Файл: forum/index.php
Строк: 1464
<?php
require '../system/sid.php';
require '../system/config.php';
if (isset($_SESSION['us']))
{
include '../system/user.php';
whorm(0, 'forum');
}
include '../system/head.php';
include '../system/navigator.php';
$do = (isset($_GET['do'])) ? $_GET['do'] : NULL;
switch($do)
{
default:
echo $div_title . 'Форум' . $div_end . $div_aut . '
<a href="../faq.php?do=forum">Правила Форума</a>
' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <b>Форум</b>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$razdel = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_razdel`"), 0);
// разделы
if ($razdel != FALSE)
{
$n = new navigator($razdel, 15, '?');
$look = mysql_query("SELECT `f_razdel`.*,
(SELECT COUNT(id) FROM `f_pod` WHERE `f_pod`.`pid` = `f_razdel`.`id`) AS c,
(SELECT COUNT(id) FROM `f_pod` WHERE `f_pod`.`pid` = `f_razdel`.`id` AND `f_pod`.`time` > '" . (time() - 86400) . "') AS t,
(SELECT COUNT(id) FROM `f_them` WHERE `f_razdel`.`id` = `f_them`.`razdel_id`) AS m
FROM `f_razdel` ORDER BY `f_razdel`.`id` ASC {$n->limit}");
while($a = mysql_fetch_assoc($look)) {
$TH = mysql_fetch_assoc(mysql_query("SELECT id, name, razdel_id, rid FROM `f_them` WHERE `razdel_id` = '$a[id]' ORDER BY last DESC LIMIT 1"));
$PF = mysql_fetch_assoc(mysql_query("SELECT id, name FROM `f_pod` WHERE `id` = '$TH[rid]' LIMIT 1"));
$MS = mysql_fetch_assoc(mysql_query("SELECT `f_message`.user, `f_message`.time, (SELECT COUNT(id) FROM f_message WHERE `tid` = '$TH[id]') AS count FROM `f_message` WHERE `tid` = '$TH[id]' ORDER BY id DESC LIMIT 1"));
$new_in = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
if ($MS['count'] > 10) {
$pg = ceil($MS['count'] / 10);
$end = '<a href="them-'.$TH['razdel_id'].'-'.$TH['rid'].'-'.$TH['id'].'&page='.$pg.'">>></a>';
} else {
$end = '';
}
echo $div_razdel . '<img src="img/str.png" alt=""/> <a href="r-razdel-'.$a['id'].'">' . $a['name'] . '</a> (' . $a['c'] . '/' . $a['m'] . ') ' . $new_in . '<br/><small>' . $a['opis'] . '</small>
' .$div_end . $div_tworazdel . '
Подраздел: <a href="pod-'.$a['id'].'-'.$PF['id'].'">' . $PF['name'] . '</a><br/>
Тема: <a href="them-'.$TH['razdel_id'].'-'.$TH['rid'].'-'.$TH['id'].'">' . $TH['name'] . ' (' . $MS['count'] . ')</a> ' . $end . '<br/>
Сообщение: ' . (empty($MS['user']) ? '<span style="color:#FF3030;">[Система]</span>' : cvetnik($MS['user'])) . ' (' . itime($MS['time'], 0) . ')' . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Разделы не созданы!<br/>';
}
// счетчик онлайна на форуме
$_numFor = mysql_result(mysql_query("SELECT COUNT(id) AS num FROM `users` WHERE `room` = 'forum' AND `onl` + '300' > '" . time() . "'"), 0);
echo '<div>» <a href="index.php?do=online">Кто на форуме (' . $_numFor . ')</a></div>';
break;
case razdel:
$r = my_int($_GET['r']);
$empty = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
// информация о разделе
$i_rzd = mysql_fetch_assoc($empty);
##
$pod = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_pod` WHERE `pid` = '$r' LIMIT 1"), 0);
echo $div_title . $i_rzd['name'] . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
// список подразделов
if ($pod != FALSE) {
$n = new navigator($pod, 10, 'razdel-'.$r.'&');
$look = mysql_query("SELECT `f_pod`.*,
(SELECT COUNT(id) FROM `f_them` WHERE `f_them`.`rid` = `f_pod`.`id`) AS c,
(SELECT COUNT(id) FROM `f_them` WHERE `f_them`.`rid` = `f_pod`.`id` AND `date` > '" . (time() - 86400) . "') AS t,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`podforum` = `f_pod`.`id`) AS m
FROM `f_pod` WHERE `f_pod`.`pid` = '$r' ORDER BY `f_pod`.`id` ASC {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
$new_themes = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<img src="img/str.png" alt="*"/> <a href="pod-'.$a['pid'].'-'.$a['id'].'">' . $a['name'] . '</a> (' . $a['c'] . '/' . $a['m'] . ') ' . $new_themes . '<br/>' . $a['opis'] . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Подразделы не созданы!<br/>';
}
break;
case pod:
$r = my_int($_GET['r']);
$p = my_int($_GET['p']);
$empty_1 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' AND pid = '$r' LIMIT 1");
if (mysql_num_rows($empty_1) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
// информация о разделе
$i_rzd = mysql_fetch_assoc($empty_1);
// информация о подразделе
$i_pdf = mysql_fetch_assoc($empty_2);
##
$them = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_them` WHERE `rid` = '$i_pdf[id]'"), 0);
echo $div_title . $i_rzd['name'] . $div_end . $div_menu;
echo (!empty($_SESSION['us'])) ? '<img src="img/t.png" alt="*"/> <a href="add_them-'.$r.'-'.$p.'">Создать тему</a>' : '';
echo $block . '<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a> |
<a href="r-razdel-'.$r.'">
' . $i_rzd['name'] . '</a> |
<b>' . $i_pdf['name'] . '</b>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
// список тем
if ($them != FALSE) {
$num_th = (!empty($_SESSION['onp_themes'])) ? $user['onp_themes'] : 10;
$n = new navigator($them, $num_th, 'pod-'.$r.'-'.$p.'&');
$look = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id` AND `time` > '" . (time() - 86400) . "') AS t
FROM `f_them` WHERE `rid` = '$i_pdf[id]' ORDER BY `fix` DESC, `last` DESC {$n->limit}");
$dv = 0;
while($a = mysql_fetch_assoc($look)) {
// голосование в теме
if (!empty($a['quest'])) {
$cl = '<img src="img/v.png" alt="votes"/>';
}
// закрепленная тема
if ($a['fix'] == 1) {
$cl = '<img src="img/f.png" alt="fixed"/>';
}
// закрытая тема
if ($a['close'] == 1) {
$cl = '<img src="img/x.png" alt="closed"/>';
}
// обычная тема
if ($a['close'] == 0 && $a['fix'] == 0 && empty($a['quest'])) {
$cl = '<img src="img/t.png" alt="them"/>';
}
#######
$new_mess = (!empty($a['t'])) ? '<span style="color: #FF0000;">+' . $a['t'] . '</span>' : '';
// последний написавший
$luser = mysql_fetch_assoc(mysql_query("SELECT `user`, `time` FROM `f_message` WHERE `tid` = '$a[id]' ORDER BY `time` DESC LIMIT 1"));
$gmdate = (time() - 86400 < $luser['time'])
? gmdate('Gч. iмин. назад', (time() - $luser['time']))
: date('d-m-Y G:i', $luser['time']);
if ($luser['time'] != FALSE) $kogda = ($luser['user'] != 0 ? cvetnik($luser['user']) : '<span style="color:#FF3030;">[Система]</span>') . ' <small>(' . $gmdate . ')</small>';
else $kogda = '';
$authorTH = cvetnik($a['author']);
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="them-'.$r.'-'.$p.'-'.$a['id'].'&page='.$pg.'"><b>»</b></a>';
} else {
$st = '';
}
###############################
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo $cl . ' <a href="them-'.$r.'-'.$p.'-'.$a['id'].'"><b>' . $a['name'] . '</b></a> (' . $a['c'] . ')' . $new_mess . ' ' . $st . '<br/>' . date('d-m-Y H:i', $a['date']) . '<br/>Авт.' . $authorTH . ' / Посл.' . $kogda . $div_end;
#######
}
echo $n->navi();
}
else
{
echo 'Темы не созданы!<br/>';
}
break;
case them:
$t = my_int($_REQUEST['t']);
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_1 = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' AND `rid` = '$p' LIMIT 1");
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' AND `pid` = '$r' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_1) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
//////////////////////////////
// Запись "кто в теме"
if (isset($_SESSION['us']))
{
$InThem = mysql_query("SELECT `id` FROM `inthem` WHERE `who` = '$user[id]' AND `time` + '100' > '" . time() . "' LIMIT 1");
if (mysql_num_rows($InThem) == false && !empty($_SESSION['us']))
{
$rnd = mt_rand(10000000, 99999999);
mysql_query("INSERT INTO `inthem` SET `id` = '$rnd', `who` = '$user[id]', `uid` = '$t', `time` = '" . time() . "'");
}
elseif (mysql_num_rows($InThem) != false && !empty($_SESSION['us']))
{
mysql_query("UPDATE `inthem` SET `time` = '" . time() . "', `uid` = '$t' WHERE `who` = '$user[id]' LIMIT 1");
}
mysql_query("DELETE FROM `inthem` WHERE `time` + '100' < '" . time() . "'");
}
//////////////////////////////
// информация о теме
$i_th = mysql_fetch_assoc($empty_1);
// информация о разделе
$i_rzd = mysql_fetch_assoc(mysql_query("SELECT `id`, `name` FROM `f_razdel` WHERE `id` = '$r' LIMIT 1"));
// информация о подразделе
$i_pdf = mysql_fetch_assoc(mysql_query("SELECT `id`, `name` FROM `f_pod` WHERE `id` = '$p' LIMIT 1"));
$mes = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
