Просмотр файла mforum/reply.php

Размер файла: 8.71Kb
<?php
	$pid=$HTTP_GET_VARS['pid'];
	$page=$HTTP_GET_VARS['page'];
	$act=$HTTP_POST_VARS['act'];
	$psmsg=$HTTP_POST_VARS['psmsg'];
	require "inc.php";
	$myid=$_COOKIE["usid"];
	$mypass=$_COOKIE["pass"];
	$db=mysql_connect($dbhost, $dbuser, $dbpass);
	mysql_select_db($dbname,$db);
	if (!isset($myid)) $myid=0;
	$sqlc="select * from users where usid=$myid";
	$c=mysql_query($sqlc);
	$resc=mysql_fetch_array($c);
	if ($resc[pass]==$mypass)
	{
	if (!isset($page))
	{
		$page=1;
	}
	$sql="select * from forum where pid='$pid'";
	$a=mysql_query($sql);
	$b=mysql_num_rows($a);
	if($b==0)
	{
		$ok=false;
	} else
	{
		$result=mysql_fetch_array($a);
		$msg=$result[post];
		$topicname=$result[topic];
	}
if ((!isset($act))||($psmsg==""))
{
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head>
<title></title>
<meta name=\"description\" content=\"\">
<meta name=\"keywords\" content=\"\">
</head>
<body bgcolor=\"#FFFFFF\" text=\"#000000\" link=\"#006699\" vlink=\"#006699\" alink=\"#006699\">\n";
	echo"<STYLE type=\"text/css\">\n";
	echo"A {text-decoration: none;}\n";
	echo"body\n";
	echo"{\n";
	echo"margin-left: 1%;\n";
	echo"margin-right: 1%;\n";
	echo"font-family: Arial, Helvetica, sans-serif;\n";
	echo"font-size: 10pt;\n";
	echo"background-color: #F0F0F0;\n";
	echo"}\n";
	echo"</STYLE>\n";
	include "top.php";
	echo"<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"<DIV>\n";
	echo"<TABLE width=100% bgcolor=\"#F0F0F0\" border=0 cellpadding=5 bordercolor=\"#000000\" cellspacing=1>\n";
	echo"	<TR valign=top>\n";
	echo"		<TD>\n";
	echo"			<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"				<DIV><a href=\"..\">[Main page]</a> <a href=\"index.php\">[Forum]</a> <b>[$topicname]</b></DIV>\n";
	echo"			</FONT>\n";
	echo"		</TD>\n";
	echo"		<TD>\n";
	echo"			<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"				<DIV align=\"right\">\n";
	echo"				</DIV>\n";
	echo"			</FONT>\n";
	echo"		</TD>\n";
	echo"	</TR>\n";
	echo"	</TABLE>\n";
	echo"</DIV>\n";
	echo"</FONT>\n";
	echo"
<form method=\"post\" action=\"reply.php?pid=$pid\">
  <FONT size=2 color=\"#000000\" face=\"Arial\"><FONT size=2 color=\"#000000\" face=\"Arial\">
  <TABLE width=100% border=1 cellpadding=1 bordercolor=\"#222288\" cellspacing=0>
    <TR valign=top>
      <TD> <FONT size=2 color=\"#000000\" face=\"Arial\">
        <DIV>\n";
	echo"<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"<DIV><TABLE width=100% bgcolor=\"#FFFFFF\" border=0 cellpadding=5 cellspacing=1>\n";
	echo"<TR valign=top>\n";
	echo"<TD align=\"center\" bgcolor=\"#8B93A0\" width=\"15%\"><FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"<DIV><b>Author</b></DIV>\n";
	echo"</FONT>\n";
	echo"</TD>\n";
	echo"<TD align=\"center\" bgcolor=\"#8B93A0\"><FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"<DIV><b>Message</b></DIV>\n";
	echo"</FONT>\n";
	echo"</TD>\n";
	echo"</TR>\n";
	$sql="select * from forum where pid='$pid'";
	$a=mysql_query($sql);
	$b=mysql_num_rows($a);
	if($b==0)
	{
		$ok=false;
	} else
	{
		$result=mysql_fetch_array($a);
		$sqlus="select * from users where usid='$result[usid]'";
		$us=mysql_query($sqlus);
		$rus=mysql_fetch_array($us);
		$msg=$result[post];
		$msg = ereg_replace(chr(13), '<br/>', $msg);
		echo"<TR valign=top>\n";
		echo"<TD align=\"center\" bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#697180\" face=\"Arial\">\n";
		echo"<DIV><a href=\"mailto:$rus[email]\"><b>$rus[name]</b></a></DIV></FONT>\n";
		echo"<DIV><img src=\"img/$rus[avatar]\"></DIV>\n";
		if 		($rus[posts]<10)
			 echo"<DIV><img src=\"img/rt0.gif\"></DIV>\n";
		else if ($rus[posts]<20)
			 echo"<DIV><img src=\"img/rt1.gif\"></DIV>\n";
		else if ($rus[posts]<40)
			 echo"<DIV><img src=\"img/rt2.gif\"></DIV>\n";
		else if ($rus[posts]<80)
			 echo"<DIV><img src=\"img/rt3.gif\"></DIV>\n";
		else if ($rus[posts]<100)
			 echo"<DIV><img src=\"img/rt4.gif\"></DIV>\n";
		else echo"<DIV><img src=\"img/rt5.gif\"></DIV>\n";
		echo"<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
		echo"<DIV><small>posts:$rus[posts]</small></DIV>\n";
		echo"</FONT>\n";
		echo"</TD>\n";
		echo"<TD bgcolor=\"#D5DAEA\">\n";
		echo"\n";
		echo"<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
		echo"<DIV><TABLE width=100% bgcolor=\"#FFFFFF\" border=0 cellpadding=2 cellspacing=0>\n";
		echo"<TR valign=top>\n";
		echo"<TD bgcolor=\"#C4C9D9\"><FONT size=2 color=\"#000000\" face=\"Arial\">\n";
		echo"<DIV><small>Posted: $result[date] $result[time]</small></DIV>\n";
		echo"</FONT>\n";
		echo"</TD>\n";
		echo"</TR>\n";
		echo"<TR valign=top>\n";
		echo"<TD bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">\n";
		echo"<DIV>$msg</DIV>\n";
		echo"</FONT>\n";
		echo"</TD>\n";
		echo"</TR>\n";
		echo"</TABLE>\n";
		echo"</DIV>\n";
		echo"</FONT>\n";
		echo"</TD>\n";
		echo"</TR>\n";
	}
	echo"</TABLE>\n";
	echo"</DIV>\n";
	echo"</FONT>\n";
	
