Файл: 4mast/profmas.ru/data/forum/forum.index.php
Строк: 144
<?PHP
require_once('../../includes/Headers.php');
require_once('../../includes/PDO_func.php');
if($us['id'] == false){
header('location: /login/auth');
exit;
}
$o = (isset($_GET['o']) AND !empty($_GET['o'])) ? htmlspecialchars($_GET['o']) : false;
switch($o) {
default:
H ('Форум мастеров', '<a href="/"/>Главная</a> | Меню форума');
if($us == true) {
echo '<div class="lst"> <img src="/images/forum/themes.png" alt="*" align="middle"/> Темы: <a href="/forums/them'.$us['id'].'">Мои</a> | <a href="/forums/themnew">Новые</a> | <a href="/forum/themup">Обновленные</a><br>
<img src="/images/forum/comments.png" alt="*" align="middle"/> Сообщения: <a href="/forums/post'.$us['id'].'">Мои</a> | <a href="/forums/postnew">Новые</a><br>
<a href="/modules/rules.php"><img src="/images/forums/rules.png" alt="*" align="middle"/> Правила</a> | <a href="/forums/themnep">Непрочитанное </a></div>';
}
$razdel = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_r`");
if($razdel == null) {
echo '<div class="access">Разделы ещё не созданы....</div>';
}
else
{
$Razdel = DB :: $dbs -> query ("SELECT id,name,opis FROM `forum_r` ORDER BY `id` ASC");
while ($razd = $Razdel -> fetch()) {
echo '<div class="menu2"><a class="link" href="/forums/'.$razd['id'].'"/>'.$razd['name'].'</a></div><div class="access">'.$razd['opis'].'</div> ';
$rt = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_t` where `id_r` = ?",array($razd['id']));
$rp = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_p` where `id_r` = ?",array($razd['id']));
$rtn = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_t` WHERE `id_r` = ? and `time` > ?",array($razd['id'],time()-86400));
$rpn = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_p` WHERE `id_r` = ? and `time` > ?",array($razd['id'],time()-86400));
echo '<div class="lst">';
echo 'Тем: <font color="green">'.$rt.'</font> <font color="red">'.($rtn>=1?'+'.$rtn.'':NULL).'</font>';
echo '<br/>';
echo 'Сообщения: <font color="green">'.$rp.'</font> <font color="red">'.($rpn>=1?'+'.$rpn.'':NULL).'</font>';
echo '</div>';
}
}
break;
case 'forum_razdel':
$frazdel = DB::$dbs->queryFetch("SELECT id,name FROM `forum_r` where `id` = ? limit 1",array($id));
if($frazdel == 0)
{
header('location: /forum/index');
}
H ($frazdel['name'], '<a href="/forum/index"/>Форум</a> | '.$frazdel['name']);
$prazdel = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_pr` where `id_r` = ?",array($frazdel['id']));
if($prazdel == null) {
echo '<div class="access">Подразделы ещё не созданы....</div>';
}
else
{
$Razdel = DB :: $dbs -> query ("SELECT * FROM `forum_pr` where `id_r` = ? ORDER BY `id` DESC",array($frazdel['id']));
while ($PRazd = $Razdel -> fetch()) {
echo '<a class="block" href="/forums/'.$frazdel['id'].'/'.$PRazd['id'].'"/><img src="'.$img.'"/> '.$PRazd['name'].'</a>';
$themes = DB::$dbs->query("SELECT * FROM `forum_t` where `type` = ? AND `id_r` = ? AND `id_pr` = ? order by `time` desc limit 1",array(1,$frazdel['id'],$PRazd['id']));
while($thema = $themes -> fetch()){
echo '<div class="lst">';
$c_p = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_p` WHERE `id_t`= ?",array($thema['id']));
echo '<img src="/images/prikrep.png" alt="'.$thema['name'].'"/> <a href="/forums/thema' . $thema['id'] . '/page' . ceil ( $c_p / 10 ) . '"> ' . $thema['name'] . ' </a>['.$c_p.']<br/>'.Nick($thema['us']).' ['.datef($thema['time']).']';
echo '</div>';
}
}
}
break;
case 'forum_pod':
$Razd = DB::$dbs->queryFetch("SELECT id,name from `forum_r` where `id` = ? limit 1",array($id));
if($Razd['name'] == NULL)
{
header('location:/forum/index');
}
$podrazdel = (isset($_GET['podrazdel']) AND is_numeric($_GET['podrazdel'])) ? (int)abs($_GET['podrazdel']) : TRUE;