//-------------------------------------------//
$sqlLenta = mysql_query("SELECT id FROM lenta WHERE user = '$user[id]' AND `read` = '1' AND type = 'comments' AND uid = 'forum$t'");
if (mysql_num_rows($sqlLenta) != false)
{
mysql_query("UPDATE lenta SET `read` = '0' WHERE user = '$user[id]' AND `read` = '1' AND type = 'comments' AND uid = 'forum$t'");
}
//-------------------------------------------//
// закрытие темы
if ($i_th['close'] == 1) {
$_cls_1 = 'open_them';
$_cls_2 = 'Открыть';
} else {
$_cls_1 = 'close_them';
$_cls_2 = 'Закрыть';
}
// фиксация темы
if ($i_th['fix'] == 0) {
$_fix_1 = 'fix_them';
$_fix_2 = 'Закрепить';
} else {
$_fix_1 = 'detach_them';
$_fix_2 = 'Открепить';
}
// апдейт темы
if ($user['level'] >= 3 && $user['level'] <= 5)
{
if (empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed .= ' | <a href="vote-'.$r.'-'.$p.'-'.$t.'">Доб. опрос</a>';
}
elseif (!empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed .= ' | <a href="edit_vote-'.$r.'-'.$p.'-'.$t.'">Изм. опрос</a> |
<a href="them-'.$r.'-'.$p.'-'.$t.'&delvote">Убр. опрос</a>';
}
$ed = '<a href="del_them-'.$r.'-'.$p.'-'.$t.'">Удалить</a> |
<a href="edit_them-'.$r.'-'.$p.'-'.$t.'">Изменить</a> |
<a href="'.$_fix_1.'-'.$r.'-'.$p.'-'.$t.'">' . $_fix_2 . '</a> |
<a href="'.$_cls_1.'-'.$r.'-'.$p.'-'.$t.'">' . $_cls_2 . '</a> |
<a href="move_them-'.$r.'-'.$p.'-'.$t.'">Переместить</a>' . $ed . ' |
<a href="../zakl-'.$t.'">В закладки</a><br/>';
}
elseif (empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed = '<a href="vote-'.$r.'-'.$p.'-'.$t.'">Доб. опрос</a> |
<a href="edit_them-'.$r.'-'.$p.'-'.$t.'">Изменить</a> |
<a href="'.$_cls_1.'-'.$r.'-'.$p.'-'.$t.'">' . $_cls_2 . '</a> |
<a href="../zakl-'.$t.'">В закладки</a><br/>';
}
elseif (!empty($i_th['quest']) && $i_th['author'] == $user['id'] && $i_th['close'] == 0)
{
$ed = '<a href="edit_vote-'.$r.'-'.$p.'-'.$t.'">Изм. опрос</a> |
<a href="them-'.$r.'-'.$p.'-'.$t.'&delvote">Убр. опрос</a> |
<a href="edit_them-'.$r.'-'.$p.'-'.$t.'">Изменить</a> |
<a href="'.$_cls_1.'-'.$r.'-'.$p.'-'.$t.'">' . $_cls_2 . '</a> |
<a href="../zakl-'.$t.'">В закладки</a><br/>';
}
elseif ($i_th['author'] == $user['id'] && $i_th['close'] == 1)
{
$ed = '<a href="'.$_cls_1.'-'.$r.'-'.$p.'-'.$t.'">' . $_cls_2 . '</a><br/>';
}
elseif ($i_th['author'] != $user['id'])
{
$ed = '<a href="../zakl-'.$t.'">В закладки</a><br/>';
}
// последнее редактирование
$redact = (!empty($i_th['whoedit']))
? '<small><span style="color: #999999;">^Изменено: <a href="/id'.$i_th['whoedit'].'">' . cvetnik($i_th['whoedit']) . '</span></small>'
: '';
// шапка
echo '<img src="img/up.png" alt="*"/> <a href="index.php"><span class="next">Форум</span></a> |
<a href="r-razdel-'.$i_rzd['id'].'"><span class="next">' . $i_rzd['name'] . '</span></a> |
<a href="pod-'.$i_rzd['id'].'-'.$i_pdf['id'].'"><span class="next">' . $i_pdf['name'] . '</span></a> |
<b>' . $i_th['name'] . '</b>' . $block . $ed . $redact;
// удаление голосования
if (isset($_GET['delvote'])) {
if ($i_th['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '',
`var1` = '',
`var2` = '',
`var3` = '',
`var4` = ''
WHERE `id` = '$t' LIMIT 1");
mysql_query("DELETE FROM `f_votes` WHERE `them` = '$t'");
header('Location: them-'.$r.'-'.$p.'-' . $t);
}
}
// голосовал ли пользователь?
$ResVote = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_votes` WHERE `them` = '$t' AND `user` = '$user[id]'"), 0);
// определения кол-во голосующих
function NumVote($variant, $tema = NULL)
{
return mysql_result(mysql_query("SELECT COUNT(id) FROM `f_votes` WHERE `var` = '$variant' AND `them` = '$tema'"), 0);
}
//---------------------------------------- Голосование ----------------------------------------//
if (isset($_GET['var'])) {
$var = my_int($_GET['var']);
if ($var < 1 || $var > 4) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
} elseif ($i_th['close'] == 1) {
err('Тема закрыта!');
} elseif ($ResVote != false) {
err('Вы уже голосовали в этой теме!');
} else {
mysql_query("INSERT INTO `f_votes` SET `user` = '$user[id]', `them` = '$t', `var` = '$var'");
header('Location: them-'.$r.'-'.$p.'-' . $t);
}
}
if (!isset($_GET['results']) && !empty($i_th['quest']) && $ResVote == 0) {
// если еще не голосовал
echo '<div class="widget">Вопрос: <b>' . $i_th['quest'] . '</b><br/>
1. '.(isset($_SESSION['us']) ? '<a href="vote-them-'.$r.'-'.$p.'-'.$t.'-1">' . $i_th['var1'] . '</a>' : $i_th['var1']) . $block . '
2. '.(isset($_SESSION['us']) ? '<a href="vote-them-'.$r.'-'.$p.'-'.$t.'-2">' . $i_th['var2'] . '</a>' : $i_th['var2']) . $block;
if (!empty($i_th['var3'])) echo '3. '.(isset($_SESSION['us']) ? '<a href="vote-them-'.$r.'-'.$p.'-'.$t.'-3">' . $i_th['var3'] . '</a>' : $i_th['var3']) . $block;
if (!empty($i_th['var4'])) echo '4. '.(isset($_SESSION['us']) ? '<a href="vote-them-'.$r.'-'.$p.'-'.$t.'-4">' . $i_th['var4'] . '</a>' : $i_th['var4']) . $block;
echo '<a href="them-'.$r.'-'.$p.'-'.$t.'&results">Результаты</a></div>';
//////////////////////
} elseif (isset($_GET['results']) || !empty($i_th['quest']) && $ResVote != 0) {
//////////////////////
// если уже голосовал или нажал на "результаты"
#################################
// вычисление процентов
if (!empty($i_th['var3']) && empty($i_th['var4'])) {
$common = NumVote(1, $t) + NumVote(2, $t) + NumVote(3, $t);
}
elseif (!empty($i_th['var3']) && !empty($i_th['var4'])) {
$common = NumVote(1, $t) + NumVote(2, $t) + NumVote(3, $t) + NumVote(4, $t);
}
else
{
$common = NumVote(1, $t) + NumVote(2, $t);
}
$prec_1 = @round(NumVote(1, $t) * 100 / $common);
$prec_2 = @round(NumVote(2, $t) * 100 / $common);
$prec_3 = @round(NumVote(3, $t) * 100 / $common);
$prec_4 = @round(NumVote(4, $t) * 100 / $common);
#################################
$colour_1 = ($prec_1 >= 50) ? '<div class="variant">' : '<div class="variant leader">';
$colour_2 = ($prec_2 >= 50) ? '<div class="variant">' : '<div class="variant leader">';
$colour_3 = ($prec_3 >= 50) ? '<div class="variant">' : '<div class="variant leader">';
$colour_4 = ($prec_4 >= 50) ? '<div class="variant">' : '<div class="variant leader">';
echo '<div class="widget">Вопрос: <b>' . $i_th['quest'] . '</b>' . $colour_1 . '
1. <span>' . $i_th['var1'] . '</span>
<span class="small percentage">' . $prec_1 . '% <a href="w-whovote-'.$r.'-'.$p.'-'.$t.'-1">(' . NumVote(1, $t) . ')</a></span>
<div class="progress" style="width: ' . $prec_1 . '%; min-width: 5px"></div></div>
' . $block . $colour_2 . '
2. <span>' . $i_th['var2'] . '</span>
<span class="small percentage">' . $prec_2 . '% <a href="w-whovote-'.$r.'-'.$p.'-'.$t.'-2">(' . NumVote(2, $t) . ')</a></span>
<div class="progress" style="width: ' . $prec_2 . '%; min-width: 5px"></div></div>
'. $block;
if (!empty($i_th['var3'])) echo $colour_3 . '3. <span>' . $i_th['var3'] . '</span>
<span class="small percentage">' . $prec_3 . '% <a href="w-whovote-'.$r.'-'.$p.'-'.$t.'-3">(' . NumVote(3, $t) . ')</a></span>
<div class="progress" style="width: ' . $prec_3 . '%; min-width: 5px"></div></div>
' . $block;
if (!empty($i_th['var4'])) echo $colour_4 . '4. <span>' . $i_th['var4'] . '</span>
<span class="small percentage">' . $prec_4 . '% <a href="w-whovote-'.$r.'-'.$p.'-'.$t.'-4">(' . NumVote(4, $t) . ')</a></span>
<div class="progress" style="width: ' . $prec_4 . '%; min-width: 5px"></div></div>
' . $block;
echo '</div>';
if ($ResVote == 0) echo '<a href="them-'.$r.'-'.$p.'-'.$t.'">Голосовать</a>' . $div_end;
}
//---------------------------------------- Голосование ----------------------------------------//
// запись сообщения
if (isset($_POST['add']))
{
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
if (empty($_SESSION['us'])) {
header('Location: /reg.php');
die();
}
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
if (empty($msg)) {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
} else {
$mylastpost = mysql_query("SELECT time FROM f_message WHERE user = '$user[id]' AND time + '10' > '" . time() . "' LIMIT 1");
if (mysql_num_rows($mylastpost) != false)
{
err('Вы не можете так часто оставлять сообщения!');
include '../system/foot.php';
exit();
}
$_up = (isset($_POST['up'])) ? my_int($_POST['up']) : NULL;
$_act = (isset($_POST['act'])) ? my_int($_POST['act']) : NULL;
if ($_up == 1) {
$inansw = (mb_strlen($msg, 'UTF8') > 50)
? mb_substr($msg, 0, 50, 'UTF8') . '...'
