Файл: forum/index.php
Строк: 453
<?php
require_once '../sys/inc/start.php';
require_once '../sys/inc/compress.php';
require_once '../sys/inc/sess.php';
require_once '../sys/inc/settings.php';
require_once '../sys/inc/db_connect.php';
require_once '../sys/inc/ipua.php';
require_once '../sys/inc/fnc.php';
require_once '../sys/inc/user.php';
if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE" . ((!isset($user) || $user['level'] == 0) ? " `adm` = '0' AND" : null) . " `id` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_them']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_post']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '" . intval($_GET['id_post']) . "' AND `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1) {
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$razdel = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$them = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_t` WHERE `id` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '" . intval($_GET['id_post']) . "' AND `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$post2 = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' ORDER BY `id` DESC LIMIT 1"));
if (isset($user)) {
$ank = get_user($post['id_user']);
if (isset($_GET['act']) && $_GET['act'] == 'edit' && isset($_POST['msg']) && isset($_POST['post']) && ((user_access('forum_post_ed')) || (isset($user) && $user['id'] == $post['id_user']))) {
$msg = $_POST['msg'];
if (utf8_strlen($msg) < 2) {
$err[] = "Короткое сообщение";
}
if (utf8_strlen($msg) > 10024) {
$err[] = "Длина сообщения превышает предел в 10024 символов";
}
$mat = antimat($msg);
if ($mat) {
$err[] = 'В тексте сообщения обнаружен мат: ' . $mat;
}
if (!isset($err)) {
mysql_query("INSERT INTO `forum_phis` (`id_user`, `id_forum`, `id_razdel`, `id_them`, `id_post`, `msg`, `data`) VALUES ('$user[id]', '" . intval($_GET['id_forum']) . "', '" . intval($_GET['id_razdel']) . "', '" . intval($_GET['id_them']) . "', '" . intval($_GET['id_post']) . "', '$post[msg]', '$time')");
mysql_query("UPDATE `forum_p` SET `msg` = '" . mysql_real_escape_string($msg) . "', `red`='1' WHERE `id` = '$post[id]' LIMIT 1");
}
} elseif (isset($_GET['act']) && $_GET['act'] == 'edit' && (user_access('forum_post_ed') && ($ank['level'] < $user['level'] || $ank['level'] == $user['level'] && $ank['id'] == $user['id']) || isset($user) && $post['id_user'] == $user['id'])) {
$set['title'] = 'Форум - редактирование поста';
require_once '../sys/inc/thead.php';
aut();
echo "<form class = 'foot' name = 'message' method = 'POST' action = '/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>";
$msg2 = output_text($post['msg'], false, true, false, false, false);
echo "Сообщение:<br />";
echo text::auto_bb("message", "msg");
echo L . "<textarea name = 'msg'>" . $msg2 . "</textarea><br />";
echo "<input name = 'post' value = 'Изменить' type = 'submit' />";
echo "</form><div class = 'foot'>";
echo "<img src = '/style/icons/cross.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/delete'>Удалить пост</a>";
echo "</div><div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
} elseif (isset($_GET['act']) && $_GET['act'] == 'delete' && isset($user) && $them['close'] == 0 && ((user_access('forum_post_ed') && ($ank['level'] <= $user['level'] || $ank['level'] == $user['level'] && $ank['id'] == $user['id'])) || $post['id'] == $post2['id'] && $post['id_user'] == $user['id'] && $post['time'] > time() - 600)) {
mysql_query("DELETE FROM `forum_p` WHERE `id` = '" . intval($_GET['id_post']) . "' AND `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1");
mysql_query("DELETE FROM `forum_opr` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "'");
mysql_query("DELETE FROM `forum_opres` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "'");
mysql_query("DELETE FROM `forum_phis` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "'");
} elseif (isset($_GET['act']) && $_GET['act'] == 'msg' && $them['close'] == 0 && isset($user)) {
$ank = get_user($post['id_user']);
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
aut();
echo "<form class = 'foot' name = 'message' method = 'POST' action = '/forum/$forum[id]/$razdel[id]/$them[id]/new'>";
echo "<a href = '/info.php?id=$ank[id]'>Посмотреть профиль</a><br />";
$msg2 = $ank['nick'] . ', ';
echo text::auto_bb("message", "msg");
