Файл: groups/chat.php
Строк: 78
<?php
require '../sid.php';
require '../config.php';
$link = connect_db();
list($user, $id, $ps) = check_login($link);
whorm(0, 'groups');
include '../head.php';
include '../navigator.php';
$g = my_int($_GET['g']);
$club = my_int($_GET['club']);
$ingr = mysql_query("SELECT * FROM `groups` WHERE
`uid` = '$g'
AND
`id` = '$club'
AND
`author` = '$user[id]'
OR
`user` = '$user[id]'
AND
`open` = '1'
AND
`in_group` = '$club' LIMIT 1");
$is = mysql_fetch_assoc($ingr);
$vChat = mysql_fetch_assoc(mysql_query("SELECT `view_chat`, `name` FROM `groups` WHERE `uid` = '$g' AND `id` = '$club' LIMIT 1"));
$AvtGr = mysql_fetch_array(mysql_query("SELECT `author` FROM `groups` WHERE `id` = '$club' AND `uid` = '$g' LIMIT 1"));
$AvtGr2 = mysql_fetch_array(mysql_query("SELECT `user`, `liven` FROM `groups` WHERE `in_group` = '$club' AND `uid` = '$g' LIMIT 1"));
if (mysql_num_rows($ingr) == FALSE && $vChat['view_chat'] == 0) {
err('Чат доступен только для участников группы!'.$is['view_chat']);
include '../foot.php';
exit();
}
echo $div_title . 'Чат' . $div_end . $div_left . $div_menu . '
<a href="index.php?do=groups">Все группы</a> |
<a href="index.php?do=club&g='.$g.'&club='.$club.'">' . $vChat['name'] . '</a>' . $div_end;
if (isset($_POST['send'])) {
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
// Антифлуд
if (!isset($_SESSION['flood_time'])) $_SESSION['flood_time'] = 0;
if ($_SESSION['flood_time'] > time()) {
$mess = mysql_result(mysql_query("SELECT COUNT(*) FROM `groups_chat` WHERE
`user` = '$user[id]'
AND
`club` = '$club'
AND
`uid` = '$g'
AND
`time` < '" . $_SESSION['flood_time'] . "'"), 0);
if ($mess > 0) {
header('Location: chat.php?g='.$g.'&club='.$club.'&flood');
die();
}
}
$_SESSION['flood_time'] = time() + 10; // Время интервала антифлуда
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
$ids = rand(1000000, 9999999);
mysql_query("INSERT INTO `groups_chat` SET
`id` = '$ids',
`time` = '" . time() . "',
`msg` = '$msg',
`user` = '$user[id]',
`club` = '$club',
`uid` = '$g'");
header('Location: chat.php?g='.$g.'&club=' . $club);
}
if (isset($_GET['say'])) {
$say = my_int($_GET['say']);
if (!user_inf($say)) {
header('Location: chat.php?g='.$g.'&club=' . $club);
} else {
$komu = user_inf($say, 'user') . ', ';
}
}
if (mysql_num_rows($ingr) != FALSE) {
echo '<FORM method="POST" action="chat.php?g='.$g.'&club='.$club.'">
<textarea name="msg" cols="50" rows="5" style="width: 99%;">' . $komu . '</textarea>
<br/>
<input type="submit" name="send" value="Сказать"/>
</FORM>' . $block;
}
if (isset($_GET['flood'])) err('Антифлуд 10сек.');
if (isset($_GET['x'])) {
if ($AvtGr[0] != $user['id'] && $AvtGr2[1] != 1 && $AvtGr2[0] == $user['id']) {
header('Location: chat.php?g='.$g.'&club=' . $club);
die();
}
$x = my_int($_GET['x']);
$em = mysql_query("SELECT * FROM `groups_chat` WHERE `uid` = '$g' AND `id` = '$x' LIMIT 1");
if (mysql_num_rows($em) != FALSE) {
mysql_query("DELETE FROM `groups_chat` WHERE `uid` = '$g' AND `id` = '$x' LIMIT 1");
header('Location: chat.php?g='.$g.'&club=' . $club);
} else {
header('Location: chat.php?g='.$g.'&club=' . $club);
}
}
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `groups_chat` WHERE `uid` = '$g' AND `club` = '$club'"), 0);
$n = new navigator($count, $user['room_post'], '?g='.$g.'&club='.$club.'&');
if ($count != FALSE) {
$look = mysql_query("SELECT * FROM `groups_chat` WHERE `uid` = '$g' AND `club` = '$club' ORDER BY `time` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($look)) {
$refresh = $user['refresh'];
$refresh = $refresh / 2;
if ($refresh !== 0) echo '<META HTTP-EQUIV="Refresh" CONTENT="' . $refresh . '"; URL=chat.php?g='.$g.'club='.$club.'">';
##############
$a['msg'] = (stripos($a['msg'], $user['user'] . ', ') !== false)
?
$a['msg'] = str_replace($user['user'], '<u>' . $user['user'] . '</u>', $a['msg'])
:
$a['msg'] = $a['msg'];
##############
if ($AvtGr[0] == $user['id'] || $AvtGr2[1] == 1 && $AvtGr2[0] == $user['id']) {
$delpost = '<a href="chat.php?g='.$g.'&club='.$club.'&x='.$a['id'].'"><img src="../ico/delete.gif"></a> ';
}
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $delpost . '<a href="chat.php?g='.$g.'&club='.$club.'&say=' . $a['user'] . '&'.rand(1000, 9999).'">'.cvetnik($a['user']) . '</a> (' . date('H:i:s', $a['time']) . ')> ' . smiles($a['msg']) . $div_end;
}
echo $n->navi();
} else {
echo 'Здесь никто не писал!<br/>';
}
echo $div_end;
include '../foot.php';
?>