Файл: forum/inc/them.php
Строк: 265
<?
if (isset($_GET['act']) && $_GET['act']=='txt')
{
ob_clean();
ob_implicit_flush();
header('Content-Type: text/plain; charset=utf-8', true);
header('Content-Disposition: attachment; filename="'.retranslit($them['name']).'.txt";');
echo "Тема: $them[name] ($forum[name]/$razdel[name])rn";
$q=mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' ORDER BY `time` ASC");
while ($post = mysql_fetch_assoc($q))
{
echo "rn";
$ank=get_user($post['id_user']);
echo GradientText("$ank[nick]", "$ank[ncolor]", "$ank[ncolor2]");
echo " (".date("j M Y в H:i", $post['time']).")rn";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '$post[cit]'"),0)==1)
{
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post[cit]' LIMIT 1"));
$ank_c=get_user($cit['id_user']);
echo "--Цитата--rn";
echo "$ank_c[nick] (".date("j M Y в H:i", $cit['time'])."):rn";
echo trim(br($cit['msg'],"rn"))."rn";
echo "----------rn";
}
echo trim(br($post['msg'],"rn"))."rn";
}
echo "rnИсточник: http://$_SERVER[SERVER_NAME]/forum/$forum[id]/$razdel[id]/$them[id]/rn";
echo "rnСайт создан на движке S-Klub CMS v0.5.0 Special, автором которого являестя Simptom! Сайт поддержки: http://s-klub.ru/rn";
exit;
}
if (isset($user) && isset($_GET['f_del']) && is_numeric($_GET['f_del']) && isset($_SESSION['file'][$_GET['f_del']]))
{
unlink($_SESSION['file'][$_GET['f_del']]['tmp_name']);
}
if (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==1)
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_zakl` WHERE `id_user` = $user[id] AND `id_them` = '$them[id]'"),0)!=0)
{
$err="Тема уже есть в ваших закладках";
}else {
mysql_query("INSERT INTO `forum_zakl` (`id_user`, `time`, `id_them`, `time_obn`) values('$user[id]', '$time', '$them[id]', '$time')");
msg('Тема добавлена в закладки');
}
}
else if (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==0)
{
mysql_query("DELETE FROM `forum_zakl` WHERE `id_user` = '$user[id]' AND `id_them` = '$them[id]'");
msg('Тема удалена из закладок');
}
if (isset($user) && isset($_GET['act']) && $_GET['act']=='new' && isset($_FILES['file_f']) && preg_match('#.#', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp', 0777);
if (isset($_SESSION['file']))
{
$next_f=count($_SESSION['file']);
}else{
$next_f=0;
}
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['name']=preg_replace('#.[^.]*$#i', NULL, $file);
$_SESSION['file'][$next_f]['ras']=strtolower(preg_replace('#^.*.#i', NULL, $file));
$_SESSION['file'][$next_f]['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp';
$_SESSION['file'][$next_f]['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
$_SESSION['file'][$next_f]['type']=$_FILES['file_f']['type'];
}
if (isset($_GET['os']) && ($_GET['os']) == $user['id'])
{
mysql_query("UPDATE `jurnal_forum` SET `date` = '$time', `time` = '$time', `del` = '0',`upset` = '0' WHERE `them_id` = '$them[id]' AND `id_user` = '".intval($_GET['os'])."'");
}
if (isset($user) && ($them['close']==0 || $them['close']==1 && user_access('forum_post_close')) && isset($_GET['act']) && $_GET['act']=='new' && isset($_POST['msg']) && !isset($_POST['file_s']))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)
{
$msg=translit($msg);
}
if (strlen2($msg)<2)
{
$err='Короткое сообщение!';
}
if (strlen2($msg)>1024)
{
$err='Длина сообщения превышает предел в 1024 символа!';
}
$mat=antimat($msg);
if ($mat)
{
$err='В тексте сообщения обнаружен мат: '.$mat;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_user` = '$user[id]' AND `msg` = '".my_esc($msg)."' LIMIT 1"),0)!=0)
{
$err='Ваше сообщение повторяет предыдущее!';
}
if (!isset($err))
{
if (isset($_POST['cit']) && is_numeric($_POST['cit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_razdel` = '".intval($_GET['id_razdel'])."' AND `id_forum` = '".intval($_GET['id_forum'])."'"),0)==1)