: $msg;
echo $block . 'Сообщение: ' . smiles(bb_code($inansw)) . $block . '
<form ENCTYPE="multipart/form-data" action="?" method="post">
<label>Выбрать файл:</label><br/>
<input name="object" type="file"/>
<br/>
<label>Импорт файла:</label><br/>
<input type="text" name="url" value="http://"/>
<br/>
<input type="radio" name="upl" checked value="1"/> Обычная загрузка
<input type="radio" name="upl" value="2"/> Импорт
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="act" value="1"/>
<input type="hidden" name="msg" value="' . str_replace('<br />', "n", $msg) . '"/>
<input type="submit" name="add" value="Прикрепить"/>
</form>';
include '../system/foot.php';
exit();
}
if ($_act == 1) {
$upl = my_int($_POST['upl']);
if (isset($_POST['url'])) $url = htmlentities($_POST['url']);
if ($upl == 1)
{
$FileName = $_FILES['object']['name'];
$FileSize = $_FILES['object']['size'];
// если тема закрыта
if ($i_th['close'] == 1) {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
$GetExt = array('.bmp',
'.gif',
'.jpeg',
'.jpg',
'.png',
'.amr',
'.mp3',
'.pdf',
'.swf',
'.txt',
'.zip',
'.txt',
'.rar',
'.tar',
'.gz',
'.gzip');
$ext = strtolower(strrchr($_FILES['object']['name'], '.'));
if (empty($FileName)) $err .= 'Не выбран файл!';
elseif (!preg_match('#([a-z0-9-_]{1,32})#i', $FileName)) $err .= 'Не правильное имя файла!';
elseif ($FileSize > 1024 * 2 * 1024) $err .= 'Размер файла более 2 Мб!';
elseif (preg_match('/(.php|.pl|.htaccess)/i', $FileName) || !in_array($ext, $GetExt)) $err .= 'Запрещенный формат файла!';
if (!empty($err)) {
err($err);
} else {
$name = $site . '_' . mt_rand(100000, 9999999) . $ext;
copy($_FILES['object']['tmp_name'], 'upload/' . $name);
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
// запись в базу
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$i_pdf[id]',
`user` = '$user[id]',
`msg` = '$msg',
`path` = '$name',
`time` = '" . time() . "'");
if (mb_strlen($msg, 'UTF8') > 10) mysql_query("UPDATE users SET activity_next = activity_next + '1' WHERE id = '$user[id]' LIMIT 1");
if ($user['activity_next'] == 5) {
mysql_query("UPDATE users SET activity = activity + '0.01', activity_next = '0' WHERE id = '$user[id]' LIMIT 1");
}
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
// Лента
if (user_inf($i_th['author'], 'annun') == 1 && user_inf($i_th['author'], 'comm_forum') == 1 && $user['id'] != $i_th['author'])
{
$inlenta = (mb_strlen($msg, 'UTF8') > 50)
? mb_substr($msg, 0, 50, 'UTF8') . '...'
: $msg;
$message = cvetnik($user['id']) . ' оставил сообщение ' . bb_code($inlenta) . ' в вашей теме <a href="/forum/them-'.$r.'-'.$p.'-'.$t.$st.'">' . $i_th['name'] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$i_th[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`uid` = 'forum$t',
`read` = '1'");
}
header('Location: them-'.$r.'-'.$p.'-' . $t . $st . '#down');
}
} elseif ($upl == 2) {
$file = getWithOutPath($url);
$format = strtolower(strrchr($file, '.'));
// если тема закрыта
if ($i_th['close'] == 1) {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
$GetExt = array('.bmp',
'.gif',
'.jpeg',
'.jpg',
'.png',
'.amr',
'.mp3',
'.pdf',
'.swf',
'.txt',
'.zip',
'.txt',
'.rar',
'.tar',
'.gz',
'.gzip',
'.cab');
$f = @fopen($url, 'r');
while($c = @fread($f, 1024)) $filedata .= $c;
if (!$f) $err .= 'Ошибка импортирования файла!';
elseif (preg_match('/(.php|.pl|.htaccess)/i', $file) || !in_array($format, $GetExt)) $err .= 'Запрещенный формат файла!';
elseif (strlen($filedata) > (1024 * 2 * 1024)) $err .= 'Размер файла более 2 Мб!';
if (!empty($err)) {
err($err);
} else {
$name = mt_rand(100000, 9999999) . $file;
copy($url, 'upload/' . $name);
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
// запись в базу
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$i_pdf[id]',
`user` = '$user[id]',
`msg` = '$msg',
`path` = '$name',
`time` = '" . time() . "'");
if (mb_strlen($msg, 'UTF8') > 10) mysql_query("UPDATE users SET activity_next = activity_next + '1' WHERE id = '$user[id]' LIMIT 1");
if ($user['activity_next'] == 5) {
mysql_query("UPDATE users SET activity = activity + '0.01', activity_next = '0' WHERE id = '$user[id]' LIMIT 1");
}
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
// Лента
if (user_inf($i_th['author'], 'annun') == 1 && user_inf($i_th['author'], 'comm_forum') == 1 && $user['id'] != $i_th['author']) {
$inlenta = (mb_strlen($msg, 'UTF8') > 50)
? mb_substr($msg, 0, 50, 'UTF8') . '...'
: $msg;
$message = cvetnik($user['id']) . ' оставил сообщение ' . bb_code($inlenta) . ' в вашей теме <a href="/forum/them-'.$r.'-'.$p.'-'.$t.$st.'">' . $i_th['name'] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$i_th[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`uid` = 'forum$t',
`read` = '1'");
}
header('Location: them-'.$r.'-'.$p.'-' . $t . $st . '#down');
}
}
} else {
// если тема закрыта
if ($i_th['close'] == 1) {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
// запись в базу
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$i_pdf[id]',
`user` = '$user[id]',
`msg` = '$msg',
`time` = '" . time() . "'");
if (mb_strlen($msg, 'UTF8') > 10) mysql_query("UPDATE users SET activity_next = activity_next + '1' WHERE id = '$user[id]' LIMIT 1");
if ($user['activity_next'] == 5) {
mysql_query("UPDATE users SET activity = activity + '0.01', activity_next = '0' WHERE id = '$user[id]' LIMIT 1");
}
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
if (user_inf(my_int($_POST['adr']), 'comm_forum') == 1 && $user['id'] != my_int($_POST['adr'])) {
$pregMsg = preg_replace('/[b]Ответ:(.*)[/b],(.*)/isu', '2', $msg);
$inlenta = (mb_strlen($pregMsg, 'UTF8') > 50)
? mb_substr($pregMsg, 0, 50, 'UTF8') . '...'
: $pregMsg;
$message = cvetnik($user['id']) . ' ответил: ' . bb_code($inlenta) . '<br/> на ваш комментарий в теме <a href="forum/them-'.$r.'-'.$p.'-'.$t.$st.'">' . $i_th['name'] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . my_int($_POST['adr']) . "',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`uid` = 'forum$t',
`read` = '1'");
}
// Лента
elseif (user_inf($i_th['author'], 'annun') == 1 && user_inf($i_th['author'], 'comm_forum') == 1 && $user['id'] != $i_th['author']) {
$inlenta = (mb_strlen($msg, 'UTF8') > 50)
? mb_substr($msg, 0, 50, 'UTF8') . '...'
