n_u_h_o_n
Member
Copy đoạn code sau , lưu thành file Shout.php và up lên thư mục admincp/
<?php
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('NO_REGISTER_GLOBALS', 1);
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('shoutmanager');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
require_once('./includes/functions_bbcodeparse.php');
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminshouts'))
{
print_cp_no_permission();
}
// ############################# LOG ACTION ###############################
log_admin_action(iif ($shoutid != 0, "shout id = $shoutid"));
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
print_cp_header($vbphrase['shout_manager']);
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'modify';
}
$checkall = '<input type="checkbox" name="allbox" title="' . $vbphrase['check_all'] . '" onclick="js_check_all(this.form);" />';
// ##################################### EDIT ####################################
if ($_REQUEST['do'] == 'edit')
{
globalize($_REQUEST, array('shoutid' => INT));
$shout = $DB_site->query_first("SELECT * FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
print_form_header('shout', 'doupdate');
construct_hidden_code('shoutid', $shoutid);
print_table_header($vbphrase['edit_shout']);
print_textarea_row($vbphrase['shout'], 'pagetext', $shout['pagetext'], 5, 60);
print_submit_row($vbphrase['save']);
}
####################################### UPDATE ############################################
if ($_POST['do'] == 'update')
{
globalize($_POST, array(
'shoutid' => INT,
'pagetext' => STR
));
$DB_site->query("UPDATE " . TABLE_PREFIX . "shout SET pagetext = '" . addslashes($pagetext) . "' WHERE shoutid = $shoutid");
define('CP_REDIRECT', 'shout.php?do=modify');
print_stop_message('saved_shout_no_x_successfully', $shoutid);
}
// ######################################## MULTIKILL #####################################
if ($_POST['do'] == 'multikill')
{
globalize($_POST, array('killshout'));
if (sizeof($killshout) == 1)
{
foreach ($killshout as $key => $val)
{
$shoutid = $key;
break;
}
$_POST['do'] = 'kill';
}
$shoutids = $killshout;
unset($killshout);
foreach ($shoutids as $shoutid => $yes)
{
if ($yes)
{
$DB_site->query("DELETE FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
}
}
$_REQUEST['do'] = 'modify';
}
// ######################################## KILL #####################################
if ($_POST['do'] == 'kill')
{
globalize($_POST, array('shoutid' => INT));
$DB_site->query("DELETE FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
$_REQUEST['do'] = 'modify';
}
// ####################################### REMOVE #####################################
if ($_REQUEST['do'] == 'remove')
{
globalize($_REQUEST, array('shoutid'));
if (sizeof($shoutid) == 1)
{
foreach ($shoutid as $key => $val)
{
$shoutid = $key;
break;
}
}
if (is_array($shoutid))
{
print_form_header('shout', 'multikill');
print_table_header($vbphrase['confirm_shout_deletion'], 4);
print_description_row($vbphrase['please_check_shouts_to_delete'], 0, 4);
print_cells_row(array('#', $vbphrase['shouter'], $vbphrase['shout'], $checkall), 1, '', -2);
foreach ($shoutid as $key => $val)
{
$shoutids .= ", $key";
}
$shouts = $DB_site->query("
SELECT shout.*, user.username
FROM " . TABLE_PREFIX . "shout AS shout
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = shout.userid)
WHERE shout.shoutid IN (0$shoutids)
ORDER BY shout.dateline DESC
");
while ($shout = $DB_site->fetch_array($shouts))
{
$cell = array($shout['shoutid'], $shout['username']);
$cell[] = str_replace('images/smilies', '../images/smilies', parse_bbcode($shout['pagetext'], 'shoutbox'));
$cell[] = "<input type=\"checkbox\" name=\"killshout[" . $shout['shoutid'] . "]\" id=\"killshout[" . $shout['shoutid'] . "]\" value=\"1\" tabindex=\"1\"" . iif ($GLOBALS['debug'], " title=\"name="killshout[" . $shout['shoutid'] . "]"\"") . " />";
print_cells_row($cell, 0, '', -2);
}
print_submit_row($vbphrase['remove_shouts'], '_default_', 4);
print_cp_footer();
}
print_delete_confirmation('shout', $shoutid, 'shout', 'kill', 'shout', 0, '', 'shoutid');
}
// ########################################### SEARCH #####################################################
if ($_POST['do'] == 'search')
<?php
// ######################## SET PHP ENVIRONMENT ###########################
error_reporting(E_ALL & ~E_NOTICE);
// ##################### DEFINE IMPORTANT CONSTANTS #######################
