Файл: region_clean/blog.php
Строк: 217
<?
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header('Cache-Control: no-store, no-cache, must-revalidate');
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
$times = getmicrotime();
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>
<card id="blog" title="*On-line Блог*">
<p>";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>*On-line Блог*</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="left">n
<form method="POST" action="blog.php?$ses&mode=add&ref=$ref" name="auth">n";
}
$level = $row['level'];
$bv = $row['blog'];
if ($level == 0) $zap = 50;
elseif ($level == 1) $zap = 100;
elseif ($level == 2) $zap = 150;
elseif ($level == 3) $zap = 200;
elseif ($level == 4) $zap = 250;
elseif ($level == 5) $zap = 300;
elseif ($level == 6) $zap = 350;
elseif ($level == 7) $zap = 400;
elseif ($level > 7) $zap = 500;
$mode = isset($_GET['mode']) ? $_GET['mode'] : NULL;
switch($mode) {
default:
echo '<div class="c4">Блог - онлайн wap дневник.</div><br/>';
$select = mysql_query("Select * from users where id='".(int)$id."'");
$inf = mysql_fetch_array($select);
$usid = $inf['id'];
//////////////////////////////////////////////////////
if ($row['blog'] > 0) echo "<b><a href="blog.php?$ses&mode=user&usid=$usid">Мой блог</a></b><br/>n";
///////////////////////////////////////////////
$blog = mysql_num_rows(mysql_query ("SELECT * FROM users where blog !='0'"));
echo "<img src = 'icon/blog.png' alt='»'/> <a href="blog.php?$ses&mode=blogovi&ref=$ref">Блоги пользователей</a> ($blog)<br/>n";
$all = mysql_num_rows(mysql_query("select * from blog"));
echo "<img src = 'icon/blog.png' alt='»'/> <a href="blog.php?$ses&mode=read&ref=$ref">Записи в блогах</a> ($all)<br/>n";
$blog = mysql_num_rows(mysql_query ("SELECT * FROM users where blog !='0'"));
echo "<img src = 'icon/blog.png' alt='»'/> <a href="blog.php?$ses&mode=rating&ref=$ref">Рейтинг авторов</a> ($blog)<br/>n";
echo "<img src = 'icon/blog.png' alt='»'/> <a href="blog.php?$ses&mode=add&ref=$ref">Добавить запись</a><br/>";
if ($inf['blog'] > 0) echo "<img src = 'icon/blog.png' alt='»'/> <a href="blog.php?$ses&mode=del&ref=$ref">Удалить запись</a><br/>";
$my = mysql_num_rows(mysql_query("select * from blog where who='".intval($id)."'"));
echo '<br/>Моих записей: '.$my.'<br/>
Записей доступно: '.$zap.'<br/>
Голосов за тебя: '.$bv.'<br/>';
break;
case 'read':
echo '<div class="c4">Записи в блогах</div><br/>';
if (empty($page)) $page = 0;
$query = mysql_query("select id from blog ORDER BY votes desc");
$num_of_rows = mysql_num_rows($query);
$total_mat_number = $num_of_rows;
$max = 10;
$total_pages = ceil($total_mat_number/$max);
$i = 1 + $page;
if (mysql_affected_rows() == 0) {
echo 'Нет записей!<br/><br/>';
} else {
$page = intval($page);
$max = intval($max);
$q = mysql_query("select * from blog ORDER BY votes desc limit ".$page.",".($max)."");
while($arr = mysql_fetch_assoc($q)) {
$topic = $arr['topic'];
$bid = $arr['id'];
$who = $arr['who'];
$date = $arr['bdata'];
$read = $arr['bread'];
$votes = $arr['votes'];
$nick = mysql_fetch_array(mysql_query("select user from users where id='".(int)$who."'"));
echo ($i++).") <a href="blog.php?$ses&mode=view&mid=$bid">".$topic."</a> от $nick[0] ($date) [$votes|$read]<br/>";
}
for ($num = 0; $num < $total_pages; $num++) {
$page_number = $num * $max;
if ($page_number != $page) {
echo "<a href="blog.php?$ses&mode=read&page=$page_number&ref=$ref">".($num+1)."</a>|";
} else {
echo ($num+1).'|';
}
}
echo '<br/>';
}
break;
case 'blogovi':
echo '<div class="c4">Блоги пользователей!</div><br/>';
if (empty($page)) $page = 0;
$query = mysql_query("select id FROM users where blog != '0' ORDER BY blog desc");
$num_of_rows = mysql_num_rows($query);
$total_mat_number = $num_of_rows;
$max = 10;
$total_pages = ceil($total_mat_number/$max);
$i = 1 + $page;
if (mysql_affected_rows() == 0 ) {
