Файл: gazeta.php
Строк: 267
<?
require('connect.php');
switch($_GET['act'])
{
//~~~~~~~~~Создание журнала~~~~~~~~~~~~~//
case 'add_jurnal':
if ($u['admin'] == 1 || $u['admin']==2 || $u['admin']==5){
if (isset($_POST['submit']) and isset($_POST['name']) and isset($_POST['message'])) {
$name = check(substr($_POST['name'], 0, 1000));
$message = check(substr($_POST['message'], 0, 50000));
mysql_query("INSERT INTO `gazeta` SET
`user` = '".$u['id']."',
`time` = '".time()."',
`name` = '$name',
`message` = '$message'
");
$id = mysql_insert_id();
$users_r = mysql_query("SELECT `id` FROM `users` WHERE `id` <> '".$u['id']."'");
while ($users = mysql_fetch_assoc($users_r)) {
if($u['sex'] == 'm'){
$action[0] = 'Опубликовал';
} else {
$action[0] = 'Опубликовала';
}
$text = $action[0].' <a href = "gazeta.php?act=view&id='.$id.'">свежий журнал</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '".$users['id']."',
`outuser` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`new` = '1'
");
}
if($u['sex'] == 'm'){
$action[0] = 'Создал';
} else {
$action[0] = 'Создала';
}
$text = $action[0].' <a href = "gazeta.php?act=view&id='.$id.'">журнал</a>.';
mysql_query("INSERT INTO `admin_jurnal` SET
`user` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`news` = '1',
`forum` = '0',
`diary` = '0',
`chat` = '0',
`blog` = '0',
`foto` = '0',
`ban` = '0',
`edit` = '0',
`new` = '1'
");
header ("Location: gazeta.php");
} else {
$title = $title.' | Журнал';
require('head.php');
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <b>Добавить журнал</b></div>';
echo '<div class="div">';
echo '<form action=gazeta.php?act=add_jurnal method=post>
Название: 100 символов<br/><textarea cols="20" rows="1" name="name"style="width: 30%;height: 20px;"></textarea><br/>
Сообщение: 50000 символов<br/><textarea cols="100%" rows="3" name="message"></textarea><br/>
<input type=submit name="submit" value=Добавить class=submit white/ ></form>';
}
echo '</div>';
require('foot.php');
}
break;
//~~~~~~~~~~~~Редактирование газеты~~~~~~~~~~~//
case 'edit_jurnal':
if ($u['admin'] == 1 || $u['admin']==2 || $u['admin']==5){
if(isset($_GET['id'])){
$id=num($_GET['id']);
$req = mysql_query("SELECT * FROM `gazeta` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$gazeta = mysql_fetch_assoc($req);
}
}
if($gazeta){
if (isset($_POST['submit']) and isset($_POST['name']) and isset($_POST['message'])) {
$name = check(substr($_POST['name'], 0, 100));
$message = check(substr($_POST['message'], 0, 10000));
mysql_query("UPDATE `gazeta` SET
`name` = '$name',
`message` = '$message',
`who` = '".$u['id']."',
`cedit` = `cedit`+1,
`etime` = '".time()."'