$pr = DB::$dbs->queryFetch("SELECT name,id_r from `forum_pr` where `id` = ? limit 1",array($podrazdel));
if($pr['name'] == NULL)
{ header('location:/forums/'.$Razd['id']);
}
if(DB::$dbs->querySingle("SELECT count(id) FROM `forum_pr` where `name` = ? and `id_r` = ?",array($pr['name'],$Razd['id']))==0)
{
header('location:/forums/'.$Razd['id']);
}
H ($pr['name'], '<a href="/forums/'.$Razd['id'].'"/> '.$Razd['name'].' </a> » '.$pr['name']);
echo '<table class="post"><tbody><tr><td>';
if($us == true)
{
$wm = DB :: $dbs -> query ("SELECT * FROM `billing_wm` WHERE `id_us`=?", array ($us['id']))->fetch();
if(isset($_GET['create_them'])) {
if($Razd['id'] == '2' AND $us['level'] == 0) {
echo '<div class="error"> В данном разделе запрещено создавать темы!</div>';
echo '</td></tr></tbody></table>';
F ();
exit;
}
if($Razd['id'] == '5' or $Razd['id'] == '6' and $wm['type'] == 0)
{
echo '<div class="error"> У вас не подтвержден WMID</div>';
echo '</td></tr></tbody></table>';
F ();
exit;
}
if($Razd['id'] == '10' AND $us['jur']==0)
{
echo '<div class="error"> Вы не журналист</div>';
echo '</td></tr></tbody></table>';
F ();
exit;
}
if(isset($_POST['create']))
{
$name = (isset($_POST['name'])) ? htmlspecialchars($_POST['name']) : false;
$message = (isset($_POST['message'])) ? htmlspecialchars($_POST['message']) : false;
if(empty($name) or strlen($name)<6 or strlen($name)>100)
{
echo '<div class="error">Недопустимая длина названия темы!</div>';
$error = true;
}
if(empty($message) or strlen($message)<3)
{
echo '<div class="error">Слишком короткая длина текста!</div>';
$error = true;
}
if(DB::$dbs->querySingle("SELECT count(id) FROM `forum_t` where `name` = ? and `id_pr` = ? and `us` = ?",array($name,$podrazdel,$us['id']))>=1)
{
echo '<div class="error">Вы уже создавал в этом подразделе подобную тему...</div>';
$error = true;
}
if($error == false) {
if($Razd['id'] == 6) {
$value = 'В целях Вашей безопасности, администрация сайта 4mast.ru рекомендует совершать сделки с автором темы, по его заполненым реквизитам в анкете <br/>WMR: [green]'.$wm['wmr'].'[/green] <br/>WMID: [green]'.$wm['wmid'].'[/green]';
}
else {
$value = 'Тема успешно создана!:-)<br/> В теме строго ЗАПРЕЩЕНЫ нецензурные выражения, флейм, флуд , создание "пустых", неинформативных сообщений, и пр., что запрещают правила сайта! (всё это не относитса к разделу Общение!)!
<br/>Нарушители данных правил могут быть лишены доступа на форум.
<br/>[b]Внимание! Этот пост сгенерирован роботом, и отвечать на него ненужно![/b]';
}
DB::$dbs->query("INSERT INTO `forum_t` (`id_r`,`id_pr`,`us`,`name`,`last`,`time`,`date`) VALUES (?,?,?,?,?,?,?)",array ($Razd['id'], $podrazdel, $us['id'], $name, $us['id'], time(),time()));
$them = DB::$dbs->lastInsertId();
DB::$dbs->query("INSERT INTO `forum_p` (`id_r`,`id_pr`,`id_t`,`us`,`text`,`time`) VALUES (?,?,?,?,?,?)",array($Razd['id'],$podrazdel,$them,$us['id'],$message,time()));
DB::$dbs->query("INSERT INTO `forum_p` (`id_r`,`id_pr`,`id_t`,`us`,`text`,`time`) VALUES (?,?,?,?,?,?)",array($Razd['id'],$podrazdel,$them,189,$value,time()));
DB :: $dbs -> query ("INSERT INTO `forum_podp` (`id_r`,`id_pr`, `id_t`,`us`) values (?,?,?,?)", array($Razd['id'] ,$podrazdel, $them, $us['id']));
header ('location: /forum/thema' . $them);
}
}
echo'<form action="" method="post">';
echo'<div class="list1">';
echo 'Название темы:[6-100]<br/>';
echo '<input type="text" name="name"/>';
echo '<br/>Текст сообщения:<br/>';
echo '<textarea name="message">';
echo '</textarea>';
echo '<br/><input type="submit" name="create" value="Создать тему"/></div>';
echo '</td></tr></tbody></table>';
F ();
exit;
}
echo '<a class="block" href="?create_them"/><img src="/images/nt.png" alt="*"> Создать тему</a>';
}
$items = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_t` where `id_r` = ? AND `id_pr` = ?",array($Razd['id'],$podrazdel));
