Файл: modules/blogs/index.php
Строк: 111
<?php
switch ($act) {
default:
$total = DB::run()->querySingle("select count(`id`) from `blogs_categs`;");
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `blogs_categs` ORDER BY `name` LIMIT $start, $config[ipp];");
}
$config['newtitle'] = 'Blogs';
$tpl['file'] = 'blogs';
require_once 'core/header.php';
break;
case 'viewcateg':
$categ = DB::run()->queryFetch("select * from `blogs_categs` where `id` = ?;", array($id));
if ($categ)
{
$total = DB::run()->querySingle("select count(`id`) from `blogs_content` where `categid` = ?;", array($id));
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `blogs_content` where `categid` = ? ORDER BY `id` DESC LIMIT $start, $config[ipp];", array($id));
}
$config['newtitle'] = $categ['name'];
$tpl['title'] = '<a href="/blogs">'.$lang['Blogs'].'</a> » '.$categ['name'];
$tpl['file'] = 'blogs_viewcateg';
require_once 'core/header.php';
}
else
{
redirect(HTTPHOME);
}
break;
case 'viewpost':
$post = DB::run()->queryFetch("select * from `blogs_posts` where `id` = ?;", array($id));
if ($post)
{
$config['newtitle'] = $post['subject'];
$tpl['title'] = '<a href="/blogs">'.$lang['Blogs'].'</a> » '.$post['subject'];
if ((is_auth() && $post['userid'] == $u['id'] && $post['time'] > TIME - 60 * $config['editmin']) or access('blogs_editpost'))
{
$tpl['title'] .= ' <a href="/blogs/editpost'.$post['id'].'">{LANG.Edit_}</a>';
}
if (access('blogs_delpost'))
{
$tpl['title'] .= ' <a href="/blogs/delpost'.$post['id'].'">{LANG.DEL}</a><br>';
}
$tpl['file'] = 'blogs_viewpost';
require_once 'core/header.php';
}
else
{
redirect(HTTPHOME);
}
break;
case 'newpost':
if (is_auth())
{
$subject = isset($_POST['subject']) ? check($_POST['subject']) : FALSE;
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
$categ = isset($_POST['categ']) ? check($_POST['categ']) : FALSE;
$keystring = isset($_POST['keystring']) ? check($_POST['keystring']) : FALSE;
if ($keystring && $message && $keystring)
{
if (isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] === $keystring)
{
$subjectLength = mb_strlen($subject, 'utf-8');
if ($subjectLength > 3 && $subjectLength < 50)
{
$msgLength = mb_strlen($message, 'utf-8');
if ($msgLength > 5 && $msgLength < 50000)
{
DB::run()->query("insert into `blogs_posts` set `userid` = ?, `subject` = ?, `message` = ?, `time` = ?;", array($u['id'], $subject, $message, TIME));
$postid = DB::run()->lastinsertid();
foreach ($categ as $value)
{
$checkCateg = DB::run()->querySingle("select count(`id`) from `blogs_categs` where `id` = ?;", array($value));
if ($checkCateg)
{
DB::run()->query("insert into `blogs_content` set `categid` = ?, `postid` = ?;", array($value, $postid));
}
}
unset($_SESSION['captcha_keystring']);
redirect('/blogs/viewpost'.$postid);
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'];
}
}
else
{
$_SESSION['note'] = $lang['The_subject_exceeds_the_maximum_number_of_characters_allowed'];
}
}
else
{
$_SESSION['note'] = $lang['The_verification_code_is_incorrect'];
}
}
$config['newtitle'] = $lang['Create_new_post'];
$tpl['title'] = '<a href="/blogs">'.$lang['Blogs'].'</a> » '.$lang['Create_new_post'];
$tpl['file'] = 'blogs_newpost';
require_once 'core/header.php';
}
else
{
redirect('/login');
}
break;
case 'editpost':
$post = DB::run()->queryFetch("select * from `blogs_posts` where `id` = ?;", array($id));
if ($post)
{
if ((is_auth() && $post['userid'] == $u['id'] && $post['time'] > TIME - 60 * $config['editmin']) or access('blogs_editpost'))
{
$subject = isset($_POST['subject']) ? check($_POST['subject']) : FALSE;
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
$categ = isset($_POST['categ']) ? check($_POST['categ']) : FALSE;
if ($subject && $message && $categ)
{
DB::run()->query("update `blogs_posts` set `subject` = ?, `message` = ? where `id` = ?;", array($subject, $message, $id));
DB::run()->query("delete from `blogs_content` where `postid` = ?;", array($post['id']));
foreach ($categ as $value)
{
$checkCateg = DB::run()->querySingle("select count(`id`) from `blogs_categs` where `id` = ?;", array($value));
if ($checkCateg)
{
DB::run()->query("insert into `blogs_content` set `categid` = ?, `postid` = ?;", array($value, $post['id']));
}
}
redirect('/blogs/viewpost'.$post['id']);
}
$config['newtitle'] = $lang['Edit_post'];
$tpl['title'] = '<a href="/blogs">'.$lang['Blogs'].'</a> » '.$lang['Edit_post'];
$tpl['file'] = 'blogs_editpost';
require_once 'core/header.php';
}
else
{
redirect('/blogs');
}
}
else
{
redirect('/blogs');
}
break;
case 'delpost':
$module = 'blogs';
require_once 'core/delpost.php';
break;
}