WHERE `id` = '$id'
");
if($u['sex'] == 'm'){
$action[0] = 'Отредактировал';
} else {
$action[0] = 'Отредактировала';
}
$text = $action[0].' <a href = "gazeta.php?act=view&id='.$id.'">журнал</a>.';
mysql_query("INSERT INTO `admin_jurnal` SET
`user` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`news` = '1',
`forum` = '0',
`diary` = '0',
`chat` = '0',
`blog` = '0',
`foto` = '0',
`ban` = '0',
`edit` = '0',
`new` = '1'
");
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
} else {
$title = $title.' | Журнал';
require('head.php');
$name = $gazeta['name'];
$message = $gazeta['message'];
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <a href = "gazeta.php?act=view&id='.$id.'">'.$name.'</a> <b>Редактирование</b></div>';
echo '<div class="div">';
echo '<form action="gazeta.php?act=edit_jurnal&id='.$id.'" method="post">';
echo 'Название: 100 символов</br><textarea cols="20" rows="1" name="name"style="width: 30%;height: 20px;">'.$name.'</textarea><br/>';
echo 'Сообщение: 10000 символов</br><textarea cols="20" rows="3" name="message">'.$message.'</textarea><br/>';
echo '<input type="submit" name="submit" value="Сохранить" class="submit white"/>';
echo '</form>';
}
echo '</div>';
require('foot.php');
}
}
break;
//~~~~~~~~~~Удаление журнала~~~~~~~~~~//
case 'delete_jurnal':
if ($u['admin'] == 1 || $u['admin']==2 || $u['admin']==5){
if(isset($_GET['id'])){
$id=num($_GET['id']);
$req = mysql_query("SELECT * FROM `gazeta` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$gazeta = mysql_fetch_assoc($req);
}
}
if($gazeta){
if (isset($_POST['submit'])) {
mysql_query("DELETE FROM `gazeta` WHERE `id` = '".$gazeta['id']."'");
mysql_query("DELETE FROM `gazeta_comm` WHERE `gazeta` = '".$gazeta['id']."'");
mysql_query("DELETE FROM `gazeta_like` WHERE `gazeta` = '".$gazeta['id']."'");
if($u['sex'] == 'm'){
$action[0] = 'Удалил';
} else {
$action[0] = 'Удалила';
}
$text = $action[0].' <a href = "gazeta.php?act=view&id='.$id.'">журнал</a>.';
mysql_query("INSERT INTO `admin_jurnal` SET
`user` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`news` = '1',
`forum` = '0',
`diary` = '0',
`chat` = '0',
`blog` = '0',
`foto` = '0',
`ban` = '0',
`edit` = '0',
`new` = '1'
");
require('head.php');
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> Журнал удалён</div>';
ok(' Журнал успешно удалён !');
} else {
$title = $title.' | Журнал';
require('head.php');
$name = $gazeta['name'];
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <a href = "gazeta.php?act=view&id='.$id.'">'.$name.'</a> <b>Удалить журнал</b></div>';
echo '<div class="div">';
echo 'Вы уверены, что хотите удалить журнал <a href = "gazeta.php?act=view&id='.$id.'">'.$name.'</a>?<br/>';
echo '<form action="gazeta.php?act=delete_jurnal&id='.$id.'" method="post">';
echo '<input type="submit" name="submit" value="Да, удалить" class="submit white"/>';
echo '</form></div>';
}
require('foot.php');
} else {
require('head.php');
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <b>Ошибка</b></div>';
error(' Такого журнала нет !');
require('foot.php');
}
}
break;
//~~~~~~~~~~Просмотр журнала~~~~~~~~~~~//
case 'view':
if(isset($_GET['id'])){
$id=num($_GET['id']);
$req = mysql_query("SELECT * FROM `gazeta` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$gazeta = mysql_fetch_assoc($req);
}
}
if ($gazeta){
if($u['id'] and $_POST['message']){
$message = check(substr($_POST['message'], 0, 500));
$flood = mysql_query("SELECT `time` FROM `gazeta_comm` WHERE `user` = '".$u['id']."' AND `time` > '" . (time() - 3) . "'");
if (mysql_num_rows($flood)) {
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
exit;
}
$req = mysql_query("SELECT * FROM `gazeta_comm` WHERE `user` = '".$u['id']."' ORDER BY `time` DESC");
$res = mysql_fetch_array($req);
if ($res['message'] == $message) {
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
exit;
}
if (empty($message)){
require('head.php');
error(' Ошибка , так делать нельзя !'); $error = '1';
require('foot.php');
exit;
}
if (empty($error)){
if($gazeta['close'] == 0){
mysql_query("INSERT INTO `gazeta_comm` SET
`user` = '".$u['id']."',
`time` = '".time()."',
`comm` = '".$u['id']."',
`message` = '$message',
`gazeta` = '".$gazeta['id']."'
