Файл: moduls/forum.php
Строк: 201
<?php
include_once'../system/xcms_core.php';$title='Форум';
if($_COOKIE['style']=='web')require_once '../system/web_head.php'; else require_once '../system/head.php';
switch($act){
case 'last_post':
echo'<div class="menu" style="text-align:center;"><a href="/forum/last_thread">Последние темы</a> | Последние сообщения</div>';
$sex=$db->query("select * from `posts` order by `id` desc limit $set[p_str]");
$total=$db->query("select `id` from `posts`")->rowCount();
if($total>0){
while($fex=$sex->fetch(PDO::FETCH_ASSOC)){
$theme = $db->query("SELECT * FROM `themes` WHERE `id`='$fex[id_theme]'")->fetch(PDO::FETCH_ASSOC);
$avtor = $db->query("SELECT * FROM `user` WHERE `id`='$fex[author_id]'")->fetch(PDO::FETCH_ASSOC);
echo'<div class="menu">'.nl2br($fex['text']).'..<br />
В теме: <a href="/forum/theme'.$theme['id'].'/page=end">'.$theme['name'].'</a> | От кого: <a href="/profile'.$avtor['id'].'">'.$avtor['login'].'</a></div>';
}
}else{echo'<div class="menu">Постов еще нет</div>';}
back('/forum');
break;
case 'last_thread':
echo'<div class="menu" style="text-align:center;">Последние темы | <a href="/forum/last_post">Последние сообщения</div>';
$sex=$db->query("select * from `themes` order by `id` desc limit $set[p_str]");
$total=$db->query("select `id` from `themes`")->rowCount();
if($total>0){
while($fex=$sex->fetch(PDO::FETCH_ASSOC)){
$avtor=$db->query("select * from `user` where `id`='$fex[author_id]'")->fetch(PDO::FETCH_ASSOC);
echo'<div class="menu"><a href="/profile'.$avtor['id'].'">'.$avtor['login'].'</a> → <a href="/forum/theme'.$fex['id'].'">'.$fex['name'].'</a> → '.clock($fex['time']).'</div>';
}
}else{echo'<div class="menu">Тем еще нет</div>';}
back('/forum');
break;
case 'add_theme':
if($user){
$q=$db->query("select * from `forum` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
if($q){
echo '<div class="head">Создание темы</div><div class="menu">';
if(($time-$user['flood'])>$da['flood']){
if(!empty($_POST['name']) and !empty($_POST['text'])){
$name=nl2br(smiles(bb_code(protect($_POST['name']))));$name_strl=strlen($name);
$text=nl2br(smiles(bb_code(protect($_POST['text']))));$text_strl=strlen($text);
if($name_strl>$da['min_simb'] and $text_strl>$da['min_simb']){
$db->query("INSERT INTO `themes` SET `id_forum` = '$id',`name` = '$name',`author_id` = '$user[id]',`time`= '$time',`status`='1',`avtor`='$user[id]',`time_last`='$time'");
$new = $db->lastInsertId();
$db->query("INSERT INTO `posts` SET `id_theme` = '$new',`id_forum`='$id',`author_id` = '$user[id]',`text` = '$text',`time` = '$time'");
$db->prepare("UPDATE `users` SET `flood`='$time', `posts`=`posts`+1, `balans`=`balans`+2 WHERE `id` = '$user[id]'")->execute();
echo'<meta http-equiv="refresh" content="0; url = /forum/theme'.$new.'">';
}else{echo'Слишком короткий текст';}
}else{
echo'<form action="#" method="post">
Название темы:<br /><input type="text" name="name"/><br />
Текст:<br /><textarea name="text"></textarea><br />
<input type="submit" value="Создать тему">
</form><a href="/info/bb">BB коды</a> | <a href="/info/smiles">Смайлы</a>';
}
}else{echo'Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.';}
echo'</div>';
back('/forum/'.$id);
}else{echo'<div class="menu">Ошибка идентификатора</div>';}
}else{echo'<div class="menu">Ошибка авторизации</div>';}
break;
case 'theme':
$q=$db->query("select * from `themes` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
if($q){
if(!empty($_POST['text']) and isset($_POST['text'])){
if($user){
$text=nl2br(smiles(bb_code(protect($_POST['text']))));
$text_strl=strlen($text);
if($q['status']>0 and $user){
if($text_strl>$da['min_simb']){
if(($time-$user['flood'])>$da['flood']){
$uploadfile = "../files_forum/".$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)){
$file=$_FILES['file']['name'];
}else{$file=0;}
if(!empty($_GET['reply'])){
$reply=protect(intval($_GET['reply']));
$w=$db->query("select * from `posts` where `id`='$reply'")->fetch(PDO::FETCH_ASSOC);
if($w){
$reply=$w['id'];
if($w['author_id']!==$user['id'])$db->query("insert into `notice` set `to`='$w[author_id]', `text`='Пользователь <a href="/profile$user[id]">$user[login]</a> ответил вам <a href="/forum/theme$id">в теме</a>', `time`='$time', `status`='1'");
