Файл: modules/lib/comment.php
Строк: 79
<?php
define('R', $_SERVER['DOCUMENT_ROOT']);
define('S', R.'/system');
require_once(R.'/system/kernel.php');
$tmp->header('comments');
$tmp->title('title', Language::config('comments'));
User::panel();
$id=$db->guard($_GET['id']);
$s=$db->fass("select * from `lib_r` where `id` = '".$id."'");
if(User::aut()){
if(!$s){
$tmp->div('error', Language::config('error'));
$tmp->div('menu', '<a href="/lib">'.img('link.png').' '.Language::config('back').'</a>');
$tmp->footer();
exit();
}
$posts=$db->fass_c("SELECT COUNT(*) as count FROM `lib_comments` where `lib_r` = '".$id."'");
$total = intval((($posts-1)/$num)+1);
if(empty($page) or $page<0) $page=1;
if($page>$total) $page=$total;
$start=$page*$num-$num;
$n=$db->query("select * from `lib_comments` where `lib_r` = '".$id."' ORDER BY time DESC LIMIT ".$start.", ".$num."");
$cid = my_int($_GET['cid']);
$p=$db->fass("select * from `lib_comments` where `id` = '".$cid."' ");
if(User::ID() == $p['kto'] || User::level() >=3){
if(isset($_GET['del'])) {
if(!$p){
$tmp->div('error', Language::config('error'));
$tmp->div('menu', '<a href="/lib">'.img('link.png').' '.Language::config('back').'</a>');
$tmp->footer();
exit();
}
if(User::ID() == $p['kto'] || User::level() >=3)
$db->query("DELETE FROM `lib_comments` where `id` ='".$cid."'");
header('location: /lib/comment'.$id);
}
}
if(isset($_REQUEST['submit'])) {
$message = $db->guard($_POST['message']);
if(mb_strlen($_POST['message'], 'UTF-8')<2) $error .= Language::config('error_strlen');
if(!isset($error)) {
$db->query("INSERT INTO `lib_comments` set `kto` = '".User::ID()."', `lib_r` = '".$id."', `message` = '".$message."', `time` = '".time()."' ");
header('location: /lib/comment'.$id);
}
}
error($error);
$tmp->div('main', '<form method="POST" action="">
'.Language::config('message').':<br/>
<textarea name="message">'.out($_POST['message']) .'</textarea><br />
<input type="submit" name="submit" value="'.Language::config('send').'" /></form>');
if(!$posts){
$tmp->div('main', Language::config('no_comments'));
$tmp->div('menu', '<hr><a href="/lib/c/l'.$id.'">'.img('link.png').' '.Language::config('back').'</a>');
} else {
echo '<div class="comments">';
while($lib=$n->fetch_assoc()) {
echo '<hr><div>'.nick_new($lib['kto']).' '.((User::ID() == $lib['kto'] || User::level() >=3) ? ' <a class="de" href="/lib/comment'.$id.'?del&cid='.$lib['id'].'">'.img('delete.png').'</a>' : NULL).'<span class="times">'.times($lib['time']).'</span><br/>'.bb(smile($lib['message'])).'</div>';
}
echo '</div>';
page('?');
$tmp->div('menu', '<hr><a href="/lib/c/l'.$id.'">'.img('link.png').' '.Language::config('back').'</a>');
}
} else {
header('location: /');
}
$tmp->footer();
?>