Просмотр файла modules/chat/index.asp

<?php

/**
 * @author ByUNNAMED
 * @copyright 2012
 */

ob_start();
$title='Чат';//Титул
include('../../system/include/settings.inc');//Потключаемся к базе	
include('../../system/include/function.inc');//Выводим функции
head($title,$udata2);//Верх страницы
if(isset($udata['pass']) && isset($udata2['nick'])){
$t=time();
$req = mysql_query("SELECT * FROM `ban_chat` WHERE `usr` = '".$udata2['nick']."' LIMIT 1");
$avto = mysql_num_rows($req);
if ($avto == 1) {
    $ban = mysql_fetch_array($req);
    
    if($ban[ban_time]<$t){
    mysql_query("DELETE FROM `ban_chat` WHERE `usr` = '".$udata2['nick']."'");
    }else{
    echo"Вы забанены!<br />Причина: $ban[text]!<br /> Осталось: ";
    
$ban[ban_time]=$ban[ban_time]-time();
if($ban[ban_time]<60){
echo "$ban[ban_time] сек.";
}elseif($ban[ban_time]>60 and $ban[ban_time]<3600){
$ban[ban_time]=round($ban[ban_time]/60);
echo "$ban[ban_time] мин.";
}else{
$ban[ban_time]=round($ban[ban_time]/3600);
echo "$ban[ban_time] часов";
}
    foot();exit;
    }
    }
switch($_GET[mod]){

default:

function smiles($string){
$dir = opendir ("../../images/smiles"); 
while ($file = readdir ($dir)) {
if (ereg (".gif$", "$file")){
$file2=str_replace(".gif","",$file);
$string=str_replace(":$file2",'<img src="../../images/smiles/'.$file.'" alt="">',$string);
}}
closedir ($dir);
return $string;  }
/////////////
$rand = rand(1000,9999);
///////////////////

echo "<a href=\"smile.php?\">Смайлы</a><br/>";
echo "<a href=\"?r=$rand\">Обновить</a>";
echo "<form action=\"?mod=writes\" method=\"POST\">";
echo "<input type=\"text\" name=\"zin\" size=\"14\" maxlength=\"150\"/> <input type=\"submit\" value=\"Написать\" class=\"ibutton\"><br />";

if ($_GET[page] == "" || $_GET[page] < 0 || $_GET[page] == "0") 
{
$_GET[page] = 0;
}
$next = $_GET[page] + 1;
$back = $_GET[page] - 1;
$num = $_GET[page] * 10;
if($_GET[page] == "0")
{$i = 1;}
else{$i = ($_GET[page]*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT `msg` FROM `chat`"));
$puslap = floor($viso/10);
$times = date("H:i");
$asd = mysql_query("SELECT * FROM chat ORDER BY id DESC LIMIT $num,10");

while($dsa = mysql_fetch_array($asd))
{
$nickas = strip_tags($dsa['usr']);
$koment = strip_tags($dsa['msg']);
$time = strip_tags($dsa['time']);
$data = strip_tags($dsa['data']);
$koment = smiles($koment);

echo '<a href="../../modules/character/info.asp?nick='.$nickas.'">'.$nickas.'</a> ['.$data.'/'.$time.']<br />
                 '.$koment;

echo'<br/>';
}



if ($_GET[page] > 0)
{
echo "<a href=\"?page=$back\">Назад</a>";
}
elseif ($_GET[page] == 0)
{
echo "Назад";
}
echo"|";
if($_GET[page] < $puslap || $_GET[page] == "" || $_GET[page] == 0)
{echo "<a href=\"?page=$next\">Далее</a>";}
else
{echo "Далее";}
if($udata2['prava'] == 1)
{
    echo '<br /><a href="?mod=del">Очистить чат</a>';
}
break;


case 'write':

echo"<b>Сообщение</b><br/>";
echo "<form action=\"?mod=writes\" method=\"POST\">";
if (isset($_GET[nick]))
{
$_GET[nick] = htmlspecialchars($_GET[nick]);
echo "<input type=\"text\" name=\"zin\" maxlength=\"250\" value=\"$_GET[nick], \" size=\"10\"/><br/>";
}
else
{
echo "<input type=\"text\" name=\"zin\" maxlength=\"250\" size=\"10\"/><br/>";
}
echo "<input type=\"submit\" value=\"Ok\" class=\"ibutton\"><br/>";
echo "<a href=\"chat.php?\">Назад</a><br>";
break;

case 'writes':

