Файл: forum.php
Строк: 242
<?php
require 'sys/sid.php';
require 'sys/config.php';
include 'sys/user.php';
include 'sys/head.php';
include 'sys/navigator.php';
visit(0, 'forum');
$q = isset($_GET['q']) ? $_GET['q'] : NULL;
switch($q)
{
default:
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM forum_r"), 0);
if ($count != false)
{
$n = new navigator($count, 10, '?');
$select = mysql_query("SELECT forum_r .*, (SELECT COUNT(*) FROM forum_t WHERE forum_r.id = forum_t.uid) AS count FROM forum_r ORDER BY id ASC {$n->limit}");
while($a = mysql_fetch_assoc($select))
{
echo '<div><a class="link" href="pforum'.$a['id'].'"><b>•</b> ' . $a['name'] . ' (' . $a['count'] . ')</a></div>' ;
}
echo $n->navi();
}
else echo 'Подразделы форума пока не созданы.';
break;
case razdel:
$id = number($_GET['id']);
$control = mysql_query("SELECT id FROM forum_r WHERE id = '$id' LIMIT 1");
if (mysql_num_rows($control) == false)
{
err('Подраздела не существует!');
}
else
{
echo '<img src="images/scroll.png" alt=""/> <a href="create'.$id.'">Создать тему</a>' . separator;
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM forum_t WHERE uid = '$id'"), 0);
if ($count != false)
{
$n = new navigator($count, 10, 'forum'.$id.'&');
$select = mysql_query("SELECT forum_t .*, (SELECT COUNT(*) FROM forum_m WHERE forum_t.id = forum_m.uid) AS count, (SELECT player FROM forum_m WHERE forum_t.id = forum_m.uid ORDER BY id DESC LIMIT 1) AS l, (SELECT player FROM forum_m WHERE forum_t.id = forum_m.uid ORDER BY id ASC LIMIT 1) AS f FROM forum_t WHERE uid = '$id' ORDER BY fixed DESC, last DESC {$n->limit}");
while($a = mysql_fetch_assoc($select))
{
if (isset($a['f']))
{
$last = '<br/>' . user($a['f'], 'nick') . ' / ' . user($a['l'], 'nick') . '';
}
$cl = ($a['close'] == 1) ? '#' : '•';
$fix = ($a['fixed'] == 1)
?
'<div style="background:#FF3370;padding:7px;margin:5px 5px 5px 5px;"><b>'.$cl.'</b> <a href="theme'.$a['id'].'">' . $a['name'] . ' (' . $a['count'] . ')</a><div style="color:#484848;float:right;"><sub>(закреплена)</sub></div></div>'
:
'<div style="padding:7px;margin:5px 5px 5px 5px;"><b>'.$cl.'</b> <a href="theme'.$a['id'].'">' . $a['name'] . ' (' . $a['count'] . ')</a>' . $last . '</div>';
echo $fix . separator;
}
} else echo '<div style="padding: 10px;">Темы пока не созданы!</div>';
}
echo '<a href="forum.php">Вернуться</a>';
break;
case create:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_r WHERE id = '$id' LIMIT 1");
if (mysql_num_rows($control) == false)
{
err('Подраздела не существует!');
}
else
{
if (isset($_POST['add']))
{
$name = trim(mysql_real_escape_string(char($_POST['name'], 0)));
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
if (empty($name))
{
err('Не заполнено название темы!');
}
elseif (empty($msg))
{
err('Не заполнено сообщение!');
}
else
{
mysql_query("INSERT INTO forum_t SET uid = '$id', name = '$name', last = '$rtime'");
$L_id = mysql_insert_id();
mysql_query("INSERT INTO forum_m SET id = '" . mt_rand(1000000, 9999999) . "', rid = '$id', uid = '$L_id', msg = '$msg', player = '$user[id]', time = '$rtime'");
header('location: theme' . $L_id);
}
}
echo '<form method="post" action="create'.$id.'">
Тема:<br/>
<input type="text" name="name" maxlength="255"/>
<br/>
Сообщение:<br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024"></textarea>
