Файл: modules/forum/topic.php
Строк: 196
<?php
define('R', $_SERVER['DOCUMENT_ROOT']);
define('S', R.'/system');
require_once(R.'/system/kernel.php');
$tmp->header('forum');
$id=$db->guard($_GET['id']);
$p=$db->fass("select * from `forum_topic` where `id` = '".$id."' LIMIT 1");
$s=$db->fass("select * from `forum_section` where `id` = '".$p['section']."' LIMIT 1");
$r=$db->fass("select * from `forum_razdel` where `id` = '".$p['razdel']."' LIMIT 1");
$tmp->title('title', $r['name'].' / '.$s['name']. ' / '.$p['name'] . ((($p['kto'] == User::ID() || User::level() >= 2) && User::aut()) ? ($p['is_close_topic'] == 0 ? '<a href="/forum/topic'.$id.'?close">'.img('t_close.png').'</a>' : '<a href="/forum/topic'.$id.'?open">'.img('t_open.png').'</a>') : NULL));
User::panel();
if(!$p){
$tmp->div('error', Language::config('no_topic'));
$tmp->div('menu', '<a href="/">'.img('link.png').' '.Language::config('home').'</a>');
$tmp->footer();
exit();
}
$posts=$db->fass_c("SELECT COUNT(*) as count FROM `forum_message` where `topic` = '".$id."'");
$total = (($posts-1)/$num)+1;
$total = intval($total);
$page = intval($page);
if(empty($page) or $page<0) $page=1;
if($page>$total) $page=$total;
$start=$page*$num-$num;
if(User::aut()){
if($p['kto'] == User::ID() || User::level() >= 2){
if(isset($_GET['close'])){
$db->query("update `forum_topic` set `is_close_topic` = '1' where `id` = '".$id."' ");
$db->query("insert into `forum_message` set `razdel` = '".$p['razdel']."', `section` = '".$p['section']."', `topic` = '".$id."', `kto` = '".User::ID()."', `message` = 'Тема закрыта!', `time` = '".time()."' ");
header('location: /forum/topic'.$id);
}
if(isset($_GET['open'])){
$db->query("update `forum_topic` set `is_close_topic` = '0' where `id` = '".$id."' ");
$db->query("insert into `forum_message` set `razdel` = '".$p['razdel']."', `section` = '".$p['section']."', `topic` = '".$id."', `kto` = '".User::ID()."', `message` = 'Тема открыта!', `time` = '".time()."' ");
header('location: /forum/topic'.$id);
}
}
if(User::level() >= 2){
if(isset($_GET['edit'])){
if($p['is_close_topic'] != 1){
if(isset($_REQUEST['submit'])){
$name = $db->guard($_POST['name']);
if(empty($_POST['name']) || mb_strlen($_POST['name'], 'UTF-8')<2) $error .= Language::config('error_strlen');
if(!isset($error)){
if($p['is_close_topic'] != 1)
$db->query("update `forum_topic` set `name` = '".$name."' where `id` = '".$id."' ");
header('location: /forum/topic'.$id);
}
}
error($error);
$tmp->div('main', '<form method="POST" action="">
'.Language::config('name').': <br/>
<input type="text" name="name" value="'.$p['name'].'" /><br/>
<input type="submit" name="submit" value="'.Language::config('save').'" /></form>');
} else {
header('location: /forum/topic'.$id);
}
}
if(isset($_GET['del'])){
if(isset($_GET['yes'])){
$db->query("DELETE FROM `forum_topic` where `id` = '".$id."'");
header('location: /forum/'.$p['razdel'].'/'.$p['section']);
}
$tmp->del_sure($p['name'], 'del&yes');
$tmp->footer();
exit();
}
}
if(User::level() >= 3){
if(isset($_GET['top'])){
$db->query("update `forum_topic` set `is_top_topic` = '1' where `id` = '".$id."' ");
$db->query("insert into `forum_message` set `razdel` = '".$p['razdel']."', `section` = '".$p['section']."', `topic` = '".$id."', `kto` = '".User::ID()."', `message` = 'Тема закреплена!', `time` = '".time()."' ");
header('location: /forum/topic'.$id);
}
if(isset($_GET['notop'])){
$db->query("update `forum_topic` set `is_top_topic` = '0' where `id` = '".$id."' ");
$db->query("insert into `forum_message` set `razdel` = '".$p['razdel']."', `section` = '".$p['section']."', `topic` = '".$id."', `kto` = '".User::ID()."', `message` = 'Тема откреплена!', `time` = '".time()."' ");
header('location: /forum/topic'.$id);
}
}
if(isset($_REQUEST['submit'])){
$message = $db->guard($_POST['messages']);
$ant=$db->fass("SELECT * FROM `forum_message` where `kto` = '".User::ID()."' and `message` = '".$message."' and `time` > '".(time() - 3)."' limit 1");
if($ant) $error .= Language::config('error');
if(empty($message) || mb_strlen($_POST['messages'], 'UTF-8')<2) $error .= Language::config('error_strlen');
$filename = $db->guard($_FILES['file']['name']);
if (!empty($filename)) {
$whitelist = array('jpg','gif','png','jpeg', 'bmp','zip','rar','mp4','mp3','amr','3gp','avi','flv','apk');
$maxsize = 10;
$dir = R.'/files/forum';
$ext = strtolower(strrchr($filename, '.'));
