Файл: profiwm.pp.ua/coded.php
Строк: 339
<?php
require 'system/sid.php';
require 'system/config.php';
include 'system/user.php';
include 'system/head.php';
include 'system/navigator.php';
whorm(0, 'coded');
echo $div_title . 'Полезные функции' . $div_end;
$do = isset($_GET['do']) ? $_GET['do'] : NULL;
switch($do)
{
default:
echo $div_menu . '<a href="?do=create">Добавить код</a>' . $div_end;
if ($user['level'] == 5)
{
echo $div_menu . '<a href="?do=coded_r">Управление разделами</a>' . $div_end;
}
$look = mysql_result(mysql_query("SELECT COUNT(id) FROM `coded_razdel`"), 0);
if ($look != false) {
$n = new navigator($look, 10, '?');
$result = mysql_query("SELECT `coded_razdel`.*,
(SELECT COUNT(id) FROM `coded_article` WHERE `coded_razdel`.`id` = `coded_article`.`uid`) AS c,
(SELECT COUNT(id) FROM `coded_article` WHERE `coded_razdel`.`id` = `coded_article`.`uid`
AND `coded_article`.`date` > '" . (time() - 86400) . "') AS a FROM `coded_razdel` ORDER BY `coded_razdel`.`id` ASC {$n->limit}");
$i = 0;
while($sql = mysql_fetch_assoc($result)) {
$new_file = (!empty($sql['a'])) ? '<span style="color: #FF0000;">+' . $sql['a'] . '</span>' : '';
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '» <a href="codcat-razdel-'.$sql['id'].'">'.$sql['name'].'</a> (' . $sql['c'] . ')' . $new_file . $div_end;
}
echo $n->navi();
} else {
echo 'Разделы еще не созданы.<br/>';
}
break;
// Управление
case coded_r:
if ($user['level'] != 5)
{
header('Location: coded.php');
die();
}
echo '<form method="post" action="coded.php?do=coded_r">
<label for="q">Новый раздел</label>:
<br/>
<input type="text" id="q" name="new"/>
<br/>
<input type="submit" name="create" value="Создать"/>
</form>' . $block;
// создание раздела
if (isset($_POST['create']))
{
$new = trim(mysql_real_escape_string(check($_POST['new'])));
$em = mysql_query("SELECT `id` FROM `coded_razdel` WHERE `name` = '$new' LIMIT 1");
if (empty($new)) {
err('Пустое название раздела!');
} elseif (mysql_num_rows($em) != FALSE) {
err('Раздел с таким названием уже создан!');
} else {
mysql_query("INSERT INTO `coded_razdel` SET `name` = '$new'");
header('Location: coded.php?do=coded_r');
}
}
// удаление раздела
if (isset($_GET['x']))
{
$x = my_int($_GET['x']);
$sql = mysql_query("SELECT `id` FROM `coded_razdel` WHERE `id` = '$x' LIMIT 1");
if (mysql_num_rows($sql) == FALSE) {
err('Раздел не найден!');
} else {
$in = mysql_fetch_assoc(mysql_query("SELECT `path` FROM `coded_article` WHERE `uid` = '$x' LIMIT 1"));
// удаление статей
mysql_query("DELETE FROM `coded_article` WHERE `uid` = '$x'");
// удаление раздела
mysql_query("DELETE FROM `coded_razdel` WHERE `id` = '$x' LIMIT 1");
header('Location: coded.php?do=coded_r');
}
}
// вывод разделов
$count = mysql_result(mysql_query("SELECT COUNT(id) FROM `coded_razdel`"), 0);
if ($count != FALSE) {
$n = new navigator($count, 10, '?do=coded_r');
$view = mysql_query("SELECT `coded_razdel`.*,(SELECT COUNT(id) FROM `coded_article` WHERE `coded_razdel`.`id` = `coded_article`.`uid`) AS c FROM `coded_razdel` ORDER BY `coded_razdel`.`id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($view)) {
$d = '<a href="coddelete-coded_r-'.$a['id'].'"><span class="next"><img src="ico/delete.png" alt=""/></span></a> ';
$e = '<a href="codedit-coded_edit-'.$a['id'].'"><span class="next"><img src="ico/edit.png" alt=""/></span></a> ';
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $e . $d . $a['name'] . ' (' . $a['c'] . ')' . $div_end;
}
echo $n->navi();
} else {
echo 'Разделы не созданы.<br/>';
}
break;
// Редактирование раздела
case coded_edit:
if ($user['level'] != 5)
