<?php
// by mides, wmclub.mobi
$title = 'Форум';
require_once 'system/sys.php';
require_once 'system/header.php';
switch ($_GET['act']) {
default:
tp('Форум');
$cats_r = mysql_query("SELECT `id`, `name` FROM `forum_cats` ORDER BY `order`");
if (mysql_num_rows($cats_r)) {
while ($cat = mysql_fetch_assoc($cats_r)) {
$f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_cat` = '$cat[id]'"), 0);
$f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_cat` = '$cat[id]'"), 0);
echo '<a href="?act=cat&id='.$cat['id'].'">'.$cat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
}
} else {
echo 'Разделы не созданы.';
}
echo '<br /><form action="?act=newposts" method="post">
<input name="submit" type="submit" value="Новые сообщения" />
</form>';
nav_main();
break;
case 'newposts':
$all_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `last_time` > '".(time()-43200)."'"), 0);
if ($all_topics > 0) {
$pages = ceil($all_topics/$config['onpage']);
if (intval($_REQUEST['p'])) {
$page = intval($_REQUEST['p']);
} else {
$page = 1;
}
$from = ($page-1)*$config['onpage'];
tp('Новые сообщения за 12 часов');
$topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `last_time` > '".(time()-43200)."' ORDER BY `last_time` DESC LIMIT $from, $config[onpage]");
while($t = mysql_fetch_assoc($topics_r)){
$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$t[id]'"), 0);
$last_page = ceil($t_msg/$config['onpage']);
$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$t[id_cat]'"));
$lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$t[id]' ORDER BY `time` DESC limit 1"));
echo '<a href="?act=cat&id='.$t['id_cat'].'">'.$cat['name'].'</a>><a href="?act=topic&id='.$t['id'].'">'.$t['title'].'</a> ('.login($lastuser['id_user']).' <a href="?act=topic&id='.$t['id'].'&p='.$last_page.'">»</a>, '.date('d.m, H:i', $t['last_time']).')<br />';
}
navig($page, '?act=newposts&', $pages);
nav('?');
} else {
error('Новых сообщений пока нет :(');
nav('?');
}
break;
case 'cat':
$id = intval($_REQUEST['id']);
$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$id'"));
if ($cat['name']) {
tp('<a href="?">Форум</a> > '.$cat['name']);
$subcats_r = mysql_query("SELECT `id`, `name` FROM `forum_subcats` WHERE `id_cat` = '$id' ORDER BY `order`");
if (mysql_num_rows($subcats_r)) {
while ($subcat = mysql_fetch_assoc($subcats_r)) {
$f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$subcat[id]'"), 0);
$f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_subcat` = '$subcat[id]'"), 0);
echo '<a href="?act=subcat&id='.$subcat['id'].'">'.$subcat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
}
} else {
echo 'Подразделы не созданы.';
}
nav('?');
} else {
error('Выбранный раздел не существует.');
nav('?');
}
break;
case 'subcat':
$id = intval($_REQUEST['id']);
$subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
if ($subcat['name']) {
$cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
tp('<a href="?">Форум</a> > <a href="?act=cat&id='.$subcat['id_cat'].'">'.$cat['name'].'</a> > '.$subcat['name']);
$count_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$id'"), 0);
if ($count_topics > 0) {
$pages = ceil($count_topics / $config['onpage']);
$page = intval($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$from = ($page - 1) * $config['onpage'];
$topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `id_subcat` = '$id' ORDER BY `stuck` DESC, `last_time` DESC LIMIT $from, $config[onpage]");
while ($topic = mysql_fetch_assoc($topics_r)) {
if ($topic['stuck']) echo '!';
if ($topic['closed'] == 1 and empty($topic['stuck'])) echo '#';
$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$topic[id]'"), 0);
$last_page = ceil($t_msg/$config['onpage']);
$lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$topic[id]' ORDER BY `time` DESC limit 1"));
