Просмотр файла forum/topic.php

Размер файла: 13.36Kb
<?php
// by Mike O. (mides), coolcms.org

$title = 'Просмотр темы';
require_once '../includes/sys.php';
require_once '../includes/header.php';

switch ($act) {
	default:
        $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
        if (isset($topic['id'])) {
			$subcat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'"));
            echo '<div class="title"><a href="index.php?act=subcat&amp;id='.$topic['id_subcat'].'">'.$subcat['name'].'</a>&raquo; '.$topic['title'].'</div>';
            $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);

            $pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            $msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `time` LIMIT $begin, $config[onpage]");
            while ($msg = mysql_fetch_assoc($msg_r)) {				
                echo '<div class="post" id="'.$msg['id'].'"><div class="img">'.avatar($msg['id_user']).'</div> <a href="../other/profile.php?id='.$msg['id_user'].'">'.username($msg['id_user'], 2).'</a> '.ccdate($msg['time'], $msg['id_user']);
				if ($u['id']) {
					echo ' <a href="posting.php?act=reply&amp;id='.$msg['id'].'">Отв</a>|<a href="posting.php?act=quote&amp;id='.$msg['id'].'">Цит</a>';
                	if (access(1) or ($u['id'] == $msg['id_user'] and TIME - $msg['time'] < $config['edit_time'])) echo '|<a href="posting.php?act=edit&amp;id='.$msg['id'].'">Ред</a>';
					
                	if (access(2)) echo '|<a href="posting.php?act=del&amp;id='.$msg['id'].'">Уд</a>';
				}
				
				echo ' <a href="?act=rate&amp;id='.$msg['id'].'&amp;p='.$page.'"><image src="../images/arrow_down.png" alt="arrow_down" /></a><b>'.rating($msg['rating']).'</b><a href="?act=rate&amp;id='.$msg['id'].'&amp;ok=1&amp;p='.$page.'""><image src="../images/arrow_up.png" alt="arrow_up" /></a><br />';
				
                echo status($msg['id_user']);
				
				echo '<hr>'.bb($msg['text']);
                if ($msg['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">отредакт.: '.username($msg['edit_by']).' ('.ccdate($msg['edit_time'], 0).')</span>';
                echo '</div>'; 
				
		    }
			
			echo '<div class="body">';

            if ($u['access'] > 0) {
                echo $topic['closed'] == 1 ? '<a href="?act=open&amp;id='.$id.'">Откр.</a>' : '<a href="?act=close&amp;id='.$id.'">Закр.</a>';
                echo '|<a href="?act=edit&amp;id='.$topic['id'].'">Ред.</a>';
                if ($u['access'] > 1) echo '|<a href="?act=del&amp;id='.$id.'">Уд.</a>';
            }
            navig($page, '?act=topic&amp;id='.$id.'&amp;', $pages);
			
			echo '<hr>';

            if ($u['id']) {
                if ($topic['closed'] == 0) {
                    echo bbpanel('form', 'text').'
                    <form name="form" action="posting.php?act=add&amp;id='.$id.'" method="post">
                    <textarea name="text" cols="" rows="3"></textarea>';
                    echo '<input name="" type="submit" value="Ok">
                    </form>';
                } else {
                    echo 'Тема закрыта.';
                }
            } else {
                echo 'Вы не <a href="../other/login.php">авторизованы</a> для добавления сообщений.';
            }
            echo '<br /><a href="index.php?act=subcat&amp;id='.$topic['id_subcat'].'">'.$subcat['name'].'</a>&raquo; '.$topic['title'].'</div>';
        } else {
            redirect('index.php?');
        }
    break;

	case 'rate':
		$type = 'forum_msg';
		require_once '../includes/rate.php';
	break;

    case 'add':
        if ($u['id']) {
            $subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
            if ($subcat['id_cat']) {
                if (TIME > $antispam) {
                    if ($ok) {
						$title = check($_POST['title']);
						$text = check($_POST['text']);
						$code = abs(intval($_POST['code']));
                        if ($title and $text and $code) {
                            if ($_SESSION['code'] == $code) {
                                mb_internal_encoding('UTF-8');
                                if (mb_strlen($text) <= 2500) {
                                    mysql_query("INSERT INTO `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `title` = '$title', `id_user` = '$u[id]', `last_time` = '".time()."', `stuck` = '$stuck', `closed` = '$closed'");
                                    $id_topic = mysql_insert_id();
                                    mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `id_topic` = '$id_topic', `id_user` = '$u[id]', `text` = '$text', `time` = '".TIME."'");
                                    $_SESSION['antispam'] = TIME + $config['antispam'];
                                    redirect('?act=topic&id='.$id_topic);
                                } else {
                                    error('Слишком длинный текст.');
                                    nav('?act=add&amp;id='.$id);
                                }
                            } else {
                                error('Неверный код.');
                               nav('?act=add&amp;id='.$id);
                            }
                        } else {
							redirect('?act=add&id='.$id);
                        }
                    } else {
                        tp('<a href="?act=subcat&amp;id='.$id.'">'.$subcat['name'].'</a>&raquo; Создать тему');
                        echo '<div class="body"><form name="form" action="?act=add&amp;id='.$id.'&amp;ok=1" method="post">
                        Заголовок(max50):<br /><input name="title" type="text" maxlength="50" /><br />
                        Сообщение(max750):<br /> '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="4"></textarea>
                        <img src="../images/code.php" alt="" /> провер. код:<br/>
						<input name="code" maxlength="5" /><br />
                        <input name="submit" type="submit" value="Ok" />
                        </form>
						<br /><a href="?act=subcat&amp;id='.$id.'">'.$subcat['name'].'</a>&raquo; Создать тему
						</div>';
                    }
                } else {
                    error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
                    nav2('?act=subcat&amp;id='.$id);
                }
            }
        } else {
            redirect('login.php');
        }
    break;
	