: $msg;
$message = cvetnik($user['id']) . ' оставил сообщение ' . bb_code($inlenta) . ' в вашей теме <a href="/forum/them-'.$r.'-'.$p.'-'.$t.$st.'">' . $i_th['name'] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$i_th[author]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`uid` = 'forum$t',
`read` = '1'");
}
header('Location: them-'.$r.'-'.$p.'-' . $t . $st . '#down');
}
}
}
// удаление поста
if (isset($_GET['d']))
{
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
$d = my_int($_GET['d']);
$pst = mysql_query("SELECT * FROM `f_message` WHERE `id` = '$d' LIMIT 1");
$i = mysql_fetch_assoc($pst);
if (user_inf($i['user'], 'activity_next') <= 4)
{
mysql_query("UPDATE users SET activity_next = activity_next - '1' WHERE id = '$i[user]' LIMIT 1");
}
if ($user['id'] != $i['user'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
die();
}
if ($i['user'] == $user['id'] && $user['level'] < 3 && $i['time'] + 500 < time())
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
if ($i_th['close'] == 1) {
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
die();
}
if (mysql_num_rows($pst) == FALSE) {
err('Ошибка!');
} else {
// удаление файла из поста
if (file_exists('upload/' . $i['path'])) unlink('upload/' . $i['path']);
mysql_query("DELETE FROM `f_message` WHERE `id` = '$d' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
}
}
// удаление файла
if (isset($_GET['df'])) {
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
$df = my_int($_GET['df']);
$em = mysql_query("SELECT path, user FROM `f_message` WHERE `id` = '$df' LIMIT 1");
$i = mysql_fetch_assoc($em);
if ($user['id'] != $i['user'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
die();
}
if ($i_th['close'] == 1) {
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
die();
}
if (mysql_num_rows($em) != FALSE) {
if (file_exists('upload/' . $i['path'])) unlink('upload/' . $i['path']);
mysql_query("UPDATE `f_message` SET `path` = '' WHERE `id` = '$df' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-'.$t . $st);
} else {
err('Ошибка!');
}
}
// список сообщений
if ($mes != FALSE) {
$n = new navigator($mes, 10, 'them-'.$r.'-'.$p.'-'.$t.'&');
$look = mysql_query("SELECT `f_message`.*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = '$t') AS c
FROM `f_message` WHERE `tid` = '$t' ORDER BY `id` ASC {$n->limit}");
$dv = 0;
$cols = 0;
echo '<form method="post" action="them-'.$r.'-'.$p.'-'.$t.'">';
while($a = mysql_fetch_assoc($look)) {
++$cols;
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = '&page=' . $pg;
$thispage = '&page='.$n->page.'';
} else {
$st = '';
}
###############################
if ($a['user'] == $user['id']):
$fpost = ' <span style="color: #a6c3dd;">(' . forumPost($user['id']) . ')</span>';
elseif ($a['user'] != $user['id']):
$fpost = ' <span style="color: #a6c3dd;">(' . forumPost($a['user']) . ')</span>';
endif;
######################################
if (user_inf($a['user'], 'onl') + 300 > time()) $online = ' <img src="/ico/on.png" alt="on"/>';
else $online = ' <img src="/ico/off.png" alt="off"/>';
if ($user['id'] != $a['user'] && $a['user'] != 0 && $i_th['close'] == 0 && !empty($_SESSION['us']))
{
$_ank = ' <a href="o-them-'.$r.'-'.$p.'-'.$t.'-'.$a['user'].$thispage.'#down">[Отв]</a>';
} else $_ank = '';
######################################
//---------------------------//
if ($user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
$upr = '<br/><a href="d-them-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].'">[Уд]</a>
<a href="e-izm-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].$thispage.'">[Изм]</a>';
if ($a['user'] != 0 && $user['id'] != $a['user']) $upr .= '
<a href="c-cit-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].'-'.($num + 1).'">[Цит]</a>';
}
//---------------------------//
elseif ($a['user'] != 0 && $user['level'] < 3 && $i_th['close'] == 0 && !empty($_SESSION['us'])) {
if ($a['user'] == $user['id'] && $a['time'] + 500 > time()) $upr = '<br/><a href="e-izm-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].$thispage.'">[Изм]</a>';
if ($a['user'] == $user['id'] && $a['time'] + 500 > time()) $upr .= '<a href="d-them-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].'">[Уд]</a>';
if ($user['id'] != $a['user']) $upr = '<br/><a href="c-cit-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].'-'.($num + 1).'">[Цит]</a>';
}
//---------------------------//
elseif ($i_th['close'] == 1 && !empty($_SESSION['us'])) {
$upr = '';
}
//---------------------------//
// Определение лучшего / худшего ответа
$noBest = mysql_query("SELECT id FROM f_message WHERE best = '1' AND tid = '$t' LIMIT 1");
$noWorse = mysql_query("SELECT id FROM f_message WHERE worse = '1' AND tid = '$t' LIMIT 1");
if (isset($_GET['best']))
{
//----------------------------------//
if ($user['id'] == $i_th['author'] && $i_th['close'] == 0 && $a['best'] == 0 && $a['worse'] == 0 && mysql_num_rows($noBest) == 0 && $a['user'] != $user['id'] && $a['best'] == 0 && $a['worse'] == 0 && $a['user'] != 0)
{
//----------------------------------//
$best = my_int($_GET['best']);
$sqlP = mysql_query("SELECT id, user FROM f_message WHERE id = '$best' LIMIT 1");
$isP = mysql_fetch_assoc($sqlP);
if (mysql_num_rows($sqlP) == false)
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
elseif ($isP['user'] == $user['id'])
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
elseif ($a['best'] != 0)
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
else
{
mysql_query("UPDATE f_message SET best = '1' WHERE id = '$best' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
} else {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
}
if (isset($_GET['worse']))
{
//----------------------------------//
if ($user['id'] == $i_th['author'] && $i_th['close'] == 0 && $a['best'] == 0 && $a['worse'] == 0 && mysql_num_rows($noWorse) == 0 && $a['user'] != $user['id'] && $a['best'] == 0 && $a['worse'] == 0 && $a['user'] != 0)
{
//----------------------------------//
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
$worse = my_int($_GET['worse']);
$sqlP = mysql_query("SELECT id, user FROM f_message WHERE id = '$worse' LIMIT 1");
$isP = mysql_fetch_assoc($sqlP);
if (mysql_num_rows($sqlP) == false)
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
elseif ($isP['user'] == $user['id'])
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
elseif ($a['worse'] != 0)
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
else
{
mysql_query("UPDATE f_message SET worse = '1' WHERE id = '$worse' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
} else {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
}
if ($user['id'] == $i_th['author'] && $i_th['close'] == 0 && mysql_num_rows($noBest) == 0 && $a['user'] != $user['id'] && $a['best'] == 0 && $a['worse'] == 0 && $a['user'] != 0)
{
$answerB = '<a href="best-them-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].$thispage.'"><span style="color:#00AA00;"> <img src="/ico/plus.png" alt="+"/></span></a>';
}
else
{
$answerB = '';
}
if ($user['id'] == $i_th['author'] && $i_th['close'] == 0 && mysql_num_rows($noWorse) == 0 && $a['user'] != $user['id'] && $a['best'] == 0 && $a['worse'] == 0 && $a['user'] != 0)
{
$answerW = '<a href="worse-them-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].$thispage.'"><span style="color:#FF3030;"> <img src="/ico/minus.png" alt="-"/></span></a>';
}
else
{
$answerW = '';
}
if (!empty($a['path']))
{
if (!isset($_SESSION['us']))
{
$_path = '<span style="color: #0080A0;">Файл:</span> Ссылка доступна только авторизированным';
}
else
{
$Size = filesize('upload/' . $a['path']);
$Size = get_size($Size);
$frm = strtolower(strrchr($a['path'], '.'));
$_path = '<span style="color: #0080A0;">Файл:</span>
' . ($frm == '.jpg' || $frm == '.gif' || $frm == '.png' ? '<img src="../resize.php?img=forum/upload/'.$a['path'].'&width=25&height=0" alt=""/>' : '') . '
<a href="upload/'.$a['path'].'">' . $a['path'] . '</a>
<span style="color: #0080A0;">(' . $Size . ')</span>';
}
}
else
{
$_path = '';
}
$d_file = ($user['id'] == $a['user'] && $i_th['close'] == 0 && !empty($a['path']) || $user['level'] >= 3 && $user['level'] <= 5 && $i_th['close'] == 0 && !empty($a['path']))
? '<br/><a href="df-them-'.$r.'-'.$p.'-'.$t.'-'.$a['id'].'">[Удалить файл]</a>'
: '';
$_edt = (!empty($a['whoedit']))
?
'<small><span style="color: #999999;">^Изменено: ' . cvetnik($a['whoedit']) . '</span></small>'
:
'';
$auTH = ($i_th['author'] == $a['user']) ? '<span style="color: #f3a55b;">[автор]</span>' : '';
#################################
if ($a['best'] != 0) $selPost = ' <b span style="color:#00FF00;">Лучший ответ</b>';
elseif ($a['worse'] != 0) $selPost = ' <b span style="color:#ff3030;">Худший ответ</b>';
else $selPost = '';
#################################
$num = ($n->start + $cols);
$fpost = ($a['user'] != 0) ? $fpost : '';
$online = ($a['user'] != 0) ? $online : '';
if (isset($_GET['full']) && abs($_GET['full']) == $a['id'] && mb_strlen($a['msg'], 'UTF8') > 400 && $a['user'] != 0)
{
echo '<a name="expand'.$a['id'].'"></a>';
$subMsg = $a['msg'] . '<br/><a href="them-'.$r.'-'.$p.'-'.$t.$thispage.'#turn'.$a['id'].'"><span class="next">«Свернуть</span></a>';
}
elseif (!isset($_GET['full']) && mb_strlen($a['msg'], 'UTF8') > 400 && $a['user'] != 0 || abs($_GET['full']) != $a['id'] && mb_strlen($a['msg'], 'UTF8') > 400 && $a['user'] != 0)
{
echo '<a name="turn'.$a['id'].'"></a>';
$subMsg = mb_substr($a['msg'], 0, 400, 'UTF8') . '...<br/><a href="them-'.$r.'-'.$p.'-'.$t.'&full='.$a['id'].$thispage.'#expand'.$a['id'].'"><span class="next">Прочесть полностью»</span></a>';
}
else
{
$subMsg = $a['msg'];
}
$nosys = ($a['user'] == 0) ? '<span style="color: #FF3030;">[Система]</span>' : us($a['user']);
if ($user['level'] == 4 && $i_th['close'] == 0 || $user['level'] == 5 && $i_th['close'] == 0)
{
$chb = '<input type="checkbox" name="chbdel[]" value="'.$a['id'].'"/>';
}
echo $div_razdel . $chb . '#' . $num . '. ' . $nosys . $fpost . $online . $auTH . $_ank . $answerB . $answerW . $selPost . '</a>' . $block . '(' . itime($a['time'], 0) . ')' . ($a['user'] != 0 ? $upr : NULL) . $div_end . $div_tworazdel . smiles(bb_code($subMsg)) . $div_end . $_path . $d_file . $_edt . '<br/>';
#######
}
if ($user['level'] == 4 && $i_th['close'] == 0 || $user['level'] == 5 && $i_th['close'] == 0)
{
echo '<input type="submit" name="FormDel" value="Удалить отмеченные"/>
</form>';
}
echo $n->navi();
}
else
{
echo 'Сообщений в этой теме нет.<br/>';
}
// ответ на пост
if ($i_th['close'] == 0) {
if (isset($_GET['k']) && user_inf($_GET['k']))
{
$k = my_int($_GET['k']);
$komu = htmlspecialchars('[b]Ответ: ' . user_inf($k, 'user') . '[/b], ');
}
if (isset($_POST['FormDel']))
{
if ($user['level'] < 4)
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
if (empty($_POST['chbdel'])) {
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
else
{
foreach($_POST['chbdel'] as $value)
{
