Файл: titwar.ru/forum.php
Строк: 245
<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
$sub = _string(_num($_GET['sub']));
$topic = _string(_num($_GET['topic']));
if(!$sub && !$topic) {
$title = 'Forum';
include './system/h.php';
?>
<div class='line'></div>
<?
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `forum_sub`'),0);
if($count > 0) {
if($_GET['create'] == true && $user['access'] == 2) {
$name = _string($_POST['name']);
$access = _string(_num($_POST['access']));
if($name) {
mysql_query('INSERT INTO `forum_sub` (`name`,
`access`) VALUES ("'.$name.'",
"'.$access.'")');
header('location: /forum/');
}
?>
<div class='content'>
<form action='/forum/?create=true' method='post'>
Name of the section:<br/>
<input name='name'/><br/>
Topics may be created by:<br/>
<select name='access'>
<option value='0'>all</option>
<option value='1'>moderators</option>
<option value='2'>administrators</option>
</select><br/>
<input type='submit' value='Create'/>
</form>
</div>
<div class='line'></div>
<?
}
$id = _string(_num($_GET['id']));
if($id && $user['access'] == 2) {
$i = mysql_query('SELECT * FROM `forum_sub` WHERE `id` = "'.$id.'"');
$i = mysql_fetch_array($i);
if(!$i) {
header('location: /forum/');
exit;
}
$name = _string($_POST['name']);
if($name) {
mysql_query('UPDATE `forum_sub` SET `name` = "'.$name.'" WHERE `id` = "'.$i['id'].'"');
header('location: /forum/?adm=true');
}
?>
<div class='content'>
<form action='/forum/?adm=true&id=<?=$i['id']?>' method='post'>
Name of the section:<br/>
<input name='name' value='<?=$i['name']?>'/> <input type='submit' value='Save'/>
</form>
</div>
<div class='line'></div>
<?
if($_GET['delete'] == true) {
$q = mysql_query('SELECT * FROM `forum_topic` WHERE `sub` = "'.$i['id'].'"');
while($row = mysql_fetch_array($q)) {
mysql_query('DELETE FROM `forum_comments` WHERE `topic` = "'.$row['id'].'"');
}
mysql_query('DELETE FROM `forum_topic` WHERE `sub` = "'.$i['id'].'"');
mysql_query('DELETE FROM `forum_sub` WHERE `id` = "'.$i['id'].'"');
header('location: /forum/?adm=true');
}
}
?>
<div class='list'>
<?
$q = mysql_query('SELECT * FROM `forum_sub`');
while($row = mysql_fetch_array($q)) {
$i++;
?>
<li>
<?
if($_GET['adm'] == true && $user['access'] == 2) {
?>
<span style='float: right;'>( <a href='/forum/?adm=true&id=<?=$row['id']?>&delete=true'>Удалить</a> | <a href='/forum/?adm=true&id=<?=$row['id']?>'>Edit</a> )</span>
<?
}
?>
<a href='/forum/sub/<?=$row['id']?>/'><img src='/images/icon/section.png' alt='*'/> <?=$row['name']?></a></li>
<?
}
?>
<li <?=($_GET['adm'] == true ? '':'class='no_b'')?>>
<?
if($user['access'] == 2) {
?>
<a href=''><a href='/forum/<?=($_GET['adm'] == true ? '':'?adm=true')?>' <?=($_GET['adm'] == true ? 'style='color: #909090;'':'')?>><img src='/images/icon/arrow.png' alt='*'/> Manage forum</a></a>
<?
if($_GET['adm'] == true) {
?>
<li class='no_b'><a href='/forum/?create=true'><img src='/images/icon/arrow.png' alt='*'/> Create section</a></li>
<?
}
}
?>
</li>
</div>
<?
}
else
{
?>
<div class='content'><font color='#909090'></font></div>
<?
}
include './system/f.php';
}
elseif($sub) {
$sub = mysql_query('SELECT * FROM `forum_sub` WHERE `id` = "'.$sub.'"');
$sub = mysql_fetch_array($sub);
if(!$sub) {
header('location: /forum');
exit;
}
if($_GET['create'] == true && $user['access'] >= $sub['access']) {
$title = 'New topic';
include './system/h.php';
?>
<div class='line'></div>
<?
if($user['save'] == 1) {
$name = _string($_POST['name']);
$text = _string($_POST['text']);
if($name && $text) {
if($user['level'] > 14) {
mysql_query('INSERT INTO `forum_topic` (`sub`,
`name`,
`user`,
`text`,
`time`) VALUES ("'.$sub['id'].'",
"'.$name.'",
"'.$user['id'].'",
"'.$text.'",
"'.time().'")');
$topic_id = mysql_insert_id();
header('location: /forum/topic/'.$topic_id.'/');
}
else
{
?>
<div class='content' align='center'><font color='#909090'>You can create new topic <img src='/images/icon/level.png' alt='*'/> if your level is 15!</font></div>
<div class='line'></div>
<?
