Файл: war/war/chats.php
Строк: 123
<?php
define('PROTECTOR', 1);
$headmod = 'chat';//фикс. места
$textl='Торговый центр';
include('files/path.php');
include('files/gzips.php');
include($path.'files/db.php');
include($path.'files/auth.php');
include($path.'files/func.php');
include($path.'files/core.php');
include($path.'files/head.php');
include($path.'files/zag.php');
switch($_GET[mod]){
default:
function smiles($string){
$dir = opendir ("pic/smiles");
while ($file = readdir ($dir)) {
if (ereg (".gif$", "$file")){
$file2=str_replace(".gif","",$file);
$string=str_replace(":$file2",'<img src="pic/smiles/'.$file.'" alt="">',$string);
}}
closedir ($dir);
return $string; }
/////////////
$rand = rand(1000,9999);
///////////////////
echo "<center><b>Торговый центр</b></center>";
echo "<hr> <a href="smile.php?">Смайлы</a> / <a href="chats.php?r=$rand">Обновить</a><br/>";
echo "<br/>Написать:";
echo "<form action="chats.php?mod=writes" method="POST">";
echo "<input type="text" name="zin" maxlength="5000"/> <input type="submit" value="Написать" class="ibutton"><br>";
echo "<hr>";
if ($_GET[page] == "" || $_GET[page] < 0 || $_GET[page] == "0")
{
$_GET[page] = 0;
}
$next = $_GET[page] + 1;
$back = $_GET[page] - 1;
$num = $_GET[page] * 10;
if($_GET[page] == "0")
{$i = 1;}
else{$i = ($_GET[page]*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT komentaras2 FROM komentarai2"));
if($viso>=100){
mysql_query("DELETE FROM `komentarai2` ORDER BY `id` LIMIT 50");
}
$puslap = floor($viso/10);
$times = date("H:i");
$asd = mysql_query("SELECT * FROM komentarai2 ORDER BY id DESC LIMIT $num,10");
echo"<div align='left'>";
while($dsa = mysql_fetch_array($asd))
{
$nickas = strip_tags($dsa['nick']);
$koment = strip_tags($dsa['komentaras2']);
$time = strip_tags($dsa['time']);
$koment = smiles($koment);
$req = mysql_query("SELECT `storona`,`prava` FROM `users` WHERE `usr` = '$nickas'");
$pic = mysql_fetch_array($req);
if($pic['prava']==5){$koment='<font color="33FF66">'.$koment.'</font>';}
echo'<img src="pic/main/'.$pic['storona'].'.png" alt="#"/>';
echo" <a href="chats.php?nick=$nickas&mod=write">$nickas</a>";
if($pic['prava']==5){
echo'<font color="lime">.GM</font>';
}
if($pic['prava']==2){
echo'<font color="yellow">.M</font>';
}
echo" <a href="search.php?nick=$nickas&go=go"> [?]</a>: $koment <small><font color=#999999> [$time]</font></small>";
if($udata[prava]>=2){
echo" [<a href="chats.php?mod=del_post&p=$dsa[id]">X</a>]";
}
echo'<br/>';
}
echo "</div>";
echo "<br/>";
if ($_GET[page] > 0)
{
echo "<a href="chats.php?page=$back"><<</a>";
}
elseif ($_GET[page] == 0)
{
echo "<<";
}
echo"|";
if($_GET[page] < $puslap || $_GET[page] == "" || $_GET[page] == 0)
{echo "<a href="chats.php?page=$next">>></a>";}
else
{echo ">>";}
break;
case 'del_post':
if($udata[prava] >= 2)
{
if(empty($_GET[p])){
echo"Невыбран пост!<br/>";
}else{
$asd = mysql_query("SELECT * FROM komentarai2 WHERE id='".mysql_real_escape_string($_GET['p'])."' LIMIT 1");
$avto=mysql_num_rows($asd);
if($avto==0){
echo'Нет такого поста!<br/>';
}else{
mysql_query("DELETE FROM `komentarai2` WHERE id='".mysql_real_escape_string($_GET['p'])."' LIMIT 1");
header ('Location: chats.php?');
}
}
}else{
echo "Ошибка!Доступ закрыт!";
}
break;
case 'write':
echo"<b>Сообщение</b><br/>";
echo "<form action="chats.php?mod=writes" method="POST">";
if (isset($_GET[nick]))
{
$_GET[nick] = htmlspecialchars($_GET[nick]);
echo "<input type="text" name="zin" maxlength="250" value="$_GET[nick], " size="10"/><br/>";
}
else
{
echo "<input type="text" name="zin" maxlength="250" size="10"/><br/>";
}
echo "<input type="submit" value="Ok" class="ibutton"><br/>";
break;
case 'writes':
if($udata[lvl]<"1"){
echo'В торговом чате можно писать с 1 уровня!';
include($path.'files/down.php');
include($path.'files/meny.php');
exit;
}
$msg=$_POST['zin'];
$msg=substr($msg, 0, 512);
$msg=stripslashes(htmlspecialchars($msg));
$msg=str_replace("rn","<br />",$msg);
$msg=str_replace("r","<br />",$msg);
$msg=str_replace("n","<br />",$msg);
$msg = addslashes($msg);
$msg=preg_replace ("|[rn]+|si","",$msg);
$a = mysql_num_rows(mysql_query("SELECT komentaras2 FROM komentarai2 WHERE komentaras2 = '$msg'"));
$b = mysql_fetch_array(mysql_query("SELECT kada FROM komentarai2 WHERE nick = '$log' ORDER BY kada DESC LIMIT 1"));
$data_kom = strip_tags($b['kada']);
$data = date("y/m/d H:i:s", strtotime("+20 seconds"));
$data_dbr = date("y/m/d H:i:s");
$time = date("H:i d.m.y");
if($data_dbr >= $data_kom && $msg != "")
{
mysql_query("INSERT INTO komentarai2 SET nick = '$log', komentaras2 = '$msg', kada = '$data', time = '$time'");
$rand = rand(1000,9999);
header ('Location: chats.php?');
}
elseif($data_dbr < $data_kom)
{
$sec = $data_kom-$data_dbr;
$rand = rand(1000,9999);
header ('Location: chats.php?');
}
elseif($msg == "")
{
$rand = rand(1000,9999);
header ('Location: chats.php?');
}
else
{
$rand = rand(1000,9999);
header ('Location: chats.php?');
}
break;
}
include($path.'files/down.php');
include($path.'files/meny.php');
?>