Файл: include/ans.php
Строк: 305
<?
$f = intval($_GET['f']);
$s = intval($_GET['s']);
$uid = intval($_GET['uid']);
$Aquery = mysql_query("SELECT * FROM users WHERE id=".$uid);
$Aq = mysql_fetch_assoc($Aquery);
$Aname = $Aq['username'];
if(!empty($uid))
{
$s = $Aname;
}
if($status == "admin") $ip = "127.0.0.1"; else $ip = empty($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['REMOTE_ADDR'] : $_SERVER['HTTP_X_FORWARDED_FOR'] ;
$ip = htmlspecialchars(sql($ip));
if($status == "admin") $user = "Admin"; else $user = htmlspecialchars(sql($_SERVER['HTTP_USER_AGENT']));
$query = mysql_query("SELECT themes.*, forums.name AS fname
FROM themes, forums
WHERE themes.id=".$f."
AND themes.id_forum=forums.id");
$data = mysql_fetch_assoc($query);
if(mysql_num_rows($query) < 1)
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Темы не существует! <br />
-
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a> '.$tagC.'
</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Ошибка</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">'.$tag.'
Темы не существует!
'.$tagC.'</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</body></html>');
}
} elseif($data['close'] == "on")
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Темы закрыта! <br />
<anchor>Назад<prev /></anchor><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'
</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Ошибка</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">'.$tag.'
Тема закрыта!
'.$tagC.'</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</body></html>');
}
}
elseif(!$authorize)
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Вы не авторизованы! <br />
<anchor>Назад<prev /></anchor><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'">
<font color="#FFFFFF"><b>Ошибка</b></font>
</td></tr>
<tr><td bgcolor="'.$style['text'].'">'.$tag.'
Вы не авторизованы!
'.$tagC.'</td></tr>
<tr><td bgcolor="'.$style['bottom'].'">'.$tag.'
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr>
</table>
</body></html>');
}
}
elseif(ban($username, $user, $ip))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ошибка").$tag.'
Ошибка! Вы заблокированы модератором '.$modername.'. <br />
Причина: '.$banmess.'! <br />
-
<a href="'.$_SERVER['HTTP_REFERER'].'">Назад</a><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ошибка</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr align="center" bgcolor="'.$style['title'].'"><td colspan="2">
<font color="#FFFFFF"><b>Ошибка</b></font>
<tr bgcolor="'.$style['text'].'"><td colspan="2">'.$tag.'Вы заблокированы модератором '.$modername.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Причина:'.$tagC.'</td><td>'.$tag.$banmess.$tagC.'</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">'.$tag.'
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</body></html>');
}
}
else
{
if(empty($_POST['ans']))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ответ на тему").$tag.'
<b>Ответить на тему в "'.$data['fname'].'" </b><br /> <br />
Логин ['.$username.']
<br />
Тема ['.$data['tname'].'] <br />
Сообщение: <br />'.$tagC);
if(!empty($s))
{
echo('<input type="text" name="mess'.$ref.'" value="'.$s.', " maxlength="500" /><br />');
}
else
{
echo('<input type="text" name="mess'.$ref.'" maxlength="500" /><br />');
}
if(is_author($f, $username) or $status == "moder" or $status == "admin")
{
echo($tag.'Закрыть тему:'.$tagC.'<br />
<select name="closed'.$ref.'" value="0">
<option value="0">Нет</option>
<option value="1">Да</option>
</select><br />');
}
echo('<anchor>[Ответить]
<go href="./?p=7&v=wml&sid='.$sid.'&f='.$f.'" method="post">
<postfield name="mess" value="$(mess'.$ref.')" />');
if(is_author($f, $username) or $status == "moderator" or $status == "admin")
{
echo('<postfield name="closed" value="$(closed'.$ref.')" />');
}
echo('<postfield name="ans" value="true" />
</go></anchor><br />'.$tag.'
