Файл: soc-set/moduls/blog/index.php
Строк: 145
<?php
require_once('../../core/start.php');
check_auth();
switch ($select) {
default:
head('Блог');
panel();
echo DIV_BLOCK . '<form action="'.HOME.'/blog/new/" method="POST"><input type="submit" value="Новая запись" /></form>' . CLOSE_DIV;
/* Сортировка */
if (!empty($_GET['sort'])) {
if ($_GET['sort'] == 'date') {
unset($_SESSION['sort']);
} elseif ($_GET['sort'] == 'rating') {
$_SESSION['sort'] = 'rating';
} elseif ($_GET['sort'] == 'name') {
$_SESSION['sort'] = 'name';
} else {
NULL;
}
header("Location: ".HOME."/blog/");
}
echo DIV_LI;
echo 'Сортировка по: ' . (empty($_SESSION['sort']) ? '<b>дате</b>' : '<a href="'.HOME.'/blog/?sort=date">дате</a>') . ' | ' .
($_SESSION['sort'] == 'rating' ? '<b>популярности</b>' : '<a href="'.HOME.'/blog/?sort=rating">популярности</a>') . ' | ' .
($_SESSION['sort'] == 'name' ? '<b>названию</b>' : '<a href="'.HOME.'/blog/?sort=name">названию</a>');
echo CLOSE_DIV;
if ($_SESSION['sort'] == 'popular') {
$sort = 'ORDER BY `rating` DESC';
} elseif ($_SESSION['sort'] == 'name') {
$sort = 'ORDER BY `title` DESC';
} else {
$sort = 'ORDER BY `time` DESC';
}
/* */
$all = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG."");
if ($all == 0) {
echo DIV_BLOCK . 'Записи не созданы' . CLOSE_DIV;
} else {
$n = new Navigator($all,$config['write']['blog'],'');
$sql = DB::$dbs->query("SELECT * FROM ".BLOG." ".$sort." LIMIT {$n->start()}, ".$config['write']['blog']."");
while($blog = $sql -> fetch()) {
echo DIV_BLOCK . $blog['title'] . ' | ' . userLink($blog['user_id']) . '<br />';
echo '<form action="'.HOME.'/blog/'.$blog['id'].'/" method="POST"><input type="submit" value="Подробнее" /></form>';
echo CLOSE_DIV;
}
echo $n->navi();
}
$array = array('Блог');
nav($array);
break;
case 'add':
head('Блог: Новая запись');
if ($_POST['add']) {
$title = html($_POST['title']);
$blog = html($_POST['blog']);
if (empty($title) || empty($blog)) {
echo DIV_ERROR . 'Заполните все поля' . CLOSE_DIV;
} else {
DB::$dbs->query("INSERT INTO ".BLOG." (`title`, `blog`, `user_id`, `time`) VALUES (?,?,?,?)", array($title, $blog, $user['user_id'], time()));
$lastid = DB::$dbs->lastInsertId();
balls_operation(5);
header("Location: ".HOME."/blog/".$lastid."/");
}
}
panel();
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo 'Заголовок: [max. 100]<br /><input type="text" name="title" /><br /><br />';
echo 'Запись:<br /><textarea name="blog" cols="30" rows="6"></textarea><br />';
echo '<input type="submit" name="add" value="Создать" /></form>';
echo CLOSE_DIV;
bbsmile();
$array = array('Блог');
nav($array);
break;
case 'view':
$id = abs(intval($_GET['id']));
$blog = DB::$dbs->queryFetch("SELECT * FROM ".BLOG." WHERE `id` = ?",array($id));
if (empty($blog)) {
head('Блог: Запись не найдена');
echo DIV_TITLE . 'Запись не найдена' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if (isset($_POST['add'])) {
$comm = html($_POST['comm']);
if (empty($comm)) {
echo DIV_ERROR . 'Пустой комментарий' . CLOSE_DIV;
} else {
DB::$dbs->query("INSERT INTO ".BLOG_COMM." (`blog_id`, `user_id`, `comm`, `time`) VALUES (?, ?, ?, ?)", array($blog['id'], $user['user_id'], $comm, time()));
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> написал'.(empty($user['gender']) ? 'a' : NULL).' комментарий к Вашему <a href="'.HOME.'/blog/'.$blog['id'].'/"><b>блогу</b></a>';
lenta($lenta, $blog['user_id']);
header("Location: ".HOME."/blog/".$blog['id']."/");
}
}
if (!empty($_GET['delcomm'])) {
$comm = DB::$dbs->queryFetch("SELECT * FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['delcomm']))));
