Файл: social12/forum/index.php
Строк: 1106
<?php
require '../sid.php';
require '../config.php';
$link = connect_db();
if (!empty($_SESSION['us'])) {
list($user, $id, $ps) = check_login($link);
whorm(0, 'forum');
}
include '../head.php';
include '../navigator.php';
$do = (isset($_GET['do'])) ? $_GET['do'] : NULL;
switch($do) {
default:
echo $div_title . 'Форум' . $div_end . $div_aut . '
<a href="../faq.php?do=forum">Правила Форума</a>
' . $div_end . $div_left . $div_menu . '
<img src="img/up.gif" alt="*"/> <b>Форум</b>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$razdel = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_razdel`"), 0);
// разделы
if ($razdel != FALSE) {
$n = new navigator($razdel, 15, '?');
$look = mysql_query("SELECT `f_razdel`.*,
(SELECT COUNT(*) FROM `f_pod` WHERE `f_pod`.`pid` = `f_razdel`.`id`) AS c,
(SELECT COUNT(*) FROM `f_pod` WHERE `f_pod`.`pid` = `f_razdel`.`id` AND `f_pod`.`time` > '" . (time() - 86400) . "') AS t,
(SELECT COUNT(*) FROM `f_them` WHERE `f_razdel`.`id` = `f_them`.`razdel_id`) AS m
FROM `f_razdel` ORDER BY `f_razdel`.`id` ASC {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
$new_in = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<img src="img/'.$a['ico'].'" alt="*"/> <a href="index.php?do=razdel&r='.$a['id'].'">' . $a['name'] . '</a> (' . $a['c'] . '/' . $a['m'] . ') ' . $new_in . '<br/>
' . $a['opis'] . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Разделы не созданы!<br/>';
}
// счетчик онлайна на форуме
$_numFor = mysql_result(mysql_query("SELECT COUNT(*) AS num FROM `users` WHERE `room` = 'forum' AND `onl` + '200' > '" . time() . "'"), 0);
$moders = mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `level` = '3'"), 0);
echo '<a href="index.php?do=online">Кто на форуме (' . $_numFor . ')</a><br/>
<a href="../faq.php?do=moders_f">Модераторы (' . $moders . ')</a>' . $div_end;
break;
case razdel:
$r = my_int($_GET['r']);
$empty = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
// информация о разделе
$i_rzd = mysql_fetch_assoc($empty);
##
$pod = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_pod` WHERE `pid` = '$r' LIMIT 1"), 0);
echo $div_left . $div_title . $i_rzd['name'] . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
// список подфорумов
if ($pod != FALSE) {
$n = new navigator($pod, 10, '?do=razdel&r='.$r.'&');
$look = mysql_query("SELECT `f_pod`.*,
(SELECT COUNT(*) FROM `f_them` WHERE `f_them`.`rid` = `f_pod`.`id`) AS c,
(SELECT COUNT(*) FROM `f_them` WHERE `f_them`.`rid` = `f_pod`.`id` AND `date` > '" . (time() - 86400) . "') AS t,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`podforum` = `f_pod`.`id`) AS m
FROM `f_pod` WHERE `f_pod`.`pid` = '$r' ORDER BY `f_pod`.`id` ASC {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
$new_themes = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<img src="img/str.gif" alt="*"/> <a href="index.php?do=pod&p='.$a['id'].'&r='.$a['pid'].'">' . $a['name'] . '</a> (' . $a['c'] . '/' . $a['m'] . ') ' . $new_themes . '<br/>' . $a['opis'] . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Подфорумы не созданы!<br/>';
}
echo $div_end;
break;
case pod:
$r = my_int($_GET['r']);
$p = my_int($_GET['p']);
$empty_1 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
if (mysql_num_rows($empty_1) == FALSE) {
echo $div_title . 'Ошибка!' . $div_end . err('Раздела не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
echo $div_title . 'Ошибка!' . $div_end . err('Подфорума не существует!');
include '../foot.php';
exit();
}
// информация о разделе
$i_rzd = mysql_fetch_assoc($empty_1);
// информация о подфоруме
$i_pdf = mysql_fetch_assoc($empty_2);
##
$them = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_them` WHERE `rid` = '$i_pdf[id]'"), 0);
echo $div_left . $div_title . $i_rzd['name'] . $div_end . $div_menu;
echo (!empty($_SESSION['us'])) ? '<img src="img/t.gif" alt="*"/> <a href="index.php?do=add_them&r='.$r.'&p='.$p.'">Создать тему</a>' : '';
echo $block . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a> |
<a href="index.php?do=razdel&r='.$r.'">
' . $i_rzd['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
// список тем
if ($them != FALSE) {
$num_th = (!empty($_SESSION['onp_themes'])) ? $user['onp_themes'] : 10;
$n = new navigator($them, $num_th, '?do=pod&p='.$p.'&r='.$r.'&');
$look = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id` AND `time` > '" . (time() - 86400) . "') AS t
FROM `f_them` WHERE `f_them`.`rid` = '$i_pdf[id]' ORDER BY `f_them`.`fix` DESC, `f_them`.`last` DESC {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
// закрытая тема
if ($a['close'] == 1 && $a['fix'] == 0) {
$cl = '<img src="img/x.gif" alt="*"/>';
// открытая тема
} elseif ($a['close'] == 0 && $a['fix'] == 0) {
$cl = '<img src="img/t.gif" alt="*"/>';
// закрепленная тема
} elseif ($a['fix'] == 1) {
$cl = '<img src="img/f.gif" alt="*"/>';
// обычная тема
} else {
$cl = '<img src="img/t.gif" alt="*"/>';
}
#######
$new_mess = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
// последний написавший
$luser = mysql_fetch_assoc(mysql_query("SELECT `user`, `time` FROM `f_message` WHERE `tid` = '$a[id]' ORDER BY `time` DESC LIMIT 1"));
$gmdate = (time() - 86400 < $luser['time'])
? gmdate('Gч. iмин. назад', (time() - $luser['time']))
: date('d-m-Y G:i', $luser['time']);