echo '<a href="?act=topic&id='.$topic['id'].'">'.$topic['title'].'</a> ('.$t_msg.') '.login($lastuser['id_user']).'<a href="?act=topic&id='.$topic['id'].'&p='.$last_page.'">»</a><br />';
}
} else {
echo 'В этом подразделе нет тем.<br />';
}
echo '<br /><form action="?act=topic_add&id='.$id.'" method="post">
<input name="" type="submit" value="Создать тему">
</form>
</div>';
navig($page, '?act=subcat&id='.$id.'&', $pages);
nav2('?act=cat&id='.$subcat['id_cat'], $cat['name']);
} else {
header('location: ?');
}
break;
case 'topic':
$id = intval($_REQUEST['id']);
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
if ($topic['id']) {
echo '<div class="title">'.$topic['title'].'</div><div class="list">';
$count_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
$pages = ceil($count_msg/$config['onpage']);
$page = intval($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$from = ($page-1)*$config['onpage'];
$msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `time` LIMIT $from, $config[onpage]");
while ($msg = mysql_fetch_assoc($msg_r)) {
if (!isset($num) ) $num = 1;
$num++;
$row_class = (!($num % 2)) ? 'row1' : 'row2';
echo '<div class="'.$row_class.'">
<a href="profile.php?id='.$msg['id_user'].'">'.login($msg['id_user']).'</a> '.online(date('d.m.y, H:i', $msg['time']), $msg['id_user']).' <a href="?act=msg_reply&id='.$msg['id'].'">Отв</a>';
if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) echo '|<a href="?act=msg_edit&id='.$msg['id'].'">Ред</a>';
if ($u['access'] > 1) echo '|<a href="?act=msg_del&id='.$msg['id'].'">Уд</a>';
echo '<br />'.bb($msg['text']);
if ($msg['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">отредактировано: '.login_simple($msg['edit_by']).' ('.date('d.m.y, H:i', $msg['edit_time']).' )</span>';
echo '</div>';
}
if ($u['access'] > 0) {
echo $topic['closed'] == 1 ? '<a href="?act=topic_open&id='.$id.'">Откр.</a>' : '<a href="?act=topic_close&id='.$id.'">Закр.</a>';
echo '|<a href="?act=topic_edit&id='.$topic['id'].'">Ред.</a>';
if ($u['access'] > 1) echo '|<a href="">Перем.</a>|<a href="?act=topic_del&id='.$id.'">Уд.</a>';
}
navig($page, '?act=topic&id='.$id.'&', $pages);
echo '</div><div class="main">';
if ($u['id']) {
if ($topic['closed'] == 0) {
echo 'Добавить(max500):<br />
<form action="?act=msg_add&id='.$id.'" method="post">
<textarea name="text" cols="" rows="3"></textarea>';
echo '<input name="" type="submit" value="Ok">
</form>';
} else {
echo 'Тема закрыта.';
}
} else {
echo 'Вы не <a href="login.php">авторизованы</a> для добавления сообщений.';
}
echo '</div>';
$subcat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'"));
nav2('?act=subcat&id='.$topic['id_subcat'], $subcat['name']);
} else {
header('location: ?');
}
break;
case 'topic_add':
if ($u['id']) {
$id = intval($_REQUEST['id']);
$subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
if ($subcat['id_cat']) {
if (time() > $_SESSION['antispam']) {
if ($_REQUEST['ok']) {
if ($_POST['title'] and $_POST['text']) {
mb_internal_encoding('UTF-8');
if (mb_strlen($_POST['text']) <= 750) {
$title = check($_POST['title']);
$text = check($_POST['text']);
mysql_query("INSERT INTO `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `title` = '$title', `id_user` = '$u[id]', `last_time` = '".time()."', `stuck` = '$stuck', `closed` = '$closed'");
$id_topic = mysql_insert_id();
mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `id_topic` = '$id_topic', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
mysql_query("UPDATE `users` SET `karma` = (karma+1) WHERE `id` = '$u[id]'");
$_SESSION['antispam'] = time() + $config['antispam'];
header('location: ?act=topic&id='.$id_topic);
} else {
error('Слишком длинный текст.');
nav('?act=topic_add&id='.$id);
}
} else {
