Файл: _gladiators2_/gladiators2/gladiators/gladiators/system/modules/mod_forum.php
Строк: 173
<?
$db = new DBconn;
$db->Conn("greece",$server_conf);
$forum_id = explode("?",$path[2]);
$topic_id = explode(".",$path[3]);
$topic_p = explode("?",$topic_id[1]);
function check_close($file,$id) //== Важность топа
{
global $root;
if(!$file)
$file = file($root."/database/forum/closed.dat");
$find = 0;
$i = 0;
if(preg_match("/^(".$id.";)/",$file[0]) || preg_match("/(;".$id.";)/",$file[0]))
$find = 1;
return $find;
}
function topic_close($id)
{
global $root;
$fp = fopen($root."/database/forum/closed.dat","a+");
flock($fp,2);
fwrite($fp,$id.";");
flock($fp,3);
fclose($fp);
}
function topic_open($id)
{
global $root;
$file = file($root."/database/forum/closed.dat");
$file[0] = str_replace($id.";","",$file[0]);
$fp = fopen($root."/database/forum/closed.dat","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
return $find;
}
if($_POST["add"] && $_POST["mess"])
{
$_POST["mess"] = StripSlashes(trim($_POST["mess"]));
$_POST["tema"] = StripSlashes(trim($_POST["tema"]));
$_POST["tema"] = htmlspecialchars($_POST["tema"]);
$_POST["mess"] = htmlspecialchars($_POST["mess"]);
$_POST["mess"] = str_replace("|","I",$_POST["mess"]);
$_POST["tema"] = str_replace("|","I",$_POST["tema"]);
$_POST["mess"] = str_replace("rn"," <br> ",$_POST["mess"]);
$_POST["tema"] = str_replace("rn"," ",$_POST["tema"]);
$_POST["mess"] = string_cut($_POST["mess"],100);
$db->query("select login,level,align,klan from users where id=".$_SESSION["id"]);
$db->fetch_array();
$access = 0;
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$write = $file[2];
$edit = $file[3];
$moder = explode(" ",$moder);
$write = explode(" ",$write);
$edit = explode(" ",$edit);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(strstr($write[1],"all"))
$access = 1;
elseif(strstr($write[1],"moder") && $moder_on)
$access = 1;
elseif(preg_match("/^(uid_".$_SESSION["id"].";)/",$write[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$write[1]))
$access = 1;
elseif(preg_match("/^(align_".$db->row["align"].";)/",$write[1]) || preg_match("/(;align_".$db->row["align"].";)/",$write[1]))
$access = 1;
$editable = 0;
if(strstr($edit[1],"all"))
$editable = 1;
elseif(strstr($edit[1],"moder") && $moder_on)
$editable = 1;
elseif(preg_match("/^(uid_".$_SESSION["id"].";)/",$edit[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$edit[1]))
$editable = 1;
elseif(preg_match("/^(align_".$db->row["align"].";)/",$edit[1]) || preg_match("/(;align_".$db->row["align"].";)/",$edit[1]))
$editable = 1;
if(!$access)
$error_msg = "<span style='color:darkred;font-weight:bold'>У вас нет прав для добавления сообщений в данной конференции!</span>";
elseif(check_blockip($HTTP_SERVER_VARS["REMOTE_ADDR"]))
$error_msg = "Ваш ip-адрес заблокирован. Вы не имеете права писать на форуме.";
elseif($_POST["tema"] && !preg_match("/^[a-zA-Zа-яА-Я]/",$_POST["tema"]))
$error_msg = "Название темы должно начинаться с буквы.";
elseif(!$topic_id[0] && !$_POST["tema"])
$error_msg = "Вы не указали название топа!";
elseif(check_fmuzz($_SESSION["login"]))
$error_msg = "Вы обладатель форумного кляпа, и не имеете права писать на форуме некоторое время!";
elseif($db->row["level"] < 2)
$error_msg = "Вы слишком малы, чтобы общаться со старшими :) Писать на форуме можно только со 2-го уровня!";
elseif($_POST["edit_id"] && $editable)
{ // EDIT MESSAGE
$post_id = explode("_",$path[4]);
if(!$_POST["tema"])
$_POST["tema"] = "ответный пост";
if(!file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic"))
$error_msg = "Не верные параметры";
elseif(check_close("",$topic_id[0]))
$error_msg = "Вы не можете редактировать сообщение, так как топик закрыт.";
else
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
$i = 0;
$found = 0;
$row_string = 0;
while($i<=count($file)-1 && !$found)
{
$row = explode("|",$file[$i]);
$row_pl = explode("#",$row[3]);
if($row[0]==$_POST["edit_id"] && $row_pl[0]==$_SESSION["login"])
