Просмотр файла forum.php

Размер файла: 23.84Kb
<?php
// by mides, 1da.su

$title = 'Форум';
require_once 'system/sys.php';
require_once 'system/header.php';

switch ($act) {
	default:
		tp('Форум');
		$cats_r = mysql_query("SELECT `id`, `name` FROM `forum_cats` ORDER BY `order`, `name`");
		if (mysql_num_rows($cats_r)) {
			while ($cat = mysql_fetch_assoc($cats_r)) {
				$f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_cat` = '$cat[id]'"), 0);
				$f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_cat` = '$cat[id]'"), 0);
				echo '<a href="?act=cat&amp;id='.$cat['id'].'">'.$cat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
			}
		} else {
			echo 'Разделы не созданы.';
		}
		echo '<br /><form action="?act=newposts" method="post">
		<input name="submit" type="submit" value="Новые сообщения" />
		</form>';
		nav_main();
	break;
	
	case 'newposts':
		$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `last_time` > '".(time()-43200)."'"), 0);
		if ($total > 0) {
			$pages = ceil($total / $config['onpage']);
			$page = intval($_GET['p']) ? abs($_GET['p']) : 1;
			if ($page > $pages or $page == 0) {
				$page = 1;
			}
			$begin = ($page - 1) * $config['onpage'];
			
			tp('Новые сообщения за 12 часов');
			$topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `last_time` > '".(time()-43200)."' ORDER BY `last_time` DESC LIMIT $begin, $config[onpage]");
			while($t = mysql_fetch_assoc($topics_r)){
				$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$t[id]'"), 0);
				$last_page = ceil($t_msg/$config['onpage']);
				$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$t[id_cat]'"));
				$lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$t[id]' ORDER BY `time` DESC limit 1"));
				echo '<a href="?act=cat&amp;id='.$t['id_cat'].'">'.$cat['name'].'</a>&gt;<a href="?act=topic&amp;id='.$t['id'].'">'.$t['title'].'</a> ('.login($lastuser['id_user']).' <a href="?act=topic&amp;id='.$t['id'].'&amp;p='.$last_page.'">&raquo;</a>, '.date('d.m,
 H:i', $t['last_time']).')<br />';

			}
			navig($page, '?act=newposts&amp;', $pages);
			nav('?');
		} else {
			info('Отсутствует активность за последние 12 часов.');
			nav('?');
		}
	break;
	
    case 'cat':
		$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$id'"));
		if ($cat['name']) {
			tp('<a href="?">Форум</a> &gt; '.$cat['name']);
			$subcats_r = mysql_query("SELECT `id`, `name` FROM `forum_subcats` WHERE `id_cat` = '$id' ORDER BY `order`, `name`");
			if (mysql_num_rows($subcats_r)) {
				while ($subcat = mysql_fetch_assoc($subcats_r)) {
					$f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$subcat[id]'"), 0);
					$f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_subcat` = '$subcat[id]'"), 0);
					echo '<a href="?act=subcat&amp;id='.$subcat['id'].'">'.$subcat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
				}
			} else {
				echo 'Подразделы не созданы.';
			}
			nav('?');
		} else {
			error('Выбранный раздел не существует.');
			nav('?');
		}
	break;
			
	case 'subcat':
		$subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
		if ($subcat['name']) {
			$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
			tp('<a href="?">Форум</a> &gt; <a href="?act=cat&amp;id='.$subcat['id_cat'].'">'.$cat['name'].'</a> &gt; '.$subcat['name']);
			$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$id'"), 0);
			if ($total > 0) {
				$pages = ceil($total / $config['onpage']);
				if ($page > $pages or $page == 0) {
					$page = 1;
				}
				$begin = ($page - 1) * $config['onpage'];
				
				$topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `id_subcat` = '$id' ORDER BY `stuck` DESC, `last_time` DESC LIMIT $begin, $config[onpage]");
				while ($topic = mysql_fetch_assoc($topics_r)) {
				
