<?php
include_once"../template/start.php";
include_once"../template/regglobals.php";
include_once"../template/config.php";
include_once"../template/functions.php";
include_once"../template/antidos.php";
include_once"../template/cookies.php";
include_once"../template/gzip.php";
include_once"../template/header.php";
include_once"../template/referer.php";
include_once"../themes/$config_themes/index.php";
include_once"../template/isset.php";
include_once"../template/db.php";
include_once"fnc.php";
$act = isset($_GET['act']) ? $_GET['act'] : '';
switch ($act) {
default:
//////////////////////////////////////////////////////Подключение админки /////////////////////////////////////////////
if ($_GET['m'] == 1) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
$_SESSION['mufbc']=1; header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}
if ($_GET['m'] == 2) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
$_SESSION['mufbc'] = ''; header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}
////////////////////////////////////////////////////// очищаем таблицу who /////////////////////////////////////////////
if ($provlog == $_SESSION['log'] && $provpar == md5($_SESSION['par']) && $_SESSION['log'] != "" && md5($_SESSION['par']) != "") {
if (isset($log)) {mysql_query("DELETE FROM `who` WHERE `user` = '$log'");}}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
echo '<div class="b"> Мои: ';
echo ' <a href="'.$config_home.'/forum/mythem/0">темы</a>, ';
echo ' <a href="'.$config_home.'/forum/mypost/0">сообщения</a>, ';
echo ' <a href="'.$config_home.'/forum/bookmark/0">закладки</a></div>';}
echo '<div><small><a href="#down">Вниз</a> | Новые: ';
echo ' <a href="'.$config_home.'/forum/newthem/0">темы</a>, ';
echo ' <a href="'.$config_home.'/forum/newpost/0">сообщения</a> ';
echo '</small></div>';
////////////////////////////////////////////////////// Выводим разделы /////////////////////////////////////////////
$forums = mysql_query('SELECT * FROM `forums` ORDER BY `position` ASC');
if (mysql_num_rows($forums) != '0') {
while ($forum = mysql_fetch_array($forums)) {
echo '<div class="b"><img src="'.$config_home.'/forum/img/rd.gif" alt=""> <b>'.$forum['name'].'</b> ';
echo '('.$forum['under'].'/'.$forum['theme'].'/'.$forum['posts'].')';
////////////////////////////////////////////////////// Функции админа /////////////////////////////////////////////
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
if ($_SESSION['mufbc']) {
echo "<small>\n";
echo "<a href='".$config_home."/forum/delfm/" . $forum['id'] . "'>Удал</a>|";
echo "<a href='?edfm=1&id=" . $forum['id'] . "'>Изм</a>|";
echo "<a href='".$config_home."/forum/dowfm/" . $forum['id'] . "'>Вниз</a>|";
echo "<a href='".$config_home."/forum/upfm/" . $forum['id'] . "'>Вверх</a>|";
echo "<a href='update.php?id=" . $forum['id'] . "'>Обнов</a>";
echo "</small>";}}}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
echo '</div><div>';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
if ($_SESSION['mufbc'] && $forum['under'] > '0') {
echo '<div align="right"><a href="moders.php?id=' . $forum['id'] . '">Назначить управляющих</a></div>';}}}
////////////////////////////////////////////////////// Выводим подфорумы /////////////////////////////////////////////
$unders = mysql_query("SELECT * FROM `under` WHERE `forum` = '" . $forum['id'] . "' ORDER BY `position` DESC");
if (mysql_num_rows($unders)) {
while ($under = mysql_fetch_array($unders)) {
echo '<img src="img/pfr.png" alt=""> <b><a href="'.$config_home.'/forum/themes/'.$under['id'].'">'.$under['name'].'</a></b>';
echo " (" . $under['theme'] . "/" . $under['posts'] . ")";
////////////////////////////////////////////////////// Функции админа /////////////////////////////////////////////
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
if ($_SESSION['mufbc']) {
echo '<small>';
echo '<a href="'.$config_home.'/forum/delund/'.$under['id'].'">Удал</a>|';
echo '<a href="index.php?edund=1&id='.$under['id'].'">Изм</a>|';
echo '<a href="move.php?act=undown&id='.$under['id'].'">Вниз</a>|';
echo '<a href="move.php?act=unup&id='.$under['id'].'">Вверх</a>|';
echo '<a href="update.php?act=under&id='.$under['id'].'">Обнов</a>';
echo '</small>';}}}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
echo '<br>';}
////////////////////////////////////////////////////// Вывод последней темы /////////////////////////////////////////////
//////////////'.strts($forum['last_theme'], $config_forumpost).'
if ($conf_forum_ppfor == '1') {
if ($forum['last_theme']!='0' || $forum['theme']!='0') {
if ($forum['last_posts'] > '10') {
echo'<small>Тема: <a href="'.$config_home.'/forum/posts/'.$forum['last_theme'].'/'.strts($forum['last_theme'], $config_forumpost).'">'.$forum['last_theme_name'].'</a><br>';
} else {echo'<small>Тема: <a href="'.$config_home.'/forum/posts/'.$forum['last_theme'].'">'.$forum['last_theme_name'].'</a><br>';}
echo 'Сообщение: '.$forum['last_login'].' ('.date_fixed($forum['last_time']).')</small>';
}else{ echo '<img src="'.$config_home.'/forum/img/err.gif" alt=""> <small>Темы еще не созданны!</small><br>';}}
}else{ echo '<img src="'.$config_home.'/forum/img/err.gif" alt=""> <small>Подфорумы еще не созданны!</small><br>';}
echo '</div>';}
//////////////////////////////////////////////////////Конец вывода подфорумов/////////////////////////////////////////////
}else{ echo '<div><br><img src="'.$config_home.'/forum/img/err.gif" alt=""> <small>Разделы еще не созданны!</small></div><br>'; }
if ($_GET['edfm'] == 1) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
echo '<hr>';
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `forums` WHERE `id` = '$id'"));
if (trim($check)) {
$name = $_POST['name'];
if ($name) {
if (strlen($name) >= '3') {
if (strlen($name) <= '50') {
$name = checkus($name);
mysql_query("UPDATE `forums` SET `name`='$name' WHERE `id` = '$id'");
header ("Location: ?"); exit;
}else{echo "<div align=center><font color=red><b>Название должно состоять не больше 50 символов!</b></font></div><br>\n";}
}else{echo "<div align=center><font color=red><b>Название должно состоять не меньше 3х символов!</b></font></div><br>\n";}}
$thms = mysql_query("SELECT * FROM `forums` WHERE `id` = '$id'");
$thm = mysql_fetch_array($thms);
echo "<form action='index.php?edfm=1&id=$id' method='post'>";
echo "Название раздела:<br><input type='text' name='name' value='" . $thm['name'] . "'maxlength='50'><br>";
echo "<input type='submit' value='Изменить'></form>";}}}}}
if ($_GET['edund'] == 1) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
echo '<hr>';
$id = (int)$_GET['id'];
$fums = (int)$_POST['fums'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '$id'"));
if (trim($check)) {
$undname = $_POST['undname'];
if ($undname) {
if (strlen($undname) >= '3') {
if (strlen($undname) <= '50') {
$undname = checkus($undname);
mysql_query("UPDATE `under` SET `name`='$undname' WHERE `id` = '$id'");
if ($fums) {mysql_query("UPDATE `under` SET `forum`='$fums' WHERE `id` = '$id'");}
header ("Location: ?"); exit;
}else{echo "<div align=center><font color=red><b>Название должно состоять не больше 50 символов!</b></font></div><br>\n";}
}else{echo "<div align=center><font color=red><b>Название должно состоять не меньше 3х символов!</b></font></div><br>\n";}}}
$thms = mysql_query("SELECT * FROM `under` WHERE `id` = '$id'");
$thm = mysql_fetch_array($thms);
echo "<form action='index.php?edund=1&id=$id' method='post'>";
echo "Раздел: <br><select name='fums'>\n";
$frms = mysql_query("SELECT * FROM `forums`");
if (mysql_num_rows($frms)) {
echo "<option selected='selected'>Выбирите раздел </option>\n";
while ($frm = mysql_fetch_array($frms)) {
echo "<option value='" . $frm['id'] . "'>" . $frm['name'] . "</option>\n";}
}else{echo "<option selected='selected'>Разделов нет </option>\n";}
echo "</select><br>\n";
echo "Название раздела:<br><input type='text' name='undname' value='" . $thm['name'] . "' maxlength='50'><br>\n";
echo "<input type='submit' value='Изменить'></form>";}}}}
if ($_GET['addf'] == 1) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
echo '<hr>';
$name = $_POST['name'];
if ($name) {
if (strlen($name) >= '3') {
if (strlen($name) <= '50') {
$name = checkus($name);
