Просмотр файла forum/forum/add.php

Размер файла: 9.67Kb
<?php
require_once"../template/start.php";
require_once"../template/regglobals.php";
require_once"../template/config.php";
require_once"../template/functions.php";
require_once"../template/antidos.php";
require_once"../template/cookies.php";
require_once"../template/gzip.php";
require_once"../template/header.php";
require_once"../template/referer.php";
include_once"../themes/$config_themes/index.php";
include_once"../template/isset.php";
require_once"../template/db.php";
include_once"fnc.php";


$id = (int)$_GET['id'];
$check = mysql_fetch_array(mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."'"));
if (trim($check)) {
if ($provpar == md5($_SESSION['par']) && $provlog == $_SESSION['log']) {
if ($_POST['add']) {


if (strlen(trim($msg)) >= '3') {
if (strlen(trim($msg)) <= '5000') {
$themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
$theme = mysql_fetch_array($themes);

if (!trim($theme['status'])) {
$unders = mysql_query("SELECT id,name,forum FROM `under` WHERE `id` = '".$theme['under']."'");
$under = mysql_fetch_array($unders);
$forums = mysql_query("SELECT id,name FROM `forums` WHERE `id` = '".$under['forum']."'");
$forum = mysql_fetch_array($forums);
$compr = mysql_query("SELECT `msg` FROM `posts` WHERE `author` = '".$log."' ORDER BY `id` DESC");
$cpr = mysql_fetch_array($compr);

$af = mysql_query("SELECT * FROM `posts` WHERE `author`='".$log."' AND `time` >='".($sitetime - $config_floodstime)."';");
$af1 = mysql_num_rows($af);
$msg = checkus($msg);
if (empty($af1)) {
if (strcmp($cpr['msg'], $msg)) {
if ($_POST['trans']) { $msg = transliter($msg);} 
if ($_POST['cyt']) {$cyt = checkus($_POST['cyt']);} 

////////////////////////////////////////////// Если все нормально то записываем в базу ////////////////////////////////////////////										
mysql_query ("INSERT INTO `posts` (forums,under,theme,msg,author,author_n,time,brow,ip,cyt,edit) VALUES 
('".$forum['id']."','".$under['id']."','".$id."','".$msg."','".$log."','".nickname($_SESSION['log'])."','".$sitetime."','".$brow."','".$ip."','".$cyt."','0')");
//////////////////////////////////////////////////// Записываем последнюю тему ////////////////////////////////////////////////////

mysql_query("UPDATE `forums` SET `last_theme`='".$id."' WHERE `id` = '" . $forum['id'] . "'");
mysql_query("UPDATE `forums` SET `last_theme_name`='".$theme['name']."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_time`='".$sitetime."' WHERE `id` = '".$forum['id']."'");
mysql_query("UPDATE `forums` SET `last_login`='".nickname($_SESSION['log'])."' WHERE `id` = '".$forum['id']."'");