$msg=$_POST['zin'];
$msg=substr($msg, 0, 512);
$msg=stripslashes(htmlspecialchars($msg));
$msg=str_replace("\r\n","<br />",$msg);
$msg=str_replace("\r","<br />",$msg);
$msg=str_replace("\n","<br />",$msg);
$msg = addslashes($msg);
$msg=preg_replace ("|[\r\n]+|si","",$msg);
$a = mysql_num_rows(mysql_query("SELECT msg FROM chat WHERE msg = '$msg'"));
$b = mysql_fetch_array(mysql_query("SELECT data FROM chat WHERE usr = '".$udata2['nick']."' ORDER BY kada DESC LIMIT 1"));
$data_kom = strip_tags($b['kada']);
$data = date("d.m.y");
$data_dbr = date("y/m/d H:i:s");
$time = date("H:i");
if($data_dbr >= $data_kom && $msg != "")
{
mysql_query("INSERT INTO chat SET usr = '".$udata2['nick']."', msg = '$msg', data = '$data', time = '$time'");
$rand = rand(1000,9999);
//start
function smiles($string){
$dir = opendir ("pic/smiles"); 
while ($file = readdir ($dir)) {
if (ereg (".gif$", "$file")){
$file2=str_replace(".gif","",$file);
$string=str_replace(":$file2",'<img src="pic/smiles/'.$file.'" alt="">',$string);
}}
closedir ($dir);
return $string;  }
/////////////
$rand = rand(1000,9999);
///////////////////

echo "<a href=\"smile.php?\">Смайлы</a><br/>";
echo "<a href=\"?r=$rand\">Обновить</a>";
echo "<form action=\"?mod=writes\" method=\"POST\">";
echo "<input type=\"text\" name=\"zin\" maxlength=\"5000\"/> <input type=\"submit\" value=\"Написать\" class=\"ibutton\">";

if ($_GET[page] == "" || $_GET[page] < 0 || $_GET[page] == "0") 
{
$_GET[page] = 0;
}
$next = $_GET[page] + 1;
$back = $_GET[page] - 1;
$num = $_GET[page] * 10;
if($_GET[page] == "0")
{$i = 1;}
else{$i = ($_GET[page]*10)+1;}
$viso = mysql_num_rows(mysql_query("SELECT msg FROM chat"));
$puslap = floor($viso/10);
$times = date("H:i");

$asd = mysql_query("SELECT * FROM chat ORDER BY id DESC LIMIT $num,10");

while($dsa = mysql_fetch_array($asd))
{
$nickas = strip_tags($dsa['usr']);
$koment = strip_tags($dsa['msg']);
$time = strip_tags($dsa['time']);
$koment = smiles($koment);

echo "<b>[$time]$nickas
 $koment ";

echo'<br/>';
}

if ($_GET[page] > 0)
{
echo "<a href=\"?page=$back\">Назад</a>";
}
elseif ($_GET[page] == 0)
{
echo "Назад";
}
echo"|";
if($_GET[page] < $puslap || $_GET[page] == "" || $_GET[page] == 0)
{echo "<a href=\"?page=$next\">Далее</a>";}
else
{echo "Далее";}
header('Location: ?');
//end
}
elseif($data_dbr < $data_kom)
{
$sec = $data_kom-$data_dbr;
$rand = rand(1000,9999);
echo "Защита от Флуда! Подождите $sec секунд<br/>";
echo"<a href=\"?r=$rand\">Продолжить</a>";
}
elseif($msg == "")
{
$rand = rand(1000,9999);
echo "Вы не написали сообщение!<br/>";
echo"<a href=\"?r=$rand\">Продолжить</a>";
}
else
{
$rand = rand(1000,9999);
echo "Ошибка!<br/>";
echo"<a href=\"?r=$rand\">Продолжить</a>";
}
break;
case 'del':
    if($udata2['prava'] != 1)
        {
            echo 'Вы не администратор!';
            foot();   exit;
        }
 mysql_query("DELETE FROM `chat`");
    echo 'Все сообщения удалены!<br /><a href="?">Назад</a>';
break;

}

}else{echo'Вы не ';
echo '<a href="../../index.asp">авторизированы</a> или не выбран персонаж';
}
foot();     
?>