$items_per_page = 10;
$pages = ceil($items/$items_per_page);
if ($page < 1) { $page = 1; }
if ($page > $pages) {$page = $pages;}
$start = $page * $items_per_page - $items_per_page;
if($items == null) {
echo '<div class="error">Тем нет...</div>';
}
else
{
$thems = DB :: $dbs -> query ("SELECT * FROM `forum_t` WHERE `id_r`= ? AND `id_pr` = ? ORDER BY `id` DESC LIMIT $start, $items_per_page ",array($Razd['id'],$podrazdel));
while ($pt = $thems -> fetch()) {
$c_p = DB :: $dbs -> querySingle ("SELECT COUNT(id) FROM `forum_p` WHERE `id_t`= ?",array($pt['id']));
echo '<a class="block" href="/forum/thema' . $pt['id'] . '/page' . ceil ( $c_p / 10 ) . '"><img src="/images/prikrep.png" alt="'.$pt['name'].'"/> ' . $pt['name'] . ' ['.$c_p.']</a>';
echo '<div class="lst">'.Nick($pt['us']).' ['.datef($pt['time']).']</div>';
}
}
if($items>10) page('/forum/'.$id.'/'.$podrazdel);
echo '</td></tr></tbody></table>';
break;
/*
---
Перемещение темы
---
*/
case thm:
if (!isset ($_GET['id'])) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `forum_t` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount ()==0) {
header ('location: /');
exit;
}
$t = $query -> fetch ();
$a = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $t['us'] . "')");
if ($us['level']<0) {
header ('location: /forum/thema' . $t['id']);
exit;
}
H ('Переместить тему', '<a href="/forum/thema' . $t['id'] . '" style="color:white;">' . $t['name'] . '</a>');
echo '
<div class="list1">
<form action="/forum.php?mod=thm&id=' . $t['id'] . '&ok" method="post">
<select name="pr"/>
';
$query = DB :: $dbs -> query ("SELECT * FROM `forum_r` ORDER BY `id`");
while ($r = $query -> fetch()) {
echo '
<option value="">' . $r['name'] . '</option>
';
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `forum_pr` WHERE (`id_r`='" . $r['id'] . "')") != 0) {
$q = DB :: $dbs -> query ("SELECT * FROM `forum_pr` WHERE (`id_r`='" . $r['id'] . "') ORDER BY `id`");
while ($pr = $q -> fetch ()) {
echo '
<option value="' . $pr['id'] . '">---' . $pr['name'] . '</option>
';
}
}
}
echo '
</select><br/>
<input type="submit" value="Переместить"/>
</form>
</div>
';
if (isset ($_GET['ok'])) {
$query = DB :: $dbs -> query ("SELECT * FROM `forum_pr` WHERE (`id`=?)", array (intval ($_POST['pr'])));
if ($query -> rowCount () == 0) {
header ('location: /forum.php?mod=thm&id=' . $t['id']);
exit;
}
$pr = $query -> fetch ();
$r = DB :: $dbs -> queryFetch ("SELECT * FROM `forum_r` WHERE (`id`='" . $pr['id_r'] . "')");
if ($t['id_r']!=$r['id'] || $t['id_pr']!=$pr['id']) {
DB :: $dbs -> query ("UPDATE `forum_t` SET `id_r`='" . $pr['id_r'] . "', `id_pr`='" . $pr['id'] . "', `name`='" . $t['name'] . " (перенесено)' WHERE (`id`='" . $t['id'] . "')");
DB :: $dbs -> query ("UPDATE `forum_visit` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
//
DB :: $dbs -> query ("UPDATE `forum_podp` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
//
DB :: $dbs -> query ("UPDATE `forum_p` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
//
DB :: $dbs -> query ("UPDATE `forum_reds` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
//
DB :: $dbs -> query ("UPDATE `forum_vote` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
//
DB :: $dbs -> query ("UPDATE `forum_f` SET `id_r`='" . $r['id'] . "', `id_pr`='" . $pr['id'] . "' WHERE (`id_t`='" . $t['id'] . "')");
DB :: $dbs -> query ("INSERT INTO `forum_p` (`id_r`, `id_pr`, `id_t`,`us`, `text`, `time`) VALUES ('" . $r['id'] . "', '" . $pr['id'] . "', '" . $t['id'] . "', '" . $us['id'] . "', '[b]Тема перемещена в " . $r['name'] . "/" . $pr['name'] . "![/b]', '" . time () . "')");
}
header ('location: /forum/thema' . $t['id']);
}
echo '<div class="navg"><a href="/forum/thema' . $t['id'] . '">Вернуться</a></div>';
break;
}
require_once('../../includes/Footers.php');
?>