File size: 18.61Kb
<?php
require( '../sys/inc/core.php' );
if ( db::count("SELECT COUNT(*) FROM `ban` WHERE `razdel` = 'forum' AND `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0' OR `navsegda` = '1')") != 0 ) {
header( 'Location: /ban.php?' . SID );
exit;
}
if ( isset( $_GET['id_forum'] ) && db::count("SELECT COUNT(*) FROM `forum_f` WHERE" . ( ( !isset( $user ) || $user['level'] == 0 ) ? " `adm` = '0' AND" : null ) . " `id` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_razdel'] ) && db::count("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_them'] ) && db::count("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_post'] ) && db::count("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '" . intval( $_GET['id_post'] ) . "' AND `id_them` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 ) {
$forum = db::fetch("SELECT * FROM `forum_f` WHERE `id` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$razdel = db::fetch("SELECT * FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$them = db::fetch("SELECT * FROM `forum_t` WHERE `id` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$post = db::fetch("SELECT * FROM `forum_p` WHERE `id` = '" . intval( $_GET['id_post'] ) . "' AND `id_them` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$post2 = db::fetch("SELECT * FROM `forum_p` WHERE `id_them` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' ORDER BY `id` DESC LIMIT 1", ARRAY_A);
if ( isset( $user ) ) {
$ank = get_user( $post['id_user'] );
if ( isset( $_GET['act'] ) && $_GET['act'] == 'edit' && isset( $_POST['msg'] ) && isset( $_POST['post'] ) && ( ( user_access( 'forum_post_ed' ) ) || ( isset( $user ) && $user['id'] == $post['id_user'] && $post['time'] > time() - 600 && $post['id_user'] == $post2['id_user'] ) ) ) {
$msg = $_POST['msg'];
if ( isset( $_POST['translit'] ) && $_POST['translit'] == 1 )
$msg = translit( $msg );
if ( strlen2( $msg ) < 2 )
$err[] = 'Короткое сообщение';
if ( strlen2( $msg ) > 1024 )
$err[] = 'Длина сообщения превышает предел в 1024 символа';
$mat = antimat( $msg );
if ( $mat )
$err[] = 'В тексте сообщения обнаружен мат: ' . $mat;
if ( !isset( $err ) )
db::query("UPDATE `forum_p` SET `msg` = '" . my_esc( $msg ) . "' WHERE `id` = '$post[id]' LIMIT 1");
} elseif ( isset( $_GET['act'] ) && $_GET['act'] == 'edit' && ( user_access( 'forum_post_ed' ) && ( $ank['level'] < $user['level'] || $ank['level'] == $user['level'] && $ank['id'] == $user['id'] ) || isset( $user ) && $post['id'] == $post2['id'] && $post['id_user'] == $user['id'] && $post['time'] > time() - 600 ) ) {
$set['title'] = 'Форум - редактирование поста';
include_once '../sys/inc/thead.php';
title();
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>\n";
$msg2 = output_text( $post['msg'], false, true, false, false, false );
if (is_file( H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php' ) )
include_once H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php';
else
echo "Сообщение:<br />\n<textarea name=\"msg\">" . $msg2 . "</textarea><br />\n";
echo "<input name='post' value='Изменить' type='submit' /><br />\n";
echo "</form>\n";
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/$them[id]/?page=end\" title='Вернуться в тему'>В тему</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/\" title='В раздел'>" . text( $razdel['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/\" title='В подфорум'>" . text( $forum['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a><br />\n";
echo "</div>\n";
