Просмотр файла moduls/forum.php

Размер файла: 15.48Kb
<?php
include_once'../system/xcms_core.php';$title='Форум';
if($_COOKIE['style']=='web')require_once '../system/web_head.php'; else require_once '../system/head.php';
switch($act){
	case 'last_post':
	echo'<div class="menu" style="text-align:center;"><a href="/forum/last_thread">Новые темы</a> | Новые сообщения</div>';
	$sex=$db->query("select * from `posts` order by `id` desc limit $set[p_str]");
	$total=$db->query("select `id` from `posts`")->rowCount();
	if($total>0){
		while($fex=$sex->fetch(PDO::FETCH_ASSOC)){
			$theme = $db->query("SELECT * FROM `themes` WHERE `id`='$fex[id_theme]'")->fetch(PDO::FETCH_ASSOC);
			$avtor = $db->query("SELECT * FROM `user` WHERE `id`='$fex[author_id]'")->fetch(PDO::FETCH_ASSOC);
			echo'<div class="menu">'.$fex['text'].'..<br />
			В теме: <a href="/forum/theme'.$theme['id'].'/page=end">'.$theme['name'].'</a> | От кого: <a href="/profile'.$avtor['id'].'">'.$avtor['login'].'</a></div>';
		}
	}else{echo'<div class="menu">Постов еще нет</div>';}
	back('/forum');
	break;
	
	case 'last_thread':
	echo'<div class="menu" style="text-align:center;">Новые темы | <a href="/forum/last_post">Новые сообщения</a></div>';
	$sex=$db->query("select * from `themes` order by `id` desc limit $set[p_str]");
	$total=$db->query("select `id` from `themes`")->rowCount();
	if($total>0){
		while($fex=$sex->fetch(PDO::FETCH_ASSOC)){
			$avtor=$db->query("select * from `user` where `id`='$fex[author_id]'")->fetch(PDO::FETCH_ASSOC);
			echo'<div class="menu"><a href="/profile'.$avtor['id'].'">'.$avtor['login'].'</a> &rarr; <a href="/forum/theme'.$fex['id'].'">'.$fex['name'].'</a> &rarr; '.clock($fex['time']).'</div>';
		}
	}else{echo'<div class="menu">Тем еще нет</div>';}
	back('/forum');
	break;
	
	case 'add_theme':
	if($user){
		$q=$db->query("select * from `forum` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
		if($q){
			echo '<div class="head">Создание темы</div><div class="menu">';
			if(($time-$user['flood'])>$da['flood']){
				if(!empty($_POST['name']) and !empty($_POST['text'])){
					$name=protect($_POST['name']);$name_strl=strlen($name);
					$text=nl2br(bb_code(smiles(protect($_POST['text']))));$text_strl=strlen($text);
					if($name_strl>$da['min_simb'] and $text_strl>$da['min_simb']){
						$db->query("INSERT INTO `themes` SET `id_forum` = '$id',`name` = '$name',`author_id` = '$user[id]',`time`= '$time',`status`='1',`avtor`='$user[id]',`time_last`='$time'");
						$new = $db->lastInsertId();
						$db->query("INSERT INTO `posts` SET `id_theme` = '$new',`id_forum`='$id',`author_id` = '$user[id]',`text` = '$text',`time` = '$time'");
						$db->prepare("UPDATE `users` SET `flood`='$time', `posts`=`posts`+1, `balans`=`balans`+2 WHERE `id` = '$user[id]'")->execute();
						echo'<meta http-equiv="refresh" content="0; url = /forum/theme'.$new.'">';
					}else{echo'<div class="menu">Мин. длина текста не менее '.$da['min_simb'].' символов</div>';}
				}else{
					echo'<form action="#" method="post">
					Название темы:<br /><input type="text" name="name"/><br />
					Текст:<br /><textarea name="text"></textarea><br />
					<input type="submit" value="Создать тему">
					</form><a href="/info/bb">BB коды</a> | <a href="/info/smiles">Смайлы</a>';
				}
			}else{echo'Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.';}
			echo'</div>';
			back('/forum/'.$id);
		}else{echo'<div class="menu">Ошибка идентификатора</div>';}
	}else{echo'<div class="menu">Ошибка авторизации</div>';}
	break;
	
