Файл: modules/forum/thread.php
Строк: 225
<?php
switch ($act) {
case 'newthread':
if (!is_auth()) redirect('/login');
$categ = DB::run()->queryFetch("select * from `forum_categs` where `id` = ?;", array($id));
if ($categ)
{
$subject = isset($_POST['subject']) ? check($_POST['subject']) : FALSE;
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
$sticky = isset($_POST['sticky']) ? 1 : FALSE;
$closed = isset($_POST['closed']) ? 1 : FALSE;
$keystring = isset($_POST['keystring']) ? check($_POST['keystring']) : FALSE;
if ($subject && $message)
{
if (($keystring && isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] === $keystring) or access('forum'.$categ['id']))
{
if ($_SESSION['wait'] < TIME)
{
if (mb_strlen($subject, 'utf-8') <= 50)
{
if (mb_strlen($message, 'utf-8') <= $config['msglength'])
{
DB::run()->query("insert into `forum_threads` set
`categid` = ?,
`subject` = ?,
`userid` = ?,
`time` = ?,
`lastuserid` = ?,
`updtime` = ?,
`sticky` = ?,
`closed` = ?;
", array(
$categ['id'],
$subject,
$u['id'],
TIME,
$u['id'],
TIME,
$sticky,
$closed
));
$threadid = DB::run()->lastinsertid();
DB::run()->query("insert into `forum_posts` set
`categid` = ?,
`threadid` = ?,
`userid` = ?,
`message` = ?,
`time` = ?;", array(
$categ['id'],
$threadid,
$u['id'],
$message,
TIME
));
unset($_SESSION['captcha_keystring']);
$_SESSION['wait'] = TIME + $config['wait_time'];
redirect('/forum/viewthread'.$threadid);
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'].' ('.$config['msglength'].')';
}
}
else
{
$_SESSION['note'] = $lang['The_subject_exceeds_the_maximum_number_of_characters_allowed'].' (50)';
}
}
else
{
$_SESSION['note'] = $lang['Anti_Spam_Please_wait_before_trying_again'];
}
}
else
{
$_SESSION['note'] = $lang['The_verification_code_is_incorrect'];
}
}
$config['newtitle'] = $lang['Start_a_New_Thread'];
$tpl['title'] = '<a href="/forum">'.$lang['Forum'].'</a> '.showPath(getPath($categ['id'])).' » <a href="/forum/viewcateg'.$categ['id'].'">'.$categ['name'].'</a>';
$tpl['file'] = 'forum_newthread';
require_once 'core/header.php';
}
else
{
redirect('/forum/viewcateg'.$categ['id']);
}
break;
case 'viewthread':
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
if (is_auth())
{
$checkVisit = DB::run()->queryFetch("select `id` from `forum_threads_visits` where `threadid` = ? and `userid` = ?;", array($thread['id'], $u['id']));
if ($checkVisit)
{
DB::run()->query("update `forum_threads_visits` set `time` = ? where `id` = ?;", array(TIME, $checkVisit['id']));
}
else
{
DB::run()->query("insert into `forum_threads_visits` set `threadid` = ?, `userid` = ?, `time` = ?;", array($thread['id'], $u['id'], TIME));
}
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
if ($message)
{
if (empty($thread['closed']))
{
if (mb_strlen($message, 'utf-8') <= $config['msglength'])
{
if ($_SESSION['wait'] < TIME)
{
DB::run()->query("update `forum_threads` set `lastuserid` = ?, `updtime` = ? where `id` = ?;", array($u['id'], TIME, $thread['id']));
DB::run()->query("insert into `forum_posts` set `categid` = ?, `threadid` = ?, `userid` = ?, `message` = ?, `time` = ?;", array($thread['categid'], $thread['id'], $u['id'], $message, TIME));
$_SESSION['wait'] = TIME + $config['wait_time'];
redirect('/forum/threadend'.$thread['id']);
}
else
{
$_SESSION['note'] = $lang['Anti_Spam_Please_wait_before_trying_again'];
}
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'].' ('.$config['msglength'].')';
}
}
else
{
redirect('/forum/threadend'.$thread['id']);
}
}
}
$total = DB::run()->querySingle("select count(`id`) from `forum_posts` where `threadid` = ?;", array($thread['id']));
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `forum_posts` where `threadid` = ? ORDER BY `time` LIMIT $start, $config[ipp];", array($thread['id']));