error('Вы не заполнили поля.');
nav('?act=topic_add&id='.$id);
}
} else {
tp('Создать тему');
echo '<form action="?act=topic_add&id='.$id.'&ok=1" method="post">
Заголовок(max50):<br /><input name="title" type="text" maxlength="50" /><br />
Сообщение(max750):<br /><textarea name="text" cols="" rows="4"></textarea>
<input name="submit" type="submit" value="Ok" />
</form>';
nav2('?act=subcat&id='.$id, $subcat['name']);
}
} else {
error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
nav2('?act=subcat&id='.$id, $subcat['name']);
}
}
} else {
header('location: login.php');
}
break;
case 'topic_edit':
if ($u['access'] > 0) {
$id = intval($_REQUEST['id']);
$r = mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'");
$topic = mysql_fetch_assoc($r);
if ($topic['id']) {
if ($_REQUEST['ok']) {
if ($_POST['title'] and $_POST['text']) {
$title = check($_POST['title']);
$text = check($_POST['text']);
$stuck = intval($_POST['stuck']);
$closed = intval($_POST['closed']);
mysql_query("UPDATE `forum_topics` SET `title` = '$title', `stuck` = '$stuck', `closed` = '$closed' WHERE `id` = '$id'");
mysql_query("UPDATE `forum_msg` SET `text` = '$text' WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
header('location: ?act=topic&id='.$id);
} else {
header('location: ?act=topic_edit&id='.$id);
}
} else {
$msg_r = mysql_query("SELECT `text` FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
$msg = mysql_fetch_assoc($msg_r);
tp('Редактирование темы');
echo '<form action="?act=topic_edit&id='.$id.'&ok=1" method="post">
Заголовок(max50):<br /><input name="title" type="text" value="'.$topic['title'].'" maxlength="50" /><br />
Текст:<br /><textarea name="text" cols="" rows="5">'.$msg['text'].'</textarea><br />';
echo $topic['stuck'] == 1 ? '<input name="stuck" type="checkbox" value="1" checked />' : '<input name="stuck" type="checkbox" value="1" />';
echo ' закрепить<br />';
echo $topic['closed'] == 1 ? '<input name="closed" type="checkbox" value="1" checked />' : '<input name="closed" type="checkbox" value="1" />';
echo ' закрыть<br />';
echo '<input name="submit" type="submit" value="Ok" />
</form>';
nav('?act=topic&id='.$id);
}
} else {
header('location: ?');
}
} else {
header('location: ?');
}
break;
break;
case 'topic_close':
if ($u['access'] > 0) {
$id = abs(intval($_REQUEST['id']));
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
if ($topic['id']) {
mysql_query("UPDATE `forum_topics` SET `closed` = 1 WHERE `id` = '$id'");
header('location: ?act=topic&id='.$id);
} else {
error('Тема не существует.');
nav('?');
}
} else {
header('location: ?');
}
break;
case 'topic_open':
if ($u['access'] > 0) {
$id = abs(intval($_REQUEST['id']));
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
if ($topic['id']) {
mysql_query("UPDATE `forum_topics` SET `closed` = 0 WHERE `id` = '$id'");
header('location: ?act=topic&id='.$id);
} else {
error('Тема не существует.');
nav('?');
}
} else {
header('location: ?');
}
break;
case 'topic_del':
if ($u['access'] > 1) {
$id = abs(intval($_REQUEST['id']));
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
if ($topic['id']) {
if ($_REQUEST['ok']) {
mysql_query("DELETE FROM `forum_msg` WHERE `id_topic` = '$id'");
mysql_query("DELETE FROM `forum_topics` WHERE `id` = '$id'");
header('location: ?act=subcat&id='.$topic['id_subcat']);
} else {
tp('Подтверждение');
echo '<form action="?act=topic_del&id='.$id.'&ok=1" method="post">
Вы действительно хотите удалить тему "'.$topic['title'].'"?<br />
<input name="submit" type="submit" value="Да" />
</form>';
nav('?act=topic&id='.$id);
}
} else {
error('Тема не существует.');
nav('?');
}
} else {
header('location: ?');
}
break;
case 'msg_add':
if ($u['id']) {
$id = intval($_REQUEST['id']);
$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