echo L . "<textarea name = 'msg'>$ank[nick],</textarea><br />";
echo "<input name = 'post' value = 'Отправить сообщение' type = 'submit' />n";
echo "</form><div class = 'foot'>";
echo "<img src = '/style/icons/cross.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/delete'>Удалить пост</a>";
echo "</div><div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
} elseif (isset($_GET['act']) && $_GET['act'] == 'cit' && $them['close'] == 0 && isset($user)) {
$ank = get_user($post['id_user']);
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
aut();
echo "<div class = 'foot'>";
echo "Будет процетировано сообщение:<br />";
echo output_text($post['msg']);
echo "</div>";
echo "<form class = 'foot' name = 'name' method = 'POST' action = '/forum/$forum[id]/$razdel[id]/$them[id]/new&id_usa=$ank[id]'>";
echo "<input name = 'cit' value = '$post[id]' type = 'hidden' />";
$msg2 = $ank['nick'] . ', ';
echo text::auto_bb("message", "msg");
echo L . "<textarea name = 'msg'>$ank[nick], </textarea><br />";
echo "<input name = 'post' value = 'Отправить сообщение' type = 'submit' />n";
echo "</form><div class = 'foot'>";
echo "<img src = '/style/icons/cross.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/delete'>Удалить пост</a>";
echo "</div><div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
} elseif (isset($_GET['act']) && $_GET['act'] == 'golos' && $them['close'] == 0 && isset($user) && isset($_GET['id_var']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_opr` WHERE `id` = '" . intval($_GET['id_var']) . "' AND `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "'"), 0) == 1) {
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
aut();
$prov_p = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id`= '" . intval($_GET['id_post']) . "' AND `opros`='1' ", $db), 0);
$prov = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_opres` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_post`='" . intval($_GET['id_post']) . "' AND `id_user`='$user[id]' ", $db), 0);
if ($prov_p == 0) {
$err[] = "К данному посту опрос не прикреплён!";
} elseif ($prov != 0) {
$err[] = "Вы уже принимали участие в данном опросе!";
} elseif (!isset($err)) {
mysql_query("INSERT INTO `forum_opres` (id_user, id_var, id_forum, id_razdel, id_them, id_post) values('$user[id]', '" . intval($_GET['id_var']) . "', '" . intval($_GET['id_forum']) . "', '" . intval($_GET['id_razdel']) . "', '" . intval($_GET['id_them']) . "', '" . intval($_GET['id_post']) . "')");
msg('Ваш голос успешно принят');
}
err();
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
} elseif (isset($_GET['act']) && $_GET['act'] == 'hist' && isset($user)) {
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
aut();
err();
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_phis` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
$q = mysql_query("SELECT * FROM `forum_phis` WHERE `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
$ank = get_user($post['id_user']);
echo "<table class = 'foot'><tr><td class = 'icon14'>";
avatar($ank['id'], '48');
echo "</td><td class = 'null'>";
user($ank['id']);
echo "<br />";
echo "<img src = '/style/icons/time.png' />" . vremja($post['data']) . "<br />";
echo output_text($post['msg']);
echo "</td></tr></table>";
}
if ($k_page > 1) {
str('?', $k_page, $page);
}
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
} elseif (isset($_GET['act']) && $_GET['act'] == 'zhal' && isset($user)) {
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
aut();
if (isset($_POST['msg']) && isset($user)) {
$msg = $_POST['msg'];
$mat = antimat($msg);
if ($mat) {
$err[] = 'В тексте сообщения обнаружен мат: ' . $mat;
}
if (utf8_strlen($msg) > 512) {
$err[] = 'Сообщение слишком длинное';
} elseif (utf8_strlen($msg) < 2) {
$err[] = 'Короткое сообщение';
} elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_zhal` WHERE `id_user` = '$user[id]' AND `msg` = '" . mysql_real_escape_string($msg) . "' AND `id_them` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' AND `id_post` = '" . intval($_GET['id_post']) . "' LIMIT 1"), 0) != 0) {
$err = 'Ваше сообщение повторяет предыдущее';
} elseif (!isset($err)) {
mysql_query("INSERT INTO `forum_zhal` (id_user, data, msg, id_forum, id_razdel, id_them, id_post) values('$user[id]', '$time', '" . mysql_real_escape_string($msg) . "', '" . intval($_GET['id_forum']) . "', '" . intval($_GET['id_razdel']) . "', '" . intval($_GET['id_them']) . "', '" . intval($_GET['id_post']) . "')");
