Файл: index.php
Строк: 239
<?php
include('common.php');
$do = getarg('do');
$what = getarg('what');
$id = getarg('id');
$page = getarg('page');
if(islogged()){
if($do == 'new'){
if($what == 'forum'){
if(isset($_POST['title']) && !empty($_POST['title'])){
$title = clean($_POST['title']);
if(isset($_POST['description']))$description=clean($_POST['description']); else $description='';
$query = mysql_query('SELECT * FROM `forums` ORDER BY `position` DESC LIMIT 1;');
$position = intval(mysql_result($query, 0));
@mysql_query("insert into `forums` set `title`='$title', `description`='$description', `position`='$position'");
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}else{
echo theader($lang['newforum']);
echo '<div class="list2"><form method="post" action="/index.php?do=new&what=forum">
' . $lang['title'] . ':<br /><input type="text" name="title" maxlength="50" /><br />
' . $lang['description'] . ':<br /><textarea name="description" maxlength="5000"></textarea><br />
<input type="submit" value="' . $lang['create'] . '" /><br />
</form></div>';
}
}elseif($what == 'shoutbox'){
if(isset($_POST['message']) && !empty($_POST['message'])){
$message = clean($_POST['message']);
mysq_query("insert into `shoutbox` set `user`='".getid()."', `message`='$message', `time`='".time()."'");
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}else{
echo theader($lang['shout']);
echo '<div class="list2"><form method="post" action="/index.php?do=new&what=shoutbox">
' . $lang['message'] . ':<br /><textarea name="message" maxlength="5000"></textarea><br />
<input type="submit" value="' . $lang['shout'] . '" /></form></div>';
}
}
if($what == 'shoutbox')
echo '<div class="list2"><a href="/index.php?do=shoutbox">' . $lang['back'] . '</a></div>';
echo '<div class="list2"><a href="/index.php">' . $lang['main'] . '</a></div>';
}elseif($do == 'delete'){
if($what == 'forum'){
if($id != NULL && checkadmin()){
$query = mysql_query('SELECT * FROM `forums` WHERE `id` = '' . $id . '';');
if(mysql_num_rows($query) > 0){
$threads = mysql_query('SELECT `id` FROM `threads` WHERE `forum` = '' . $id . '';');
if(mysql_num_rows($query) > 0){
while($thread = mysql_fetch_array($query)){
mysql_query("delete from `posts` where `thread`='$thread[id]'");
mysql_query("delete from `threads` where `id`='$thread[id]'");
}
}
@mysql_query('DELETE FROM `forums` WHERE `id` = '' . $id . '';');
}
}
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}elseif($what == 'shoutbox'){
if($id != NULL && checkmod()){
if($id == 'all' && checkadmin()){
@mysql_query('TRUNCATE TABLE `shoutbox`;');
}else{
$query = mysql_query('SELECT * FROM `shoutbox` WHERE `id` = '' . $id . '';');
if(mysql_num_rows($query) > 0)
@mysql_query('DELETE FROM `shoutbox` WHERE `id` = '' . $id . '';');
}
}
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}
}elseif($do == 'edit'){
if($what == 'forum'){
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM `forums` WHERE `id` ='$id'"));
if($result){
if(checkadmin()){
if(isset($_POST['title']) && isset($_POST['description'])){
$title = clean($title);
$description = clean($description);
mysql_query("update `forums` set `title`='$title', `description`='$description' where `id`='$id'");
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}else{
$title = $result['title'];
$description = str_replace('<br />', "rn", $result['description']);
echo theader($lang['editforum']);
echo ' <div class="phdr">' . $lang['editforum'] . '</div>
