File size: 10.19Kb
<?
if (isset($user) && ($them['close']==0 && $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `invit`='0' AND `activate`='0' LIMIT 1"),0)->fetchColumn()==1 || $user['id']==$soo['admid']) && isset($_GET['act']) && $_GET['act']=='new' && isset($_POST['msg']))
{
$msg=htmlspecialchars($_POST['msg']);
if (utf8_strlen($msg)<2)$err='Короткое сообщение';
if (utf8_strlen($msg)>10000)$err='Длина сообщения превышает предел в 10000 символов';
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if ($pdo->query(("SELECT COUNT(*) FROM `soo_forum_mess` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_soo` = '$soo[id]' AND `id_user` = '$user[id]' AND `mess` = '".htmlspecialchars($msg)."' LIMIT 1"),0)->fetchColumn()!=0)$err='Ваше сообщение повторяет предыдущее';
if (!isset($err))
{
if (isset($_POST['cit']) && is_numeric($_POST['cit']) && $pdo->query(("SELECT COUNT(*) FROM `soo_forum_mess` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_soo` = '".intval($_GET['id'])."' AND `id_forum` = '".intval($_GET['id_forum'])."'"),0)->fetchColumn()==1)
$cit=intval($_POST['cit']); else $cit='null';
$pdo->query("INSERT INTO `soo_forum_mess` (`id_forum`, `id_soo`, `id_them`, `id_user`, `mess`, `time`, `cit`) values('$forum[id]', '$soo[id]', '$them[id]', '$user[id]', '".htmlspecialchars($msg)."', '$time', '$cit')");
$post_id = $pdo->LastInsertId();
unset($_SESSION['msg']);
$pdo->query("UPDATE `soo_forum_thems` SET `time` = '$time' WHERE `id` = '$them[id]' LIMIT 1");
msg('Сообщение успешно добавлено');
header("location: ?id=$soo[id]&id_forum=$forum[id]&id_them=$them[id]");
include_once '../sys/inc/tfoot.php';
}
}
err();
$k_post=$pdo->query(("SELECT COUNT(*) FROM `soo_forum_mess` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_soo` = '$soo[id]'"),0)->fetchColumn();
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$mod = $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '".intval($_GET['id'])."' AND `id_user`='$user[id]' AND `mod` = '1' LIMIT 1"),0)->fetchColumn();
$post = $pdo->query(("SELECT * FROM `soo_forum_mess` WHERE `id_them` = '".intval($_GET['id_them'])."' AND `id_forum` = '".intval($_GET['id_forum'])."' AND `id_soo` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if (isset($user) && $user['id']==$soo['admid'] || isset($user) && $user['id']==$post['id_user'] || $mod){
if (isset($_GET['komm']) && isset($user))
{
$pdo->query("DELETE FROM `soo_forum_comm` WHERE `id` = '".intval($_GET['komm'])."'");
msg('Комментарий успешно удален');
}
}
if ((isset($user) && $user['id']==$soo['admid'] || $mod || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){$lim=NULL;}else $lim=" LIMIT $start, $set[p_str]";
$q = $pdo->query("SELECT * FROM `soo_forum_mess` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_soo` = '$soo[id]' ORDER BY `time` ASC LIMIT 1");
if ($k_post==0) {
$doc->NoResult();
}
$post_k=$start;
while ($post = $q->fetch(PDO::FETCH_ASSOC))
{
$ank=get_user($post['id_user']);
$post_k++;
if ((isset($user) && $user['id']==$soo['admid'] || isset($user) && $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `mod`='1' LIMIT 1"),0)->fetchColumn()==1) && isset($_GET['act']) && $_GET['act']=='post_delete')
{
echo "<input type='checkbox' name='post_$post[id]' value='1' />";
}
echo "<div style='background-color: white; padding: 10px;'>\n";
echo user($ank['id']);
echo " : <b><font color=blue>$them[name]</font></b> ";
if (isset($user) && $them['zak']==1){
echo '<font color="#ADA026"><i class="fa fa-lock fa-fw"></i></font>';
}
echo "<span style='float: right;'><small>".date::timek($post['time'])."</small></span><br><br>\n";
echo output_text($post['mess'])."<br /><br /></div>\n";
?><style>
.d10 {
background: #fff;
padding: 10px;
color: #5FAD62;
}
.d12 {
background: #EBF2F7;
border-top: 1px solid #CCD2D6;
border-left: 1px solid #CCD2D6;
border-right: 1px solid #CCD2D6;
padding: 10px;
color: #436A8A;
}
.d12:hover {
background: #E3EBF1;
}
.d11 {
background: #EBF2F7;
border-top: 1px solid #CCD2D6;
padding: 10px;
color: #436A8A;
}
.d11:hover {
background: #E3EBF1;
}
</style><?