{
$cit=intval($_POST['cit']);
}else{
$cit='null';
}
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `forum_zakl` SET `time_obn` = '$time' WHERE `id_them` = '$them[id]'");
mysql_query("INSERT INTO `forum_p` (`id_forum`, `id_razdel`, `id_them`, `id_user`, `msg`, `time`, `cit`) values('$forum[id]', '$razdel[id]', '$them[id]', '$user[id]', '".my_esc($msg)."', '$time', $cit)");
$post_id=mysql_insert_id();
if (isset($_SESSION['file']) && isset($user))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name']))
{
mysql_query("INSERT INTO `forum_files` (`id_post`, `name`, `ras`, `size`, `type`) values('$post_id', '".$_SESSION['file'][$i]['name']."', '".$_SESSION['file'][$i]['ras']."', '".$_SESSION['file'][$i]['size']."', '".$_SESSION['file'][$i]['type']."')");
$file_id=mysql_insert_id();
copy($_SESSION['file'][$i]['tmp_name'], H.'sys/forum/files/'.$file_id.'.frf');
unlink($_SESSION['file'][$i]['tmp_name']);
}
}
unset($_SESSION['file']);
}
unset($_SESSION['msg']);
$ank=get_user($them['id_user']);
mysql_query("UPDATE `forum_r` SET `time` = '$time' WHERE `id` = '$razdel[id]' LIMIT 1");
mysql_query("UPDATE `forum_t` SET `time` = '$time' WHERE `id` = '$them[id]' LIMIT 1");
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `jurnal_forum` WHERE `id_user` = '$user[id]' AND `them_id` = '$them[id]' "),0)==0)
{
mysql_query("INSERT INTO `jurnal_forum` (`id_user`, `them_id`, `date`, `up`, `upset`, `time`) values('$user[id]', '$them[id]', '$time', '0', '0', '$time')");
}else{
mysql_query("UPDATE `jurnal_forum` SET `date` = '$time', `up` = '0', `upset` = '0' , `time` = '$time' WHERE `them_id` = '$them[id]' AND `id_user` = '$user[id]'");
}
if (isset($_GET['otvet']))
{
mysql_query("UPDATE `jurnal_forum` SET `date` = '$time', `upset` = '1' WHERE `them_id` = '$them[id]' AND `id_user` = '".intval($_GET['otvet'])."' AND `id_user` != '$user[id]'");
}
$ank=get_user($them['id_user']);
if ($ank['id']!=$user['id'])
{
mysql_query("UPDATE `jurnal_forum` SET `date` = '$time', `upset` = '1' WHERE `them_id` = '$them[id]' AND `id_user` = '$ank[id]'");
}
$jur=mysql_query("SELECT * FROM `jurnal_forum`");
while ($upset = mysql_fetch_array($jur))
{
$up=mysql_fetch_assoc(mysql_query("SELECT * FROM `jurnal_forum` WHERE `id` = $upset[id]"));
mysql_query("UPDATE `jurnal_forum` SET `date` = '$time', `up` = '".($up['up']+1)."', `upset` = '1' WHERE `id` = '$upset[id]' AND `them_id` = '$them[id]' AND `upset` = '0' AND `id_user` != '$user[id]' AND '$up[up]' != '3'");
}
msg('Сообщение успешно добавлено');
}
}
if ($them['close']==1)
{
$err = 'Тема закрыта для обсуждения';
}
if (isset($user) && $user['balls']>=50 && $user['rating']>=0 && isset($_GET['id_file'])
&&
mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_files` WHERE `id` = '".intval($_GET['id_file'])."'"), 0)==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_files_rating` WHERE `id_user` = '$user[id]' AND `id_file` = '".intval($_GET['id_file'])."'"), 0)==0)
{
if (isset($_GET['rating']) && $_GET['rating']=='down')
{
mysql_query("INSERT INTO `forum_files_rating` (`id_user`, `id_file`, `rating`) values('$user[id]', '".intval($_GET['id_file'])."', '-1')");
msg ('Ваш отрицательный отзыв принят');
}
else if(isset($_GET['rating']) && $_GET['rating']=='up')
{
mysql_query("INSERT INTO `forum_files_rating` (`id_user`, `id_file`, `rating`) values('$user[id]', '".intval($_GET['id_file'])."', '1')");
msg ('Ваш положительный отзыв принят');
}
}
if ((isset($user)) && isset($_GET['act']) && $_GET['act']=='rating' && isset($_GET['plus']))
{
if (isset($_GET['plus']))
{
$post_id = $_GET['plus'];
}
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post_id'"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p_rating` WHERE `id_user` = '".$user['id']."' AND `id_post` = '".$post['id']."'"), 0)==0 && $post['id_user']!=$user['id'])
