<?
//ini_set('display_errors','On'); 
#predefined vars#
$sub=1;//若一個站有兩個以上的news.php的話，請把news.php另存成另一個檔名，並修改$sub的數字為2,3以此類推，即可產生同站下無限個最新消息

$uppath=explode("public_html",__FILE__); 

$lsfname=explode("/",$_SERVER['PHP_SELF']);
$uppath=str_replace($lsfname[count($lsfname)-1],"",$uppath[1])."fckup/";

$query=$_SERVER['QUERY_STRING'];

#include#
include_once("inc.php");
$pagecount=$config["news_row"];//一頁顯示行數;

#get template#
$theme_temp=file_get_contents("theme_news_rwd.html");

if(empty( $_SESSION["adm"]))  $theme_temp=file_get_contents("theme_news_rwd.html");

$list_temp=oki_gettemp($theme_temp,"list");
$detail_temp=oki_gettemp($theme_temp,"detail");
$msg_temp=oki_gettemp($theme_temp,"msg");
$menu_temp=oki_gettemp($theme_temp,"menu");


#get requests#
$args=$_REQUEST;

$act=trim($args["act"]);
$submit=trim($args["submit"]);
$page=trim($args["page"]);
$type=trim($args["type"]);

if($type=="s"){
 $theme_temp=file_get_contents("theme_news_sd.html");
 $list_temp=oki_gettemp($theme_temp,"list");
 $detail_temp=oki_gettemp($theme_temp,"detail");
 $msg_temp=oki_gettemp($theme_temp,"msg");

 $pagecount=$config["news_row_s"];
}
//if($page==0||gettype($page)!="integer") $page=1;
if($page==0) $page=1;

$id=trim($args["id"]);


#begin judge#
if($act!=""){

 if($_COOKIE["ad_logged"]!=$config["tab_name"]) {
 
   $theme_temp=str_replace($list_temp,"",$theme_temp); 
   $theme_temp=str_replace($detail_temp,"",$theme_temp); 
   
   $theme_temp=str_replace("{backurl}",$_SERVER['SCRIPT_NAME'],$theme_temp);
   $theme_temp=str_replace("{msg}","您沒有權限進行當前的動作！",$theme_temp); 
   echo $theme_temp;
   exit;

 };

 if($act=="new"||$act=="upd"){
    $act=="new" ? $sql="insert into uni_news set " : $sql=" update uni_news set "; 
	$sql.=" th_title='".$args["title"]."' ,";
	$args["detail"]=str_replace($uppath,"fckup/",$args["detail"]);
	$sql.=" th_detail='".$args["detail"]."' ,";
	
	if($act=="new") {
	 $sql.=" sub='".$sub."', ";
	 $sql.=" tab_name='".$config["tab_name"]."', ";  
	 $sql.=" upddate=$taiwantime, ";  
	 $sql.=" date=$taiwantime ";  
	}
	if($act=="upd"){
	 $sql.=" upddate=$taiwantime ";  
	 $sql.=" where uid=$id and tab_name='".$config["tab_name"]."' and sub='".$sub."'"; 
	}
	
	$result=SQL_ExecSQLs($sql);
	if($result==1) {
	 $theme_temp=str_replace($list_temp,"",$theme_temp); 
     $theme_temp=str_replace($detail_temp,"",$theme_temp);
	 $theme_temp=str_replace("{backurl}",$_SERVER['SCRIPT_NAME'],$theme_temp);
     $theme_temp=str_replace("{msg}","資料輸入成功！",$theme_temp); 	
	}else{
	 $theme_temp=str_replace($detail_temp,$detail_temp.oki_alert("資料輸入失敗"),$theme_temp);
	 if($act=='new') $id="new";
	}
	
 
 }//end new upd
 
 
 if($act=="up"||$act=="down"){
   
  $ori=SQL_GetRowResult("select * from uni_news where uid=$id and tab_name='".$config["tab_name"]."' and sub='".$sub."'");

  if($act=="up") $sql="select * from uni_news where uid>$id and status<>-1 and  tab_name='".$config["tab_name"]."' and sub='".$sub."' order by uid asc limit 0,1";
  if($act=="down") $sql="select * from uni_news where uid<$id and status<>-1 and tab_name='".$config["tab_name"]."' and sub='".$sub."' order by uid desc limit 0,1";
  
  
   $rep=SQL_GetRowResult($sql);
   $repuid=$rep['uid'];
   if($ori!=NULL&&$rep!=NULL){
  
    #rep#
    $sql="update uni_news set ";
	foreach($ori as $key => $value) {
      if($key!="uid"&&isNaN($key)) $sql.="$key = '".$value."',";
    }
	$sql.="_end where uid=".$repuid;
	$sql=str_replace(",_end","",$sql);
	SQL_ExecSQLs($sql);
	
	#ori#
	$sql="update uni_news set ";
	foreach($rep as $key => $value) {
      if($key!="uid"&&isNaN($key)) $sql.="$key = '".$value."',";
    }
	$sql.="_end where uid=".$id;
	$sql=str_replace(",_end","",$sql);
   
 
    SQL_ExecSQLs($sql);
		