mysql_query("UPDATE `user` SET `money` = '" . ($user['money'] + 25) . "' WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `activity` = '" . ($user['activity'] + 0.06) . "' WHERE `id` = '$user[id]' LIMIT 1");
msg('Жалоба успешно добавлена');
}
}
err();
if (isset($user)) {
echo "<form method="post" class = 'foot' name='message' action="?$passgen">n";
echo "Текст жалобы:<br />";
echo text::auto_bb('message', 'msg');
echo L . "<textarea name="msg"></textarea><br />n";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/tick.png' /> Отправить";
echo "</button></form>n";
}
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/$them[id]/?page=end'>В тему</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
}
}
}
if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE" . ((!isset($user) || $user['level'] == 0) ? " `adm` = '0' AND" : null) . " `id` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_them']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1) {
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$razdel = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$them = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_t` WHERE `id` = '" . intval($_GET['id_them']) . "' AND `id_razdel` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$set['title'] = 'Форум - ' . $them['name'];
require_once '../sys/inc/thead.php';
$ank2 = get_user($them['id_user']);
#В этом случае include надежнее
include 'inc/set_them_act.php';
include 'inc/them.php';
include 'inc/set_them_form.php';
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/$razdel[id]/'>$razdel[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
require_once '../sys/inc/tfoot.php';
}
if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE" . ((!isset($user) || $user['level'] == 0) ? " `adm` = '0' AND" : null) . " `id` = '" . intval($_GET['id_forum']) . "'"), 0) == 1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "'"), 0) == 1) {
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$razdel = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '" . intval($_GET['id_razdel']) . "' AND `id_forum` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
if (isset($user) && isset($_GET['act']) && ($_GET['act'] == 'new' or $_GET['act'] == 'newop') && (!isset($_SESSION['time_c_t_forum']) || $_SESSION['time_c_t_forum'] < $time - 600 || $user['level'] > 0)) {
if ($_GET['act'] == 'new') {
include 'inc/new_t.php'; #создание новой темы
}
if ($_GET['act'] == 'newop') {
include 'inc/new_op.php'; #создание опроса
}
} else {
$set['title'] = 'Форум - ' . $razdel['name'];
require_once '../sys/inc/thead.php';
if (user_access('forum_razd_edit')) {
include 'inc/set_razdel_act.php';
}
include 'inc/razdel.php';
if (user_access('forum_razd_edit')) {
include 'inc/set_razdel_form.php';
}
echo "<div class = 'foot'>";
if (isset($user) && (!isset($_SESSION['time_c_t_forum']) || $_SESSION['time_c_t_forum'] < $time - 600 || $user['level'] > 0)) {
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a><br />";
}
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a><br />";
echo "</div>";
}
require_once '../sys/inc/tfoot.php';
}
if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE" . ((!isset($user) || $user['level'] == 0) ? " `adm` = '0' AND" : null) . " `id` = '" . intval($_GET['id_forum']) . "'"), 0) == 1) {
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '" . intval($_GET['id_forum']) . "' LIMIT 1"));
$set['title'] = 'Форум - ' . $forum['name'];
require_once '../sys/inc/thead.php';
include 'inc/set_forum_act.php';
include 'inc/forum.php';
include 'inc/set_forum_form.php';
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '/forum/'>Форум</a>";
echo "</div>";
require_once '../sys/inc/tfoot.php';
}
$set['title'] = 'Форум';
require_once '../sys/inc/thead.php';
if (user_access('forum_for_create') && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act'] == 'new' && isset($_POST['name']) && isset($_POST['opis']) && isset($_POST['pos'])) {
$name = $_POST['name'];
if (!preg_match('#^[a-zа-яds?.%@-_=+!]+$#ui', $name)) {
$err[] = 'Запрещенные символы в названии подфорума';
}
if (utf8_strlen($name) < 3) {
$err = 'Слишком короткое название';
