Файл: world-faces.ru/world-faces.ru/foto/inc/them.php
Строк: 238
<?
if (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==1)
{
mysql_query("INSERT INTO `forum_zakl` (`id_user`, `time`, `id_them`) values('$user[id]', '$time', '$them[id]')");
msg('Тема добавлена в закладки');
}
elseif (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==0)
{
mysql_query("DELETE FROM `forum_zakl` WHERE `id_user` = '$user[id]' AND `id_them` = '$them[id]'");
msg('Тема удалена из закладок');
}
if (isset($user) && isset($_GET['act']) && $_GET['act']=='new' && isset($_POST['msg']) && isset($_POST['post']))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)<2)$err='Короткое сообщение';
if (strlen2($msg)>1024)$err='Длина сообщения превышает предел в 1024 символа';
$msg=mysql_real_escape_string($msg);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_user` = '$user[id]' AND `msg` = '$msg' LIMIT 1"),0)!=0)$err='Ваше сообщение повторяет предыдущее';
if (!isset($err))
{
if (isset($_POST['cit']) && is_numeric($_POST['cit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_razdel` = '".intval($_GET['id_razdel'])."' AND `id_forum` = '".intval($_GET['id_forum'])."'"),0)==1)
$cit=intval($_POST['cit']); else $cit=NULL;
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `forum_zakl` SET `time_obn` = '$time' WHERE `id_them` = '$them[id]'");
mysql_query("INSERT INTO `forum_p` (`id_forum`, `id_razdel`, `id_them`, `id_user`, `msg`, `time`, `cit`) values('$forum[id]', '$razdel[id]', '$them[id]', '$user[id]', '$msg', '$time', '$cit')");
$post_id=mysql_insert_id();
unset($_SESSION['msg']);
mysql_query("UPDATE `forum_r` SET `time` = '$time' WHERE `id` = '$razdel[id]' LIMIT 1");
mysql_query("UPDATE `forum_t` SET `time` = '$time' WHERE `id` = '$them[id]' LIMIT 1");
msg('Сообщение успешно добавлено');
/*
aut();
header("Refresh: 1; url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end&".SID);
echo "<div class="foot">n";
echo "»<a href="/forum/$forum[id]/$razdel[id]/$them[id]/?page=end" title='Перейти в тему'>Перейти в тему</a><br />n";
echo "«<a href="/forum/$forum[id]/$razdel[id]/" title='Вернуться в раздел'>$razdel[name]</a><br />n";
echo "«<a href="/forum/$forum[id]/">$forum[name]</a><br />n";
echo "«<a href="/forum/">Форум</a><br />n";
echo "</div>n";
include_once '../sys/inc/tfoot.php';
*/
}
}
if ($them['close']==1)
msg('Тема закрыта для обсуждения');
err();
aut();
if (isset($_GET['mark']))
{
$search=ereg_replace("( ){2,}"," ",$_GET['mark']);
$search=ereg_replace("^( ){1,}|( ){1,}$","",$search);
$search_a=explode(' ', $search);
for($i=0;$i<count($search_a);$i++)
{
$search_a[$i]='#'.preg_quote(esc(trim(stripcslashes(htmlspecialchars($search_a[$i]))))).'#uim';
}
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){$lim=NULL;}else $lim=" LIMIT $start, $set[p_str]";
$q=mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' ORDER BY `time` ASC$lim");
if (mysql_num_rows($q)==0) {
echo "Нет сообщений в теме "$them[name]"n";
}
$post_k=$start;
$num=1;
while ($post = mysql_fetch_array($q))
{
if($num==1){
echo "<div class='rowup'>n";
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
echo "<label>n";
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$post_k++;
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
echo "<input type='checkbox' name="post_$post[id]" value="1" />";}
else echo "".online($ank['id'])."n";
if ($set['show_num_post']==1)$num_post=$post_k.') '; else $num_post=NULL;
if (isset($user) && $them['close']==0)
echo "$num_post<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/msg' title='Ответить $ank[nick]'><span style="color:$ank[ncolor]">$ank[nick]</span></a> [".vremja($post['time'])."]n";
else
echo "$num_post<a href='/info.php?id=$ank[id]' title='Анкета $ank[nick]'><span style="color:$ank[ncolor]">$ank[nick]</span></a> [".vremja($post['time'])."]n";
if ($ank['balls']>=10000 && $ank['level']==0 && $ank['rating']>=50)echo "<img src='http://vipspaces.ru/sys/img/medal.gif' alt='m'/>n";
echo "<br/>n";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '$post[cit]'"),0)==1)
{
$cit=mysql_fetch_array(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post[cit]' LIMIT 1"));
$ank_c=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $cit[id_user] LIMIT 1"));
echo "<div class='cit'>n";
echo "<b>$ank_c[nick] (".vremja($cit['time'])."):</b><br />n";
echo esc(trim(br(bbcode(links(stripcslashes(htmlspecialchars($cit['msg'])))))))."<br />n";
echo "</div>n";
}
echo "<span style="color:$ank[color]">n";
if (isset($_GET['mark']))
echo esc(preg_replace($search_a, '<span class="search_cit">\0</span>', trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg'])))))))))."<br />n";
else
echo esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg']))))))))."<br />n";
echo "</span>n";
if (isset($user) && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Редактировать (".($post['time']+600-time())." сек)</a>n";
elseif (isset($user) && ($user['level']>$ank['level'] || $user['level']==4 || ($ank['id']==$user['id'] && $user['level']>0)))
