Файл: newkomm.php
Строк: 89
<?php
include 'system/sys.php';
include 'system/funcs.php';
if (!isset ($us)) {
header ('location: /');
exit;
}
if (!isset ($_GET['id'])) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `new` WHERE (`id`=?)", array (intval ($_GET['id'])));
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
$new = $query -> fetch ();
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $new['us'] . "')");
H ('Новость ' . $u['nick'], 'Новость ' . uNick ($u['id']));
echo '<div class="list1">';
echo uNick ($new['kem']) . ' (' . datef ($new['t']) . ')<br/>';
if (!empty ($new['komm'])) {
echo 'Комментарий: <b>' . bb ($new['komm']) . '</b><br/>';
}
if ($new['id_p']!=0) {
$p = DB :: $dbs -> queryFetch ("SELECT * FROM `forum_p` WHERE (`id`='" . $new['id_p'] . "')");
$t = DB :: $dbs -> queryFetch ("SELECT * FROM `forum_t` WHERE (`id`='" . $p['id_t'] . "')");
echo '<img src="/images/re.png" alt=""/> ' . uNick ($p['us']) . '<br/>';
echo 'Тема: <a href="/forum/thema' . $t['id'] . '"><b>' . $t['name'] . '</b></a><br/>';
echo 'Сообщение: ';
if ($p['del']==0) {
if (mb_strlen ($p['text']) > 150) {
echo mb_substr (bb ($p['text']), 0, 150) . '.. <img src="" alt=""/><br/>';
echo '<a href="/newkomm.php?id=' . $new['id'] . '">читать полностью</a>';
}
else {
echo bb ($p['text']);
}
}
else {
echo '<b>Сообщение удалено!</b>';
}
}
//
if ($new['id_f']!=0) {
$f = DB :: $dbs -> queryFetch ("SELECT * FROM `zc_f` WHERE (`id`='" . $new['id_f'] . "')");
echo '<img src="/images/re.png" alt=""/> ' . uNick ($f['us']) . '<br/>';
echo 'Файл: <a href="/zc/file' . $f['id'] . '"><b>' . $f['name'] . '</b></a>';
}
echo '<br/>';
//
if (!empty ($new['text'])) {
echo bb ($new['text']);
}
echo '</div>';
$_GET['komu'] = isset ($_GET['komu']) ? intval ($_GET['komu']) : 0;
if ($_GET['komu']!=0) {
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`=?)", array (intval ($_GET['komu'])));
if ($query -> rowCount () == 0) {
header ('location: /newkomm.php?id=' . $new['id']);
exit;
}
$komu = $query -> fetch ();
if ($komu['id']==$us['id']) {
header ('location: /newkomm.php?id=' . $new['id']);
exit;
}
}
echo '<div class="lst">';
echo '<form action="/newkomm.php?id=' . $new['id'] . '&add" method="post">';
echo 'Комментарий: <input name="komm" value="' . ($_GET['komu']!=0 ? '[b]' . $komu['nick'] . '[/b], ' : '') . '"/> <input type="submit" value="Добавить"/>';
echo '</form>';
echo '</div>';
//
if (isset ($_GET['add'])) {
$_POST['komm'] = htmlspecialchars (addslashes (trim ($_POST['komm'])));
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `new_komm` WHERE (`us`='" . $us['id'] . "') AND (`t`>'" . (time () - 30) . "')") != 0) {
echo '<div class="list1">Вы пишите слишком часто..</div>';
}
elseif (empty ($_POST['komm'])) {
echo '<div class="list1">Вы не ввели текст комментария..</div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `new_komm` (`id_new`, `us`,`text`,`t`, `komu`) VALUES ('" . $new['id'] . "', '" . $us['id'] . "', ?, '" . time () . "', '" . $komu['id'] . "')", array ($_POST['komm']));
if ($new['kem']!=$us['id']) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} ответил в комментариях к вашей [url=/newkomm.php?id=" . $new['id'] . "]новости[/url]!', '" . time () . "', '" . $new['kem'] . "')");
}
if ($_GET['komu']!=0) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} ответил вам в комментариях в [url=/newkomm.php?id=" . $new['id'] . "]новости[/url]!', '" . time () . "', '" . $komu['id'] . "')");
}
header ('location: /newkomm.php?id=' . $new['id']);
}
}
if (isset ($_GET['del'])) {
$query = DB :: $dbs -> query ("SELECT * FROM `new_komm` WHERE (`id`=?)", array (intval ($_GET['del'])));
if ($query -> rowCount () == 0) {
header ('location: /newkomm.php?id=' . $new['id']);
exit;
}
$komm = $query -> fetch ();
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $komm['us'] . "')");
if ($komm['us']!=$us['id'] && $us['level']<2 || $u['level']>$us['level']) {
header ('location: /newkomm.php?id=' . $new['id']);
exit;
}
DB :: $dbs -> query ("DELETE FROM `new_komm` WHERE (`id`='" . $komm['id'] . "')");
header ('location: /newkomm.php?id=' . $new['id']);
}
$items = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `new_komm` WHERE (`id_new`='" . $new['id'] . "')");
$items_per_page = 10;
$pages = ceil ( $items / $items_per_page );
$page = (int) $_GET['page'];
if ($page < 1) {
$page = 1;
}
if ($page > $pages) {
$page = $pages;
}
$start = $page * $items_per_page - $items_per_page;
if ($items == 0) {
echo 'Комментариев нет..';
}
else {
$query = DB :: $dbs -> query ("SELECT * FROM `new_komm` WHERE (`id_new`='" . $new['id'] . "') ORDER BY `id` DESC LIMIT $start, $items_per_page");
while ($komm = $query -> fetch ()) {
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $komm['us'] . "')");
echo '<div class="lst">';
echo uNick ($komm['us']) . ' (' . datef ($komm['t']) . ')';
if ($komm['us']!=$us['id']) {
echo ' [<a href="/newkomm.php?id=' . $new['id'] . '&komu=' . $komm['us'] . '">отв</a>] ';
}
if ($komm['us']==$us['id'] && $us['level']>1 || $new['us']==$us['id'] || $u['level']<$us['level'] && $us['level']>1) {
echo ' [<a href="/newkomm.php?id=' . $new['id'] . '&del=' . $komm['id'] . '">x</a>] ';
}
echo '<br/>';
echo bb ($komm['text']);
echo '</div>';
}
}
echo '<div class="list1"><a href="/us' . $u['id'] . '">В анкету ' . $u['nick'] . '</a></div>';
F ();