define('NO_REGISTER_GLOBALS', 1);
// #################### PRE-CACHE TEMPLATES AND DATA ######################
$phrasegroups = array('shoutmanager');
$specialtemplates = array();
// ########################## REQUIRE BACK-END ############################
require_once('./global.php');
require_once('./includes/functions_bbcodeparse.php');
// ######################## CHECK ADMIN PERMISSIONS #######################
if (!can_administer('canadminshouts'))
{
print_cp_no_permission();
}
// ############################# LOG ACTION ###############################
log_admin_action(iif ($shoutid != 0, "shout id = $shoutid"));
// ########################################################################
// ######################### START MAIN SCRIPT ############################
// ########################################################################
print_cp_header($vbphrase['shout_manager']);
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'modify';
}
$checkall = '<input type="checkbox" name="allbox" title="' . $vbphrase['check_all'] . '" onclick="js_check_all(this.form);" />';
// ##################################### EDIT ####################################
if ($_REQUEST['do'] == 'edit')
{
globalize($_REQUEST, array('shoutid' => INT));
$shout = $DB_site->query_first("SELECT * FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
print_form_header('shout', 'doupdate');
construct_hidden_code('shoutid', $shoutid);
print_table_header($vbphrase['edit_shout']);
print_textarea_row($vbphrase['shout'], 'pagetext', $shout['pagetext'], 5, 60);
print_submit_row($vbphrase['save']);
}
####################################### UPDATE ############################################
if ($_POST['do'] == 'update')
{
globalize($_POST, array(
'shoutid' => INT,
'pagetext' => STR
));
$DB_site->query("UPDATE " . TABLE_PREFIX . "shout SET pagetext = '" . addslashes($pagetext) . "' WHERE shoutid = $shoutid");
define('CP_REDIRECT', 'shout.php?do=modify');
print_stop_message('saved_shout_no_x_successfully', $shoutid);
}
// ######################################## MULTIKILL #####################################
if ($_POST['do'] == 'multikill')
{
globalize($_POST, array('killshout'));
if (sizeof($killshout) == 1)
{
foreach ($killshout as $key => $val)
{
$shoutid = $key;
break;
}
$_POST['do'] = 'kill';
}
$shoutids = $killshout;
unset($killshout);
foreach ($shoutids as $shoutid => $yes)
{
if ($yes)
{
$DB_site->query("DELETE FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
}
}
$_REQUEST['do'] = 'modify';
}
// ######################################## KILL #####################################
if ($_POST['do'] == 'kill')
{
globalize($_POST, array('shoutid' => INT));
$DB_site->query("DELETE FROM " . TABLE_PREFIX . "shout WHERE shoutid = $shoutid");
$_REQUEST['do'] = 'modify';
}
// ####################################### REMOVE #####################################
if ($_REQUEST['do'] == 'remove')
{
globalize($_REQUEST, array('shoutid'));
if (sizeof($shoutid) == 1)
{
foreach ($shoutid as $key => $val)
{
$shoutid = $key;
break;
}
}
if (is_array($shoutid))
{
print_form_header('shout', 'multikill');
print_table_header($vbphrase['confirm_shout_deletion'], 4);
print_description_row($vbphrase['please_check_shouts_to_delete'], 0, 4);
print_cells_row(array('#', $vbphrase['shouter'], $vbphrase['shout'], $checkall), 1, '', -2);
foreach ($shoutid as $key => $val)
{
$shoutids .= ", $key";
}
$shouts = $DB_site->query("
SELECT shout.*, user.username
FROM " . TABLE_PREFIX . "shout AS shout
LEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = shout.userid)
WHERE shout.shoutid IN (0$shoutids)
ORDER BY shout.dateline DESC
");
while ($shout = $DB_site->fetch_array($shouts))
{
$cell = array($shout['shoutid'], $shout['username']);
$cell[] = str_replace('images/smilies', '../images/smilies', parse_bbcode($shout['pagetext'], 'shoutbox'));
$cell[] = "<input type=\"checkbox\" name=\"killshout[" . $shout['shoutid'] . "]\" id=\"killshout[" . $shout['shoutid'] . "]\" value=\"1\" tabindex=\"1\"" . iif ($GLOBALS['debug'], " title=\"name="killshout[" . $shout['shoutid'] . "]"\"") . " />";
print_cells_row($cell, 0, '', -2);
}
print_submit_row($vbphrase['remove_shouts'], '_default_', 4);
print_cp_footer();
}
print_delete_confirmation('shout', $shoutid, 'shout', 'kill', 'shout', 0, '', 'shoutid');
}
// ########################################### SEARCH #####################################################
if ($_POST['do'] == 'search')