View file comm/forum/inc/them.php

File size: 13.16Kb
<?php
if(isset($_GET['f_del']) && is_numeric($_GET['f_del']) && isset($_SESSION['file'][$_GET['f_del']])){
	unlink($_SESSION['file'][$_GET['f_del']]['tmp_name']);
	}

if(isset($user) && $admin['uid']==$user['id'] && isset($_GET['zakl']) && $_GET['zakl']==1){
	mysql_query("INSERT INTO `comm_forum_zakl` (`id_user`, `time`,  `id_them`, `time_obn`, `id_comm`) values('$user[id]', '$time', '$them[id]', '$time', '$id_comm')");
	msg('Тема добавлена в закладки');
	}else if(isset($user) && $admin['uid']==$user['id'] && isset($_GET['zakl']) && $_GET['zakl']==0){
		mysql_query("DELETE FROM `comm_forum_zakl` WHERE `id_user` = '$user[id]' AND `id_them` = '$them[id]' AND `id_comm` = '$id_comm'");
		msg('Тема удалена из закладок');
		}

if(isset($user) && isset($_GET['act']) && $_GET['act']=='new' && isset($_FILES['file_f']) && ereg('\.', $_FILES['file_f']['name']) && isset($_POST['file_s'])){
	copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
	chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp', 0777);

if(isset($_SESSION['file'])){
	$next_f=count($_SESSION['file']);
	}else{
		$next_f=0;
		}

$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['name']=eregi_replace('\.[^\.]*$', NULL, $file);
$_SESSION['file'][$next_f]['ras']=strtolower(eregi_replace('^.*\.', NULL, $file));
$_SESSION['file'][$next_f]['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp';
$_SESSION['file'][$next_f]['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
$_SESSION['file'][$next_f]['type']=$_FILES['file_f']['type'];
}

if(isset($user) && $admin['uid']==$user['id'] && ($them['close']==0 || $them['close']==1) && $_GET['act']=='new' && $_POST['msg'] && $_POST['post']){
	$msg=esc(stripcslashes(htmlspecialchars($_POST['msg'])));

if(isset($_POST['translit']) && $_POST['translit']==1){
	$msg=translit($msg);
	}

if(strlen2($msg)<2){
	$err='Короткое сообщение';
	}

if(strlen2($msg)>10240){
	$err='Длина сообщения превышает предел в 10240 символа';
	}

if(mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_user` = '$user[id]' AND `msg` = '".mysql_real_escape_string($msg)."' AND `id_comm` = '$id_comm' LIMIT 1"),0)!=0){
	$err='Ваше сообщение повторяет предыдущее';
	}

if(!isset($err)){

if($_POST['cit'] && is_numeric($_POST['cit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_p` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_razdel` = '".intval($_GET['id_razdel'])."' AND `id_forum` = '".intval($_GET['id_forum'])."' AND `id_comm` = '$id_comm'"),0)==1){
	$cit=intval($_POST['cit']);
	}else{
		$cit='null';
		}

$msg = mysql_real_escape_string($msg);

mysql_query("UPDATE `community_user_incomm` SET `postov` = '+1' WHERE `uid` = '$user[id]' AND `cid` = '$id_comm' LIMIT 1");
mysql_query("INSERT INTO `comm_forum_p` (`id_forum`, `id_razdel`, `id_them`, `id_user`, `time`, `msg`, `cit`, `id_comm`) values('$forum[id]', '$razdel[id]', '$them[id]', '$user[id]', '$time', '$msg', $cit, '$id_comm')");
$post_id=mysql_insert_id();
mysql_query("UPDATE `comm_forum_zakl` SET `time_obn` = '$time' WHERE `id_them` = '$them[id]' AND `id_comm` = '$id_comm'");

if(isset($_SESSION['file'])){

for($i=0; $i<count($_SESSION['file']);$i++){

if(isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name'])){
	mysql_query("INSERT INTO `comm_forum_files` (`id_post`, `name`, `ras`, `size`, `type`, `id_comm`) values('$post_id', '".$_SESSION['file'][$i]['name']."', '".$_SESSION['file'][$i]['ras']."', '".$_SESSION['file'][$i]['size']."', '".$_SESSION['file'][$i]['type']."', '$id_comm')");
	$file_id=mysql_insert_id();
	copy($_SESSION['file'][$i]['tmp_name'], H.'sys/comm/forum/'.$file_id.'.frf');
	unlink($_SESSION['file'][$i]['tmp_name']);
	}
	}

unset($_SESSION['file']);
}

unset($_SESSION['msg']);
mysql_query("UPDATE `comm_forum_r` SET `time` = '$time' WHERE `id` = '$razdel[id]' AND `id_comm` = '$id_comm' LIMIT 1");
mysql_query("UPDATE `comm_forum_t` SET `time` = '$time' WHERE `id` = '$them[id]' AND `id_comm` = '$id_comm' LIMIT 1");
mysql_query("UPDATE `community_user_incomm` SET `files` = '+1' WHERE `uid` = '$user[id]' AND `cid` = '$id_comm' LIMIT 1");
msg('Сообщение успешно добавлено');
}
}

if($them['close']==1){
	msg('Тема закрыта для обсуждения');
	}

if(isset($user) && $admin['uid']==$user['id'] && $user['balls']>=50 && $user['rating']>=0 && isset($_GET['id_file']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_files` WHERE `id` = '".intval($_GET['id_file'])."' AND `id_comm` = '$id_comm'"), 0)==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_files_rating` WHERE `id_user` = '$user[id]' AND `id_file` = '".intval($_GET['id_file'])."' AND `id_comm` = '$id_comm'"), 0)==0){

if(isset($_GET['rating']) && $_GET['rating']=='down'){
	mysql_query("INSERT INTO `comm_forum_files_rating` (`id_user`, `id_file`, `rating`, `id_comm`) values('$user[id]', '".intval($_GET['id_file'])."', '-1', '$id_comm')");
	msg ('Ваш отрицательный отзыв принят');
	}else if(isset($_GET['rating']) && $_GET['rating']=='up'){
		mysql_query("INSERT INTO `comm_forum_files_rating` (`id_user`, `id_file`, `rating`, `id_comm`) values('$user[id]', '".intval($_GET['id_file'])."', '1', '$id_comm')");
		msg ('Ваш положительный отзыв принят');
		}
		}

err();

$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];

echo '<table class="post">';

if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
	$lim=NULL;
	}else{
		$lim=" LIMIT $start, $set[p_str]";
		}

$q=mysql_query("SELECT * FROM `comm_forum_p` WHERE `id_them` = '$them[id]' AND `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm' ORDER BY `time` ASC$lim");

if(mysql_num_rows($q)==0){
	echo '<tr><td class="p_t">Нет сообщений в теме "'.$them['name'].'"</td></tr>';
	}

$post_k=$start;

while($post = mysql_fetch_array($q)){
	if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
		echo '<label>';
		}

$ank=get_user($post['id_user']);
$post_k++;

echo '<tr><td class="icon14">';
if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
	echo '<input type="checkbox" name="post_'.$post['id'].'" value="1"/>';
	}else{
		echo avatar($ank['id']);
		}

echo '</td>';

if($set['show_num_post']==1){
	$num_post=$post_k.'. ';
	}else{
		$num_post=NULL;
		}

echo '<td class="p_m" colspan="2">';

if(isset($user) && $admin['uid']==$user['id'] && $them['close']==0 || $them['close']==1 && $admin['priv']>0){
	echo $num_post.' <a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=msg"><span style="color:'.$ank['ncolor'].'">'.$ank['nick'].'</span></a>'.online($ank['id']).' ('.vremja($post['time']).')';

if(isset($user) && $admin['uid']==$user['id'] && $them['close']==0 || $them['close']==1 && $admin['priv']>0){
	echo ' <small>[<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=cit">цит</a>]</small>';
	}

if(isset($user) && $admin['priv']==2 || $them['close']==1 && $admin['priv']>0){
	echo ' <small>[<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=edit">ред</a>]</small>';
	}else if(isset($user) && $admin['uid']==$user['id'] && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post){
		echo ' <small>[<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=edit">ред</a>]</small>';
		}

if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']==2 || $them['close']==1 && $admin['priv']>0){
	echo ' <small>[<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=delete">del</a>]</small>';
	}else if(isset($user) && $admin['uid']==$user['id'] && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post){
		echo ' <small>[<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_post='.$post['id'].'&amp;id_comm='.$id_comm.'&amp;act=delete">del</a>]</small>';
		}
		}else{
			echo $num_post.' '.adm($ank['id']).' <a href="/info.php?id='.$ank['id'].'" title="Анкета '.$ank['nick'].'"><span style="color:'.$ank['ncolor'].'">'.$ank['nick'].'</span></a> '.online($ank['id']).' ('.vremja($post['time']).')';
			}

echo '<br/>';

if($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_p` WHERE `id` = '$post[cit]' AND `id_comm` = '$id_comm'"),0)==1){
	$cit=mysql_fetch_array(mysql_query("SELECT * FROM `comm_forum_p` WHERE `id` = '$post[cit]' AND `id_comm` = '$id_comm' LIMIT 1"));
	$ank_c=get_user($cit['id_user']);
	echo '<div class="cit"><b>'.$ank_c['nick'].' ('.vremja($cit['time']).'):</b><br/>'.output_text($cit['msg']).'</div>';
	}

echo output_text($post['msg']).'<br/>';

include 'inc/file.php';

echo '</td></tr>';
if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){
	echo '</label>';
	}
	}

echo '</table>';

if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){

}else if($k_page>1){
	str("index.php?id_forum=$forum[id]&amp;id_razdel=$razdel[id]&amp;id_them=$them[id]&amp;id_comm=$id_comm&amp;",$k_page,$page);
	}

echo '<table class="post">';
$user_zakl=mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_zakl` WHERE `id_them` = '$them[id]' AND `id_comm` = '$id_comm'"),0);
echo '<tr><td class="p_t">В закладках у: '.$user_zakl['id_user'].'</td></tr>';
echo '</table>';


if(isset($user) && $admin['uid']==$user['id'] && ($admin['priv']==2 || $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){

}else if(isset($user) && $admin['uid']==$user['id'] && $them['close']==0 || $them['close']==1 && $admin['priv']>0){

if($user['set_files']==1){
	echo '<a href="/smiles/index.php">Смайлы</a><br/>';
	echo '<form method="post" name="message" enctype="multipart/form-data" action="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_comm='.$id_comm.'&amp;act=new">';
	}else{
		echo '<a href="/smiles/index.php">Смайлы</a><br/>';
		echo '<form method="post" name="message" action="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;id_comm='.$id_comm.'&amp;act=new">';
		}

if(isset($_POST['msg']) && isset($_POST['file_s'])){
	$msg2=output_text($_POST['msg'],false,true,false,false,false);
	}else{
		$msg2=NULL;
		}

echo 'Сообщение:<br/><textarea name="msg">'.$msg2.'</textarea><br/>';

if($user['set_translit']==1){
	echo '<label><input type="checkbox" name="translit" value="1"/> Транслит</label><br/>';
	}

if($user['set_files']==1){

if(isset($_SESSION['file'])){
	echo 'Прикрепленные файлы:<br/>';

for($i=0; $i<count($_SESSION['file']);$i++){

if(isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name'])){
	echo '<img src="/style/themes/'.$set['set_them'].'/forum/file.png" alt=""/>';
	echo $_SESSION['file'][$i]['name'].'.'.$_SESSION['file'][$i]['ras'].' ('.size_file($_SESSION['file'][$i]['size']).')';
	echo '<a href="index.php?id_forum='.$forum['id'].'&amp;id_razdel='.$razdel['id'].'&amp;id_them='.$them['id'].'&amp;f_del='.$i.'&amp;id_comm='.$id_comm.'"><img src="/style/themes/'.$set['set_them'].'/forum/del_file.png" alt=""/></a><br/>';
	}
	}
	}

echo '<input name="file_f" type="file"/><br/>';
echo '<input name="file_s" value="Прикрепить файл" type="submit"/><br/>';
}

echo '<input name="post" value="Отправить сообщение" type="submit"/></form>';

echo '&#187;&nbsp;<a href="'.H.'comm/smiles.php?id='.$id_comm.'">Смайлы</a><br/>';
}
?>