Файл: news/post/index.php
Строк: 220
<?
include_once '../../core/system.php';
echo only_reg();
echo ban();
$avo = mysql_result(mysql_query("SELECT * FROM `news` WHERE `id` = '".intval($_GET['id'])."'"),0);
$news = mysql_fetch_array(mysql_query("SELECT * FROM `news` WHERE `id` = '".intval($_GET['id'])."'"));
if($avo==0){
$_SESSION['err'] = "Нет такой новости!";
header('Location: /news/');
exit();
}
if($user['prava'] >= 2){
if(isset($_GET['kommd'])){
mysql_query("DELETE FROM `news_kom` where `id` = '".abs(intval($_GET['kommd']))."'");
}
}
if($user['prava'] >= 4){
if(isset($_GET['deln'])){
mysql_query("DELETE FROM `news` where `id` = '".abs(intval($_GET['deln']))."'");
header('Location: ?');
$_SESSION['message'] = 'Новость удалена!';
}
if(isset($_GET['zakr'])){
mysql_query("UPDATE `news` set `status`='1' where `id` = '".abs(intval($_GET['zakr']))."'");
header('Location: ?');
$_SESSION['message'] = 'Новость закрыта!';
}
if(isset($_GET['otkr'])){
mysql_query("UPDATE `news` set `status`='0' where `id` = '".abs(intval($_GET['otkr']))."'");
header('Location: ?');
$_SESSION['message'] = 'Новость открыта!';
}
}
if (isset($user) && isset($_GET['news_read']))
{
mysql_query("update `user` set `news_read` = '0' where `id` = '$user[id]'");
}
$header = $news['title'] ;
include_once '../../core/head.php';
if($user['prava'] >= 2){
if(isset($_GET['postd'])){
mysql_query("DELETE FROM `news_kom` where `id` = '".abs(intval($_GET['postd']))."'");
}
}
$news = mysql_fetch_array(mysql_query("SELECT * FROM `news` WHERE `id` = '".intval($_GET['id'])."'"));
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".$news['id_user']."'"));
$viewed = mysql_fetch_assoc(mysql_query("SELECT * FROM `news_v` WHERE `us` = '".$user['id']."' and `id_new` = '".intval($_GET['id'])."'"));
if($viewed == 0){
mysql_query("INSERT INTO `news_v` SET
`us` = '".$user['id']."',
`id_new` = '".intval($_GET['id'])."',
`time` = '".time()."'
");
}
echo"<div class='player'> <div class='empty'></div> ";
echo online($ank['id']);
if($ank['prava']=="5"){$status="<font color='ffc22b'>[A]</font>";$color="#F7990D";}
if($ank['prava']=="4"){$status="<font color='ffc22b'>[a]</font>";$color="EBC621";}
if($ank['prava']=="3"){$status="<font color='ffc22b'>[M]</font>";}
if($ank['prava']=="3"){$status="<font color='ffc22b'>[m]</font>";}
$news = mysql_fetch_array(mysql_query("SELECT * FROM `news` WHERE `id` = '".intval($_GET['id'])."'"));
echo'<a href="/user/'.$news['id_user'].'/"><font color="'.$ank['font'].'"> '.$ank['nick'].'</font></a>';
if($ank['prava']>"1"){echo" $status ";}
echo ' <font color="grey">'.vremja($news['time']).'</font>';
if($user['prava']>=4)echo' <a href="/news/amend?id='.intval($_GET['id']).'">[Изменить]</a> ';
if($user['prava']>=4 and $news['status']==0)echo' <a href="?zakr='.intval($_GET['id']).'">[Закрыть]</a> | <a href="?deln=' . intval($_GET['id']) . '">Удалить]</a>';
if($user['prava']>=4 and $news['status']==1)echo' <a href="?otkr='.intval($_GET['id']).'">[Открыть]</a> | <a href="?deln=' . intval($_GET['id']) . '">[Удалить]</a> ';
echo "<div class='empty'></div><div class='forum-text'><font color='FF8C00'>".smiles(antimat($news['msg']))."</font></div><div class='empty2'></div>";
$views = mysql_result(mysql_query("SELECT COUNT(*) FROM `news_v` WHERE `id_new` = '".intval($_GET['id'])."'"),0);
//Комментарии
if(isset($_POST['msg'])){
$msg = check($_POST['msg']);
$lelfi = $_SERVER['REQUEST_TIME'] - 15;
$elfilox = mysql_result(mysql_query("SELECT COUNT(id) FROM `news_kom` WHERE `msg` = '".$msg."' and `id_user` = '".$user['id']."' and `time`>".$lelfi.""),0);
if($elfilox > 0 ) {
$err = 'Сообщение повторяет предыдущее!';
header('Location: /forum/ ');
}
if(strlen($msg) < 2 or strlen($msg) > 400) $err = 'Длина сообщения должна быть в пределах от 2 до 400 символов';
if(!isset($err)) {
mysql_query("INSERT INTO `news_kom` SET `id_user` = '$user[id]', `id_news` = '$news[id]', `msg` = '$msg', `time` = '".time()."'");