if ($luser['time'] != FALSE) $kogda = us($luser['user']) . ' ' . $gmdate;
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$a['id'].'&page='.$pg.'"><b>»»</b></a>';
} else {
$st = '';
}
###############################
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo $cl . ' <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$a['id'].'"><b>' . $a['name'] . '</b></a> (' . $a['c'] . $new_mess . ') ' . $st . '<br/>' . date('d-m-Y H:i', $a['date']) . '<br/>' . $kogda . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Темы не созданы!<br/>';
}
echo $div_end;
break;
case them:
$t = my_int($_REQUEST['t']);
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_1 = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' AND `rid` = '$p' LIMIT 1");
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' AND `pid` = '$r' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_1) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
// информация о теме
$i_th = mysql_fetch_assoc($empty_1);
// информация о разделе
$i_rzd = mysql_fetch_assoc(mysql_query("SELECT `id`, `name` FROM `f_razdel` WHERE `id` = '$r' LIMIT 1"));
// информация о подфоруме
$i_pdf = mysql_fetch_assoc(mysql_query("SELECT `id`, `name` FROM `f_pod` WHERE `id` = '$p' LIMIT 1"));
$mes = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
// закрытие темы
if ($i_th['close'] == 1) {
$_cls_1 = 'open_them';
$_cls_2 = 'Открыть';
} else {
$_cls_1 = 'close_them';
$_cls_2 = 'Закрыть';
}
// фиксация темы
if ($i_th['fix'] == 0) {
$_fix_1 = 'fix_them';
$_fix_2 = 'Закрепить';
} else {
$_fix_1 = 'detach_them';
$_fix_2 = 'Открепить';
}
// апдейт темы
if ($user['level'] >= 3 && $user['level'] <= 5)
{
if (!empty($i_th['quest']) && $i_th['close'] == 0) {
$golos = ' | <a href="index.php?do=edit_vote&r='.$r.'&p='.$p.'&x='.$t.'">Изм голосование</a> |
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&delvote">Убр голосование</a>';
} elseif (empty($i_th['quest']) && $i_th['close'] == 0) {
$golos = ' | <a href="index.php?do=vote&r='.$r.'&p='.$p.'&x='.$t.'">Доб голосование</a>';
}
$ed = '<a href="index.php?do=del_them&r='.$r.'&p='.$p.'&x='.$t.'">Удалить</a> |
<a href="index.php?do=edit_them&r='.$r.'&p='.$p.'&x='.$t.'">Изменить</a> |
<a href="index.php?do='.$_fix_1.'&r='.$r.'&p='.$p.'&x='.$t.'">'.$_fix_2.'</a> |
<a href="index.php?do='.$_cls_1.'&r='.$r.'&p='.$p.'&x='.$t.'">' . $_cls_2 . '</a> |
<a href="index.php?do=move_them&r='.$r.'&p='.$p.'&x='.$t.'">Переместить</a>' . $golos;
}
elseif ($user['level'] < 3 && empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed = '<a href="index.php?do=vote&r='.$r.'&p='.$p.'&x='.$t.'">Доб голосование</a> |
<a href="index.php?do=edit_them&r='.$r.'&p='.$p.'&x='.$t.'">Изменить</a> |
<a href="index.php?do='.$_cls_1.'&r='.$r.'&p='.$p.'&x='.$t.'">' . $_cls_2 . '</a>';
}
elseif ($user['level'] < 3 && !empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed = '<a href="index.php?do=edit_vote&r='.$r.'&p='.$p.'&x='.$t.'">Изм голосование</a> |
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&delvote">Убр голосование</a> |
<a href="index.php?do=edit_them&r='.$r.'&p='.$p.'&x='.$t.'">Изменить</a> |
<a href="index.php?do='.$_cls_1.'&r='.$r.'&p='.$p.'&x='.$t.'">' . $_cls_2 . '</a>';
}
elseif ($user['level'] < 3 && $i_th['author'] == $user['id'] && $i_th['close'] == 1)
{
$ed = '<a href="index.php?do='.$_cls_1.'&r='.$r.'&p='.$p.'&x='.$t.'">' . $_cls_2 . '</a>';
}
// последнее редактирование
$redact = (!empty($i_th['whoedit']))
? $div_razdel . 'Редактировалось: <a href="/'.$i_th['whoedit'].'">' . user_inf($i_th['whoedit'], 'user') . '</a>' . $div_end
: '';
// первый пост в теме
if (mb_strlen($i_th['firstpost'], 'UTF8') > 250 && !isset($_GET['read'])) {
$i_th['firstpost'] = mb_substr($i_th['firstpost'], 0, 250, 'UTF8') . '...<br/>
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&read"><span class="next">Далее»</span></a>';
} elseif (mb_strlen($i_th['firstpost'], 'UTF8') > 250 && isset($_GET['read'])) {
$i_th['firstpost'] = $i_th['firstpost'] . '<br/>
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'"><span class="next">«Скрыть</span></a>';
} else {
$i_th['firstpost'] = $i_th['firstpost'];
}
// шапка
echo $div_left . $div_title . $i_th['name'] . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a> |
<a href="index.php?do=razdel&r='.$i_rzd['id'].'">' . $i_rzd['name'] . '</a> |
<a href="index.php?do=pod&r='.$i_rzd['id'].'&p='.$i_pdf['id'].'">' . $i_pdf['name'] . '</a>
' . $div_end . $div_razdel . $ed . $div_end . '
<b>' . $i_th['name'] . '</b>
' . $block . smiles(bb_code($i_th['firstpost'])) . '<br/>
' . date('d-m-Y H:i', $i_th['date']) . $block . us($i_th['author']) . $block . $redact;
$_num_z = mysql_result(mysql_query("SELECT COUNT(*) FROM `fav` WHERE `sec` = '5' AND `uid` = '$t'"), 0);
echo '<img src="../ico/fav.gif" alt="*"/> <a href="../fav.php?do=add&cat=5&t='.$t.'">Добавить в закладки</a><br/>
В закладках у: <a href="../fav.php?do=view_forum&u='.$t.'">(' . $_num_z . ')</a> чел<br/>';
// удаление голосования
if (isset($_GET['delvote'])) {
if ($i_th['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '',
`var1` = '',
`var2` = '',
`var3` = '',
`var4` = ''
WHERE `id` = '$t' LIMIT 1");
mysql_query("DELETE FROM `f_votes` WHERE `them` = '$t'");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
}
}
// голосовал ли пользователь?