include_once '../sys/inc/tfoot.php';
} elseif ( isset( $_GET['act'] ) && $_GET['act'] == 'delete' && isset( $user ) && $them['close'] == 0 && ( ( user_access( 'forum_post_ed' ) && ( $ank['level'] <= $user['level'] || $ank['level'] == $user['level'] && $ank['id'] == $user['id'] ) ) || $post['id'] == $post2['id'] && $post['id_user'] == $user['id'] && $post['time'] > time() - 600 ) ) {
db::query("DELETE FROM `forum_p` WHERE `id` = '" . intval( $_GET['id_post'] ) . "' AND `id_them` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1");
} elseif ( isset( $_GET['act'] ) && $_GET['act'] == 'msg' && $them['close'] == 0 && isset( $user ) ) {
$ank = get_user( $post['id_user'] );
$set['title'] = 'Форум - ' . text( $them['name'] );
include_once '../sys/inc/thead.php';
title();
aut();
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/new'>\n";
echo "<a href='/info.php?id=$ank[id]'>Посмотреть анкету</a><br />\n";
$msg2 = $ank['nick'] . ', ';
if ( is_file( H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php' ) )
include_once H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php';
else
echo "Сообщение:<br />\n<textarea name=\"msg\">$ank[nick], </textarea><br />\n";
echo "<input name='post' value='Отправить сообщение' type='submit' /><br />\n";
echo "</form>\n";
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str.gif' alt='*'> <a href=\"/smiles.php\">Смайлы</a><br />\n";
echo "<img src='/style/icons/str.gif' alt='*'> <a href=\"/rules.php\">Правила</a><br />\n";
echo "</div>\n";
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/$them[id]/?page=end\" title='Вернуться в тему'>В тему</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/\" title='В раздел'>" . text( $razdel['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/\" title='В подфорум'>" . text( $forum['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a><br />\n";
echo "</div>\n";
include_once '../sys/inc/tfoot.php';
} elseif ( isset( $_GET['act'] ) && $_GET['act'] == 'cit' && $them['close'] == 0 && isset( $user ) ) {
$ank = get_user( $post['id_user'] );
$set['title'] = 'Форум - ' . text( $them['name'] );
include_once '../sys/inc/thead.php';
title();
aut();
echo "Будет процетировано сообщение:<br />\n";
echo "<div class='cit'>\n";
echo output_text( $post['msg'] ) . "<br />\n";
echo "</div>\n";
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/new'>\n";
echo "<input name='cit' value='$post[id]' type='hidden' />";
$msg2 = $ank['nick'] . ', ';
if ( is_file( H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php' ) )
include_once H . 'style/themes/' . $set['set_them'] . '/altername_post_form.php';
else
echo "Сообщение:<br />\n<textarea name=\"msg\">$ank[nick], </textarea><br />\n";
echo "<input name='post' value='Отправить сообщение' type='submit' /><br />\n";
echo "</form>\n";
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/$them[id]/?page=end\" title='Вернуться в тему'>В тему</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/$razdel[id]/\" title='В раздел'>" . text( $razdel['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/\" title='В подфорум'>" . text( $forum['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a><br />\n";
echo "</div>\n";
include_once '../sys/inc/tfoot.php';
}
}
}
if ( isset( $_GET['id_forum'] ) && db::count("SELECT COUNT(*) FROM `forum_f` WHERE" . ( ( !isset( $user ) || $user['level'] == 0 ) ? " `adm` = '0' AND" : null ) . " `id` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_razdel'] ) && db::count("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_them'] ) && db::count("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 ) {