{
header('Location: coded.php');
die();
}
$x = my_int($_GET['x']);
$sql = mysql_query("SELECT * FROM `coded_razdel` WHERE `id` = '$x' LIMIT 1");
if (isset($_POST['go'])) {
$edit = trim(mysql_real_escape_string(check($_POST['edit'])));
$em = mysql_query("SELECT `id` FROM `coded_razdel` WHERE `name` = '$new' LIMIT 1");
if (empty($edit)) {
err('Пустое название раздела!');
} elseif (mysql_num_rows($edit) != FALSE) {
err('Раздел с таким названием уже создан!');
} else {
mysql_query("UPDATE `coded_razdel` SET `name` = '$edit' WHERE `id` = '$x' LIMIT 1");
header('Location: coded.php?do=coded_r');
}
}
if (mysql_num_rows($sql) == FALSE) {
err('Раздел не найден!');
} else {
$in = mysql_fetch_assoc($sql);
echo '<form method="post" action="codedit-coded_edit-'.$x.'">
<label for="q">Редактировать</label>:
<br/>
<input type="text" id="q" name="edit" value="' . $in['name'] . '"/>
<br/>
<input type="submit" name="go" value="Изменить"/>
</form>';
}
break;
// Разделы
case razdel:
$uid = my_int($_GET['uid']);
$sql = mysql_query("SELECT `id` FROM `coded_razdel` WHERE `id` = '$uid' LIMIT 1");
if (mysql_num_rows($sql) == FALSE) {
err('Раздела не существует!');
} else {
$select = mysql_result(mysql_query("SELECT COUNT(id) FROM `coded_article` WHERE `uid` = '$uid'"), 0);
if ($select != FALSE) {
$n = new navigator($select, 10, 'codcat-razdel-'.$uid.'&');
$sel = mysql_query("SELECT `coded_article`.*,(SELECT COUNT(id) FROM `coded_comm` WHERE `coded_comm`.`id_new` = `coded_article`.`id`) AS c FROM `coded_article` WHERE `coded_article`.`uid` = '$uid' ORDER BY `coded_article`.`id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($sel)) {
// новые
$New = ($a['date'] > (time() - 86400)) ? ' <span style="color: #FF0000;">(new!)</span>' : '';
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '• <a href="codlook-info-'.$a['id'].'">' . $a['name'] . '</a>' . $New . $block . '
<a href="codlook-info-'.$a['id'].'">Комментарии (' . $a['c'] . ')</a>' . $div_end;
}
echo $n->navi();
} else {
echo 'В этом разделе еще ничего нет.<br/>';
}
}
break;
// Информация о коде
case info:
$uid = my_int($_GET['uid']);
$sql = mysql_query("SELECT * FROM `coded_article` WHERE `id` = '$uid' LIMIT 1");
if (isset($_GET['x'])) {
if ($user['level'] < 3)
{
header('location: coded.php');
die();
}
$x = my_int($_GET['x']);
$em = mysql_query("SELECT * FROM `coded_article` WHERE `id` = '$x' LIMIT 1");
if (mysql_num_rows($em) == FALSE) {
err('Код не найден!');
} else {
$is = mysql_fetch_assoc($em);
if (file_exists($is['path'])) unlink($is['path']);
mysql_query("DELETE FROM `coded_article` WHERE `id` = '$x' LIMIT 1");
header('Location: codcat-razdel-' . $is['uid']);
}
}
if (mysql_num_rows($sql) == FALSE) {
err('Кода не существует!');
} else {
// положительный голос
if (isset($_GET['like']))
{
$prv = mysql_query("SELECT `id` FROM `rating_coded` WHERE `uid` = '$uid' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_coded` SET `uid` = '$uid', `who` = '$user[id]', `like` = '1'");
msg('Ваш голос принят!');
}
}
// отрицательный голос
if (isset($_GET['dlike']))
{
$prv = mysql_query("SELECT `id` FROM `rating_coded` WHERE `uid` = '$uid' AND `who` = '$user[id]' LIMIT 1");
if (mysql_num_rows($prv) != FALSE) {
err('Вы уже голосовали!');
} else {
mysql_query("INSERT INTO `rating_coded` SET `uid` = '$uid', `who` = '$user[id]', `dlike` = '1'");
msg('Ваш голос принят!');
}
}
$in = mysql_fetch_assoc($sql);
if ($user['level'] >= 3 && $user['level'] <= 5) {
$d = '<a href="coddelete-info-'.$uid.'"><span class="next"><img src="ico/delete.png" alt=""/></span></a> ';
