Файл: forum.php
Строк: 227
<?php
require_once ('system/func.php');
auth(); // Закроем от не авторизованных
## Топик ##
$topic = abs(intval($_GET['topic']));
if($topic){
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `topic` WHERE `id` = '".$topic."'"));
# Ошибки #
if(!$topic){
$_SESSION['msg'] == 'Такой топик не существует';
header('Location: /forum/');
exit();
}
if(isset($_GET['delete_post']) and $user['access'] > 0){
mysql_query("DELETE FROM `topic_msg` WHERE `id` = '".num($_GET['delete_post'])."'");
$_SESSION['msg'] = 'Пост удален';
header('Location: ?');
exit();
}
if(isset($_GET['delete']) and $user['access'] > 0){
$title = 'Удалить топ?';
require_once ('system/header.php');
echo "<div class='block2'>";
echo "<li><a href='?delete_ok'>Да, удалить</a></li>";
echo "<li><a href='?'>Нет, отмена</a></li>";
echo "</div>";
require_once ('system/footer.php');
break;
}
if(isset($_GET['delete_ok']) and $user['access'] > 0){
mysql_query("DELETE FROM `topic` WHERE `id` = '".$topic[id]."'");
$_SESSION['msg'] = 'Топик удален';
header("Location: /forum/$topic[id_forum]");
exit();
}
if(isset($_GET['close']) and $user['access'] > 0){
mysql_query("UPDATE `topic` SET `close` = '1' WHERE `id` = '$topic[id]'");
$_SESSION['msg'] = "Топик успешно закрыт";
header("Location: ?");
exit();
}
if(isset($_GET['no_close']) and $user['access'] > 0){
mysql_query("UPDATE `topic` SET `close` = '0' WHERE `id` = '$topic[id]'");
$_SESSION['msg'] = "Топик успешно открыт";
header("Location: ?");
exit();
}
if(isset($_GET['top']) and $user['access'] > 0){
mysql_query("UPDATE `topic` SET `top` = '1' WHERE `id` = '$topic[id]'");
$_SESSION['msg'] = "Топик успешно закреплен";
header("Location: ?");
exit();
}
if(isset($_GET['no_top']) and $user['access'] > 0){
mysql_query("UPDATE `topic` SET `top` = '0' WHERE `id` = '$topic[id]'");
$_SESSION['msg'] = "Топик успешно откреплен";
header("Location: ?");
exit();
}
if(isset($_GET['text'])){
if(isset($_POST['text'])){
$id = num($_GET['text']);
$text = text($_POST['text']);
$text2 = "Вам ответили на [url=/forum/sub/$topic[id]?page=end]форуме[/url]";
$ban = mysql_query('SELECT * FROM `ban` WHERE `id_user` = "'.$myID.'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban = mysql_fetch_array($ban);
if(strlen($text) < 3 or strlen($text) > 5000)$err = 'Длина сообщения должна быть в пределах 3 - 5000 символов';
if($ban)$err = "На вас наложен бан осталось ".tl($ban['last']-time());
$ban_ip = mysql_query('SELECT * FROM `ban` WHERE `ip` = "'.$user['ip'].'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban_ip = mysql_fetch_array($ban_ip);
if($ban_ip)$err = "Ваш IP совпадает с нарушителем!<br>Осталось: ".tl($ban_ip['last']-time());
if(!isset($err)){
mysql_query("INSERT INTO `topic_msg` SET `id_topic` = '$topic[id]', `id_user` = '".$myID."', `text` = '$text' , `time` = '".time()."'");
mysql_query("UPDATE `topic` SET `onlick` = '".time()."' WHERE `id` = '$topic[id]'");
mysql_query("INSERT INTO `mail` SET `in` = '0', `out` = '".$id."', `text` = '$text2' , `time` = '".time()."'");
$kont = mysql_fetch_assoc(mysql_query("SELECT * FROM `kont` WHERE `id_user` = '".$id."' && `id_kont` = '0' LIMIT 1"));
if(!$kont){
mysql_query("INSERT INTO `kont` SET `id_user` = '".$id."', `id_kont` = '0', `time` = '".time()."'");
}else{
mysql_query("update `kont` set `time` = '".time()."' WHERE `id_user` = '".$id."' AND `id_kont` = '0'");
}
$_SESSION['msg'] = 'Комментарий успешно добавлен';
header('Location: ?');
exit();
}else{
$_SESSION['msg'] = $err;
header('Location: ?page=end');
exit();
}
}else{
$_SESSION['msg'] = 'Введите текст';
header('Location: ?page=end');
exit();
}
}
if(isset($_GET['sett_topic_post'])){
if(isset($_POST['text']) && isset($_POST['name'])){
$text = text($_POST['text']);
$name = text($_POST['name']);
if(strlen($text) < 3 or strlen($text) > 5000)$err = 'Длина сообщения должна быть в пределах 3 - 5000 символов';
if(strlen($name) < 3 or strlen($name) > 40)$err = 'Длина названия должна быть в пределах 3 - 40 символов';
if(!isset($err)){
mysql_query("UPDATE `topic` SET `text` = '$text', `sett_user` = '".$myID."', `sett_time` = '".time()."', `name` = '$name' WHERE `id` = '$topic[id]'");
