
41list($descr_cons,$tipo_cons,$id_cons) = $res->fetch(PDO::FETCH_NUM);
[2]42
43include("modules/Elezioni/ele.php");
44include("inc/funzioni.php");
45
[239]46
[2]47function come() {
[239]48
[2]49 global $admin, $bgcolor1, $bgcolor2, $prefix, $dbi, $id_cons, $tipo_cons, $id_cons,$id_cons_gen, $editimage1,
50 $add_content, $add_preamble, $add_title, $vai,$mid,$tab,$op,$editor;
51
52 if ($tab=='_ele_come') echo "<center><font class=\"title\"><b>"._ADMINCOME."</b></font></center><br>";
53 elseif ($tab=='_ele_numeri') echo "<center><font class=\"title\"><b>"._ADMINNUMERI."</b></font></center><br>";
54 elseif ($tab=='_ele_servizi') echo "<center><font class=\"title\"><b>"._ADMINSERVIZI."</b></font></center><br>";
55 elseif ($tab=='_ele_link') echo "<center><font class=\"title\"><b>"._ADMINLINK."</b></font></center><br>";
56
[239]57 //echo "<br />";
[2]58
59
[239]60 echo "<center><font class=\"title\"><b>"._ALLCOME."</b></font><br/><br/>\n
61 <table border=\"0\" width=\"100%\" >\n
62 <td bgcolor=\"$bgcolor1\" align=\"center\"><b>"._TITOLO."</b></td>\n
63 <td bgcolor=\"$bgcolor1\" align=\"center\">&nbsp;<b>"._FUNZIONI."</b>&nbsp;</td></tr>\n";
64
65
[257]66 $sql="select mid, title,preamble, content, editimage from ".$prefix.$tab." where id_cons='$id_cons'";
67 $result = $dbi->prepare("$sql");
68 $result->execute();
69 while(list($mid2, $title, $preamble, $content, $editimage) = $result->fetch(PDO::FETCH_NUM)) {
[2]70
71 echo "<tr>"
72 ."<td align=\"center\" width=\"100%\">$title</td>"
73 ."<td align=\"right\" nowrap bgcolor=\"$bgcolor1\"><a href=\"admin.php?op=$op&amp;vai=editedit&amp;mid=$mid2&amp;id_cons_gen=$id_cons_gen\">
74 <img src=\"modules/Elezioni/images/edit.gif\" border=\"0\" align=\"middle\"> "._EDIT."</a> -
75 <a href=\"admin.php?op=$op&amp;vai=deleteedit&amp;mid=$mid2&amp;id_cons_gen=$id_cons_gen\">"._DELETE."
76 <img src=\"modules/Elezioni/images/delete.gif\" border=\"0\" align=\"middle\"></a>"
77 ."</td></tr>";
78
79 }
[239]80 echo "</table><br/>";
81 echo "<table border=\"0\" width=\"100%\"><tr><td>";
[2]82 echo "<br>";
83 if($vai=='editedit'){
[257]84 $sql="select title, preamble,content, editimage from ".$prefix.$tab." WHERE mid='$mid' AND id_cons='$id_cons'";
85 $result = $dbi->prepare("$sql");
86 $result->execute();
87 list($add_title,$add_preamble, $add_content, $editimage) = $result->fetch(PDO::FETCH_NUM);
[2]88 }
89//25.05.2009
90 $sql="SELECT editor,ed_user FROM ".$prefix."_config";
[257]91 $res = $dbi->prepare("$sql");
92 $res->execute();
93 list($editor,$ed_user) = $res->fetch(PDO::FETCH_NUM);
[2]94//
95
96 echo "<center><font class=\"title\"><b>"._ADDCOME."</b></font></center><br>";
97 echo "<form action=\"admin.php\" method=\"post\">";
98 echo "<br><b><h6>"._TITOLO.":</b><br>
99 <input class=\"modulo\" type=\"text\" name=\"add_title\" value=\"$add_title\" size=\"50\" maxlength=\"100\"><br><br>";
100 if ($op=="link"){
101 if ($add_preamble=='')$add_preamble="http://";
102 echo "<b>"._LINK.":</b><br>"
103 ."<input class=\"modulo\" name=\"add_preamble\" size=\"50\" value=\"$add_preamble\"><br><br><b>";
104 }else{
105 echo "<b>"._PREAMBOLO.":</b><br>";
106//25 maggio 2009
[239]107
108 if ($editor=="1"){ // cambiato ckeditori giugno 2015
[246]109 echo "<textarea class=\"modulo\" id=\"add_preamble\" name=\"add_preamble\" rows=\"7\" wrap=\"virtual\" cols=\"60\">$add_preamble</textarea><br><br><b>
[239]110 <script type=\"text/javascript\">
111 CKEDITOR.replace('add_preamble');
112 </script>";
113 // old fckeditor
114 //js_textarea("add_preamble", "$add_preamble", "$ed_user", "80", "10"); // 25 --> 24 maggio 2009 editor'
115 }else{
[2]116 echo "<textarea class=\"modulo\" name=\"add_preamble\" rows=\"7\" wrap=\"virtual\" cols=\"60\">$add_preamble</textarea><br><br><b>";
[239]117 }
118
[2]119//
120 echo "<br><br><b>";
121 }
122 if ($op=='come') echo _CONTENUTO;
123 elseif ($op=='numeri') echo _NUMERITEL;
124 elseif ($op=='servizi') echo _DESCRAPP;