				if ($topic['stuck']) echo '!';
				if ($topic['closed'] == 1 and empty($topic['stuck'])) echo '#';
				$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$topic[id]'"), 0);
				$last_page = ceil($t_msg/$config['onpage']);
				$lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$topic[id]' ORDER BY `time` DESC limit 1"));
				echo '<a href="?act=topic&amp;id='.$topic['id'].'">'.$topic['title'].'</a> ('.$t_msg.') '.login($lastuser['id_user']).'<a href="?act=topic&amp;id='.$topic['id'].'&amp;p='.$last_page.'">&raquo;</a><br />';
				}
			} else {
				echo 'В этом подразделе нет тем.<br />';
			}
			echo '<br /><form action="?act=topic_add&amp;id='.$id.'" method="post">
			<input name="" type="submit" value="Создать тему">
			</form>
			</div>';
			if (empty($pages)) $pages = 0;
			navig($page, '?act=subcat&amp;id='.$id.'&amp;', $pages);
			nav2('?act=cat&amp;id='.$subcat['id_cat'], $cat['name']);
		} else {
			header('location: ?');
			exit;
		}			
	break;
	
	case 'topic':
		$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
		if (isset($topic['id'])) {
			echo '<div class="title">'.$topic['title'].'</div><div class="list">';
			$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
			
			$pages = ceil($total / $config['onpage']);
			if ($page > $pages or $page == 0) {
				$page = 1;
			}
			$begin = ($page - 1) * $config['onpage'];
				
			$msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `time` LIMIT $begin, $config[onpage]");
			while ($msg = mysql_fetch_assoc($msg_r)) {
				if (!isset($num) ) $num = 1;  
				$num++;
				$row_class = (!($num % 2)) ? 'row1' : 'row2';	
				echo '<div class="'.$row_class.'">
				
				<a href="profile.php?id='.$msg['id_user'].'">'.login($msg['id_user']).'</a> '.ccdate($msg['time'], $msg['id_user']).' <a href="?act=msg_reply&amp;id='.$msg['id'].'">Отв</a>|<a href="?act=msg_quote&amp;id='.$msg['id'].'">Цит</a>';
				if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) echo '|<a href="?act=msg_edit&amp;id='.$msg['id'].'">Ред</a>';
				if ($u['access'] > 1) echo '|<a href="?act=msg_del&amp;id='.$msg['id'].'">Уд</a>';
				if ($u['id']) {
					echo ' ';
					if ($msg['votes'] > 0) {
						echo '+'.$msg['votes'];
					}
					$query = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'forum' and `id_who` = '$u[id]' and `id_for` = '$msg[id]'");
					if (mysql_num_rows($query) or $msg['id_user'] == $u['id']) {
						echo '<img src="inc/plus.png">';
					} else {
						echo '<a href="?act=vote&amp;id='.$msg['id'].'&amp;p='.$page.'"><img src="inc/plus.png"></a>';
					}
				}
				echo '<br />'.bb($msg['text']);
				if ($msg['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">отредактировано: '.login_simple($msg['edit_by']).' ('.date('d.m.y, H:i', $msg['edit_time']).' )</span>';
				echo '</div>';
			}
			
			if ($u['access'] > 0) {
				echo $topic['closed'] == 1 ? '<a href="?act=topic_open&amp;id='.$id.'">Откр.</a>' : '<a href="?act=topic_close&amp;id='.$id.'">Закр.</a>';
				echo '|<a href="?act=topic_edit&amp;id='.$topic['id'].'">Ред.</a>';
				if ($u['access'] > 1) echo '|<a href="?act=topic_del&amp;id='.$id.'">Уд.</a>';
			}
			navig($page, '?act=topic&amp;id='.$id.'&amp;', $pages);
			echo '</div><div class="main">';
			if ($u['id']) {
				if ($topic['closed'] == 0) {
					echo 'Добавить(max500):<br />
					<form action="?act=msg_add&amp;id='.$id.'" method="post">
					<textarea name="text" cols="" rows="3"></textarea>';
					echo '<input name="" type="submit" value="Ok">
					</form>';
				} else {
					echo 'Тема закрыта.';
				}
			} else {
				echo 'Вы не <a href="login.php">авторизованы</a> для добавления сообщений.';
			}
			echo '</div>';
			$subcat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'"));
			nav2('?act=subcat&amp;id='.$topic['id_subcat'], $subcat['name']);
		} else {
			header('location: ?');
			exit;
		}
	break;
	