$ResVote = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_votes` WHERE `them` = '$t' AND `user` = '$user[id]'"), 0);
// определения кол-во голосующих
function NumVote($variant, $tema = NULL) {
$CountVote = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_votes` WHERE `var` = '$variant' AND `them` = '$tema'"), 0);
return $CountVote;
}
//---------------------------------------- Голосование ----------------------------------------//
if (isset($_GET['var'])) {
$var = my_int($_GET['var']);
if ($var < 1 || $var > 4) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
} elseif ($ResVote != false) {
err('Вы уже голосовали в этой теме!');
} else {
mysql_query("INSERT INTO `f_votes` SET `user` = '$user[id]', `them` = '$t', `var` = '$var'");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
}
}
if (!isset($_GET['results']) && !empty($i_th['quest']) && $ResVote == 0) {
// если еще не голосовал
echo $div_menu . '<b>' . $i_th['quest'] . '</b>' . $div_end . $div_razdel . '
1. <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&var=1">' . $i_th['var1'] . '</a>' . $block . '
2. <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&var=2">' . $i_th['var2'] . '</a>' . $block;
if (!empty($i_th['var3'])) echo '3. <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&var=3">' . $i_th['var3'] . '</a>' . $block;
if (!empty($i_th['var4'])) echo '4. <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&var=4">' . $i_th['var4'] . '</a>' . $block;
echo '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&results">Результаты</a>' . $div_end;
//////////////////////
} elseif (isset($_GET['results']) || !empty($i_th['quest']) && $ResVote != 0) {
//////////////////////
// если уже голосовал или нажал на "результаты"
#################################
// вычисление процентов
if (!empty($i_th['var3']) && empty($i_th['var4'])) {
$common = NumVote(1, $t) + NumVote(2, $t) + NumVote(3, $t);
}
elseif (!empty($i_th['var3']) && !empty($i_th['var4'])) {
$common = NumVote(1, $t) + NumVote(2, $t) + NumVote(3, $t) + NumVote(4, $t);
}
else {
$common = NumVote(1, $t) + NumVote(2, $t);
}
$prec_1 = @round(NumVote(1, $t) * 100 / $common);
$prec_2 = @round(NumVote(2, $t) * 100 / $common);
$prec_3 = @round(NumVote(3, $t) * 100 / $common);
$prec_4 = @round(NumVote(4, $t) * 100 / $common);
#################################
$colour_1 = ($prec_1 >= 50) ? '<div class="variant leader">' : '<div class="variant">';
$colour_2 = ($prec_2 >= 50) ? '<div class="variant leader">' : '<div class="variant">';
$colour_3 = ($prec_3 >= 50) ? '<div class="variant leader">' : '<div class="variant">';
$colour_4 = ($prec_4 >= 50) ? '<div class="variant leader">' : '<div class="variant">';
echo $div_menu . '<b>' . $i_th['quest'] . '</b>' . $div_end . $colour_1 . '
<span>' . $i_th['var1'] . '</span>
<span class="small percentage">' . $prec_1 . '% (' . NumVote(1, $t) . ')</span>
<div class="progress" style="width: ' . $prec_1 . '%; min-width: 5px"></div>
' . $div_end . $block . $colour_2 . '
<span>' . $i_th['var2'] . '</span>
<span class="small percentage">' . $prec_2 . '% (' . NumVote(2, $t) . ')</span>
<div class="progress" style="width: ' . $prec_2 . '%; min-width: 5px"></div>
' . $div_end . $block;
if (!empty($i_th['var3'])) echo $colour_3 . '<span>' . $i_th['var3'] . '</span>
<span class="small percentage">' . $prec_3 . '% (' . NumVote(3, $t) . ')</span>
<div class="progress" style="width: ' . $prec_3 . '%; min-width: 5px"></div>
' . $div_end . $block;
if (!empty($i_th['var4'])) echo $colour_4 . '<span>' . $i_th['var4'] . '</span>
<span class="small percentage">' . $prec_4 . '% (' . NumVote(4, $t) . ')</span>
<div class="progress" style="width: ' . $prec_4 . '%; min-width: 5px"></div>
' . $div_end . $block;
if ($ResVote == 0) echo '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">Голосовать</a><br/>';
}
//---------------------------------------- Голосование ----------------------------------------//
if (isset($_GET['order']) && $_GET['order'] == 1) {
$sort = '<b>вверху</b> | <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&order=2">внизу</a>';
$ord = 'DESC';
} elseif (isset($_GET['order']) && $_GET['order'] == 2) {
$sort = '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&order=1">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
} else {
$sort = '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&order=1">вверху</a> | <b>внизу</b>';
$ord = 'ASC';
}
echo $div_menu . 'Новые: ' . $sort . $div_end;
// запись сообщения
if (isset($_POST['add'])) {
if (empty($_SESSION['us'])) {
header('Location: /reg.php?' . $ref);
die();
}
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
if (empty($msg)) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
} else {
if ($_POST['up'] == 1) {
echo 'Сообщение: ' . $msg . '<br/>
<FORM ENCTYPE="multipart/form-data" action="index.php?do=them" method="POST">
<label>Файл:</label><br/>
<input name="object" type="file"/>
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="act" value="1"/>
<input type="hidden" name="msg" value="' . str_replace('<br />', "n", $msg) . '"/>
<input type="submit" name="add" value="Прикрепить"/>
</FORM>';
include '../foot.php';
exit();
}
if ($_POST['act'] == 1) {
$FileName = $_FILES['object']['name'];
// если тема закрыта
if ($i_th['close'] == 1) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
die();
}
$GetExt = array('bmp',
'gif',
'jpeg',
'jpg',
'png',
'wav',
'amr',
'mp3',
'mp3',
'mid',
'3gp',
'jad',
'jar',
'mp4',
'pdf',
'swf',
'sis',
'thm',
'txt',
'zip',
'rar');
$ext = strtolower(end(explode('.', $_FILES['object']['name'])));
if (empty($FileName)) $err .= 'Не выбран файл!';
elseif (!preg_match('#([a-z0-9-_]{1,32})#i', $FileName)) $err .= 'Не правильное имя файла!';
elseif ($_FILES['object']['size'] > 1024 * 2 * 1024) $err .= 'Размер файла не более 2 Мб.';
elseif (preg_match('/(.php|.pl|.htaccess)/i', $FileName) || !in_array(strtolower($ext), $GetExt)) $err .= 'Запрещенный формат файла!';
if (!empty($err)) {
err($err);
} else {
$name = $site . '_' . time() . '.' . $ext;
if ($ext == 'jpg'
|| $ext == 'jpeg'
|| $ext == 'bmp'
|| $ext == 'png')
{
$imgc = @imagecreatefromstring(file_get_contents($_FILES['object']['tmp_name']));
$imgc = img_copyright($imgc); // наложение копирайта
$foto = 'upload/' . $name;
imagejpeg($imgc, $foto, 90);
} else {
copy($_FILES['object']['tmp_name'], 'upload/' . $name);
}
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
// запись в базу
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$i_pdf[id]',
`user` = '$user[id]',
`msg` = '$msg',
`path` = '$name',
`time` = '" . time() . "'");
// запись + 1 пост
mysql_query("UPDATE `users` SET `forum_post` = `forum_post` + '1' WHERE `id` = '$user[id]' LIMIT 1");
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
// Лента
if (user_inf($i_th['author'], 'comm_forum') == 1 && $user['id'] != $i_th['author']) {
$message = us($user['id']) . ' оставил сообщение в Вашей <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">теме</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$i_th[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
$lst = mysql_fetch_assoc(mysql_query("SELECT `user` FROM `f_message` WHERE
`podforum` = '$i_th[rid]'
AND
`tid` = '$i_th[id]'
ORDER BY `id` DESC LIMIT 1"));
if (user_inf($lst['user'], 'comm_forum') == 1 && $user['id'] != $lst['user'] && !isset($_POST['adr'])) {
$message2 = 'В теме <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">'.$i_th['name'].'</a> оставили сообщение.';
mysql_query("INSERT INTO `lenta` SET
`user` = '$lst[user]',
`text` = '$message2',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
} else {
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
// если тема закрыта
if ($i_th['close'] == 1) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
die();
}
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
// Оповещание последнему постеру
$lst = mysql_fetch_assoc(mysql_query("SELECT * FROM `f_message` WHERE
`podforum` = '$i_th[rid]'
AND
`tid` = '$i_th[id]'
ORDER BY `id` DESC LIMIT 1"));
if ($lst['user'] != $i_th['author'] && user_inf($lst['user'], 'comm_forum') == 1 && $user['id'] != $lst['user']) {
// Подфорум...