125 elseif ($op=='link') echo _DESCRLINK;
126 echo ":</b><br>";
127 //( "._HELPHTML." )<br>";
128//25 maggio 2009
129
[239]130 if ($editor=="1")
[246]131 echo "<textarea class=\"modulo\" id= \"add_content\" name=\"add_content\" rows=\"15\" wrap=\"virtual\" cols=\"60\">$add_content</textarea><br><br>
[239]132 <script type=\"text/javascript\">
133 CKEDITOR.replace('add_content');
134 </script>";
135
136 // js_textarea("add_content", "$add_content", "$ed_user", "80", "20"); // 25 -->24 maggio 2009 editor old
[2]137 else
138 echo "<textarea class=\"modulo\" name=\"add_content\" rows=\"15\" wrap=\"virtual\" cols=\"60\">$add_content</textarea><br><br>";
139//
140 echo "<br/><br/>";
141 echo "<input type=\"hidden\" name=\"id_cons_gen\" value=\"$id_cons_gen\">"
142 ."<input type=\"hidden\" name=\"mid\" value=\"$mid\">"
143 ."<input type=\"hidden\" name=\"tab\" value=\"$tab\">"
144 ."<input type=\"hidden\" name=\"op\" value=\"$op\">";
145 if ($vai=='editedit'){
146 echo "<input type=\"hidden\" name=\"vai\" value=\"saveedit\">"
147 ."<input class=\"modulo-button\"type=\"submit\" value=\""._OK."\">";
148 }else{
149 echo "<input type=\"hidden\" name=\"vai\" value=\"addedit\">"
150 ."<input class=\"modulo-button\" type=\"submit\" value=\""._ADDCOME."\">";
151 }
152
153 echo "</form>";
154 echo "</td></tr></table></center>";
155 echo"</td></tr></table>";
156 include ("footer.php");
157}
158
159function saveedit($mid, $title, $preamble, $content) {
160 global $prefix, $dbi,$id_cons,$id_cons_gen,$tab,$op;
161
162$temp=$title.$preamble.$content;
[23]163 if (preg_match("/script/i",$temp)) die("La parola script e' proibita, devi toglierla dal testo.");
[257]164 $sql="update ".$prefix.$tab." set title='$title', preamble='$preamble', content='$content' WHERE mid='$mid' AND id_cons='$id_cons'";
165 $res = $dbi->prepare("$sql");
166 $res->execute();
[2]167 Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
168}
169
170function addedit($add_title, $add_preamble, $add_content) {
171 global $prefix, $dbi,$id_cons, $id_cons_gen,$tab,$op;
172
[257]173 $sql="insert into ".$prefix.$tab." (id_cons,title,preamble,content) values ('$id_cons', '$add_title', '$add_preamble','$add_content')";
174 $res = $dbi->prepare("$sql");
175 $res->execute();
176 if (!$res->rowCount()) {
[2]177 exit();
178 }
179 Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
180}
181
182
183function deleteedit($mid, $ok=0) {
184 global $prefix, $dbi, $id_cons,$id_cons_gen,$tab,$op;
185 if($ok) {
[257]186 $sql="delete from ".$prefix.$tab." where mid=$mid and id_cons='$id_cons'";
187 $res = $dbi->prepare("$sql");
188 $res->execute();
189 if (!$res->rowCount()) {
[2]190 return;
191 }
192 Header("Location: admin.php?op=$op&vai=come&id_cons_gen=$id_cons_gen");
193 } else {
194 ele();
195 OpenTable();
196 echo "<center><font size=\"4\"><b>"._ADMINCOME."</b></font></center>";
197 CloseTable();
198 echo "<br>";
199 OpenTable();
200 echo "<center>"._REMOVEINFO."";
201 echo "<br><br>[ <a href=\"admin.php?op=$op&amp;vai=come&amp;id_cons_gen=$id_cons_gen\">"._NO."</a> | <a href=\"admin.php?op=$op&amp;vai=deleteedit&amp;mid=$mid&amp;ok=1&amp;id_cons_gen=$id_cons_gen\">"._YES."</a> ]</center>";
202 CloseTable();
203 echo"</td></tr></table>";
204 include("footer.php");
205 }
206
207
208
209}
210switch ($vai){
211
212// or "come" or "servizi" or "editedit"
213 case "come":
214 ele();
215 come();
216 break;
217 case "editedit":
218 ele();
219 come();
220 break;
221
222 case "saveedit":
223 saveedit($mid, $add_title, $add_preamble,$add_content);
224 break;
225
226 case "numeri":
227 ele();
228 come();
229 break;
230
231 case "servizi":
232 ele();
233 come();
234 break;
235
236 case "link":
237 ele();
238 come();
239 break;
240
241
242
243 case "addedit":
244 addedit($add_title, $add_preamble,$add_content);
245 break;
246
247 case "deleteedit":
248 deleteedit($mid, $ok);
249 break;
250
251
252
253}
254
255?>
Note: See TracBrowser for help on using the repository browser.