	
	echo "
          <TABLE width=100% bgcolor=\"#FFFFFF\" border=0 cellpadding=5 bordercolor=\"#000000\" cellspacing=0>
            <TR valign=top>
              <TD colspan=\"4\" bgcolor=\"#BEC6D3\">
    			<FONT size=2 color=\"#000000\" face=\"Arial\">
                <DIV align=\"center\"><strong>Reply</strong></DIV>
              </FONT></TD>
            </TR>
            <TR valign=top>
              <TD height=16 bgcolor=\"#D5DAEA\">&nbsp;</TD>
              <TD height=16 bgcolor=\"#D5DAEA\"><!--<FONT size=2 color=\"#000000\" face=\"Arial\"><strong>Topic:</strong></FONT>--></TD>
              <TD height=16 bgcolor=\"#D5DAEA\"><div align=\"justify\">
                
              </div></TD>
              <TD height=16 bgcolor=\"#D5DAEA\">&nbsp;</TD>
            </TR>
            <TR valign=top>
              <TD height=16 bgcolor=\"#D5DAEA\">&nbsp;</TD>
              <TD height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\"></FONT></TD>
              <TD height=16 bgcolor=\"#D5DAEA\">
                <div align=\"justify\">
                  <p>
                    <textarea name=\"psmsg\" cols=\"60\" rows=\"10\">$psmsg</textarea>
                  </p>
              </div></TD>
              <TD height=16 bgcolor=\"#D5DAEA\">&nbsp;</TD>
            </TR>
            <TR valign=top>
              <TD width=\"10%\" height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">
                <DIV align=\"center\"></DIV>
              </FONT></TD>
              <TD width=\"15%\" height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">
                <DIV align=\"center\"></DIV>
              </FONT> </TD>
              <TD width=\"65%\" height=16 bgcolor=\"#D5DAEA\">                
                <div align=\"justify\"><font color=\"#000000\" size=\"2\" face=\"Arial\">
                  <input type=\"submit\" name=\"Submit\" value=\"    OK    \">                  
                  <input type=\"hidden\" name=\"act\" value=\"post\">
                  <a href=\"viewtop.php?pid=$pid&page=$page\"><input type=\"button\" name=\"cancel\" value=\"Cancel\"></a>
              </font></div></TD>
              <TD width=\"10%\" height=16 bgcolor=\"#D5DAEA\">
              </TD>
            </TR>
          </table>
        </div>
        </font>
  </TABLE>
  </FONT></FONT></form>\n";
	echo"<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"<DIV>\n";
	echo"<TABLE width=100% bgcolor=\"#F0F0F0\" border=0 cellpadding=5 bordercolor=\"#000000\" cellspacing=1>\n";
	echo"	<TR valign=top>\n";
	echo"		<TD>\n";
	echo"			<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"				<DIV><a href=\"..\">[Main page]</a> <a href=\"index.php\">[Forum]</a> <b>[$topicname]</b></DIV>\n";
	echo"			</FONT>\n";
	echo"		</TD>\n";
	echo"		<TD>\n";
	echo"			<FONT size=2 color=\"#000000\" face=\"Arial\">\n";
	echo"				<DIV align=\"right\">\n";
	echo"				</DIV>\n";
	echo"			</FONT>\n";
	echo"		</TD>\n";
	echo"	</TR>\n";
	echo"	</TABLE>\n";
	echo"</DIV>\n";
	echo"</FONT>\n";
	include "bottom.php";
	echo"</body>";
	echo"</html>";
}else
if ($act=="post")
{
	$date = date("Y-m-d");
	$time = date("H-i");
	$psmsg=htmlspecialchars($psmsg, ENT_QUOTES);
	$sql="insert into replies values(Null, '$pid', '$psmsg', '$myid', '$date', '$time', '$REMOTE_ADDR')";
	$a=mysql_query($sql);
	
	$sql="select * from users where usid='$myid'";
	$a=mysql_query($sql);
	$res=mysql_fetch_array($a);
	$ppp=$res[posts]+1;
	$sql="update users set posts='$ppp' where usid='$myid'";
	$a=mysql_query($sql);
	
	$from=15*($page-1); 
	$sql2="select * from replies where pid=$pid";
	$res2=mysql_query($sql2);
	$a=mysql_num_rows($res2);
	$b=ceil($a/15);
	Header("Location: viewtop.php?pid=$pid&page=$b");
}
	}else
	{
		Header("Location: login.php");	
	}
?>