$lst2 = mysql_fetch_assoc(mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$i_th[rid]' LIMIT 1"));
// Раздел...
$lst3 = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `f_razdel` WHERE `id` = '$lst2[pid]' LIMIT 1"));
// Отправка...
$message2 = 'В теме <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">'.$i_th['name'].'</a> (' . $lst3['name'] . '/' . $lst2['name'] . ') оставили сообщение.';
mysql_query("INSERT INTO `lenta` SET
`user` = '$lst[user]',
`text` = '$message2',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
// добавление к предыдущему сообщению
if ($lst['user'] == $user['id']) {
if (time() - 86400 < $lst['time']) $GM = gmdate('через i:s сек.', (time() - $lst['time']));
else $GM = date('d-m-Y G:i', $lst['time']);
$lmsg = $lst['msg'] . '<br/>[i][small]Добавлено ' . $GM . ' [/small][/i]<br/>' . $msg;
mysql_query("UPDATE `f_message` SET `msg` = '$lmsg' WHERE `id` = '$lst[id]' LIMIT 1");
} else {
// запись в базу
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$i_pdf[id]',
`user` = '$user[id]',
`msg` = '$msg',
`time` = '" . time() . "'");
}
// запись + 1 пост
mysql_query("UPDATE `users` SET `forum_post` = `forum_post` + '1' WHERE `id` = '$user[id]' LIMIT 1");
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
if (user_inf(my_int($_POST['adr']), 'comm_forum') == 1 && $user['id'] != my_int($_POST['adr'])) {
$message = us($user['id']) . ' ответил на Ваш комментарий в <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">теме</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . my_int($_POST['adr']) . "',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
// Лента
elseif (user_inf($i_th['author'], 'comm_forum') == 1 && $user['id'] != $i_th['author']) {
$message = us($user['id']) . ' оставил сообщение в Вашей <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">теме</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$i_th[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
}
}
###############################
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `groups_forum_m` WHERE `uid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
// удаление поста
if (isset($_GET['d'])) {
if ($user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
die();
}
if ($i_th['close'] == 1) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
die();
}
$d = my_int($_GET['d']);
$pst = mysql_query("SELECT * FROM `f_message` WHERE `id` = '$d' LIMIT 1");
if (mysql_num_rows($pst) == FALSE) {
err('Ошибка!');
} else {
$i = mysql_fetch_assoc($pst);
// удаление файла из поста
if (file_exists('upload/' . $i['path'])) unlink('upload/' . $i['path']);
mysql_query("DELETE FROM `f_message` WHERE `id` = '$d' LIMIT 1");
mysql_query("UPDATE `users` SET `forum_post` = `forum_post` - '1' WHERE `id` = '$i[user]' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
}
// удаление файла
if (isset($_GET['df'])) {
if ($user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t='.$t);
die();
}
if ($i_th['close'] == 1) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
die();
}
$df = my_int($_GET['df']);
$em = mysql_query("SELECT * FROM `f_message` WHERE `id` = '$df' LIMIT 1");
if (mysql_num_rows($em) != FALSE) {
$i = mysql_fetch_assoc($em);
if (file_exists('upload/' . $i['path'])) unlink('upload/' . $i['path']);
mysql_query("UPDATE `f_message` SET `path` = '' WHERE `id` = '$df' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t='.$t);
} else {
err('Ошибка!');
}
}
// список тем
if ($mes != FALSE) {
$n = new navigator($mes, 10, '?do=them&r='.$r.'&p='.$p.'&t='.$t.'&');
$look = mysql_query("SELECT `f_message`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = '$t') AS c
FROM `f_message` WHERE `f_message`.`tid` = '$t' ORDER BY `f_message`.`id` $ord {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
$fpost = ($a['user'] == $user['id'])
? '<span style="color:#0080a0;">(' . $user['forum_post'] . ')</span>'
: '<span style="color:#0080a0;">(' . user_inf($a['user'], 'forum_post') . ')</span>';
######################################
if ($a['user'] != 0 && $i_th['close'] == 0 && !empty($_SESSION['us'])) $_ank = ' ' . $fpost . ' <a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.$st.'&k='.$a['user'].'&#down">[*]</a>';
######################################
//---------------------------//
if ($a['user'] == 0 && $user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
$upr = '<br/><a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&d='.$a['id'].'">[уд]</a>';
//---------------------------//
}
elseif ($a['user'] != 0 && $user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
$upr = '<br/><a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&d='.$a['id'].'">[уд]</a>
<a href="index.php?do=izm&r='.$r.'&p='.$p.'&t='.$t.'&e='.$a['id'].'">[изм]</a>
<a href="index.php?do=cit&r='.$r.'&p='.$p.'&t='.$t.'&c='.$a['id'].'">[цит]</a>';
//---------------------------//
} elseif ($a['user'] != 0 && $user['level'] < 3 && $a['user'] != $user['id'] && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
$upr = '<br/><a href="index.php?do=cit&r='.$r.'&p='.$p.'&t='.$t.'&c='.$a['id'].'">[цит]</a>';
//---------------------------//
} elseif ($a['user'] != 0 && $user['level'] < 3 && $a['user'] == $user['id'] && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
$upr = '<br/><a href="index.php?do=izm&r='.$r.'&p='.$p.'&t='.$t.'&e='.$a['id'].'">[изм]</a>
<a href="index.php?do=cit&r='.$r.'&p='.$p.'&t='.$t.'&c='.$a['id'].'">[цит]</a>';
//---------------------------//
} elseif ($a['user'] != 0 && $user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 1 && !empty($_SESSION['us'])) {
$upr = '<br/>[уд][изм][цит]';
//---------------------------//
} elseif ($user['level'] < 3 && $i_th['close'] == 1 && !empty($_SESSION['us'])) {
$upr = '';
}
//---------------------------//
if (!empty($a['path'])) {
$Size = filesize('upload/'.$a['path']);
$Size = get_size($Size);
}
$_path = (!empty($a['path']))
? '<br/><span style="color: #0080A0;">Файл:</span>
<a href="upload/'.$a['path'].'">' .$a['path'] . '</a>
<span style="color: #0080A0;">(' . $Size . ')</span>'
: '';
$d_file = ($user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 0 && !empty($a['path']))
? '<br/><a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'&df='.$a['id'].'">[Удалить файл]</a>'
: '';
// подсветка кода
$_edt = (!empty($a['whoedit']))
?