$fmrnu = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
mysql_query ("INSERT INTO `forums` (name,position) VALUES ('$name','$fmrnu')");
$frm = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
mysql_query("UPDATE `stat` SET `forum`='$frm'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['0'] = "$frm";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: index.php?addf=1"); exit;
} else {echo "<div align=center><font color=red><b>Название должно состоять не больше 50 символов!</b></font></div><br>\n";}
} else {echo "<div align=center><font color=red><b>Название должно состоять не меньше 3х символов!</b></font></div><br>\n";}}
echo "<form action='index.php?addf=1' method='post'>\n";
echo "Название раздела:<br><input type='text' name='name' maxlength='50'><br>\n";
echo "<input type='submit' value='Создать'></form>\n";}}}
if ($_GET['addr'] == 1) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
echo "<hr>\n";
$name = $_POST['undername'];
$forumsid = (int)$_POST['forumsid'];
if ($undername) {
if ($forumsid) {
if (strlen($undername) >= '3') {
if (strlen($undername) <= '50') {
$undername = stripcslashes(htmlspecialchars($undername));
$psn = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0) + 1;
mysql_query ("INSERT INTO `under` (name,forum,position,theme,posts) VALUES ('$undername','$forumsid','$psn','0','0')");
$und = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0);
$frm = mysql_result(mysql_query("SELECT COUNT(*) FROM `under` WHERE `forum` = '$forumsid'"), 0);
mysql_query("UPDATE `stat` SET `under`='$und+1'");
mysql_query("UPDATE `forums` SET `under`='$frm+1' WHERE `id`='$forumsid'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['1'] = "$und";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: index.php"); exit;
} else { echo "<div align=center><font color=red><b>Название должно состоять не больше 50 символов!</b></font></div><br>\n";}
} else { echo "<div align=center><font color=red><b>Название должно состоять не меньше 3х символов!</b></font></div><br>\n";}
} else { echo "<div align=center><font color=red><b>Не выбранн раздел!</b></font></div><br>\n";} }
echo '<form action="index.php?addr=1" method="post">';
echo 'Раздел: <br><select name="forumsid">';
$frms = mysql_query("SELECT * FROM `forums`");
if (mysql_num_rows($frms)) {
echo '<option value="0" selected="selected">Выбирите раздел </option>';
while ($frm = mysql_fetch_array($frms)) {
echo '<option value="'.$frm['id'].'">'.$frm['name'].'</option>';}
} else { echo '<option selected="selected">Разделов нет </option>';}
echo '</select><br>';
echo 'Название раздела:<br><input type="text" name="undername" maxlength="50"><br>';
echo '<input type="submit" value="Создать"></form>';}}}
echo '<hr><div><small>';
echo '<a href="#up">Вверх</a> | ';
echo '<a href="'.$config_home.'/forum/search">Поиск</a> | ';
echo '<a href="'.$config_home.'/forum/top.php">Топ тем</a> | ';
echo '<a href="'.$config_home.'/forum/topusers.php">Топ юзеров</a> | ';
echo '<a href="'.$config_home.'/forum/where">Кто в форуме</a></small>';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
if ($_SESSION['mufbc']) {
echo "<div class=b>Создать: \n";
echo "<a href='index.php?addf=1'>Раздел</a>, \n";
echo "<a href='index.php?addr=1'>Подфорум</a>\n";
echo "| <a href='index.php?m=2'>Выход</a>\n";
echo "</div>\n";
}else{ echo "<small> | <a href='?m=1'>Адм</a></small>";}}}
echo "</div>";
break;
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////// Подфорумы ////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
case('themes'):
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '$id'"));
if (trim($check)) {
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '$id' ");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT id,name FROM `forums` WHERE `id` = '" . $under['forum'] . "'");
$forum = mysql_fetch_array($forums);
$uposts = $under['theme'];
////////////////////////////////////////////////////// Записываем место нахождение юзера////////////////////////////////////////
if ($provlog == $_SESSION['log'] && $provpar == md5($_SESSION['par']) && $_SESSION['log'] != "" && md5($_SESSION['par']) != "") {
if (isset($log))mysql_query("DELETE FROM `who` WHERE `user` = '$log'");
mysql_query("DELETE FROM `who` WHERE `time` < '" . ($sitetime-120) . "'");
if (isset($log))mysql_query("INSERT INTO `who` (theme,under,user,time) values('0','$id','$log','$sitetime')");}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
echo '<div class="b"><a href="'.$config_home.'/forum/index.php">Форум</a> | '.$forum['name'].' | <b>'.$under['name'].'</b></div>';
echo '<div><small><a href="#down">Вниз</a> | ';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
echo '<a href="'.$config_home.'/forum/theme/'.$id.'">Создать тему</a> | ';}
echo '<a href="'.$config_home.''.$_SERVER['REQUEST_URI'].'">Обновить</a></small></div>';
///////////////////////////////////////////////////// Навигация /////////////////////////////////////////////////////
function pages($start, $total, $onpage, $uposts,$config_home, $id){
if ($start != 0)
echo '<a href="'.$config_home.'/forum/themes/'.$id.'/'.($start - $onpage).'"><-Назад</a> ';
else echo '<-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$config_home.'/forum/themes/'.$id.'/'.($start + $onpage).'">Далее-></a>';
else echo 'Далее->';
if ($total > 0) {
$ba = ceil($total / $onpage);
$ba2 = $ba * $onpage - $onpage;
echo '<br/>Страницы:';
$asd = $start - ($onpage * 3);
$asd2 = $start + ($onpage * 4);
if ($asd < $total && $asd > 0)
echo ' <a href="'.$config_home.'/forum/themes/'.$id.'">1</a> ... ';
for($i = $asd; $i < $asd2;) {
if ($i < $total && $i >= 0) {
$ii = floor(1 + $i / $onpage);
if ($start == $i) echo ' <b>[' . $ii . ']</b>';
else echo ' <a href="'.$config_home.'/forum/themes/'.$id.'/'.$i.'">' . $ii . '</a>';}
$i = $i + $onpage;}
if ($asd2 < $total) echo ' ... <a href="'.$config_home.'/forum/themes/'.$id.'/'.$ba2.'">' . $ba . '</a>';}}
$total = $uposts;
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if ($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$themes = mysql_query("SELECT * FROM `theme` WHERE `under` = '".$id."' ORDER BY `locked` DESC, `time` DESC LIMIT $start, 10");
if (mysql_num_rows($themes)) {
while ($theme = mysql_fetch_array($themes)) {
//////////////////////////////////////////////// Выводим темы ////////////////////////////////////////////////////////////////
echo "<div class=b>";
if (!empty($theme['locked'])) {
if (!empty($theme['status'])){echo '<img src="'.$config_home.'/forum/img/zt2.gif" alt=""> '; }
elseif(empty($theme['status'])){echo '<img src="'.$config_home.'/forum/img/zt.gif" alt=""> ';}}
if (empty($theme['locked'])) {
if (!empty($theme['status'])){echo '<img src="'.$config_home.'/forum/img/bt.gif" alt=""> '; }
elseif(empty($theme['status'])){echo '<img src="'.$config_home.'/forum/img/t.gif" alt=""> ';}}
if (!empty($theme['vote'])){echo '<img src="'.$config_home.'/forum/img/v.gif" alt=""> '; }
echo '<a href="'.$config_home.'/forum/posts/'.$theme['id'].'"><b>'.$theme['name'].'</b></a> ['.$theme['posts'].']';
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '" . $theme['id'] . "'"), 0);
if(!empty($filek)){
if (!empty($filek)) { $filek = $filek-1; }
$page = floor($filek / $config_forumpost) * $config_forumpost;
echo '<a href="'.$config_home.'/forum/posts/'.$theme['id'].'/'.$page.'"> <small>>></small></a> ';}
echo "</div><div>\n";
echo 'Создал: '.lognik($theme['author']).'<br>';
if ($theme['description']){ echo 'Кратко: '.$theme['description'].'<br>';}
if (!empty($theme['files'])) { echo 'Вложений: '.$theme['files'].'<br>';}
echo 'Последний: <small>'.lognik($theme['last']).' ('.dfixe($theme['time']).')</small>';
if ($_SESSION['mufbc']) {echo '<hr>[<a href="'.$config_home.'/forum/thmedit/'.$theme['id'].'">Редактировать</a>]<br>';}
echo '</div>';}
}else{echo '<br><br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Темы еще не созданны! </div>'; }
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
echo '<br><div class="b">Всего тем: '.$under['theme'].'</div>';
//////////////////////////////////////// Вывод управляющих //////////////////////////////////////////////////////////////
$mdt = mysql_result(mysql_query("SELECT COUNT(*) FROM `moders` WHERE `under` = '".$id."'"),0);
