Файл: modules/news.php
Строк: 156
<?php
define('NTOP', 1);
$title = 'Новости';
require_once ('../system/connect.php');
require_once ('../system/core.php');
require_once ('../system/function.php');
require_once ('../system/head.php');
switch($act){
default:
echo '<div class="container" id="page"><h1>Новости Топ-Рейтинга</h1><hr/>';
$count = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news`"));
if($count > 0)
{
$total=intval(($count-1)/$page_news)+1;
$page=abs(intval($_GET['page']));
if(empty($page) OR $page < 0)
{
$page = 1;
}
if($page > $total)
{
$page = $total;
}
$past=intval($count/$page_news);
$start=$page*$page_news-$page_news;
$news = mysql_query("SELECT * FROM `".$prefix."news` ORDER BY `time` DESC LIMIT ".$start.",".$page_news."");
while($row = mysql_fetch_array($news))
{
$start++;
$count_comment = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$row['id']."'"));
echo'<div class="news-block">
<div class="news-title">'.$row['name'].'</div>';
echo '<div class="news-info">Дата: '.data($row['time']).'</div>';
echo '<div class="news-content">';
echo '<p>'.$row['text'].'</p>';
echo '<a href="http://'.$set['home'].'/modules/news/comments/'.$row['id'].'">Комментарии</a>('.$count_comment.')<br/></small>';
echo '</div></div>';
}
navigation($count,$page_news,$page,'http://'.$set['home'].'/modules/news/',$total);
}
else
{
echo '<h3><center>Новостей в Топ-Рейтинге нет!</center></h3>';
}
break;
case 'comments':
echo '<div class="container" id="page"><h1>Комментарии к новости</h1><hr/>';
$isset_news = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news` WHERE `id` = '".$id."'"));
if($isset_news != 0)
{
if(isset($_POST['ok']))
{
$name = isset($user_data) ? $user_data['login'] : 'Гость';
$comment = htmlspecialchars(trim($_POST['comment']));
$kod = intval($_POST['kod']);
$test = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `name` = '".$name."' AND `text` = '".$comment."' AND `id_news` = '".$id."'"));
if($test == 0)
{
$error = '';
if(empty($comment))
{
$error.='Нет комментария<br/>';
}
if($user_data)
{
if($user_data['antiflud'] + $set['antiflud_time'] > time())
{
$error .= 'Вы писали сообщение меньше чем '.$set['antiflud_time'].' секунд назад! <br/>';
}
}
else
{
if($set['guest_antiflud'] + $set['antiflud_time'] > time())
{
$error .= 'Вы писали сообщение меньше чем '.$set['antiflud_time'].' секунд назад! <br/>';
}
}
if(mb_strlen($comment) > 100)
{
$error.='Комментарий содержит больше 100 символов<br/>';
}
if(!empty($error))
{
echo '<div class="error">';
echo $error;
echo '</div>';
}
else
{
unset($_SESSION['kod']);
$comment = mysql_query("INSERT INTO `".$prefix."news_comments` SET
`name` = '" . mysql_real_escape_string($name) . "',
`text` = '" . mysql_real_escape_string($comment) . "',
`time` = '" . time() ."',
`id_news` = '" . $id ."'");
if($user_data)
{
$update_antiflud = mysql_query("UPDATE `".$prefix."users` SET `antiflud` = '".time()."' WHERE `id` = '".$user_data['id']."'");
}
else
{
$update_antiflud_guest = mysql_query("UPDATE `".$prefix."settings` SET `value` = '".time()."' WHERE `name` = 'guest_antiflud'");
}
if($comment)
{
echo '<div class="main">';
echo 'Комментарий добавлен!<br/>';
echo '</div>';
}
else
{
echo '<div class="error">';
echo 'Комментарий не добавлен!<br/>';
echo '</div>';
}
}
}
}
$count = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$id."'"));
if($count > 0)
{
$total=intval(($count-1)/$page_nc)+1;
$page=abs(intval($_GET['page']));
if(empty($page) OR $page < 0)
{
$page = 1;
}
if($page > $total)
{
$page = $total;
}
$past=intval($count/$page_nc);
$start=$page*$page_nc-$page_nc;
$comments = mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$id."' ORDER BY `time` DESC LIMIT ".$start.",".$page_nc."");
while($row = mysql_fetch_array($comments))
{
$start++;
echo '<div class="main">'.$start.'.<strong>'.$row['name'].' ('.data($row['time']).')</strong></div>';
echo '<div class="title">';
echo $row['text'];
echo '</div>';
}
navigation($count,$page_nc,$page,'http://'.$set['home'].'/modules/news/comments/'.$id.'/',$total);
}
else
{
echo '<h3><center>';
echo 'Комментариев к данной новости нет!<br/>';
echo '</center></h3><hr/>';
}
echo '<h1>Добавление комментария</h1>';
echo '
<form action="http://'.$set['home'].'/modules/news/comments/'.$id.'" method="post">
<label for="comment" class="required">Комментарий(max. 100) <span class="required">*</span></label><br/>
<textarea size="60" maxlength="512" class="form-control" id="comment" name="comment" cols="38" rows="8"> </textarea><br/>
';
echo '<label for="kod" class="required">Код с картинки: <img src="http://'.$set['home'].'/system/cap.php" alt="captcha" /> <span class="required">*</span></label><br/>';
echo '<input size="25" maxlength="25" class="form-control" id="kod" name="kod" type="text" value="" /><br/>';
echo '<div class="form-group buttons"><input class="btn btn-success" name="ok" type="submit" value="Добавить" /></div>
</form>';
}
else
{
echo '<div class="error">';
echo 'Нет такой новости!</br>';
echo '</div>';
}
break;
}
echo'</div>';
require_once ('foot.php');
?>