View file chat/body.php

File size: 7.25Kb
<?php
// by Mike O. (mides), coolcms.org

switch ($type) {
	case 'chat':
		$title = 'Мини-чат';
	break;
	
	case 'book':
		$title = 'Гостевая книга';
	break;
}
	                                  		
require_once '../includes/sys.php';
require_once '../includes/header.php';

switch ($act) {
    default:
        echo '<div class="title"><a href="?">'.$title.'</a></div><div class="body">';
		if ($u['id'] OR ($type == 'book' and !$u['id']) ) {
        	echo '<form name="form" action="?act=add" method="post">'.bbpanel('form', 'text').'<textarea name="text" cols="" rows="3"></textarea>';
        	if (!$u['id']) {
				echo '<img src="../images/code.php" alt="" /> провер. код:<br/>
           		<input name="code" maxlength="5" size="12" /><br />';
        	}
        	echo '<input name="" type="submit" value="Ok"></form>';
		}
		
        $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM $type"), 0);
        if ($total > 0) {
            $pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                    $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];
			
            navig($page, '?', $pages);
			
			echo '</div>';
			
            $book_r = mysql_query("SELECT * FROM $type ORDER BY `time` DESC LIMIT ".$begin.", ".$config['onpage']."");
            while ($book = mysql_fetch_assoc($book_r)) {
				echo '<div class="post" id="'.$book['id'].'"><div class="img">'.avatar($book['id_user']).'</div> ';
                if ($book['id_user'] == 0) {
                    echo username($book['id_user'], 2);
                } else {
                    echo '<a href="../other/profile.php?id='.$book['id_user'].'">'.username($book['id_user'], 2).'</a> ';
                }
                echo ' '.ccdate($book['time'], $book['id_user']).' <a href="?act=reply&amp;id='.$book['id'].'">Отв</a>';
				
                if (access(1) or ($u['id'] == $book['id_user'] and TIME - $book['time'] < $config['edit_time'])) echo '|<a href="?act=edit&amp;p='.$page.'&amp;id='.$book['id'].'">Ред</a>';
				
                if (access(2)) echo '|<a href="?act=del&amp;id='.$book['id'].'">Уд</a>';

                echo '<br />'.status($book['id_user']).'<hr>';
				
				echo bb($book['text']);
				
                if ($book['edoit_by']) echo '<br />_______<br /><span style="font-size: 10px;">'.$lang['edited_by'].': '.username($book['edit_by']).' ('.date('d.m.y, H:i', $book['edit_time']).' )</span>';
                echo '</div>';
            }
			echo '<div class="body">';
            navig($page, '?', $pages);
			echo '</div>';
        } else {
            echo '<div class="body">Пусто</div>';
        }
    break;
	
	case 'add':
		if ($u['id']) {
			$text = check($_POST['text']);
			if ($text) {
				if (TIME > $_SESSION['antispam']) {
					mysql_query("INSERT INTO $type SET `id_user` = '$u[id]', `text` = '$text', `time` = '".TIME."'");
					$_SESSION['antispam'] = TIME + $config['antispam'];
					redirect('?');
				} else {
					error($lang['antispam'].' '.$config['antispam'].' sec');
					nav('?');
				}
			} else {
				redirect('?');
			}
		} elseif (!$u['id'] and $type == 'book') {
			$text = check($_POST['text']);
			$code = check($_POST['code']);
			if ($text and $code) {
				if ($_SESSION['code'] == $code) {
					if (TIME > $_SESSION['antispam']) {
						mysql_query("INSERT INTO $type SET `text` = '$text', `time` = '".TIME."'");
						$_SESSION['antispam'] = TIME + $config['antispam'];
						redirect('?');
					} else {
						error($lang['antispam'].' '.$config['antispam'].' sec');
						nav('?');
					}
				} else {
					error($lang['incorrect_code']);
					nav('?');
				}
			} else {
				redirect('?');
			}
		} else {
			redirect('?');
		}
	break;
	
