Файл: gb.php
Строк: 242
<?php
/*/ GUESTBOOK | Гостевая книга http://apwa.ru /*/
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
include($phpbb_root_path . 'includes/bbcode.'.$phpEx);
include($phpbb_root_path . 'includes/functions_gb.'.$phpEx);
$userdata = session_pagestart($user_ip, PAGE_GUESTBOOK);
init_userprefs($userdata);
$guest_config = array();
$guest_book = new guestbook();
$guest_config = $guest_book->guest_config();
$time = date('d.m - H:i');
if ( $userdata['session_logged_in'] )
{
switch ($userdata['user_level'])
{
case ADMIN: define('STAFF', true);
break;
case MOD:
if ( $guest_config['permit_mod'] )
{
define('STAFF', true);
}
break;
}
}
$cancel = ( isset($HTTP_POST_VARS['cancel']) ) ? TRUE : FALSE;
$confirm = ( isset($HTTP_POST_VARS['confirm']) ) ? TRUE : FALSE;
$delete = ( isset($HTTP_POST_VARS['delete']) ) ? TRUE : FALSE;
$start = ( isset($HTTP_GET_VARS['start']) ) ? intval($HTTP_GET_VARS['start']) : 0;
if ( isset($HTTP_POST_VARS['idmsg']) || isset($HTTP_GET_VARS['idmsg']) )
{
$idmsg = ( isset($HTTP_POST_VARS['idmsg']) ) ? $HTTP_POST_VARS['idmsg'] : $HTTP_GET_VARS['idmsg'];
$idmsg = intval($idmsg);
}
else
{
$idmsg = '';
}
if ( isset($HTTP_POST_VARS['view']) || isset($HTTP_GET_VARS['view']) )
{
$view = ( isset($HTTP_POST_VARS['view']) ) ? $HTTP_POST_VARS['view'] : $HTTP_GET_VARS['view'];
$view = htmlspecialchars($view);
}
else
{
$view = '';
}
if ( isset($HTTP_POST_VARS['mode']) || isset($HTTP_GET_VARS['mode']) )
{
$mode = ( isset($HTTP_POST_VARS['mode']) ) ? $HTTP_POST_VARS['mode'] : $HTTP_GET_VARS['mode'];
$mode = htmlspecialchars($mode);
}
else
{
if ( $delete )
{
$mode = 'delete';
}
else
{
$mode = '';
}
}
if ( $cancel )
{
redirect(append_sid("gb.$phpEx", TRUE));
}
if ( defined('STAFF') and $mode == 'delete')
{
if ( empty($HTTP_POST_VARS['msg_list']) && empty($idmsg) )
{
message_die(GENERAL_MESSAGE, $lang['Guest_none_selected']);
}
$idmsgs = ( isset($HTTP_POST_VARS['msg_list']) ) ? $HTTP_POST_VARS['msg_list'] : array($idmsg);
if ( !$confirm )
{
$s_hidden_fields = '<input type="hidden" name="confirm" value="true" />';
$s_hidden_fields .= '<input type="hidden" name="delete" value="true" />';
$s_hidden_fields .= '<input type="hidden" name="view" value="' . $view . '" />';
if ( isset($HTTP_POST_VARS['msg_list']) )
{
for($i = 0; $i < count($idmsgs); $i++)
{
$s_hidden_fields .= '<input type="hidden" name="msg_list[]" value="' . intval($idmsgs[$i]) . '" />';
}
}
else
{
$s_hidden_fields .= '<input type="hidden" name="idmsg" value="' . $idmsg . '" />';
}
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$template->set_filenames(array(
'confirm_body' => 'confirm_body.tpl')
);
$template->assign_vars(array(
'MESSAGE_TITLE' => $lang['Information'],
'MESSAGE_TEXT' => $lang['Guest_delete_coment'],
'L_YES' => $lang['Yes'],
'L_NO' => $lang['No'],
'S_CONFIRM_ACTION' => append_sid("gb.$phpEx"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$template->pparse('confirm_body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
}
else
{
$idmsg_sql = '';
for($i = 0; $i < count($idmsgs); $i++)
{
$idmsg_sql .= ( ( $idmsg_sql != '' ) ? ', ' : '' ) . intval($idmsgs[$i]);
}
$sql = "DELETE FROM " . GUESTBOOK . " WHERE id IN ($idmsg_sql)";
if ( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete message text', '', __LINE__, __FILE__, $sql);
}
$template->assign_vars(array(