$mdes = mysql_query("SELECT * FROM `moders` WHERE `under` = '".$id."' ORDER BY `id`");
if (mysql_num_rows($mdes)) {
echo '<div><b>Управляющие:</b> '; $nmm=0;
while ($mds = mysql_fetch_array($mdes)) { $nmm++;
if($nmm == $mdt){echo ''.lognik($mds['login']).' '; }else{ echo ''.lognik($mds['login']).', '; }}
echo '</div><hr>';}
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if ($under['theme'] > '10'){ pages($start, $total, 10, $uposts,$config_home, $id); }
echo '<div><small>';
echo '<a href="#up">Вверх</a> | ';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
echo '<a href="'.$config_home.'/forum/theme/'.$id.'">Создать тему</a> | ';}
echo '<a href="'.$config_home.'/forum/top.php">Топ тем</a> | ';
echo '<a href="'.$config_home.'/forum/topusers.php">Топ юзеров</a> | ';
echo '<a href="'.$config_home.'/forum/who/'.$id.'">Кто тут?('.mysql_result(mysql_query("SELECT COUNT(*) FROM `who` WHERE `under`='$id'"), 0).')</a>';
echo '</small></div>';
}else{ echo '<br> <img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Данного раздела не существует!<br><br>';}
}else{ echo '<br> <img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Данного раздела не существует!<br><br>';}
break;
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////// Создание темы /////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
case('theme'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '$id'"));
if (trim($check)) {
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '$id' ");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT id,name FROM `forums` WHERE `id` = '" . $under['forum'] . "'");
$forum = mysql_fetch_array($forums);
echo "<div class=b> <a href='".$config_home."/forum/'>Форум</a> | " . $forum['name'] . " | <b>" . $under['name'] . "</b></div>\n";
echo "<div>\n";
echo "<form action='".$config_home."/forum/themeadd/".$id."' method='post'>\n";
echo "Название (Max-50):<br><input type='text' name='theme' maxlength='50'><br>\n";
echo "Описание (Max-100):<br><input type='text' name='description' maxlength='100'><br>\n";
echo "Сообщение (Max-5000):<br><textarea cols='25' rows='3' name='msg' maxlength='50000'>" . $post['msg'] . "</textarea><br>\n";
echo "Добавить голосование: <input name='vote' type='checkbox' value='1'><br>\n";
echo "<input type='submit' value='Создать'></form>\n";
echo "</div>\n";
}else{echo'<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Данного раздела не существует!</div><br>';}
}else{echo'<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Данного раздела не существует!</div><br>';} }break;
case('themeadd'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '".$id."'"));
if (trim($check)) {
$unders = mysql_query("SELECT id,name,forum FROM `under` WHERE `id` = '".$id."'");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT id,name FROM `forums` WHERE `id` = '".$under['forum']."'");
$forum = mysql_fetch_array($forums);
$time = $sitetime - $config_floodstime_thm;
$af = mysql_query("SELECT * FROM `theme` WHERE `author`='".$log."' AND `time` >='".$time."';");
$af1 = mysql_num_rows($af);
if ($af1 > '0') {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Нельзя так часто создавать темы! лимит '.$config_floodstime_thm.' cекунд</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
$compr = mysql_query("SELECT `name` FROM `theme` WHERE `author` = '".$log."' ORDER BY `id` DESC");
$cpr = mysql_fetch_array($compr);
$cpr2 = trim(strtolower(stripcslashes(htmlspecialchars($cpr['name']))));
$cpr3 = trim(strtolower(stripcslashes(htmlspecialchars($theme))));
if (!strcmp($cpr2, $cpr3)) {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Тема идентична предыдущей!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if (strlen($theme)<'5') {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком маленько название!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if (strlen($msg)<'5'){
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком маленько сообщение!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if (strlen($theme)>'50') {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком большое название!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if (strlen($description)>'100') {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком большое описание!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if (strlen($msg)>'5000') {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком большое сообщение!</div><br>';
echo '<div><hr>: <a href="'.$config_home.'/forum/themes/'.$id.'">Назад</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
$msg = checkus($_POST['msg']);
$theme = checkus($_POST['theme']);
$description = checkus($_POST['description']);
mysql_query ("INSERT INTO `theme` (forums,under,name,description,author,created,last,time,status,locked,brow,ip) VALUES
('".$forum['id']."','".$under['id']."','".$theme."','".$description."','".$log."','".$sitetime."','".$log."','".$sitetime."','0','0','".$brow."','".$ip."')");
$lstth = mysql_query("SELECT id FROM `theme` WHERE `author` = '".$log."' ORDER BY `id` DESC LIMIT 1");
$lst = mysql_fetch_array($lstth);
mysql_query ("INSERT INTO `posts` (forums,under,theme,msg,author,author_n,time,brow,ip,edit) VALUES
('".$forum['id']."','".$under['id']."','".$lst['id']."','".$msg."','".$log."','".nickname($_SESSION['log'])."','$sitetime','$brow','$ip','0')");
mysql_query("UPDATE `theme` SET `posts`='1' WHERE `id` = '".$lst['id']."'");
mysql_query("UPDATE `theme` SET `first`='".$lst['id']."' WHERE `id` = '".$lst['id']."'");
mysql_query("UPDATE `forums` SET `last_theme`='".$lst['id']."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_theme_name`='".$theme."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_time`='".$sitetime."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_posts`='0' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_login`='".nickname($_SESSION['log'])."' WHERE `id` = '".$forum['id']."'");
$frm = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme` WHERE `forums` = '".$forum['id']."'"), 0);
$udr = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme` WHERE `under` = '".$under['id']."'"), 0);
$thm = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme`"), 0);
mysql_query("UPDATE `forums` SET `theme`='$frm+1' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `under` SET `theme`='$udr+1' WHERE `id` = '".$under['id']."'");
$frm2 = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `forums` = '".$forum['id']."'"), 0);
$udr2 = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `under` = '".$under['id']."'"), 0);
mysql_query("UPDATE `forums` SET `posts`='".$frm2."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `under` SET `posts`='".$udr2."' WHERE `id` = '".$under['id']."'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$thm2 = $thm + 1;
$edata['2'] = "$thm2";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
if ($vote != NULL) {header ("Location: ".$config_home."/forum/vote.php"); exit;}
else { header ("Location: ".$config_home."/forum/themes/".$id."");exit; }
}else{ echo "<br> <img src='../images/img/close.gif' alt=''> Ошибка! Данного раздела не существует!<br>\n"; }
}else{echo "<br> <img src='../images/img/close.gif' alt=''> Ошибка! Данного раздела не существует!<br>\n"; }}
break;
case('vote'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$id = (int)$_GET['id'];
$question = (int)$_POST['question'];
if($id != '0' && $question != '0'){
$check = mysql_fetch_array(mysql_query("SELECT * FROM `voter` WHERE `user` = '".$log."' AND `theme` = '".$id."'"));
if(!trim($check)) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
$thm = mysql_fetch_array($themes);
mysql_query ("INSERT INTO `voter` (forum,under,theme,question,user) VALUES ('".$thm['forums']."','".$thm['under']."','".$id."','".$question."','".$log."')");
$tvt = mysql_result(mysql_query("SELECT COUNT(*) FROM `voter` WHERE `theme` = '".$id."' AND `question` = '".$question."'"),0);
mysql_query("UPDATE `vote` SET `event`='".$tvt."' WHERE `id` = '".$question."'");
$tvt2 = mysql_result(mysql_query("SELECT COUNT(*) FROM `voter` WHERE `theme` = '".$id."'"),0);
mysql_query("UPDATE `theme` SET `take_vote`='".$tvt2."' WHERE `id` = '".$id."'");
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;