	case 'topic_add':
		if ($u['id']) {
			$subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
			if ($subcat['id_cat']) {
				if (TIME > $spam) {
					if ($ok) {
						if ($_POST['title'] and $_POST['text']) {
							mb_internal_encoding('UTF-8');
							if (mb_strlen($_POST['text']) <= 750) {
								$title = check($_POST['title']);
								$text = check($_POST['text']);
								mysql_query("INSERT INTO `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `title` = '$title', `id_user` = '$u[id]', `last_time` = '".time()."', `stuck` = '$stuck', `closed` = '$closed'");
								$id_topic = mysql_insert_id();
								mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `id_topic` = '$id_topic', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
								$_SESSION['antispam'] = time() + $config['antispam'];
								header('location: ?act=topic&id='.$id_topic);
							} else {
								error('Слишком длинный текст.');
								nav('?act=topic_add&amp;id='.$id);
							}
						} else {
							error('Вы не заполнили поля.');
							nav('?act=topic_add&amp;id='.$id);
						}
					} else {
						tp('Создать тему');
						echo '<form action="?act=topic_add&amp;id='.$id.'&amp;ok=1" method="post">
						Заголовок(max50):<br /><input name="title" type="text" maxlength="50" /><br />
						Сообщение(max750):<br /><textarea name="text" cols="" rows="4"></textarea>
						<input name="submit" type="submit" value="Ok" />
						</form>';
						nav2('?act=subcat&amp;id='.$id, $subcat['name']);
					}
				} else {
					error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
					nav2('?act=subcat&amp;id='.$id, $subcat['name']);
				}
			}
		} else {
			header('location: login.php');
			exit;
		}
	break;
	
	case 'topic_edit':
		if ($u['access'] > 0) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if (isset($topic['id'])) {
				if ($ok) {
					if (!empty($_POST['title']) and ($_POST['text'])) {
						$subcat_id = abs(intval($_POST['subcat']));
						$subcat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$subcat_id'"));
						$title = check($_POST['title']);
						$text = check($_POST['text']);
						$stuck = abs(intval($_POST['stuck']));
						$closed = abs(intval($_POST['closed']));
						mysql_query("UPDATE `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]', `title` = '$title', `stuck` = '$stuck', `closed` = '$closed' WHERE `id` = '$id'");
						mysql_query("UPDATE `forum_msg` SET `text` = '$text' WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
						$msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
						while ($msg = mysql_fetch_assoc($msg_r)) {
							mysql_query("UPDATE `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]' WHERE `id` = '$msg[id]'");
						}
						header('location: ?act=topic&id='.$id);
						exit;
					} else {
						header('location: ?act=topic_edit&id='.$id);
						exit;
					}
				} else {
					$msg_r = mysql_query("SELECT `text` FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
					$msg = mysql_fetch_assoc($msg_r);
					
					tp('Редактирование темы');
					echo '<form action="?act=topic_edit&amp;id='.$id.'&amp;ok=1" method="post">
					<select name="subcat">';
					$subcat_r1 = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'");
					$subcat1 = mysql_fetch_assoc($subcat_r1);
					$cat1 = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat1[id_cat]'"));
					echo '<option value="'.$subcat1['id'].'">'.$cat1['name'].' &gt; '.$subcat1['name'].'</option>';

					$subcat_r = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` != '$topic[id_subcat]' ORDER BY `id_cat`, `name`");
					while ($subcat = mysql_fetch_assoc($subcat_r)) {
						$cat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
						echo '<option value="'.$subcat['id'].'">'.$cat['name'].' &gt; '.$subcat['name'].'</option>';
					}
					echo '</select><br />

					Заголовок(max50):<br /><input name="title" type="text" value="'.$topic['title'].'" maxlength="50" /><br />
					Текст:<br /><textarea name="text" cols="" rows="5">'.$msg['text'].'</textarea><br />';
					echo $topic['stuck'] == 1 ? '<input name="stuck" type="checkbox" value="1" checked />' : '<input name="stuck" type="checkbox" value="1" />';
					echo ' закрепить<br />';
					echo $topic['closed'] == 1 ? '<input name="closed" type="checkbox" value="1" checked />' : '<input name="closed" type="checkbox" value="1" />';
					echo ' закрыть<br />';
					echo '<input name="submit" type="submit" value="Ok" />
					</form>';
					nav('?act=topic&amp;id='.$id);
				}
			} else {
				header('location: ?');
				exit;
			}
		} else {
			header('location: ?');
			exit;
		}
	break;

	break;
	
	case 'topic_close':
		if ($u['access'] > 0) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if ($topic['id']) {
				mysql_query("UPDATE `forum_topics` SET `closed` = 1 WHERE `id` = '$id'");
				header('location: ?act=topic&id='.$id);
				exit;
			} else {
				error('Тема не существует.');
				nav('?');
			}
		} else {
			header('location: ?');
			exit;
		}
	break;