{
mysql_query("UPDATE `forum_p` SET `rating` = '".($post['rating']+1)."' WHERE `id` = '$post_id' LIMIT 1");
mysql_query("INSERT INTO `forum_p_rating` (`id_user`, `id_post`, `rating`) values('".$user['id']."', '".$post_id."','1')");
$_SESSION['true'] = 'Положительный отзыв к коментарию принят!';
header ("Location: ?page=".$_GET['page']."".SID);
exit;
}
}
if ((isset($user)) && isset($_GET['act']) && $_GET['act']=='rating' && isset($_GET['minus']))
{
if (isset($_GET['minus']))
{
$post_id=$_GET['minus'];
}
$post=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post_id'"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p_rating` WHERE `id_user` = '".$user['id']."' AND `id_post` = '".$post['id']."'"), 0)==0 && $post['id_user']!=$user['id'])
{
mysql_query("UPDATE `forum_p` SET `rating` = '".($post['rating']-1)."' WHERE `id` = '$post_id' LIMIT 1");
mysql_query("INSERT INTO `forum_p_rating` (`id_user`, `id_post`, `rating`) values('".$user['id']."', '".$post_id."','1')");
$_SESSION['true'] = 'Негативный отзыв к коментарию принят!';
header ("Location: ?page=".$_GET['page']."".SID);
exit;
}
}
auter();
err();
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){$lim=NULL;}else $lim=" LIMIT $start, $set[p_str]";
$q=mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' ORDER BY `time` ASC$lim");
if (mysql_num_rows($q)==0)
{
echo "<table style='width:100%' cellspacing='1' cellpadding='1'><tr>";
echo "<td class='err'>";
echo "В этой теме нет сообщений!";
echo "</td>";
echo "</tr></table>";
}
$post_k=$start;
while ($post = mysql_fetch_assoc($q))
{
$ank=get_user($post['id_user']);
$post_k++;
echo "<table style='width:100%' cellspacing='1' cellpadding='1'><tr>";
echo '<td class="icon14">';
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
{
echo '<input type="checkbox" name="post_'.$post['id'].'" value="1" />';
}else{
avatar_mini($ank['id']);
}
echo '</td>';
if ($set['show_num_post']==1)
{
$num_post=$post_k.') ';
}else{
$num_post=NULL;
}
echo '<td class="forum_tema">';
if ($them['id_user']==$post['id_user'])
{
echo "<span style='float : right;'>";
echo "<img src='/s-klub/img/info.png'> <font color='blue'><b>Автор темы</b></font>";
echo "</span>";
}
echo "<b>".$num_post."</b> ";
echo "".status($ank['id'])." ";
echo "<b><a href='/info.php?id=".$ank['id']."' title='Анкета ".$ank['nick']."'>";
echo GradientText("$ank[nick]", "$ank[ncolor]", "$ank[ncolor2]");
echo "</a></b>";
echo " ".online($ank['id'])."<br />";
echo "<span style='float : right;'>";
echo "<img src='/s-klub/img/top.png' title='Рейтинга поста'/> ";
if ($post['rating']<0)
{
echo "<font color='red'>";
}
if ($post['rating']>0)
{
echo "<font color='blue'>";
}
echo "<b>".$post['rating']."</b> ";
if ($post['rating']<0)
{
echo "</font>";
}
if ($post['rating']>0)
{
echo "</font>";
}
if (isset($user))
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p_rating` WHERE `id_user` = '".$user['id']."' AND `id_post` = '".$post['id']."'"), 0)==0 && $post['id_user']!=$user['id'])
{
echo " <img src='/s-klub/img/prom.png'> ";
echo "<a href='?page=$page&act=rating&plus=".$post['id']."'><img src='/s-klub/img/up.png' title='Полезный пост'/></a> ";
echo " <img src='/s-klub/img/prom.png'> ";
echo "<a href='?page=$page&act=rating&minus=".$post['id']."'><img src='/s-klub/img/down.png' title='Безполезный пост'/></a>";
}
}
echo "</span>";
echo "<img src='/s-klub/img/time.png'> <b>".vremja($post['time'])."</b><br />";
echo '</td>';
echo '</tr>';
echo '<tr>';
echo "<td class='forum_mess' colspan='2'>";
echo "<span style='float : right;'>";
if ($them['close']==0)
{
if (isset($user) && $user['id']!=$ank['id'] && $ank['id']!=0)
{