}
$totalVisits = DB::run()->querySingle("select count(`id`) from `forum_threads_visits` where `threadid` = ?;", array($thread['id']));
$totalOnline = DB::run()->querySingle("select count(`id`) from `online` where `userid` > 0 and `location` LIKE ?;", array('forum/viewthread'.$thread['id'].'%'));
$categ = DB::run()->queryFetch("select `name` from `forum_categs` where `id` = ?;", array($thread['categid']));
$config['newtitle'] = $thread['subject'];
$tpl['title'] = '<a href="/forum">'.$lang['Forum'].'</a> '.showPath(getPath($thread['categid'])).' » <a href="/forum/viewcateg'.$thread['categid'].'">'.$categ['name'].'</a> » '.$thread['subject'];
if (access('forum'.$thread['categid']))
{
$tpl['title'] .= ' <a href="/forum/editthread'.$thread['id'].'/">'.$lang['Edit_'].'</a> <a href="/forum/delthread'.$thread['id'].'/">'.$lang['DEL'].'</a>';
}
$tpl['file'] = 'forum_viewthread';
require_once 'core/header.php';
}
else
{
redirect(HTTPHOME);
}
break;
case 'editthread':
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
if (($thread['userid'] == $u['id'] && $thread['time'] > TIME - 60 * $config['editmin']) or access('forum'.$thread['categid']) )
{
$categid = isset($_POST['categid']) ? abs(intval($_POST['categid'])) : FALSE;
$subject = isset($_POST['subject']) ? check($_POST['subject']) : FALSE;
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
$sticky = isset($_POST['sticky']) ? 1 : FALSE;
$closed = isset($_POST['closed']) ? 1 : FALSE;
$keystring = isset($_POST['keystring']) ? check($_POST['keystring']) : FALSE;
$categ = DB::run()->querySingle("select count(`id`) from `forum_categs` where `id` = ?;", array($categid));
if ($categid && $categ && $subject && $message)
{
if (($keystring && isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] === $keystring) or access('forum'.$thread['categid']))
{
if ($_SESSION['wait'] < TIME)
{
if (mb_strlen($subject, 'utf-8') <= 50)
{
if (mb_strlen($message, 'utf-8') <= $config['msglength'])
{
DB::run()->query("update `forum_threads` set
`categid` = ?,
`subject` = ?,
`userid` = ?,
`updtime` = ?,
`sticky` = ?,
`closed` = ?
where `id` = ?;
", array(
$categid,
$subject,
$u['id'],
TIME,
$sticky,
$closed,
$thread['id']
));
DB::run()->query("update `forum_posts` set
`categid` = ?,
`message` = ?,
`edit_by` = ?,
`edit_time` = ?
where `threadid` = ? order by `time` limit 1;
", array(
$categid,
$message,
$u['id'],
TIME,
$thread['id']
));
if ($categid != $thread['categid'])
{
$queryposts = DB::run()->query("select `id` from `forum_posts` where `threadid` = ?;", array($thread['id']));
while ($threadf = $queryposts->Fetch())
{
DB::run()->query("update `forum_posts` set `categid` = ? where `id` = ?;", array($categid, $threadf['id']));
}
}
$_SESSION['wait'] = TIME + $config['wait_time'];
redirect('/forum/viewthread'.$thread['id']);
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'].' ('.$config['msglength'].')';
}
}
else
{
$_SESSION['note'] = $lang['The_subject_exceeds_the_maximum_number_of_characters_allowed'].' (50)';
}
}
else
{
$_SESSION['note'] = $lang['Anti_Spam_Please_wait_before_trying_again'];
}
}
else
{
$_SESSION['note'] = $lang['The_verification_code_is_incorrect'];
}
}
$post = DB::run()->queryFetch("select `message` from `forum_posts` where `threadid` = ? order by `time` limit 1;", array($thread['id']));
$sticky_checked = $thread['sticky'] ? 'checked' : FALSE;
$closed_checked = $thread['closed'] ? 'checked' : FALSE;
$config['newtitle'] = $lang['Edit'];
$tpl['file'] = 'forum_editthread';
require_once 'core/header.php';
}
else
{
redirect('/forum/viewthread'.$thread['id']);
}
}
else
{
redirect('/forum');
}
break;
case 'delthread':
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
if (!access('forum'.$thread['categid'])) redirect('/forum');