$_SESSION['msg'] = 'Топик успешно изменен';
header('Location: ?');
exit();
}else{
$_SESSION['msg'] = $err;
header('Location: ?');
exit();
}
}else{
$_SESSION['msg'] = 'Заполните поля';
header('Location: ?');
exit();
}
}
$title = 'Форум - '.$topic['name'];
require_once ('system/header.php');
if($user['access'] > 0 or $myID == $topic['id_user']){
if(isset($_GET['sett_topic'])){
echo "<div class='block center'>";
echo '<form name="text" method="post" action="?sett_topic_post">';
echo "<input type='text' name='name' placeholder='Введите название...' value='$topic[name]'><br>";
echo '<textarea name="text" placeholder="Введите сообщение..." maxlength="5000">'.$topic['text'].'</textarea><br>';
echo '<input class="btn" type="submit" value="Изменить"><a href="?">Отмена</a>';
echo "</form>";
echo "</div>";
require_once ('system/footer.php');
break;
}
}
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $topic[id_user] LIMIT 1"));
$sett = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $topic[sett_user] LIMIT 1"));
echo "<div class='block'>";
echo icons_user($ank[id])." <a href='/profile/$ank[id]'>$ank[login]</a>, ".vremja($topic['time'])."<br>".text_msg($topic['text']);
if($topic[sett_user] >= 1)echo "<div class='small grey'> Отредактировано ".vremja($topic['sett_time'])." - <a href='/profile/$sett[id]'>$sett[login]</a></div>";
echo "</div>";
if($user['access'] > 0 or $myID == $topic['id_user']){
echo "<div class='block2'>";
echo "<li><a href='?sett_topic'>".ico('icons','arrow.png')."Редактировать</a></li>";
if($topic['close'] == 0 and $user['access'] > 0)echo "<li><a href='?close'>".ico('icons','arrow.png')."Закрыть</a></li>";
if($topic['close'] == 1 and $user['access'] > 0)echo "<li><a href='?no_close'>".ico('icons','arrow.png')."Открыть</a></li>";
if($topic['top'] == 0 and $user['access'] > 0)echo "<li><a href='?top'>".ico('icons','arrow.png')."Прикрепить</a></li>";
if($topic['top'] == 1 and $user['access'] > 0)echo "<li><a href='?no_top'>".ico('icons','arrow.png')."Открепить</a></li>";
if($user['access'] > 0)echo "<li><a href='?delete'>".ico('icons','arrow.png')."Удалить топ</a></li>";
echo "</div>";
}
$set['p_str'] = 10;
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `topic_msg` WHERE `id_topic` = '$topic[id]'"),0);
echo "<div class='block'><b>Комментарии [$k_post]</b></div>";
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
$q = mysql_query("SELECT * FROM `topic_msg` WHERE `id_topic` = '$topic[id]' ORDER BY `id` ASC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)){
echo "<div class='block'>";
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = $post[id_user] LIMIT 1"));
echo icons_user($ank[id])." <a href='/profile/$ank[id]' >$ank[login]</a>, ".vremja($post['time'])." ";
if($ank[id] != $myID and $topic[close] == 0)echo "<a href='?to=$ank[id]&page=end'>[Отв]</a>";
echo "<br>".text_msg($post['text']);
if($user[access] > 0)echo " <a href='?delete_post=$post[id]'><font color='red'>[×]</font></a>";
echo "</div>";
}
echo "<div class='block'>";
str('?',$k_page,$page); // Вывод страниц
echo "</div>";
echo "<div class='block center'>";
if($user['level'] >= 10){
if($topic['close'] == 0){
if(isset($_GET[to])){
$opponent = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".num($_GET['to'])."' LIMIT 1"));
echo '<form name="text" method="post" action="?text='.$_GET['to'].'">';
echo '<textarea name="text" maxlength="5000">'.$opponent[login].', </textarea><br>';
if($user[level] >= 9)echo '<input class="btn" type="submit" value="Ответить">';
echo "</form>";
}else{
echo '<form name="text" method="post" action="?text">';
echo '<textarea name="text" placeholder="Введите сообщение..." maxlength="5000"></textarea><br>';
echo '<input class="btn" type="submit" value="Отправить">';
echo "</form>";
}
}else{
echo "<font color='red'>Топик закрыт...</font>";
}
}else{
echo "<font color='grey'>Писать на форуме можно только с ".ico('icons','level.png')." 10 уровня!</font>";
}
echo "</div>";
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum` WHERE `id` = '".$topic[id_forum]."'"));
