Файл: m/news.php
Строк: 137
<?php
define('NTOP', 1);
$title = 'Новости';
require_once ('../system/connect.php');
require_once ('../system/core.php');
require_once ('../system/function.php');
require_once ('head.php');
switch($act)
{
default:
echo '<div class="top"><div class="title2"><font color="#fff">Новости Топ-Рейтинга</font></div><div class="clear"></div></div>';
$count = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news`"));
if($count > 0)
{
$total=intval(($count-1)/$page_news)+1;
$page=abs(intval($_GET['page']));
if(empty($page) OR $page < 0)
{
$page = 1;
}
if($page > $total)
{
$page = $total;
}
$past=intval($count/$page_news);
$start=$page*$page_news-$page_news;
$news = mysql_query("SELECT * FROM `".$prefix."news` ORDER BY `time` DESC LIMIT ".$start.",".$page_news."");
while($row = mysql_fetch_array($news))
{
$start++;
$count_comment = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$row['id']."'"));
echo '<div class="main">'.$start.'.<strong>'.$row['name'].' ('.data($row['time']).')</strong></div>';
echo '<div class="title"><b>';
echo $row['text'].'<br/>';
echo '</b><small>';
echo 'Добавил: '.$row['author'].'<br/>';
echo '<a href="http://'.$set['home'].'/m/news/comments/'.$row['id'].'">Комментарии</a>('.$count_comment.')<br/></small>';
echo '</div>';
}
navigation($count,$page_news,$page,'http://'.$set['home'].'/m/news/',$total);
}
else
{
echo '<div class="main">Новостей в Топ-Рейтинге нет!<br/></div>';
}
break;
case 'comments':
echo '<div class="title2">Комментарии к новости</div>';
$isset_news = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news` WHERE `id` = '".$id."'"));
if($isset_news != 0)
{
if(isset($_POST['ok']))
{
$name = isset($user_data) ? $user_data['login'] : 'Гость';
$comment = htmlspecialchars(trim($_POST['comment']));
$kod = intval($_POST['kod']);
$test = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `name` = '".$name."' AND `text` = '".$comment."' AND `id_news` = '".$id."'"));
if($test == 0)
{
$error = '';
if(empty($comment))
{
$error.='Нет комментария<br/>';
}
if($user_data)
{
if($user_data['antiflud'] + $set['antiflud_time'] > time())
{
$error .= 'Вы писали сообщение меньше чем '.$set['antiflud_time'].' секунд назад! <br/>';
}
}
else
{
if($set['guest_antiflud'] + $set['antiflud_time'] > time())
{
$error .= 'Вы писали сообщение меньше чем '.$set['antiflud_time'].' секунд назад! <br/>';
}
}
if(mb_strlen($comment) > 100)
{
$error.='Комментарий содержит больше 100 символов<br/>';
}
if(!empty($error))
{
echo '<div class="error">';
echo $error;
echo '</div>';
}
else
{
unset($_SESSION['kod']);
$comment = mysql_query("INSERT INTO `".$prefix."news_comments` SET
`name` = '" . mysql_real_escape_string($name) . "',
`text` = '" . mysql_real_escape_string($comment) . "',
`time` = '" . time() ."',
`id_news` = '" . $id ."'");
if($user_data)
{
$update_antiflud = mysql_query("UPDATE `".$prefix."users` SET `antiflud` = '".time()."' WHERE `id` = '".$user_data['id']."'");
}
else
{
$update_antiflud_guest = mysql_query("UPDATE `".$prefix."settings` SET `value` = '".time()."' WHERE `name` = 'guest_antiflud'");
}
if($comment)
{
echo '<div class="main">';
echo 'Комментарий добавлен!<br/>';
echo '</div>';
}
else
{
echo '<div class="error">';
echo 'Комментарий не добавлен!<br/>';
echo '</div>';
}
}
}
}
$count = mysql_num_rows(mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$id."'"));
if($count > 0)
{
$total=intval(($count-1)/$page_nc)+1;
$page=abs(intval($_GET['page']));
if(empty($page) OR $page < 0)
{
$page = 1;
}
if($page > $total)
{
$page = $total;
}
$past=intval($count/$page_nc);
$start=$page*$page_nc-$page_nc;
$comments = mysql_query("SELECT * FROM `".$prefix."news_comments` WHERE `id_news` = '".$id."' ORDER BY `time` DESC LIMIT ".$start.",".$page_nc."");
while($row = mysql_fetch_array($comments))
{
$start++;
echo '<div class="main">'.$start.'.<strong>'.$row['name'].' ('.data($row['time']).')</strong></div>';
echo '<div class="title">';
echo $row['text'];
echo '</div>';
}
navigation($count,$page_nc,$page,'http://'.$set['home'].'/m/news/comments/'.$id.'/',$total);
}
else
{
echo '<div class="main">';
echo 'Комментариев к данной новости нет!<br/>';
echo '</div>';
}
echo '<div class="title2">Добавление комментария</div>';
echo '<div class="title">';
echo '
<form action="http://'.$set['home'].'/m/news/comments/'.$id.'" method="post">
Комментарий(max. 100):<br/>
<textarea name="comment" cols="38" rows="8"> </textarea><br/>
';
echo 'Код с картинки: <img src="http://'.$set['home'].'/system/cap.php" alt="captcha" /><br/>';
echo '<input name="kod" type="text" value="" /><br/>';
echo '<input name="ok" type="submit" value="Добавить" />
</form>
</div>';
}
else
{
echo '<div class="error">';
echo 'Нет такой новости!</br>';
echo '</div>';
}
echo '<div class="main">';
echo '<a href="http://'.$set['home'].'/m/news">К новостям</a></br>';
echo '</div>';
break;
}
require_once ('foot.php');
?>