'<br/><small><span style="color: #999999;">Изменено: ' . user_inf($a['whoedit'], 'user') . '</span></small>'
:
'';
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
$nosys = ($a['user'] == 0) ? '<span style="color: #FF0000;">[Система]</span>' : '<a href="/'.$a['user'].'">' . us($a['user']);
echo $nosys . $_ank . '</a><br/>' . date('d.m.y H:i', $a['time']) . $upr . '<br/>' . smiles(bb_code($a['msg'])) . $_path . $d_file . $_edt . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Сообщений в этой теме нет.<br/>';
}
// ответ на пост
if ($i_th['close'] == 0) {
if (isset($_GET['k']) && user_inf($_GET['k'])) {
$k = my_int($_GET['k']);
$komu = htmlspecialchars('[b]' . user_inf($k, 'user') . '[/b], ');
}
echo '<a name="down"></a>
<FORM method="POST" action="index.php?do=them">
<label>Сообщение:</label>
<br/>
<textarea name="msg" cols="50" rows="5" style="width: 99%;">' . $komu . $cit_post . '</textarea>
<br/>
<input type="checkbox" name="up" value="1"/> Прикрепить файл<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="adr" value="' . my_int($k) . '"/>
<input type="submit" name="add" value="Написать"/>
</FORM>';
} else {
echo $div_aut . 'Тема закрыта! ' . cvetnik($i_th['whoclose']) . $div_end;
}
echo '<a href="index.php?do=pod&p='.$p.'&r='.$r.'">Назад</a>';
echo $div_end;
break;
/*
* Голосование
*/
case vote:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$sql = mysql_query("SELECT `author` FROM `f_them` WHERE `id` = '$x' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
} elseif (!empty($inf['vote'])) {
err('Голосование уже создано!');
} else {
if (isset($_POST['create'])) {
$quest = trim(mysql_real_escape_string(check($_POST['quest'])));
$var1 = trim(mysql_real_escape_string(check($_POST['var1'])));
$var2 = trim(mysql_real_escape_string(check($_POST['var2'])));
$var3 = trim(mysql_real_escape_string(check($_POST['var3'])));
$var4 = trim(mysql_real_escape_string(check($_POST['var4'])));
if (empty($quest)) {
err('Вопрос не может быть пустым!');
} elseif (empty($var1) && empty($var2)) {
err('Должно быть хотя бы 2 первых варианта!');
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '$quest',
`var1` = '$var1',
`var2` = '$var2',
`var3` = '$var3',
`var4` = '$var4'
WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
}
echo $div_title . 'Добавить голосование' . $div_end;
echo $div_left. '<FORM method="POST" action="index.php?do=vote&r='.$r.'&p='.$p.'&x='.$x.'">
<label>Вопрос</label>:<br/>
<textarea name="quest" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<label>Вопрос #1</label>:<br/>
<input type="text" name="var1"/>
<br/>
<label>Вопрос #2</label>:<br/>
<input type="text" name="var2"/>
<br/>
<label>Вопрос #3</label>: (необязательно)<br/>
<input type="text" name="var3"/>
<br/>
<label>Вопрос #4</label>:(необязательно)<br/>
<input type="text" name="var4"/>
<br/>
<input type="submit" name="create" value="Добавить"/>
</FORM>';
}
echo '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$x.'">Назад</a>' . $div_end;
break;
/*
* Изменение голосования
*/
case edit_vote:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
$sql = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$x' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
if (empty($inf['quest'])) {
err('Голосование еще не создано чтобы его редактировать!');
include '../foot.php';
exit();
}
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
} else {
if (isset($_POST['create'])) {
$quest = trim(mysql_real_escape_string(check($_POST['quest'])));
$var1 = trim(mysql_real_escape_string(check($_POST['var1'])));
$var2 = trim(mysql_real_escape_string(check($_POST['var2'])));
$var3 = trim(mysql_real_escape_string(check($_POST['var3'])));
$var4 = trim(mysql_real_escape_string(check($_POST['var4'])));
if (empty($quest)) {
err('Вопрос не может быть пустым!');
} elseif (empty($var1) && empty($var2)) {
err('Должно быть хотя бы 2 первых варианта!');
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '$quest',
`var1` = '$var1',
`var2` = '$var2',
`var3` = '$var3',
`var4` = '$var4'
WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
}
echo $div_title . 'Добавить голосование' . $div_end;
echo $div_left. '<FORM method="POST" action="index.php?do=vote&r='.$r.'&p='.$p.'&x='.$x.'">
<label>Вопрос</label>:<br/>
<textarea name="quest" cols="50" rows="5" style="width: 99%;">' . $inf['quest'] . '</textarea>
<br/>
<label>Вопрос #1</label>:<br/>
<input type="text" name="var1" value="' . $inf['var'] . '"/>
<br/>
<label>Вопрос #2</label>:<br/>
<input type="text" name="var2" value="' . $inf['var2'] . '"/>
<br/>
<label>Вопрос #3</label>: (необязательно)<br/>
<input type="text" name="var3" value="' . $inf['var3'] . '"/>
<br/>
<label>Вопрос #4</label>:(необязательно)<br/>
<input type="text" name="var4" value="' . $inf['var4'] . '"/>
<br/>
<input type="submit" name="create" value="Добавить"/>
</FORM>';
}
echo '<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$x.'">Назад</a>' . $div_end;
break;
/*
* Цитирование
*/
case cit:
if (empty($_SESSION['us'])) {
header('Location: /reg.php?');
die();
}
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_2 = mysql_query("SELECT id, name FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id, name FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$t = my_int($_REQUEST['t']);
$c = my_int($_GET['c']);
$em = mysql_query("SELECT msg, user FROM `f_message` WHERE `id` = '$c' AND `tid` = '$t' LIMIT 1");
$emt = mysql_query("SELECT close FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$i = mysql_fetch_assoc($em);
$ii = mysql_fetch_assoc($emt);
if ($i['user'] == 0 && !isset($_POST['ok'])) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
die();
}
if ($ii['close'] == 1) {
err('Тема закрыта!');
include '../foot.php';
exit();
}
if (mysql_num_rows($em) == FALSE && mysql_num_rows($emt) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (isset($_POST['ok'])) {
$date = date('d.m.y H:i');
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
$m = mysql_fetch_array(mysql_query("SELECT `user`, `msg`
FROM `f_message`
WHERE
`id` = '" . my_int($_POST['c']) . "'
AND
`tid` = '" . my_int($_POST['t']) . "'
LIMIT 1"));
// урезаем див цитаты
if (preg_match('/<div class="quote">(.*?)</div>/si', $m[1], $rep)) {
$m[1] = str_replace($rep[0], '', $m[1]);
}
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
if (!empty($msg)) {
// Лента
if (user_inf($m['user'], 'comm_forum') == 1 && $user['id'] != $m['user']) {
$message = us($user['id']) . ' ответил на Ваш комментарий в <a href="forum/index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">теме</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$m[user]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
