<?php
require('../flowap/system.php');
switch ($act) {
case 'addrazd':
if (empty($user['id']) or $user['lvl'] < 100): header('location: /'); exit; endif;
$names = functions::htmlred($_POST['names']);
///
if (empty($names) || mb_strlen($names) < 3 || mb_strlen($names) > 100):
$err = 'Не правильная длина названия.';
elseif (DB::$dbs->querySingle('SELECT COUNT(`id`) FROM `forum_razd` WHERE `name` = ?', [$names]) > 0):
$err = 'Такой раздел уже существует.';
endif;
///
if(isset($err)):
$d = ['message' => $err,'type' => 'error'];
echo json_encode($d); exit;
else:
$trans = functions::transliterate($names);
DB::$dbs->query('INSERT INTO `forum_razd` SET `name` = ?, `url` = ?',[$names,$trans]);
$_SESSION['good'] = 'Раздел успешно создан.';
$d = ['location' => '/forum/addrazd/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
case 'addpodr':
if (empty($user['id']) or $user['lvl'] < 100): header('location: /'); exit; endif;
$sql = DB::$dbs->queryFetch('SELECT `id` FROM `forum_razd` WHERE `id` = ? LIMIT 1', [$id]);
if (empty($sql['id'])): $_SESSION['err'] = 'Такого раздела нет.'; header('location: /'); exit; endif;
$names = functions::htmlred($_POST['names']);
if (empty($names) || mb_strlen($names, 'UTF-8') < 1 || mb_strlen($names, 'UTF-8') > 100):
$err = 'Не правильная длина названия.';
elseif (DB::$dbs->querySingle('SELECT COUNT(`id`) FROM `forum_podr` WHERE `name` = ? and `id_razd` = ?', [$names,$id]) > 0):
$err = 'Такой раздел уже существует.';
endif;
///
if(isset($err)):
$d = ['message' => $err,'type' => 'error'];
echo json_encode($d); exit;
else:
$trans = functions::transliterate($names);
DB::$dbs->query('INSERT INTO `forum_podr` SET `name` = ?, `url` = ?, `id_razd` = ?',[$names,$trans,$id]);
$_SESSION['good'] = 'Подраздел успешно создан.';
$d = ['location' => '/forum/addpodr/'.$id.'/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
case 'addthem':
if (empty($user['id'])): header('location: /'); exit; endif;
$sql = DB::$dbs->queryFetch('SELECT `id`,`id_razd` FROM `forum_podr` WHERE `id` = ? LIMIT 1', [$id]);
if (empty($sql['id'])): header('location: /'); exit; endif;
$names = functions::htmlred($_POST['names']);
$textt = functions::htmlred($_POST['textt']);
$captcha = functions::htmlred($_POST['captcha']);
// капча
if (empty($captcha) || mb_strlen($captcha) < 2 || mb_strlen($captcha) > 8):
$err = 'Код с картинки введен не правильно.';
elseif ($_SESSION['captcha1'] != $captcha):
$err = 'Код с картинки введен не правильно.';
endif;
// Название темы
if (empty($names) || mb_strlen($names, 'UTF-8') < 5 || mb_strlen($names, 'UTF-8') > 30):
$err = 'Неправильная длина названия темы.';
elseif(empty($textt) || mb_strlen($textt, 'UTF-8') < 15 || mb_strlen($textt, 'UTF-8') > 10000):
$err = 'Неправильная длина текста темы.';
endif;
//
if(isset($err)):
$d = ['message' => $err,'type' => 'error']; echo json_encode($d); exit;
else:
DB::$dbs->query('INSERT INTO `forum_them` SET `id_razd` = ?, `id_podr` = ?, `name` = ?, `text` = ?, `time` = ?, `idus` = ?, `dateupd` = ?',[$sql['id_razd'],$sql['id'],$names,$textt,time(),$user['id'],time()]);
$idl = DB::$dbs->lastInsertId();
$_SESSION['good'] = 'Тема успешно создана.';
$d = ['location' => '/forum/t/'.$idl.'/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
case 'redthem':
$ids = functions::ints($_POST['id']);
$sql = DB::$dbs->queryFetch('SELECT `id`,`idus`,`text` FROM `forum_them` WHERE `id` = ? and `idus` = ? LIMIT 1', [$ids,$user['id']]);
if (empty($sql['id']) or $sql['idus'] != $user['id']): $d = ['message' => 'Ошибка #80.', 'location' => '/', 'type' => 'error']; echo json_encode($d); exit; endif;