{
$row[1] = $_POST["tema"];
$row[4] = $_POST["mess"];
$file[$i] = implode("|",$row);
if($_POST["importent"]=="on" && $moder_on && !check_pr("",$_POST["edit_id"]))
add_pr($_POST["edit_id"]);
elseif(!$_POST["importent"] && $moder_on && check_pr("",$_POST["edit_id"]))
del_pr($_POST["edit_id"]);
$fp = fopen($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
$found = 1;
}
$i++;
}
}
echo"<script language=javascript>window.location=window.location.href;</script>";
}
elseif(!$_POST["edit_id"])
{
if($topic_id[0] && check_close("",$topic_id[0]))
$error_msg = "Вы не можете редактировать сообщение, так как топик закрыт.";
else
{
if(!$_POST["tema"])
$_POST["tema"] = "ответный пост";
if($topic_id[0])
$id_tema = intval($topic_id[0]);
else
$id_tema = time();
$mess_id = time();
if($_POST["importent"]=="on" && $moder_on && !check_pr("",$mess_id))
add_pr($mess_id);
$fp = fopen($root."/database/forum/".$forum_id[0]."/".$id_tema.".topic","a+");
flock($fp,2);
fwrite($fp,$mess_id."|".$_POST["tema"]."|".Date("Y.m.d H:i:s")."|".$db->row["login"]."#".$db->row["level"]."#".$db->row["klan"]."#".$db->row["align"]."|".$_POST["mess"]."|n");
flock($fp,3);
fclose($fp);
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
}
elseif(preg_match("/^(deltopic_)[0-9]+$/",$path[4]) && $forum_id[0])
{
$post_id = explode("_",$path[4]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$del = $file[4];
$moder = explode(" ",$moder);
$del = explode(" ",$del);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
$delitable = 0;
if(strstr($del[1],"all"))
$delitable = 1;
elseif(strstr($del[1],"moder") && $moder_on)
$delitable = 1;
elseif(preg_match("/^(uid_".$_SESSION["id"].";)/",$del[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$del[1]))
$delitable = 1;
elseif(preg_match("/^(align_".$db->row["align"].";)/",$del[1]) || preg_match("/(;align_".$db->row["align"].";)/",$del[1]))
$delitable = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$post_id[1].".topic") && $delitable)
{
unlink($root."/database/forum/".$forum_id[0]."/".$post_id[1].".topic");
Header("Location: /forum/".$forum_id[0]);
}
}
elseif(preg_match("/^(delete_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0])
{
$post_id = explode("_",$path[4]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$del = $file[4];
$moder = explode(" ",$moder);
$del = explode(" ",$del);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
$delitable = 0;
if(strstr($del[1],"all"))
$delitable = 1;
elseif(strstr($del[1],"moder") && $moder_on)
$delitable = 1;
elseif(preg_match("/^(uid_".$_SESSION["id"].";)/",$del[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$del[1]))
$delitable = 1;
elseif(preg_match("/^(align_".$db->row["align"].";)/",$del[1]) || preg_match("/(;align_".$db->row["align"].";)/",$del[1]))
$delitable = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $delitable)
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
for($i=0;$i<=count($file)-1;$i++)
{
$row = explode("|",$file[$i]);
if($row[0]==$post_id[1])
{
unset($file[$i]);
break;
}
}
if(count($file)==0)
unlink($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
else
{
$fp = fopen($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
}
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
elseif(preg_match("/^(hidden_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0])
{
$post_id = explode("_",$path[4]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$moder = explode(" ",$moder);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $moder_on)
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
for($i=0;$i<=count($file)-1;$i++)
{
$row = explode("|",$file[$i]);
if($row[0]==$post_id[1])
{
$row[4] = "<span style='color:red'>Сообщение удалено. Модератор: ".$_SESSION["login"].".<br><br><span class=comm>Возможные причины:<br>1. Сообщение рассмотрено, а информация скрыта от лишних глаз.<br>2. Нарушение действующих законов МГ либо правил конференции.</span></span>";
