Файл: forum/forum/admin.php
Строк: 236
<?
##########################################
## Автор PITBULL ##
## icq 647732 ##
## mail mobilas91@gmail.com ##
## запрещено торговать скриптом ##
##########################################
require'../config.php';
$align='left';
$title='Форум';
aut();
head();
levels(4);
who_add(0,'forum');
$fid = check(intval($_GET['fid']));
switch($mod){
case addf:
levels(7);
if (empty($act)){
if ($ver!='wml')echo '<form action="admin_'.$mod.'?act=act&'.SID.'" method="post">';
echo 'Форум:<br/>';
echo '<input type="text" name="name" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Добавить<go href="admin_'.$mod.'?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor>';
echo '<br/><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Добавить"/></form><br /><br />';
}
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя форума!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
//if ($db->sql_query ("INSERT INTO forum_f (name,time,pos) VALUES ('$name','$time','$pos')")){header ('Location: ./?'.SID); exit;
if (DB::run() -> query("INSERT INTO `forum_f` (`name`,`time`,`pos`) VALUES (?, ?, ?);", array($name, $time, $pos,))){ header ('Location: ./?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
case editf:
levels(7);
if (empty($act)){
if (isset($_GET['del'])){
$q=DB::run()->query("SELECT * FROM `forum_msg` where f_id = ?;",array($fid));
while ($d = $q->fetch()){
if($d['file']!=NULL)unlink ('../files/forum/'.$d['file'].'');
}
DB::run() -> query("DELETE FROM `forum_msg` where f_id = ?;",array($fid));
DB::run() -> query("DELETE FROM `forum_r` where f_id = ?;",array($fid));
DB::run() -> query("DELETE FROM `forum_t` where f_id = ?;",array($fid));
DB::run() -> query("DELETE FROM `forum_f` WHERE `id`=?;", array($fid));
header ('Location: ./?'.SID);
}
$for=DB::run() -> queryFetch("SELECT * FROM `forum_f` WHERE `id`=?;", array($fid));
if ($ver!='wml')echo '<form action="admin_'.$mod.'_'.$fid.'?act=act&'.SID.'" method="post">';
echo 'Форум:<br/>';
echo '<input type="text" name="name" value="'.$for[name].'" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" value="'.$for['pos'].'" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="admin_'.$mod.'_'.$fid.'?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br />';
}
echo '<br /><a href="admin_'.$mod.'_'.$fid.'?del">Удалить</a><br />';
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя форума!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
if (DB::run()->query ("UPDATE `forum_f` SET `name` = ?, `pos` = ? where `id`=? LIMIT 1;",array($name,$pos,$fid))){header ('Location: ./?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
//////// Разделы //////////////////////////////////////////////////////////
case addr:
levels(7);
if (empty($act)){
if ($ver!='wml')echo '<form action="admin_'.$mod.'_'.$fid.'?act=act&'.SID.'" method="post">';
echo 'Раздел:<br/>';
echo '<input type="text" name="name" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Добавить<go href="admin_'.$mod.'_'.$fid.'?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Добавить"/></form><br /><br />';
}
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя раздела!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
$for = DB::run()->queryFetch("select * from `forum_f` where id = ?;",array($fid) );
$level=$for['level'];
if (empty($err)){
if (DB::run()->query ("INSERT INTO forum_r (f_id,name,pos,level) VALUES (?,?,?,?);",array($fid,$name,$pos,$level))){header ('Location: razdel_'.$fid.'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
case editr:
levels(7);
$for =DB::run()->queryFetch("select * from `forum_r` where id = ?;",array($fid) );
if (empty($act)){
if (isset($_GET['del'])){
$q = DB::run()->query("SELECT * FROM `forum_msg` where r_id = ?;",array($fid));
while($d = $q->fetch()){
if($d['file']!=NULL)unlink ('../files/forum/'.$d['file'].'');
}
DB::run()->query("DELETE FROM `forum_msg` where r_id = ?;",array($fid));
DB::run()->query("DELETE FROM `forum_t` where r_id = ?;",array($fid));
DB::run()->query("DELETE FROM `forum_r` where id = ?;",array($fid));
header ('Location: razdel_'.$fid.'?'.SID); exit;
}
if ($ver!='wml')echo '<form action="admin_'.$mod.'_'.$fid.'?act=act&'.SID.'" method="post">';
echo 'Раздел:<br/>';
echo '<input type="text" name="name" value="'.$for[name].'" maxlength="50" title="Форум"/><br/>';
echo 'Положение:<br/>';
echo '<input type="text" name="pos" value="'.$for['pos'].'" maxlength="50" title="Положение"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="admin_'.$mod.'_'.$fid.'?act=add&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/>
<postfield name="pos" value="$pos"/>
</go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br />';
}
echo '<br /><a href="admin_'.$mod.'_'.$fid.'?del">Удалить</a><br />';