echo 'Блоги ещё не созданы!<br/>';
} else {
$page = intval($page);
$max = intval($max);
$r2 = mysql_query ("SELECT id,user,blog FROM users where blog !='0' ORDER BY blog desc limit ".$page.",".($max).";");
while ($a3 = mysql_fetch_assoc($r2))
{
echo ($i++).") *<a href="blog.php?$ses&mode=user&usid=".$a3["id"]."">".col_n($a3["user"])."</a> - Блог* (Голосов: ".$a3["blog"].')<br/>';
}
for ($num = 0; $num < $total_pages; $num ++ ) {
$page_number = $num * $max;
if ($page_number != $page) {
echo "<a href="blog.php?$ses&mode=blogovi&page=$page_number&ref=$ref">".($num+1)."</a>|";
} else {
echo ($num+1)."|";
}
}
echo '<br/>';
}
break;
case 'view':
if (!is_numeric($mid)) { header("Location: index.php?isset=403"); die; }
$q = mysql_query("select * from blog where id='".(int)$mid."'");
if (mysql_affected_rows() == 0) {
echo 'Нет такой записи!<br/>';
} else {
$arr = mysql_fetch_array($q);
$mid = $arr['id'];
$topic = $arr['topic'];
$text = $arr['text'];
$who = $arr['who'];
$date = $arr['bdata'];
$read = $arr['bread'];
$votes = $arr['votes'];
$nick = mysql_fetch_array(mysql_query("select user from users where id='".intval($who)."'"));
echo "<b>".$topic."</b> - <a href="info.php?$ses&nk=$who&ref=$ref">".col_n($nick[0])."</a><br/>";
echo htmlspecialchars($text) . '<br/>';
echo 'Добавленно: '.$date.'<br/>';
mysql_query("update blog set bread=bread+'1' where id='".(int)$mid."'");
echo 'Прочитанно: '.$read.' раз<br/>';
if ($arr['votes'] > 0) {
echo "Голосов: <a href="blog.php?$ses&mode=who&mid=$mid">" .$votes. "</a><br/>";
} else {
echo 'Голосов: ' . $votes . '<br/>';
}
if ($who == $id or $level > 5) echo "<a href="blog.php?$ses&mode=del&act=del&mid=$mid">Удалить</a><br/>";
if ($who != $id) echo "<a href="blog.php?$ses&mode=vote&mid=$mid">Голосовать</a><br/>";
}
break;
case 'add':
if (!is_numeric($id)) { header("Location: index.php?isset=403"); die; }
$a = mysql_fetch_array(mysql_query("select count(id) as num from blog where who='".intval($id)."'"));
if ($a[0] <= $zap) {
if (!$text) {
echo '<div class="c4">Добавить запись:</div><br/>';
echo 'Тема:<br/>';
echo "<input name="topic" maxlength="30" value="".$row['topic']."" title="infa" emptyok="false"/><br/>n";
echo 'Текст:<br/>';
echo "<input name="text" maxlength="1000" value="".$row['text']."" title="infa" emptyok="false"/><br/>n";
if ($ver == "wml") {
echo "<anchor title="go">Добавить<go href="blog.php?$ses&mode=add&ref=$ref" method="post">n
<postfield name="topic" value="$(topic)"/>n
<postfield name="text" value="$(text)"/>n
</go></anchor><br/>";
} else if ($ver == "xhtml") {
echo "<br/><input type="submit" class="ibutton" value="Добавить" name="enter"><br/><br/>n";
}
} else {
$topic = mb_substr(check($topic),0,60,'UTF8');
$text = mb_substr(check($text),0,7000,'UTF8');
if ($row['translit'] == 1) {
$topic = trun_to_rus($topic);
$text = trun_to_rus($text);
}
$id = intval($id);
$text = trim(mysql_real_escape_string(addslashes($text)));
$topic = trim(mysql_real_escape_string(check($topic)));
$bdata = mysql_real_escape_string($bdata);
function ad_cut($str,$to) {
$domains = array('http://','.ru','.su','4at','.mobi','.ws','.4at','.tv','.4ats','.tv','.name','.us','.biz','.info','.org','.net','.com','.wen','.in');
$replacer = array_fill(0,count($domains),$to);
$result = array_combine($domains,$replacer);
return strtr($str,$result);
}
$text = ad_cut($text);
$topic = ad_cut($topic);
if (empty($topic)) {
echo 'Поле "тема" не заполненно!<br/>';
} else {
$bdata = date("d.m.y H:m");
mysql_query("Insert into blog set who ='$id', text = '".$text."', topic = '".$topic."', bdata = '".$bdata."'");
mysql_query("Update users set blog='1' where id ='".(int)$id."'");
echo 'Запись успешно добавленна!<br/>';
}
}
} else {
echo 'Ты не можешь добавить '.$zap.' запись в блог!<br/>
Но можешь удалить некоторые не нужные записи!<br/>';
}
break;
case 'del':
if (!$act) {