$size = $_FILES['file']['size'];
if (!in_array(substr($ext, 1), $whitelist)) $error .= Language::config('error_ext').'<br />';
if ($size > (1048576 * $maxsize)) $error .= Language::config('max_size_zc').'. [Max. '.$maxsize.'mb.]<br />';
$file = rand(1,999).'_NOMICMS_'.rand(1,999). $ext;
}
if(!isset($error)){
if($p['is_close_topic'] != 1){
$db->query("insert into `forum_message` set `razdel` = '".$p['razdel']."', `section` = '".$p['section']."', `topic` = '".$id."', `kto` = '".User::ID()."', `message` = '".$message."', `time` = '".time()."' ");
$lid=$db->insert_id();
if(!empty($filename)){
copy($_FILES['file']['tmp_name'], $dir . '/' . $file );
$db->query("insert into `forum_file` set `kto` = '".User::ID()."', `post_id` = '".$lid."', `thema` = '".$id."', `name` = '".$file."' ");
}
$fc=$db->fass_c("SELECT COUNT(*) as count FROM `forum_message` where `topic` = '".$id."' ");
if ($fc > $num) {
$pg = ceil($fc / $num);
$st = '?page='.$pg;
}else{
$st = '';
}
$db->query("update `forum_topic` set `last_message_time` = '".time()."' where `id` = '".$id."' ");
$db->query("UPDATE `users` set `money` = money + 5 where `id` = '".User::ID()."' ");
}
header('location: /forum/topic'.$id.$st);
}
}
}
if(User::level() >= 2) {
$tmp->div('adm_menu flex', '<a title="'.Language::config('edit_blog').'" href="/forum/topic'.$id.'?edit">'.img('t_edit.png').'</a> '.(($p['is_top_topic'] == 0) ? '<a title="'.Language::config('top').'" href="/forum/topic'.$id.'?top">'.img('t_pin.png').'</a>' : '<a title="'.Language::config('no_top').'" href="/forum/topic'.$id.'?notop">'.img('t_unpin.png').'</a>'). ' <a title="'.Language::config('move').'" href="/forum/movep'.$id.'">'.img('t_move.png').'</a> <a title="'.Language::config('delet').'" href="/forum/topic'.$id.'?del">'.img('t_del.png').'</a>');
}
if(!$posts){
$tmp->div('main', Language::config('no_messages'));
$tmp->div('menu', '<hr><a href="/forum/'.$p['razdel'].'/'.$p['section'].'">'.img('link.png').' '.Language::config('back').'</a>');
$tmp->footer();
exit();
}
$f=$db->query("SELECT * FROM `forum_message` where `topic` = '".$id."' ORDER BY time ASC LIMIT ".$start.", ".$num." ");
echo '<div class="messages">';
while($fo=$f->fetch_assoc()){
echo '<hr><div>'.nick_new($fo['kto']).' '.((User::aut() && $p['is_close_topic'] != 1 && ($fo['kto'] == User::ID() || User::level() >=3)) ? (($fo['time'] + 60 < time() && User::level() <= 2) ? NULL : '<a class="mkey" href="/forum/topic'.$id.'/edit_post'.$fo['id'].'">'.img('ed.png').'</a>') .(User::level() >=3 ? '<a class="de" href="/forum/topic'.$id.'/delete'.$fo['id'].'">'.img('delete.png').'</a>' : NULL) : NULL).'<span class="times">'. times($fo['time']).'</span>';
echo ((User::aut() && $fo['kto'] != User::ID() && $p['is_close_topic'] != 1) ? ' <a class="answer" href="/forum/topic'.$id.'/replay'.$fo['id'].'">'.img('answer.png').'</a> <a class="answer" href="/forum/topic'.$id.'/quote'.$fo['id'].'">'.img('cit.png').'</a>' : NULL );
echo ($fo['quote'] ? '<div class="cit"><span class="rep">'.$fo['user_quote'].'</span> '.bb(smile(mb_strimwidth($fo['quote'], 0, 140, "..."))).'</div>'.bb(smile($fo['message'])) : '<br>'.bb(smile($fo['message'])));
$filec = $db->n_r("select id from `forum_file` where `post_id` = '".$fo['id']."' limit 1");
if($filec){
$file = $db->query("select * from `forum_file` where `post_id` = '".$fo['id']."'");
echo '<div class="files">';
while($files = $file->fetch_assoc()){
if($files['post_id'] == $fo['id'])
echo '<a href="/files/forum/'.$files['name'].'">'.img('down_s.png').' '.$files['name'].' | '.format_filesize(R.'/files/forum/'.$files['name']).'</a><br>';
}
echo '</div>';
}
echo '</div>';
}
echo '</div>';
if(User::aut()){
if($p['is_close_topic'] != 1){
error($error);
bbcode();
echo '<div class="main"><form method="POST" name = "message" action="" enctype="multipart/form-data">
'.Language::config('message').':<br/>
<textarea name="messages"></textarea><br />
<input name="file" type="file" id="file" onchange="uploadFile(this)">
<label id="select_file" for="file">'.img('file.png').'<label id="file-name" for="file">Выбрать файл</label></label><br />
<input type="submit" name="submit" value="'.Language::config('send').'" /></form></div>';
}
}
page('?');
$tmp->div('menu bm flex', '<a href="/forum/'.$p['razdel'].'/'.$p['section'].'">'.img('link.png').' '.Language::config('back').'</a><a href="/">'.img('link.png').' '.Language::config('home').'</a>');
$tmp->footer();
?>