Файл: book/index.php
Строк: 99
<?
session_start();
include('../core/core.php');
include(MAINDIR.'style/head.php');
title('Беседка!');
echo'<div class="title">Беседка!</div>';
echo'<div class="menu_2"><a href="?mode='.$mode.'">Обновить</a> | <a href="/pages/smiles.php">Смайлы</a> | <a href="/pages/tegs.php">Теги</a></div>';
switch ($mode):
case 'index':
# Ошибки
$error = abs(intval($_GET['error']));
if($error == 1){echo'<div class="error">Проверочный код введен неверно</div>';}
if($error == 2){echo'<div class="error">Вы не ввели сообщение</div>';}
# Форма ввода сообщений
$set = DB::run() -> queryFetch("SELECT * FROM `setting` WHERE `id`=? LIMIT 1",array(1));
# Вывод сообщений
if($set['book'] == 'on'){
echo'<div class="menu"><form action="?mode=add" method="post" >
<textarea rows="5" cols="30" name="msg"></textarea><br>
<input type="checkbox" name="ck1">Транслит<br>';
if(is_user()){} else{
echo'<img src="/sys/capatcha.php"/><br>
Bвeдитe Koд:<br>
<input type="text" name="code" size="7" maxlength="6"><br>';
}
echo'<input type="submit" value="Дoбaвить">
</form></div>
';
}
define('TOPAGE',10); $num = TOPAGE;
$links = '?mode=index?page=';
$page = intval($_GET['page']);
$posts = DB::run() -> query("SELECT * FROM `book`") -> rowCount();
if($posts == 0){echo'<div class="error">Сообщений нету!</div>';}
$total = intval(($posts - 1) / $num) + 1;
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$themes = DB::run()->query("SELECT * FROM `book` ORDER BY `id` DESC LIMIT $start,".TOPAGE."");
$themes = $themes -> fetchAll();
foreach($themes AS $u){
if($u['login'] == 'Гость'){echo'<div class="menu"><img src="/images/0.png"> '.$u['login'].' ('.$u['data'].')</div>';} else {
# Определяем иконку
$query = DB::run() -> queryFetch("SELECT * FROM `users` WHERE `login`=?",array($u['login']));
# если он из админ состава
if($query['status'] == 101 || $query['status'] == 102 || $query['status'] == 103 || $query['status'] == 104){
# определяем его пол и выводим иконку
if($query['pol'] == 1){$img = '<img src="/images/1.png">';}
if($query['pol'] == 0){$img = '<img src="/images/2.png">';}
}
# Если он обычный юзер
if($query['status'] == 105){
if($query['pol'] == 1){$img = '<img src="/images/4.png">';}
if($query['pol'] == 0){$img = '<img src="/images/3.png">';}
}
echo'<div class="menu">'.$img.' <a href="/profile/'.$u['login'].'">'.$u['login'].'</a> '.online($u['login']).' ('.$u['data'].')</div>';}
echo'<div class="menu_2">'.$u['msg'].'';
if($u['admin_msg'] == !NULL && $u['admin_login'] == !NULL){echo'<hr><font color="red">'.$u['admin_login'].'</font>: '.$u['admin_msg'].'';}
if(is_admin()){
echo'<hr>[<a href="/mpanel/book.php?mode=dell&id='.$u['id'].'">удл</a>][<a href="/mpanel/book.php?mode=edit&id='.$u['id'].'">изм</a>]';
if($u['login'] == check($_COOKIE['login'])){} else {echo'[<a href="/mpanel/book.php?mode=otvet&id='.$u['id'].'">отв</a>]';}
}
echo'</div>';
}
if ($page != 1) $pervpage = '<a href= '.$links.'1><<</a> <a href= '.$links.''. ($page - 1) .'><</a> ';
if ($page != $total) $nextpage = ' <a href= '.$links.''. ($page + 1) .'>></a> <a href= '.$links.'' .$total. '>>></a>';
if($page - 2 > 0) $page2left = ' <a href= '.$links.''. ($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = '<a href= '.$links.''. ($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 2 <= $total) $page2right = ' | <a href= '.$links.''. ($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href= '.$links.''. ($page + 1) .'>'. ($page + 1) .'</a>';
echo '<div class="menu_2">'.$pervpage.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$nextpage.'</div>';
break;
# добавление сообщений
case 'add':
$msg = check($_POST['msg']);
$code = abs(intval($_POST['code']));
if($msg == !NULL){
if(is_user()){
# задаем переменые
$login = check($_COOKIE['login']);
$data = times();
$brouser = explode("/",$_SERVER['HTTP_USER_AGENT']);
$brouser = check($brouser[0]);
$ip = preg_replace('|[^0-9.]|', '', $_SERVER['REMOTE_ADDR']);
# делаем запрос в бд
$msg = no_br($msg);
$msg = bb($msg);
$msg = antimat($msg);
$msg = smiles($msg);
DB::run() -> query("INSERT INTO `book` SET `msg`=?,`login`=?,`data`=?,`ip`=?,`brouser`=? ",array($msg,$login,$data,$ip,$brouser));
# перенаправляем
header ('location: ?mode=index');
user_live(check($_COOKIE['login']),1,1,0);
} else {
if($code==!NULL && $code==$_SESSION['getkode']){
# задаем переменые
$data = times();
$brouser = explode("/",$_SERVER['HTTP_USER_AGENT']);
$brouser = check($brouser[0]);
$ip = preg_replace('|[^0-9.]|', '', $_SERVER['REMOTE_ADDR']);
# делаем запрос в бд
$msg = no_br($msg);
$msg = bb($msg);
$msg = antimat($msg);
$msg = smiles($msg);
DB::run() -> query("INSERT INTO `book` SET `msg`=?,`login`=?,`data`=?,`ip`=?,`brouser`=? ",array($msg,'Гость',$data,$ip,$brouser));
# перенаправляем
header ('location: ?mode=index');
} else {header ('location: ?mode=index&error=1');}
}
} else {header ('location: ?mode=index&error=2');}
break;
default:
header ('location: ?mode=index');
endswitch;
include(MAINDIR.'style/foot.php');
?>