////////////////////////////////////////////////////  Оповещаем в приват //////////////////////////////////////////////////////
if ($_POST['priv']) {
$uz = trim($_GET['uz']);
if(file_exists(BASEDIR."local/profil/".$uz.".prof")){
$filesize = filesize(BASEDIR . "local/privat/$uz.$config_priv");
$filesize = round($filesize / 1024, 2);
$pers = round($filesize * 100 / $config_limitsmail);
if ($pers < 100) {
$ppus = mysql_query("SELECT * FROM `posts` WHERE `theme` = '$id' AND `author` = '$log' ORDER BY `time` DESC LIMIT 1");
$ppu = mysql_fetch_array($ppus);
$mess = base64_encode("Вам ответили на форуме! -=[b][url=".$config_home."/forum/poste/".$id."/".$ppu['id']."] Просмотреть [/url][/b]=-<br> 
Это системное сообщение, на него отвечать не нужно.");
$tex = $config_msg_pr_nikname . '|' . $mess . '|' . $sitetime . '|';
$fp = fopen(BASEDIR."local/privat/".$uz.".".$config_priv."", "a+");
flock ($fp, LOCK_EX);
fputs($fp, "$tex\r\n");
fflush ($fp);
flock ($fp, LOCK_UN);
fclose($fp); } 
$ufile = file(BASEDIR."local/profil/".$uz.".prof");
$udata = explode(":||:", $ufile[0]);
$udata[10]++;
for ($u = 0; $u < $config_userprofkey; $u++) {
$utext .= $udata[$u] . ':||:';} 
if ($udata[0] != "" && $udata[1] != "" && $udata[4] != "" && $utext != "") {
$fp = fopen("../local/profil/".$uz.".prof", "a+");
flock ($fp, LOCK_EX);
ftruncate ($fp, 0);
fputs($fp, $utext);
fflush ($fp);
flock ($fp, LOCK_UN);
fclose($fp);
unset($utext);}}}
//////////////////////////////////////////////////// 	Считаем сообщения	 //////////////////////////////////////////////////////
$thms = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$id."'"), 0);
$udr = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `under` = '" . $under['id'] . "'"), 0);
$frm = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `forums` = '" . $forum['id'] . "'"), 0);
$pst = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts`"), 0);
$f = mysql_result(mysql_query("SELECT COUNT(*) FROM `forums`"), 0);
$u = mysql_result(mysql_query("SELECT COUNT(*) FROM `under`"), 0);
$t = mysql_result(mysql_query("SELECT COUNT(*) FROM `theme`"), 0);
//////////////////////////////////////////////////// 	Обновляем счетчики	 //////////////////////////////////////////////////////
mysql_query("UPDATE `theme` SET `last`='".$log."' WHERE `id` = '$id'");
mysql_query("UPDATE `theme` SET `time`='".$sitetime."' WHERE `id` = '$id'");
mysql_query("UPDATE `theme` SET `posts`='".$thms."' WHERE `id` = '$id'");
mysql_query("UPDATE `forums` SET `last_posts`='".$thms."' WHERE `id` = '" . $forum['id'] . "'");
mysql_query("UPDATE `under` SET `posts`='".$udr."' WHERE `id` = '" . $under['id'] . "'");
mysql_query("UPDATE `forums` SET `posts`='".$frm."' WHERE `id` = '" . $forum['id'] . "'");
$efile = file(BASEDIR . "local/forum.dat");
$edata = explode(":||:", $efile['0']);
$edata['0'] = "$f";
$edata['1'] = "$u";
$edata['2'] = "$t";
$edata['3'] = "$pst";
for ($u = 0; $u < 4; $u++) {
$etext .= $edata[$u] . ':||:';} 
$efp = fopen(BASEDIR . "local/forum.dat", "a+");
flock($efp, LOCK_EX);
ftruncate($efp, '0');
fputs($efp, $etext);
fflush($efp);
flock($efp, LOCK_UN);
fclose($efp);
unset($etext);
///////////////////////////////////////////////Добовляем юзеру балы, посты и т.д/////////////////////////////////////////////////
$ufile = file(BASEDIR . "local/profil/".$log.".prof");
$udata = explode(":||:", $ufile[0]);
$udata[14] = $ip;
$udata[8]++;
$udata[36]++;
$udata[41]++;
for ($u = 0; $u < $config_userprofkey; $u++) {
$utext .= $udata[$u] . ':||:';} 
if ($udata[0] != "" && $udata[1] != "" && $udata[4] != "" && $utext != "") {
$fp = fopen(BASEDIR . "local/profil/".$log.".prof", "a+");
flock($fp, LOCK_EX);
ftruncate($fp, 0);
fputs($fp, $utext);
fflush($fp);
flock($fp, LOCK_UN);
fclose($fp);
unset($utext);} 

//////////////////////////////////////////////////// Считаем страницы в теме /////////////////////////////////////////////////
$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '$id'"), 0);
if ($filek != '0') { $filek = $filek-1;} 
$start = floor($filek / $config_forumpost) * $config_forumpost;
/////////////////////////////////////////////// Определяем куда перенаправить/////////////////////////////////////////////////
if ($_POST['file'] != "1") {
header ("Location: ".$config_home."/forum/posts/".$id."/".$start.""); exit;
} else {
header ("Location: ".$config_home."/forum/afile/".$id.""); exit; } 
///////////////////////////////////////////////////////// Выводим ошибки //////////////////////////////////////////////////////
} else {
  $themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
  $theme = mysql_fetch_array($themes);
  echo '<div class="b">Тема: '.$theme['name'].'</div>';
  echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Ваше сообщение повторяет предыдущее!</div><br>';} 

} else {
  $themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
  $theme = mysql_fetch_array($themes);
  echo '<div class="b">Тема: '.$theme['name'].'</div>';
  echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Вы не можете так часто писать, порог '.$config_floodstime.' секунд!</div><br>';} 
  
} else {
  $themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
  $theme = mysql_fetch_array($themes);
  echo '<div class="b">Тема: '.$theme['name'].'</div>';
  echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Данная тема закрыта для обсуждения!</div><br>';} 

} else {
  $themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
  $theme = mysql_fetch_array($themes);
  echo '<div class="b">Тема: '.$theme['name'].'</div>';
  echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Слишком большое сообщение!</div><br>';} 

} else {
  $themes = mysql_query("SELECT * FROM `theme` WHERE `id` = '".$id."' ");
  $theme = mysql_fetch_array($themes);
  echo '<div class="b">Тема: '.$theme['name'].'</div>';
  echo '<br><div><img src="'.$config_home.'/images/img/close.gif" alt=""> Сообщение должно состоять не меньше 3х символов!</div><br>';} 
}}} 


echo '<div><hr>';

$filek = mysql_result(mysql_query("SELECT COUNT(*) FROM `posts` WHERE `theme` = '".$theme['id']."'"), 0);
if ($filek != '0') {$filek = $filek-1;} 
$start = floor($filek / $config_forumpost) * $config_forumpost;

echo ': <a href="'.$config_home.'/forum/posts/'.$theme['id'].'/'.$start.'">В тему</a><br>';
echo ':: <a href="'.$config_home.'/forum/">В форум</a><br>'; 
echo '::: <a href="'.$config_home.'/">На главную</a>';
echo "</div>\n";

include_once"../themes/$config_themes/foot.php";
?>