. if (!defined('EG')) die('Direct access not allowed!'); class AdminnewsController extends Controller { function __construct($model, $controller, $queryString) { parent::__construct($model, $controller, $queryString); $this->load('header_back'); $this->load('footer_back','last'); $this->session('admin'); $this->model('NewsModel'); $this->modelName = 'NewsModel'; $this->m['NewsModel']->setFields('title,message','sanitizeAll'); $this->setArgKeys(array('page:forceNat'=>1,'token:sanitizeAll'=>'token')); } public function main() { $this->shift(); $this->s['admin']->check(); if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); $this->loadScaffold('main'); $this->scaffold->loadMain('news:id_news,news:title,smartDate|news:creation_date','news:id_news','edit,del'); $this->scaffold->setHead('NEWS ID,TITLE,DATE'); $this->scaffold->update('del'); $data['scaffold'] = $this->scaffold->render(); $this->append($data); $this->load('main'); } public function form($queryType = 'insert') { $this->shift(1); $this->s['admin']->check(); if (!$this->s['admin']->checkCsrf($this->viewArgs['token'])) $this->redirect('panel/main/',2,'wrong token..'); $this->m['NewsModel']->updateTable('insert,update'); $this->loadScaffold('form'); $this->scaffold->loadForm($queryType,"adminnews/form/$queryType"); $this->scaffold->getFormValues('sanitizeHtml'); $data['scaffold'] = $this->scaffold->render(); $this->append($data); $this->load('main'); } }