	case 'topic_open':
		if ($u['access'] > 0) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if ($topic['id']) {
				mysql_query("UPDATE `forum_topics` SET `closed` = 0 WHERE `id` = '$id'");
				header('location: ?act=topic&id='.$id);
				exit;
			} else {
				error('Тема не существует.');
				nav('?');
			}
		} else {
			header('location: ?');
			exit;
		}
	break;

	case 'topic_del':
		if ($u['access'] > 1) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if ($topic['id']) {
				if (isset($_GET['ok'])) {
					$forum_msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
					while ($forum_msg = mysql_fetch_assoc($forum_msg_r) ) {
						mysql_query("DELETE FROM `voting` WHERE `type` = 'forum' and `id_for` = '$forum_msg[id]'");
					}

					mysql_query("DELETE FROM `forum_msg` WHERE `id_topic` = '$id'");
					mysql_query("DELETE FROM `forum_topics` WHERE `id` = '$id'");
					header('location: ?act=subcat&id='.$topic['id_subcat']);
					exit;
				} else {
					tp('Подтверждение');
					echo '<form action="?act=topic_del&amp;id='.$id.'&amp;ok=1" method="post">
					Вы действительно хотите удалить тему "'.$topic['title'].'"?<br />
					<input name="submit" type="submit" value="&#1044;&#1072;" />
					</form>';
					nav('?act=topic&amp;id='.$id);
				}
			} else {
				error('Тема не существует.');
				nav('?');
			}
		} else {
			header('location: ?');
			exit;
		}
	break;
	
	case 'msg_add':
		if ($u['id']) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if ($topic['id_cat'] and empty($topic['closed'])) {
				if (time() > $_SESSION['antispam']) {
					$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
					$last_page = ceil($t_msg/$config['onpage']);
					if ($_POST['text']) {
						$text = check($_POST['text']);
						mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$id'");
						mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$topic[id_cat]', `id_subcat` = '$topic[id_subcat]', `id_topic` = '$id', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
						$_SESSION['antispam'] = time() + $config['antispam'];
						header('location: ?act=topic&id='.$id.'&p='.$last_page);
						exit;
					} else {
						header('location: ?act=topic&id='.$id.'&p='.$last_page);
						exit;
					}
				} else {
					error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
					nav('?act=topic&amp;id='.$id);
				}
			} else {
				header('location: ?');
				exit;
			}
		} else {
			header('location: login.php');
			exit;
		}
	break;
	
	case 'msg_reply':
		if ($u['id']) {
			$msg = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
			if ($msg['id']) {
				$topic = mysql_fetch_assoc(mysql_query("SELECT `closed` FROM `forum_topics` WHERE `id` = '$msg[id_topic]'"));
				if (empty($topic['closed'])) {
					if ($ok) {
						if (time() > $_SESSION['antispam']) {
							if ($_POST['text']) {
								$text = check($_POST['text']);
								mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$msg[id_topic]'");
								mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$msg[id_cat]', `id_subcat` = '$msg[id_subcat]', `id_topic` = '$msg[id_topic]', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
								$_SESSION['antispam'] = time() + $config['antispam'];
								$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$msg[id_topic]'"), 0);
								$last_page = ceil($t_msg/$config['onpage']);
								header('location: ?act=topic&id='.$msg['id_topic'].'&p='.$last_page);
								exit;
							} else {
								error('Вы не заполнили поле.');
								nav('?act=msg_reply&amp;id='.$msg['id_topic']);
							}
						} else {
							error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
							nav('?act=topic&amp;id='.$msg['id_topic']);
						}
					} else {
						tp('Ответ на сообщение');
						echo '<form action="?act=msg_reply&amp;id='.$id.'&amp;ok=1" method="post">
						Сообщение:<br /><textarea name="text" cols="" rows="4">[b]'.login_simple($msg['id_user']).'[/b], </textarea><br />
						<input name="submit" type="submit" value="Ok" />
						</form>';
						nav('?act=topic&amp;id='.$msg['id_topic']);
					}
				} else {
					redirect('?act=topic&id='.$msg['id_topic']);
				}
			} else {
				redirect('?');
			}
		} else {
			redirect('login.php');
		}
	break;
	
