<?php
session_start();
include "file/db.php";
include "file/config.php";
if ($autorize)
{
include "style/".$autorize['skin']."/head.php";
}
else
{
include "style/".$wap_skin."/head.php";
}
$date=date("Ymd");
echo "</center><div class='menu'><center>Комментарии</center></div><div class='hr'></div><div class='tab'>";
if($autorize)
{
$n=$_GET['nid'];
print "<img src=\"style/".$autorize['skin']."/icon.png\" alt=\"*\"/><a href='?page=".$page."&go=add&nid=".$n."&".session_name()."=".session_id()."'>Добавить комментарий</a><div class='hr'></div>";
}
if($autorize && isset($_GET['go']) && isset($_GET['nid']))
{
switch ($_GET['go'])
{
case 'add':
$q = mysql_query("select * from `news_com` where `nid`='$nid'");
echo "<p align='center'><a class=\"main\" href=\"smile.php?".session_name()."=".session_id()."\">Смайлы</a>";
echo "<a class=\"main\" href=\"bb.php?".session_name()."=".session_id()."\">BB-Коды</a><div class='hr'></div>";
print '<form method="post" action="?page='.$page.'&go=commadd&nid='.$_GET['nid'].'&'.session_name().'='.session_id().'">';
print "Текст комментария:<br/>";
print "<textarea name='msg' class='main' cols='32' rows='3'></textarea><br/>";
print "<input type='submit' class='main' value='Добавить'/>";
print "</form></p>";
break;
case 'commadd':
$error='';
if(empty($_POST['msg'])) $error.='Отсутствует сообщение<br/>';
if(preg_match("/^[\s]+[\s]+$/",$_POST['msg']))$error.='Отсутствует сообщение<br/>';
if(!empty($error))
{
print "<center><b>Ошибка!!! ";
print "Причина:".$error."</b></center><div class='hr'></div>";
}
if(empty($error))
{
$q_msg = mysql_query("select * from `news_com` where (`nid`='".mysql_escape_string($_GET['nid'])."');");
$row_msg=mysql_fetch_array($q_msg);
$msg=$row_msg['msg'];
$msg=iconv_substr($_POST['msg'],0,20000,'utf-8');
$msg=str_replace("'","`",$msg);
$msg=mysql_escape_string($msg);
$msg=trim(htmlspecialchars($msg));
$smile_arr=scandir('smile');
$smile_arr[1]=natsort($smile_arr);
$fr=array();
$n=1;
foreach($smile_arr as $key => $value)
{
if(preg_match("/[gif]+$/",$value))
{
array_push($fr,':'.$n.':');
$n++;
}
}
$sm=array();
for($i=1; $i<=sizeof($fr); $i++)
{
array_push($sm,'<img src="smile/'.$i.'.gif" alt="smile"/>');}
$msg = str_replace($fr,$sm,$msg);
function links_preg1($arr)
{
return '<a href="'.$arr[2].'">'.$arr[2].'</a>';
}
function links_preg2($arr)
{
return $arr[1].'<a href="'.$arr[2].'">'.$arr[3].'</a>'.$arr[4];
}
$msg = str_replace("[small]","<small>",$msg );
$msg = str_replace("[/small]","</small>",$msg);
$msg = str_replace("[black]","<font color = \"black\">",$msg );
$msg = str_replace("[/black]","</font>",$msg);
$msg = str_replace("[blue]","<font color = \"blue\">",$msg );
$msg = str_replace("[/blue]","</font>",$msg);
$msg = str_replace("[white]","<font color = \"white\">",$msg );
$msg = str_replace("[/white]","</font>",$msg);
$msg = str_replace("[green]","<font color = \"green\">",$msg );
$msg = str_replace("[/green]","</font>",$msg);
$msg = str_replace("[red]","<font color = \"red\">",$msg );
$msg = str_replace("[/red]","</font>",$msg);
$msg = str_replace("[big]","<big>",$msg );
$msg = str_replace("[/big]","</big>",$msg);
$msg = str_replace("[b]","<b>",$msg );
$msg = str_replace("[/b]","</b>",$msg);
