Файл: news.php
Строк: 161
<?php
require 'sid.php';
require 'config.php';
$link = connect_db();
list($user, $id, $ps) = check_login($link);
whorm(0, 'news');
include 'head.php';
include 'navigator.php';
echo $div_title . 'Новости' . $div_end;
$do = isset($_GET['do']) ? $_GET['do'] : NULL;
switch($do) {
default:
$look = mysql_result(mysql_query("SELECT COUNT(*) FROM `news`"), 0);
echo $div_left;
if ($look != false) {
$n = new navigator($look, 10, '?');
$result = mysql_query("SELECT `news`.*,(SELECT COUNT(*) FROM `newscomm` WHERE `newscomm`.`id_new`=`news`.`id`) AS c FROM `news` ORDER BY `news`.`id` DESC {$n->limit}");
$i = 0;
while($sql = mysql_fetch_assoc($result)) {
$cont = (mb_strlen($sql['content'], 'UTF8') > 100)
? mb_substr($sql['content'], 0, 100, 'UTF8') . '...'
: $sql['content'];
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="news.php?do=view&i='.$sql['id'].'">'.$sql['name'].'</a>
<br/> ' . bb_code($cont) . '<br/><a href="news.php?do=view&i='.$sql['id'].'">Комментарии (' . $sql['c'] . ')</a>' . $div_end;
}
echo $n->navi();
} else {
echo 'Новостей нет!<br/>';
}
echo $div_end;
break;
case view:
$i = my_int($_GET['i']);
$n = mysql_query("SELECT * FROM `news` WHERE `id` = '$i' LIMIT 1");
$inf = mysql_fetch_assoc($n);
if (!isset($_SESSION["newlook$i"])) $_SESSION[$i] = 0;
if ($_SESSION["newlook$i"] <> 1) {
$_SESSION["newlook$i"]++;
mysql_query("UPDATE `news` SET `look` = `look` + '1' WHERE `id` = '$i'");
}
// положительный голос
if (isset($_GET['like']))
{
$prv = mysql_query("SELECT `id` FROM `rating_news` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_news` SET `uid` = '$i', `who` = '$user[id]', `like` = '1'");
msg('Ваш голос принят!');
}
}
// отрицательный голос
if (isset($_GET['dlike']))
{
$prv = mysql_query("SELECT `id` FROM `rating_news` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_news` SET `uid` = '$i', `who` = '$user[id]', `dlike` = '1'");
msg('Ваш голос принят!');
}
}
echo $div_left;
if (mysql_num_rows($n) == FALSE) {
header('Location: news.php?' . $ref);
} else {
$edit = (!empty($inf['edit'])) ? $div_razdel . 'Редактировалось: ' . date('d.m.Y H:i', $inf['edit']) . $div_end : '';
$_edit = ($user['level'] == 4 || $user['level'] == 5)
?