if ($comm['user_id'] == $user['user_id'] || $blog['user_id'] == $user['user_id'] || privilegy('blog_moder')) {
DB::$dbs->query("DELETE FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['delcomm']))));
}
header("Location: ".HOME."/blog/".$blog['id']."/");
}
if (!empty($_GET['editcomm'])) {
$comm = DB::$dbs->queryFetch("SELECT * FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['editcomm']))));
if ($comm['user_id'] == $user['user_id'] || privilegy('blog_moder')) {
if (isset($_POST['edit'])) {
$comm = html($_POST['comm']);
if (empty($comm)) {
echo DIV_ERROR . 'Пустой комментарий' . CLOSE_DIV;
} else {
DB::$dbs->query("UPDATE ".BLOG_COMM." SET `comm` = ? WHERE `id` = ? ", array($comm, abs(num($_GET['editcomm']))));
header("Location: ".HOME."/blog/".$blog['id']."/");
}
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Редактирование комментария:</b><br /><textarea name="comm">'.$comm['comm'].'</textarea><br />';
echo '<input type="submit" name="edit" value="Изменить"/>';
echo '</form>';
echo CLOSE_DIV;
}
}
if (isset($_GET['delete']) && ($blog['user_id'] == $user['user_id'] || privilegy('blog_moder'))) {
if (!isset($_GET['go'])) {
echo DIV_LI . '<b>Подтвердите удаление:</b> <a href="?delete&go">[Удалить]</a> <a href="'.HOME.'/blog/'.$blog['id'].'/">[Нет]</a>' . CLOSE_DIV;
} else {
DB::$dbs->query("DELETE FROM ".BLOG_COMM." WHERE `blog_id` = ? ", array($blog['id']));
DB::$dbs->query("DELETE FROM ".BLOG_RATING." WHERE `blog_id` = ? ", array($blog['id']));
DB::$dbs->query("DELETE FROM ".BLOG." WHERE `id` = ? ", array($blog['id']));
header("Location: ".HOME."/blog/");
}
}
head('Просмотр записи: ' . $blog['title']);
panel();
echo DIV_BLOCK . 'Запись: <b>' . $blog['title'] . '</b><p>' .text($blog['blog']) . '</p>' . CLOSE_DIV;
echo DIV_BLOCK . 'Время добавления: <b>' . vrem($blog['time']) . '</b><br /><br />';
if (DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_RATING." WHERE `blog_id` = ? && `user_id` = ? ", array($blog['id'], $user['user_id'])) == FALSE) {
echo 'Мне: <a href="'.HOME.'/blog/'.$blog['id'].'/like/"><b>нравится</b></a> / <a href="'.HOME.'/blog/'.$blog['id'].'/not_like/"><b>не нравится</b></a><br />';
} else {
$like = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_RATING." WHERE `blog_id` = ? && `type` = ? ", array($blog['id'], 'like'));
$not_like = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_RATING." WHERE `blog_id` = ? && `type` = ? ", array($blog['id'], 'not_like'));
echo 'Рейтинг: <b>' . (empty($blog['rating']) ? '0' : $blog['rating']) . '</b> (+'.$like.'/-'.$not_like.')<br />';
}
echo CLOSE_DIV;
$comm = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_COMM." WHERE `blog_id` = ? ", array($blog['id']));
echo DIV_LI . 'Комментарии: <b>'.$comm.'</b>' . CLOSE_DIV;
if (empty($comm)) {
echo DIV_BLOCK . 'Комментарий нет.' . CLOSE_DIV;
} else {
$n = new Navigator($comm,$config['write']['blog_comm'],'select=view&id='.$blog['id']);
$sql = DB::$dbs->query("SELECT * FROM ".BLOG_COMM." WHERE `blog_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, ".$config['write']['blog_comm']."", array($blog['id']));
while($comm = $sql -> fetch()) {
echo DIV_BLOCK;
echo '<b>' . userLink($comm['user_id']) . '</b> ['.vrem($comm['time']).'] '.(privilegy('blog_moder') || $comm['user_id'] == $user['user_id'] || $blog['user_id'] == $user['user_id'] ? '<a href="'.HOME.'/moduls/blog/index.php?select=view&id='.$blog['id'].'&delcomm='.$comm['id'].'">[Удал.]</a>' : NULL). (privilegy('blog_moder') || $comm['user_id'] == $user['user_id'] ? ' <a href="'.HOME.'/moduls/blog/index.php?select=view&id='.$blog['id'].'&editcomm='.$comm['id'].'">[Ред.]</a>' : NULL) .'<br />' . text($comm['comm']);
