Файл: 4mast/profmas.ru/adm/forts.php
Строк: 58
<?php
require_once('../includes/Headers.php');
require_once('../includes/PDO_func.php');
require_once('../codes/pagination.php');
if (!isset ($us)) {
header ('location: /');
exit;
}
if ($us['level']<1) {
header ('location:/');
exit;
}
H ('Админ форум', 'Админ форум');
$db=DB::$dbs;
$id = isset($_GET['id']) ? intval($_GET['id']) : 1;
$phq = 'SELECT * FROM `adm_fort` WHERE `id` = '.$id;
$query = $db -> query($phq);
if ($query -> rowCount() == 0)
{
echo '<div class="error">Тем для обсуждения нет!</div>';
require_once('../includes/Footers.php');
exit();
}
else
{
$row = $query -> fetch(PDO::FETCH_LAZY);
if (isset($_POST['submit']))
{
$error=array();
if (empty($_POST['msg'])) $error[]='Вы не ввели сообщение';
if (empty($error))
{
if (!isset($_GET['send']))
{
$phq = 'INSERT INTO `adm_post` SET `id` = "NULL", `user` = "'.$us['id'].'", `msg` = ?, `ref` = '.$id.', `time` = "'.time().'", `send` = ""';
}
else
{
$phq = 'INSERT INTO `adm_post` SET `id` = "NULL", `user` = "'.$us['id'].'", `msg` = ?, `ref` = '.$id.', `time` = "'.time().'", `send` = "'.intval($_GET['send']).'"';
}
$db -> query($phq, array($_POST['msg']));
if ($row->user != $us['id'])
{
$db->query($phq);
}
if (isset($_GET['send']) AND $db->query('SELECT * FROM `us` WHERE `id` = "'.intval($_GET['send']).'"')->rowCount() > 0)
{
$msg='us{'.$us['id'].'} ответил вам в комментариях [url=/adm/forts.php?id='.intval($_GET['id']).']Админке[/url]!';
$phq = '
INSERT INTO `action`(`id`, `value`, `t`, `us`, `see`,`razd`)
VALUES ("NULL","'.$msg.'","'.time().'","'.intval($_GET['send']).'","1","comm")';
$db->query($phq);
} }
else
{
foreach ($error as $err)
{
echo '<div class="error">'.$err.'</div>';
}
}
}
?>
<div class="menu2"><?=htmlspecialchars($row->name);?></div>
<div class="lst"><b>1.</b> <?=Nick($row->user);?> <b><font color="green">[автор]</font></b> (<?=datef($row->time);?>) <?=($row->user != $us['id'] ? '<a href="?id='.intval($_GET['id']).'&send='.$row->user.'">[отв]</a>' : '');?>
<br><span style="word-wrap:break-word;"><?=tag(htmlspecialchars($row['sub']));?></span></div>
<div class="menu2">Обсуждение топика</div>
<?php if ($db->query('SELECT `id` FROM `adm_post` WHERE `ref` = '.$id)->rowCount() == 0) { ?>
<div class="error">Комментариев нет!</div>
<?php } else { $pg = new pagination();
$pg -> init(array('num'=>8, 'page' => isset($_GET['page']) ? $_GET['page'] : 1,
'posts' => $db->query('SELECT `id` FROM `adm_post` WHERE `ref` = '.$id)->rowCount()));
$query=$db->query('SELECT * FROM `adm_post` WHERE `ref` = '.$id.' ORDER BY `id` DESC LIMIT '.$pg->start.', '.$pg->num.'');
while ($row = $query -> fetch(PDO::FETCH_LAZY)) {
?>
<div class="lst">
<?=Nick($row->user);?> (<?=datef($row->time);?>)
<?=($row->send != 0 ? ' ответил '.Nick($row->send) : '')?>
<?=($row->user != $us['id'] ? '<a href="?id='.intval($_GET['id']).'&send='.$row->user.'">[отв]</a>' : '');?><br>
<?=tag(htmlspecialchars($row['msg']));?></div>
<?php $pg->display('?id='.intval($_GET['id']).'&page='); }} ?>
<div class="lst">
<?=(isset($_GET['send']) ? 'Ответ: '.Nick($_GET['send']) : '');?>
<form method="POST">
<textarea name="msg"></textarea><br>
<input type="submit" name="submit" value="Написать">
</form>
</div>
<?php
}
require_once('../includes/Footers.php');
?>