mysql_query("DELETE FROM `f_message` WHERE `id` = '$value'");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
}
}
if (isset($_SESSION['us']))
{
$countAtt = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE path LIKE 'koderam%' AND tid = '$t'"), 0);
echo '<a name="down"></a>
<form action="them-'.$r.'-'.$p.'-' . $t . $st.'" method="post" name="form">
' . $block . '
<label>Сообщение:</label>
<br/>
<textarea name="msg" cols="50" rows="5" id="msg" style="width: 99%;">' . $komu . '</textarea>
' . quickpaste('msg') . quickcode() . '
<br/>
<input type="checkbox" name="up" value="1"/> Прикрепить файл<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="adr" value="' . my_int($k) . '"/>
<input type="submit" name="add" value="Написать"/>
</form>
» <a href="save-'.$t.'">Скачать тему</a><br/>
» <a href="attachments-'.$r.'-'.$p.'-'.$t.'">Вложения (' . $countAtt . ')</a><br/>';
}
} else {
echo $div_title . 'Тема закрыта!' . $div_end;
}
$CountInThem = mysql_result(mysql_query("SELECT COUNT(id) FROM inthem WHERE uid = '$t' AND time + '100' > '" . time() . "'"), 0);
echo '« <a href="pod-'.$r.'-'.$p.'">Назад</a>
<br/>
» <a href="who-'.$r.'-'.$p.'-'.$t.'">Кто в теме (' . $CountInThem . ')</a>';
//__________________ПОХОЖИЕ_ТЕМЫ____________________//
$words = preg_split('/s+/siu', $i_th['name']);
$max = mb_strlen($words[0], 'UTF8');
$nam = $words[0];
$max2 = mb_strlen($words[0], 'UTF8');
$nam2 = $words[0];
for($i = 1; $i < sizeof($words); ++$i)
{
$len = mb_strlen($words[$i], 'UTF8');
if ($len >= $max)
{
$nam = $words[$i];
}
}
for($i = 1; $i < sizeof($words); ++$i)
{
$len = mb_strlen($words[$i], 'UTF8');
if ($len <= $max2)
{
$nam2 = $words[$i];
}
}
$sLength = mysql_query("SELECT f_them .* FROM f_them WHERE name LIKE '%$nam%' AND id != '$t' OR name LIKE '%$nam2%' AND id != '$t' ORDER BY CHAR_LENGTH(name) LIMIT 3");
if (mysql_num_rows($sLength) != false)
{
echo $block . '<b>Похожие темы:</b>' . $div_razdel;
while($downF = mysql_fetch_assoc($sLength))
{
echo '• <a href="them-'.$downF['razdel_id'].'-'.$downF['rid'].'-'.$downF['id'].'">' . $downF['name'] . '</a><br/>';
}
echo $div_end;
}
//_________________________________________________//
break;
/*
* Вложения
*/
case attachments:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$countAtt = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE path LIKE 'koderam%' AND tid = '$t'"), 0);
if ($countAtt != 0)
{
$n = new navigator($countAtt, 10, 'attachment-'.$r.'-'.$p.'-'.$t.'&');
$s = mysql_query("SELECT path FROM f_message WHERE path LIKE 'koderam%' AND tid = '$t' ORDER BY id DESC {$n->limit}");
while($i = mysql_fetch_assoc($s))
{
$size = filesize('upload/' . $i['path']);
$size = get_size($size);
echo '<a href="upload/'.$i['path'].'">' . $i['path'] . '</a> (' . $size . ')<br/>';
}
echo $n->navi();
}
else
{
echo 'Вложений нет.';
}
echo '« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
break;
/*
* Голосование
*/
case vote:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$sql = mysql_query("SELECT `author` FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
} elseif (!empty($inf['vote'])) {
err('Опрос уже создан!');
} else {
if (isset($_POST['create'])) {
$quest = trim(mysql_real_escape_string(check($_POST['quest'])));
$v1 = trim(mysql_real_escape_string(check($_POST['var'][0])));
$v2 = trim(mysql_real_escape_string(check($_POST['var'][1])));
$v3 = trim(mysql_real_escape_string(check($_POST['var'][2])));
$v4 = trim(mysql_real_escape_string(check($_POST['var'][3])));
if (empty($quest)) {
err('Вопрос не может быть пустым!');
} elseif (empty($v1) && empty($v2)) {
err('Должно быть хотя бы 2 первых варианта!');
} elseif (count(array_unique($_POST['var'])) < 4 && !empty($v3) && !empty($v4)) {
err('Варианты не должны совпадать!');
} elseif (count(array_unique($_POST['var'])) <= 2 && empty($v3) && empty($v4)) {
err('Варианты не должны совпадать!');
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '$quest',
`var1` = '$v1',
`var2` = '$v2',
`var3` = '$v3',
`var4` = '$v4'
WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t);
}
}
echo $div_title . 'Добавить опрос' . $div_end;
echo '<form method="post" action="vote-'.$r.'-'.$p.'-'.$t.'">
<label>Вопрос:</label><br/>
<textarea name="quest" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<label>Вариант #1:</label><br/>
<input type="text" name="var[]"/>
<br/>
<label>Вариант #2:</label><br/>
<input type="text" name="var[]"/>
<br/>
<label>Вариант #3:(необязательно)</label><br/>
<input type="text" name="var[]"/>
<br/>
<label>Вариант #4:(необязательно)</label><br/>
<input type="text" name="var[]"/>
<br/>
<input type="submit" name="create" value="Добавить"/>
</form>';
}
echo '« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
break;
/*
* Изменение голосования
*/
case edit_vote:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
$sql = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if (empty($inf['quest'])) {
err('Опрос еще не создан чтобы его редактировать!');
include '../system/foot.php';
exit();
}
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
} else {
if (isset($_POST['create'])) {
$quest = trim(mysql_real_escape_string(check($_POST['quest'])));
$var1 = trim(mysql_real_escape_string(check($_POST['var1'])));
$var2 = trim(mysql_real_escape_string(check($_POST['var2'])));
$var3 = trim(mysql_real_escape_string(check($_POST['var3'])));
$var4 = trim(mysql_real_escape_string(check($_POST['var4'])));
if (empty($quest)) {
err('Вопрос не может быть пустым!');
} elseif (empty($var1) && empty($var2)) {
err('Должно быть хотя бы 2 первых варианта!');
} else {
mysql_query("UPDATE `f_them` SET
`quest` = '$quest',
`var1` = '$var1',
`var2` = '$var2',
`var3` = '$var3',
`var4` = '$var4'
WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t);
}
}
echo $div_title . 'Добавить опрос' . $div_end;
echo '<form method="post" action="vote-'.$r.'-'.$p.'-'.$t.'">
<label>Вопрос</label>:<br/>
<textarea name="quest" cols="50" rows="5" style="width: 99%;">' . $inf['quest'] . '</textarea>
<br/>
<label>Вариант #1:</label><br/>
<input type="text" name="var1" value="' . $inf['var'] . '"/>
<br/>
<label>Вариант #2:</label><br/>
<input type="text" name="var2" value="' . $inf['var2'] . '"/>
<br/>
<label>Вариант #3: (необязательно)</label><br/>
<input type="text" name="var3" value="' . $inf['var3'] . '"/>
<br/>
<label>Вариант #4: (необязательно)</label><br/>
<input type="text" name="var4" value="' . $inf['var4'] . '"/>
<br/>
<input type="submit" name="create" value="Добавить"/>
</form>';
}
echo '« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
break;
case whovote:
$p = my_int($_GET['p']);
$r = my_int($_GET['r']);
$t = my_int($_GET['t']);
$v = my_int($_GET['v']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
$sql = mysql_query("SELECT quest FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if (empty($inf['quest'])) {
err('В этой теме нет опроса!');
include '../system/foot.php';
exit();
}
if ($v < 1 || $v > 4)
{
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
}
$res = mysql_result(mysql_query("SELECT COUNT(id) FROM f_votes WHERE them = '$t' AND var = '$v'"), 0);
if ($res != 0)
{
$n = new navigator($res, 10, 'whovotes-'.$r.'-'.$p.'-'.$t.'-'.$v.'&');
$Res = mysql_query("SELECT * FROM f_votes WHERE them = '$t' AND var = '$v' ORDER BY id DESC {$n->limit}");
$i = 0;
while($inRes = mysql_fetch_assoc($Res))
{
echo ($i ++ % 2) ? $div_razdel : $div_tworazdel;
echo us($inRes['user']) . $div_end;
}
echo $n->navi();
} else {
echo 'За этот вариант никто не голосовал.<br/>';
}
echo '« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
break;
/*
* Цитирование
*/
case cit:
if (empty($_SESSION['us'])) {
header('Location: /reg.php');
die();
}
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$c = my_int($_REQUEST['c']);
$num = my_int($_GET['num']);
###############################
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
$empty_2 = mysql_query("SELECT id, name FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id, name FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_2) == FALSE)
{
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE)
{
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$em = mysql_query("SELECT id, msg, user FROM `f_message` WHERE `id` = '$c' AND `tid` = '$t' LIMIT 1");
$emt = mysql_query("SELECT close, name FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$i = mysql_fetch_assoc($em);
$ii = mysql_fetch_assoc($emt);
if ($i['user'] == 0 && !isset($_POST['ok']) || $i['user'] == $user['id'] && !isset($_POST['ok']))
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
die();
}
if ($ii['close'] == 1) {
err('Тема закрыта!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($em) == FALSE || mysql_num_rows($emt) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (isset($_POST['ok'])) {
$mylastpost = mysql_query("SELECT time FROM f_message WHERE user = '$user[id]' AND time + '10' > '" . time() . "' LIMIT 1");
if (mysql_num_rows($mylastpost) != false)
{
err('Вы не можете так часто оставлять сообщения!');
include '../system/foot.php';
exit();
}
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
$m = mysql_fetch_array(mysql_query("SELECT `user`, `msg`
FROM `f_message`
WHERE
`id` = '" . my_int($_POST['c']) . "'
AND
`tid` = '" . my_int($_POST['t']) . "'
LIMIT 1"));
// урезаем див цитаты
$m[1] = preg_replace('/[q](.*)[/q](.*)/ui', '2', $m[1]);
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg)) {
$msg = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
if (!empty($msg)) {
// Лента
if (user_inf($m['user'], 'comm_forum') == 1 && $user['id'] != $m['user'])
{
$inlenta = (mb_strlen($m[1], 'UTF8') > 50)
? mb_substr($m[1], 0, 50, 'UTF8') . '...'
: $m[1];
$message = cvetnik($user['id']) . ' процитировал ваш комментарий: ' . bb_code($inlenta) . '<br/> в теме <a href="forum/them-'.$r.'-'.$p.'-'.$t.$st.'">' . $ii['name'] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$m[user]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`uid` = 'forum$t',
`read` = '1'");
}
$cont = (mb_strlen($m[1], 'UTF8') > 100)
? mb_substr($m[1], 0, 100, 'UTF8') . '...'
: $m[1];
$mess = '[q]#' . $num . '. ' . user_inf($m[0], 'user') . ': ' . $cont . '[/q]' . $msg;
mysql_query("INSERT INTO `f_message` SET `tid` = '$t', `podforum` = '$p', `user` = '$user[id]', `msg` = '$mess', `time` = '" . time() . "'");
if (mb_strlen($msg, 'UTF8') > 10) mysql_query("UPDATE users SET activity_next = activity_next + '1' WHERE id = '$user[id]' LIMIT 1");
if ($user['activity_next'] == 5)
{
mysql_query("UPDATE users SET activity = activity + '0.01', activity_next = '0' WHERE id = '$user[id]' LIMIT 1");
}
// апдейт времени последней темы
mysql_query("UPDATE `f_them` SET `last` = '" . time() . "' WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
else
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
}
$imsg = preg_replace('/[q](.*)[/q](.*)/ui', '2', $i['msg']);
// Обрезка длинного сообщения
$cont = (mb_strlen($imsg, 'UTF8') > 100)
? mb_substr($imsg, 0, 100, 'UTF8') . '...'