<br/>
<input type="submit" name="add" value="Создать"/>
</form>
<a href="pforum'.$id.'">Вернуться</a>';
}
break;
case theme:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
else
{
if (isset($_GET['x']))
{
$x = number($_GET['x']);
$co = mysql_query("SELECT id, player FROM forum_m WHERE id = '$x' LIMIT 1");
$inCo = mysql_fetch_assoc($co);
if (mysql_num_rows($co) != false && $user['level'] == 2 || mysql_num_rows($co) != false && $user['id'] == $inCo['player'])
{
mysql_query("DELETE FROM forum_m WHERE id = '$x' LIMIT 1");
header('location: theme' . $id);
}
else header('location: theme' . $id);
}
$in = mysql_fetch_assoc($control);
$is = mysql_fetch_assoc(mysql_query("SELECT name FROM forum_r WHERE id = '$in[uid]' LIMIT 1"));
if ($user['level'] == 2)
{
$upr = '<br/>
<a href="xtheme'.$id.'">Удалить</a> |
<a href="etheme'.$id.'">Изменить</a> |
<a href="ftheme'.$id.'">' . ($in['fixed'] == 0 ? 'Закрепить' : 'Открепить') . '</a> |
<a href="ctheme'.$id.'">' . ($in['close'] == 0 ? 'Закрыть' : 'Открыть') . '</a><br/>';
}
echo '<u><a href="forum.php">Форумы</a> >
<a href="pforum'.$in['uid'].'">' . $is['name'] . '</a> >
' . $in['name'] . '</u>
' . $upr . ($in['close'] == 0 ? '<br/><img src="images/scroll.png" alt=""/> <a href="write'.$id.'">Написать сообщение</a>' : '') . separator;
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM forum_m WHERE uid = '$id'"), 0);
if ($count != false)
{
$n = new navigator($count, 10, 'theme'.$id.'&');
$select = mysql_query("SELECT * FROM forum_m WHERE uid = '$id' ORDER BY time ASC {$n->limit}");
while($a = mysql_fetch_assoc($select))
{
$d = ($user['level'] == 2) ? '<a href="deltheforum'.$a['id'].'_'.$id.'"><span style="color:#FF3030;">[X]</span></a> ' : '';
$e = ($a['player'] == $user['id'])
? '<a href="edit'.$a['id'].'"><u>редактировать</u></a> | <a href="deltheforum'.$a['id'].'_'.$id.'"><u>удалить</u></a>'
: '<a href="answer'.$a['id'].'"><u>ответить</u></a> | <a href="cite'.$a['id'].'"><u>цитировать</u></a>';
echo $d . 'От: <a href="userinfo_'.user($a['player'], 'nick').'">' . user($a['player'], 'nick') . ' (' . (user($a['player'], 'race') == 1 ? 'Люди' : 'Некроманты') . ')</a>
<img src="images/time.png" alt=""/> ' . timeAgo($a['time']) .'<br/>
<div style="border: #FFF 1px dotted;padding: 7px;margin: 5px 5px 5px 20px;">' . smiles($a['msg']) . '</div>
' . ($in['close'] == 0 ? $e : '') . separator;
}
echo $n->navi() . '<br/>';
} else echo 'Сообщений пока нет.<br/><br/>';
}
if ($in['close'] == 1) err('Тема закрыта для обсуждения.');
echo '<a href="pforum'.$in['uid'].'">Вернуться</a>';
break;
case write:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
$is = mysql_fetch_assoc($control);
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
elseif ($is['close'] == 1)
{
err('Тема закрыта для обсуждения.');
}
else
{
if (isset($_POST['add']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
if (empty($msg))
{
err('Пустое сообщение не допустимо!');
}
else
{
mysql_query("INSERT INTO forum_m SET id = '" . mt_rand(1000000, 9999999) . "', rid = '$is[uid]', uid = '$id', player = '$user[id]', time = '$rtime', msg = '$msg'");
mysql_query("UPDATE forum_t SET last = '$rtime' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
}
echo '<form method="post" action="write'.$id.'">
Сообщение:<br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024"></textarea>
