Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- @file news.class.php
- @author ErF
- @date 04.05.2010r.
- @copyright 2010r.
- */
- class News
- {
- private $host = "";
- private $user = "";
- private $pass = "";
- private $db_name = "";
- private $limit = 0;
- private $con = 0;
- public function __construct()
- {
- require("config.php");
- $this->host = $host;
- $this->user = $user;
- $this->pass = $password;
- $this->db_name = $db_name;
- $this->con = @mysql_connect($this->host, $this->user, $this->password) or die ("Unable to connect database.");
- @mysql_select_db($this->db_name) or die ("Unable to select database.");
- }
- public function addNews($author, $title, $body, $cat)
- {
- $author = $this->usun($author);
- $title = $this->usun($title);
- $body = $this->usun($body);
- $cat = $this->usun($cat);
- $query = sprintf("INSERT INTO `news` (`title`, `body`, `author`, `cat`, `date`) VALUES ('%s', '%s', '%s', '%d', CURDATE())", $title, $body, $author, $cat);
- $res = @mysql_query($query);
- }
- public function delNews($id)
- {
- $id = $this->usun($id);
- if(is_numeric($id))
- {
- @mysql_query("DELETE FROM `news` WHERE id = '$id'");
- $this->closeMySQL($this->con);
- }
- }
- public function editNews($id, $title, $body, $cat)
- {
- $id = $this->usun($id);
- $title = $this->usun($title);
- $body = $this->usun($body);
- $cat = $this->usun($cat);
- if(is_numeric($id))
- {
- $query = sprintf("UPDATE `news` SET title = '%s', body = '%s' AND cat = '%d' WHERE `id` = '%d'", $title, $body, $cat, $id);
- $res = @mysql_query($query);
- $this->closeMySQL($this->con);
- }
- }
- private function closeMySQL()
- {
- mysql_close($this->con);
- }
- public function usun($val)
- {
- if(get_magic_quotes_gpc())
- {
- $val = stripslashes($val);
- }
- $val = mysql_real_escape_string($val);
- return $val;
- }
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement