File size: 4.88Kb
<?
Error_Reporting(E_ALL & ~E_NOTICE);
$root=$_SERVER['DOCUMENT_ROOT'];
include("func.php");
include("set.php");
include("start.php");
if($pgcom<1) $pgcom=1;
$pgcom_e=$pgcom*$set_comms_page;
$pgcom_b=$pgcom_e-$set_comms_page;
$pgcom_n=$pgcom+1;
$pgcom_p=$pgcom-1;
if(is_file("$dir_load/$did/$fid"))
{
$nd=str_replace("/","_!+!_",$did);
if($code!=base64_encode($uc)) Header("Location: com.php?did=$did&fid=$fid&pg=$pg&mode=error_code");
elseif($mode=='add' && $fc=fopen("$dir_comm/$nd-+-$fid.dat","a+"))
{
$name=htmlspecialchars($name);
$name=str_replace("|","!",$name);
$ctext=htmlspecialchars($ctext);
$ctext=str_replace("|","!",$ctext);
$time=time();
$fb=file("$dir_comm/$nd-+-$fid.dat");
$fb_m=explode("|",$fb[count($fb)-1]);
flock($fc,LOCK_EX);
if($name!='' && $ctext!='' && $fb_m[1]!=$name && $fb_m[2]!=$ctext) fwrite($fc,"|$name|$ctext|$time|\r\n");
flock($fc,LOCK_UN);
fclose($fc);
Header("Location: com.php?did=$did&fid=$fid&pg=$pg&mode=addok");
exit;
}
include("modul/head.php");
if($ver=='wml') print "<b>Комментарии</b><br/>---<br/>"; else print "<div class=\"c\">Комментарии<br/></div><br/>";
if($mode=="error_code") print "Был введен неверный проверочный код.<br/><br/>";
if(file_exists("$dir_comm/$nd-+-$fid.dat")) $f=@file("$dir_comm/$nd-+-$fid.dat"); else $f=array();
$f_c=count($f);
if($mode=="del_post" && $admin_ok)
{
if(isSet($f[$f_c-$cid-1]))
{
$fmc=explode("|",$f[$f_c-$cid-1]);
if($pcode!=$fmc[3]);
elseif($fwc=fopen("$dir_comm/$nd-+-$fid.dat","w+"))
{
unset($f[$f_c-$cid-1]);
fwrite($fwc,implode("",$f));
fclose($fwc);
}
}
}
elseif($mode=="del_post_q" && $admin_ok)
{
if($ver!='wml') print "<div class=\"d\">";
print "<b>Удалить?</b><br/><a href=\"com.php?did=$did&fid=$fid&pg=$pg&pgcom=$pgcom&cid=$cid&mode=del_post&pcode=$pcode\">Да</a>|<a href=\"com.php?did=$did&fid=$fid&pg=$pg&pgcom=$pgcom\">Нет</a><br/>";
if($ver!='wml') print "</div><br/>";
}
elseif($mode=="clear" && $admin_ok)
{
@unlink("$dir_comm/$nd-+-$fid.dat");
$f=array();
$f_c=0;
}
for($i=$pgcom_b;$i<$pgcom_e && $f_c>0;$i++)
{
if(!isSet($f[$f_c-$i-1])) continue;
$fm=explode("|",$f[$f_c-$i-1]);
$date=date("d.m.y H:i",$fm[3]);
if($ver!='wml') print "<div class=\"d\"><strong>$fm[2]</strong><br/>Добавил <u>$fm[1]</u>, $date<br/></div>"; else print "<b>$fm[2]</b><br/>Добавил <u>$fm[1]</u>, $date<br/>";
if($admin_ok) print "<a href=\"com.php?did=$did&fid=$fid&pg=$pg&mode=del_post_q&cid=$i&pcode=$fm[3]\">Удалить</a><br/>";
}
print "<br/>";
if($f_c>$pgcom_e) print "<a href=\"com.php?did=$did&fid=$fid&pg=$pg&pgcom=$pgcom_n\">След</a><br/>";
if($pgcom>1) print "<a href=\"com.php?did=$did&fid=$fid&pg=$pg&pgcom=$pgcom_p\">Пред</a><br/>";
$rand=rand_id(4,2);
$time=time();
$md5=base64_encode($rand);
/*if($fcd=fopen("$dir_temp/$md5.code","w+"))
{
fwrite($fcd,"|$time|$rand|");
fclose($fcd);
}*/
if($ver!='wml') print "<form action=\"com.php\"><input name=\"mode\" type=\"hidden\" value=\"add\"/><input name=\"did\" type=\"hidden\" value=\"$did\"/><input name=\"fid\" type=\"hidden\" value=\"$fid\"/><input name=\"pg\" type=\"hidden\" value=\"$pg\"/><input name=\"code\" type=\"hidden\" value=\"$md5\"/>";
print "Имя:<br/>
<input name=\"name\" type=\"text\" class=\"itext\" maxlength=\"20\"/><br/>
Комментарий:<br/>
<input name=\"ctext\" type=\"text\" class=\"itext\" maxlength=\"180\"/><br/>
Проверочное число:<br/>
<img src=\"code.php?code=$md5\" alt=\"Код\"/><br/>
<input name=\"uc\"/><br/>";
if($ver!="wml") print "<input type=\"submit\" value=\"Добавить\"/><br/></form><br/>";
else print "<anchor>Добавить<go href=\"com.php\">
<postfield name=\"mode\" value=\"add\"/>
<postfield name=\"did\" value=\"$did\"/>
<postfield name=\"fid\" value=\"$fid\"/>
<postfield name=\"pg\" value=\"$pg\"/>
<postfield name=\"code\" value=\"$md5\"/>
<postfield name=\"ctext\" value=\"$(ctext)\"/>
<postfield name=\"name\" value=\"$(name)\"/>
<postfield name=\"uc\" value=\"$(uc)\"/>
</go></anchor><br/>
";
print "<a href=\"info.php?did=$did&fid=$fid&pg=$pg\">Назад</a><br/>";
if($admin_ok) print "<a href=\"com.php?did=$did&fid=$fid&pg=$pg&mode=clear&\">Очистить</a><br/>";
} else { include("modul/head.php"); print "Файл не найден,.<br/>"; }
include("modul/foot.php");
?>