}
}
?>
<div class='content'>
<form action='/forum/sub/<?=$sub['id']?>/?create=true' method='post'>
Name of the topic:<br/>
<input name='name'/><br/>
Text:<br/>
<textarea name='text' style='width: 100%;'></textarea><br/>
<input type='submit' value='Создать'/>
</form>
</div>
<?
}
else
{
?>
<div class='content'><font color='#999'>To create topic you have to save your character</font></div>
<?
}
include './system/f.php';
}
else
{
$title = $sub['name'];
include './system/h.php';
?>
<div class='line'></div>
<?
$max = 10;
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `forum_topic` WHERE `sub` = "'.$sub['id'].'"'),0);
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
if($count > 0) {
?>
<div class='list'>
<?
$q = mysql_query('SELECT * FROM `forum_topic` WHERE `sub` = "'.$sub['id'].'" ORDER BY `stick` DESC, `id` DESC LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$i++;
?>
<li><a href='/forum/topic/<?=$row['id']?>/' <?=($row['stick'] == 1 ? 'style="font-weight: bold;"':'')?>><img src='/images/icon/forum_<?=($row['close'] == 1 ? 3:2)?>.png' alt='*'/> <?=$row['name']?></a></li>
<?
}
?>
<?
}
else
{
?>
<div class='content'><font color='#999'>Forum is empty!</font></div>
<?
}
?>
</div>
<?
if($user['access'] >= $sub['access']) {
?>
<div class='line'></div>
<div class='list'>
<li class='no_b'><a href='/forum/sub/<?=$sub['id']?>/?create=true'><img src='/images/icon/forum_2.png'> Create new topic</a></li>
</div>
<?
}
include './system/f.php';
}
}
elseif($topic) {
$topic = mysql_query('SELECT * FROM `forum_topic` WHERE `id` = "'.$topic.'"');
$topic = mysql_fetch_array($topic);
if(!$topic) {
header('location: /forum');
exit;
}
$title = $topic['name'];
include './system/h.php';
$topic_user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$topic['user'].'"');
$topic_user = mysql_fetch_array($topic_user);
?>
<div class='line'></div>
<?
if($_GET['adm'] == true && $user['access'] > 0) {
?>
<div class='content'>
<img src='/images/icon/arrow.png' alt='*'/> <a href='/forum/topic/<?=$topic['id']?>/?stick=true'> <?=($topic['stick'] == 0 ? 'Fix':'Unfix')?></a> | <a href='/forum/topic/<?=$topic['id']?>/?close=true'> <?=($topic['close'] == 0 ? 'Close':'Open')?></a> | <a href='/forum/topic/<?=$topic['id']?>/?delete=true'>Delete</a>
</div>
<div class='line'></div>
<?
}
?>
<div class='content'>
<img src='/images/icon/race/<?=$topic_user['r'].($topic_user['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$topic_user['id']?>/'><?=$topic_user['login']?></a>, <?=_times(time() - $topic['time'])?><br/>
<?
if($topic_user['access'] == 1) {
?>
<font color='f09060'>
<?
}
if($topic_user['access'] == 2) {
?>
<font color='90c0c0'>
<?
}
?>
<?=bb(smiles($topic['text']))?>
<?
if($topic_user['access'] > 0) {
?>
</font>
<?
}
?>
</div>
<div class='line'></div>
<?
if($user['access'] > 0) {
if($_GET['stick'] == true) {
mysql_query('UPDATE `forum_topic` SET `stick` = "'.($topic['stick'] == 0 ? 1:0).'" WHERE `id` = "'.$topic['id'].'"');
header('location: /forum/topic/'.$topic['id'].'/?adm=true');
}
if($_GET['close'] == true) {
mysql_query('UPDATE `forum_topic` SET `close` = "'.($topic['close'] == 0 ? 1:0).'" WHERE `id` = "'.$topic['id'].'"');
header('location: /forum/topic/'.$topic['id'].'/?adm=true');
}
if($_GET['delete'] == true) {
$q = mysql_query('SELECT * FROM `forum_comments` WHERE `topic` = "'.$topic['id'].'"');
while($row = mysql_fetch_array($q)) {
mysql_query('DELETE FROM `forum_comments` WHERE `id` = "'.$row['id'].'"');
}
header('location: /forum/sub/'.$topic['sub'].'/?adm=true');
mysql_query('DELETE FROM `forum_topic` WHERE `id` = "'.$topic['id'].'"');
}
?>
<div class='list'>
<li class='no_b'><a href='/forum/topic/<?=$topic['id']?>/<?=($_GET['adm'] == true ? '':'?adm=true')?>' <?=($_GET['adm'] == true ? 'style='color: #909090;'':'')?>><img src='/images/icon/arrow.png' alt='*'/> Manage topic</a></li>
</div>
<div class='line'></div>
<?
