Просмотр файла waplend/news/fullnews.php

Размер файла: 8.25Kb
<?
include ("../tools.php"); 
require("../head.php");
echo "<div class='contur_rek'>
<div class='header_rek'><p align='center'><big><b>Новость + Комментарии</b></big></p></div></div>";

function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
 return $str;
}

  $id=htmlspecialchars($_GET['id']);	
  $id=intval($id);
  
  
  
  if(!$_GET[act])        
{
  $news = mysql_query("select * from `news` where `type`='news' and `id`='".$id."';");
  $massivnews = mysql_fetch_array($news);
  $nme = mysql_num_rows($news);
    if ($nme!=1){}
    else 
    {
  echo"<font color='red'>".$massivnews['zagol']."</font> ".date("d.m.y (H:i)", $massivnews['time'])."  <br/>".str_replace($sm1,$sm2,$massivnews['full'])."";
  echo "<div class='contur_t'><a href='fullnews.php?id=".$id."&amp;act=add'>добавить</a></div>";
$messages = mysql_query("select * from `news` where `type`='komm' and `idnews`='".$id."'order by id desc ;");
      $page=hacker($_GET['page']);
      if ($page<=0)
      {$page=1;}
$count = mysql_num_rows($messages);
   while($massiv = mysql_fetch_array($messages)) 
   {if ($i<=$page*10 & $i>=($page-1)*10)
	{  
   $user=$massiv['name'];
   	   if ($massiv['name']=="Гость")
   	   {$user="";}
   	   $az1= mysql_query("select * from `users` where `login`='".$massiv['name']."';");
$array1 = mysql_fetch_array($az1);
   echo"<div class='contur'><div class='header'><a href='../showuser.php?user=".$array1['id']."'>".$massiv['name']."</a> ".date("d.m.y (H:i)", $massiv['time'])."<br/>".str_replace($sm1,$sm2,$massiv['full'])."</div>";
    $qw = mysql_fetch_array(mysql_query("SELECT * FROM `administration`where `iduser`='".$_SESSION['iduser']."'"));
if (mysql_affected_rows()=="1")
{$r="ok";}
if ($qw['type']>="500" and $r=="ok")
{   echo "<small><a href='fullnews.php?act=ban&amp;id=".$massiv['id']."'>Банить IP</a> ".$massiv['ip']."";
     echo "<br/><a href='fullnews.php?act=delcomm&amp;id=".$massiv['id']."'>[x]</a></small>";
    
    }
    }
    echo "</div>";
    $array1['id']="";
    ++$i;
   }
   if ($count>10)
	{
	$next=$page+1;
	print "<br/><a href='fullnews.php?id=$id&amp;page=".$next."'>Далее</a><br/>";
	}
	$prev=$page-1;
	if ($prev!=0)
	{print "<br/><a href='fullnews.php?id=".$id."&amp;page=".$prev."'>Назад</a>";}
   echo "<div class='b'>[комментариев: ".$count."]</div> ";
    echo "<div>&#8594; <a href='index.php'>Все новости</a></div>";
   echo "<div>&#8594; <a href='../index.php'>На главную</a></div>";
}
  }
  if ($_GET['act']=="delcomm")
  {
  	      $qw = mysql_fetch_array(mysql_query("SELECT * FROM `administration`where `iduser`='".$_SESSION['iduser']."'"));
if (mysql_affected_rows()=="1")
{$r="ok";}
if ($qw['type']>="500" and $r=="ok")
{
    	  	if (mysql_query("DELETE FROM `news` WHERE `id` = ".intval($_GET['id']).";"))
			{
			   echo "<div>Мнение удалено!</div><div>&#8594; <a href='../index.php'>На главную</a></div>";
			}
	}
  }
if ($_GET[act]=="add")
{
	  $news = mysql_query("select * from `news` where type='news' and id='".$id."';");
  $massivnews = mysql_fetch_array($news);
  $nme = mysql_num_rows($news);
    if ($nme!=1){}
    else 
    {
	
	 # форма добавления сообщений
      echo "<div class='contur'><div class='header'>Добавление коментария";
echo   "<form action='fullnews.php?id=".$id."&amp;act=send' method='post'>
Сообщение<br />
        <input type='text' name='msg' maxlength='100' value='".$msg."' /><br />
    <input type='hidden' name='sess' value='".session_id()."'/>
        <input type='checkbox' name='msgtrans' value='1' /> Транслит сообщения
      <br />
      <input type='submit' value='добавить' />  
  </form>";
  echo "&#8594;  <a href='fullnews.php?id=".$id."&amp;act=trans'>Транслит</a><br /></div></div>";  
}
}
if($_GET[act]=="send")
	