: $imsg;
$i_rzd = mysql_fetch_assoc($empty_3);
$i_pdf = mysql_fetch_assoc($empty_2);
$cont = preg_replace('/[url=htt(p|ps)://(.*)](.*)[/url]/siu', '3', $cont);
echo $div_title . 'Цитирование' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a> |
<a href="r-razdel-'.$i_rzd['id'].'">' . $i_rzd['name'] . '</a> |
<a href="pod-'.$i_rzd['id'].'-'.$i_pdf['id'].'">' . $i_pdf['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>
' . $div_end . '
<form method="post" action="?" name="form">
<div class="quote">#' . $num . '. ' . user_inf($i['user'], 'user') . ': ' . $cont . '</div>
<textarea name="msg" cols="50" id="msg" rows="5" style="width: 99%;"></textarea>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="c" value="' . $c . '"/>
<input type="submit" name="ok" value="Цитировать"/>
</form>
« <a href="them-'.$r.'-'.$p.'-'.$t.$st.'">Назад</a>';
break;
/*
* Изменение поста
*/
case izm:
if (empty($_SESSION['us']))
{
header('Location: /reg.php');
die();
}
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$thispage = isset($_GET['page']) ? '&page=' . my_int($_GET['page']) : NULL;
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$t = my_int($_REQUEST['t']);
$e = my_int($_GET['e']);
$em = mysql_query("SELECT * FROM `f_message` WHERE `id` = '$e' AND `tid` = '$t' LIMIT 1");
$emt = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$i = mysql_fetch_assoc($em);
$ii = mysql_fetch_assoc($emt);
if ($i['user'] != $user['id'] && $user['level'] < 3 && !isset($_POST['ok']))
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $thispage);
die();
}
if ($i['user'] == $user['id'] && $user['level'] < 3 && $i['time'] + 500 < time() && !isset($_POST['ok']))
{
header('Location: them-'.$r.'-'.$p.'-' . $t . $thispage);
die();
}
if ($ii['close'] == 1) {
err('Тема закрыта!');
include '../system/foot.php';
exit();
}
if (isset($_POST['ok'])) {
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1 && filesize($_SERVER['DOCUMENT_ROOT'] . '/domains.dat') > 0) {
$ex = explode(',', file_get_contents('../domains.dat'));
foreach($ex as $value)
{
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $msg))
{
$msg = preg_replace("/(ws|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $msg);
}
}
}
// транслит
if ($user['translit'] == 1) {
$msg = trun_to_rus($msg);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$msg = ($ant[0] == 1) ? mat($msg) : $msg;
$msg = trim(mysql_real_escape_string(check($_POST['msg'])));
$_em = mysql_query("SELECT * FROM `f_message` WHERE `id` = '".my_int($_POST['e'])."' AND `tid` = '".my_int($_POST['t'])."' LIMIT 1");
$_i = mysql_fetch_assoc($_em);
###############################
$num_post = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `tid` = '$t'"), 0);
if ($num_post > 10) {
$pg = ceil($num_post / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_message` SET `msg` = '$msg', `whoedit` = '$user[id]' WHERE `id` = '".my_int($_POST['e'])."' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $thispage);
}
if (mysql_num_rows($em) != FALSE && mysql_num_rows($emt) != FALSE) {
$i_rzd = mysql_fetch_assoc($empty_3);
$i_pdf = mysql_fetch_assoc($empty_2);
echo $div_title . 'Редактирование' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a> |
<a href="r-razdel-'.$i_rzd['id'].'">' . $i_rzd['name'] . '</a> |
<a href="pod-'.$i_rzd['id'].'-'.$i_pdf['id'].'">' . $i_pdf['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>
' . $div_end . '
<form method="post" action="?">
<textarea name="msg" cols="50" rows="5" style="width: 99%;">' . back_bb($i['msg']) . '</textarea>
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="hidden" name="e" value="' . $e . '"/>
<input type="submit" name="ok" value="Изменить"/>
</form>
« <a href="them-'.$r.'-'.$p.'-'.$t.$thispage.'">Назад</a>';
} else {
err('Ошибка!');
}
break;
/*
* Новая тема
*/
case add_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (empty($_SESSION['us'])) {
header('Location: /reg.php');
die();
}
$mylastthem = mysql_query("SELECT date FROM f_them WHERE author = '$user[id]' AND date + '60' > '" . time() . "' LIMIT 1");
if (mysql_num_rows($mylastthem) != false)
{
err('Вы не можете так часто создавать темы!');
include '../system/foot.php';
exit();
}
$inf_1 = mysql_fetch_assoc($empty_2);
$inf_2 = mysql_fetch_assoc($empty_3);
echo $div_title . 'Новая тема' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a> |
<a href="r-razdel-'.$inf_2['id'].'">' . $inf_1['name'] . '</a> |
<a href="pod-'.$inf_2['id'].'-'.$inf_1['id'].'">' . $inf_2['name'] . '</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$t = my_int($_REQUEST['t']);
if (isset($_POST['ok']))
{
$title = trim(mysql_real_escape_string(check($_POST['title'])));
$content = trim(mysql_real_escape_string(check($_POST['content'])));
$annun = my_int($_POST['annun']);
$pr = mysql_query("SELECT COUNT(id) FROM `f_them` WHERE `name` = '$title' AND `rid` = '$t' LIMIT 1");
if (empty($title)) {
err('Не заполнено название!');
} elseif (empty($content)) {
err('Не заполнено содержание!');
} elseif (mysql_result($pr, 0) != 0) {
err('Такая тема уже существует в этом разделе!');
} else {
mysql_query("INSERT INTO `f_them` SET
`rid` = '$p',
`razdel_id` = '$r',
`name` = '$title',
`author` = '$user[id]',
`date` = '" . time() . "',
`last` = '" . time() . "'");
$lid = mysql_insert_id();
mysql_query("UPDATE users SET activity = activity + '0.01', `annun` = '$annun' WHERE id = '$user[id]' LIMIT 1");
mysql_query("INSERT INTO f_message SET tid = '$lid', podforum = '$p', user = '$user[id]', msg = '$content', time = '" . time() . "'");
header('Location: them-'.$r.'-'.$p.'-' . $lid);
}
}
echo '<form method="post" action="?">
<label>Название:</label><br/>
<input type="text" name="title"/><br/>
<label>Содержание:</label><br/>
<textarea name="content" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<input type="checkbox" name="annun" value="1"/> Оповещать об оставленных сообщениях
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="submit" name="ok" value="Создать"/>
</form>';
break;
/*
* Удаление темы
*/
case del_them:
$p = my_int($_GET['p']);
$r = my_int($_GET['r']);
$t = my_int($_GET['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$sql = mysql_query("SELECT `id`, `name` FROM `f_them` WHERE `id` = '$t' LIMIT 1");
// информация о разделе
$i_p = mysql_fetch_assoc($empty_2);
// информация о теме
$insql = mysql_fetch_assoc($sql);
if (!isset($_GET['yes']))
{
echo 'Вы уверены, что хотите удалить тему <b>' . $insql['name'] . '</b>?<br/>
<a href="del_them-'.$r.'-'.$p.'-'.$t.'&yes"><span class="next"><img src="../ico/ok.png" alt=""/> Да</span></a> |
<a href="them-'.$r.'-'.$p.'-'.$t.'"><span class="next"><img src="../ico/delete.png" alt=""/> Нет</span></a>';
} else {
if ($user['level'] < 3) {
header('Location: r-razdel-' . $r);
die();
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
$msgs = mysql_query("SELECT * FROM `f_message` WHERE `tid` = '$t'");
while($p = mysql_fetch_assoc($msgs)) {
if (file_exists('upload/' . $p['path'])) unlink('upload/' . $p['path']);
}
$TXT = '<small>(' . date('d-m-y в H:i:s') . ')</small><br/>' . elite($user['id']) . ' ' . $user['user'] . ' удалил тему <b>' . $insql['name'] . '</b>.';
mysql_query("INSERT INTO admin_logs SET text = '$TXT'");
mysql_query("DELETE FROM `f_message` WHERE `tid` = '$t'");
mysql_query("DELETE FROM `f_them` WHERE `id` = '$t' LIMIT 1");
header('Location: r-razdel-' . $r);
}
}
break;
/*
* Перемещение темы
*/
case move_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT id, name FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
echo $div_title . 'Перемещение темы' . $div_end;
$sql = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' LIMIT 1");
// информация о теме
$inf = mysql_fetch_assoc($sql);
// информация о подразделе
$i_p = mysql_fetch_assoc($empty_2);
// информация о разделе
$i_r = mysql_fetch_assoc($empty_3);
if ($user['level'] < 3) {
header('Location: them-' . $r . '-' . $p . '-' . $t);
die();
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
// Перемещение
if (isset($_POST['go_move'])) {
$razdel = my_int($_POST['razdel']);
$podforum = my_int($_POST['podforum']);
$no_r = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$razdel' LIMIT 1");
$no_p = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$podforum' LIMIT 1");
$info_pod = mysql_fetch_assoc($no_p);
$info_rzd = mysql_fetch_assoc($no_r);
if (mysql_num_rows($no_r) == FALSE) {
err('Ошибка при выборе раздела!');
} elseif (mysql_num_rows($no_p) == FALSE) {
err('Ошибка при выборе подраздела!');
} else {
// Перемещаем саму тему
mysql_query("UPDATE `f_them` SET
`rid` = '$podforum',
`razdel_id` = '$razdel'
WHERE `id` = '$t' LIMIT 1");
// сообщение системы
if ($user['level'] == 3) $mylev = 'Ст.Модератор';
elseif ($user['level'] == 4) $mylev = 'Администратор';
elseif ($user['level'] == 5) $mylev = 'Ст.Администратор';
$systxt = 'Тему переместил ' . $mylev . ' ' . cvetnik($user['id']) . ' из ' . $i_r['name'] . '→' . $i_p['name'] . ' в ' . $info_rzd['name'] . '→' . $info_pod['name'];
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$podforum',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
// Перемещаем сообщения из темы
$in_them = mysql_query("SELECT `id`, `rid` FROM `f_them` WHERE `rid` = '$podforum' AND `razdel_id` = '$razdel' AND `id` = '$t' LIMIT 1");
while($isin = mysql_fetch_assoc($in_them)) {
mysql_query("UPDATE `f_message` SET `podforum` = '$isin[rid]' WHERE `tid` = '$isin[id]'");