<a href="./?p=14&v=wml&sid='.$sid.'&f=4">Смайлы</a><br />
<a href="./?p=4&v=wml&sid='.$sid.'&t='.$f.'">В тему</a><br />
<a href="./?p=2&v=wml&sid='.$sid.'&f='.$data['id_forum'].'">В «'.$data['fname'].'»</a><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ответ на тему</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="./?p=7&v=xhtml&sid='.$sid.'&f='.$f.'" method="post">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'" colspan="2">
<font color="#FFFFFF"><b>Ответ на тему</b></font>
</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2"><b>Ответить на тему в "'.$data['fname'].'"</b></td></tr>
<tr bgcolor="#deebf1"><td colspan="2"></td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Имя:'.$tagC.'</td><td>'.$tag.'['.$username.']'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Тема:'.$tagC.'</td><td>'.$tag.'[Re: '.$data['tname'].']'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Сообщение:'.$tagC.'</td><td><textarea name="mess" cols="30" rows="5">');
if(!empty($s))
{
echo($s.', ');
}
echo('</textarea></td></tr>');
if(is_author($f, $username) or $status == "moderator" or $status == "admin")
{
echo('<tr bgcolor="'.$style['text'].'"><td nowrap>'.$tag.'Закрыть тему:'.$tagC.'</td>
<td><select name="closed">
<option value="0">Нет</option>
<option value="1">Да</option>
</select></td></tr>');
}
echo('
<tr bgcolor="'.$style['text'].'"><td align="center" colspan="2">
<input type="hidden" name="ans" value="true">
<input type="submit" value="Ответить" /></td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">'.$tag.'
<a href="./?p=14&v=xhtml&sid='.$sid.'&f=4">Смайлы</a><br />
<a href="./?p=4&v=xhtml&sid='.$sid.'&t='.$f.'">В тему</a><br />
<a href="./?p=2&v=xhtml&sid='.$sid.'&f='.$data['id_forum'].'">В «'.$data['fname'].'»</a><br />
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</form>
</body></html>');
}
} else
{
$message = $_POST['mess'];
if($transl == "on")
{
$message = translate($message);
}
$message = preg_replace("|[rn]+|", " rn", $message);
$message = preg_replace("|[n]+|", "n", $message);
$message = sql(htmlspecialchars(trim(chop(cutString($message, 1024)))));
$message = preg_replace_callback("|<(d{1,20})>|", "smile", $message);
if($status == "admin" or $status == "moderator")
{
$message= preg_replace("|[b](.*)[/b]|i", "<b>\1</b>", $message);
$message = preg_replace("|[i](.*)[/i]|i", "<i>\1</i>", $message);
}
if(strpos($message, "http://") !== false)
{
$message = preg_replace("|(http://[^s]+)|i", "<a href="go/?\1">\1</a>", $message);
}
else if(strpos($message, "HTTP://") !== false)
{
$message = preg_replace("|(HTTP://[^s]+)|i", "<a href="go/?\1">\1</a>", $message);
}
else
{
$message = preg_replace("|[urltag=(.*)](.*)[/url]|is", "<a href="go/?http://\1">\2</a>", $message);
}
////////////////////////////////////////////////////////Антифлуд
$R = mysql_query("SELECT * FROM `posts`
WHERE `name`='".$username."'
AND `id_theme`=".$f);
$aR = mysql_fetch_array($R);
$postR=$aR['post'];
////////////////////////////////////////////////////////
if(!preg_match("|^[-a-z0-9а-яё_!?№#;:%^&*()+=~|\/ @.,[]{}"'`<>s]*$|iu", $message) or empty($message))
{
if($version == "wml")
{
header('Content-type: text/vnd.wap.wml; charset=utf-8');
header("Cache-Control: no-cache");
echo(doctype("Ответ на тему").$tag.'
<b>Ответить в тему в "'.$data['fname'].'"</b><br /> <br />
<b>Поле "Сообщение" пустое или содержит плохие символы! </b><br />
Имя: ['.$username.'] <br />
Тема: ['.$data['tname'].'] <br />
Сообщение: '.$tagC.'<br />');
if(!empty($s))
{
echo('<input type="text" name="mess'.$ref.'" value="'.$s.', " maxlength="600" /><br />');
}
else
{
echo('<input type="text" name="mess'.$ref.'" maxlength="600" /><br />');
}
if(is_author($f, $username) or $status == "moderator" or $status == "admin")
{
echo($tag.'Закрыть тему:'.$tagC.'<br />
<select name="closed'.$ref.'" value="0">
<option value="0">Нет</option>
<option value="1">Да</option>
</select><br />');
}
echo('
<anchor>[Ответить]
<go href="./?p=7&v=wml&sid='.$sid.'&f='.$f.'" method="post">
<postfield name="mess" value="$(mess'.$ref.')" />');
if(is_author($f, $username) or $status == "moderator" or $status == "admin")
{
echo('<postfield name="closed" value="$(closed'.$ref.')" />');
}
echo('
<postfield name="ans" value="true" />
</go></anchor><br />
'.$tag.'