'META' => '<meta http-equiv="refresh" content="2;url=' . append_sid("gb.$phpEx") . '">')
);
$msg = $lang['Guest_msg_delete'] . '<br />' . sprintf($lang['Guest_return'], '<a href="' . append_sid("gb.$phpEx") . '">', '</a> ') . '<br />' . sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');
message_die(GENERAL_MESSAGE, $msg);
}
}
$title_msg = $lang['Guestbook'];
$sql = "SELECT count(*) AS total FROM " . GUESTBOOK;
if($result = $db->sql_query($sql))
{
$row = $db->sql_fetchrow($result);
$num = $row['total'];
}
$db->sql_freeresult($result);
$guest_config['posts_per_page'] = intval($guest_config['posts_per_page']);
$pagination = generate_pagination("gb.$phpEx?mode=leggi", $num, $guest_config['posts_per_page'], $start). '';
$field_delete = (defined('STAFF')) ? '<input type="submit" name="delete" value="' . $lang['Del2'] . '" class="subbutton" />' : '';
$page_title = $lang['Guestbook'];
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
if ( $error_msg != '' )
{
$template->set_filenames(array(
'reg_header' => 'error_body.tpl')
);
$template->assign_vars(array(
'ERROR_MESSAGE' => $error_msg)
);
$template->assign_var_from_handle('ERROR_BOX', 'reg_header');
}
$template->set_filenames(array(
'body' => 'gb_body.tpl')
);
$guest_book->guest_counter();
$template->assign_vars(array(
'L_MESSAGE' => $lang['Message'],
'TIME' => $time,
'CONFIRM_IMG' => $confirm_image,
'L_GUESTBOOK' => $title_msg,
'L_USERNAME' => $lang['Username'],
'U_GUESTBOOK' => append_sid("gb.$phpEx"),
'L_SUBJECT' => $lang['Subject'],
'L_POSTED' => $lang['Posted'],
'L_DATE' => $lang['Date'],
'L_FROM' => $lang['From'],
'L_SUBMIT' => $lang['Submit'],
'L_DELETE' => $lang['Delete'],
'L_SELECT' => $lang['Select'],
'L_CAVEAT' => $lang['caveat'],
'L_MESSAGGIO' => $lang['Post'],
'L_EMPTY_MESSAGE' => $lang['Empty_message'],
'PAGINATION' => $pagination,
'S_GUESTBOOK_ACTION' => append_sid("gb.$phpEx?mode=scrivi"),
'S_HIDDEN_FIELDS' => $s_hidden_fields)
);
$sql = "SELECT g.*, u.username, u.user_id, u.user_level, u.user_posts, u.user_status, u.user_nic_color, u.user_avatar_type, u.user_allowavatar, u.user_avatar
FROM " . GUESTBOOK . " g, " . USERS_TABLE . " u
WHERE g.user_id = u.user_id
ORDER BY g.data_ora DESC LIMIT " . $start . ", " . $guest_config['posts_per_page'];
if( !($result = $db->sql_query($sql)))
{
message_die(GENERAL_ERROR, 'Could not query guestbook', '', __LINE__, __FILE__, $sql);
}
$gb_rows = array();
if ($row = $db->sql_fetchrow($result))
{
do
{
$gb_rows[] = $row;
}
while ($row = $db->sql_fetchrow($result));
$db->sql_freeresult($result);
}
for($i = 0; $i < count($gb_rows); $i++)
{
$time_del = mktime()-(150*86400);
if ( $gb_rows[$i]['data_ora'] < $time_del )
{
$id = $gb_rows[$i]['id'];
$sql = "DELETE FROM " . GUESTBOOK . "
WHERE id = $id";
if( !$db->sql_query($sql) )
{
message_die(GENERAL_ERROR, 'Could not delete', '', __LINE__, __FILE__, $sql);
}
}
$user_status = '';
if ( $gb_rows[$i]['user_status'] )
{
$user_status = '<i>' . $gb_rows[$i]['user_status']. '</i>';
}
else
{
$user_status = '';
}
avatar_img($gb_rows[$i]['user_avatar_type'], $gb_rows[$i]['user_allowavatar'], $gb_rows[$i]['user_avatar'], $avatar_img, $avatar_mini);
$poster_id = $gb_rows[$i]['user_id'];
$comento = bbencode_second_pass($gb_rows[$i]['comento'], $gb_rows[$i]['bbcode_uid']);
$comento = smilies_pass($comento);
$comento = make_clickable($comento);