	$output=oki_alert("修改排序成功！"); 
	
	
   }else{
  
     $output=oki_alert("排序未修改！"); 
     
   } 
   $output.=oki_gourl($_SERVER['SCRIPT_NAME']."?".$args['return_url']);
    header('Content-type: text/html; charset=utf-8');
    echo $output;
    exit;
   
 }//end odr
 
 
 if($act=="opn"||$act=="hid"){
  $sql="update uni_news set ";
  $act=="opn" ? $sql.=" status='' " : $sql.=" status='N' ";
  $sql.=" where uid=".$id." and tab_name='".$config["tab_name"]."' and sub='".$sub."'";
  SQL_ExecSQLs($sql);
  header("location:".$_SERVER['SCRIPT_NAME']."?".$args['return_url']);
  exit;
 
 }//end opn
 
 
 if($act=="del"){
 
  $sql="update uni_news set status=-1";
  $sql.=" where uid=".$id." and tab_name='".$config["tab_name"]."' and sub='".$sub."'";
  SQL_ExecSQLs($sql);
  
   $theme_temp=oki_alert("資料已刪除！"); 
   $theme_temp.=oki_gourl($_SERVER['SCRIPT_NAME']."?".$args['return_url']);
   //header('Content-type: text/html; charset=utf-8');
 
 }//end del

}//end act


  if($id!=""){
    $sql="select * from uni_news where status<>-1 and tab_name='".$config['tab_name']."' and sub='".$sub."' and uid='".$id."'";
    $result=SQL_GetRowResult($sql); 
    
	if($result==NULL&&$id!="new"){
	
	    $theme_temp=str_replace($list_temp,"",$theme_temp); 
        $theme_temp=str_replace($detail_temp,"",$theme_temp); 
   
        $theme_temp=str_replace("{backurl}","javascript:history.back()",$theme_temp);
        $theme_temp=str_replace("{msg}","找不到任何資料！",$theme_temp); 
   

	}else if($_COOKIE["ad_logged"]==$config["tab_name"]){	
	    $uppath=addslashes($uppath);
		
		//exit;
	    $theme_temp=str_replace($list_temp,"",$theme_temp); 
        $theme_temp=str_replace($msg_temp,"",$theme_temp);
		
		$form_start=$form_js."<form name=form1 method=post enctype=\"multipart/form-data\"  action='' onsubmit='return form_chk(this.name)'>\n";
		$id=='new' ? $form_start.="<input type=hidden name=act value=new>\n" : $form_start.="<input type=hidden name=act value=upd><input type=hidden name=id value=$id>\n";
		
		$form_btn="<input type=reset name=submit value='重置'><input type=submit name=submit value='送出'>";
		$form_end="</form>";
		 
		$theme_temp=str_replace($detail_temp,$form_start.$detail_temp.$form_end,$theme_temp);
		 
		$ipt=$args;
		if($submit=="") {
		 $ipt=$result;
		 $ipt["title"]=$result['th_title'];
		 $ipt["detail"]=$result['th_detail'];
		}    
		
		$ipt["detail"]=str_replace("fckup/",$uppath,$ipt["detail"]);

		
		$theme_temp=str_replace("{title}",oki_form_input("title",$ipt['title'],"","","80%"," ifnull='標題' "),$theme_temp);
		
		ob_start();
		fck_create2($ipt['detail'],"detail",$uppath);
		$detail_rep=ob_get_contents();
	    ob_clean();
		
		$theme_temp=str_replace("{detail}",$detail_rep.$form_btn,$theme_temp);
		$theme_temp=str_replace("{date}",$ipt['date'],$theme_temp);
		
	
	}else{
	    $theme_temp=str_replace($list_temp,"",$theme_temp); 
        $theme_temp=str_replace($msg_temp,"",$theme_temp); 
   
        //$test="src=\"http://w12456789/fckup/";
        //echo "preg:".preg_replace("/src=\"(.)*fckup/","src=\"fckup",$test);//src=\"[a-z0-9._\-\/]*fckup
		
		#170308 delete spic and short in detail#

		  #170308 cus new#
		  $short=$simg="";
		  $short_tmp=explode("[short]",$result["th_detail"]);
		  $simg_tmp=explode("[simg]",$result["th_detail"]);
		  if(!empty($short_tmp[1])) $short=$short_tmp[1];
		  if(!empty($simg_tmp[1])) $simg=$simg_tmp[1];
		  $result["th_detail"]=str_replace(array("[simg]","[short]",$simg,$short),"",$result["th_detail"]);
		
         
        $result["th_detail"]=preg_replace("/src=\"(.)*fckup/","src=\"fckup",$result["th_detail"]);  
        $theme_temp=str_replace("{title}",$result["th_title"],$theme_temp);
		$theme_temp=str_replace("{detail}",$result["th_detail"],$theme_temp);
		$theme_temp=str_replace("{date}",$result["date"],$theme_temp);
		