$mess = '<div class="quote">' . user_inf($m[0], 'user') . ': ' . $m[1] . '</div>' . $msg;
mysql_query("INSERT INTO `f_message` SET `tid` = '$t', `podforum` = '$p', `user` = '$user[id]', `msg` = '$mess', `time` = '" . time() . "'");
// запись + 1 пост
mysql_query("UPDATE `users` SET `forum_post` = `forum_post` + '1' WHERE `id` = '$user[id]' LIMIT 1");
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
###############################
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
else
{
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
}
// урезаем див цитаты
if (preg_match('/<div class="quote">(.*?)</div>/si', $i['msg'], $rep)) {
$i['msg'] = str_replace($rep[0], '', $i['msg']);
}
$i_rzd = mysql_fetch_assoc($empty_3);
$i_pdf = mysql_fetch_assoc($empty_2);
echo $div_left . $div_title . 'Цитирование' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a> |
<a href="index.php?do=razdel&r='.$i_rzd['id'].'">' . $i_rzd['name'] . '</a> |
<a href="index.php?do=pod&r='.$i_rzd['id'].'&p='.$i_pdf['id'].'">' . $i_pdf['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>
' . $div_end . '
<FORM method="POST" action="index.php?do=cit">
<div class="quote">' . user_inf($i['user'], 'user') . ': ' . bb_code($i['msg']) . '</div>
<textarea name="msg" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="c" value="' . $c . '"/>
<input type="submit" name="ok" value="Цитировать"/>
</FORM>
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">Назад</a>
' . $div_end;
break;
/*
* Изменение поста
*/
case izm:
if (empty($_SESSION['us'])) {
header('Location: /reg.php?');
die();
}
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$t = my_int($_REQUEST['t']);
$e = my_int($_GET['e']);
$em = mysql_query("SELECT * FROM `f_message` WHERE `id` = '$e' AND `tid` = '$t' LIMIT 1");
$emt = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$i = mysql_fetch_assoc($em);
$ii = mysql_fetch_assoc($emt);
if ($i['user'] != $user['id'] && $user['level'] < 3 && !isset($_POST['ok'])) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t);
die();
}
if ($ii['close'] == 1) {
err('Тема закрыта!');
include '../foot.php';
exit();
}
if (isset($_POST['ok'])) {
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value)
{
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg))
{
$msg = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
$_em = mysql_query("SELECT * FROM `f_message` WHERE `id` = '".my_int($_POST['e'])."' AND `tid` = '".my_int($_POST['t'])."' LIMIT 1");
$_i = mysql_fetch_assoc($_em);
###############################
$num_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_message` SET `msg` = '$msg', `whoedit` = '$user[id]' WHERE `id` = '".my_int($_POST['e'])."' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $t . $st);
}
if (mysql_num_rows($em) != FALSE && mysql_num_rows($emt) != FALSE) {
$i_rzd = mysql_fetch_assoc($empty_3);
$i_pdf = mysql_fetch_assoc($empty_2);
echo $div_left . $div_title . 'Редактирование' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a> |
<a href="index.php?do=razdel&r='.$i_rzd['id'].'">' . $i_rzd['name'] . '</a> |
<a href="index.php?do=pod&r='.$i_rzd['id'].'&p='.$i_pdf['id'].'">' . $i_pdf['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>
' . $div_end . '
<FORM method="POST" action="index.php?do=izm">
<textarea name="msg" cols="50" rows="5" style="width: 99%;">' . back_bb($i['msg']) . '</textarea>
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="e" value="' . $e . '"/>
<input type="submit" name="ok" value="Изменить"/>
</FORM>
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$t.'">Назад</a>' . $div_end;
} else {
err('Ошибка!');
}
break;
/*
* Новая тема
*/
case add_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (empty($_SESSION['us'])) {
header('Location: /reg.php?');
exit();
}
if (rat($user['id']) < 100) {
err('Для создания новой темы, Вам необходимо минимум 100% рейтинга!');
include '../foot.php';
exit();
}
$inf_1 = mysql_fetch_assoc($empty_2);
$inf_2 = mysql_fetch_assoc($empty_3);
echo $div_left . $div_title . 'Новая тема' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a> |
<a href="index.php?do=razdel&r='.$inf_1['id'].'">' . $inf_1['name'] . '</a> |
<a href="index.php?do=pod&r='.$inf_1['id'].'&p='.$inf_2['id'].'">' . $inf_2['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$t = my_int($_REQUEST['t']);
if (isset($_POST['ok'])) {
$title = trim(mysql_real_escape_string(check($_POST['title'])));
$content = trim(mysql_real_escape_string(check($_POST['content'])));
$pr = mysql_query("SELECT COUNT(*) FROM `f_them` WHERE `name` = '$title' AND `rid` = '$t' LIMIT 1");
if (empty($title)) {
err('Не заполнен заголовок!');
} elseif (empty($content)) {
err('Не заполнено содержание!');
} elseif (mysql_result($pr, 0) != 0) {
err('Такая тема уже существует в этом разделе!');
} else {
mysql_query("INSERT INTO `f_them` SET
`rid` = '$p',
`razdel_id` = '$r',
`name` = '$title',
`author` = '$user[id]',
`date` = '" . time() . "',
`firstpost` = '$content'");
$lid = mysql_insert_id();
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $lid);
}
}
echo '<FORM method="POST" action="index.php?do=add_them">
<label>Заголовок:</label><br/>
<input type="text" name="title"/><br/>
<label>Содержание:</label><br/>
<textarea name="content" cols="50" rows="5" style="width: 99%;"></textarea>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<br/>
<input type="submit" name="ok" value="Создать"/>
</FORM>';
echo $div_end;
break;
/*
* Удаление темы
*/
case del_them:
$p = my_int($_GET['p']);
$r = my_int($_GET['r']);
$x = my_int($_GET['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$sql = mysql_query("SELECT `id` FROM `f_them` WHERE `id` = '$x' LIMIT 1");
// информация о разделе
$i_p = mysql_fetch_assoc($empty_2);
if ($user['level'] < 3) {
header('Location: index.php?do=razdel&t=' . $x);
die();
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
$msgs = mysql_query("SELECT * FROM `f_message` WHERE `tid` = '$x'");
while($p = mysql_fetch_assoc($msgs)) {
if (file_exists('upload/' . $p['path'])) unlink('upload/' . $p['path']);
}
mysql_query("DELETE FROM `f_message` WHERE `tid` = '$x'");
mysql_query("DELETE FROM `f_them` WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=razdel&r=' . $i_p['pid']);
}
break;
/*
* Перемещение темы
*/
case move_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
echo $div_title . 'Перемещение темы' . $div_end . $div_left;
$sql = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$x' LIMIT 1");
// информация о теме