");
mysql_query("UPDATE `users` SET `rating` = `rating`+1 WHERE `id` = '".$u['id']."'");
if($u['sex'] == 'm'){
$action[0] = 'Оставил';
} else {
$action[0] = 'Оставила';
}
$text = $action[0].' комментарий к <a href = "gazeta.php?act=view&id='.$gazeta['id'].'">журналу</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`forum` = '0',
`blog` = '0',
`foto` = '0',
`diary` = '0',
`comm` = '1'
");
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
}
}
}
if($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 3){
$close = num($_GET['close']);
if($gazeta['close'] == 0 and $close == 1) {
mysql_query("UPDATE `gazeta` SET
`close` = '1',
`close_id` = '".$u['id']."'
WHERE `id` = '$id'
");
$gazeta['close_id'] = $u['id'];
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
}
if($gazeta['close'] == 1 and $close == 2) {
mysql_query("UPDATE `gazeta` SET
`close` = '0'
WHERE `id` = '$id'
");
$gazeta['close'] = 0;
}
}
if($_GET['like'] && $u['id']){
$req = mysql_query("SELECT * FROM `gazeta_like` WHERE `user` = '".$u['id']."' AND `gazeta` = '".$gazeta['id']."' LIMIT 1");
if (!mysql_num_rows($req)) {
$gazeta['rating']++;
mysql_query("INSERT INTO `gazeta_like` SET
`user` = '".$u['id']."',
`time` = '".time()."',
`gazeta` = '".$gazeta['id']."'
");
mysql_query("UPDATE `gazeta` SET
`rating` = '".$gazeta['rating']."'
WHERE `id` = '".$gazeta['id']."'
");
}
}
$name_gazeta = $gazeta['name'];
$message_gazeta = checkout($gazeta['message']);
$gazetausers = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$gazeta["user"]."'"));
$title = $title.' | Журнал';
require('head.php');
require('core/bb_code.php');
require('core/panel.php');
echo '<div class="title">';
echo '<img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <a href = "gazeta.php?act=view&id='.$gazeta['id'].'">'.$name_gazeta.'</a> <b>Просмотр</b> ';
echo '</div>';
if ($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 5) {
echo '<div class="nav"><a href = "gazeta.php?act=edit_jurnal&id='.$gazeta['id'].'"> Редактировать</a> |
<a href = "gazeta.php?act=delete_jurnal&id='.$gazeta['id'].'"> Удалить</a> |';
if($gazeta['close'] == 0) {echo ' <a href = "gazeta.php?act=view&id='.$gazeta['id'].'&close=1">Закрыть</a> ';
} else { echo ' <a href = "gazeta.php?act=view&id='.$gazeta['id'].'&close=2">Открыть</a> ';
}
echo '</div>';
}
echo '<div class="div">';
echo ''.ico($gazetausers['sex'],$gazetausers['admin']).' <a href = "/'.$gazeta['user'].'">'.login($gazeta['user']).'</a> / '.vremya($gazeta['time']).' / <b>'.$name_gazeta.'</b></br>';
echo ''.smile(links(bb_code($message_gazeta))).'</div>';
$req = mysql_query("SELECT * FROM `gazeta_like` WHERE `user` = '".$u['id']."' AND `gazeta` = '".$gazeta['id']."' LIMIT 1");
if (!mysql_num_rows($req)) echo '<div class="div"><img src = "ico/like.png"> <a href = "gazeta.php?act=view&id='.$gazeta['id'].'&like=1">Мне нравится</a> ('.$gazeta['rating'].')</div>'; else echo '<div class="div"><img src = "ico/like.png"> Понравилось: ('.$gazeta['rating'].')</div>';
if($gazeta['cedit'] == 1) {echo '<div class="div"><img src="ico/edit.png" alt="!"/> Последний раз редактировалось:
<a href = "/'.$gazeta['who'].'">'.login($gazeta['who']).'</a> ('.vremya($gazeta['etime']).') ['.$gazeta['cedit'].' раз]</div>'; }
if($gazeta['close'] == 1) {echo '<div class="title"> Журнал закрыл <a href = "/'.$gazeta['close_id'].'"><b>'.login($gazeta['close_id']).'</b></a></div>';}
if($gazeta['close'] == 0 and $u['id']){
echo '<div class="app">';
echo ''.panel().'';
$o = num($_GET['o']);
$user = mysql_fetch_assoc(mysql_query("SELECT `login` FROM `users` WHERE `id` = '".$o."'"));