<br/>
<input type="submit" name="add" value="Добавить"/>
</form>
<a href="theme'.$id.'">Вернуться</a>';
}
break;
case answer:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_m WHERE id = '$id' LIMIT 1");
$is = mysql_fetch_assoc($control);
$co = mysql_query("SELECT * FROM forum_t WHERE id = '$is[uid]' LIMIT 1");
$in = mysql_fetch_assoc($co);
if (mysql_num_rows($control) == false)
{
err('Сообщение не найдено!');
}
elseif ($in['close'] == 1)
{
err('Тема закрыта для обсуждения.');
}
elseif ($is['player'] == $user['id'])
{
header('location: theme' . $in['id']);
}
else
{
if (isset($_POST['add']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
if (preg_match("/^".user($is['player'], 'nick').",$/si", $msg, $out) && empty($out[1])) $msg = NULL;
if (mb_strlen($msg, 'UTF8') > 1024) $msg = mb_substr($msg, 0, 1024, 'UTF8');
$inMsg = preg_replace('/^(.*),s(.*?)$/si', '2', $msg);
if (!empty($inMsg))
{
mysql_query("INSERT INTO forum_m SET id = '" . mt_rand(1000000, 9999999) . "', rid = '$in[uid]', uid = '$in[id]', player = '$user[id]', time = '$rtime', msg = '$msg'");
mysql_query("UPDATE forum_t SET last = '$rtime' WHERE id = '$in[id]' LIMIT 1");
}
header('location: theme' . $in['id']);
}
echo '<form method="post" action="answer'.$id.'">
Сообщение:<br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024">' . user($is['player'], 'nick') . ', </textarea>
<br/>
<input type="submit" name="add" value="Добавить"/>
</form>
<a href="theme'.$in['id'].'">Вернуться</a>';
}
break;
case edit:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_m WHERE id = '$id' LIMIT 1");
$is = mysql_fetch_assoc($control);
$co = mysql_query("SELECT * FROM forum_t WHERE id = '$is[uid]' LIMIT 1");
$in = mysql_fetch_assoc($co);
if (mysql_num_rows($control) == false)
{
err('Сообщение не найдено!');
}
elseif ($in['close'] == 1)
{
err('Тема закрыта для обсуждения.');
}
elseif ($is['player'] != $user['id'])
{
err('Это не твое сообщение!');
}
else
{
if (isset($_POST['add']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
if (mb_strlen($msg, 'UTF8') > 1024) $msg = mb_substr($msg, 0, 1024, 'UTF8');
if (!empty($msg))
{
if (stripos($is['msg'], '<div') !== false)
{
$cmsg = preg_replace('/<div style="background:#FF3370;">(.*)</div>(.*)/usi', '1', $is['msg']);
$msg = '<div style="background:#FF3370;">' . $cmsg . '</div>' . $msg;
}
mysql_query("UPDATE forum_m SET msg = '$msg' WHERE id = '$id' LIMIT 1");
mysql_query("UPDATE forum_t SET last = '$rtime' WHERE id = '$in[id]' LIMIT 1");
}
header('location: theme' . $in['id']);
}
$imsg = preg_replace('/<div(.*)</div>(.*)/usi', '2', $is['msg']);
echo '<form method="post" action="edit'.$id.'">
Сообщение:<br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024">' . str_replace('<br />', '', $imsg) . '</textarea>
<br/>
<input type="submit" name="add" value="Сохранить"/>
</form>
<a href="theme'.$in['id'].'">Вернуться</a>';
}
break;
case cite:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_m WHERE id = '$id' LIMIT 1");
$is = mysql_fetch_assoc($control);
$co = mysql_query("SELECT * FROM forum_t WHERE id = '$is[uid]' LIMIT 1");
$in = mysql_fetch_assoc($co);
if (mysql_num_rows($control) == false)
{
err('Сообщение не найдено!');
}
elseif ($in['close'] == 1)
{
err('Тема закрыта для обсуждения.');
}
