Файл: comm/guest.php
Строк: 113
<?php
include_once '../sys/inc/start.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
if(isset($_GET['id'])){
$id = intval($_GET['id']);
}else{
header("Location: /index.php");
}
$admin = mysql_fetch_array(mysql_query("SELECT * FROM `community_user_incomm` WHERE `cid` = '$id' AND `uid` = '".$user['id']."'"));
$set['title'] = 'Мини чат & '.$_SERVER['HTTP_HOST'];
include_once '../sys/inc/thead.php';
top();
echo "<div class='foot1'>";
$status_comm = mysql_fetch_array(mysql_query("SELECT * FROM `community_comm` WHERE `id` = '$id' LIMIT 1"));
$activate = mysql_fetch_array(mysql_query("SELECT * FROM `community_user_incomm` WHERE `cid` = '$id' AND `uid` = '".$user['id']."'"));
$comm = mysql_fetch_array(mysql_query('SELECT * FROM `community_comm` WHERE `id` = '.$id.' LIMIT 1'));
$post = mysql_fetch_array(mysql_query("SELECT * FROM `community_board` WHERE `id_comm` = '$id' AND `user` = '".$user['id']."' ORDER BY time DESC LIMIT 1"));
if($id==0 || $id<0){
echo "<div class='err'>Ошибка</div>";
}else if($id!=$comm['id']){
echo '<div class="err">Сообщество не найдено.</div>';
}else if($status_comm['status']==2 && $activate['activate']==0){
echo '<div class="err">Сообщество закрытого типа.</div>';
}else if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_ban` WHERE `id_user` = '$user[id]' AND `id_comm` = '$id' AND `time` > '$time'"), 0)!=0){
header('Location: ban.php?id='.$id);
}else{
if(isset($_GET['err']) && $_GET['err']=='min_mess'){
msg('Сообщение слишком маленькое.');
}else if(isset($_GET['err']) && $_GET['err']=='max_mess'){
msg('Сообщение слишком длинное.');
}else if(isset($_GET['err']) && $_GET['err']=='msg_time'){
msg('Не стоит писать слишком часто.');
}else if(isset($_GET['err']) && $_GET['err']=='no'){
msg('Сообщение успешно добавлено.');
}else if(isset($_GET['err']) && $_GET['err']=='del'){
msg('Сообщение успешно удалено');
}else if(isset($_GET['err']) && $_GET['err']=='no_mess'){
msg('Сообщение не найдено.');
}
if(isset($user)){
if(isset($_GET['del'])){
if($admin['priv']==2 || $admin['priv']==1 || $user['level']>2){
$del = intval($_GET['del']);
$id_del = mysql_fetch_array(mysql_query("SELECT * FROM `community_board` WHERE `id` = '$del'"));
if($id==$id_del['id_comm']){
mysql_query("DELETE FROM `community_board` WHERE `id` = '".$del."' AND `id_comm` = '$id' LIMIT 1");
header("Location: guest.php?id=$id&err=del");
}else{
header("Location: guest.php?id=$id&err=no_mess");
}
}else{
header("Location: index.php");
exit;
}
}
if(isset($_POST['msg']) && $_GET['act']=='add'){
$msg=esc($_POST['msg']);
$msg = esc(stripcslashes(htmlspecialchars($_POST['msg'])));
$msg = preg_replace("#((https?|ftp)://[[:alnum:]_=/-]+(\.[[:alnum:]_=/-]+)*(/[[:alnum:]+&._=/~%#]*(\?[[:alnum:]?+&_=/%#]*)?)?)#i", ' [реклама] ', $msg);
if(isset($_POST['translit']) && $_POST['translit']==1){
$msg=translit($msg);
}
if(strlen2($msg)<3){
header("Location: guest.php?id=$id&err=min_mess");
exit;
}
if(strlen2($msg)>512){
header("Location: guest.php?id=$id&err=max_mess");
exit;
}
if(isset($_SESSION['antiflood']) && $_SESSION['antiflood']>$time-300){
header("Location: guest.php?id=$id&err=msg_time");
exit;
}
mysql_query("INSERT INTO `community_board` (`id_comm`, `user`, `time`, `msg`) VALUES ('$id', '$user[id]', '$time', '$msg')");
mysql_query("UPDATE `community_user_incomm` SET `postov` = '+1' WHERE `uid` = '$user[id]' AND `cid` = '$id' LIMIT 1");
mysql_query("OPTIMIZE TABLE `community_user_incomm`");
mysql_query("OPTIMIZE TABLE `community_board`");
header("Location: guest.php?id=$id&err=no");
}
}
$k_m=mysql_result(mysql_query("SELECT COUNT(*) FROM `community_board` WHERE `id_comm` = '$id'"), 0);
$k_page=k_page($k_m,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if($k_m=='0'){
echo '<tr><td class="p_t">Нет сообщений. Будь первым.</td></tr>';
}
$q = mysql_query("SELECT * FROM `community_board` WHERE `id_comm` = '$id' ORDER BY time DESC LIMIT $start, $set[p_str]");
while($p = mysql_fetch_array($q)){
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $p[user] LIMIT 1"));
echo "<table class='posti'>";
echo "<tr><td class='icon15'>";
echo avatar_little($a['id']);
echo "</td><td class='p_m'>";
online($a['id']);
echo "<a href='/user/profile.php?id=$a[id]' title='$a[p_nick]'>n";
echo GradientText("$a[nick]", "$a[ncolor]", "$a[ncolor2]");
echo "</a>n";
echo "<a href='/user/ank.php?id=$a[id]' title='Анкета $a[nick]'>";
icon_info_ank();echo "</a> ";
medals($a['id']);
strana($a['id']);
admin($a['id']);
echo "<span style='float : right;'>n";
echo "<font color='red'>".vremja($p['time'])."</font>";
echo "</span>";
echo "<div style='border-bottom:1px dashed #99BCFF;'></div>n";
if($admin['priv']==2 || $admin['priv']==1 || $user['level']>2){
echo "<span style='float : right;'>n";
echo "<a href='guest.php?id=$id&del=$p[id]'>";icon_del();echo "</a><br/>";
echo "</span>";
}
echo output_text($p['msg']);
echo "</td></tr>";
echo "</table>";
}
if($k_page>1){
str("guest.php?id=$id&",$k_page,$page);
}
if($activate['uid']==$user['id']){
echo "<form method='post' class='post' action='guest.php?id=$id&act=add'>";
echo "Сообщение: <a href='/smiles/'>Смайлы</a> | <a href='/bb-code.php'>ББ-коды</a><br />n<textarea name="msg" cols='12' rows='2' style='width:50%' placeholder="Введите сообщение..."></textarea><br />n";
echo "<input value='Отправить' type='submit'></input><br/>";
echo "</form>";
}
icon_pravo();echo "<a href='comm.php?id=$id'>В сообщество</a><br/>";
}
echo "</div>";
include_once '../sys/inc/tfoot.php';
?>