if (isset($user) && $them['zak']==1){
echo "<div class='list-group-item'>";
echo '<font color="gray">Тема закрыта администрацией группы</font>';
echo "</div>";
}
if (isset($user) && $user['id']==$soo['admid'] || isset($user) && $user['id']==$post['id_user'] || $mod){
echo "<div class='list-group-item'>";
if (isset($user) && $user['id']==$soo['admid'] || $mod){
$them = $pdo->query(("SELECT * FROM `soo_forum_thems` WHERE `id` = '".intval($_GET['id_them'])."' AND `id_forum` = '".intval($_GET['id_forum'])."' AND `id_soo` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if (isset($_GET['zakr'])) {
$pdo->query("UPDATE `soo_forum_thems` SET `zak` = '1' WHERE `id` = '".intval($_GET['id_them'])."'");
header('location: ?id='.$soo['id'].'&id_forum='.$forum['id'].'&id_them='.$them['id'].'');
}
if (isset($_GET['otkr'])) {
$pdo->query("UPDATE `soo_forum_thems` SET `zak` = '0' WHERE `id` = '".intval($_GET['id_them'])."'");
header('location: ?id='.$soo['id'].'&id_forum='.$forum['id'].'&id_them='.$them['id'].'');
}
if (isset($user) && $them['zak']==0){
echo '<span style="border: 1px #ADC7D3 solid; padding: 5px; border-radius: 3px; background-color: white;"><a href="?id='.$soo['id'].'&id_forum='.$forum['id'].'&id_them='.$them['id'].'&zakr"><font color="#859AA3">Закрыть тему</font></a></span>';
}else{
echo '<span style="border: 1px #ADC7D3 solid; padding: 5px; border-radius: 3px; background-color: white;"><a href="?id='.$soo['id'].'&id_forum='.$forum['id'].'&id_them='.$them['id'].'&otkr"><font color="#859AA3">Открыть тему</font></a></span>';
}
echo ' <span style="border: 1px #ADC7D3 solid; padding: 5px; border-radius: 3px; background-color: white;"><a href="per.php?id='.$soo['id'].'&id_forum='.$forum['id'].'&id_them='.$them['id'].'"><font color="#859AA3">Переместить</font></a></span>';
echo '<br><br>';
}
echo '<table style="width:100%" cellspacing="0" cellpadding="0"><tr>';
echo "<td style='background-color: white; padding: 9px;width: 50%;border-top: 1px #d0d0d0 solid;border-left: 1px #d0d0d0 solid; border-bottom: 1px #d0d0d0 solid;border-right: 1px #d0d0d0 solid;'><center><a href='edit_them.php?id=$soo[id]&id_forum=$forum[id]&id_them=$them[id]'><i class='fa fa-edit fa-fw'></i> Редактировать</a><center></td>
<td style='background-color: white; padding: 9px;width: 50%;border-top: 1px #d0d0d0 solid; border-bottom: 1px #d0d0d0 solid;border-right: 1px #d0d0d0 solid;'><center><a href='delete.php?id=$soo[id]&id_forum=$forum[id]&id_them=$them[id]'><i class='fa fa-trash fa-fw'></i> Удалить</a></center></td></table></div>";
}
$count=$pdo->query(("SELECT COUNT(*) FROM `soo_forum_comm` WHERE `id_post` = '".intval($_GET['id_them'])."'"),0)->fetchColumn();
echo '<div class="list-group-item-komm list-group-item-info" style="padding: 10px;">';
echo "<i class='fa fa-comments fa-fw'></i> Комментарии \n";
echo "<span class='badgei'>$count</span>\n";
echo '</div>';
$q=$pdo->query("SELECT * FROM `soo_forum_comm` WHERE `id_post` = '".intval($_GET['id_them'])."' ORDER BY `time` $sort LIMIT $start, $set[p_str]");
while ($post = $q->fetch(PDO::FETCH_ASSOC))
{
$ank=$pdo->query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1")->fetch(PDO::FETCH_ASSOC);
echo "<div class='list-group-item'>";
echo '<table style="cellspacing="0" cellpadding="0" width="100%"><tr>';
if (IS_WEB == 1) {
echo '<td style="width: 8%;">';
}else{
echo '<td style="width: 15%;">';
}
echo '<span style="position: absolute; top: 5%;">';
avatarz($ank['id']);
echo '</span>';
echo '</td>';
echo '<td style="width: 85%;">';
echo user($ank['id']) . " ";
echo "<span style = 'float:right;color: grey;'><small title='" . date::timek($post['time']) . "'>" . date::timek($post['time']) . "</small></span>";
echo "<br />\n";
echo toOutput($post['msg'])."<br />\n";
if (isset($user) && $ank['id'] != $user['id'])echo "<a href='?id=".intval($_GET['id'])."&id_forum=".intval($_GET['id_forum'])."&id_them=".intval($_GET['id_them'])."&response=$ank[id]'><i class='fa fa-comments fa-fw'></i> Ответить</a> \n";
$post = $pdo->query(("SELECT * FROM `soo_forum_mess` WHERE `id_them` = '".intval($_GET['id_them'])."' AND `id_forum` = '".intval($_GET['id_forum'])."' AND `id_soo` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
if (isset($user) && $user['id']==$soo['admid'] || isset($user) && $user['id']==$post['id_user'] || $mod){
echo '<span style="float:right;"><a href="?id='.intval($_GET['id']).'&id_forum='.intval($_GET['id_forum']).'&id_them='.intval($_GET['id_them']).'&komm='.$post['id'].'"><i class="fa fa-trash fa-fw"></i> Удалить</a></span>';
}
echo '</td>';
echo '</tr></table>';
echo "</div>";
}
}
if (isset($user) && $them['zak']==1){
echo "<div class='list-group-item'>";
echo "<div class='err'>Возможность комментирования ограничена";
echo "</div></div>";
}else{
echo "<form method='post' class='list-group-item' name='message' action='comm.php?id=$soo[id]&id_forum=$forum[id]&id_them=$them[id]'>";
echo auto_bb("message", "msg");
echo "<textarea placeholder='" . lang('Введите сообщение') . "...' name='msg' class='form-control'>$otvet</textarea><br />";
$doc->Button('knopka', null, 'pencil', 'Опубликовать');
echo '</form>';}
if ($k_page>1)str("?id=$soo[id]&id_forum=$forum[id]&id_them=$them[id]&",$k_page,$page);
?>