	case 'reply':
		$id = abs(intval($_GET['id']));
		$msg_r = mysql_query("SELECT `id`, `id_user` FROM $type WHERE `id` = '$id'");
		$msg = mysql_fetch_assoc($msg_r);
		if ($msg['id']) {
			if ($ok) {
				if (TIME > $_SESSION['antispam']) {
					$text = check($_POST['text']);
					if ($u['id']) {
						if ($text) {
							mysql_query("INSERT INTO $type SET `id_user` = '$u[id]', `text` = '$text', `time` = '".TIME."'");
							$_SESSION['antispam'] = TIME + $config['antispam'];
							redirect('?');
						} else {
							redirect('?act=reply&id='.$id);
						}
					} elseif (!$u['id'] and $type == 'book') {
						if ($text) {
							$code = abs(intval($_POST['code']));
							if ($_SESSION['code'] == $code) {
								mysql_query("INSERT INTO $type SET `text` = '$text', `time` = '".TIME."'");
								$_SESSION['antispam'] = TIME + $config['antispam'];
								redirect('?');
							} else {
								error($lang['incorrect_code']);
								nav('?act=reply&amp;id='.$id);
							}
						} else {
							redirect('?act=reply&id='.$id);
						}
					} else {
						redirect('?');
					}
				} else {
					error($lang['antispam'].' '.$config['antispam'].' sec');
					nav('?');
				}
			} else {
				tp('<a href="?">'.$title.'</a>&raquo; ответить');
				echo '<div class="body"><form name="form" action="?act=reply&amp;id='.$id.'&amp;ok=1" method="post">
				'.bbpanel('form', 'text').'<textarea name="text" cols="" rows="3">[b]'.username($msg['id_user']).'[/b], </textarea><br />';
				if (!$u['id']) {
					echo '<img src="../images/code.php" alt="" /> провер. код:<br /><input name="code" maxlength="5" size="12" /><br />';
				}
				echo '<input name="submit" type="submit" value="Ok" />
				</form>
				<a href="?">'.$title.'</a>&raquo; ответить
				</div>';
			}
		} else {
			redirect('?');
		}
	break;
	
	case 'edit':
		if ($u['id']) {
			$book_r = mysql_query("SELECT * FROM $type WHERE `id` = '$id'");
			$book = mysql_fetch_assoc($book_r);
			if ($book['text']) {
				if (access(1) or ($u['id'] == $book['id_user'] and TIME - $book['time'] < $config['edit_time'])) {
					tp('<a href="?p='.$page.'#'.$book['id'].'">'.$title.'</a>&raquo; ре-ть');
					echo '<div class="body">';
					if (empty($ok)) {
						echo '<form name="form" action="?act=edit&amp;id='.$id.'&amp;ok=1" method="post">
						'.bbpanel('form', 'text').'<textarea name="text" cols="" rows="3">'.$book['text'].'</textarea>
						<input name="submit" type="submit" value="Ok" />
						</form>
						<a href="?p='.$page.'#'.$book['id'].'">'.$title.'</a>&raquo; ре-ть
						</div>';
					} else {
						$text = check($_POST['text']);
						if ($text) {
							mysql_query("UPDATE $type SET `text` = '$text', `edit_by` = '$u[id]', `edit_time` = '".TIME."' WHERE `id` = '$id'");
							redirect('?p='.$page.'#'.$book['id']);
						} else {
							redirect('?act=edit&id='.$id);
						}
					}
				} else {
					redirect('?');
				}
			} else {
				redirect('?');
			}
		} else {
			redirect('login.php');
		}
	break;
	
	case 'del':
		if (access(2)) {
			$id = abs(intval($_GET['id']));
			$msg_r = mysql_query("SELECT `id` FROM $type WHERE `id` = '$id'");
			if (mysql_num_rows($msg_r)) {
				mysql_query("DELETE FROM `voting` WHERE `type` = '$type' and `id_for` = '$id'");
				mysql_query("DELETE FROM $type WHERE `id` = '$id'");
			}
		}
		redirect('?');
	break;	
}

require_once '../includes/tail.php';
?>