<div class="list2"><form method="post" action="/index.php?do=edit&what=forum&id=' . $id . '">
' . $lang['title'] .':<br /><input type="text" name="title" maxlength="30" value="' . $title . '" /><br />
' . $lang['description'] . ':<br /><textarea name="description">' . $description . '</textarea><br />
<input type="submit" value="' . $lang['edit'] . '" /><br />
</form><br />
<a href="/index.php">' . $lang['back'] . '</a></div>';
}
}else
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}else
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}elseif($what == 'shoutbox'){
$query = mysql_query('SELECT * FROM `shoutbox` WHERE `id` = '' . $id . '';');
if(mysql_num_rows($query) > 0){
$result = mysql_fetch_array($query);
if(checkmod()){
if(isset($_POST['message']) && !empty($_POST['message'])){
$message = clean($message);
mysql_query("update `shoutbox` set `message`='$message' where `id`='$id'");
echo'<div class="list2"><a href="/?do=shoutbox">'.$lang['continue'].'</a></div>';
}else{
$message = str_replace('<br />', "rn", $result['message']);
echo theader($lang['editshoutbox']);
echo '<div class="phdr">' . $lang['editshoutbox'] . '</div>
<div class="list2">
<form method="post" action="/index.php?do=edit&what=shoutbox&id=' . $id . '">
' . $lang['message'] . ':<br /><textarea name="message">' . $message . '</textarea><br />
<input type="submit" value="' . $lang['edit'] . '" /><br />
</form><br /><a href="/index.php?do=shoutbox">' . $lang['back'] . '</a></div>';
}
}else
echo'<div class="list2"><a href="/?do=shoutbox">'.$lang['continue'].'</a></div>';
}else
echo'<div class="list2"><a href="/?do=shoutbox">'.$lang['continue'].'</a></div>';
}else{
echo'<div class="list2"><a href="/">'.$lang['continue'].'</a></div>';
}
}elseif($do == 'shoutbox'){
echo theader($lang['shoutbox']);
echo '<div class="list2"><form method="post" action="/index.php?do=new&what=shoutbox">
' . $lang['message'] . ':<br /> <textarea name="message" maxlength="5000"></textarea><br />
<input type="submit" value="' . $lang['shout'] . '" />
</form></div>';
$query = mysql_query('SELECT COUNT(*) FROM `shoutbox`;');
if(($nshts = intval(mysql_result($query, 0))) > 0){
$ntpp = 10;
$npages = ceil($nshts / $ntpp);
if($page == 'last')
$page = $npages;
$page = intval($page);
if($page == 0)
$page = 1;
if($page > $npages && $page != 1)
$page = $npages;
if($page > 1)
echo ' <span><a href="/index.php?do=shoutbox&page=1">' . $lang['firstpage'] . '</a></span><br />' . "rn";
if($npages > 1 && $page < $npages)
echo ' <span><a href="/index.php?do=shoutbox&page=' . $npages . '">' . $lang['lastpage'] . '</a></span><br />' . "rn";
$limit = ($page - 1) * $ntpp;
$shts = mysql_query('SELECT * FROM `shoutbox` ORDER BY `date` DESC LIMIT ' . $limit . ', ' . $ntpp . ';');
if($nshts > 0){
while($shout = mysql_fetch_array($shts)){
$id = $shout['id'];
$user = getusername($shout['user']);
$message = $shout['message'];
$message = bbcode($message);
$message = smile($message);
$date = $shout['date'];
if(checkmod()){
$edl = ' <a href="/index.php?do=edit&what=shoutbox&id=' . $id . '">[E]</a>';
$dll = ' <a href="/index.php?do=delete&what=shoutbox&id=' . $id . '">[D]</a>';
}else{
$edl = '';
$dll = '';
}
echo '<div class="list2">
<a href="/profile.php?id=' . $shout['user'] . '">' . $user . '</a>: (' . date('d/m/Y, H:i:s', $date) . ')
'.$edl.$dll.'<br />
'.$message.'</div>';
}
}
if($page > 1){
$bp = $page - 1;
$bl = '<a href="/index.php?do=shoutbox&page=' . $bp . '">< ' . $lang['backward'] . '</a>';