    case 'edit':
        if (access(1)) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if (isset($topic['id'])) {
                if ($ok) {
					$title = check($_POST['title']);
					$text = check($_POST['text']);
                    if ($title and $text) {
						$subcat_id = abs(intval($_POST['subcat']));
						$subcat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$subcat_id'"));
						$stuck = abs(intval($_POST['stuck']));
						$closed = abs(intval($_POST['closed']));
						mysql_query("UPDATE `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]', `title` = '$title', `stuck` = '$stuck', `closed` = '$closed' WHERE `id` = '$id'");
						mysql_query("UPDATE `forum_msg` SET `text` = '$text' WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
						$msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
						while ($msg = mysql_fetch_assoc($msg_r)) {
								mysql_query("UPDATE `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]' WHERE `id` = '$msg[id]'");
						}
						redirect('?id='.$id);
                    } else {
                    	redirect('?act=edit&id='.$id);
                    }
                } else {
                    $msg_r = mysql_query("SELECT `text` FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
                    $msg = mysql_fetch_assoc($msg_r);

                    tp('Редактирование темы');
                    echo '<div class="body"><form name="form" action="?act=edit&amp;id='.$id.'&amp;ok=1" method="post">
                    <select name="subcat">';
                    $subcat_r1 = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'");
                    $subcat1 = mysql_fetch_assoc($subcat_r1);
                    $cat1 = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat1[id_cat]'"));
                    echo '<option value="'.$subcat1['id'].'">'.$cat1['name'].' &gt; '.$subcat1['name'].'</option>';

                    $subcat_r = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` != '$topic[id_subcat]' ORDER BY `id_cat`, `name`");
                    while ($subcat = mysql_fetch_assoc($subcat_r)) {
						$cat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
						echo '<option value="'.$subcat['id'].'">'.$cat['name'].' &gt; '.$subcat['name'].'</option>';
                    }
                    echo '</select><br />

                    '.$lang['title'].'(max50):<br /><input name="title" type="text" value="'.$topic['title'].'" maxlength="50" /><br />
                    '.$lang['text'].':<br /> '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="5">'.$msg['text'].'</textarea><br />';
                    echo $topic['stuck'] == 1 ? '<input name="stuck" type="checkbox" value="1" checked />' : '<input name="stuck" type="checkbox" value="1" />';
                    echo ' закрепить<br />';
                    echo $topic['closed'] == 1 ? '<input name="closed" type="checkbox" value="1" checked />' : '<input name="closed" type="checkbox" value="1" />';
                    echo ' закрыть<br />';
                    echo '<input name="submit" type="submit" value="Ok" />
                    </form>';
                    nav('?id='.$id);
                }
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;
	
    case 'close':
        if ($u['access'] > 0) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if ($topic['id']) {
                mysql_query("UPDATE `forum_topics` SET `closed` = 1 WHERE `id` = '$id'");
				mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$topic[id_cat]', `id_subcat` = '$topic[id_subcat]', `id_topic` = '$topic[id]', `id_user` = '$u[id]', `text` = ':closed', `time` = '".TIME."'");
                redirect('?act=topic&id='.$id);
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'open':
        if ($u['access'] > 0) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if ($topic['id']) {
                mysql_query("UPDATE `forum_topics` SET `closed` = 0 WHERE `id` = '$id'");
                header('location: ?act=topic&id='.$id);
                exit;
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'del':
		if (access(2)) {
			$topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
			if ($topic['id']) {
				if ($ok) {
					$forum_msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
					while ($forum_msg = mysql_fetch_assoc($forum_msg_r) ) {
							mysql_query("DELETE FROM `voting` WHERE `type` = 'forum' and `id_for` = '$forum_msg[id]'");
					}

					mysql_query("DELETE FROM `forum_msg` WHERE `id_topic` = '$id'");
					mysql_query("DELETE FROM `forum_topics` WHERE `id` = '$id'");
					redirect('index.php?act=subcat&id='.$topic['id_subcat']);
				} else {
					tp('Подтверждение');
					echo '<div class="body"><form name="form" action="?act=del&amp;id='.$id.'&amp;ok=1" method="post">
					Вы действительно хотите удалить тему "'.$topic['title'].'"?<br />
					<input name="submit" type="submit" value="&#1044;&#1072;" />
					</form>
					';
					nav('?act=topic&amp;id='.$id);
				}
			} else {
				redirect('index.php?');
			}
		} else {
			redirect('index.php?');
		}
    break;
	
	case 'end':
		$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
		if ($t_msg > 0) {
			$last_page = ceil($t_msg / $config['onpage']);
			
			// getting last message's ID
			// получаем ID последнего сообщения
			$msg_last_id = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `id` DESC LIMIT 1");
			$msg = mysql_fetch_assoc($msg_last_id);
			
			redirect('?id='.$id.'&p='.$last_page.'#'.$msg['id']);
		} else {
			redirect('index.php');
		}
	break;
		
}

require_once '../includes/tail.php';
?>