	}
  
  } else {//begin list
  
  
  #set new button#
  
  $status=" status='' ";
  if($_COOKIE["ad_logged"]==$config["tab_name"]){
    
    $list_rep=str_replace("<!--{new_button}-->","<div class='ripple2' ><input type=button name=new value=新增消息 onclick=\"window.location='?id=new'\"></div>",$list_temp);
	$adm_func="<a href='?act=up&id={id}&return_url=".$query."'>[往上</a>]";
	$adm_func.="[<a href='?act=down&id={id}&return_url=".$query."'>往下</a>]";
	$adm_func.=" [<a href=\"javascript:if(confirm('您確定要刪除此項資料？')) window.location='?act=del&id={id}&return_url=".$query."'\">刪除</a>] [{view}]";
    $list_rep=str_replace("{title}","{title}<br>".$adm_func,$list_rep);
	$theme_temp=str_replace($list_temp,$list_rep,$theme_temp);
	$list_temp=$list_rep;	
	
	$status=" status<>-1 ";
  }
   
  $cat.=" and tab_name='".$config['tab_name']."' and sub='".$sub."'  ";
  #get page num# 
  $sql="select count(uid)  from uni_news where $status  ".$cat." order by uid desc ";
  $totalcount=SQL_GetResult($sql); 	
 
  $maxpage=ceil($totalcount/$pagecount);
  if(($page>$maxpage)&&($maxpage!=0)) $page=$maxpage;
 
  #get alldata# 
  $sql="select * from uni_news where $status  ".$cat." order by uid desc ";
  $sql.=" limit ".(($page-1)*$pagecount)." , $pagecount ";
  $result=SQL_GetResultFields($sql);
    
  
    if($result==NULL){
	
	    $lsloop_temp=oki_gettemp($list_temp,"loop");	
	    $list_temp=str_replace($lsloop_temp,"<td align=center>無資料！</td>",$list_temp); 
		
		$theme_temp=str_replace(oki_gettemp($theme_temp,"list"),$list_temp,$theme_temp);
	    $theme_temp=str_replace($detail_temp,"",$theme_temp); 
		$theme_temp=str_replace($msg_temp,"",$theme_temp); 
   
        //$theme_temp=str_replace("{backurl}","javascript:history.back()",$theme_temp);
        //$theme_temp=str_replace("{msg}","找不到任何資料！",$theme_temp); 
	
	
	}else{
	
	    $theme_temp=str_replace($detail_temp,"",$theme_temp); 
        $theme_temp=str_replace($msg_temp,"",$theme_temp); 
   
   
        $lsloop_temp=oki_gettemp($list_temp,"loop");
		
		$lsloop_all="";
		$i=1;
		foreach($result as $value){
		$lsloop_rep=$lsloop_temp;
       
	    $lsloop_rep=str_replace("{num}",(($page-1)*$config['news_row']+$i),$lsloop_rep);
	    $lsloop_rep=str_replace("{id}",$value["uid"],$lsloop_rep);
		$lsloop_rep=str_replace("{title}",$value["th_title"],$lsloop_rep);
		$resdate=explode(" ",$value["date"]);
		$lsloop_rep=str_replace("{date}",$resdate[0],$lsloop_rep);
		
		
		  #170308 cus new#
		  $short=$simg="";
		  $short_tmp=explode("[short]",$value["th_detail"]);
		  $simg_tmp=explode("[simg]",$value["th_detail"]);
		  if(!empty($short_tmp[1])) $short=strip_tags($short_tmp[1])."";
		  if(!empty($simg_tmp[1])){
			   //$simg=$simg_tmp[1];
			   $simg = (string) @reset(simplexml_import_dom(DOMDocument::loadHTML($simg_tmp[1]))->xpath("//img/@src"));
		       if(strpos($simg,"fckup/")!==false) $simg=str_replace("fckup/","/".$config["adm_id"]."/fckup/",$simg);
		  }
		  $lsloop_rep=str_replace(array("{img}","{short}"),array($simg,$short),$lsloop_rep);
	
		
		if($_COOKIE["ad_logged"]==$config["tab_name"]) $value["status"]=="" ? $lsloop_rep=str_replace("{view}","<a href='?act=hid&id=".$value['uid']."&return_url=".$query."'>關閉</a>",$lsloop_rep) : $lsloop_rep=str_replace("{view}","<a href='?act=opn&id=".$value['uid']."&return_url=".$query."'>開啟</a>",$lsloop_rep);
		
		$lsloop_all.=$lsloop_rep;
		$i++;
		}//end foreach
		$theme_temp=str_replace($lsloop_temp,$lsloop_all,$theme_temp);
		
		$pagelink=$_SERVER['SCRIPT_NAME']."?gopage=".$page;
		$pagenum=get_page_num($page,$maxpage,$pagelink,$jsfunc='',$totalcount,5);
		$theme_temp=str_replace("<!--{page_num}-->",$pagenum,$theme_temp);
		
	}//end llst  
  
  }//end if id


if($_COOKIE["ad_logged"]!=$config["tab_name"]) { 

   $theme_temp=str_replace(oki_gettemp($theme_temp,"menu"),"",$theme_temp);  //if not logged ,unset menu form
}

   header('Content-type: text/html; charset=utf-8');
   
   //print_r($_COOKIE);
   echo $theme_temp;

   //error_reporting(E_ALL);
   exit; 


?>