$e = '<a href="codedit-edit-'.$uid.'"><span class="next"><img src="ico/edit.png" alt=""/></span></a> ';
}
echo '<b>' . $in['name'] . '</b>' . $block . $e . $d . bb_code('[code]' . $in['content'] . '[/code]') . $block . '
Добавил код: ' . us($in['author']) . '<br/>
Дата добавления: (' . itime($in['date'], 0) . ')' . $block;
// Голосование //
$i_vote = mysql_query("SELECT `id` FROM `rating_coded` WHERE `uid` = '$uid' AND `who` = '$user[id]' LIMIT 1");
$like = mysql_result(mysql_query("SELECT SUM(`like`) FROM `rating_coded` WHERE `uid` = '$uid'"), 0);
$dlike = mysql_result(mysql_query("SELECT SUM(`dlike`) FROM `rating_coded` WHERE `uid` = '$uid'"), 0);
$rat_1 = (empty($like)) ? 0 : $like;
$rat_2 = (empty($dlike)) ? 0 : $dlike;
echo 'Рейтинг: ' . ($like - $dlike) . '<br/>';
if ($like - $dlike >= 1) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 3) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 5) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 7) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 10) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 12) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 15) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 17) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 20) echo '<img src="ico/rating1.gif" alt=""/><br/>';
elseif ($like - $dlike >= 25) echo '<img src="ico/rating1.gif" alt=""/><br/>';
else echo '<img src="ico/rating0.gif" alt=""/><br/>';
if (mysql_num_rows($i_vote) == FALSE) {
echo '<a href="codwv-whovote-'.$uid.'-1">' . $rat_1 . '</a>
<a href="codlook-info-'.$uid.'&like">
<img src="ico/plus.png" alt="+"/></a>
Голосовать
<a href="codlook-info-'.$uid.'&dlike">
<img src="ico/minus.png" alt="-"/></a><a href="codwv-whovote-'.$uid.'-2"> ' . $rat_2 . '</a>' . $block;
} else {
echo '<img src="ico/plus.png" alt="+"/><a href="codwv-whovote-'.$uid.'-1"> ' . $like . '</a> |
<img src="ico/minus.png" alt="-"/><a href="codwv-whovote-'.$uid.'-2"> ' . $dlike . '</a>' . $block;
}
// Голосование //
echo 'Скачать код: <a href="downcode-'.$uid.'">PHP</a><br/>';
if (isset($_GET['order']) && $_GET['order'] == 2) {
$sort = '<b>вверху</b> | <a href="codsort-info-'.$uid.'-1">внизу</a>';
$ord = 'DESC';
} elseif (isset($_GET['order']) && $_GET['order'] == 1) {
$sort = '<a href="codsort-info-'.$uid.'-2">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
} else {
$sort = '<a href="codsort-info-'.$uid.'-2">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
}
echo $div_menu . 'Новые: ' . $sort . $div_end;
if (isset($_GET['d'])) {
$d = my_int($_GET['d']);
if ($user['level'] < 3) {
header('Location: codlok-info-' . $uid);
die();
}
$ecom = mysql_query("SELECT `id` FROM `coded_comm` WHERE `id` = '$d' LIMIT 1");
if (mysql_num_rows($ecom) != FALSE) {
mysql_query("DELETE FROM `coded_comm` WHERE `id` = '$d' LIMIT 1");
header('Location: codlook-info-' . $uid);
} else {
header('Location: codlook-info-' . $uid);
}
}
if (isset($_POST['add_com'])) {
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (empty($mes)) {
header('Location: codlook-info-' . $uid);
} else {
// транслит
if ($user['translit'] == 1) {
$mes = trun_to_rus($mes);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$mes = ($ant[0] == 1) ? mat($mes) : $mes;
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('domains.dat'));
foreach($ex as $value) {
if ($user['level'] < 4 && !preg_match('/[url=http://(.*)[/url]/si', $mes)) {
$mes = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $mes);
}
}
}
if ($in['author'] != $user['id'])
{
$inlenta = (mb_strlen($mes, 'UTF8') > 50)
? mb_substr($mes, 0, 50, 'UTF8') . '...'