$msg = str_replace("[i]","<i>",$msg);
$msg = str_replace("[/i]","</i>",$msg);
$msg = str_replace("[s]","<s>",$msg);
$msg = str_replace("[/s]","</s>",$msg);
$msg = str_replace("[u]","<u>",$msg);
$msg = str_replace("[/u]","</u>",$msg);
$msg=preg_replace_callback('~\[url=([a-z]+://[^ \r\n\t`\'"]+)\](.*?)\[/url\]~iu', 'links_preg1', $msg);
$msg=preg_replace_callback('~(^|\s)([a-z]+://([^ \r\n\t`\'"]+))(\s|$)~iu', 'links_preg2', $msg);
$login = $autorize['log'];
$time="14400"; // Смещение в секундах от Гринвича
$date=gmdate('d.m.Y H:i',time()+$time);
$avatar=$autorize['avatar'];
$newsadd = mysql_query("INSERT INTO `news_com` SET `date` = '".$date."',`nid` = '".($_GET['nid'])."',`msg` = '".$msg."',`avatar` = '".$avatar."',`login` = '".$login."';");
print '<center><b>Комментарий успешно добавлен!!!</b></center><div class="hr"></div>';
}
break;
case 'del':
if($autorize['id']<=2 && $autorize['id']>0)
{
mysql_query("DELETE FROM `news_com` WHERE `id` = '".$_GET['id']."';");
print "<center>Удалено !!!<div class='hr'></div></center>";
}
break;
exit;
}
}
$n=$_GET['nid'];
if ($autorize)
{
$num = $autorize['kol_comm'];
}
else
{
$num = 5;
}
if(empty($_GET['page']) || $_GET['page']<0)$_GET['page']=1;
$page = intval($_GET['page']);
$results = mysql_query("SELECT * FROM `news_com` WHERE `nid`= '$n'");
$posts = mysql_num_rows($results);
$total = intval(($posts-1)/$num)+1;
if($page>$total) $page = $total;
$start = $page*$num-$num;
$result = mysql_query("SELECT * FROM `news_com` WHERE `nid`= '$n' ORDER BY `id` DESC LIMIT $start, $num;");
if(mysql_affected_rows()==0)
{
echo "<b>Комментариев пока нет...</b><br/>";
}
else
{
while($news = mysql_fetch_array($result))
{
$r = mysql_query("SELECT * FROM `news_com` WHERE `avatar`= ".$news[5].";");
if($r)
{
echo "<img src=\"avatar/".$news[5].".gif\" height=\"32\" width=\"32\" alt=\"Аватар\" />\n";
}
else
{
echo "<img src=\"no.gif\" height=\"32\" width=\"32\" alt=\"Аватар\" />\n";
}
print '<b>'.$news[4].'</b> <u>'.$news[2].'</u>
<br /><div class="msg">'.$news[3].'</div><br />';
print '<div class="hr"></div>';
if($autorize['id']<=2 && $autorize['id']>0)
{
echo "<b>[</b><a href='?page=".$page."&go=del&id=".$news[0]."&nid=".$n."&".session_name()."=".session_id()."'><b>Удалить</b></a><b>]</b><br />";
}
}
print '<div class="str"><b>Стр:</b>';
$num_pages=ceil($posts/$num);
if($page>$num_pages || $page<1)
{
$page=1;
$start=0;
}
for($pr='', $i=1; $i<=$num_pages; $i++)
{
$n=$_GET['nid'];
print $pr=(($i == 1 || $i == $num_pages || abs($i-$page) < 2) ? ($i == $page ? " <b>$i</b> " :
' <a href="'.$_SERVER['SCRIPT_NAME'].'?page='.$i.'&nid='.$n.'&'.session_name().'='.session_id().'">'.$i.'</a> ') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
}
print "</div>";
}
if ($autorize)
{
echo "<img src=\"style/".$autorize['skin']."/home.png\" alt=\"*\"/>";echo "<a href=\"enter.php?".session_name()."=".session_id()."\">Панель</a><br/>\n";
}
else
{
echo "<img src=\"style/".$wap_skin."/home.png\" alt=\"*\"/>";echo "<a href=\"index.php?".session_name()."=".session_id()."\">Главная</a><br/><div class='hr'></div>";
}
print "</div>";
if ($autorize)
{
include "style/".$autorize['skin']."/foot2.php";
}
else
{
include "style/".$wap_skin."/foot2.php";
}
?>