	case 'msg_quote':
		if ($u['id']) {
			$msg = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
			if ($msg['id']) {
				$topic = mysql_fetch_assoc(mysql_query("SELECT `closed` FROM `forum_topics` WHERE `id` = '$msg[id_topic]'"));
				if (empty($topic['closed'])) {
					if ($ok) {
						if (time() > $_SESSION['antispam']) {
							if (!empty($_POST['text'])) {
								$text = check($_POST['text']);
								mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$msg[id_topic]'");
								mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$msg[id_cat]', `id_subcat` = '$msg[id_subcat]', `id_topic` = '$msg[id_topic]', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
								$_SESSION['antispam'] = time() + $config['antispam'];
								$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$msg[id_topic]'"), 0);
								$last_page = ceil($t_msg/$config['onpage']);
								header('location: ?act=topic&id='.$msg['id_topic'].'&p='.$last_page);
								exit;
							} else {
								error('Вы не заполнили поле.');
								nav('?act=msg_quote&amp;id='.$msg['id_topic']);
							}
						} else {
							error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
							nav('?act=topic&amp;id='.$msg['id_topic']);
						}
					} else {
						tp('Цитирование сообщения');
						echo '<form action="?act=msg_quote&amp;id='.$id.'&amp;ok=1" method="post">
						Сообщение:<br /><textarea name="text" cols="" rows="4">[i]'.login_simple($msg['id_user']).'[/i] пишет:[q]'.$msg['text'].'[/q]
	</textarea><br />
						<input name="submit" type="submit" value="Ok" />
						</form>';
						nav('?act=topic&amp;id='.$msg['id_topic']);
					}
				} else {
					redirect('?act=topic&id='.$msg['id_topic']);
				}
			} else {
				redirect('?');
			}
		} else {
			redirect('login.php');
		}
	break;
	
	case 'msg_edit':
		if ($u['id']) {
			$msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'");
			$msg = mysql_fetch_assoc($msg_r);
			if ($msg['id']) {
				if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) {
					tp('Редактирование сообщения');
					if (empty($_GET['ok'])) {
						echo '<form action="?act=msg_edit&amp;id='.$id.'&amp;ok=1" method="post">
						Сообщение(max250):<br /><textarea name="text" cols="" rows="3">'.$msg['text'].'</textarea>
						<input name="submit" type="submit" value="Ok" />
						</form>';
						nav('?act=topic&id='.$msg['id_topic']);
					} else {
						if ($_POST['text']) {
							$text = check($_POST['text']);
							mysql_query("UPDATE `forum_msg` SET `text` = '$text', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
							header('location: ?act=topic&id='.$msg['id_topic']);
							exit;
						} else {
							error('Вы не заполнили поле.');
							nav('?act=msg_edit&amp;id='.$id);
						}
					}
				} else {
					error('Нельзя отредактировать это сообщение.');
					nav('?act=topic&id='.$msg['id_topic']);
				}
			} else {
				error('Сообщение не существует.');
				nav('?');
			}
		} else {
			header('location: login.php');
			exit;
		}
	break;
	
	case 'msg_del':
		$msg = mysql_fetch_assoc(mysql_query("SELECT `id`, `id_topic` FROM `forum_msg` WHERE `id` = '$id'"));
		if ($msg['id']) {
			mysql_query("DELETE FROM `forum_msg` WHERE `id` = '$id'");
			mysql_query("DELETE FROM `voting` WHERE `type` = 'forum' and `id_for` = '$id'");
			header('location: ?act=topic&id='.$msg['id_topic']);
			exit;
		} else {
			error('Сообщение не существует.');
			nav('?act=topic&amp;id='.$msg['id_topic']);
		}
	break;
	
	case 'vote':
		if ($u['id']) {
			$p = abs(intval($_GET['p']));
			$msg_r = mysql_query("SELECT `id`, `id_topic`, `id_user` FROM `forum_msg` WHERE `id` = '$id'");
			$msg = mysql_fetch_assoc($msg_r);
			if ($msg['id']) {
				if ($msg['id_user'] != $u['id']) {
					$query = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'forum' and `id_who` = '$u[id]' and `id_for` = '$id'");
					if (!mysql_num_rows($query)) {
						mysql_query("UPDATE `forum_msg` SET `votes` = (`votes`+1) WHERE `id` = '$id'");
						mysql_query("INSERT INTO `voting` SET `type` = 'forum', `id_who` = '$u[id]', `id_for` = '$id'");
						mysql_query("UPDATE `users` SET `karma` = (`karma`+1) WHERE `id` = '$msg[id_user]'");
						
					}
				}
				header('location: ?act=topic&id='.$msg[id_topic].'&p='.$p);
				exit;
			} else {
				header('location: ?');
				exit;
			}
		} else {
			header('location: login.php');
			exit;
		}
	break;
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
		
}

require_once 'system/tail.php';
?>