	case 'theme':
	$q=$db->query("select * from `themes` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
	if($q){
		$k_post=$db->query("select `id` from `posts` where `id_theme`='$id'")->rowCount();
		$k_page=k_page($k_post,$set['p_str']);$page=page($k_page);$start=$set['p_str']*$page-$set['p_str'];
		if(!empty($_POST['text']) and isset($_POST['text'])){
			if($user){
				$text=nl2br(bb_code(smiles(protect($_POST['text']))));
				$text_strl=strlen($text);
				if($q['status']>0 and $user){
					if($text_strl>$da['min_simb']){
						if(($time-$user['flood'])>$da['flood']){
							$uploadfile = "../files/files_forum/".$_FILES['file']['name'];
							if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)){
								$file=$_FILES['file']['name'];
							}else{$file=0;}
							if(!empty($_GET['reply'])){
								$reply=protect(intval($_GET['reply']));
								$w=$db->query("select * from `posts` where `id`='$reply'")->fetch(PDO::FETCH_ASSOC);
								if($w){
									$reply=$w['id'];
									if($w['author_id']!==$user['id'])$db->query("insert into `notice` set `user`='$user[id]', `to`='$w[author_id]', `text`='Пользователь <a href=\"/profile$user[id]\">$user[login]</a> ответил вам <a href=\"/forum/theme$id/page=$page\">в теме</a>', `time`='$time', `status`='1'");
								}else{$reply=0;}
							}else{$reply=0;}
							$db->query("INSERT INTO `posts` SET `id_theme` = '$id',`id_forum`= '$q[id_forum]',
							`author_id` = '$user[id]',`text` = '$text',`time` = '$time',`status`='1',`file`='$file', `reply_to`='$reply'");
							$db->prepare("update `themes` set `time_last`='$time', `last_id`='$user[id]' where `id`='$id'")->execute();
							$db->prepare("update `user` set `flood`='$time', `balans`=`balans`+1, `posts`=`posts`+1 where `id`='$user[id]'")->execute();
							echo'<meta http-equiv="refresh" content="0; url = /forum/theme'.$id.'/page=end">';
						}else{echo'<div class="menu">Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.</div>';}
					}else{echo'<div class="menu">Мин. длина текста не менее '.$da['min_simb'].' символов</div>';}
				}else{echo'<div class="menu">Ошибка</div>';}
			}else{echo'<div class="menu">Ошибка авторизации</div>';}
		}else{
			$getpost=protect(intval($_GET['post']));
			$razd=$db->query("select * from `forum` where `id`='$q[id_forum]'")->fetch(PDO::FETCH_ASSOC);
			echo'<div class="head"><a href="/forum">Форум</a> / <a href="/forum/cat'.$q['id_forum'].'">'.$razd['name'].'</a> / '.$q['name'].'</div>';
			if($user['level']==2 or $user['level']>4)echo'<div class="menu" style="text-align:center;"><a href="/moduls/delete.php?act=8&id='.$id.'">Удалить</a> | <a href="/moduls/edit.php?act=6&id='.$id.'">Редактировать</a> | <a href="#text">Написать</a></div>';
			$sql=$db->query("select * from `posts` where `id_theme`='$id' order by `time` asc limit $start, $set[p_str]");
			while($res=$sql->fetch(PDO::FETCH_ASSOC)){
				$author = $db->query("SELECT * FROM `user` WHERE `id` = '$res[author_id]' ")->fetch(PDO::FETCH_ASSOC);
				echo'<div class="menu">'.avatar($author['avatar']).'
				<a href="/profile'.$author['id'].'">'.$author['login'].'</a> '.lvl($author['id'], $author['level']).on($author['visit']);
				if($user['level']==2 or $user['level']>4)echo' <a href="/moduls/delete.php?act=9&id='.$res['id'].'">[x]</a> <a href="/moduls/edit.php?act=5&id='.$res['id'].'">[ред]</a> ';
				if($user)echo' <a href="/dialog/'.$res['author_id'].'">[лс]</a> <a href="/forum/theme'.$id.'/page='.$page.'/reply'.$res['id'].'">[отв]</a>';
				echo'<br /><small>'.clock($res['time']).'</small><br />';
				if($res['reply_to']){
					$w=$db->query("select * from `posts` where `id`='$res[reply_to]'")->fetch(PDO::FETCH_ASSOC);
					if($w){$e=$db->query("select `login` from `user` where `id`='$w[author_id]'")->fetch(PDO::FETCH_ASSOC);
					echo '<div class="citatka"><a href="/profile'.$w['author_id'].'">'.$e['login'].'</a>: '.nl2br($w['text']).'</div>';}
				}
				echo $res['text'];
				if($res['file'])echo'<br /><br />'.image('attachment.png').' <a href="/files/files_forum/'.$res['file'].'">'.$res['file'].'</a><br />'.sizer('../files/files_forum/'.$res['file']).'';
				echo'</div>';
				#echo'<div style="background-color:#f0f0f0;padding:6px;text-align:right;margin-bottom:2px;"><a href="#" style="background-color:#ace028;padding:3px;">+</a> 0 <a href="#" style="background-color:#e03431;padding:3px;">-</a></div>';
			}
			if($user){
				if($q['status']>0){
					if(($time-$user['flood'])>$da['flood']){
						if(!empty($_GET['reply'])){
							$r=$db->query("select * from `posts` where `id`='".protect($_GET['reply'])."'")->fetch(PDO::FETCH_ASSOC);
							if($r){
								$t=$db->query("select `login` from `user` where `id`='$r[author_id]'")->fetch(PDO::FETCH_ASSOC);
								echo'<div class="head">Отвечаем пользователю <a href="/profile'.$r['author_id'].'">'.$t['login'].'</a></div>
								<div class="menu">'.$r['text'].'</div>';
							}
						}
						?>
						<script language="JavaScript">
							<!--
							function replaceSelectedText(obj,cbFunc){obj.focus();
							if (document.selection){
								var s = document.selection.createRange(); 
								s.text=cbFunc;
								s.select();
								return true;
							}else if (typeof(obj.selectionStart)=="number"){
								var start = obj.selectionStart;
								var end = obj.selectionEnd;
								var rs = cbFunc;
								obj.value = obj.value.substr(0,start)+rs+obj.value.substr(end);
								obj.setSelectionRange(end,end);
								return true;
							}return false;}
							//-->
						</script>
						<div class="menu"><form action="#" method="POST" enctype = "multipart/form-data">Собщение:
						<a onclick="replaceSelectedText(document.getElementById('text'),' :)');"><?=smiles(':)')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' .haha.');"><?=smiles('.haha.')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' .8D.');"><?=smiles('.8D.')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' :|');"><?=smiles(':|')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' .hm.');"><?=smiles('.hm.')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' :O');"><?=smiles(':O')?></a>
						<a onclick="replaceSelectedText(document.getElementById('text'),' .otstoi.');"><?=smiles('.otstoi.')?></a><br />
						<textarea name="text" rows="3" cols="25" id="text"></textarea><br />
						<input type="file" name="file">
						<input type="submit" value="Отправить" /><br /><a href="/info/bb">BB коды</a> | <a href="/info/smiles">Bce cмайлы</a>
						</form></div>
						<div class="menu"><input name="link" value="http://<?=$_SERVER['HTTP_HOST']?>/forum/theme<?=$id?>" type="text"/></div>
						<?php
					}else{echo'<div class="citatka">Чтобы написать, подождите '.($da['flood']-($time-$user['flood'])).' cek.</div>';}
				}else{echo'<div class="citatka">Эта тема была закрыта для обсуждения</div>';}
			}
			if ($k_page>1){str('/forum/theme'.$id.'/',$k_page,$page);}
		}
		back('/forum/'.$q['id_forum']);
	}else{echo'<div class="menu">Ошибка идентификатора</div>';}
	break;