}else{ header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}
}else{ header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}
break;
case('posts'):
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."'"));
if (trim($check)) {$n = 0;
////////////////////////////////////////////////////// Записываем место нахождения/////////////////////////////////////////////
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if (isset($log))mysql_query("DELETE FROM `who` WHERE `user` = '".$log."'");
mysql_query("DELETE FROM `who` WHERE `time` < '" . ($sitetime-120) . "'");
if (isset($log))mysql_query("INSERT INTO `who` (theme,under,user,time) values('$id','0','$log','$sitetime')");}
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
$uposts = $theme['posts'];
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '".$theme['under']."'");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT id,name FROM `forums` WHERE `id` = '".$under['forum']."'");
$forum = mysql_fetch_array($forums);
////////////////////////////////////////////////////// Управление темой /////////////////////////////////////////////
echo '<div class="b"><small>';
echo '<a href="'.$config_home.'/forum/index.php">Форум</a> | ';
echo ''.$forum['name'].' | ';
echo '<a href="'.$config_home.'/forum/themes/'.$under['id'].'">'.$under['name'].'</a><br>';
echo 'Тема:</small> '.$theme['name'].'<br>';
echo '<small>Автор: '.lognik($theme['author']).'</small></div>';
echo '<div><small><a href="#down">Вниз</a> | <a href="'.$config_home.''.$_SERVER['REQUEST_URI'].'">Обновить</a> ';
if ($theme['author'] == $log && $udata['36'] > 500) {
if ($theme['status'] != "1") { echo '| <a href="'.$config_home.'/forum/sts/'.$id.'">Закрыть</a> '; }}
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$bkm = mysql_fetch_array(mysql_query("SELECT * FROM `bookmark` WHERE `user` = '$log' AND `theme` = '$id'"));
if (trim($bkm)) {echo '| <a href="'.$config_home.'/forum/delbookmarks/'.$id.'">Удалить с закладок</a>';
} else {echo '| <a href="'.$config_home.'/forum/bookmarks/'.$id.'">В закладки</a>';}}
echo '</small></div>';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$under['id']."' "));
if (trim($checks)) {
echo '<div>';
if ($theme['status'] != "1") {
echo '<hr><img src="'.$config_home.'/images/img/close.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/status/'.$id.'">Закрыть</a>';
} else {
echo '<hr><img src="'.$config_home.'/images/img/open.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/status/'.$id.'">Открыть</a>';}
echo '</div>';}}
if ($_SESSION['mufbc']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
echo '<div><hr>';
if ($theme['status'] != "1") {
echo '<img src="'.$config_home.'/images/img/close.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/status/'.$id.'">Закрыть</a>';
} else {
echo '<img src="'.$config_home.'/images/img/open.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/status/'.$id.'">Открыть</a>';}
if ($theme[locked] != "1") {
echo ' <img src="'.$config_home.'/images/img/open.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/locked/'.$id.'">Закрепить</a>';
}else{
echo ' <img src="'.$config_home.'/images/img/close.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/locked/'.$id.'">Открепить</a>';}
echo ' <img src="'.$config_home.'/images/img/close.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/del/'.$id.'">Удалить</a>';
echo ' <img src="'.$config_home.'/images/img/panel.gif" alt=""> ';
echo '<a href="'.$config_home.'/forum/thmedit/'.$id.'">Редактировать</a><br>';
echo '</div>';}}
if ((int)$_GET['start'] == NULL || (int)$_GET['start'] == '0') {
echo '<div>';
/////////////////////////////////////////////////////голосование/////////////////////////////////////////////////////
if (trim($theme['vote'])) {
$ivt = mysql_fetch_array(mysql_query("SELECT * FROM `voter` WHERE `user` = '".$log."' AND `theme` = '".$id."'"));
if (!trim($_GET['vote_result']) && !trim($ivt) && trim($log)){
echo '<hr><b>Вопрос: '.$theme['itemvote'].'</b><small>';
$vts = mysql_query("SELECT * FROM `vote` WHERE `theme` = '".$id."' ORDER BY `id`");
echo '<form action="'.$config_home.'/forum/vote/'.$id.'" method="post">';
while($vt = mysql_fetch_array($vts)){
echo '<input type="radio" value="'.$vt['id'].'" name="question"> '.$vt['quesn'].'<br>';}
echo '<hr>';
echo '<a href="'.$config_home.'/forum/posts/'.$id.'/'.strts($id,$config_forumpost).'/1">Результаты</a><br>';
echo '<input type="submit" name="submit" value="Голосовать"><br></form>';
}else{
echo '<hr><b>Вопрос: '.$theme['itemvote'].'</b><small><br>';
$vts = mysql_query("SELECT * FROM `vote` WHERE `theme` = '".$id."'");
while($vt = mysql_fetch_array($vts)){
$proc = percent($vt['event'],$theme['take_vote']);
echo ''.$vt['quesn'].' [<b>'.$vt['event'].'</b>]<br>';
echo '<img src="'.$config_home.'/forum/grafic.php?perc='.$proc.'" alt="'.$proc.'%"><br>';}echo '<br>';}
$chkd = mysql_fetch_array(mysql_query("SELECT * FROM `voter` WHERE `user` = '".$log."' AND `theme` = '".$id."'"));
if (!trim($chkd) && trim($log) && $_GET['vote_result']=='1'){
echo '<a href="'.$config_home.'/forum/posts/'.$id.'/'.strts($id,$config_forumpost).'">Голосовать</a><br>';}}
/////////////////////////////////////////////////////конец голосования/////////////////////////////////////////////////////
echo '</small></div>';}
///////////////////////////////////////////////////// Навигация /////////////////////////////////////////////////////
function pages($start, $total, $page, $onpage, $uposts, $config_forumpost){
if ($start != 0)
echo '<a href="'.$config_home.'/forum/posts/'.(int)$_GET['id'].'/'.($start - $onpage).'"><-Назад</a> ';
else echo '<-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo '<a href="'.$config_home.'/forum/posts/'.(int)$_GET['id'].'/'.($start + $onpage).'">Далее-></a>';
else echo 'Далее->';
if ($total > 0) {
$ba = ceil($total / $onpage);
$ba2 = $ba * $onpage - $onpage;
echo '<br/>Страницы:';
$asd = $start - ($onpage * 3);
$asd2 = $start + ($onpage * 4);
if ($asd < $total && $asd > 0)
echo ' <a href="'.$config_home.'/forum/posts/'.(int)$_GET['id'].'/0">1</a> ... ';
for($i = $asd; $i < $asd2;) {
if ($i < $total && $i >= 0) {
$ii = floor(1 + $i / $onpage);
if ($start == $i) echo ' <b>[' . $ii . ']</b>';
else
echo ' <a href="'.$config_home.'/forum/posts/'.(int)$_GET['id'].'/'.$i.'">' . $ii . '</a>';}
$i = $i + $onpage;}
if ($asd2 < $total)
echo ' ... <a href="'.$config_home.'/forum/posts/'.(int)$_GET['id'].'/'.$ba2.'">' . $ba . '</a>';}}
$total = $uposts;
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if ($start > $total) $start = 0;
if ($total < $start + $config_forumpost) $end = $total;
else $end = $start + $config_forumpost;
$n = $start + $n;
//////////////////////////////////////////////////// Конец навигации/////////////////////////////////////////////////////
$posts = mysql_query("SELECT * FROM `posts` WHERE `theme` = '".$id."' ORDER BY `id` ASC LIMIT $start, $config_forumpost");
while ($post = mysql_fetch_array($posts)) { $n++;
$ava = file(BASEDIR . 'local/profil/'.$post['author'].'.prof');
$avv = explode(":||:", $ava[0]);
if ($udata['45'] == "1" || $udata['45'] == NULL) {
////////////////////////////////////////////////// Если включенны аватары///////////////////////////////////////////////////////
if ($avv[43] != "" && $avv[43] != "noavatar.gif") {
echo '<div class="b"><table><tr><td width="32"><img src="'.$config_home.'/'.$avv['43'].'" alt=""> ';
} else {
echo '<div class="b"><table><tr><td width="32"><img src="'.$config_home.'/images/avators/noavatar.gif" alt=""> ';
}
echo '</td><td width="100%">'.$n.'.';
$filename = ''.BASEDIR .'local/profil/'.$post['author'].'.prof';
if (file_exists($filename)) {
if ($post['author_n'] != NULL){echo '<a href="'.$config_home.'/pages/anketa.php?uz='.$post['author'].'"><b>'.$post['author_n'].'</b></a>';
}else{echo '<a href="'.$config_home.'/pages/anketa.php?uz='.$post['author'].'"><b>'.$post['author'].'</b></a>';}
} else {
if ($post['author_n'] != NULL){echo '<b>'.$post['author_n'].'/<b>';
}else{echo '<b>'.$post['author'].'</b>';}
}
echo ' '.user_title($post['author']).' '.user_online($post['author']).' <br>';
echo '<small>['.dfixe($post['time']).']</small>';
if ($config_strtsz){ echo ''.strtsz($post['author'],$config_home).'';}
echo '<br>';