}
if (utf8_strlen($name) > 32) {
$err = 'Слишком днинное название';
}
$name = mysql_real_escape_string($name);
$opis = $_POST['opis'];
if (utf8_strlen($opis) > 512) {
$err = 'Слишком длинное описание';
}
$opis = mysql_real_escape_string($opis);
$pos = intval($_POST['pos']);
if (!isset($err)) {
admin_log('Форум', 'Подфорумы', "Создание подфорума '$name'");
mysql_query("INSERT INTO `forum_f` (`opis`, `name`, `pos`) values('$opis', '$name', '$pos')");
msg('Подфорум успешно создан');
}
}
err();
aut();
$k_p_zakl = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_zakl` WHERE `id_user` = '$user[id]'"), 0);
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/administrator.png' /> <a href = '/forum/moders.php'>Модераторы</a><br />";
echo "<img src = '/style/icons/information.png' /> <a href = '/info/?act=forum'>Правила форума</a><br />";
echo "<img src = '/style/icons/page_white_magnify.png' /> <a href = '/forum/search.php'>Поиск</a><br />";
echo "</div><div class = 'foot'>";
echo "<img src = '/style/icons/page_white_go.png' /> <a href = '/forum/new_t.php'>Новые темы</a><br />";
echo "<img src = '/style/icons/page_refresh.png' /> <a href = '/forum/new_p.php'>Обновленные темы</a><br />";
echo "<img src = '/style/icons/page_refresh.png' /> <a href = '/forum/files_list.php'>Топ файлов</a><br />";
echo "<img src = '/style/icons/page_refresh.png' /> <a href='adm.php'>Жалобы</a><br />n";
echo "<img src = '/style/icons/document_quote.png' /> <a href='/forum/online.php'>Кто в Форуме?</a> ";
echo "<span class = 'count1'>";
echo mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `date_last` > '" . (time() - 300) . "' AND `url` like '/forum/%'"), 0) . '';
echo "</span></div>";
if (isset($user)) {
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/page_white_stack.png' /> <a href = '/forum/my_t.php'>Мои темы</a> | ";
echo "<a href = '/forum/my_p.php'>посты</a><br />";
echo "<img src = '/style/icons/page_white_star.png' /> <a href = '/user/bookmark/forum.php'>Мои закладки</a> ";
echo "<span class = 'count1'>$k_p_zakl</span>";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `forum_f`" . ((!isset($user) || $user['level'] == 0) ? " WHERE `adm` = '0'" : null) . " ORDER BY `pos` ASC");
if (mysql_num_rows($q) == 0) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет подфорумов";
echo "</td></tr></table>";
}
while ($forum = mysql_fetch_assoc($q)) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/folder_vertical_document.png' /> <a href = '/forum/$forum[id]/'>$forum[name]</a>";
echo "<span class = 'count1'>";
echo mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id_forum` = '$forum[id]'"), 0) . " +" . mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_forum` = '$forum[id]'"), 0);
echo "</span>";
if ($forum['opis'] != NULL) {
echo "<br />";
echo "<small>";
echo output_text($forum['opis']);
echo "</small>";
}
echo "</td></tr></table>";
}
if (isset($_POST['otmena'])) {
header("Location: /forum/" . SID);
exit;
}
if (user_access('forum_for_create') && (isset($_GET['act']) && $_GET['act'] == 'new' || mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f`"), 0) == 0)) {
echo "<form class = 'foot' name = 'message' method = 'POST' action = '/forum/index.php?act=new&ok'>";
echo "Название подфорума<br />";
echo "<input name = 'name' type = 'text' maxlength = '50' value = '' /><br />";
echo "Описание<br />";
echo text::auto_bb("message", "opis");
echo L . "<textarea name = 'opis'></textarea><br />";
$pos = mysql_result(mysql_query("SELECT MAX(`pos`) FROM `forum_f`"), 0) + 1;
echo "Позиция<br />";
echo "<input name = 'pos' size = '3' type = 'text' maxlength = '3' value = '$pos' /><br />";
echo "<input value = 'Создать' type = 'submit' />n";
echo "<input type = 'submit' name = 'otmena' value = 'Отмена' />";
echo "</form>";
}
if (user_access('forum_for_create') && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f`"), 0) > 0) {
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/folder--plus.png' /> <a href = '/forum/?act=new'>Новый подфорум</a>";
echo "</div>";
}
echo "<div class = 'foot'>";
echo "Всего на форуме <b>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p`"), 0) . "</b> постов и <b>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t`"), 0) . "</b> тем";
echo "</div>";
include 'incnew.php';
require_once '../sys/inc/tfoot.php';