echo '<a href="/forum/'.$forum['id'].'/'.$razdel['id'].'/'.$them['id'].'/'.$post['id'].'/msg" title="Ответить '.$ank['nick'].'"><img src="/s-klub/img/post-add.png"> </a>';
echo " <img src='/s-klub/img/prom.png'> ";
echo '<a href="/mail.php?id='.$ank['id'].'" title="Личное сообщение '.$ank['nick'].'"><img src="/s-klub/img/mail-add.png"></a>';
echo " <img src='/s-klub/img/prom.png'> ";
}
if (isset($user))
{
echo '<a href="/forum/'.$forum['id'].'/'.$razdel['id'].'/'.$them['id'].'/'.$post['id'].'/cit" title="Цитировать '.$ank['nick'].'"><img src="/s-klub/img/cit.png"> </a>';
}
}
if (user_access('forum_post_ed') && ($ank['level']<=$user['level'] || $ank['level']==$user['level'] && $ank['id']==$user['id']))
{
echo " <img src='/s-klub/img/prom.png'> ";
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit' title='Изменить пост ".$ank['nick']."'><img src='/s-klub/img/set.png'> </a>";
}
else if (isset($user) && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
{
echo " <img src='/s-klub/img/prom.png'> ";
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit' title='Изменить мой пост'><img src='/s-klub/img/set.png'> (".($post['time']+600-time())." сек)</a>";
}
echo "</span>";
echo "<img src='/s-klub/img/post.png'> <b>Сообщение:</b><br />";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '$post[cit]'"),0)==1)
{
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post[cit]' LIMIT 1"));
$ank_c=get_user($cit['id_user']);
echo '<div class="cit">
<b>'.$ank_c['nick'].' ('.vremja($cit['time']).'):</b><br />
'.output_text($cit['msg']).'<br />
</div>';
}
echo "<div class='forum_post'>".output_text($post['msg']).'<br />';
include H.'/forum/inc/file.php';
echo '</div>';
echo '</td></tr></table>';
}
if ($k_page>1)
{
str("/forum/$forum[id]/$razdel[id]/$them[id]/?",$k_page,$page);
}
else if (isset($user) && ($them['close']==0 || $them['close']==1 && user_access('forum_post_close')))
{
if ($user['set_files']==1)
{
echo "<form method='post' name='message' enctype='multipart/form-data' action='/forum/$forum[id]/$razdel[id]/$them[id]/new?$passgen'>";
}else{
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/new?$passgen'>";
}
if (isset($_POST['msg']) && isset($_POST['file_s']))
{
$msg2=output_text($_POST['msg'],false,true,false,false,false);
}else{
$msg2=NULL;
}
if (($user['dop']==1) && is_file(H.'s-klub/js/altername_post_form.php'))
{
include_once H.'s-klub/js/altername_post_form.php';
}else{
echo "<img src='/s-klub/img/post-add.png'> <b>Сообщение:</b><br />";
bb_panel();
echo "<textarea name='msg'>".$msg2."</textarea><br />";
}
if ($user['set_translit']==1)
{
echo "<label><input type='checkbox' name='translit' value='1' /> Транслит</label><br />";
}
if ($user['set_files']==1)
{
if (isset($_SESSION['file']))
{
echo "<img src='/s-klub/img/files.png'> <b>Прикрепленные файлы:</b><br />";
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name']))
{
echo "<img src='/s-klub/img/file.png'>";
echo $_SESSION['file'][$i]['name'].'.'.$_SESSION['file'][$i]['ras'].' (';
echo size_file($_SESSION['file'][$i]['size']);
echo ") <a href='/forum/$forum[id]/$razdel[id]/$them[id]/d_file$i' title='Удалить из списка'><img src='/s-klub/img/del.png' alt='' /></a>";
echo "<br />";
}
}
}
echo "<input name='file_f' type='file' /><br />";
echo "<input name='file_s' value='Прикрепить файл' type='submit' /><br />";
}
echo "<input name='post' value='Отправить' type='submit' /><br /></form>";
}
echo "<a href='/smiles.php'><div class='foot'>";
echo "<img src='/s-klub/img/smiles.png'> Смайлы<br />";
echo "</div>";
echo "<a href='/rules.php'><div class='foot'>";
echo "<img src='/s-klub/img/rules.png'> Правила<br />";
echo "</div></a>";
echo "<a href='txt'><div class='foot'>";
echo "<img src='/s-klub/img/download.png'> Скачать тему в txt<br />";
echo "</div></a>";
?>