$inf = mysql_fetch_assoc($sql);
// информация о подфоруме
$i_p = mysql_fetch_assoc($empty_2);
if ($user['level'] < 3) {
header('Location: index.php?do=razdel&t=' . $inf['rid']);
die();
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
// Перемещение
if (isset($_POST['go_move'])) {
$razdel = my_int($_POST['razdel']);
$podforum = my_int($_POST['podforum']);
$no_r = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$razdel' LIMIT 1");
$no_p = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$podforum' LIMIT 1");
$info_pod = mysql_fetch_assoc($no_p);
if (mysql_num_rows($no_r) == FALSE) {
err('Ошибка при выборе раздела!');
} elseif (mysql_num_rows($no_p) == FALSE) {
err('Ошибка при выборе подфорума!');
} else {
// Перемещаем саму тему
mysql_query("UPDATE `f_them` SET
`rid` = '$podforum',
`razdel_id` = '$razdel'
WHERE `id` = '$x' LIMIT 1");
// сообщение системы
if ($user['level'] == 3) $mylev = 'Модератор форума';
elseif ($user['level'] == 4) $mylev = 'Помощник Администратора';
elseif ($user['level'] == 5) $mylev = 'Администратор';
$systxt = 'Тему переместил ' . $mylev . ' ' . $user['user'] . ' из раздела ' . $i_p['name'] . ' в раздел ' . $info_pod['name'];
mysql_query("INSERT INTO `f_message` SET
`tid` = '$x',
`podforum` = '$podforum',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
// Перемещаем сообщения из темы
$in_them = mysql_query("SELECT `id`, `rid` FROM `f_them` WHERE `rid` = '$podforum' AND `razdel_id` = '$razdel' LIMIT 1");
while($isin = mysql_fetch_assoc($in_them)) {
mysql_query("UPDATE `f_message` SET `podforum` = '$isin[rid]' WHERE `tid` = '$isin[id]'");
}
// Редирект в перемещенную тему
header('Location: index.php?do=them&r='.$razdel.'&p='.$podforum.'&t=' . $x);
}
}
// Если уже выбран раздел
if (isset($_POST['move'])) {
$razdel = my_int($_POST['razdel']);
$no_r = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$razdel' LIMIT 1");
if (mysql_num_rows($no_r) == FALSE) {
err('Выбран неверный раздел!');
} else {
$Sql_2 = mysql_query("SELECT `id`, `name` FROM `f_pod` WHERE `pid` = '$razdel'");
if (mysql_num_rows($Sql_2) != FALSE) {
echo 'В какой подфорум:<br/>
<FORM method="POST" action="index.php?do=move_them">
<select name="podforum">';
//////////////////////////////
while($scan = mysql_fetch_assoc($Sql_2)) {
echo '<option value="'.$scan['id'].'">' . $scan['name'] . '</option>';
}
echo '</select>
<br/>
<input type="hidden" name="p" value="'.$p.'"/>
<input type="hidden" name="r" value="'.$r.'"/>
<input type="hidden" name="x" value="'.$x.'"/>
<input type="hidden" name="razdel" value="'.$razdel.'"/>
<input type="submit" name="go_move" value="Перенести"/>
</FORM>
' . $block . '
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$x.'">Назад</a>';
//////////////////////////////
} else {
echo 'В этом разделе нет подфорумов!<br/>';
}
}
// Если уже выбран подфорум
} elseif (!isset($_POST['move'])) {
echo 'В какой раздел:<br/>';
$Sql_1 = mysql_query("SELECT `id`, `name` FROM `f_razdel`");
echo '<FORM method="POST" action="index.php?do=move_them">
<select name="razdel">';
//////////////////////////////
if (mysql_num_rows($Sql_1) != FALSE) {
while($_a = mysql_fetch_assoc($Sql_1)) {
echo '<option value="'.$_a['id'].'">' . $_a['name'] . '</option>';
}
//////////////////////////////
echo '</select>
<br/>
<input type="hidden" name="p" value="'.$p.'"/>
<input type="hidden" name="r" value="'.$r.'"/>
<input type="hidden" name="x" value="'.$x.'"/>
<input type="submit" name="move" value="Выбрать"/>
</FORM>
' . $block . '
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$x.'">Назад</a>';
}
} else {
echo 'Разделов не найдено!<br/>';
}
echo $div_end;
}
break;
/*
* Изменение темы
*/
case edit_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$sql = mysql_query("SELECT `name`, `firstpost`, `author` FROM `f_them` WHERE `id` = '$x' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
}
echo $div_left . $div_title . $inf['name'] . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
if (isset($_POST['ok'])) {
$ed = trim(mysql_real_escape_string(check($_POST['ed'])));
$fp = trim(mysql_real_escape_string(check($_POST['fp'])));
if (empty($ed)) {
err('Не заполнен заголовок темы!');
} elseif (empty($fp)) {
err('Не заполнено содержание темы!');
} else {
mysql_query("UPDATE `f_them` SET `name` = '$ed', `firstpost` = '$fp', `whoedit` = '$user[id]' WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
echo '<FORM method="POST" action="index.php?do=edit_them">
<label>Заголовок:</label><br/>
<input type="text" name="ed" value="' . $inf['name'] . '"/>
<br/>
<label>Содержание:</label><br/>
<textarea name="fp" cols="50" rows="5" style="width: 99%;">' . back_bb($inf['firstpost']) . '</textarea>
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="x" value="' . $x . '"/>
<input type="submit" name="ok" value="Изменить"/>
</FORM>
<a href="index.php?do=them&r='.$r.'&p='.$p.'&t='.$x.'">Назад</a>';
}
echo $div_end;
break;
/*
* Закрытие темы
*/
case close_them:
$p = my_int($_GET['p']);
$r = my_int($_GET['r']);
$x = my_int($_GET['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$sql = mysql_query("SELECT `author` FROM `f_them` WHERE `id` = '$x' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
} else {
mysql_query("UPDATE `f_them` SET `close` = '1', `whoclose` = '$user[id]' WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
break;
/*
* Открытие темы
*/
case open_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
$sql = mysql_query("SELECT `author` FROM `f_them` WHERE `id` = '$x' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
} else {
mysql_query("UPDATE `f_them` SET `close` = '0', `whoclose` = '' WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
break;
/*
* Закрепление темы
*/
case fix_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
if ($user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
} else {
// сообщение системы
if ($user['level'] == 3) $mylev = 'Модератор форума';
elseif ($user['level'] == 4) $mylev = 'Помощник Администратора';
elseif ($user['level'] == 5) $mylev = 'Администратор';
$systxt = 'Тему закрепил ' . $mylev . ' ' . $user['user'];
mysql_query("INSERT INTO `f_message` SET
`tid` = '$x',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
mysql_query("UPDATE `f_them` SET `fix` = '1' WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
break;
/*
* Открепление темы
*/
case detach_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$x = my_int($_REQUEST['x']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$x')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подфорума не существует!');