echo '<div class="c4">Удаление записи</div><br/>';
if (!is_numeric($id)) { header("Location: index.php?isset=403"); die; }
$id = intval($id);
$q = mysql_query("select id,topic from blog where who='".(int)$id."'");
while($arr = mysql_fetch_assoc($q)) {
echo "<a href="blog.php?$ses&mode=del&act=go&mid=$arr[id]">".$arr['topic']."</a><br/>";
}
if (mysql_affected_rows() == 0) {
echo 'Нет не одной записи, что удалять хочеш?!<br/>';
}
} else {
if (!is_numeric($mid)) { header("Location: index.php?isset=403"); die; }
if ($level > 5) $zapros="delete from blog where id = '".(int)$mid."'";
else $zapros = "delete from blog where id = '".(int)$mid."' and who='".(int)$id."'";
if (mysql_query($zapros)) {
echo 'Запись успешно удалена!<br/>';
} else {
echo '<b>Ошибка!</b><br/>';
}
}
break;
case 'rating':
echo '<div class="c4">Рейтинг авторов</div><br/>';
$r2 = mysql_query ("SELECT id,user,blog FROM users where blog != '0' ORDER BY blog desc LIMIT 0,10;");
$i = 1;
while ($a3 = mysql_fetch_assoc($r2))
{
echo ($i++).") <a href="blog.php?$ses&mode=user&usid=".$a3['id']."">".col_n($a3['user'])."</a> - ".$a3['blog'].'<br/><br/>';
}
break;
case 'user':
$r = mysql_fetch_array(mysql_query ("SELECT user from users where id='".(int)$usid."' LIMIT 1"));
echo '<div class="c4">'.$r[0].' - Блог</div><br/>';
if (empty($page)) $page = 0;
$query = mysql_query("select id from blog where who='".(int)$usid."'");
$num_of_rows = mysql_num_rows($query);
$total_mat_number = $num_of_rows;
$max = 10;
$total_pages = ceil($total_mat_number/$max);
$i = 1 + $page;
$page = intval($page);
$max = intval($max);
$q = mysql_query("select * from blog where who='$usid' ORDER BY votes desc limit ".$page.",".($max)."");
if (mysql_affected_rows() == 0) {
echo 'Нет записей!<br/><br/>';
} else {
while($arr = mysql_fetch_assoc($q)) {
$topic = $arr['topic'];
$bid = $arr['id'];
$date = $arr['bdata'];
$read = $arr['bread'];
$votes = $arr['votes'];
echo ($i++).") <a href="blog.php?$ses&mode=view&act=go&mid=$bid">".$topic."</a> ($date) [$votes|$read]<br/>";
}
for ($num = 0; $num < $total_pages; $num++) {
$page_number = $num * $max;
if ($page_number != $page) {
echo "<a href="blog.php?$ses&mode=user&usid=$usid&page=$page_number&ref=$ref">".($num+1)."</a>|";
} else {
echo ($num+1).'|';
}
}
}
break;
case 'vote':
if (!is_numeric($mid)) { header("Location: index.php?isset=403"); die; }
$id = intval($id);
$query = mysql_query("select who from blog where id = '".(int)$mid."' LIMIT 1");
if (mysql_affected_rows() == 0) {
echo 'Нет голосов!<br/>';
echo '</p></card></wml>';
mysql_close ($link);
exit;
}
$arr = mysql_fetch_array($query);
$usid = $arr['who'];
if ($id == $usid) {
echo 'Ты не можешь голосовать за себя!<br/>';
} else {
mysql_query ("Select * from blogvote where id='".(int)$mid."' and who='".(int)$id."'");
if (mysql_affected_rows() == 0) {
mysql_query("INSERT INTO blogvote SET id = '".(int)$mid."', who = '".(int)$id."'");
mysql_query("update blog set votes=votes+'1' where id = '".(int)$mid."'");
mysql_query("update users set blog=blog+'1' where id='".(int)$usid."'");
echo 'Голос принят!<br/>';
} else {
echo 'Голос уже был за эту запись!<br/>';
}
}
break;
case 'who':
if (!is_numeric($mid)) { header("Location: index.php?isset=403"); die; }
$query = mysql_query("select who from blogvote where id = '".(int)$mid."'");
if (mysql_affected_rows() == 0) {
echo 'Нет голосов!<br/>';
mysql_close ($link);
exit;
} else {
echo '<b>Кто отдал голос:</b><br/>';
$i = 1;
while($arr = mysql_fetch_assoc($query)) {
$r = mysql_fetch_array(mysql_query ("SELECT user from users where id='".intval($arr[0])."' LIMIT 1"));
echo ($i++).') '.$r[0].'<br/>';
}
}
break;
}
if (!empty($mode)) {
echo "<div class = 'd1'><a href="blog.php?$ses&ref=$ref">Блог</a></div>n";
}
echo "<div class = 'd1'><a href="enter.php?$ses&ref=$ref">Прихожая</a></div>";
include_once "foot.php";
mysql_close($link);
?>