if ($topic['id_cat'] and empty($topic['closed'])) {
if (time() > $_SESSION['antispam']) {
if ($_POST['text']) {
$text = check($_POST['text']);
mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$id'");
mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$topic[id_cat]', `id_subcat` = '$topic[id_subcat]', `id_topic` = '$id', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
mysql_query("UPDATE `users` SET `karma` = (karma+1) WHERE `id` = '$u[id]'");
$_SESSION['antispam'] = time() + $config['antispam'];
$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
$last_page = ceil($t_msg/$config['onpage']);
header('location: ?act=topic&id='.$id.'&p='.$last_page);
} else {
error('Вы не заполнили поля.');
nav('?act=topic&id='.$id);
}
} else {
error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
nav('?act=topic&id='.$id);
}
} else {
header('location: ?');
}
} else {
header('location: login.php');
}
break;
case 'msg_reply':
$id = intval($_REQUEST['id']);
$msg = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
if ($msg['id']) {
if ($_REQUEST['ok']) {
if (time() > $_SESSION['antispam']) {
if ($_POST['text']) {
$text = check($_POST['text']);
mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$msg[id_topic]'");
mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$msg[id_cat]', `id_subcat` = '$msg[id_subcat]', `id_topic` = '$msg[id_topic]', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
mysql_query("UPDATE `users` SET `karma` = (karma+1) WHERE `id` = '$u[id]'");
$_SESSION['antispam'] = time() + $config['antispam'];
$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$msg[id_topic]'"), 0);
$last_page = ceil($t_msg/$config['onpage']);
header('location: ?act=topic&id='.$msg['id_topic'].'&p='.$last_page);
} else {
error('Вы не заполнили поле.');
nav('?act=msg_reply&id='.$msg['id_topic']);
}
} else {
error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
nav('?act=topic&id='.$msg['id_topic']);
}
} else {
tp('Ответ на сообщение');
echo '<form action="?act=msg_reply&id='.$id.'&ok=1" method="post">
Сообщение:<br /><textarea name="text" cols="" rows="4">[b]'.login_simple($msg['id_user']).'[/b], </textarea><br />
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?act=topic&id='.$msg['id_topic']);
}
} else {
header('location: ?');
}
break;
case 'msg_edit':
if ($u['id']) {
$id = intval($_REQUEST['id']);
$msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'");
$msg = mysql_fetch_assoc($msg_r);
if ($msg['id']) {
if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) {
tp('Редактирование сообщения');
if (empty($_REQUEST['ok'])) {
echo '<form action="?act=msg_edit&id='.$id.'&ok=1" method="post">
Сообщение(max250):<br /><textarea name="text" cols="" rows="3">'.$msg['text'].'</textarea>
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?act=topic&id='.$msg['id_topic']);
} else {
if ($_POST['text']) {
$text = check($_POST['text']);
mysql_query("UPDATE `forum_msg` SET `text` = '$text', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
header('location: ?act=topic&id='.$msg['id_topic']);
} else {
error('Вы не заполнили поле.');
nav('?act=msg_edit&id='.$id);
}
}
} else {
error('Нельзя отредактировать это сообщение.');
nav('?act=topic&id='.$msg['id_topic']);
}
} else {
error('Сообщение не существует.');
nav('?');
}
} else {
header('location: login.php');
}
break;
case 'msg_del':
$id = intval($_REQUEST['id']);
$msg = mysql_fetch_assoc(mysql_query("SELECT `id`, `id_topic` FROM `forum_msg` WHERE `id` = '$id'"));
if ($msg['id']) {
mysql_query("DELETE FROM `forum_msg` WHERE `id` = '$id'");
header('location: ?act=topic&id='.$msg['id_topic']);
} else {
error('Сообщение не существует.');
nav('?act=topic&id='.$msg['id_topic']);
}
break;
}
require_once 'system/tail.php';
?>