Файл: moduls/forum/new_post.php
Строк: 71
<?php
/**
* @package Prime Social
* @link http://primesocial.ru
* @copyright Copyright (C) 2016 Prime Social
* @author BoB | http://primesocial.ru/about
*/
require_once('../../core/start.php');
require_once('func.php');
check_auth();
$forum = DB::$dbs->queryFetch("SELECT * FROM ".FORUMS." WHERE `id` = ? ", array(abs(num($_GET['forum']))));
if (empty($forum)) {
head('Forum topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/forum/">Forum</a> / <b>Forum topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$forumc = DB::$dbs->queryFetch("SELECT * FROM ".FORUMS_CAT." WHERE `id` = ? ", array(abs(num($_GET['forumc']))));
if (empty($forumc)) {
head('Podforum topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/forum/">Forum</a> / <b>Podforum topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$theme = DB::$dbs->queryFetch("SELECT * FROM ".FORUMS_THEME." WHERE `id` = ? ", array(abs(num($_GET['theme']))));
if (empty($theme)) {
head('Mavzu topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/forum/">Forum</a> / <b>Mavzu topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if ($theme['status'] == 1) {
head('Mavzu yopilgan');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/forum/">Forum</a> / <b>Mavzu yopilgan</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
head(' ' . $theme['name'].' mavzuda javob');
if (!empty($_GET['post'])) {
$post = DB::$dbs->queryFetch("SELECT * FROM ".FORUMS_POST." WHERE `id` = ? ", array(abs(num($_GET['post']))));
if ($post) {
echo DIV_BLOCK;
echo '<b>Sharhga javob:</b><br />';
echo '<b>' . userLink($post['user_id']) . '</b> [' . vrem($post['time']) . ']<br />';
echo SubstrMaus(text($post['msg']), 100);
echo CLOSE_DIV;
}
}
if (!empty($_GET['ctpost'])) {
$post2 = DB::$dbs->queryFetch("SELECT * FROM ".FORUMS_POST." WHERE `id` = ? ", array(abs(num($_GET['ctpost']))));
if ($post2) {
echo DIV_BLOCK;
echo '<b>Sharga sitata keltirish:</b><br />';
echo '<b>' . userLink($post2['user_id']) . '</b> [' . vrem($post2['time']) . ']<br />';
echo SubstrMaus(text($post2['msg']), 100);
echo CLOSE_DIV;
}
}
if ($_POST['add']) {
$msg = html($_POST['msg']);
if (empty($msg)) {
$err .= 'Habar kiriting.<br />';
}
if (!empty($_FILES['file'])) {
$name = $_FILES['file']['name']; # Fayl nomi
$ext = strtolower(strrchr($name, '.')); # Fayl formati
$size = $_FILES['file']['size']; # Fayl hajmi
$time = time();
$file = $time.$ext;
if ($size > (1048576 * $config['max_upload_forum'])) {
$err .= 'Fayl hajmi belgilangan miqdordan oshmoqda. [Max. '.$config['max_upload_forum'].'Mb.]<br />';
}
if (preg_match('/.phtml/i', $name) || preg_match('/.php/i', $name) || preg_match('/.pl/i', $name) || $name == '.htaccess') {
$err .= 'Fayl formatida xatolik.<br />';
}
}
if (empty($err)) {
$posts = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".FORUMS_POST." WHERE `theme_id` = ? ", array($theme['id']));
$page = ceil(($posts / $config['write']['forum_post']));
if (!empty($ext)) {
copy($_FILES['file']['tmp_name'], '../../files/forum/'.$time.$ext);
}
$file = (empty($ext) ? 0 : $file);
if (!empty($post)) {
$ank = DB::$dbs->queryFetch("SELECT `user_id`, `nick` FROM ".USERS." WHERE `user_id` = ?",array($post['user_id']));
$msg = '[b]' . $ank['nick'] . '[/b], ' . $msg;
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> sizning habaringizga, <a href="'.HOME.'/forum/'.$forum['id'].'/'.$forumc['id'].'/'.$theme['id'].'/?p='.$page.'"><b>'.$theme['name'].'</b></a> mavzuda jabob berdi';
lenta($lenta, $ank['user_id']);
$var = TRUE;
}
if (!empty($post2)) {
$ct = $post2['id'];
} else {
$ct = NULL;
}
if (empty($var) && !empty($theme['uvedom'])) {
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> sizning <a href="'.HOME.'/forum/'.$forum['id'].'/'.$forumc['id'].'/'.$theme['id'].'/?p='.$page.'"><b>'.$theme['name'].'</b></a> mavzungizda habar qoldirdi';
lenta($lenta, $theme['user_id']);
}
//new_posts($theme['id']);
DB::$dbs->query("INSERT INTO ".FORUM_POST." (`forum_id`, `forumc_id`, `theme_id`, `msg`, `user_id`, `time`, `file`, `ct`) VALUES
(?,?,?,?,?,?,?,?)", array($forum['id'], $forumc['id'], $theme['id'], $msg, $user['user_id'], time(), $file, $ct));
DB::$dbs->query("UPDATE ".FORUMS_THEME." SET `activ` = ? WHERE `id` = ? ", array(time(), $theme['id']));
balls_operation(2);
header("Location: ".HOME."/forum/".$forum['id']."/".$forumc['id']."/".$theme['id']."/?p=".$page);
} else {
echo DIV_ERROR . $err . CLOSE_DIV;
}
}
echo DIV_BLOCK;
echo '<form action="#" enctype="multipart/form-data" method="POST">';
echo '<b>Habar:</b> [min. 20]<br /><textarea name="msg"></textarea><br />';
echo '<b>Fayl biriktirish:</b> [max. '.$config['max_upload_forum'].'mb.]<br /><input type="file" name="file"/><br /><br />';
echo '<input type="submit" name="add" value="Javob berish" /><br />';
echo '</form>';
echo CLOSE_DIV;
echo DIV_LI . '<a href="'.HOME.'/forum/'.$forum['id'].'/'.$forumc['id'].'/'.$theme['id'].'/"><b>Mavzuga qaytish</b></a>' . CLOSE_DIV;
$array = array('Forum');
nav($array);
require_once('../../core/stop.php');
?>