$ssim = $sitetime-60*10;
if ($post['author'] != $log && $theme['status'] != "1") {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
echo '<a href="'.$config_home.'/forum/say/'.$post['id'].'">[отв]</a>';
echo '<a href="'.$config_home.'/forum/cyt/'.$post['id'].'">[цит]</a>';
echo '<a href="'.$config_home.'/pages/privat.php?action=submit&uz='.$post['author'].'">[лс]</a>';}
}elseif($post['author'] == $log && $theme['status'] != "1" && $post['time'] > $ssim){
echo '<a href="'.$config_home.'/forum/edite/'.$post['id'].'">[Редактировать]</a>';}
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
if ($_SESSION['mufbc']) {
echo '<a href="'.$config_home.'/forum/delpost/'.$post['id'].'">[DEL]</a>';
echo '<a href="'.$config_home.'/forum/edit/'.$post['id'].'">[EDIT]</a>';}}
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$under['id']."' "));
if (trim($checks)) {echo '<a href="'.$config_home.'/forum/delpost/'.$post['id'].'">[DEL]</a>';}
}
echo "</td></tr></table></div><div>\n";
////////////////////////////////////////////////// Выключенны аватары///////////////////////////////////////////////////////
} else {
echo '<div class="b">'.$n.'. ';
$filename = '../local/profil/'.$post['author'].'.prof';
if (file_exists($filename)) {
if ($post['author_n'] != NULL){echo '<a href="'.$config_home.'/pages/anketa.php?uz='.$post['author'].'"><b>'.$post['author_n'].'</b></a>';
}else{echo '<a href="'.$config_home.'/pages/anketa.php?uz='.$post['author'].'"><b>'.$post['author'].'</b></a>';}
} else {
if ($post['author_n'] != NULL){echo '<b>'.$post['author_n'].'/<b>';
}else{echo '<b>'.$post['author'].'</b>';}
}
echo ' '.user_title($post['author']).' '.user_online($post['author']).' ';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
if ($_SESSION['mufbc']) {
echo '<a href="'.$config_home.'/forum/delpost/'.$post['id'].'">[DEL]</a>';
echo '<a href="'.$config_home.'/forum/edit/'.$post['id'].'">[EDIT]</a>';}}
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$under['id']."' "));
if (trim($checks)) {echo '<a href="'.$config_home.'/forum/delpost/'.$post['id'].'">[DEL]</a> ';}}
echo '<br><small>['.dfixe($post['time']).']</small><br>';
$ssim = $sitetime-60*10;
if ($post['author'] != $log && $theme['status'] != "1") {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
echo '<a href="'.$config_home.'/forum/say/'.$post['id'].'">[отв]</a>';
echo '<a href="'.$config_home.'/forum/cyt/'.$post['id'].'">[цит]</a>';
echo '<a href="'.$config_home.'/pages/privat.php?action=submit&uz='.$post['author'].'">[лс]</a>';}
}elseif($post['author'] == $log && $theme['status'] != "1" && $post['time'] > $ssim){
echo '<a href="'.$config_home.'/forum/edite/'.$post['id'].'">[Редактировать]</a>';}
echo '</div><div>';}
////////////////////////////////////////////////// Конец///////////////////////////////////////////////////////
if ($post['cyt'] != NULL) {
echo '<div style="margin:1px0px-5px4px;color:#878787;border-left:3px solid silver;border-bottom:1px solid silver;
"> <small>'.antimat(smiles2(bb_code(check2($post['cyt'])))).'</small></div><br>';}
if (strlen($post['msg']) > '1000') {
echo antimat(smiles(bb_code(check2(utf8_substr($post['msg']))))) . '<br>';
echo '<a href="'.$config_home.'/forum/poste/'.$id.'/'.$post['id'].'">Читать все >></a><br>';
}else{
echo antimat(smiles2(bb_code(check2($post['msg'])))).'<br>';
}
if ($post['file'] != NULL) {
if(file_exists('files/'.$post['file'].'')){
$ufile = 'files/'.$post['file'].'';
$ufilez = round(filesize($ufile) / 1024, 1);
echo '<br><img src="'.$config_home.'/forum/img/d.gif" alt=""> ';
echo '<small><a href="'.$config_home.'/forum/down/'.$post['id'].'">'.$post['file'].'</a> ';
echo '['.$post['down'].'] ['.$ufilez.'kb]';
if ($_SESSION['mufbc']) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
echo '[<a href="'.$config_home.'/forum/deletefile/'.$post['id'].'"><span style="color:#ff0000;">DEL</span></a>]';}}}
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$under['id']."' "));
if (trim($checks)) {echo '[<a href="'.$config_home.'/forum/deletefile/'.$post['id'].'"><span style="color:#ff0000;">DEL</span></a>]';}
echo '</small><br>';
}else{
echo '<br><img src="'.$config_home.'/forum/img/err.gif" alt=""> <small>Файл удален!</small><br>';}}
if ($post['edit'] != '0') {
echo '<small><img src="'.$config_home.'/forum/img/e.gif" alt=""> Изм. ' . lognik($post['edit_author']) . ' (' . date_fixed($post['time']) . ') [' . $post['edit'] . ']</small><br>';}
echo '<span style="color:#CC00CC; font-size: 9px;">('.$post['brow'].', '.$post['ip'].')</span></div>';
}
echo '<br><hr><div>';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($theme['status'] != '1') {
echo '<form action="'.$config_home.'/forum/add/'.$id.'" method="post">';
echo 'Сообщение: <br><textarea cols="25" rows="3" name="msg"></textarea><br>';
if ($config_translit == "1") {echo '<input name="trans" type="checkbox" value="1"> Транслит сообщения<br>';}
echo '<input name="file" type="checkbox" value="1"> Добавить файл<br>';
echo '<input type="submit" name="add" value="Написать"></form>';
}else{echo '<br> <img src="'.$config_home.'/images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!<br><br>';}
}else{
echo '<br>Вы не авторизованы, чтобы добавить сообщение необходимо<br>';
echo '<b><a href="'.$config_home.'/pages/vhod.php?">Авторизоваться</a></b> или в начале ';
echo '<b><a href="'.$config_home.'/pages/registration.php?">Зарегистрироваться</a></b><br><br>';
}
echo '</div><div class="b"> Всего сообщений: '.$theme['posts'].' ';
if ($theme['files'] != '0') {echo '/ Вложений: '.$theme['files'].'';}
echo '</div><div>';
if ($theme['posts'] >= $config_forumpost) {
pages($start, $total, 'index.php', $config_forumpost, $uposts, $config_forumpost);
echo '<form action="'.$config_home.'/forum/go/'.$id.'" method="post">';
echo '<input type="text" name="start" size="2">';
echo '<input type="submit" value="К странице >>"></form><hr>';}
echo '<small><a href="#up">Вверх</a> | ';
echo '<a href="'.$config_home.'/pages/smiles.php?">Смайлы</a> | ';
echo '<a href="'.$config_home.'/pages/tegi.php?">Теги</a> | ';
echo '<a href="'.$config_home.''.$_SERVER['REQUEST_URI'].'">Обновить</a> | ';
echo '<a href="'.$config_home.'/forum/who/'.$id.'">Кто тут?('.mysql_result(mysql_query("SELECT COUNT(*) FROM `who` WHERE `theme`='$id'"), 0).')</a></small>';
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
if ($_SESSION['mufbc']) {echo '<div class="b"><a href="'.$config_home.'/forum/index.php?m=2">Выход</a></div>';
} else {echo ' | <small><a href="'.$config_home.'/forum/index.php?m=1">Адм</a></small>'; }}}
echo '<br></div>';
}else{echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Такой темы не существует, возможно она была удалена модератором!<br><br></div>';}
}else{echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Такой темы не существует, возможно она была удалена модератором!<br><br></div>';}
break;
case('deletefile'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
$psts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."' ");
$pst = mysql_fetch_array($psts);
unlink('files/'.$pst['file'].'');
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;
} else{
$psts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."' ");
$pst = mysql_fetch_array($psts);
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$pst['under']."' "));
if (trim($checks)) {
unlink('files/'.$pst['file'].'');
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}
break;
case('who'):
$id = (int)$_GET['id'];
if ($id) {
$whs = mysql_query("SELECT * FROM `who` WHERE `under` = '$id' ");
$wh = mysql_fetch_array($whs);
if ($wh['under'] != NULL) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '$id'"));
} else {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `theme` WHERE `id` = '$id'"));}
if (trim($check)) {
if ($wh['under'] != NULL) {
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '$id' ");
$under = mysql_fetch_array($unders);
echo "<div class=b> Кто в разделе "" . $under['name'] . "." </div><br>\n";
$whos = mysql_query("SELECT * FROM `who` WHERE `under` = '$id' ORDER BY `id` ASC");
} else {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
echo "<div class=b> Кто в теме "" . $theme['name'] . "." </div><br>\n";
$whos = mysql_query("SELECT * FROM `who` WHERE `theme` = '$id' ORDER BY `id` ASC");}