elseif ($is['player'] == $user['id'])
{
header('location: theme' . $in['id']);
}
else
{
if (isset($_POST['add']))
{
$msg = trim(mysql_real_escape_string(char($_POST['msg'], 0)));
if (mb_strlen($msg, 'UTF8') > 1024) $msg = mb_substr($msg, 0, 1024, 'UTF8');
if (!empty($msg))
{
$imsg = preg_replace('/<div(.*)</div>(.*)/usi', '2', $is['msg']);
$msg = '<div style="border:1px #FFF solid;background:#FF3370;"><u>' . user($is['player'], 'nick') . '</u>:<br/>' . $imsg . '<div style="color:#484848;float:right;"><sup>цитата</sup></div></div>' . $msg;
mysql_query("INSERT INTO forum_m SET id = '" . mt_rand(1000000, 9999999) . "', rid = '$in[uid]', uid = '$in[id]', player = '$user[id]', time = '$rtime', msg = '$msg'");
mysql_query("UPDATE forum_t SET last = '$rtime' WHERE id = '$in[id]' LIMIT 1");
}
header('location: theme' . $in['id']);
}
echo '<form method="post" action="cite'.$id.'">
Сообщение:<br/>
<textarea name="msg" cols="20" rows="4" maxlength="1024"></textarea>
<br/>
<input type="submit" name="add" value="Цитировать"/>
</form>
<a href="theme'.$id.'">Вернуться</a>';
}
break;
case ctheme:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
if ($user['level'] != 2)
{
header('location: theme' . $id);
die();
}
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
else
{
$is = mysql_fetch_assoc($control);
if ($is['close'] == 0)
{
mysql_query("UPDATE forum_t SET close = '1' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
else
{
mysql_query("UPDATE forum_t SET close = '0' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
}
break;
case ftheme:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
if ($user['level'] != 2)
{
header('location: theme' . $id);
die();
}
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
else
{
$is = mysql_fetch_assoc($control);
if ($is['fixed'] == 0)
{
mysql_query("UPDATE forum_t SET fixed = '1' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
else
{
mysql_query("UPDATE forum_t SET fixed = '0' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
}
break;
case etheme:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
if ($user['level'] != 2)
{
header('location: theme' . $id);
die();
}
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
else
{
$is = mysql_fetch_assoc($control);
if (isset($_POST['ok']))
{
$name = trim(mysql_real_escape_string(char($_POST['name'], 0)));
if (empty($name))
{
header('location: theme' . $id);
}
else
{
mysql_query("UPDATE forum_t SET name = '$name' WHERE id = '$id' LIMIT 1");
header('location: theme' . $id);
}
}
echo '<form method="post" action="etheme'.$id.'">
Тема:<br/>
<input type="text" name="name" maxlength="255" value="'.$is['name'].'"/>
<br/>
<input type="submit" name="ok" value="Сохранить"/>
</form>
<a href="theme'.$id.'">Вернуться</a>';
}
break;
case xtheme:
$id = number($_GET['id']);
$control = mysql_query("SELECT * FROM forum_t WHERE id = '$id' LIMIT 1");
if ($user['level'] != 2)
{
header('location: theme' . $id);
die();
}
if (mysql_num_rows($control) == false)
{
err('Темы не существует!');
}
else
{
$is = mysql_fetch_assoc($control);
mysql_query("DELETE FROM forum_m WHERE uid = '$id'");
mysql_query("DELETE FROM forum_t WHERE id = '$id' LIMIT 1");
msg('Тема удалена!');
echo '<a href="forum.php">Вернуться</a>';
}
break;
}
echo '<br/><a href="/">На главную</a>';
include 'sys/foot.php';
?>