Файл: public_html/modules/forum/theme.php
Строк: 104
<?php
$root = $_SERVER['DOCUMENT_ROOT'];
include_once ($root.'/core/base.php');
include_once ($_SERVER['DOCUMENT_ROOT'].'/core/antimat.class.php');
falseauth();
$section = fl($_GET['section']);
$theme_id = fl($_GET['theme']);
$theme = $db->query("SELECT * FROM `forum_themes` WHERE `id` = '".$theme_id."'")->fetch_object();
$header = $theme->name;
include_once ($root.'/core/head.php');
if(isset($_GET['addcomment']))
{
$text = fl($_POST['text']);
$ban = $base -> query("SELECT * FROM `ban` WHERE `id_user` = '".$u['id']."' AND `time_ban` > '".time()."' ORDER BY `id` DESC LIMIT 1");
if($ban->num_rows > 0) redirect('/', 'Вы заткнуты!');
$replySend = isset($_GET['reply']) ? fl($_GET['reply']) : 0;
if($replySend != 0 && $replySend != $u['id'])
{
$notText = '<a href="/forum/'.$section.'/theme'.$theme_id.'">'.name($u['id']).' ответил вам на форуме в теме "'.$theme->name.'"!</a>';
$db->query("INSERT INTO `notifications` (user, text, time) VALUES ('".$replySend."', '".$notText."', '".time()."')");
}
if($u['save'] == 1) $db->query("INSERT INTO `forum_posts` (`text`,`author`,`time`,`theme_id`) VALUES ('".$text."', '".$u['id']."', '".time()."', '".$theme_id."')");
header("Location: /forum/".$section."/theme".$theme_id);
exit;
}
if(isset($_GET['close']))
{
if($u['id'] != $theme->author && $u['admin'] == 0) redirect('/forum/'.$section.'/theme'.$theme_id);
if($theme->opened == 0) redirect('/forum/'.$section.'/theme'.$theme_id);
$db->query("UPDATE `forum_themes` SET `opened` = '0' WHERE `id` = '".$theme_id."'");
redirect('/forum/'.$section.'/theme'.$theme_id);
}
if(isset($_GET['open']))
{
if($u['id'] != $theme->author && $u['admin'] == 0) redirect('/forum/'.$section.'/theme'.$theme_id);
if($theme->opened == 1) redirect('/forum/'.$section.'/theme'.$theme_id);
$db->query("UPDATE `forum_themes` SET `opened` = '1' WHERE `id` = '".$theme_id."'");
redirect('/forum/'.$section.'/theme'.$theme_id);
}
if(isset($_GET['delete'])) {
if($u['id'] != $theme->author && $u['admin'] == 0) redirect('/forum/'.$section.'/theme'.$theme_id);
$db -> query("DELETE FROM `forum_themes` WHERE `id` = '".$theme_id."'");
$db -> query("DELETE FROM `forum_posts` WHERE `theme_id` = '".$theme_id."'");
redirect('/forum/'.$section.'/', 'Тема удалена!');
}
if(isset($_GET['del'])) {
$post = fl($_GET['del']);
if($u['admin'] == 0) redirect('/forum/'.$section.'/theme'.$theme_id);
$db -> query("DELETE FROM `forum_posts` WHERE `id` = '".$post."'");
redirect('/forum/'.$section.'/theme'.$theme_id, 'Пост удалён!');
}
$reply = isset($_GET['reply']) ? fl($_GET['reply']) : 0;
if($reply != 0) $replyText = name($reply,1);
else $replyText = null;
echo '<div class = "b"> <img src="/images/users.png" width="35px"> '.who($theme->author).' <small> '.date('d.m.y в H:i:s', $theme->time).' </small>
<br>'.setTextColor($theme->author, viewText($theme->text, 1, 1)).' <br><br>
<center>'.($theme->author != $u['id'] ? '<a href="/forum/'.$section.'/theme'.$theme_id.'/reply/'.$theme->author.'"><img src="/images/otv.png" width="30px"> Ответить</a>' : '').'</center>
</div>';
$count = $db -> query("SELECT * FROM `forum_posts` WHERE `theme_id` = '".$theme_id."' ORDER BY `time` ASC") -> num_rows;
$k_page = k_page($count,10);
$page = page($k_page);
$start = 10*$page-10;
$sql = $db -> query("SELECT * FROM `forum_posts` WHERE `theme_id` = '".$theme_id."' ORDER BY `time` ASC LIMIT $start, 10");
echo '<div class = "notice_container"><div class = "gborder notice_alert alert-success">Комментариев: '.$count.'</div></div>';
echo '<div class="b">';
while($q = $sql->fetch_object())
{
if($q->author == $u['id']) $div = "mail-chat2";
else $div = "mail-chat3";
$delmsg = '<a href="?del='.$q->id.'">[x]</a>';
echo '<dl class = "'.$div.'">
<span style="float: left;"> '.($q->author != $u['id'] ? '<a href="/forum/'.$section.'/theme'.$theme_id.'/reply/'.$q->author.'"><img src="/images/otv.png" width="30px"></a>' : '').' '.($u['admin'] > 0 ? $delmsg : '').'</span>
<img src="/images/users.png" width="35px"> '.who($q->author).' <small> '.date('d.m.y в H:i:s', $q->time).'<br>'
.setTextColor($q->author, viewText($q->text, 1, 1)).'</small><br></dl>';
}
echo '</div>';
if($count >= 10) echo str('/forum/'.$section.'/theme'.$theme_id.'?',$k_page,$page);
if($theme->opened == 1 && $u['save'] == 1)
{
echo '<div class = "b"><center><form action="/forum/'.$section.'/theme'.$theme_id.'/addComment/reply/'.$reply.'" method="post">
Текст комментария:<br>
<textarea name="text" required>'.$replyText.'</textarea></a><br>
<center><input type="submit" name="addcomment" value="Отправить">
</form> </center></div>';
}
elseif($theme->opened == 0)
{
echo '<div class="b"><center><font color="red">Тема закрыта!</font></center></div>';
}
else
{
echo '<div class="b"><center>Вы не сохранены!</center></div>';
}
if(($u['id'] == $theme->author OR $u['admin'] > 0) && $theme->opened == 1) echo '<a class="link" href="?close">Закрыть тему</a>';
if(($u['id'] == $theme->author OR $u['admin'] > 0) && $theme->opened == 0) echo '<a class="link" href="?open">Открыть тему</a>';
if($u['id'] == $theme->author OR $u['admin'] > 0) echo '<a class="link" href="?delete">Удалить тему</a>';
if($u['id'] == $theme->author OR $u['admin'] > 0) echo '<a class="link" href="/forum/'.$section.'/theme'.$theme_id.'/edit">Редактировать тему</a>';
include_once ($root.'/core/foot.php');