$file[$i] = implode("|",$row);
$find = 1;
break;
}
}
if($find)
{
$fp = fopen($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
}
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
elseif(preg_match("/^(add_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0] && $_POST["text"])
{
$post_id = explode("_",$path[4]);
$_POST["text"] = htmlspecialchars($_POST["text"]);
$_POST["text"] = trim($_POST["text"]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$moder = explode(" ",$moder);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $moder_on)
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
for($i=0;$i<=count($file)-1;$i++)
{
$row = explode("|",$file[$i]);
if($row[0]==$post_id[1])
{
$row[4] .= "<br><br><span style='color:red'><b>".$_SESSION["login"]."</b>: ".$_POST["text"].".</span>";
$file[$i] = implode("|",$row);
$find = 1;
break;
}
}
if($find)
{
$fp = fopen($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
}
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
elseif(preg_match("/^(closetopic_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0])
{
$post_id = explode("_",$path[4]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$moder = explode(" ",$moder);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $moder_on)
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
if(!check_close("",$post_id[1]))
topic_close($post_id[1]);
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
elseif(preg_match("/^(opentopic_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0])
{
$post_id = explode("_",$path[4]);
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$moder = explode(" ",$moder);
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $moder_on)
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
if(check_close("",$post_id[1]))
topic_open($post_id[1]);
}
Header("Location: /forum/".$forum_id[0]."/".$topic_id[0].".html?".$topic_p[1]);
}
if(preg_match("/^(edit_)[0-9]+$/",$path[4]) && $forum_id[0] && $topic_id[0])
{
$db->query("select login,level,align,klan from users where id=".$_SESSION["id"]);
$db->fetch_array();
$file = file($root."/database/forum/".$forum_id[0]."/settings.set");
$moder = $file[0];
$edit = $file[3];
$moder = explode(" ",$moder);
$edit = explode(" ",$edit);
$post_id = explode("_",$path[4]);
$editable = 0;
$moder_on = 0;
if(preg_match("/^(uid_".$_SESSION["id"].";)/",$moder[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$moder[1]))
$moder_on = 1;
if(strstr($edit[1],"all"))
$editable = 1;
elseif(strstr($edit[1],"moder") && $moder_on)
$editable = 1;
elseif(preg_match("/^(uid_".$_SESSION["id"].";)/",$edit[1]) || preg_match("/(;uid_".$_SESSION["id"].";)/",$edit[1]))
$editable = 1;
elseif(preg_match("/^(align_".$db->row["align"].";)/",$edit[1]) || preg_match("/(;align_".$db->row["align"].";)/",$edit[1]))
$editable = 1;
if(file_exists($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic") && $editable && !check_close("",$topic_id[0]))
{
$file = file($root."/database/forum/".$forum_id[0]."/".$topic_id[0].".topic");
$i = 0;
$found = 0;
$row_string = 0;
while($i<=count($file)-1 && !$found)
{
$row = explode("|",$file[$i]);
$row_pl = explode("#",$row[3]);
if($row[0]==$post_id[1] && $row_pl[0]==$_SESSION["login"])
{
$row_string = $row;
$found = 1;
}
$i++;
}
}
}
function check_pr($file,$id) //== Важность топа
{
global $root;
if(!$file)
$file = file($root."/database/forum/important.dat");
$find = 0;
$i = 0;
if(preg_match("/^(".$id.";)/",$file[0]) || preg_match("/(;".$id.";)/",$file[0]))
$find = 1;
return $find;
}
function add_pr($id)
{
global $root;
$fp = fopen($root."/database/forum/important.dat","a+");
flock($fp,2);
fwrite($fp,$id.";");
flock($fp,3);
fclose($fp);
}
function del_pr($id)
{
global $root;
$file = file($root."/database/forum/important.dat");
$file[0] = str_replace($id.";","",$file[0]);
$fp = fopen($root."/database/forum/important.dat","w");
flock($fp,2);
fwrite($fp,implode("",$file));
flock($fp,3);
fclose($fp);
return $find;
}
?>