}
// Редирект в перемещенную тему
header('Location: them-'.$razdel.'-'.$podforum.'-' . $t);
}
}
// Если уже выбран раздел
if (isset($_POST['move'])) {
$razdel = my_int($_POST['razdel']);
$no_r = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$razdel' LIMIT 1");
if (mysql_num_rows($no_r) == FALSE) {
err('Выбран неверный раздел!');
} else {
$Sql_2 = mysql_query("SELECT `id`, `name` FROM `f_pod` WHERE `pid` = '$razdel'");
if (mysql_num_rows($Sql_2) != FALSE) {
echo 'В какой подраздел:<br/>
<form method="post" action="?">
<select name="podforum">';
//////////////////////////////
while($scan = mysql_fetch_assoc($Sql_2)) {
echo '<option value="'.$scan['id'].'">' . $scan['name'] . '</option>';
}
echo '</select>
<br/>
<input type="hidden" name="p" value="'.$p.'"/>
<input type="hidden" name="r" value="'.$r.'"/>
<input type="hidden" name="t" value="'.$t.'"/>
<input type="hidden" name="razdel" value="'.$razdel.'"/>
<input type="submit" name="go_move" value="Перенести"/>
</form>
' . $block . '
« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
//////////////////////////////
} else {
echo 'В этом разделе нет подразделов!<br/>';
}
}
// Если уже выбран подраздел
} elseif (!isset($_POST['move'])) {
echo 'В какой раздел:<br/>';
$Sql_1 = mysql_query("SELECT `id`, `name` FROM `f_razdel`");
echo '<form method="post" action="?">
<select name="razdel">';
//////////////////////////////
if (mysql_num_rows($Sql_1) != FALSE) {
while($_a = mysql_fetch_assoc($Sql_1)) {
echo '<option value="'.$_a['id'].'">' . $_a['name'] . '</option>';
}
//////////////////////////////
echo '</select>
<br/>
<input type="hidden" name="p" value="'.$p.'"/>
<input type="hidden" name="r" value="'.$r.'"/>
<input type="hidden" name="t" value="'.$t.'"/>
<input type="submit" name="move" value="Выбрать"/>
</form>
' . $block . '
« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
}
} else {
echo 'Разделов не найдено!<br/>';
}
}
break;
/*
* Изменение темы
*/
case edit_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT id FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$sql = mysql_query("SELECT `name`, `author` FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
}
echo $div_title . $inf['name'] . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
if (isset($_POST['ok'])) {
$ed = trim(mysql_real_escape_string(check($_POST['ed'])));
$annun = my_int($_POST['annun']);
if (empty($ed)) {
err('Не заполнен заголовок темы!');
} else {
mysql_query("UPDATE `f_them` SET `name` = '$ed', whoedit = '$user[id]' WHERE `id` = '$t' LIMIT 1");
mysql_query("UPDATE users SET annun = '$annun' WHERE id = '$user[id]' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t);
}
}
if (mysql_num_rows($sql) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
} else {
echo '<form method="post" action="?">
<label>Название:</label><br/>
<input type="text" name="ed" value="' . $inf['name'] . '"/>
<br/>
<input type="checkbox" name="annun" ' . ($user['annun'] == 1 ? 'checked' : '') . ' value="1"/> Оповещать об оставленных сообщениях
<br/>
<input type="hidden" name="r" value="' . $r . '"/>
<input type="hidden" name="p" value="' . $p . '"/>
<input type="hidden" name="t" value="' . $t . '"/>
<input type="submit" name="ok" value="Изменить"/>
</form>
« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
}
break;
/*
* Закрытие темы
*/
case close_them:
$p = my_int($_GET['p']);
$r = my_int($_GET['r']);
$t = my_int($_GET['t']);
$empty_2 = mysql_query("SELECT id FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$sql = mysql_query("SELECT `author`,id FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
} else {
if (!isset($_POST['okay']))
{
echo '<form method="post" action="close_them-'.$r.'-'.$p.'-'.$t.'">
<input type="text" name="reason" placeholder="Причина закрытия темы..."/>
<br/>
<input type="submit" name="okay" value="Закрыть"/>
</form>';
} else {
$reason = trim(mysql_real_escape_string(check($_POST['reason'])));
if ($user['level'] == 3) $mylev = 'Ст.Модератор';
elseif ($user['level'] == 4) $mylev = 'Администратор';
elseif ($user['level'] == 5) $mylev = 'Ст.Администратор';
else $mylev = 'автор';
if (!empty($reason))
{
$rs = '<br/>Причина: <b>' . $reason . '</b>';
}
$systxt = 'Тему закрыл ' . $mylev . ' ' . cvetnik($user['id']) . $rs;
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
###############################
$a = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE tid = '$t'"), 0);
if ($a > 10) {
$pg = ceil($a / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_them` SET `close` = '1' WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-'.$t . $st . '#down');
}
}
break;
/*
* Открытие темы
*/
case open_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT id FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT id FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$sql = mysql_query("SELECT `author` FROM `f_them` WHERE `id` = '$t' LIMIT 1");
$inf = mysql_fetch_assoc($sql);
if ($inf['author'] != $user['id'] && $user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
} else {
if ($user['level'] == 3) $mylev = 'Ст.Модератор';
elseif ($user['level'] == 4) $mylev = 'Администратор';
elseif ($user['level'] == 5) $mylev = 'Ст.Администратор';
else $mylev = 'автор';
$systxt = 'Тему открыл ' . $mylev . ' ' . cvetnik($user['id']);
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
###############################
$a = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE tid = '$t'"), 0);
if ($a > 10) {
$pg = ceil($a / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_them` SET `close` = '0' WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
break;
/*
* Закрепление темы
*/
case fix_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if ($user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
} else {
// сообщение системы
if ($user['level'] == 3) $mylev = 'Ст.Модератор';
elseif ($user['level'] == 4) $mylev = 'Администратор';
elseif ($user['level'] == 5) $mylev = 'Ст.Администратор';
$systxt = 'Тему закрепил ' . $mylev . ' ' . cvetnik($user['id']);
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
###############################
$a = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE tid = '$t'"), 0);
if ($a > 10) {
$pg = ceil($a / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_them` SET `fix` = '1' WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
break;
/*
* Открепление темы
*/
case detach_them:
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$t = my_int($_REQUEST['t']);
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
$Ob = mysql_query("SELECT `f_razdel`.* FROM `f_razdel` WHERE `id` = '$r' AND `id` IN(SELECT `pid` FROM `f_pod` WHERE `id` = '$p')");
$emptyT = mysql_query("SELECT `f_pod`.* FROM `f_pod` WHERE `id` = '$p' AND `id` IN(SELECT `rid` FROM `f_them` WHERE `id` = '$t')");
if (mysql_num_rows($Ob) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
if ($user['level'] < 3) {
header('Location: them-'.$r.'-'.$p.'-' . $t);
die();
} else {
// сообщение системы
if ($user['level'] == 3) $mylev = 'Ст.Модератор';
elseif ($user['level'] == 4) $mylev = 'Администратор';
elseif ($user['level'] == 5) $mylev = 'Ст.Администратор';
$systxt = 'Тему открепил ' . $mylev . ' ' . cvetnik($user['id']);
mysql_query("INSERT INTO `f_message` SET
`tid` = '$t',
`podforum` = '$p',
`user` = '0',
`msg` = '$systxt',
`time` = '" . time() . "'");
###############################
$a = mysql_result(mysql_query("SELECT COUNT(id) FROM f_message WHERE tid = '$t'"), 0);
if ($a > 10) {
$pg = ceil($a / 10);
$st = '&page=' . $pg;
} else {
$st = '';
}
###############################
mysql_query("UPDATE `f_them` SET `fix` = '0' WHERE `id` = '$t' LIMIT 1");
header('Location: them-'.$r.'-'.$p.'-' . $t . $st);
}
break;
/*
* Поиск
*/
case search:
echo $div_title . 'Поиск' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<b>Поиск</b></a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
unset($_SESSION['s']);
unset($_SESSION['where']);
echo '<form method="post" action="?do=search_result">
<label>Часть текста:</label><br/>
<input type="text" name="s"/>
<br/>
<label>Искать в:</label><br/>
<input type="radio" name="where" checked="checked" value="1"/> темах
<br/>
<input type="radio" name="where" value="2"/> сообщениях
<br/>
<input type="submit" name="ok" value="Найти"/>
</form>';
break;
case search_result:
echo $div_title . 'Поиск' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<b>Поиск</b></a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
if (isset($_SESSION['s'])) $s = my_check($_SESSION['s']);
if (isset($_POST['s'])) $s = my_check($_POST['s']);
$s = addcslashes($s, '_%');
if (isset($_SESSION['where'])) $where = my_int($_SESSION['where']);
if (isset($_POST['where'])) $where = my_int($_POST['where']);
$_SESSION['s'] = $s;
$_SESSION['where'] = $where;
if (empty($s)) {
err('Не введен поисковой запрос!');
} else {
// поиск в темах
if ($where == 1) {
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_them` WHERE `name` LIKE '%$s%'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, 'search_result&');
$_sr = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` WHERE `f_them`.`name` LIKE '%$s%' ORDER BY `f_them`.`id` DESC {$n->limit}");
$dv = 0;
echo $block . '<b>Результаты:</b> ' . $_res . $block;
while($a = mysql_fetch_assoc($_sr)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'&page='.$pg.'"><b>»</b></a>';