$zamena = '<form id="formj_th'.$ids.'" action="" onsubmit="return false;"><textarea placeholder="Текст темы" name="textt" class="_doprtjyr45g">'.$sql['text'].'</textarea><input onclick="saveform (\'/ajax/forum.php?act=savethem&id='.$ids.'\',\'th'.$ids.'\');return false;" type="submit" name="add" class="_dop3t4g5erf" value="Сохранить"></form>';
$d = ['razd' => '#them_'.$ids,'zamena' => $zamena,'type' => 'success'];
echo json_encode($d); exit;
break;
case 'savethem':
if (empty($user['id'])): header('location: /'); exit; endif;
$sql = DB::$dbs->queryFetch('SELECT `id`,`idus` FROM `forum_them` WHERE `id` = ? and `idus` = ? LIMIT 1', [$id,$user['id']]);
if (empty($sql['id']) or $sql['idus'] != $user['id']): exit; endif;
//
$textt = functions::htmlred($_POST['textt']);
//
if(empty($textt) || mb_strlen($textt, 'UTF-8') < 15 || mb_strlen($textt, 'UTF-8') > 10000):
$err = 'Неправильная длина текста темы.';
endif;
//
if(isset($err)):
$d = ['message' => $err,'type' => 'error']; echo json_encode($d); exit;
else:
DB::$dbs->query('UPDATE `forum_them` SET `text` = ? WHERE `id` = ?',[$textt,$id]);
$_SESSION['good'] = 'Тема успешно отредактирована.';
$d = ['location' => '/forum/t/'.$id.'/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
case 'addkomm':
if (empty($user['id'])): header('location: /'); exit; endif;
$sql = DB::$dbs->queryFetch('SELECT `id` FROM `forum_them` WHERE `id` = ? LIMIT 1', [$id]);
if (empty($sql['id'])): exit; endif;
$textt = functions::htmlred($_POST['textt']);
if(empty($textt) || mb_strlen($textt, 'UTF-8') < 5 || mb_strlen($textt, 'UTF-8') > 10000):
$err = 'Неправильная длина текста темы.';
endif;
if(isset($err)):
$d = ['message' => $err,'type' => 'error']; echo json_encode($d); exit;
else:
DB::$dbs->query('INSERT INTO `forum_komm` SET `idus` = ?, `id_them` = ?, `text` = ?, `time` = ?',[$user['id'],$id,$textt,time()]);
DB::$dbs->query('UPDATE `forum_them` SET `dateupd` = ? WHERE `id` = ?',[time(),$id]);
$_SESSION['good'] = 'Комментарий успешно оставлен.';
$d = ['location' => '/forum/t/'.$id.'/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
case 'redkomm':
$ids = functions::ints($_POST['id']);
$sql = DB::$dbs->queryFetch('SELECT `id`,`idus`,`text` FROM `forum_komm` WHERE `id` = ? and `idus` = ? LIMIT 1', [$ids,$user['id']]);
if (empty($sql['id']) or $sql['idus'] != $user['id']): $d = ['message' => 'Ошибка #126.', 'location' => '/', 'type' => 'error']; echo json_encode($d); exit; endif;
$zamena = '<form id="formj_k'.$ids.'" action="" onsubmit="return false;"><textarea placeholder="Текст темы" name="textt" class="_doprtjyr45g" style="overflow-y: hidden;height: 70px;">'.$sql['text'].'</textarea><input onclick="saveform (\'/ajax/forum.php?act=savekomm&id='.$ids.'\',\'k'.$ids.'\');return false;" type="submit" name="add" class="_dop3t4g5erf" value="Сохранить"></form>';
$d = ['razd' => '#komm_'.$ids,'zamena' => $zamena,'type' => 'success'];
echo json_encode($d); exit;
break;
case 'savekomm':
if (empty($user['id'])): header('location: /'); exit; endif;
$sql = DB::$dbs->queryFetch('SELECT `id`,`idus`,`id_them` FROM `forum_komm` WHERE `id` = ? and `idus` = ? LIMIT 1', [$id,$user['id']]);
if (empty($sql['id']) or $sql['idus'] != $user['id']): exit; endif;
//
$textt = functions::htmlred($_POST['textt']);
//
if(empty($textt) || mb_strlen($textt, 'UTF-8') < 5 || mb_strlen($textt, 'UTF-8') > 10000):
$err = 'Неправильная длина текста темы.';
endif;
//
if(isset($err)):
$d = ['message' => $err,'type' => 'error']; echo json_encode($d); exit;
else:
DB::$dbs->query('UPDATE `forum_komm` SET `text` = ? WHERE `id` = ?',[$textt,$id]);
$_SESSION['good'] = 'Комментарий отредактирован.';
$d = ['location' => '/forum/t/'.$sql['id_them'].'/','type' => 'success'];
echo json_encode($d); exit;
endif;
break;
}