echo "<div class='block'>".ico('icons','topic.png')." <a href='/forum/$forum[id]'>$forum[name]</a> | $topic[name]</div>";
}else{
## Раздел ##
$id = abs(intval($_GET['id']));
if($id){
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum` WHERE `id` = '".$id."'"));
# Ошибки #
if(!$forum){
$_SESSION['msg'] == 'Такой раздел не существует';
header('Location: /forum/');
exit();
}
if(isset($_GET['new_topic_post'])){
if(isset($_POST['name']) && isset($_POST['text'])){
$name = text($_POST['name']);
$text = text($_POST['text']);
$ban = mysql_query('SELECT * FROM `ban` WHERE `id_user` = "'.$myID.'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban = mysql_fetch_array($ban);
if(strlen($name) < 3 or strlen($name) > 40)$err = 'Длина названия должна быть в пределах 3 - 40 символов';
if(strlen($text) < 3 or strlen($text) > 5000)$err = 'Длина сообщения должна быть в пределах 3 - 5000 символов';
if($ban)$err = "На вас наложен бан, осталось ".tl($ban['last']-time());
$ban_ip = mysql_query('SELECT * FROM `ban` WHERE `ip` = "'.$user['ip'].'" AND `last` > "'.time().'" ORDER BY `id` DESC LIMIT 1');
$ban_ip = mysql_fetch_array($ban_ip);
if($ban_ip)$err = "Ваш IP совпадает с нарушителем!<br>Осталось: ".tl($ban_ip['last']-time());
if(!isset($err)){
if($forum['id'] == 1)mysql_query("UPDATE users SET news_read = '1'");
mysql_query("INSERT INTO `topic` SET `id_forum` = '$forum[id]', `id_user` = '".$myID."', `name` = '$name', `text` = '$text', `time` = '".time()."', `onlick` = '".time()."'");
$_SESSION['msg'] = 'Топик успешно создан';
header('Location: ?');
exit();
}else{
$_SESSION['msg'] = $err;
header('Location: ?new_topic');
exit();
}
}else{
$_SESSION['msg'] = 'Заполните поля';
header('Location: ?new_topic');
exit();
}
}
$title = 'Форум - '.$forum['name'];
require_once ('system/header.php');
if(isset($_GET['new_topic']) and $user['access'] >= $forum['access']){
echo "<div class='block center'>";
if($user['level'] >= 10){
echo '<form name="text" method="post" action="?new_topic_post">';
echo "<input type='text' name='name' placeholder='Введите название...'><br>";
echo '<textarea name="text" placeholder="Введите сообщение..." maxlength="5000"></textarea><br>';
echo '<input class="btn" type="submit" value="Создать"><a href="?">Отмена</a>';
echo "</form>";
}else{
echo "<font color='grey'>Писать на форуме можно только с ".ico('icons','level.png')." 10 уровня!</font>";
}
echo "</div>";
require_once ('system/footer.php');
break;
}
$set['p_str'] = 10;
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `topic` WHERE `id_forum` = '$forum[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
$q = mysql_query("SELECT * FROM `topic` WHERE `id_forum` = '$forum[id]' ORDER BY `top` DESC, `onlick` DESC LIMIT $start, $set[p_str]");
echo "<div class='block2'>";
if($user['access'] >= $forum['access'] and $user[level] >= 9)echo "<li><a href='?new_topic'><font color='green'>".ico('icons','topic.png')."Создать новый топик</font></a></li>";
if($k_post == 0)echo "<h1>В данном разделе нет топиков...</h1>";
if($user[level] <= 9)echo "<h1>Создавать топики можно с 10 уровня</h1>";
while ($post = mysql_fetch_assoc($q)){
echo "<li><a href='/forum/sub/$post[id]?page=end'>".ico('icons','topic.png');
if($post['close'] == 1 and $post['top'] == 1)echo "<b>$post[name]</b>";
elseif($post['close'] == 1)echo "<font color='red'>$post[name]</font>";
elseif($post['top'] == 1)echo "<b>$post[name]</b>";
else echo $post['name'];
echo "</a></li>";
}
echo "</div>";
echo "<div class='block'>";
str('?',$k_page,$page); // Вывод страниц
echo "</div>";
echo "<a class=".$user[oformlenie]." data-ajax href='/forum/'>".ico('icons','arrow.png')." Вернуться в форум</a>";
}else{
## Форум ##
$title = 'Форум';
require_once ('system/header.php');
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum`"),0);
$q = mysql_query("SELECT * FROM `forum` ORDER BY `id` ASC");
if($k_post == 0)echo "<div class='block'>Нет разделов...</div>";
echo "<div class='block2'>";
while ($post = mysql_fetch_assoc($q)){
echo "<li><a href='/forum/$post[id]'>".ico('icons','topic.png')."$post[name]</a></li>";
}
echo "</div>";
}
}
require_once ('system/footer.php');
?>