<?PHP
include"../tools.php";
include"../head.php";
include"config.php";
if(!file_exists("".$_GET['kateg']."/".hacker($_GET['name']).""))
{
echo "<div>Такого файла не существует!!!</div>";
include"../foot.php";
exit;
}
if ($_GET['act']=="del")
{
$qw = mysql_fetch_array(mysql_query("SELECT * FROM `administration`where `iduser`='".$_SESSION['iduser']."'"));
if (mysql_affected_rows()=="1")
{$r="ok";}
if ($qw['type']>="500" and $r=="ok")
{
if(mysql_query("DELETE FROM `".$namebase."` WHERE `id` = '".intval($_GET['id'])."';"))
{echo "<div>Удалено!</div>";}
}
}
function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
return $str;
}
$page=hacker($_GET['page']);
if ($page<=0)
{$page=1;}
echo "<div class='contur'><div class='header'>".$_GET['name']."</div></div>";
if ($act=="send")
{
if (!empty($msg))
{
if ($_POST[msgtrans]==1)
{
$msg = tr_to_win($msg);
}
$search_bad_words = array("'хуй'si","'хуи'si","'пизд'si","'ёб'si","'сука'si","'суки'si","'дроч'si","'хуя'si","'ссуч'si");
$replace = array("*","*","*","*","*","*","*","*","*");
$msg = preg_replace($search_bad_words,$replace,$msg);
$realtime=time();
$msg=$msg;
$prov=mysql_query("select * from `".$namebase."` where `file`='".hacker($_GET['name'])."' && `type`='comm' && `author`='".$_SESSION['login']."' && `time`>'".intval(time()-600)."'");
if (mysql_affected_rows())
{
$res="ok";
}
if (!empty($_SESSION['login']) && empty($res))
{
mysql_query("insert into `".$namebase."` values('','".hacker($_GET['name'])."','".hacker($_POST['msg'])."','".time()."','".$_SESSION['login']."', 'comm', '', '');");
}
}
}
$messages = mysql_query("select * from `".$namebase."` where file='".hacker($_GET['name'])."' && `type`='comm' order by time desc ;");
$count = mysql_num_rows($messages);
if (!empty($_SESSION['login']))
{
echo "<div class='contur'><div class='header'><form action='comm.php?act=send&name=".$_GET['name']."&kateg=".$_GET[kateg]."&pages=".$_GET['pages']."' method='post'>
Комментарий:<br />
<textarea rows='2' name='msg'></textarea><br/><br />
<input type='checkbox' name='msgtrans' value='1' /> Транслит сообщения<br />
<input type='submit' value='добавить' />
</form><span style='color:red;'>Комментарий добавляется не чаще чем в 10 минут</span></div></div>";
}
while($massiv = mysql_fetch_array($messages))
{if ($i<=$page*10 & $i>=($page-1)*10)
{
echo "<div class='contur'><div class='header'>$massiv[author] ".date("d/m/y",$massiv[time])."<br/> $massiv[text]";
$qw = mysql_fetch_array(mysql_query("SELECT * FROM `administration`where `iduser`='".$_SESSION['iduser']."'"));
if (mysql_affected_rows()=="1")
{$r="ok";}
if ($qw['type']>="500" and $r=="ok")
{echo "<br/><a href='comm.php?act=del&id=".$massiv[id]."&name=".$_GET['name']."&kateg=".$_GET['kateg']."&pages=".$_GET['pages']."'>[x]</a>";
}
echo "</div></div>";
}
++$i;
}
if ($count>10)
{
$next=$page+1;
print "<div><a href='comm.php?page=".$next."&kateg=".$_GET[kateg]."&pages=".$_GET['pages']."&name=".$_GET['name']."'>Далее</a></div>";
}
$prev=$page-1;
if ($prev!=0)
{print "<div><a href='comm.php?page=".$prev."&kateg=".$_GET[kateg]."&pages=".$_GET['pages']."&name=".$_GET['name']."'>Назад</a></div>";}
echo "<a href='index.php?kateg=".$_GET[kateg]."&pages=".$_GET['pages']."'>В ".tr_to_win($_GET['kateg'])."</a><br/>";
echo "<div><a href='index.php'>В категории</a></div>";
require ("../foot.php");