	case 'forum':
	$q=$db->query("select * from `forum` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
	if($q){
		echo'<div class="head"><a href="/forum">Форум</a> / '.$q['name'].'</div>';
		$total=$db->query("select `id` from `themes` where `id_forum`='$id'")->rowCount();
		if($total){
			$k_page=k_page($total,$set['p_str']);$page=page($k_page);$start=$set['p_str']*$page-$set['p_str'];
			$sql=$db->query("select * from `themes` where `id_forum`='$id' order by `time_last` desc limit $start, $set[p_str]");
			echo'<div class="touch">';
			while($res=$sql->fetch(PDO::FETCH_ASSOC)){
				if($user['level']==2 or $user['level']>4)$link_del=' <a href="/delete.php?act=8&id='.$res['id'].'">[del]</a>';else $link_del='';
				$posts = $db->query("SELECT id FROM `posts` WHERE `id_theme` = '$res[id]'")->rowCount();
				$authors = $db->query("SELECT `login` FROM `user` WHERE `id` = '$res[avtor]' ")->fetch(PDO::FETCH_ASSOC);
				$authors_l=$db->query("select `login` from `user` where `id`='$res[last_id]'")->fetch(PDO::FETCH_ASSOC);
				echo '<div class="menu"><a href="/forum/theme'.$res['id'].'">'.$res['name'].' '.right('('.$posts.')').'<br/>
				<small>'.$authors['login'].'/'.$authors_l['login'].'</small></a></div>';
			}
			echo'</div>';
			if ($k_page>1)str('/forum/'.$id.'/',$k_page,$page); // Вывод страниц
		}else{echo'<div class="menu">Темы еще не созданы</div>';}
		if($user)echo'<div class="menu"><a href="/forum/add_theme'.$id.'" style="display:block;">Создать тему</a></div>';
		back('/forum/'.$q['id_forum']);
	}else{echo'<div clas="menu">Ошибка идентификатора</div>';}
	break;
	