}else{$reply=0;}
}else{$reply=0;}
$db->query("INSERT INTO `posts` SET `id_theme` = '$id',`id_forum`= '$q[id_forum]',
`author_id` = '$user[id]',`text` = '$text',`time` = '$time',`status`='1',`file`='$file', `reply_to`='$reply'");
$db->prepare("update `themes` set `time_last`='$time' where `id`='$id'")->execute();
$db->prepare("update `user` set `flood`='$time', `balans`=`balans`+1, `posts`=`posts`+1 where `id`='$user[id]'")->execute();
echo'<meta http-equiv="refresh" content="0; url = /forum/theme'.$id.'/page=end">';
}else{echo'<div class="menu">Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.</div>';}
}else{echo'<div class="menu">Мин. длина текста - '.$da['min_simb'].' символов</div>';}
}else{echo'<div class="menu">Ошибка</div>';}
}else{echo'<div class="menu">Ошибка авторизации</div>';}
}else{
$getpost=protect(intval($_GET['post']));
$razd=$db->query("select * from `forum` where `id`='$q[id_forum]'")->fetch(PDO::FETCH_ASSOC);
echo'<div class="head"><a href="/forum">Форум</a> / <a href="/forum/cat'.$q['id_forum'].'">'.$razd['name'].'</a> / '.$q['name'].'</div>';
if($user['level']==1)echo'<div class="menu" style="text-align:center;"><a href="/moduls/delete.php?act=8&id='.$id.'">Удалить</a> | <a href="/moduls/edit.php?act=6&id='.$id.'">Редактировать</a> | <a href="#text">Написать</a></div>';
$k_post=$db->query("select `id` from `posts` where `id_theme`='$id'")->rowCount();
$k_page=k_page($k_post,$set['p_str']);$page=page($k_page);$start=$set['p_str']*$page-$set['p_str'];
$sql=$db->query("select * from `posts` where `id_theme`='$id' order by `time` asc limit $start, $set[p_str]");
while($res=$sql->fetch(PDO::FETCH_ASSOC)){
$author = $db->query("SELECT * FROM `user` WHERE `id` = '$res[author_id]' ")->fetch(PDO::FETCH_ASSOC);
echo'<div class="menu" style="border:1px solid #f0f0f0;">'.avatar($author['avatar']).'
<a href="/profile'.$author['id'].'">'.$author['login'].'</a> '.lvl($author['id'], $author['level']);
if($user['level']=='1')echo' <a href="/moduls/delete.php?act=9&id='.$res['id'].'">[x]</a> <a href="/moduls/edit.php?act=5&id='.$res['id'].'">[ред]</a> ';
if($user)echo' <a href="/dialog/'.$res['author_id'].'">[лс]</a> <a href="/forum/theme'.$id.'/page='.$page.'/reply'.$res['id'].'">[отв]</a>';
echo'<br /><small>'.clock($res['time']).'</small><br />';
if($res['reply_to']){
$w=$db->query("select * from `posts` where `id`='$res[reply_to]'")->fetch(PDO::FETCH_ASSOC);
if($w){$e=$db->query("select `login` from `user` where `id`='$w[author_id]'")->fetch(PDO::FETCH_ASSOC);
echo '<div class="citatka"><a href="/profile'.$w['author_id'].'">'.$e['login'].'</a>: '.nl2br($w['text']).'</div>';}
}
echo nl2br($res['text']);
if($res['file'])echo'<br /><br />'.image('attachment.png').' <a href="/files_forum/'.$res['file'].'">'.$res['file'].'</a><br />'.sizer('../files_forum/'.$res['file']).'';
echo'</div>';
#echo'<div style="background-color:#f0f0f0;padding:6px;text-align:right;margin-bottom:2px;"><a href="#" style="background-color:#ace028;padding:3px;">+</a> 0 <a href="#" style="background-color:#e03431;padding:3px;">-</a></div>';
}
if($user){
if($q['status']>0){
if(($time-$user['flood'])>$da['flood']){
if(!empty($_GET['reply'])){
$r=$db->query("select * from `posts` where `id`='".protect($_GET['reply'])."'")->fetch(PDO::FETCH_ASSOC);
if($r){
$t=$db->query("select `login` from `user` where `id`='$r[author_id]'")->fetch(PDO::FETCH_ASSOC);
echo'<div class="head">Отвечаем пользователю <a href="/profile'.$r['author_id'].'">'.$t['login'].'</a></div>
<div class="menu">'.$r['text'].'</div>';
}
}
?>
<script language="JavaScript">
<!--
function replaceSelectedText(obj,cbFunc){obj.focus();
if (document.selection){
var s = document.selection.createRange();
s.text=cbFunc;
s.select();
return true;
}else if (typeof(obj.selectionStart)=="number"){
var start = obj.selectionStart;
var end = obj.selectionEnd;
var rs = cbFunc;
obj.value = obj.value.substr(0,start)+rs+obj.value.substr(end);
obj.setSelectionRange(end,end);
return true;
}return false;}
//-->
</script>
<div class="menu"><form action="#" method="POST" enctype = "multipart/form-data">Собщение:
<a onclick="replaceSelectedText(document.getElementById('text'),' :)');"><img src="/images/smiles/1.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' :(');"><img src="/images/smiles/2.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' :D');"><img src="/images/smiles/3.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' 8)');"><img src="/images/smiles/4.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' ;)');"><img src="/images/smiles/5.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' :*');"><img src="/images/smiles/6.gif"></a>
<a onclick="replaceSelectedText(document.getElementById('text'),' *LOL*');"><img src="/images/smiles/7.gif"></a><br />
<textarea name="text" rows="3" cols="25" id="text"></textarea><br />
<input type="file" name="file">
<input type="submit" value="Отправить" /><br /><a href="/info/bb">BB коды</a> | <a href="/info/smiles">Bce cмайлы</a>
</form></div>
<div class="menu"><input name="link" value="http://<?=$_SERVER['HTTP_HOST']?>/forum/theme<?=$id?>" type="text"/></div>
<?php
}else{echo'<div class="citatka">Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.</div>';}
}else{echo'<div class="citatka">Эта тема была закрыта для обсуждения</div>';}
}
if ($k_page>1){str('/forum/theme'.$id.'/',$k_page,$page);}
}
back('/forum/'.$q['id_forum']);
}else{echo'<div class="menu">Ошибка идентификатора</div>';}
break;
case 'forum':
$q=$db->query("select * from `forum` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
if($q){
echo'<div class="head"><a href="/forum">Форум</a> / '.$q['name'].'</div>';
$total=$db->query("select `id` from `themes` where `id_forum`='$id'")->rowCount();
if($total){
$k_page=k_page($total,$set['p_str']);$page=page($k_page);$start=$set['p_str']*$page-$set['p_str'];
$sql=$db->query("select * from `themes` where `id_forum`='$id' order by `time_last` desc limit $start, $set[p_str]");
while($res=$sql->fetch(PDO::FETCH_ASSOC)){
$posts = $db->query("SELECT id FROM `posts` WHERE `id_theme` = '$res[id]'")->rowCount();
$authors = $db->query("SELECT * FROM `user` WHERE `id` = '$res[avtor]' ")->fetch(PDO::FETCH_ASSOC);
echo '<div class="menu"><a href="/forum/theme'.$res['id'].'">'.$res['name'].'</a> ('.$posts.') ';
if($user['level']=='1')echo' <a href="/delete.php?act=8&id='.$res['id'].'">[del]</a>';
echo' <a href="/forum/theme'.$res['id'].'/page=end">[»]</a><br/><small>Автор - <a href="/profile'.$res['avtor'].'">'.$authors['login'].'</a></small></div>';
}
if ($k_page>1)str('/forum/'.$id.'/',$k_page,$page); // Вывод страниц
}else{echo'<div class="menu">Темы еще не созданы</div>';}
if($user)echo'<div class="menu"><a href="/forum/add_theme'.$id.'" style="display:block;">Создать тему</a></div>';
back('/forum/'.$q['id_forum']);
}else{echo'<div clas="menu">Ошибка идентификатора</div>';}
break;
case 'cat':
$q=$db->query("select * from `razdel` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
if($q){
$total=$db->query("select * from `forum` where `razdel`='$id'")->rowCount();
if($total){
$sql=$db->query("select * from `forum` where `razdel`='$id' order by `id` asc");
echo'<div class="touch">';
while($res=$sql->fetch(PDO::FETCH_ASSOC)){
echo'<div class="menu"><a href="/forum/cat'.$res['id'].'"><img src="/images/notepad.png" alt="" style="width:16px;"> '.$res['name'].'
<span class="rig">'.$db->query("select `id` from `themes` where `id_forum`='$res[id]'")->rowCount().'</span></a></div>';
}
echo'</div>';
}else{echo'<div class="menu">Подразделов еще нет</div>';}
back('/forum');
}else{echo'<div clas="menu">Ошибка идентификатора</div>';}
break;
default:
echo'<div class="menu" style="text-align:center;"><a href="/forum/last_thread">Новые темы</a> | <a href="/forum/last_post">Новые сообщения</a></div>';
$total=$db->query("select `id` from `razdel`")->rowCount();;
if($total){
$sql=$db->query("select * from `razdel` order by `id`");
echo'<div class="touch">';
while($res=$sql->fetch(PDO::FETCH_ASSOC)){
echo'<div class="menu"><a href="/forum/'.$res['id'].'"><b>'.$res['name'].'</b>';if($res['desc'])echo'<br />'.$res['desc'];echo'</a></div>';
}
echo'</div>';
}else{echo'<div class="menu">Разделов еще нет</div>';}
if($user['level']>0)echo'<div class="menu"><a href="/index.php?mode=admin&fid=set_for" style="display:block;text-align:center;">Управление форумом</a></div>';
back('/');
}
if($_COOKIE['style']=='web')require_once '../system/web_foot.php'; else require_once '../system/foot.php';
?>