}else{
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
$pos = check(intval($_POST['pos']));
if (strlen2($name)<3)$err = 'Короткое имя раздела!';
if (empty($pos)||strlen2($pos)<=0)$err = 'Положение указанно неверно!';
if (empty($err)){
if (DB::run()->query("UPDATE `forum_r` SET `name` = ?, `pos` = ? where `id`=? LIMIT 1;",array($name,$pos,$fid))){header ('Location: razdel_'.$for[f_id].'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}
break;
// Редактируем тему
case editt:
levels(7);
$tem = DB::run()->queryFetch("select * from `forum_t` where id = ?;",array($fid) );
if (empty($act)){
if ($tem['close']==0 && $user['level']<5 && $tem['user_id']==$user['id'])echo ' | <a href="?close">Закрыть</a>';
if ($user['level']>=5){
if ($tem['close'] == 1)echo '<a href="?open">Открыть</a>|';
else echo '<a href="?close">Закрыть</a>|';
if ($tem['zak'] == 0)echo '<a href="?fix">Закрепить</a>|';
else echo '<a href="?unfix">Открепить</a>|';
echo '<a href="?delet">Удалить</a><br/>';
}else echo '<br />';
// Закрываем тему
if (isset($_GET['close'])){
if ($user[level]>=5)DB::run()->query("UPDATE `forum_t` SET `close` = ? WHERE `id` = ?;",array(1,$fid));
else DB::run()->query("UPDATE `forum_t` SET `close` = ? WHERE `id` = ? and user_id = ?;",array(1,$fid,$user['id']));
header ('Location: temes_'.$tem[r_id].'?'.SID);
}
// Открываем тему
if (isset($_GET['open'])){
if ($user[level]>=5)DB::run()->query("UPDATE `forum_t` SET `close` = ? WHERE `id` = ?;",array(0,$fid));
header ('Location: temes_'.$tem[r_id].'?'.SID);
}
// Закрепляем тему
if (isset($_GET['fix'])){
if ($user[level]>=5)DB::run()->query("UPDATE `forum_t` SET `zak` = ? WHERE `id` = ?;",array(1,$fid));
header ('Location: temes_'.$tem[r_id].'?'.SID);
}
// Открепляем тему
if (isset($_GET['unfix'])){
if ($user[level]>=5)DB::run()->query("UPDATE `forum_t` SET `zak` = ? WHERE `id` = ?;",array(0,$fid));
header ('Location: temes_'.$tem[r_id].'?'.SID);
}
// Удаляем тему
if (isset($_GET['delet'])){
if ($user[level]>=5){
$q = DB::run()->query("SELECT * FROM `forum_msg` where t_id = ?;",array($fid));
while($d = $q->fetch()){
if($d['file']!=NULL)unlink ('../files/forum/'.$d['file'].'');
}
DB::run()->query("DELETE FROM `forum_msg` where t_id = ?;",array($fid));
DB::run()->query("DELETE FROM `forum_t` where id = ?;",array($fid));
}
header ('Location: temes_'.$tem[r_id].'?'.SID);
}
echo '<dl><dt></dt></dl>';
if ($ver!='wml')echo '<form action="admin_'.$mod.'_'.$fid.'?act=name&'.SID.'" method="post">';
echo 'Тема:<br/>';
echo '<input type="text" name="name" value="'.$tem[name].'" maxlength="50" title="Форум"/><br/>';
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="admin_'.$mod.'_'.$fid.'?act=name&'.SID.'" method="post">';
echo '<postfield name="name" value="$name"/></go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><dt></dt>';
}
if ($ver!='wml')echo '<form action="admin_'.$mod.'_'.$fid.'?act=razd&'.SID.'" method="post">';
echo 'Переместить в:<br/>';
echo "<select name="razdel">";
$q = DB::run()->query("SELECT * FROM `forum_r` ORDER BY `id` ASC");
while ($r = $q->fetch())
{
$f =DB::run()->queryFetch("SELECT * FROM `forum_f` where id=?;",array($r['f_id']));
echo "<option value="$r[id]">$f[name]/$r[name]</option>";
}
echo "</select><br/>";
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="admin_'.$mod.'_'.$fid.'?act=razd&'.SID.'" method="post">';
echo '<postfield name="razdel" value="$razdel"/></go></anchor><br />';
}else{
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br />';
}
}else if($act==name){
$name = check($_POST['name']);
if ($user['translit']==1)$name = translit($name);
if (strlen2($name)<3)$err = 'Короткое имя!';
if (empty($err)){
if (DB::run()->query ("UPDATE `forum_t` SET `name` = ? where `id`=? LIMIT 1;",array($name,$fid))){header ('Location: temes_'.$tem[r_id].'?'.SID); exit;
}else echo 'Ошибка!<br />';
}else echo $err;
}else if($act==razd){
$razdel = check(intval($_POST['razdel']));
$r =DB::run()->queryFetch("SELECT * FROM `forum_r` where id=?;",array($razdel));
$f = DB::run()->queryFetch("SELECT * FROM `forum_f` where id=?;",array($r['f_id']));
$tem = DB::run()->queryFetch("select * from `forum_t` where id = ?;",array($fid) );
$name=''.$tem[name].'(перенесено)';
if (DB::run()->query ("UPDATE `forum_t` SET `r_id` = ?,`name` = ?, `f_id` = ? where `id`=? LIMIT 1;",array($razdel,$name,$f['id'],$d['id']))){
$q = DB::run()->query("SELECT * FROM `forum_msg` where t_id = ?;",array($fid));
while($d = $q->fetch()){
DB::run()->query ("UPDATE `forum_msg` SET `r_id` = ?, `f_id` = ? where `id`=? LIMIT 1;",array($razdel,$f['id'],$d['id']));
}
header ('Location: temes_'.$tem[r_id].'?'.SID); exit;
}else echo 'Ошибка!<br />';
}
break;
}
echo '<br />';
echo gb.'<a href="./">Форум</a>'.div;
echo gb.'<a href="'.H.'enter">Прихожая</a>'.div;
foot();
?>