header("Location: ?id=$news[id]");
exit();
}else{
header("Location: ?id=$news[id]");
$_SESSION['err'] = $err;
exit();
}
}
$k_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `news_kom` WHERE `id_news` = '".intval($_GET['id'])."'"),0);
$k_page = k_page($k_post,10);
$page = page($k_page);
$start = 10*$page-10;
$q = mysql_query("SELECT * FROM `news_kom` WHERE `id_news` = '".intval($_GET['id'])."' ORDER BY `id` ASC LIMIT $start, 10");
echo'<div class="empty"></div><font color="DFD137">
Всего комментариев (<span>'.$k_post.'</span>)
</font><br />
<font color="DFD137">Просмотров (<span>'.$views.'<span>)
</font>
</div><hr>';
while($post = mysql_fetch_array($q)) {
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]'"));
$req = mysql_query("SELECT * from `ban` where `id_us` = '$ank[id]' and `time`>'".time()."'");
$ban = mysql_fetch_array($req);
$avto = mysql_num_rows($req);
if($avto > 0){
echo"<div class='player'>";
echo online($ank['id']);
echo " <a href='/user/$ank[id]/'><font color='$ank[font]'>$ank[nick]</font></a>";
if($ank['nick']!="$user[nick]"){echo "<a href='?comm=$ank[id]&page=end'> (+)</a>";}
echo '<span class="mit">'.vremja($post['time']).'</span>';
if ($user['prava'] >= 4){echo' <a href="?postd='.$post['id'].'">[X]</a>';}
echo'</br> ';
echo"</div>";echo "<hr>";
echo "</div>";
}else{
if($ank['prava']=="5"){$status="<font color='ffc22b'>[A]</font>";$color="#F7990D";}
if($ank['prava']=="4"){$status="<font color='ffc22b'>[a]</font>";$color="EBC621";}
if($ank['prava']=="3"){$status="<font color='ffc22b'>[M]</font>";}
if($ank['prava']=="2"){$status="<font color='ffc22b'>[m]</font>";}
echo"<div class='player'>";
echo online($ank['id']);
echo " <a href='/user/$ank[id]/'><font color='$ank[font]'>$ank[nick]</font></a>";
if($ank['prava']>"1"){echo" $status";}
if($ank['nick']!="$user[nick]"){echo "<a href='/news/post/$news[id]/?comm=$ank[id]&page=end'> (+)</a>";}
echo '<span class="mit">'.vremja($post['time']).'</span>';
if ($user['prava'] >= 4){echo' <a href="?kommd='.$post['id'].'">[X]</a>';}
if ( preg_match('/'.$user['nick'].'/i', $post['msg']) )
{
$to = ["".$user['nick']."," =>'<font color="#EBCA46">'.$user['nick'].', </font>'];
$post['msg'] = strtr($post['msg'], $to);
}
if($ank['prava']>"3"){echo'</br><div class="forum-text"><font color="'.$color.'">'.smiles(antimat($post['msg'])).'</font></div> ';
} else {
echo'</br>'.smiles(antimat($post['msg'])).' ';
}
echo"</div><hr>";
}
}
echo "</div>";
if($news['status']==0){
$req = mysql_query("SELECT * from `ban` where `id_us` = '$user[id]' and `time`>'".time()."'");
$ban = mysql_fetch_array($req);
$avto = mysql_num_rows($req);
if($avto == 0){
if(isset($_GET['comm'])) {
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".abs(intval($_GET['comm']))."'"));
echo '<div class="head"><div class="empty2"></div>Введите комментарий: <div class="empty2"></div><form method="post" action="/news/post/'.$news['id'].'/">
<input class="chat-area" value="'.$ank['nick'].', " name="msg" />
<input type="submit" class="inpc-ar form-submit" value="Отправить"></span>
</form></div>';
}else{
echo '<div class="head"><div class="empty2"></div>Введите комментарий: <div class="empty2"></div><form method="post"action="/news/post/'.$news['id'].'/">
<input rows="3" class="chat-area" name="msg">
<input type="submit" class="inpc-ar form-submit" value="Отправить"></span>
</form></div>';
}
}
}else{echo"<div class='head grey center'><div class='empty2'></div>Вы не можете оставить комментарий. Новость закрыта!<div class='empty2'></div></div>";}
if ($k_page>1)echo"<hr>";
if ($k_page>1)str('?&',$k_page,$page);
echo "<empty>";
echo "<hr>";
echo "<div class='foot'><a href='/news/'><img src='/images/icon/reload.png'> Новости</a>
<span class='float-right'><a href='/moduls/smiles'><img src='/images/icon/smiley.png'> Смайлики</a></span></div>";
include_once '../../core/foot.php';
?>