echo CLOSE_DIV;
}
echo $n->navi();
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Комментарий:</b><br /><textarea name="comm"></textarea><br />';
echo '<input type="submit" name="add" value="Написать"/>';
echo '</form>';
echo CLOSE_DIV;
bbsmile();
if ($blog['user_id'] == $user['user_id'] || privilegy('blog_moder')) {
echo DIV_BLOCK . '<a href="'.HOME.'/blog/'.$blog['id'].'/?delete">Удалить</a> | <a href="'.HOME.'/blog/'.$blog['id'].'/edit/">Редактировать</a>' . CLOSE_DIV;
}
$array = array('Блог');
nav($array);
break;
/*
case 'comm':
$id = abs(intval($_GET['id']));
$blog = DB::$dbs->queryFetch("SELECT * FROM ".BLOG." WHERE `id` = ?",array($id));
if (empty($blog)) {
head('Блог: Запись не найдена');
echo DIV_TITLE . 'Запись не найдена' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if (!empty($_GET['delcomm'])) {
$comm = DB::$dbs->queryFetch("SELECT * FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['delcomm']))));
if ($comm['user_id'] == $user['user_id'] || $blog['user_id'] == $user['user_id'] || privilegy('blog_moder')) {
DB::$dbs->query("DELETE FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['delcomm']))));
}
header("Location: ".HOME."/blog/".$blog['id']."/comm/");
}
if (!empty($_GET['editcomm'])) {
$comm = DB::$dbs->queryFetch("SELECT * FROM ".BLOG_COMM." WHERE `id` = ? ", array(abs(num($_GET['editcomm']))));
if ($comm['user_id'] == $user['user_id'] || privilegy('blog_moder')) {
if (isset($_POST['edit'])) {
$comm = html($_POST['comm']);
if (empty($comm)) {
echo DIV_ERROR . 'Пустой комментарий' . CLOSE_DIV;
} else {
DB::$dbs->query("UPDATE ".BLOG_COMM." SET `comm` = ? WHERE `id` = ? ", array($comm, abs(num($_GET['editcomm']))));
header("Location: ".HOME."/blog/".$blog['id']."/comm/");
}
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Редактирование комментария:</b><br /><textarea name="comm">'.$comm['comm'].'</textarea><br />';
echo '<input type="submit" name="edit" value="Изменить"/>';
echo '</form>';
echo CLOSE_DIV;
}
}
if (isset($_POST['add'])) {
$comm = html($_POST['comm']);
if (empty($comm)) {
echo DIV_ERROR . 'Пустой комментарий' . CLOSE_DIV;
} else {
DB::$dbs->query("INSERT INTO ".BLOG_COMM." (`blog_id`, `user_id`, `comm`, `time`) VALUES (?, ?, ?, ?)", array($blog['id'], $user['user_id'], $comm, time()));
balls_operation(2);
header("Location: ".HOME."/blog/".$blog['id']."/comm/");
}
}
head('Комментарии к записи: ' . $blog['title']);
echo DIV_TITLE . 'Комментарии к записи: ' . $blog['title'] . CLOSE_DIV;
$comm = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_COMM." WHERE `blog_id` = ? ", array($blog['id']));
echo DIV_LI . 'Комментарии: <b>'.$comm.'</b>' . CLOSE_DIV;
if (empty($comm)) {
echo DIV_BLOCK . 'Комментарий нет.' . CLOSE_DIV;
} else {
$n = new Navigator($comm,$config['write']['blog_comm'],'select=comm&id='.$blog['id']);
$sql = DB::$dbs->query("SELECT * FROM ".BLOG_COMM." WHERE `blog_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, ".$config['write']['blog_comm']."", array($blog['id']));
while($comm = $sql -> fetch()) {
echo DIV_BLOCK;
echo '<b>' . userLink($comm['user_id']) . '</b> ['.vrem($comm['time']).'] '.(privilegy('blog_moder') || $comm['user_id'] == $user['user_id'] || $blog['user_id'] == $user['user_id'] ? '<a href="?delcomm='.$comm['id'].'">[Удал.]</a>' : NULL). (privilegy('blog_moder') || $comm['user_id'] == $user['user_id'] ? ' <a href="?editcomm='.$comm['id'].'">[Ред.]</a>' : NULL) .'<br />' . text($comm['comm']);
echo CLOSE_DIV;
}
echo $n->navi();
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Комментарий:</b><br /><textarea name="comm"></textarea><br />';
echo '<input type="submit" name="add" value="Написать"/>';