<a href="./?p=14&v=wml&sid='.$sid.'&f=4">Смайлы</a><br />
<a href="./?p=4&v=wml&sid='.$sid.'&t='.$f.'">В тему</a><br />
<a href="./?p=2&v=wml&sid='.$sid.'&f='.$data['id_forum'].'">В «'.$data['fname'].'»</a><br />
<a href="./?p=0&v=wml&sid='.$sid.'">Форумы</a>
'.$tagC.'</p></card></wml>');
} elseif($version == "xhtml")
{
header("Content-type: text/html; charset=utf-8");
header("Last-Modified:".gmdate("D, d M Y H:i:s")." GMT");
header("Cache-Control: no-cache, must-relative");
echo('<html>
<head>
<title>Ответ на тему</title>
</head>
<body bgcolor="'.$style['background'].'" link="'.$style['link'].'" vlink="'.$style['link'].'" text="#000000">
<form action="./?p=7&v=xhtml&sid='.$sid.'&f='.$f.'" method="post">
<table align="center" border="0" cellspacing="1" cellpadding="5" width="350">
<tr><td align="center" bgcolor="'.$style['title'].'" colspan="2">
<font color="#FFFFFF"><b>Ответ на тему</b></font>
</td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">
<b>Ответить на тему в "'.$data['fname'].'"</b>
</td></tr>
<tr bgcolor="#deebf1"><td colspan="2">'.$tag.'<b>Ошибка!!! Поле "Сообщение" пустое или содержит плохие символы!</b>'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Имя:'.$tagC.'</td><td>'.$tag.'['.$username.']'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Тема:'.$tagC.'</td><td>'.$tag.'[Re: '.$data['tname'].']'.$tagC.'</td></tr>
<tr bgcolor="'.$style['text'].'"><td>'.$tag.'Сообщение:'.$tagC.'</td><td><textarea name="mess" cols="30" rows="5">');
if(!empty($s))
{
echo($s.', ');
}
echo('</textarea></td></tr>');
if(is_author($f, $username) or $status == "moderator" or $status == "admin")
{
echo('<tr bgcolor="'.$style['text'].'"><td nowrap>Закрыть тему:</td>
<td><select name="closed">
<option value="0">Нет</option>
<option value="1">Да</option>
</select></td></tr>');
}
echo('
<tr bgcolor="'.$style['text'].'"><td align="center" colspan="2">
<input type="hidden" name="ans" value="true">
<input type="submit" value="Ответить" /></td></tr>
<tr bgcolor="'.$style['bottom'].'"><td colspan="2">'.$tag.'
<a href="./?p=14&v=xhtml&sid='.$sid.'&f=4">Смайлы</a><br />
<a href="./?p=4&v=xhtml&sid='.$sid.'&t='.$f.'">В тему</a><br />
<a href="./?p=2&v=xhtml&sid='.$sid.'&f='.$data['id_forum'].'">В «'.$data['fname'].'»</a><br />
<a href="./?p=0&v=xhtml&sid='.$sid.'">Форумы</a>
'.$tagC.'</td></tr></table>
</form>
</body></html>');
}
}
elseif(strtolower($postR) == strtolower($message))
{
header("Location: ".$forumdir."p=2&f=".$data['id_forum']."&v=".$version."&sid=".$sid);
}
else
{
if(mysql_result(
mysql_query("SELECT COUNT(*)
FROM `posts`
WHERE `name` = '$username'
AND `id_theme` = ".$f."
AND `crc32` = ".crc32($message)), 0))
{
header("Location: ".$forumdir."p=2&f=".$data['id_forum']."&v=".$version."&sid=".$sid);
exit();
}
if(($status == "admin" or $status == "moderator" or is_author($f, $username)) and $_POST['closed'] == "1")
{
mysql_query("UPDATE `themes`
SET `close`='on' WHERE `id`=".$f);
}
mysql_query("UPDATE `themes`
SET `time`=".time()." WHERE `id`=".$f);
mysql_query("INSERT INTO `posts` VALUES(0, '".$username."', '".$message."', ".crc32($message).", ".$f.", ".time().", '".$user."', '".$ip."')");
include_once("us.php");
$idd = $infoUserRows['id'];
if($data['id_forum'] == "1")
{
mysql_query("UPDATE `wcab` SET `balans`=`balans`+'0.1' WHERE `id_user`='".$idd."'");
}
elseif($data['id_forum'] != "20" && $data['id_forum'] != "16" && $data['id_forum'] != "19" && $data['id_forum'] != "18")
{
mysql_query("UPDATE `wcab` SET `balans`=`balans`+'0.3' WHERE `id_user`='".$idd."'");
}
header("Location: ".$forumdir."p=2&f=".$data['id_forum']."&v=".$version."&sid=".$sid);
}
}
}
?>