echo '<div>';
if (mysql_num_rows($whos) != '0') {
while ($who = mysql_fetch_array($whos)) {
echo "<a href='".$config_home."/pages/anketa.php?uz=" . $who['user'] . "&'>".lognik($who['user'])."</a>, ";
}} else {echo "Тут никого нет!";}
echo '</div>';
if ($wh['under'] != null) {
echo "<br><div class=b>Всего: (" . mysql_result(mysql_query("SELECT COUNT(*) FROM `who` WHERE `under`='$id'"), 0) . ") </div>\n";
} else {
echo "<br><div class=b>Всего: (" . mysql_result(mysql_query("SELECT COUNT(*) FROM `who` WHERE `theme`='$id'"), 0) . ") </div>\n";}
} else {echo "<br> <img src='".$config_home."/images/img/close.gif' alt=''> Ошибка! Данного раздела не существует!<br>\n";}
} else {echo "<br> <img src='".$config_home."/images/img/close.gif' alt=''> Ошибка! Данного раздела не существует!<br>\n";}
break;
case('where'):
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="' . $page . '?act=where&start=' . ($start - $onpage) . '"><-Назад</a> ';
else echo '<-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="' . $page . '?act=where&start=' . ($start + $onpage) . '">Далее-></a>';
else echo 'Далее->';
if ($total > 0) {
$ba = ceil($total / $onpage);
$ba2 = $ba * $onpage - $onpage;
echo '<br/>Страницы:';
$asd = $start - ($onpage * 3);
$asd2 = $start + ($onpage * 4);
if ($asd < $total && $asd > 0) echo ' <a href="' . $page . '?act=where&start=0">1</a> ... ';
for($i = $asd; $i < $asd2;) {
if ($i < $total && $i >= 0) {
$ii = floor(1 + $i / $onpage);
if ($start == $i) echo ' <b>[' . $ii . ']</b>';
else echo ' <a href="' . $page . '?act=where&start=' . $i . '">' . $ii . '</a>';}
$i = $i + $onpage;}
if ($asd2 < $total) echo ' ... <a href="' . $page . '?act=where&start=' . $ba2 . '">' . $ba . '</a>';}}
$whs = mysql_query("SELECT * FROM `who` ORDER BY `time` DESC LIMIT $start, 10");
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `who`"), 0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if ($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;
if (mysql_num_rows($whs) != '0') {
while ($wh = mysql_fetch_array($whs)) {
echo '<div class="b"> <img src="'.$config_home.'/images/img/chel.gif" alt=""> <a href="'.$config_home.'/pages/anketa.php?uz='.$wh['user'].'">';
$date = file(BASEDIR . "local/profil/$wh[user].prof");
$filename = "" . BASEDIR . "local/profil/$wh[user].prof";
if (file_exists($filename)) {
$date = explode(":||:", $date[0]);
if ($date[65]) {echo "" . $date['65'] . "</a> ";
} else {echo "" . $wh['user'] . "</a> ";}
} else { echo "" . $wh['user'] . "</a> ";}
echo " " . user_online($wh[user]) . "</div>\n";
if ($wh['theme'] > '0') {
if ($wh['user'] != $log) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '" . $wh['theme'] . "' ");
$thm = mysql_fetch_array($themes);
echo '<div>В теме: <a href="'.$config_home.'/forum/posts/'.$wh['theme'].'">'.$thm['name'].'</a></div>';
} else {echo '<div>Тут в списке!</div>';}
} else { if ($wh['user'] != $log) {
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '" . $wh['under'] . "' ");
$under = mysql_fetch_array($unders);
echo '<div>В разделе: <a href="'.$config_home.'/forum/themes/'.$wh['under'].'">'.$under['name'].'</a></div>';
} else { echo "<div>Тут в списке!</div>\n";}}}
} else {echo '<div><img src="'.$config_home.'/images/img/close.gif" alt=""> Никого нет на форуме!</div><br>';}
if ($start != '0') {echo '<hr>';
pages($start, $total, 'index.php', 10);}
break;
case('status'):
$id = (int)$_GET['id'];
if ($id) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
if ($theme['status']) {
mysql_query("UPDATE `theme` SET `status`='0' WHERE `id` = '$id'");
} else {
mysql_query("UPDATE `theme` SET `status`='1' WHERE `id` = '$id'");}
header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;
}else{
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
$theme = mysql_fetch_array($themes);
$check_mod = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$theme['under']."'"));
if ($check_mod != 0) {
if ($theme['status']) {
mysql_query("UPDATE `theme` SET `status`='0' WHERE `id` = '$id'");
} else {
mysql_query("UPDATE `theme` SET `status`='1' WHERE `id` = '$id'");}
header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;
}}}}
break;
case('sts'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($id) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
$theme = mysql_fetch_array($themes);
if ($theme['author'] == $log){
if ($theme['status'] == '0') {mysql_query("UPDATE `theme` SET `status`='1' WHERE `id` = '$id'");}
}else{header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;}
header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;}}
break;
case('locked'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
if ($id) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
if ($theme[locked] == '1') {
mysql_query("UPDATE `theme` SET `locked`='0' WHERE `id` = '$id'");
} else {
mysql_query("UPDATE `theme` SET `locked`='1' WHERE `id` = '$id'");}
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '$id'"), 0);
header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;}}}
break;
case('del'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
if ($id) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
$unders = mysql_query("SELECT * FROM `under` WHERE `id` = '" . $theme['under'] . "'");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT * FROM `forums` WHERE `id` = '" . $under['forum'] . "'");
$forum = mysql_fetch_array($forums);
mysql_query("DELETE FROM `theme` WHERE `id` = '$id'");
mysql_query("DELETE FROM `posts` WHERE `theme` = '$id'");
mysql_query("DELETE FROM `vote` WHERE `theme` = '$id'");
mysql_query("DELETE FROM `voter` WHERE `theme` = '$id'");
mysql_query("DELETE FROM `itemvote` WHERE `theme` = '$id'");
mysql_query("DELETE FROM `bookmark` WHERE `theme` = '$id'");
$thms = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme`"), 0);
mysql_query("UPDATE `stat` SET `theme`='$thms'");
$udrs = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0);
mysql_query("UPDATE `stat` SET `under`='$udrs'");
$psts = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
mysql_query("UPDATE `stat` SET `post`='$psts'");
$frms = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
mysql_query("UPDATE `stat` SET `forum`='$frms'");
$udr = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `under` = '" . $under['id'] . "'"), 0);
mysql_query("UPDATE `under` SET `posts`='$udr+1' WHERE `id` = '" . $under['id'] . "'");
$frm = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `forums` = '" . $forum['id'] . "'"), 0);
mysql_query("UPDATE `forums` SET `posts`='$frm+1' WHERE `id` = '" . $forum['id'] . "'");
$thm = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme` WHERE `under` = '" . $under['id'] . "'"), 0);
mysql_query("UPDATE `under` SET `theme`='$thm+1' WHERE `id` = '" . $under['id'] . "'");
$thm2 = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme` WHERE `forums` = '" . $forum['id'] . "'"), 0);
mysql_query("UPDATE `forums` SET `theme`='$thm2+1' WHERE `id` = '" . $forum['id'] . "'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['0'] = "$frms";
$edata['1'] = "$udrs";
$edata['2'] = "$thms";
$edata['3'] = "$psts";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: ".$config_home."/forum/themes/".$theme['under'].""); exit;}}}
break;
case('cyt'):
$id = (int)$_GET['id'];
if ($id) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($theme['status'] != '1') {
$posts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."'");
$post = mysql_fetch_array($posts);
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$post['theme']."' ");
$theme = mysql_fetch_array($themes);
if ($theme['status'] != '1') {
if ($post['author_n'] != NULL){
$cyt = "".$post['author_n']." (" . dfixe($post['time']) . ") \n" . $post['msg'] . "";
}else{
$cyt = "".$post['author']." (" . dfixe($post['time']) . ") \n" . $post['msg'] . "";}
echo '<div class="b">Тема: ' . $theme['name'] . '</div><div><br>';
echo '<form action="'.$config_home.'/forum/add/'.$theme['id'].'/'.$post['author'].'" method="post">';
echo 'Цитата:<br><textarea cols="25" rows="3" name="cyt">'.$cyt.'</textarea><br>';
echo 'Допустимо макс. 200 символов. <br>Весь лишний текст обрезается.<hr><br>';
echo 'Сообщение:<br><textarea cols="25" rows="3" name="msg"></textarea><br>';