include '../foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../foot.php';
exit();
}
if ($user['level'] < 3) {
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
die();
} else {
// сообщение системы
if ($user['level'] == 3) $mylev = 'Модератор форума';
elseif ($user['level'] == 4) $mylev = 'Помощник Администратора';
elseif ($user['level'] == 5) $mylev = 'Администратор';
$systxt = 'Тему открепил ' . $mylev . ' ' . $user['user'];
mysql_query("INSERT INTO `f_message` SET
`tid` = '$x',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
mysql_query("UPDATE `f_them` SET `fix` = '0' WHERE `id` = '$x' LIMIT 1");
header('Location: index.php?do=them&r='.$r.'&p='.$p.'&t=' . $x);
}
break;
/*
* Поиск
*/
case search:
echo $div_left . $div_title . 'Поиск' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<b>Поиск</b></a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
unset($_SESSION['s']);
unset($_SESSION['where']);
echo '<FORM method="POST" action="index.php?do=search_result">
<label>Часть текста:</label><br/>
<input type="text" name="s"/>
<br/>
<label>Искать в:</label><br/>
<input type="radio" name="where" checked="checked" value="1"/> темах
<br/>
<input type="radio" name="where" value="2"/> сообщениях
<br/>
<input type="submit" name="ok" value="Найти"/>
</FORM>';
echo $div_end;
break;
case search_result:
echo $div_left . $div_title . 'Поиск' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<b>Поиск</b></a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
if (isset($_SESSION['s'])) $s = trim(mysql_real_escape_string(check($_SESSION['s'])));
if (isset($_POST['s'])) $s = trim(mysql_real_escape_string(check($_POST['s'])));
$s = addcslashes($s, '_%');
if (isset($_SESSION['where'])) $where = my_int($_SESSION['where']);
if (isset($_POST['where'])) $where = my_int($_POST['where']);
$_SESSION['s'] = $s;
$_SESSION['where'] = $where;
if (empty($s)) {
err('Не введен поисковой запрос!');
} else {
// поиск в темах
if ($where == 1) {
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_them` WHERE `name` LIKE '%$s%'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=search_result&');
$_sr = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` WHERE `f_them`.`name` LIKE '%$s%' ORDER BY `f_them`.`id` DESC {$n->limit}");
$dv = 0;
echo $block . '<b>Результаты:</b> ' . $_res . $block;
while($a = mysql_fetch_assoc($_sr)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'&page='.$pg.'"><b>»»</b></a>';
} else {
$st = '';
}
###############################
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="index.php?do=them&r='.$a['t'].'&p='.$a['rid'].'&t='.$a['id'].'">' . $a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
err('По запросу ' . $s . ' ничего не найдено!');
}
// поиск в сообщениях
} elseif ($where == 2) {
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_message` WHERE `msg` LIKE '%$s%'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=search_result&');
$_sr = mysql_query("SELECT `f_message`.*,
(SELECT `name` FROM `f_them` WHERE `f_them`.`rid` = `f_message`.`podforum` LIMIT 1) AS c,
(SELECT `razdel_id` FROM `f_them` WHERE `f_them`.`rid` = `f_message`.`podforum` LIMIT 1) AS a,
(SELECT `id` FROM `f_them` WHERE `f_them`.`rid` = `f_message`.`podforum` LIMIT 1) AS t
FROM `f_message` WHERE `f_message`.`msg` LIKE '%$s%' ORDER BY `f_message`.`id` DESC {$n->limit}");
$dv = 0;
echo $block . '<b>Результаты:</b> ' . $_res . $block;
while($a = mysql_fetch_assoc($_sr)) {
$a['msg'] = bb_code($a['msg']);
$new_string = preg_replace('/('.$s.')/siu','<b style="color:#FF0000">\1</b>', $a['msg']);
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo $div_aut . $a['c'] . $div_end . '<a href="index.php?do=them&r='.$a['a'].'&p='.$a['podforum'].'&t='.$a['t'].'">' . $new_string . '</a>' . $div_end;
}
echo $n->navi();
} else {
err('По запросу ' . $s . ' ничего не найдено!');
}
} else {
err('Не выбран поисковой путь!');
}
}
echo $div_end;
break;
/*
* Новые темы
*/
case newt:
echo $div_left . $div_title . 'Новые' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<b>Новые</b> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_them`"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=newt&');
$th = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` ORDER BY `f_them`.`id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'&page='.$pg.'"><b>»»</b></a>';
} else {
$st = '';
}
###############################
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Новыx тем не найдено!<br/>';
}
echo $div_end;
break;
/*
* Мои темы
*/
case my:
echo $div_left . $div_title . 'Мои темы' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<b>Мои темы</b>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_them` WHERE `author` = '$user[id]'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=my&');
$th = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` WHERE `f_them`.`author` = '$user[id]' ORDER BY `f_them`.`id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'&page='.$pg.'"><b>»»</b></a>';
} else {
$st = '';
}
###############################
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Моих тем не найдено!<br/>';
}
echo $div_end;
break;
/*
* Активные темы
*/
case act:
echo $div_left . $div_title . 'Активные' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<b>Активные</b> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_them`, `f_message` WHERE `f_them`.`id` = `f_message`.`tid`"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=act&');
$th = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(*) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` ORDER BY `f_them`.`last` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'&page='.$pg.'"><b>»»</b></a>';
} else {
$st = '';
}
###############################
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="index.php?do=them&r='.$a['t'].'&t='.$a['id'].'&p='.$a['rid'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Активных тем не найдено!<br/>';
}
echo $div_end;
break;
/*
* Кто онлайн
*/
case online:
echo $div_left . $div_title . 'На форуме' . $div_end . $div_menu . '
<img src="img/up.gif" alt="*"/> <a href="index.php?'.$ref.'">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `room` = 'forum' AND `onl` + '200' > '" . time() . "'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=my&');
$th = mysql_query("SELECT * FROM `users` WHERE `room` = 'forum' AND `onl` + '200' > '" . time() . "' ORDER BY `id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo us($a['id']) . $div_end;
}
echo $n->navi();
} else {
echo 'Никого нету!<br/>';
}
echo $div_end;
break;
}
include '../foot.php';
?>