echo '</form>';
echo CLOSE_DIV;
bbsmile();
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <a href="'.HOME.'/blog">Блог</a> / <a href="'.HOME.'/blog/'.$blog['id'].'/">'.$blog['title'].'</a> / <b>Комментарии к записи</b>' . CLOSE_DIV;
break;
*/
case 'edit':
$id = abs(intval($_GET['id']));
$blog = DB::$dbs->queryFetch("SELECT * FROM ".BLOG." WHERE `id` = ?",array($id));
if (empty($blog)) {
head('Блог: Запись не найдена');
echo DIV_TITLE . 'Запись не найдена' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if ($blog['user_id'] != $user['user_id'] && privilegy('blog_moder') == FALSE) {
head('Блог: Ошибка доступа');
echo DIV_TITLE . 'Ошибка доступа' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
head('Блог: Редактирование ' . $blog['title']);
if ($_POST['edit']) {
$title = html($_POST['title']);
$blog1 = html($_POST['blog']);
if (empty($title) || empty($blog1)) {
echo DIV_ERROR . 'Заполните все поля' . CLOSE_DIV;
} else {
DB::$dbs->query("UPDATE ".BLOG." SET `title` = ?, `blog` = ? WHERE `id` = ? ", array($title, $blog1, $blog['id']));
header("Location: ".HOME."/blog/".$blog['id']."/");
}
}
echo DIV_TITLE . 'Блог: Редактирование ' . $blog['title'] . CLOSE_DIV;
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo 'Заголовок: [max. 100]<br /><input type="text" name="title" value="'.$blog['title'].'" /><br /><br />';
echo 'Запись:<br /><textarea name="blog" cols="30" rows="6">'.$blog['blog'].'</textarea><br />';
echo '<input type="submit" name="edit" value="Изменить" /></form>';
echo CLOSE_DIV;
bbsmile();
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <a href="'.HOME.'/blog">Блог</a> / <a href="'.HOME.'/blog/'.$blog['id'].'/">'.$blog['title'].'</a> / <b>Редактирование записи</b>' . CLOSE_DIV;
break;
case 'rating':
$id = abs(intval($_GET['id']));
$blog = DB::$dbs->queryFetch("SELECT * FROM ".BLOG." WHERE `id` = ?",array($id));
if (empty($blog)) {
head('Блог: Запись не найдена');
echo DIV_TITLE . 'Запись не найдена' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <a href="'.HOME.'/blog">Блог</a> / <b>Запись не найдена</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if (DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".BLOG_RATING." WHERE `blog_id` = ? && `user_id` = ? ", array($blog['id'], $user['user_id'])) == TRUE) {
head('Блог: Вы уже голосовали');
echo DIV_TITLE . 'Вы уже голосовали' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <a href="'.HOME.'/blog">Блог</a> / <b>Вы уже голосовали</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if ($_GET['type'] == 'like') {
DB::$dbs->query("INSERT INTO ".BLOG_RATING." (`blog_id`, `user_id`, `type`) VALUES (?, ?, ?)", array($blog['id'], $user['user_id'], 'like'));
DB::$dbs->query("UPDATE ".BLOG." SET `rating` = ? WHERE `id` = ? ", array(($blog['rating'] + 1), $blog['id']));
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> оценил'.(empty($user['gender']) ? 'a' : NULL).' положительно Ваш <a href="'.HOME.'/blog/'.$blog['id'].'/"><b>блог</b></a>';
lenta($lenta, $blog['user_id']);
} else {
DB::$dbs->query("INSERT INTO ".BLOG_RATING." (`blog_id`, `user_id`, `type`) VALUES (?, ?, ?)", array($blog['id'], $user['user_id'], 'not_like'));
DB::$dbs->query("UPDATE ".BLOG." SET `rating` = ? WHERE `id` = ? ", array(($blog['rating'] - 1), $blog['id']));
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> оценил'.(empty($user['gender']) ? 'a' : NULL).' отрицательно Ваш <a href="'.HOME.'/blog/'.$blog['id'].'/"><b>блог</b></a>';
lenta($lenta, $blog['user_id']);
}
header("Location: ".HOME."/blog/".$blog['id']."/");
break;
}
require_once('../../core/stop.php');
?>