} else {
$st = '';
}
###############################
echo ($dv ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'">' . $a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
err('По запросу ' . $s . ' ничего не найдено!');
}
// поиск в сообщениях
} elseif ($where == 2) {
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_message` WHERE `msg` LIKE '%$s%'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=search_result&');
$_sr = mysql_query("SELECT `f_message`.*,
(SELECT `name` FROM `f_them` WHERE `f_them`.`id` = `f_message`.`tid` LIMIT 1) AS c,
(SELECT `razdel_id` FROM `f_them` WHERE `f_them`.`rid` = `f_message`.`podforum` LIMIT 1) AS a,
(SELECT `id` FROM `f_them` WHERE `f_them`.`rid` = `f_message`.`podforum` LIMIT 1) AS t
FROM `f_message` WHERE `f_message`.`msg` LIKE '%$s%' ORDER BY `f_message`.`id` DESC {$n->limit}");
echo $block . '<b>Результаты:</b> ' . $_res . $block;
while($a = mysql_fetch_assoc($_sr))
{
$new_string = preg_replace("#($s)#iu", '<b style="color:#FF3030;">1</b>', $a['msg']);
$new_string = preg_replace('/(v class="([a-z]+)">)/', '', $a['msg']);
echo $div_tworazdel . $a['c'] . $div_end . $div_razdel . '<a href="them-'.$a['a'].'-'.$a['podforum'].'-'.$a['tid'].'">' . back_bb($new_string) . '</a>' . $div_end;
}
echo $n->navi();
} else {
err('По запросу ' . $s . ' ничего не найдено!');
}
} else {
err('Не выбран поисковой путь!');
}
}
break;
/*
* Новые темы
*/
case newt:
echo $div_title . 'Новые' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<b>Новые</b> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_them`"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=newt&');
$th = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` ORDER BY `f_them`.`id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'&page='.$pg.'"><b>»</b></a>';
} else {
$st = '';
}
###############################
// голосование в теме
if (!empty($a['quest'])) {
$cl = '<img src="img/v.png" alt="votes"/>';
}
// закрепленная тема
if ($a['fix'] == 1) {
$cl = '<img src="img/f.png" alt="fixed"/>';
}
// закрытая тема
if ($a['close'] == 1) {
$cl = '<img src="img/x.png" alt="closed"/>';
}
// обычная тема
if ($a['close'] == 0 && $a['fix'] == 0 && empty($a['quest'])) {
$cl = '<img src="img/t.png" alt="them"/>';
}
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $cl . ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Новыx тем не найдено!<br/>';
}
break;
/*
* Мои темы
*/
case my:
echo $div_title . 'Мои темы' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<b>Мои темы</b>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_them` WHERE `author` = '$user[id]'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=my&');
$th = mysql_query("SELECT `f_them`.*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` WHERE `author` = '$user[id]' ORDER BY `id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'&page='.$pg.'"><b>»</b></a>';
} else {
$st = '';
}
###############################
// голосование в теме
if (!empty($a['quest'])) {
$cl = '<img src="img/v.png" alt="votes"/>';
}
// закрепленная тема
if ($a['fix'] == 1) {
$cl = '<img src="img/f.png" alt="fixed"/>';
}
// закрытая тема
if ($a['close'] == 1) {
$cl = '<img src="img/x.png" alt="closed"/>';
}
// обычная тема
if ($a['close'] == 0 && $a['fix'] == 0 && empty($a['quest'])) {
$cl = '<img src="img/t.png" alt="them"/>';
}
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $cl . ' <img src="img/str.png" act="img"/> <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Моих тем не найдено!<br/>';
}
break;
/*
* Активные темы
*/
case act:
echo $div_title . 'Активные' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<b>Активные</b> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `f_them` WHERE `id` IN(SELECT tid FROM `f_message`)"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=act&');
$th = mysql_query("SELECT `f_them` .*,
(SELECT COUNT(id) FROM `f_message` WHERE `f_message`.`tid` = `f_them`.`id`) AS c,
(SELECT `pid` FROM `f_pod` WHERE `f_pod`.`id` = `f_them`.`rid`) AS t
FROM `f_them` ORDER BY last DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th))
{
###############################
if ($a['c'] > 10) {
$pg = ceil($a['c'] / 10);
$st = ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'&page='.$pg.'"><b>»</b></a>';
} else {
$st = '';
}
###############################
// голосование в теме
if (!empty($a['quest'])) {
$cl = '<img src="img/v.png" alt="votes"/>';
}
// закрепленная тема
if ($a['fix'] == 1) {
$cl = '<img src="img/f.png" alt="fixed"/>';
}
// закрытая тема
if ($a['close'] == 1) {
$cl = '<img src="img/x.png" alt="closed"/>';
}
// обычная тема
if ($a['close'] == 0 && $a['fix'] == 0 && empty($a['quest'])) {
$cl = '<img src="img/t.png" alt="them"/>';
}
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $cl . ' <a href="them-'.$a['t'].'-'.$a['rid'].'-'.$a['id'].'">' .$a['name'] . '</a> (' . $a['c'] . ')' . $st . $div_end;
}
echo $n->navi();
} else {
echo 'Активных тем не найдено!<br/>';
}
break;
/*
* Кто онлайн
*/
case online:
echo $div_title . 'На форуме' . $div_end . $div_menu . '
<img src="img/up.png" alt="*"/> <a href="index.php">Форум</a>
' . $block . '
<a href="index.php?do=search">Поиск</a> |
<a href="index.php?do=act">Активные</a> |
<a href="index.php?do=newt">Новые</a> |
<a href="index.php?do=my">Мои темы</a>' . $div_end;
$_res = mysql_result(mysql_query("SELECT COUNT(id) FROM `users` WHERE `room` = 'forum' AND `onl` + '300' > '" . time() . "'"), 0);
if ($_res != FALSE) {
$n = new navigator($_res, 10, '?do=online&');
$th = mysql_query("SELECT * FROM `users` WHERE `room` = 'forum' AND `onl` + '300' > '" . time() . "' ORDER BY `id` DESC {$n->limit}");
$i = 0;
while($a = mysql_fetch_assoc($th)) {
echo ($i ++ % 2) ? $div_razdel : $div_tworazdel;
echo us($a['id']) . $div_end;
}
echo $n->navi();
} else {
echo 'Никого нету!<br/>';
}
break;
case save:
if (!isset($_SESSION['us']))
{
header('location: /reg.php');
die();
}
$t = my_int($_GET['t']);
$emptyT = mysql_query("SELECT `id`, `name` FROM `f_them` WHERE `id` = '$t' LIMIT 1");
if (mysql_num_rows($emptyT) == FALSE) {
err('Ошибка!');
include '../system/foot.php';
exit();
}
if ($objs = glob('temp' . '/*'))
{
foreach($objs as $obj)
{
unlink($obj);
}
}
$tema = mysql_query("SELECT * FROM `f_message` WHERE tid = '$t' ORDER BY time ASC");
$ii = mysql_fetch_array($emptyT);
function replaceToCode($var)
{
$var = str_replace('<br />', "rn", $var);
$var = str_replace('<br/>', "rn", $var);
$var = str_replace('<', '<', $var);
$var = str_replace('>', '>', $var);
$var = str_replace('&', '&', $var);
$var = str_replace('$', '$', $var);
$var = str_replace('"', '"', $var);
$var = str_replace(''', ''', $var);
$var = str_replace('\', ''', $var);
$var = str_replace('%', '%', $var);
$var = str_replace('^', '^', $var);
return $var;
}
$i = 0;
while($query = mysql_fetch_assoc($tema))
{
$query['msg'] = preg_replace('/<div class="quote">(.*)</div>/siu', 'Цитата: 1<br/>Ответ: ', $query['msg']);
$code = strtr($query['msg'], array('$' => '$', ''' => "'", '\' => '\', '`' => '`', '%' => '%', '^' => '^'));
$code = preg_replace('/[color=#([a-z0-9]{6})](.*)[/color]/sui', '2', $code);
$code = str_replace('<span style="color: #FF0000;">[b][censored][/b]</span>', '[censored]', $code);
$code = preg_replace('/<img src="/smiles/(.*?)" alt="(.*?)"/>/si', '2', $code);
$code = notags(back_bb(nl2br($code)));
$string .= ++$i . '. ' . ($query['user'] == 0 ? '<span style="color:#FF3030;">[Система]</span>' : user_inf($query['user'], 'user')) . "n". date('d.m.y H:i', $query['time']) . "n" . html_entity_decode($code, ENT_QUOTES, 'UTF-8') . "n---------------n";
$string = $string;
}
file_put_contents('temp/tema'.$t.'.txt', '"' . notags($ii[1]) . ""n" . replaceToCode($ii[2]) . "n---------------n" . $string . "n***************nСкачано с http://" . $site);
header('location: temp/tema'.$t.'.txt');
die();
break;
case who:
if (!isset($_SESSION['us']))
{
header('location: /reg.php');
die();
}
$t = my_int($_REQUEST['t']);
$p = my_int($_REQUEST['p']);
$r = my_int($_REQUEST['r']);
$empty_1 = mysql_query("SELECT * FROM `f_them` WHERE `id` = '$t' AND `rid` = '$p' LIMIT 1");
$empty_2 = mysql_query("SELECT * FROM `f_pod` WHERE `id` = '$p' AND `pid` = '$r' LIMIT 1");
$empty_3 = mysql_query("SELECT * FROM `f_razdel` WHERE `id` = '$r' LIMIT 1");
if (mysql_num_rows($empty_1) == FALSE) {
err('Тема не найдена, возможна она была удалена.');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_2) == FALSE) {
err('Подраздела не существует!');
include '../system/foot.php';
exit();
}
if (mysql_num_rows($empty_3) == FALSE) {
err('Раздела не существует!');
include '../system/foot.php';
exit();
}
$num = mysql_result(mysql_query("SELECT COUNT(id) FROM inthem WHERE uid = '$t' AND time + '100' > '" . time() . "'"), 0);
if ($num != 0)
{
$n = new navigator($num, 10, 'who-'.$r.'-'.$p.'-'.$t.'&');
$sel = mysql_query("SELECT * FROM inthem WHERE uid = '$t' AND time + '100' > '" . time() . "' ORDER BY time DESC {$n->limit}");
$cols = 0;
$i = 0;
while($a = mysql_fetch_assoc($sel))
{
++$cols;
$nums = ($n->start + $cols);
echo ($i ++ % 2) ? $div_razdel : $div_tworazdel;
echo $nums . '. ' . us($a['who']) . $div_end;
}
echo $n->navi();
} else {
echo 'В теме нет никого.<br/>';
}
echo $block . '« <a href="them-'.$r.'-'.$p.'-'.$t.'">Назад</a>';
break;
}
include '../system/foot.php';
?>