	case 'cat':
	$q=$db->query("select * from `razdel` where `id`='$id'")->fetch(PDO::FETCH_ASSOC);
	if($q){
		$total=$db->query("select * from `forum` where `razdel`='$id'")->rowCount();
		if($total){
			$sql=$db->query("select * from `forum` where `razdel`='$id' order by `id` asc");
			echo'<div class="touch">';
			while($res=$sql->fetch(PDO::FETCH_ASSOC)){
				echo'<div class="menu"><a href="/forum/cat'.$res['id'].'"><img src="/files/images/notepad.png" alt="" style="width:16px;"> '.$res['name'].'
				<span class="rig">'.$db->query("select `id` from `themes` where `id_forum`='$res[id]'")->rowCount().'</span></a></div>';
			}
			echo'</div>';
		}else{echo'<div class="menu">Подразделов еще нет</div>';}
		back('/forum');
	}else{echo'<div clas="menu">Ошибка идентификатора</div>';}
	break;

	default:
	echo'<div class="menu" style="text-align:center;"><a href="/forum/last_thread">Новые темы</a> | <a href="/forum/last_post">Новые сообщения</a></div>';
	$total=$db->query("select `id` from `razdel`")->rowCount();;
	if($total){
		$sql=$db->query("select * from `razdel` order by `id`");
		echo'<div class="touch">';
		while($res=$sql->fetch(PDO::FETCH_ASSOC)){
			echo'<div class="menu"><a href="/forum/'.$res['id'].'"><b>'.$res['name'].'</b>';if($res['desc'])echo'<br />'.$res['desc'];echo'</a></div>';
			$total2=$db->query("select `id` from `forum` where `razdel`='$res[id]'")->rowCount();
			if($total2){
				$sql2=$db->query("select * from `forum` where `razdel`='$res[id]' order by `id` asc");
				while($res2=$sql2->fetch(PDO::FETCH_ASSOC)){
					$new_posts=$db->query("select `id` from `posts` where `id_forum`='$res2[id]' and `time`>($time-86400)")->rowCount();
					$new_thems=$db->query("select `id` from `themes` where `id_forum`='$res2[id]' and `time`>($time-86400)")->rowCount();
					if($new_posts)$new_p='/<span style="color:red;">'.$new_posts.'</span>';else $new_p='';
					if($new_thems)$new_t='/<span style="color:red;">'.$new_thems.'</span>';else $new_t='';
					echo'<div class="citatka"><a href="/forum/cat'.$res2['id'].'">'.$res2['name'].'
					'.right($db->query("select `id` from `themes` where `id_forum`='$res2[id]'")->rowCount().'/'.$db->query("select `id` from `posts` where `id_forum`='$res2[id]'")->rowCount().$new_p.$new_t).'
					</a></div>';
				}
			}else{echo'<div class="citatka">Подразделы еще не созданы</div>';}
		}
		echo'</div>';
	}else{echo'<div class="menu">Разделов еще нет</div>';}
	if($user['level']==2 or $user['level']>4)echo'<div class="menu"><a href="/admin?act=forum" style="display:block;text-align:center;">Управление форумом</a></div>';
	back('/');
}
if($_COOKIE['style']=='web')require_once '../system/web_foot.php'; else require_once '../system/foot.php';
?>