if($user['login']) $otv = $user['login'].' . ';
echo '<form action="gazeta.php?act=view&id='.$gazeta['id'].'" method="post" name="form">';
echo '<textarea cols="20" rows="3" name="message">';
echo $otv;
echo '</textarea><br/>';
echo "<input type='submit' title='Нажмите для отправки' name='submit' value='Написать' class='submit white'/>
<small>500 <a href = 'smiles.php'>Смайлы</a>
| <a href = 'code.php'>BB-коды</a></small>
</form>";
echo '</div>';
}
if ($u['admin'] >= 1){
if($_GET['del']){
$del = num($_GET['del']);
$commcheck = mysql_num_rows(mysql_query("SELECT * FROM `gazeta_comm` WHERE `id` = '$del' LIMIT 1"));
if ($commcheck) {
mysql_query("DELETE FROM `gazeta_comm` WHERE `id` = '$del'");
header ("Location: gazeta.php?act=view&id=".$gazeta['id']."");
}
}
}
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `gazeta_comm` WHERE `gazeta` = '".$gazeta['id']."'"), 0);
if($all > 0){
$total = intval(($all - 1) / 10) + 1;
$page = num($_GET['page']);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * 10 - 10;
echo '<div class="nav">';
echo ' Комментарии: ('.$all.')';
echo '</div>';
if ($page != $total) {
echo '<div class="title">';
echo '<a name="page-up" style="float: right; text-decoration: none;" href="#page-down"><img src = "ico/page_down.png"></a>';
$sort = check($_GET['sort']);
if($sort == 'comm') {
$sortq = 'ASC';
echo '<a href = "gazeta.php?act=view&id='.$gazeta['id'].'&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
echo '<b>Новые</b> | <a href = "gazeta.php?act=view&id='.$gazeta['id'].'&sort=comm&page='.$page.'">Поcледние</a>';
}
echo '</div>';
}
$result = mysql_query("SELECT * FROM `gazeta_comm` WHERE `gazeta` = '".$gazeta['id']."' ORDER BY `time` $sortq LIMIT $start, 10");
while($comm = mysql_fetch_assoc($result)){
echo $i % 2 ? '<div class="div">' : '<div class="div">';
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$comm["user"]."'"));
$message = checkout($comm['message']);
if(ban($user['id']) || ($user['delete'] == 1)){
echo ''.ico($user['sex'],$user['admin']).' <a href = "/'.$user['id'].'"><del>'.$user['login'].'</del></a> '.online($user['online']).' ';
} else {
echo ''.ico($user['sex'],$user['admin']).' <a href = "/'.$user['id'].'">'.$user['login'].'</a> '.online($user['online']).' ';
}
if($user['rating']>=1000 && $user['rating']<=1999)echo "<img src='ico/b.png' alt='' class='icon'</a>n";
if($user['rating']>=2000 && $user['rating']<=2999)echo "<img src='ico/s.png' alt='' class='icon'</a>n";
if($user['rating']>=3000)echo "<img src='ico/z.png' alt='' class='icon'</a>n";
if($user['vip'] == 1)echo "<img src='ico/vip.gif' alt='' class='icon'</a>n";
echo ' <small>'.vremya($comm['time']).'</small>';
echo '<br/>';
echo ''.smile(links(bb_code(censored($message)))).'';
echo '<br/>';
echo '<small>';
if ($u['admin'] >= 1){ echo '[<a href = "gazeta.php?act=view&id='.$gazeta['id'].'&del='.$comm['id'].'"><b><font color="red">x</font></b>Удал</a>]';
if(ban($user['id'])){
if($comm['user'] != $u['id'])echo ' [<a href = "adminka.php?act=delban_users&id='.$user['id'].'"><font color="red">Разбанить</font></a>]';
} else {
if($comm['user'] != $u['id'])echo ' [<a href = "adminka.php?act=ban_users&id='.$user['id'].'"><font color="red">Бан</font></a>]';
}}
if($comm['user'] != $u['id'] and $gazeta['close'] == 0) echo ' [<a href = "gazeta.php?act=view&id='.$gazeta['id'].'&o='.$user['id'].'">Отв</a>]';
echo '</small>';
echo '</div>';
$i++;
}
if ($page != $total) {
echo '<div class="title">';
echo '<a name="page-down" style="float: right; text-decoration: none;" href="#page-up"><img src = "ico/page_up.png"></a>';