$confirm = isset($_POST['confirm']) ? 1 : FALSE;
if ($confirm)
{
DB::run()->query("delete from `forum_posts` where `threadid` = ?;", array($thread['id']));
DB::run()->query("delete from `forum_threads_visits` where `threadid` = ?;", array($thread['id']));
DB::run()->query("delete from `forum_threads` where `id` = ?;", array($thread['id']));
redirect('/forum/viewcateg'.$thread['categid']);
}
$config['newtitle'] = $lang['Confirm_deletion'];
$tpl['file'] = 'confirm';
require_once 'core/header.php';
}
else
{
redirect('/forum');
}
break;
case 'viewthread_visits':
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
$total = DB::run()->querySingle("select count(`id`) from `forum_threads_visits` where `threadid` = ?;", array($thread['id']));
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `forum_threads_visits` where `threadid` = ? order by `time` desc limit $start, $config[ipp];", array($thread['id']));
}
$categ = DB::run()->queryFetch("select `name` from `forum_categs` where `id` = ?;", array($thread['categid']));
$config['newtitle'] = $lang['Who_visited_this_thread'];
$threadurl = $refurl ? $refurl : '/forum/viewthread'.$thread['id'];
$tpl['title'] = '<a href="/forum">'.$lang['Forum'].'</a> '.showPath(getPath($thread['categid'])).' » <a href="/forum/viewcateg'.$thread['categid'].'">'.$categ['name'].'</a> » <a href="'.$threadurl.'">'.$thread['subject'].'</a>';
$tpl['file'] = 'forum_viewthread_visits';
require_once 'core/header.php';
}
else
{
redirect('/forum');
}
break;
case 'viewthread_online';
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
$total = DB::run()->querySingle("select count(`id`) from `online` where `userid` > 0 and `location` LIKE ?;", array('forum/viewthread'.$thread['id'].'%'));
if ($total)
{
require_once 'core/navsetvars.php';
$location = 'forum/viewthread'.$thread['id'].'%';
$query = DB::run()->query("select * from `online` where `userid` > 0 and `location` LIKE ? order by `time` desc limit $start, $config[ipp];", array($location));
}
$categ = DB::run()->queryFetch("select `name` from `forum_categs` where `id` = ?;", array($thread['categid']));
$config['newtitle'] = $lang['Who_is_online'];
$threadurl = $refurl ? $refurl : '/forum/viewthread'.$thread['id'];
$tpl['title'] = '<a href="/forum">'.$lang['Forum'].'</a> '.showPath(getPath($thread['categid'])).' » <a href="/forum/viewcateg'.$thread['categid'].'">'.$categ['name'].'</a> » <a href="'.$threadurl.'">'.$thread['subject'].'</a>';
$tpl['file'] = 'forum_viewthread_online';
require_once 'core/header.php';
}
else
{
redirect('/forum');
}
break;
case 'editpost':
$module = 'forum';
require_once 'core/editpost.php';
break;
case 'reply':
$module = 'forum';
require_once 'core/reply.php';
break;
case 'delpost':
$module = 'forum';
require_once 'core/delpost.php';
break;
case 'closethread':
$thread = DB::run()->queryFetch("select `categid`, `closed` from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
if (access('forum'.$thread['categid']))
{
$closed = $thread['closed'] ? 0 : 1;
DB::run()->query("update `forum_threads` set `closed` = ? where `id` = ?;", array($closed, $id));
redirect('/forum/threadend'.$id);
}
else
{
redirect('/forum');
}
}
else
{
redirect('/forum');
}
break;
case 'threadend':
$thread = DB::run()->queryFetch("select * from `forum_threads` where `id` = ?;", array($id));
if ($thread)
{
$totalPosts = DB::run()->querySingle("select count(`id`) from `forum_posts` where `threadid` = ?;", array($id));
$lastpage = ceil($totalPosts / $config['ipp']);
$msg = DB::run()->queryFetch("select `id` from `forum_posts` where `threadid` = ? order by `time` desc limit 1;", array($id));
redirect('/forum/viewthread'.$id.'/page'.$lastpage.'/#'.$msg['id']);
}
break;
default:
// array
break;
}