echo '<input name="priv" type="checkbox" value="1"> Оповестить по привату<br>';
if ($config_translit == "1") {echo '<input name="trans" type="checkbox" value="1"> Транслит сообщения<br>';}
echo '<input name="file" type="checkbox" value="1"> Добавить файл<br>';
echo '<input type="submit" name="add" value="Написать"></form></div>';
}else{echo '<br><img src="../images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!<br><br>';}
}else{echo '<br><img src="../images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!<br><br>';}}}
break;
case('say'):
$id = (int)$_GET['id'];
if ($id) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$posts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."'");
$post = mysql_fetch_array($posts);
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$post['theme']."' ");
$theme = mysql_fetch_array($themes);
if ($theme['status'] != '1') {
if ($post['author_n'] != NULL){$autr = $post['author_n'];
}else{$autr = $post['author'];}
echo '<div class=b>Тема: '.$theme['name'].'</div><div><br>';
echo '<form action="'.$config_home.'/forum/add/'.$theme['id'].'/'.$post['author'].'" method="post">';
echo 'Сообщение:<br><textarea cols="25" rows="3" name="msg">'.$autr.',</textarea><br>';
echo '<input name="priv" type="checkbox" value="1"> Оповестить по привату<br>';
if ($config_translit == "1"){echo '<input name="trans" type="checkbox" value="1"> Транслит сообщения<br>';}
echo '<input name="file" type="checkbox" value="1"> Добавить файл<br>';
echo '<input type="submit" name="add" value="Написать"></form></div>';
}else{ echo '<br><img src="../images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!<br><br>';}}}
break;
case('edite'):
$id = (int)$_GET['id'];
if ($id) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$posts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."'");
$post = mysql_fetch_array($posts);
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$post['theme']."' ");
$theme = mysql_fetch_array($themes);
if ($post[author] == $log) {
$ssim = $sitetime-60*10;
if ($post['time'] > $ssim) {
echo '<div class="b">Тема: '.$theme['name'].'</div>';
echo '<div>';
echo '<form action="'.$config_home.'/forum/edites/'.$id.'" method="post">';
echo 'Сообщение:<br><textarea cols="25" rows="3" name="msg">'.$post['msg'].'</textarea><br>';
echo '<input type="submit" name="add" value="Изменить"></form></div>';
} else {echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Время для изменения сообщения вышло!</div><br>';}
} else {echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Вы не автор данного сообщения!</div><br>';}
} else {echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!</div><br>';}}
break;
case('edites'):
$id = (int)$_GET['id'];
if ($id) {
if ($_POST['msg']) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$posts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."'");
$post = mysql_fetch_array($posts);
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$post['theme']."' ");
$theme = mysql_fetch_array($themes);
if ($post[author] == $log) {
$ssim = $sitetime-60*10;
if ($post['time'] > $ssim) {
$msg = checkus($_POST['msg']);
mysql_query("UPDATE `posts` SET `msg`='$msg' WHERE `id` = '$id'");
mysql_query("UPDATE `posts` SET `edit`=edit+1 WHERE `id` = '$id'");
mysql_query("UPDATE `posts` SET `edit_time`='$sitetime' WHERE `id` = '$id'");
mysql_query("UPDATE `posts` SET `edit_author`='$log' WHERE `id` = '$id'");
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$theme['id']."'"), 0);
if ($filek != '0') {$filek = $filek-1;}
$start = floor($filek / $config_forumpost) * $config_forumpost;
header ("Location: ".$config_home."/forum/posts/".$theme['id']."/".$start.""); exit;
} else {echo '<br> <img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Время для изменения сообщения вышло!<br>';}
} else { echo '<br> <img src="'.$config_home.'/images/img/close.gif" alt=""> Ошибка! Вы не автор данного сообщения!<br>';}}
} else { header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}
break;
case('afile'):
$id = (int)$_GET['id'];
if ($id) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '$id' ");
$theme = mysql_fetch_array($themes);
$posts = mysql_query("SELECT * FROM `posts` WHERE `theme` = '$id' AND `author` = '$log' ORDER BY `time` DESC LIMIT 1");
$post = mysql_fetch_array($posts);
echo '<div class="b">Тема: '.$theme['name'].'</div>';
if ($post['fil'] != '1'){
echo '<div>';
echo '<form action="'.$config_home.'/forum/load/'.$id.'" method="POST" enctype="multipart/form-data"><br>';
echo 'Файл:<br> <input type="file" name="t_item"> <br>';
echo '<input type="submit" name="file" value="Добавить"></form>';
echo 'Макс. размер: 2000kb<br>';
echo '</div>';
}else{echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> К данному посту уже прикреплен файл!</div><br>';}}}
break;
case('load'):
$id = (int)$_GET['id'];
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($id) {
$posts = mysql_query("SELECT * FROM `posts` WHERE `theme` = '$id' AND `author` = '$log' ORDER BY `time` DESC LIMIT 1");
$post = mysql_fetch_array($posts);
if ($post['fil'] != '1'){
if ($file) {
if ($conf_forum_files == '1') {old('files', $conf_forum_files_time);}
$rand_file = rand(1000, 99999999);
$file_format = $_FILES[t_item][name];
$ext = strtolower(substr($file_format, 1 + strrpos($file_format, ".")));
$ext2 = array("asp", "aspx", "shtml", "htd", "php", "php3", "php4", "php5", "phtml", "htt", "cfm", "tpl", "dtd", "hta", "pl", "js", "jsp", "rtf","htaccess");
if (in_array($ext, $ext2)) {
echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Запрещенный тип файла!</div><br>';
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$post['theme']."'"), 0);
if ($filek != '0') {$filek = $filek-1;}
$start = floor($filek / $config_forumpost) * $config_forumpost;
echo '<div><hr>: <a href="'.$config_home.'/forum/posts/'.$post['theme'].'/'.$start.'">В тему</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';
echo '::: <a href="'.$config_home.'/">На главную</a></div>';
include_once"../themes/$config_themes/foot.php";
exit;}
if ($_FILES["filename"]["size"] < 1024 * 2 * 1024) {
$file_light_name = "$rand_file.$ext";
$upfiledir = "files/";
$upfile = $upfiledir . basename($file_light_name);
if (move_uploaded_file($_FILES[t_item][tmp_name], $upfile)) {
$flsbl = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme`='".$post['theme']."' AND `fil`='1'"), 0)+1;
mysql_query("UPDATE `theme` SET `files`='".$flsbl."' WHERE `id` = '".$post['theme']."'");
mysql_query("UPDATE `posts` SET `file`='$rand_file.$ext' WHERE `id` = '".$post['id']."'");
mysql_query("UPDATE `posts` SET `fil`='1' WHERE `id` = '".$post['id']."'");
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$id."'"), 0);
if ($filek != '0') {$filek = $filek-1;}
$start = floor($filek / $config_forumpost) * $config_forumpost;
header ("Location: ".$config_home."/forum/posts/".$id."/".$start.""); exit;}
}else{echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком большой файл!</div><br>';}}
}else{echo '<br><div> <img src="'.$config_home.'/images/img/close.gif" alt=""> К данному посту уже прикреплен файл!</div><br>';}}}break;
case('search'):
echo '<div class="b"> Поиск по форуму </div><div>';
echo '<form action="'.$config_home.'/forum/search/0" method="post">';
echo 'Что ищем:<br> <input type="text" name="chto" maxlength="32"><br>';
echo 'Где ищем:<br> <select name="who">';
echo '<option value="0" selected="selected">Не имеет значения</option>';
$frms = mysql_query("SELECT * FROM `forums` ORDER BY `position`");
while ($frm = mysql_fetch_array($frms)) {
echo '<option value="f_'.$frm['id'].'">--'.$frm['name'].'</option>';
$und = mysql_query("SELECT * FROM `under` WHERE `forum` = '".$frm['id']."' ORDER BY `position`");
while ($un = mysql_fetch_array($und)) {
echo '<option value="u_'.$un['id'].'">'.$un['name'].'</option>';}}
echo '</select><br>';
echo '<input name="wh" type="radio" value="0" checked="checked"> В темах <br>';
echo '<input name="wh" type="radio" value="1"> В сообщениях <br>';
echo '<input type="submit" value="Искать">';
echo '</form></div>';
break;
case('down'):
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `posts` WHERE `id` = '$id'"));
if (trim($check)) {
$posts = mysql_query("SELECT * FROM `posts` WHERE `id` = '$id'");
