Файл: chat.php
Строк: 69
<?php
include_once ('./core/base.php');
falseauth();
$header = 'Чат';
include_once ('./core/head.php');
$_GET['reply'] = fl($_GET['reply']);
$_GET['delete'] = fl($_GET['delete']);
$_GET['truncate'] = fl($_GET['truncate']);
$_POST['msg'] = fl($_POST['msg']);
if(isset($_REQUEST['add'])){
if(!$ban){
if((time() - $u['last_chat']) <= 15){
$_SESSION['message'] = 'Сообщения можно писать не чаще одного в 15 секунд.';
header('Location: /chat/');
exit;
}
if($u['last_chat_message'] == $_POST['msg']){
$_SESSION['message'] = 'Ваше последнее сообщение имеет такое же содержимое.';
header('Location: /chat/');
exit;
}
if(mb_strlen($_POST['msg']) > 2 AND mb_strlen($_POST['msg']) < 76 AND $_POST['msg'] != ''){
$base -> query('INSERT INTO `chat` SET
`user` = "'.$u['id'].'",
`text` = "'.$_POST['msg'].'",
`time` = "'.time().'"');
$base -> query('UPDATE `users` SET `last_chat` = "'.time().'", `last_chat_message` = "'.$_POST['msg'].'" WHERE `id` = "'.$u['id'].'"');
header('Location: /chat/');
exit;
}else{
$_SESSION['message'] = 'Сообщение должно содержать не менее 3 символов и не более 75.';
header('Location: /chat/');
exit;
}
}else{
$_SESSION['message'] = 'Вы сможете писать в чате по истечению срока бана.';
header('Location: /chat/');
exit;
}
}
if($_GET['delete'] != ''){
if($u['admin'] > 1){
$base -> query('DELETE FROM `chat` WHERE `id` = "'.$_GET['delete'].'" LIMIT 1');
$_SESSION['message'] = 'Сообщение успешно удалено.';
}
header('Location: /chat/');
exit;
}
if($_GET['truncate'] == 'yes'){
if($u['admin'] == 3){
$base -> query('TRUNCATE TABLE `chat`');
$_SESSION['message'] = 'Чат успешно очищен.';
}
header('Location: /chat/');
exit;
}
echo '<div class="b">';
echo '<div class="title">Чат</div>';
$chat_nr = $base -> query('SELECT * FROM `chat`') -> num_rows;
$tradechat_nr = $base -> query('SELECT * FROM `tradechat`') -> num_rows;
echo '<center><div class="btn_small_pressed">Чат ('.n_f($chat_nr).')</div> <a class="btn_small" href="/tradechat/">Торговый Чат ('.n_f($tradechat_nr).')</a></center>
<div class="line"></div>';
echo '<center>';
echo '<form action="" method="POST">';
if($_GET['reply'] != ''){
$reply_user = $base -> query('SELECT * FROM `users` WHERE `id` = "'.$_GET['reply'].'" LIMIT 1') -> fetch_assoc();
$reply_text = ''.$reply_user['login'].', ';
}
echo '<input type="text" name="msg" value="'.$reply_text.'" placeholder="Введите сообщение." /> <br/>';
echo '<input type="submit" name="add" value="Написать"></br>';
echo '</form>';
echo '</center>';
$count = $base->query("SELECT * FROM `chat`") -> num_rows;
$k_page = k_page($count,10);
$page = page($k_page);
$start = 10*$page-10;
$sql = $base -> query("SELECT * FROM `chat` ORDER BY `id` DESC LIMIT $start,10");
if($count > 0){
while($msg = $sql -> fetch_assoc()){
if($msg['user'] != $u['id']) $reply = ' <a href="/chat/reply/'.$msg['user'].'/">[отв]</a>';
else $reply = '';
if($u['admin'] > 1) $delete = ' <a href="/chat/delete/'.$msg['id'].'/">[уд]</a>';
else $delete = '';
$msg['text'] = str_replace(array($u['login'].','), "<font style='text-decoration: underline;'><b>".$u['login']."</b></font>, ", $msg['text']);
echo '<div class="event">'.name($msg['user']).' <font color="#B1B1B1">('.tm($msg['time']).')'.$reply.''.$delete.'</font><br/>
<div class="text_line"></div>
'.nl2br(smiles($msg['text'])).'</div>';
}
if($count > '10'){
echo str('?',$k_page,$page);
}
}else{
echo '<br/><center>В чате ещё не было сообщений.</center><br/>';
}
echo '<a class="btn" href="/help/smiles/"><img src="/images/smiles/smile.png" width="24px;"> Смайлы</a>';
echo '<a class="btn" href="/"><img src="/images/icons/back.png"> Назад</a>';
echo '</div>';
include_once ('./core/foot.php');
?>