Файл: Arhmobi_esdcms/theme/comments.php
Строк: 126
<?php
include_once '../sys/inc/start.php';
if (AJAX)
$doc = new document_json();
else
$doc = new document();
$doc->title = __('Комментарии к теме');
$doc->ret(__('Все темы'), './');
$id = (int)@$_GET['id'];
$q = $db->query("SELECT * FROM `theme` WHERE `id` = '".$id."'");
if (!$theme = $q->fetch()){ $doc->err(__('Тема не найдена или удалена')); exit;}
include 'theme.votes.php';
$listing = new listing();
$post = $listing->post();
$ank = new user((int) $theme['id_user']);
$post->icon('themy');
$post->content = text::toOutput($theme['text']);
$post->title = 'Тема дня: '.text::toValue($theme['title']);
$post->highlight = true;
$post->time = misc::when($theme['time']);
$post->bottom = $ank->show();
if ($user->group >= max($ank->group, 4)) {
if (!$theme['sended']) {
$post->action('send', "theme.send.php?id=$theme[id]");
}
if($theme['id_vote']){
$doc->act(__('Редактировать голосование'), 'vote.edit.php?id='.$theme['id']);}else{
$doc->act(__('Создать голосование'), 'vote.new.php?id='.$theme['id']);}
$post->action('edit', "theme.edit.php?id=$theme[id]"); // редактирование
$post->action('delete', "theme.delete.php?id=$theme[id]"); // удаление
}
$listing->display();
$can_write = true;
if (!$user->is_writeable) {
$doc->msg(__('Писать запрещено'), 'write_denied');
$can_write = false;
}
$pages = new pages($db->query("SELECT COUNT(*) FROM `theme_comments` WHERE `id_theme` = '".$theme['id']."'")->fetchColumn());
$pages->this_page();
if ($can_write && $pages->this_page == 1) {
if (isset($_POST['send']) && isset($_POST['message']) && isset($_POST['token']) && $user->group) {
$message = (string)$_POST['message'];
$users_in_message = text::nickSearch($message);
$message = text::input_text($message);
if (!antiflood::useToken($_POST['token'], 'theme_comments')) {
// нет токена (обычно, повторная отправка формы)
} elseif ($dcms->censure && $mat = is_valid::mat($message)) {
$doc->err(__('Обнаружен мат: %s', $mat));
} elseif ($message) {
//$user->balls += $dcms->add_balls_chat ;
$res = $db->prepare("INSERT INTO `theme_comments` (`id_theme`, `id_user`, `time`, `text`) VALUES (?,?,?,?)");
$res->execute(Array($theme['id'], $user->id, TIME, $message));
header('Refresh: 1; url=?id=' . $id . '&' . passgen());
$doc->ret(__('Вернуться'), '?' . passgen());
$doc->msg(__('Сообщение успешно отправлено'));
if ($doc instanceof document_json) {
$doc->form_value('message', '');
$doc->form_value('token', antiflood::getToken('theme_comments'));
}
exit;
} else {
$doc->err(__('Сообщение пусто'));
}
if ($doc instanceof document_json)
$doc->form_value('token', antiflood::getToken('theme_comments'));
}
if ($user->group) {
$message_form = '';
if (isset($_GET ['message']) && is_numeric($_GET ['message'])) {
$id_message = (int)$_GET ['message'];
$q = $db->prepare("SELECT * FROM `theme_comments` WHERE `id` = ? LIMIT 1");
$q->execute(Array($id_message));
if ($message = $q->fetch()) {
$ank = new user($message['id_user']);
if (isset($_GET['reply'])) {
$message_form = '@' . $ank->login . ',';
} elseif (isset($_GET['quote'])) {
$message_form = "@$ank->login, [quote id_user="{$ank->id}" time="{$message['time']}"]{$message['message']}[/quote]";
}
}
}
if (!AJAX) {
$form = new form('?id=' . $id . '&' . passgen());
$form->refresh_url('?id=' . $id . '&' . passgen());
$form->setAjaxUrl('?id=' . $id . '&' . passgen());
$form->hidden('token', antiflood::getToken('theme_comments'));
$form->textarea('message', __('Сообщение'), $message_form, true);
$form->button(__('Отправить'), 'send', false);
$form->display();
}
}
}
$listing = new listing();
// привязываем форму к листингу, чтобы листинг мог обновиться при отправке формы через AJAX
if (!empty($form))
$listing->setForm($form);
$q = $db->prepare("SELECT * FROM `theme_comments` WHERE `id_theme` = ? ORDER BY `id` DESC LIMIT $pages->limit");
$q->execute(Array($theme['id']));
$after_id = false;
if ($arr = $q->fetchAll()) {
foreach ($arr AS $message) {
$ank = new user($message['id_user']);
$post = $listing->post();
$post->id = 'theme_comments_' . $message['id'];
$post->url = '/profile.view.php?id='.$ank->id;
$post->time = misc::when($message['time']);
$post->title = $ank->nick();
$post->image = $ank->ava();
$post->post = text::toOutput($message['text']);
if ($user->group) {
$post->action('reply', '?id=' . $theme['id'] . '&message=' . $message['id'] . '&reply');
$post->action('quote', '?id=' . $theme['id'] . '&message=' . $message['id'] . '&quote');
}
if ($user->group >= 2) {
$post->action('delete', "comment.delete.php?id=$message[id]&return=" . URL);
}
if (!$doc->last_modified)
$doc->last_modified = $message['time'];
if ($doc instanceof document_json)
$doc->add_post($post, $after_id);
$after_id = $post->id;
}
}
if ($doc instanceof document_json && !$arr){
$post = new listing_post(__('Комментарии отсутствуют'));
$post->icon('empty');
$doc->add_post($post);
}
$listing->setAjaxUrl('?id=' . $id . '&page=' . $pages->this_page);
$listing->display(__('Комментарии отсутствуют'));
$pages->display('?id=' . $id . '&'); // вывод страниц
if ($doc instanceof document_json)
$doc->set_pages($pages);