$post = mysql_fetch_array($posts);
mysql_query("UPDATE `posts` SET `down`=down+1 WHERE `id` = '$id'");
header ("Location: ".$config_home."/forum/files/".$post['file'].""); exit;}}
break;
case('delfm'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `forums` WHERE `id` = '$id'"));
if (trim($check)) {
mysql_query("DELETE FROM `forums` WHERE `id`='$id'");
mysql_query("DELETE FROM `under` WHERE `forum`='$id'");
mysql_query("DELETE FROM `theme` WHERE `forums`='$id'");
mysql_query("DELETE FROM `posts` WHERE `forums`='$id'");
mysql_query("DELETE FROM `vote` WHERE `forum` = '$id'");
mysql_query("DELETE FROM `voter` WHERE `forum` = '$id'");
mysql_query("DELETE FROM `itemvote` WHERE `forum` = '$id'");
$f = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
mysql_query("UPDATE `stat` SET `forum`='$f'");
$u = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0);
mysql_query("UPDATE `stat` SET `under`='$u'");
$t = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme`"), 0);
mysql_query("UPDATE `stat` SET `theme`='$t'");
$p = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
mysql_query("UPDATE `stat` SET `post`='$p'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['0'] = "$f";
$edata['1'] = "$u";
$edata['2'] = "$t";
$edata['3'] = "$p";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}
} } }
break;
case('dowfm'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `forums` WHERE `id` = '$id'"));
if (trim($check)) {
$req = mysql_query("SELECT `position` FROM `forums` WHERE `id` = '$id'");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$position = $res['position'];
$req = mysql_query("SELECT * FROM `forums` WHERE `position` > '$position' ORDER BY `position` ASC");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$id2 = $res['id'];
$position2 = $res['position'];
mysql_query("UPDATE `forums` SET `position` = '$position2' WHERE `id` = '$id'");
mysql_query("UPDATE `forums` SET `position` = '$position' WHERE `id` = '$id2'");}}
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}}
break;
case('upfm'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `forums` WHERE `id` = '$id'"));
if (trim($check)) {
$req = mysql_query("SELECT `position` FROM `forums` WHERE `id` = '$id'");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$position = $res['position'];
$req = mysql_query("SELECT * FROM `forums` WHERE `position` < '$position' ORDER BY `position` DESC");
if (mysql_num_rows($req) > 0) {
$res = mysql_fetch_array($req);
$id2 = $res['id'];
$position2 = $res['position'];
mysql_query("UPDATE `forums` SET `position` = '" . $position2 . "' WHERE `id` = '" . $id . "'");
mysql_query("UPDATE `forums` SET `position` = '" . $position . "' WHERE `id` = '" . $id2 . "'");}}
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}}
break;
case('delund'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102) {
$id = (int)$_GET['id'];
if ($id) {
$check = mysql_fetch_array(mysql_query("SELECT * FROM `under` WHERE `id` = '".$id."'"));
if (trim($check)) {
$req = mysql_query("SELECT * FROM `under` WHERE `id` = '".$id."'");
$res = mysql_fetch_array($req);
mysql_query("DELETE FROM `under` WHERE `id`='$id'");
mysql_query("DELETE FROM `theme` WHERE `under`='$id'");
mysql_query("DELETE FROM `posts` WHERE `under`='$id'");
mysql_query("DELETE FROM `vote` WHERE `under` = '$id'");
mysql_query("DELETE FROM `voter` WHERE `under` = '$id'");
mysql_query("DELETE FROM `itemvote` WHERE `under` = '$id'");
$f = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
$u = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0);
$t = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme`"), 0);
$p = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
mysql_query("UPDATE `forums` SET `under` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `theme` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `posts` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `last_theme` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `last_theme_name` = '' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `last_time` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `last_posts` = '0' WHERE `id` = '".$res['forum']."'");
mysql_query("UPDATE `forums` SET `last_login` = '' WHERE `id` = '".$res['forum']."'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['0'] = "$f";
$edata['1'] = "$u";
$edata['2'] = "$t";
$edata['3'] = "$p";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}}
break;
case('delpost'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($dostup == 101 || $dostup == 102 || $dostup == 103 || $dostup == 105) {
$psts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."' ");
$pst = mysql_fetch_array($psts);
$thms = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$pst['theme']."' ");
$thm = mysql_fetch_array($thms);
$p = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
mysql_query("DELETE FROM `posts` WHERE `id`='".$pst['id']."'");
mysql_query("UPDATE `theme` SET `posts`=posts-1 WHERE `id` = '".$thm['id']."'");
mysql_query("UPDATE `under` SET `posts`=posts-1 WHERE `id` = '".$thm['under']."'");
mysql_query("UPDATE `forums` SET `posts`=posts-1 WHERE `id` = '".$thm['forums']."'");
mysql_query("UPDATE `forums` SET `last_posts`=last_posts-1 WHERE `id` = '".$thm['forums']."'");
mysql_query("UPDATE `stat` SET `post`=post-1");
mysql_query("UPDATE `stat` SET `posts`='".$p."'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['3'] = $p;
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;
} else{
$psts = mysql_query("SELECT * FROM `posts` WHERE `id` = '".$id."' ");
$pst = mysql_fetch_array($psts);
$checks = mysql_fetch_array(mysql_query("SELECT * FROM `moders` WHERE `login` = '".$log."' AND `under` = '".$pst['under']."' "));
if (trim($checks)) {
$thms = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$pst['theme']."' ");
$thm = mysql_fetch_array($thms);
$p = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
mysql_query("DELETE FROM `posts` WHERE `id`='".$pst['id']."'");
mysql_query("UPDATE `theme` SET `posts`=posts-1 WHERE `id` = '".$thm['id']."'");
mysql_query("UPDATE `under` SET `posts`=posts-1 WHERE `id` = '".$thm['under']."'");
mysql_query("UPDATE `forums` SET `posts`=posts-1 WHERE `id` = '".$thm['forums']."'");
mysql_query("UPDATE `forums` SET `last_posts`=last_posts-1 WHERE `id` = '".$thm['forums']."'");
mysql_query("UPDATE `stat` SET `post`=post-1");
mysql_query("UPDATE `stat` SET `posts`='".$p."'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['3'] = $p;
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';}
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}}
break;
case('bookmarks'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$id = (int)$_GET['id'];
if ($id) {
mysql_query ("INSERT INTO `bookmark` (theme,time,user) VALUES ('$id','$sitetime','$log')");
header ("Location: ".$_SERVER['HTTP_REFERER'].""); exit;}}
break;
case('delbookmarks'):
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
$id = (int)$_GET['id'];
if ($id) {
mysql_query("DELETE FROM `bookmark` WHERE `theme`='$id' AND `user` = '$log'");
header ("Location: " . $_SERVER['HTTP_REFERER'] . ""); exit;}}
break;
}
echo '<div><hr>';
if ($_GET['act'] == 'say' || $_GET['act'] == 'cyt' || $_GET['act'] == 'edite' || $_GET['act'] == 'afile'){
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '" . (int)$_GET['id'] . "'"), 0);
if ($filek != '0') {$filek = $filek-1;}
$start = floor($filek / $config_forumpost) * $config_forumpost;
echo ': <a href="'.$config_home.'/forum/posts/'.$theme['id'].'/'.$start.'">В тему</a><br>';}
if ($_GET['act'] == 'load'){
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$post['theme']."'"), 0);
if ($filek != '0') {$filek = $filek-1;}
$start = floor($filek / $config_forumpost) * $config_forumpost;
echo ': <a href="'.$config_home.'/forum/posts/'.$post['theme'].'/'.$start.'">В тему</a><br>';}
if ($_GET['act'] == 'theme') {
echo ': <a href="'.$config_home.'/forum/themes/'.(int)$_GET['id'].'">Назад</a><br>';}
if ($_GET['act']) {echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>';}
echo '::: <a href="'.$config_home.'/">На главную</a><br>';
echo '<br><img src="'.$config_home.'/forum/img/byforum.gif" alt=""></div>';
include_once"../themes/$config_themes/foot.php";
?>