: $mes;
$message = cvetnik($user['id']) . ' оставил сообщение ' . bb_code($inlenta) . ' к вашему <a href="codlook-info-'.$uid.'">коду</a>!';
mysql_query("INSERT INTO `letters` (`id`,`who`,`idwho`,`message`,`data`,`read`,`mod`)
VALUES (0,'0','$in[author]','$message','" . time() . "','0','i')");
}
mysql_query("INSERT INTO `coded_comm` SET
`date` = '" . time() . "',
`msg` = '$mes',
`id_new` = '$uid',
`user` = '$user[id]'");
header('Location: codlook-info-' . $uid);
}
}
$coms = mysql_result(mysql_query("SELECT COUNT(id) FROM `coded_comm` WHERE `id_new` = '$uid'"), 0);
if ($coms != false) {
$n = new navigator($coms, $user['onp_comments'], 'codlook-info-'.$uid.'&');
$res = mysql_query("SELECT * FROM `coded_comm` WHERE `id_new` = '$uid' ORDER BY `id` $ord {$n->limit}");
while($s = mysql_fetch_assoc($res)) {
$del = ($user['level'] >= 3 && $user['level'] <= 5) ? '<a href="coddc-info-'.$uid.'-'.$s['id'].'"><img src="ico/delete.png" alt=""/></a> ' : '';
$otv = ' <a href="answ-cod-info-'.$uid.'-'.$s['user'].'#down">[отв]</a>';
echo $div_razdel . $del . us($s['user']) . $otv . ' (' . itime($s['date'], 0) . ')' . $div_end . $div_tworazdel . smiles(bb_code($s['msg'])) . $div_end;
}
echo $n->navi();
} else {
echo 'Комментариев нет!<br/>';
}
$Komu = (isset($_GET['k'])) ? '[b]Ответ: ' . user_inf(my_int($_GET['k']), 'user') . '[/b], ' : '';
echo '<a name="down"></a>
<label><b>Комментарий:</b></label><br/>
<form method="post" action="codlook-info-'.$uid.'">
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . $Komu . '</textarea>
<br/>
<input type="submit" name="add_com" value="Добавить"/>
</form>';
}
echo '« <a href="codcat-razdel-'.$in['uid'].'">В категорию</a>';
break;
case load:
$id = my_int($_GET['id']);
$emptyC = mysql_query("SELECT `id`, `name`, `content` FROM `coded_article` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($emptyC) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if ($objs = glob('code_temp' . '/*'))
{
foreach($objs as $obj)
{
unlink($obj);
}
}
function replaceToCode($var)
{
$var = str_replace('<br />', "rn", $var);
$var = str_replace('<br/>', "rn", $var);
$var = str_replace('<', '<', $var);
$var = str_replace('>', '>', $var);
$var = str_replace('&', '&', $var);
$var = str_replace('$', '$', $var);
$var = str_replace('"', '"', $var);
$var = str_replace(''', ''', $var);
$var = str_replace('\', ''', $var);
$var = str_replace('%', '%', $var);
$var = str_replace('^', '^', $var);
return $var;
}
$inf = mysql_fetch_assoc($emptyC);
file_put_contents('code_temp/' . retranslit($inf['name']) . '.php', "<?phpn" . replaceToCode($inf['content']) . "n#Скачано с " . $site . "n?>");
chmod('code_temp/' . retranslit($inf['name']) . '.php', 0600);
header('location: code_temp/' . retranslit($inf['name']) . '.php');
die();
break;
// Редактирование кода
case edit:
if ($user['level'] < 4 && $in['user'] != $user['id'])
{
header('Location: coded.php');
die();
}
$x = my_int($_GET['x']);
$em = mysql_query("SELECT * FROM `coded_article` WHERE `id` = '$x' LIMIT 1");
$in = mysql_fetch_assoc($em);
if (isset($_POST['ok']))