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Редактировать</a>n";
if (isset($user) && $them['close']==0 && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
echo ' | ';
elseif (isset($user) && $them['close']==0 && ($user['level']>$ank['level'] || $user['level']==4 || ($ank['id']==$user['id'] && $user['level']>0)))
echo ' | ';
else
if (isset($user) && $them['close']==0)
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/cit' title='Цитировать $ank[nick]'>“Цитировать”</a><br />n";
echo "</div>n";
$num=0;
}else{
echo "<div class='rowdown'>n";
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
echo "<label>n";
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$post_k++;
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
echo "<input type='checkbox' name="post_$post[id]" value="1" />";}
else echo "".online($ank['id'])."n";
if ($set['show_num_post']==1)$num_post=$post_k.') '; else $num_post=NULL;
if (isset($user) && $them['close']==0)
echo "$num_post<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/msg' title='Ответить $ank[nick]'><span style="color:$ank[ncolor]">$ank[nick]</span></a> [".vremja($post['time'])."]n";
else
echo "$num_post<a href='/info.php?id=$ank[id]' title='Анкета $ank[nick]'><span style="color:$ank[ncolor]">$ank[nick]</span></a> [".vremja($post['time'])."]n";
if ($ank['balls']>=10000 && $ank['level']==0 && $ank['rating']>=50)echo "<img src='http://vipspaces.ru/sys/img/medal.gif' alt='m'/>n";
echo "<br/>n";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '$post[cit]'"),0)==1)
{
$cit=mysql_fetch_array(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '$post[cit]' LIMIT 1"));
$ank_c=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $cit[id_user] LIMIT 1"));
echo "<div class='cit'>n";
echo "<b>$ank_c[nick] (".vremja($cit['time'])."):</b><br />n";
echo esc(trim(br(bbcode(links(stripcslashes(htmlspecialchars($cit['msg'])))))))."<br />n";
echo "</div>n";
}
echo "<span style="color:$ank[color]">n";
if (isset($_GET['mark']))
echo esc(preg_replace($search_a, '<span class="search_cit">\0</span>', trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg'])))))))))."<br />n";
else
echo esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg']))))))))."n";
echo "</span>n";
if (isset($user) && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Ред (".($post['time']+600-time())." сек)</a>n";
elseif (isset($user) && ($user['level']>$ank['level'] || $user['level']==4 || ($ank['id']==$user['id'] && $user['level']>0)))
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Редактировать</a>n";
if (isset($user) && $them['close']==0 && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
echo ' | ';
elseif (isset($user) && $them['close']==0 && ($user['level']>$ank['level'] || $user['level']==4 || ($ank['id']==$user['id'] && $user['level']>0)))
echo ' | ';
else
if (isset($user) && $them['close']==0)
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/cit' title='Цитировать $ank[nick]'>“Цит”</a><br />n";
echo "</div>n";
$num=1;
}
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
echo "</label>n";
}
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){}
elseif ($k_page>1)str("/forum/$forum[id]/$razdel[id]/$them[id]/?",$k_page,$page); // Вывод страниц
if (isset($user) && ($ank2['level']<$user['level'] || $user['level']==4 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){}
elseif (isset($user) && $them['close']==0)
{
if ($user['set_files']==1)
echo "<form method='post' name='message' enctype='multipart/form-data' action='/forum/$forum[id]/$razdel[id]/$them[id]/new'>n";
else
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/new'>n";
if (isset($_POST['msg']) && isset($_POST['file_s']))$msg2=esc(stripcslashes(htmlspecialchars($_POST['msg']))); else $msg2=NULL;
if ($set['web'] && is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php'))
include_once H.'style/themes/'.$set['set_them'].'/altername_post_form.php';
else
echo "Сообщение:<br />n<textarea name="msg">$msg2</textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
if ($user['set_files']==1){
if (isset($_SESSION['file']))
{
echo "Прикрепленные файлы:<br />n";
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name']))
{
echo "<img src='/style/themes/$set[set_them]/forum/14/file.png' alt='' />n";
echo $_SESSION['file'][$i]['name'].'.'.$_SESSION['file'][$i]['ras'].' (';
echo size_file($_SESSION['file'][$i]['size']);
echo ") <a href='/forum/$forum[id]/$razdel[id]/$them[id]/d_file$i' title='Удалить из списка'><img src='/style/themes/$set[set_them]/forum/14/del_file.png' alt='' /></a>n";
echo "<br />n";
}
}
}
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Прикрепить файл' type='submit' /><br />n";
}
echo "<input name='post' value='Отправить сообщение' type='submit' /><br />n";
echo "</form>n";
echo "<div class="foot">n";
echo "»<a href="/smiles.php">Смайлы</a><br />n";
echo "»<a href="/rules.php">Правила</a><br />n";
echo "</div>n";
}
?>