}else
$bl = '< ' . $lang['backward'];
if($page < $npages){
$fp = $page + 1;
$fl = ' | <a href="/index.php?do=shoutbox&page=' . $fp . '">' . $lang['forward'] . ' ></a>';
}else
$fl = ' | ' . $lang['forward'] . ' >';
echo '<div class="list2">' . $bl . $fl . '</div>';
}else{
echo '<div class="list2">' . $lang['shoutboxempty'] . '</div>';
}
if(checkadmin())
echo '<div class="list2"><a href="/index.php?do=delete&what=shoutbox&id=all">' . $lang['deleteshoutbox'] . '</a></div>';
echo '<div class="list2"><a href="/index.php">' . $lang['back'] . '</a></div>';
}else{
echo theader($lang['main']); // Шапка
echo '<div class="list2">' . $lang['welcome'] . ' ' . $s_sitename . ', ' . clean($u_username) . '</div>';
$query = mysql_query('SELECT COUNT(*) FROM `private` WHERE `to` = '' . getid() . '';');
$pmall = intval(mysql_result($query, 0));
$query = mysql_query('SELECT COUNT(*) FROM `private` WHERE `to` = '' . getid() . '' AND `read` = '0';');
$pmnew = intval(mysql_result($query, 0));
echo '<div class="list2">
<a href="/private.php">' . $lang['pminbox'] . ' (' . $pmall . ' / ' . $pmnew . ')</a><br />
<a href="/profile.php?id=' . getid() . '">' . $lang['myprofile'] . '</a><br />
<a href="/invites.php">' . $lang['myinvites'] . '</a>';
if(checkadmin())echo'<br/><a href="/adminka.php">'.$lang['adminka'].'</a>';
echo'</div>';
echo '<div class="phdr">' . $lang['shoutbox'] . '</div>';
$query = mysql_query('SELECT * FROM `shoutbox` ORDER BY `date` DESC LIMIT 0, 3;');
while($shout = mysql_fetch_array($query)){
$message = $shout['message'];
echo '<div class="list2"><a href="/profile.php?id=' . $shout['user'] . '">' . getusername($shout['user']) . '</a>: ' . bbcode(smile($message)) . '</div>';
}
echo '<div class="list2"><a href="/index.php?do=new&what=shoutbox">' . $lang['shout'] . '</a> | <a href="/index.php?do=shoutbox">' . $lang['more'] . '</a></div>';
listforums();
echo '<div class="phdr">' . $lang['latest'] . '</div>';
echo '<div class="list2">' . $lang['latestposts'] . ': ';
$num=mysql_num_rows(mysql_query("select * from `threads`"));
if($num){
$query = mysql_query('SELECT * FROM `threads` ORDER BY `lastpost` DESC LIMIT 0, 3;');
while($thread = mysql_fetch_array($query))
echo '<a href="/thread.php?id=' . $thread['id'] . '&page=last">' . $thread['title'] . '</a>, ';
}
echo '</div>';
echo '<div class="list2">' . $lang['latestmembers'] . ': ';
$query = mysql_query('SELECT * FROM `users` ORDER BY `date` DESC LIMIT 0, 3;');
while($user = mysql_fetch_array($query))
echo '<a href="/profile.php?id=' . $user['id'] . '">' . $user['username'] . '</a>, ';
echo '</div>';
// Меню
$result = intval(mysql_result(mysql_query('SELECT COUNT(*) FROM `online`;'), 0));
echo '<div class="user"><a href="/online.php">' . $lang['online'] . ' (' . $result . ')</a><br />';
$result = intval(mysql_result(mysql_query('SELECT COUNT(*) FROM `users`;'), 0));
echo '<a href="/users.php">' . $lang['lusers'] . ' (' . $result . ')</a><br />';
echo '<a href="/statistics.php">' . $lang['statistics'] . '</a><br />';
echo '<a href="/logout.php">' . $lang['logout'] . '</a></div>';
}
}else{
echo theader($lang['main']);
echo '<div class="phdr">' . $lang['welcome'] . ' ' . $s_sitename . ' :)</div>
<div class="list2">' . $lang['mustlogin'] . '</div>';
echo tloginbox();
echo '<div class="list2">' . $lang['inviteonly'] . '</div>
<div class="list2"><a href="/register.php">' . $lang['register'] . '</a></div>';
}
echo tfooter();
exit();
?>