Файл: liwar.ru/guest.php
Строк: 64
<?php
include_once 'Yadro/PDO_connect.php';
$set = DB::$dbs->queryFetch("SELECT * FROM `set_modul`");
if($set['guest']==1){
verh('Гостевая игроков');
include 'Yadro/Functions.php';
if (isset($_GET['del']) && $cms->us['level']>=7){
DB::$dbs->query("DELETE FROM `guest` WHERE `id`= ? limit 1",array($func->num($_GET['del'])));
echo '<div class="info_err">Удалено</div>';}
$add = (isset($_GET['add']) ? secure($_GET['add']):NULL);
if(isset($add)){
if($_SESSION['flood']>time()-10){ $cms->error = 'Антифлуд! Подождите '.$func->flood('sec',10,$_SESSION['flood']).'.'; }
$message = secure($_POST['message']);
if(DB::$dbs->querySingle("SELECT count(id) from `guest` where `user_id` = ? and `message` = ?",array($cms->us['id'],$message))>=1){
$cms->error = 'Вы уже писали подобное!';
}
if(!$message){$cms->error = 'Пустое сообщение!'; }
$uid = (isset($cms->us['id'])?$cms->us['id']:0);
if(!isset($cms->error)){DB::$dbs->query("INSERT INTO `guest` (`message`,`time`,`user_id`) VALUES (?,?,?)",array($message,time(),$uid)); $_SESSION['flood'] = time();
echo'<div class="info_not">Добавлено</div>'; }else{ echo'<div class="info_err">'.$cms->error.'</div>'; }}
if(isset($_GET['otv'])){
$inf = DB::$dbs->queryFetch("SELECT user_id from `guest` where `id` = ? limit 1",array($func->num($_GET['otv'])));
if($inf['user_id'] == 0){ $us['nick'] = 'Гость'; }else{
$us = DB::$dbs->queryFetch("SELECT nick from `us` where `id` = ? limit 1",array($inf['user_id']));
}
}
echo'<div class="player">
<form action="guest.php?add" name="form" method="post" accept-charset="utf-8">
<label for="message">Сообщение</label> <span class="small_text">
</span>
<br />
<input type="text" name="message" value="'.(isset($_GET['otv'])?'[b]'.$us['nick'].'[/b], ':null).'" rows="5" style="width:98%" /><br><input type="submit" name="submit" value="Сказать" />
<a href="faq.php?go=smile">Cмайлы</a>|<a href="?"><font color=grey><u>Oбновить</u></font></a></form> </div>';
include 'Yadro/bb.php';
if($func->getCount('id','guest')==0) {echo '<div class="info_err">Нет сообщений...</div>'; }else{
$num = 10;
$posts = $func->getCount('id','guest');
$total = intval(($posts - 1) / $num) + 1;
$page = abs(intval($_GET['page']));
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$guest = DB::$dbs->query("SELECT * FROM `guest` ORDER BY `id` DESC limit $start,$num");
while($g = $guest -> fetch()){
echo'<div class="player">'.($cms->us['level']>=7?'<a href="?del='.$g['id'].'"><b><font color=darkred>х</b></a></font>':NULL).' <font size=1 color=grey><span class="float-right">'.t($g['time']).': </span></font>'.($g['user_id']==0?'<b>Гость</b>':$func->uNick($g['user_id'])).'<span class="small_text">';
echo (($cms->us['id']==$g['user_id'])?NULL:'<a href="?otv='.$g['id'].'"> >></a><br>').' ';
echo'</span> ';
echo $func->text($g['message']).'</div><div class="line_1"></div>';}
$func->page('?');}
}else{header('location:/');}
niz();
?>