$forum = db::fetch("SELECT * FROM `forum_f` WHERE `id` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$razdel = db::fetch("SELECT * FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$them = db::fetch("SELECT * FROM `forum_t` WHERE `id` = '" . intval( $_GET['id_them'] ) . "' AND `id_razdel` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
db::query("UPDATE `notification` SET `read` = '1' WHERE `id_object` = '$them[id]' AND `type` = 'them_komm' AND `id_user` = '$user[id]'");
if ( isset( $user ) ) {
db::query("UPDATE `discussions` SET `count` = '0' WHERE `id_user` = '$user[id]' AND `type` = 'them' AND `id_sim` = '$them[id]' LIMIT 1");
}
$set['title'] = 'Форум - ' . text( $them['name'] );
include_once '../sys/inc/thead.php';
title();
$ank2 = get_user( $them['id_user'] );
include 'inc/set_them_act.php';
include 'inc/them.php';
include 'inc/set_them_form.php';
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a> | <a href=\"/forum/$forum[id]/\" title='В подфорум'>" . text( $forum['name'] ) . "</a> | <a href=\"/forum/$forum[id]/$razdel[id]/\" title='В раздел'>" . text( $razdel['name'] ) . "</a><br />\n";
echo "</div>\n";
include_once '../sys/inc/tfoot.php';
}
if ( isset( $_GET['id_forum'] ) && db::count("SELECT COUNT(*) FROM `forum_f` WHERE" . ( ( !isset( $user ) || $user['level'] == 0 ) ? " `adm` = '0' AND" : null ) . " `id` = '" . intval( $_GET['id_forum'] ) . "'") == 1 && isset( $_GET['id_razdel'] ) && db::count("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "'") == 1 ) {
$forum = db::fetch("SELECT * FROM `forum_f` WHERE `id` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$razdel = db::fetch("SELECT * FROM `forum_r` WHERE `id` = '" . intval( $_GET['id_razdel'] ) . "' AND `id_forum` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
if ( isset( $user ) && isset( $_GET['act'] ) && $_GET['act'] == 'new' && ( !isset( $_SESSION['time_c_t_forum'] ) || $_SESSION['time_c_t_forum'] < $time - 600 || $user['level'] > 0 ) )
include 'inc/new_t.php';
else {
$set['title'] = 'Форум - ' . text( $razdel['name'] );
include_once '../sys/inc/thead.php';
title();
if ( user_access( 'forum_razd_edit' ) )
include 'inc/set_razdel_act.php';
include 'inc/razdel.php';
if ( user_access( 'forum_razd_edit' ) )
include 'inc/set_razdel_form.php';
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/$forum[id]/\">" . text( $forum['name'] ) . "</a><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a><br />\n";
echo "</div>\n";
}
include_once '../sys/inc/tfoot.php';
}
if ( isset( $_GET['id_forum'] ) && db::count("SELECT COUNT(*) FROM `forum_f` WHERE" . ( ( !isset( $user ) || $user['level'] == 0 ) ? " `adm` = '0' AND" : null ) . " `id` = '" . intval( $_GET['id_forum'] ) . "'") == 1 ) {
$forum = db::fetch("SELECT * FROM `forum_f` WHERE `id` = '" . intval( $_GET['id_forum'] ) . "' LIMIT 1", ARRAY_A);
$set['title'] = 'Форум - ' . text( $forum['name'] );
include_once '../sys/inc/thead.php';
title();
include 'inc/set_forum_act.php';
include 'inc/forum.php';
include 'inc/set_forum_form.php';
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Форум</a><br />\n";
echo "</div>\n";
include_once '../sys/inc/tfoot.php';
}
$set['title'] = 'Форум';
include_once '../sys/inc/thead.php';
title();
if ( user_access( 'forum_for_create' ) && isset( $_GET['act'] ) && isset( $_GET['ok'] ) && $_GET['act'] == 'new' && isset( $_POST['name'] ) && isset( $_POST['opis'] ) && isset( $_POST['pos'] ) ) {
