File: /home/temp/autoprokat.vladweb.ru/includes/admin/auto.php
<?php
foreach($_POST as $k=>$v){
$$k = $v;
}
if(isset($_GET['AUTO']))
{
if(isset($_GET['delt']))
{
$Query="DELETE FROM auto WHERE a_id=".(int)$_GET['delt'];
@mysql_query($Query) or DIE ("DELETE ERROR! ".MYSQL_ERROR());
header("Location: ./?AUTO");
exit;
}
elseif(isset($_GET['edit']))
{
$sql ="select * from auto where a_id=".(int)$_GET['edit'];
$res=mysql_query($sql) or DIE ("SELECT * FROM auto ERROR! ".MYSQL_ERROR());
$auto=array();
while($rowa=mysql_fetch_array($res)){ $auto=$rowa;};
if (isset($auto['a_isooo'])&&$auto['a_isooo'] == '1') {$auto['a_isooo']='checked';} else {$auto['a_isooo']='';};
$smarty->assign("auto", $auto);
$smarty->assign("admin_main_content_template", "edit_auto.tpl");
}
elseif(isset($_POST['edit']))
{
if (isset($_POST['isooo'])&&$_POST['isooo'] == '1')
{$isooo = '1'; }
else
{$isooo = '0'; }
$a_carprice = (isset($a_carprice))?$a_carprice:0;
$isooo = (isset($isooo))?$isooo:0;
$IQ="UPDATE auto
set
`a_firma` ='{$a_firma}',
`a_marka` ='{$a_marka}',
`a_year` = '{$a_year}',
`a_number` = '{$a_number}',
`a_color` = '{$a_color}' ,
`a_kuzov` = '{$a_kuzov}' ,
`a_engine` = '{$a_engine}',
`a_registr` = '{$a_registr}',
`a_dvidachi` = '{$a_dvidachi}',
`a_owner` = '{$a_owner}',
`a_ownerinfo` = '{$a_ownerinfo}',
`a_isooo` = '{$isooo}',
`a_carprice` = '{$a_carprice}'
where
`a_id` ='".(int)$_POST['edit']."' " ;
@mysql_query($IQ) or DIE ("EDIT ERROR!!!!!! ".MYSQL_ERROR());
header("Location: ./?AUTO&&addipicid=".$_POST['edit']."&&addipic");
exit;
}
elseif(isset($_GET['addi']))
{
$smarty->assign("admin_main_content_template", "add_auto.tpl");
}
elseif(isset($_POST['addi']))
{
$a_carprice = (isset($a_carprice))?$a_carprice:0;
$isooo = (isset($isooo))?$isooo:0;
$IQ="INSERT INTO auto VALUES ('0', '{$a_firma}', '{$a_marka}', '{$a_year}','{$a_number}','{$a_color}','{$a_kuzov}','{$a_engine}','{$a_registr}','{$a_dvidachi}', 'NULL', '{$a_owner}', '{$a_ownerinfo}', '{$isooo}', '{$a_carprice}')" ;
@mysql_query($IQ) or DIE ("INSERT ERROR!!!!!! ".MYSQL_ERROR());
header("Location: ./?AUTO&&addipic&&addipicid=".mysql_insert_id());
exit;
}
elseif(isset($_GET['addipic']))
{
$IQ="select a_picname from auto where a_id = ".$_GET['addipicid'];
$result = mysql_query($IQ) or DIE ("Read pict error!!!!!! ".MYSQL_ERROR());
$tekpic = ''; $teka = ''; $tektekst = '';
if (mysql_num_rows($result) > 0)
{
$cres=mysql_result($result, 0, 'a_picname');
if (!empty($cres) && ($cres <> 'NULL'))
{
$tekpic = '<img src="'.UPLOAD_AUTO_DIR.'preview_'.mysql_result($result, 0, 'a_picname').'"> <br>';
$tektekst = 'Текущее изображение:<br><br>';
$teka = '<a href="./?AUTO&&deletepic='.$_GET['addipicid'].'"> Удалить </a><br><br>';
}
}
$smarty->assign("tektekst", $tektekst);
$smarty->assign("teka", $teka);
$smarty->assign("tekpic", $tekpic);
$smarty->assign("addipicid", $_GET['addipicid']);
$smarty->assign("admin_main_content_template", "add_auto_pic.tpl");
}
elseif(isset($_POST['addipic']))
{
include './includes/upload_pic.php';
}
//_____________________________________________________________ delete auto picture
elseif(isset($_GET['deletepic']))
{
$sql="select a_picname from auto where a_id = ".$_GET['deletepic'];
$result1 = mysql_query($sql) or DIE ("Delete pict read error!!!!!! ".MYSQL_ERROR());
if (mysql_num_rows($result1) > 0)
{
$cres = mysql_result($result1, 0, 'a_picname');
if (!empty($cres) && ($cres != 'NULL'))
{
unlink(UPLOAD_AUTO_DIR.'preview_'.$cres);
unlink(UPLOAD_AUTO_DIR.$cres);
}
}
$sql ="update auto set a_picname='' where a_id=".$_GET['deletepic'];
$result = mysql_query($sql) or DIE ("Delete pict error!!!!!! ".MYSQL_ERROR());
header("Location: ./?AUTO&&addipic&&addipicid=".$_GET['deletepic']);
exit;
}
//_____________________________________________________________ view auto picture
elseif(isset($_GET['view']))
{
$sql ="select * from users where u_id=".(int)$_GET['view'];
$res=mysql_query($sql) or DIE ("SELECT * FROM users ERROR! ".MYSQL_ERROR());
$user=array();
while($rowa=mysql_fetch_array($res)) { $user=$rowa;};
$smarty->assign("user", $user);
$smarty->assign("admin_main_content_template", "view_user.tpl");
}
else
{
$sql ="select * from auto order by `a_firma`,`a_marka`,`a_year`";
$res=mysql_query($sql) or DIE ("SELECT * FROM auto ERROR! ".MYSQL_ERROR());
$auto=array();
while($rowa=mysql_fetch_array($res))
{ $auto[]=$rowa; };
$smarty->assign("auto", $auto);
$smarty->assign("admin_main_content_template", "auto.tpl");
};
}
?>