{
$n = trim(mysql_real_escape_string(check($_POST['n'])));
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (!check_syntax(trim($_POST['mes'])))
{
err('В коде допущены синтаксические ошибки!');
} elseif (empty($n)) {
err('Пустое название!');
} elseif (empty($mes)) {
err('Пустое содержание!');
} else {
mysql_query("UPDATE `coded_article` SET `name` = '$n', `content` = '$mes' WHERE `id` = '$x' LIMIT 1");
header('Location: codlook-info-' . $x);
}
}
if (mysql_num_rows($em) == FALSE) {
err('Код не найден!');
} else {
echo '<form method="post" action="codedit-edit-'.$x.'">
<label>Название</label>:
<br/>
<input type="text" name="n" value="' . $in['name'] . '"/>
<br/>
<label>Описание</label>:
<br/>
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . back_bb($in['content']) . '</textarea>
<br/>
<input type="submit" name="ok" value="Изменить"/>
</form>';
}
break;
// Добавление кода
case create:
if (isset($_POST['upl']))
{
$name = trim(mysql_real_escape_string(check($_POST['name'])));
$content = trim(mysql_real_escape_string(check($_POST['content'])));
$rzd = my_int($_POST['rzd']);
if (!check_syntax(trim($_POST['content']))) {
err('В коде допущены синтаксические ошибки!');
} elseif (empty($name)) {
err('Пустое название!');
} elseif (empty($content)) {
err('Пустое содержимое!');
} elseif (empty($rzd)) {
err('Не выбран раздел!');
} else {
mysql_query("INSERT INTO `coded_article` SET
`author` = '$user[id]',
`name` = '$name',
`content` = '$content',
`date` = '" . time() . "',
`uid` = '$rzd'");
$last = mysql_insert_id();
header('Location: codcat-info-' . $last);
}
}
echo '<form ENCTYPE="multipart/form-data" method="post" action="?do=create">
<label>Название:</label><br/>
<input type="text" name="name"/>
<br/>
<label>Содержание:</label><br/>
<textarea name="content" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<label>Выбрать раздел:</label><br/>
<select name="rzd">';
$from = mysql_query("SELECT * FROM `coded_razdel`");
while($a = mysql_fetch_assoc($from)) {
echo '<option value="' . $a['id'] . '">' . $a['name'] . '</option>';
}
echo '</select>
<br/>
<input type="submit" name="upl" value="Добавить"/>
</form>';
break;
case whovote:
$id = my_int($_GET['id']);
$v = my_int($_GET['v']);
$sql = mysql_query("SELECT id FROM coded_article WHERE id = '$id' LIMIT 1");
if (mysql_num_rows($sql) == false)
{
err('Ошибка!');
} elseif ($v != 1 && $v != 2) {
err('Ошибка!');
} else {
$var = ($v == 1) ? '`like`' : 'dlike';
$sel = mysql_result(mysql_query("SELECT COUNT(id) FROM rating_coded WHERE uid = '$id' AND $var = '1'"), 0);
if ($sel != 0)
{
$n = new navigator($sel, 10, 'codwv-whovote-'.$id.'-'.$v.'&');
$res = mysql_query("SELECT * FROM rating_coded WHERE uid = '$id' AND $var = '1' ORDER BY id DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($res))
{
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo us($a['who']) . $div_end;
}
echo $n->navi();
} else {
echo 'За этот вариант никто не голосовал.<br/>';
}
}
echo '« <a href="codlook-info-'.$id.'">Назад</a>';
break;
}
include 'system/foot.php';
?>