$name = my_esc( $_POST['name'] );
if ( strlen2( $name ) < 3 )
$err = 'Слишком короткое название';
if ( strlen2( $name ) > 32 )
$err = 'Слишком днинное название';
$opis = $_POST['opis'];
if ( strlen2( $opis ) > 512 )
$err = 'Слишком длинное описание';
$opis = my_esc( $opis );
if ( !isset( $_POST['icon'] ) || $_POST['icon'] == null )
$icons = 'default';
else
$icons = preg_replace( '#[^a-z0-9 _\-\.]#i', null, $_POST['icon'] );
$pos = intval( $_POST['pos'] );
if ( !isset( $err ) ) {
admin_log( 'Форум', 'Подфорумы', "Создание подфорума '$name'" );
db::query("INSERT INTO `forum_f` (`opis`, `name`, `pos`, `icon`) values('$opis', '$name', '$pos', '$icons')");
msg( 'Подфорум успешно создан' );
}
}
err();
aut();
echo "<div class=\"err\">\n";
echo "<a href='/rules.php'>Правила</a><br />\n";
echo "</div>\n";
echo "<div class=\"foot\">\n";
echo "<a href='/forum/new_t.php'>Новые темы</a> | \n";
echo "<a href='/forum/new_p.php'>Новые посты</a><br />\n";
if ( isset( $user ) ) {
echo "<a href='/forum/my_t.php'>Мои темы</a> | \n";
}
echo "<a href='/forum/search.php'>Поиск<br /></a>\n";
echo "</div>\n";
echo "<table class='post'>\n";
$q = db::query("SELECT * FROM `forum_f`" . ( ( !isset( $user ) || $user['level'] == 0 ) ? " WHERE `adm` = '0'" : null ) . " ORDER BY `pos` ASC");
if ( $q->fetch_row() == 0 ) {
echo " <div class='mess'>\n";
echo "Нет подфорумов\n";
echo " </div>\n";
}
while ( $forum = $q->fetch_assoc() ) {
if ( $num == 0 ) {
echo " <div class='nav1'>\n";
$num = 1;
} elseif ( $num == 1 ) {
echo " <div class='nav2'>\n";
$num = 0;
}
echo "<img src='/style/forum/$forum[icon]' alt='*'/> ";
echo "<a href='/forum/$forum[id]/'>" . text( $forum['name'] ) . "</a> (" . db::count("SELECT COUNT(*) FROM `forum_p` WHERE `id_forum` = '$forum[id]'") . '/' . db::count("SELECT COUNT(*) FROM `forum_t` WHERE `id_forum` = '$forum[id]'") . ")\n";
if ( $forum['opis'] != NULL )
echo '<br />' . output_text( $forum['opis'] );
echo " </div>\n";
}
echo "</table>\n";
if ( user_access( 'forum_for_create' ) && ( isset( $_GET['act'] ) && $_GET['act'] == 'new' || db::count("SELECT COUNT(*) FROM `forum_f`") == 0 ) ) {
echo "<form method=\"post\" action=\"/forum/index.php?act=new&ok\">\n";
echo "Название подфорума:<br />\n";
echo "<input name=\"name\" type=\"text\" maxlength='32' value='' /><br />\n";
echo "Описание:<br />\n";
echo "<textarea name=\"opis\"></textarea><br />\n";
echo "Позиция:<br />\n";
$pos = db::count("SELECT MAX(`pos`) FROM `forum_f`") + 1;
echo "<input name=\"pos\" type=\"text\" maxlength='3' value='$pos' /><br />\n";
$icon = array( );
$opendiricon = opendir( H . 'style/forum' );
while ( $icons = readdir( $opendiricon ) ) {
if ( preg_match( '#^\.|default.png#', $icons ) )
continue;
$icon[] = $icons;
}
closedir( $opendiricon );
echo "Иконка:<br />\n";
echo "<select name='icon'>\n";
echo "<option value='default.png'>По умолчанию</option>\n";
for ( $i = 0; $i < sizeof( $icon ); $i++ ) {
echo "<option value='$icon[$i]'>$icon[$i]</option>\n";
}
echo "</select><br />\n";
echo "<input value=\"Создать\" type=\"submit\" /><br />\n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href=\"/forum/\">Отмена</a><br />\n";
echo "</form>\n";
}
if ( user_access( 'forum_for_create' ) && db::count("SELECT COUNT(*) FROM `forum_f`") > 0 ) {
echo "<div class=\"foot\">\n";
echo "<img src='/style/icons/str.gif' alt='*'> <a href=\"/forum/?act=new\">Новый подфорум</a><br />\n";
echo "</div>\n";
}
include_once '../sys/inc/tfoot.php';
?>