if($sort == 'comm') {
$sortq = 'ASC';
echo '<a href = "gazeta.php?act=view&id='.$gazeta['id'].'&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
echo '<b>Новые</b> | <a href = "gazeta.php?act=view&id='.$gazeta['id'].'&sort=comm&page='.$page.'">Поcледние</a>';
}
echo '</div>';
}
echo '</div>';
navigation($page, $total,'gazeta.php?act=view&id='.$gazeta['id'].'&sort='.$sort.'&');
} else {
error(' Комментариев еще нет !');
}
echo '</div>';
require('foot.php');
} else {
require('head.php');
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php">Журнал</a> <b>Ошибка</b></div>';
error(' Такого журнала нет !');
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Список новостей~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
default:
$title = $title.' | Журнал';
require('head.php');
echo '<div class="title"><img src="ico/gazeta.png" alt="!"/> <b>Журнал</b></div>';
echo '<div class="div"><u>
Мы надеемся, что вам понравятся те материалы,</br>
которые мы смогли подготовить для вас.</br>
На страницах нашего журнала вы найдете много интересного и полезного для себя.
</u></div>';
if ($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 5) echo '<div class="nav"><img src="ico/dirnew.png" alt="!"/> <a href = "?act=add_jurnal">Добавить журнал</a></div>';
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `gazeta`"), 0);
if($all > 0){
$total = intval(($all - 1) / 10) + 1;
$page = intval($_GET['page']);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * 10 - 10;
if ($page != $total) {
echo '<div class="title">';
echo '<a name="page-up" style="float: right; text-decoration: none;" href="#page-down"><img src = "ico/page_down.png"></a>';
$sort = check($_GET['sort']);
if($sort == 'msg') {
$sortq = 'ASC';
echo '<a href = "gazeta.php?&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
echo '<b>Новые</b> | <a href = "gazeta.php?&sort=msg&page='.$page.'">Поcледние</a>';
}
echo '</div>';
}
$result = mysql_query("SELECT * FROM `gazeta` ORDER BY `time` $sortq LIMIT $start, 10");
while($gazeta = mysql_fetch_assoc($result)){
echo $i % 2 ? '<div class="div">' : '<div class="div">';
$name = checkout($gazeta['name']);
if (iconv_strlen($gazeta['message'], 'UTF-8') > 25) {
$gazeta['message'] = iconv_substr($gazeta['message'], 0, 25, 'UTF-8');
$gazeta['message']=''.$gazeta['message'].'...';
}
$message = checkout($gazeta['message']);
echo '<img src="ico/gazeta.png" alt="!"/> <a href = "gazeta.php?act=view&id='.$gazeta['id'].'">'.$name.'</a> <small>'.vremya($gazeta['time']).'</small>';
echo '<br>'.$message.'<br>';
echo '<small>';
if ($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 5) { echo '[<a href = "gazeta.php?act=edit_jurnal&id='.$gazeta['id'].'">Изменить</a>]
[<a href = "gazeta.php?act=delete_jurnal&id='.$gazeta['id'].'"><font color="red"><b>x</b></font> Удал</a>]'; }
echo '</small>';
echo '</div>';
$i++;
}
if ($page != $total) {
echo '<div class="title">';
echo '<a name="page-down" style="float: right; text-decoration: none;" href="#page-up"><img src = "ico/page_up.png"></a>';
if($sort == 'msg') {
$sortq = 'ASC';
echo '<a href = "gazeta.php?&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
echo '<b>Новые</b> | <a href = "gazeta.php?&sort=msg&page='.$page.'">Поcледние</a>';
}
echo '</div>';
}
if ($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 5)
{echo '<div class="nav"><img src="ico/dirnew.png" alt="!"/> <a href = "?act=add_jurnal">Добавить журнал</a></div>';
}
echo '</div>';
navigation($page, $total,'gazeta.php?&sort='.$sort.'&');
} else {
error(' Журналов нет !');
}
echo '</div>';
require('foot.php');
break;
}
?>