{
$browser=getenv("HTTP_USER_AGENT");
$user=$REMOTE_ADDR;
$realtime=time()+$sdvigclock*3600;
$currHour=date("H",$realtime);
	$currDate=date("d.m.y", $realtime);
	$currTime=date("$currHour:i", $realtime);
    $time="$currTime-$currDate";

	$name = trim($_POST[name]);
    $msg = trim($_POST[msg]);
			
					  if (!empty($msg))
					  {

  
			         }
      if (empty($msg))
      {
        $error = $error."<br />Вы не ввели сообщение!\n";
      }
$msg = htmlspecialchars(stripslashes($msg));

if (empty($error)) 
  {$realtime=time()+$sdvigclock*3600;
  	$currHour=date("H",$realtime);
	$currDate=date("d.m.y", $realtime);
	$currTime=date("$currHour:i", $realtime);
    $time="$currTime-$currDate";

    	$msg = eregi_replace("(.*)\\[url\\](.*)\\[/url\\](.*)","\\1<a
                       href=\\2>\\2</a>\\3",$msg);
$msg = str_replace("\n"," ",$msg);
$msg = str_replace("\r"," ",$msg);
$msg=str_replace('|','!',$msg);
$msg=hacker(trim("$msg"));
if ($_POST[msgtrans]==1)
{
$msg = tr_to_win($msg);
}
$name=$_SESSION['login'];
if (empty($name))
{
$name="Гость";
}
$realtime=time()+$sdvigclock*3600;


$news = mysql_query("select * from `news` where type='news' and id='".$id."';");
  $massivnews = mysql_fetch_array($news);
  $nme = mysql_num_rows($news);
    if ($nme!=1){}
    else 
    {
    	$news1 = mysql_query("select * from `news` where `type`='komm' && `idnews`='".$id."' && `ip`='".$ip."' && `time`>'".intval(time()-300)."';");
    $nme1 = mysql_num_rows($news1);
    if ($nme1<=1)
    {
    	if ($_POST['sess']==session_id())
    	{

if (mysql_query("INSERT INTO `news` ( `id` , `time` , `zagol` , `full` , `type` , `idnews` , `ip` , `browser` , `name` ) VALUES ('', '".time()."', '', '".$msg."', 'komm', '".intval($id)."', '".$ip."', '".$browser."', '".$name."');"))
	{
   echo "<div class='contur'><div class='header'>Коментарий успешно добавлен<br /><a href='fullnews.php?id=".$id."'>К коментариям</a></div></div>";
    }
    	}
    }
	}
  }
  else
  {   

 echo "<div class='contur'><div class='header'>Во время добавления<br /> записи произошли <br />
      следующие ошибки";
      echo $error;
        echo "<br/>&#8594; <a href='fullnews.php?id=".$id."&amp;act=add'>Добавить заново</a><br />";
        echo "&#8594; <a href='fullnews.php?id=".$id."'>К коментариям</a></div></div>";
  }
}
     
  if ($_GET[act]=="trans") 
   {
      
      echo "<div>Правила транслита";
    
echo "<p>
а - a<br/>
б - b<br/>
в - v<br/>
г - g<br/>
д - d<br/>
е - e<br/>
ё - yo<br/>
ж - zh<br/>
з - z<br/>
и - i<br/>
к - k<br/>
л - l<br/>
м - m<br/>
н - n<br/>
о - o<br/>
п - p<br/>
р - r<br/>
с - s<br/>
т - t<br/>
у - u<br/>
ф - f<br/>
х - h<br/>
ц - c<br/>
ч - ch<br/>
ш - sh<br/>
щ - sch<br/>
ъ - q<br/>
ы - x<br/>
ь - %<br/>
э - ye<br/>
ю - yu<br/>
я - ya<br/><br/>
А - A<br/>
Б - B<br/>
В - V<br/>
Г - G<br/>
Д - D<br/>
Е - E<br/>
Ё - YO<br/>
Ж - ZH<br/>
З - Z<br/>
И - I<br/>
К - K<br/>
Л - L<br/>
М - M<br/>
Н - N<br/>
О - O<br/>
П - P<br/>
Р - R<br/>
С - S<br/>
Т - T<br/>
У - U<br/>
Ф - F<br/>
Х - H<br/>
Ц - C<br/>
Ч - CH<br/>
Ш - SH<br/>
Щ - SCH<br/>
Ъ - Q<br/>
Ы - X<br/>
Э - YE<br/>
Ю - YU<br/>
Я - YA<br/>

</p>";
  	
  echo "<div>&#8594;  <a href='fullnews.php?id=$id&amp;act=add'>К добавлению сообщения</a></div>"; 
  echo "<div>&#8594;  <a href='fullnews.php?id=$id'>К коментариям</a></div></div>"; 
  }

require ("../foot.php");
?>