'<a href="admin.php?do=editnews&i='.$inf['id'].'"><img src="ico/edit.gif" alt=""/></a>
<a href="admin.php?do=delnews&i='.$inf['id'].'"><img src="ico/delete.gif" alt=""/></a> '
:
'';
$inf['content'] = smiles(bb_code($inf['content']));
echo date('d-m-Y H:i', $inf['date']) . $block . $_edit . $inf['content'] . $edit . '
Просмотров: ' . $inf['look'] . $block;
// Голосование //
$i_vote = mysql_query("SELECT `id` FROM `rating_news` WHERE `uid` = '$i' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($i_vote) == FALSE) {
echo '<a href="news.php?do=view&i='.$i.'&like">
<img src="ico/like.gif" alt="+"/></a>
Мне нравится
<a href="news.php?do=view&i='.$i.'&dlike">
<img src="ico/dlike.gif" alt="-"/></a>' . $block;
} else {
$like = mysql_result(mysql_query("SELECT SUM(`like`) FROM `rating_news` WHERE `uid` = '$i'"), 0);
$dlike = mysql_result(mysql_query("SELECT SUM(`dlike`) FROM `rating_news` WHERE `uid` = '$i'"), 0);
echo '<img src="ico/like.gif" alt="+"/>' . $like . ' |
<img src="ico/dlike.gif" alt="-"/> ' . $dlike . $block;
}
// Голосование //
}
if (isset($_GET['order']) && $_GET['order'] == 2) {
$sort = '<b>вверху</b> | <a href="news.php?do=view&i='.$i.'&order=1">внизу</a>';
$ord = 'DESC';
} elseif (isset($_GET['order']) && $_GET['order'] == 1) {
$sort = '<a href="news.php?do=view&i='.$i.'&order=2">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
} else {
$sort = '<a href="news.php?do=view&i='.$i.'&order=2">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
}
echo $div_menu . 'Новые: ' . $sort . $div_end;
if (isset($_GET['d'])) {
$d = my_int($_GET['d']);
if ($user['level'] != 4 && $user['level'] != 5) {
header('Location: news.php?do=view&i=' . $i);
die();
}
$ecom = mysql_query("SELECT `id` FROM `newscomm` WHERE `id` = '$d' LIMIT 1");
if (mysql_num_rows($ecom) != FALSE) {
mysql_query("DELETE FROM `newscomm` WHERE `id` = '$d' LIMIT 1");
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
}
if (isset($_POST['add_com'])) {
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (empty($mes)) {
header('Location: news.php?do=view&i=' . $i);
} else {
// транслит
if ($user['translit'] == 1) {
$mes = trun_to_rus($mes);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$mes = ($ant[0] == 1) ? mat($mes) : $mes;
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $mes)) {
$mes = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $mes);
}
}
}
// Оповещание последнему постеру
$lst = mysql_fetch_assoc(mysql_query("SELECT `user` FROM `newscomm` WHERE
`id_new` = '$i'
ORDER BY `id` DESC LIMIT 1"));
if ($user['id'] != $lst['user']) {
$NameNew = mysql_fetch_array(mysql_query("SELECT `name` FROM `news` WHERE `id` = '$i' LIMIT 1"));
$message = 'Оставлено сообщение к новости <a href="news.php?do=view&i='.$i.'">'.$NameNew[0].'</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '$lst[user]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
mysql_query("INSERT INTO `newscomm` SET
`date` = '" . date('d.m.y H:i') . "',
`msg` = '$mes',
`id_new` = '$i',
`user` = '$user[id]'");
header('Location: news.php?do=view&i=' . $i);
}
}
$coms = mysql_result(mysql_query("SELECT COUNT(*) FROM `newscomm` WHERE `id_new` = '$i'"), 0);
if ($coms != false) {
$n = new navigator($coms, $user['onp_comments'], '?do=view&i='.$i.'&');
$res = mysql_query("SELECT * FROM `newscomm` WHERE `id_new` = '$i' ORDER BY `id` $ord {$n->limit}");
$dv = 0;
while($s = mysql_fetch_assoc($res)) {
$del = ($user['level'] == 4 || $user['level'] == 5) ? '<a href="news.php?do=view&d='.$s['id'].'"><img src="ico/delete.gif" alt=""/></a> ' : '';
$otv = ' <a href="news.php?do=view&i='.$i.'&k='.$s['user'].'&#down">[*]</a>';
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo $del . us($s['user']) . $otv . '<br/>' . $s['date'] . '<br/>' . smiles(bb_code($s['msg'])) . $div_end;
}
echo $n->navi();
} else {
echo 'Комментариев нет!<br/>';
}
$Komu = (isset($_GET['k'])) ? user_inf(my_int($_GET['k']), 'user') . ', ' : '';
echo '<a name="down"></a>
<b>Комментарий:</b><br/>
Вставить <a href="faq.php?do=smile">[смайлы]</a>
<a href="faq.php?do=bb">[бб-коды]</a><br/>
<FORM method="POST" action="news.php?do=view&i='.$i.'">
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . $Komu . '</textarea>
<br/>
<input type="submit" name="add_com" value="Добавить"/>
</FORM>';
echo $div_end;
break;
}
include 'foot.php';
?>