$comento = str_replace("n", "n<br />n", $comento);
$post_date = create_date($board_config['default_dateformat'], $gb_rows[$i]['data_ora'], $board_config['board_timezone']);
$del = append_sid("gb.$phpEx?mode=delete&idmsg=" . $gb_rows[$i]['id']);
$edit = append_sid("gbcomm.$phpEx?mode=edit&idmsg=" . $gb_rows[$i]['id']);
$otv = append_sid("gbcomm.$phpEx?mode=quote&idmsg=" . $gb_rows[$i]['id']);
if ( $gb_rows[$i]['user_warnings'] == 0 )
{
$poster = ( $poster_id == ANONYMOUS ) ? ( ($gb_rows[$i]['nick'] != '' ) ? $gb_rows[$i]['nick'] : $lang['Guest'] ) : '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . '=' . $gb_rows[$i]['user_id']) . '" style="color: '.$gb_rows[$i]['user_nic_color'].'">' . $gb_rows[$i]['username'] . '</a>';
}
else
{
$poster = ( $poster_id == ANONYMOUS ) ? ( ($gb_rows[$i]['nick'] != '' ) ? $gb_rows[$i]['nick'] : $lang['Guest'] ) : '<a href="' . append_sid("profile.$phpEx?mode=viewprofile&" . POST_USERS_URL . '=' . $gb_rows[$i]['user_id']) . '" style="color:#000000">' . $gb_rows[$i]['username'] . '</a>';
}
if ( $gb_rows[$i]['user_level'] == ADMIN )
{
$poster_status = 'Адм';
}
else if ( $gb_rows[$i]['user_level'] == MOD )
{
$poster_status = 'Мод';
}
else
{
$poster_status = '';
}
$agent = $gb_rows[$i]['agent'];
if (ereg( 'Opera ([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "Opera";
$browse_version = $version[1];
}
else if (ereg( 'Opera Mini/([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "Opera Mini";
$browse_version = $version[1];
}
else if (ereg( 'Opera/', $agent))
{
ereg( 'Version/([0-9]{1,2}.[0-9]{1,2})', $agent, $version);
{
$browse_type = "Opera";
$browse_version = $version[1];
}
}
else if (ereg('MSIE ([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "IE";
$browse_version = $version[1];
}
else if (ereg('Firefox/([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "Firefox";
$browse_version = $version[1];
}
else if (ereg( 'Chrome/([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "Chrome";
$browse_version = $version[1];
}
else if (ereg( 'Netscape/([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "Netscape";
$browse_version = $version[1];
}
else if (ereg( 'AppleWebKit/([0-9].[0-9]{1,2})', $agent, $version))
{
$browse_type = "WebKit";
$browse_version = $version[1];
}
else
{
$browse_type = '';
$browse_version = '';
}
$row_class = ( !($i % 2) ) ? 'row_easy' : 'row_hard';
$template->assign_block_vars('postrow', array(
'ROW_CLASS' => $row_class,
'AVATAR_IMG' => $avatar_img,
'AVATAR_MINI' => $avatar_mini,
'POSTER_STATUS' => $poster_status,
'USER_STATUS' => $user_status,
'DEL' => ( defined('STAFF') ) ? '|<a href="' . $del . '">' . $lang['Delete_post'] . '</a>': '',
'EDIT' => ( defined('STAFF') ) ? '|<a href="' . $edit . '">' . $lang['Edit_delete_post'] . '</a> ' : '',
'POSTER_NAME' => $poster,
'NAME' => $name,
'OTV' => ($userdata['session_logged_in'] ) ? '<a href="' . $otv . '">' . $lang['Reply_to_user'] . '</a>':'',
'MESSAGE' => $comento,
'IP' => $lang['ip2'],
'GUEST_IP' => ( defined('STAFF') ) ? '['.decode_ip($gb_rows[$i]['ipi']).'|' : '',
'AGENT' => ( defined('STAFF') ) ? $browse_type . ' ' . $browse_version.']' : '',
'DATA' => $post_date)
);
}
if (defined('STAFF'))
{
$template->assign_block_vars('switch_user_staff', array());
}
$template->pparse('body');
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>