}
$count = mysql_result(mysql_query('SELECT COUNT(*) FROM `forum_comments` WHERE `topic` = "'.$topic['id'].'"'),0);
?>
<div class='content'>
Comments: <b><?=$count?></b>
</div>
<?
if($count > 0) {
?>
<div class='line'></div>
<div class='menu'>
<?
$max = 10;
$pages = ceil($count/$max);
$page = _string(_num($_GET['page']));
if($page > $pages) {
$page = $pages;
}
if($page < 1) {
$page = 1;
}
$start = $page * $max - $max;
$q = mysql_query('SELECT * FROM `forum_comments` WHERE `topic` = "'.$topic['id'].'" ORDER BY `id` LIMIT '.$start.', '.$max.'');
while($row = mysql_fetch_array($q)) {
$comment_user = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['user'].'"');
$comment_user = mysql_fetch_array($comment_user);
?>
<li><img src='/images/icon/race/<?=$comment_user['r'].($comment_user['online'] > time() - 300 ? '':'-off')?>.png' alt='*'/> <a href='/user/<?=$comment_user['id']?>/'><?=$comment_user['login']?></a><?
if($comment_user['id'] != $user['id']) {
?> <a href='/forum/topic/<?=$topic['id']?>/?page=<?=$page?>&to=<?=$comment_user['id']?>'>(»)</a><? } ?>, <?=_times(time() - $row['time'])?><br/>
<?
if($row['to']) {
$__to = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$row['to'].'"');
$__to = mysql_fetch_array($__to);
if($__to['id'] == $user['id']) {
?>
<font color='#90c090'>
<?
}
?>
<?=$__to['login']?>,
<?
if($__to['id'] == $user['id']) {
?>
</font>
<?
}
}
if($comment_user['access'] == 1) {
?>
<font color='f09060'>
<?
}
if($comment_user['access'] == 2) {
?>
<font color='90c0c0'>
<?
}
?>
<?=bb(smiles($row['text']))?>
<?
if($comment_user['access'] > 0) {
?>
</font>
<?
}
if($user['access'] > 0) {
$comment = _string(_num($_GET['comment']));
if($comment) {
mysql_query('DELETE FROM `forum_comments` WHERE `id` = "'.$comment.'"');
header('location: /forum/topic/'.$topic['id'].'/?page='.$page);
}
?>
<a href='/forum/topic/<?=$topic['id']?>/?page=<?=$page?>&comment=<?=$row['id']?>'>[x]</a>
<?
}
?>
</li>
<?
}
?>
<li class='no_b'><?=pages('/forum/topic/'.$topic['id'].'/?')?></li>
</div>
<?
}
?>
<div class='line'></div>
<div class='content'>
<?
if($topic['close'] == 0) {
if($user['save'] == 1) {
if($user['level'] > 5) {
$text = _string($_POST['text']);
$to = _string(_num($_GET['to']));
if($to) {
$_to = mysql_query('SELECT * FROM `users` WHERE `id` = "'.$to.'"');
$_to = mysql_fetch_array($_to);
if(!$_to OR $_to['id'] == $user['id']) {
header('location: /forum/topic/'.$topic['id'].'/?page='.$page);
exit;
}
}
if($_to) {
$text = str_replace($_to['login'].', ', '', $text);
}
if($text) {
mysql_query('INSERT INTO `forum_comments` (`topic`,`user`,`to`,`text`,`time`) VALUES ("'.$topic['id'].'", "'.$user['id'].'", "'.$_to['id'].'", "'.$text.'", "'.time().'")');
header('location: /forum/topic/'.$topic['id'].'/?page='.$pages);
}
?>
<form action='/forum/topic/<?=$topic['id']?>/?page=<?=$page?>&to=<?=$to?>' method='post'>
Message:<br/>
<textarea name='text' style='width: 100%;'><?=($to ? $_to['login'].', ':'')?></textarea><br/>
<input type='submit' value='Send'/>
</form>
<?
}
else
{
?>
<font color='#999'>You can write on forum if <img src='/images/icon/level.png' alt='*'/> your level is 5!</font>
<?
}
}
else
{
?>
<font color='#999'>You have to save your character</font>
<?
}
}
else
{
?>
<font color='#f33'>Topic is closed</font>
<?
}
?>
</div>
<?
include './system/f.php';
}
?>