Просмотр файла quote_bash/index.php

Размер файла: 16.82Kb
<?php

require ( dirname ( __FILE__ ) . '/config.php' );
	session_start();
$n	=	isset ( $_REQUEST['n'] ) ? intval ( $_REQUEST['n'] ) : 5;
$m	=	isset ( $_REQUEST['m'] ) ? intval ( $_REQUEST['m'] ) : 3;
$id	=	isset ( $_REQUEST['id'] ) ? intval ( $_REQUEST['id'] ) : 1;
$mode	=	isset ( $_GET['mode'] ) ? htmlspecialchars ( $_GET['mode'] ) : '';
$load	=	isset ( $_GET['load'] ) ? htmlspecialchars ( $_GET['load'] ) : '';

$c_tmp = mysql_query("SELECT COUNT(`id`) FROM `tmp_text`");
$tmp = mysql_result($c_tmp, 0);

if ( $_SERVER['QUERY_STRING'] == 'admin' )
{
	header ( "Content-type: text/html; charset=utf-8" );
	echo "<HTML><HEAD><TITLE>Админ</TITLE></HEAD></BODY>";
	echo "<FORM method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "\">Пароль:<br/><input name=\"pass\"><br/><input type=\"submit\" value=\"Войти\"></FORM></BODY></HTML>";
	exit;
}

if ( isset ( $_POST['pass']) AND $_POST['pass'] == $admin )
	$_SESSION['admin'] = TRUE;

$a	=	isset ( $_SESSION['admin'] ) ? TRUE : FALSE;

if ( $a AND isset ( $_GET['del'] ) )
	mysql_unbuffered_query ( "DELETE FROM `bashorg_quotes` WHERE `id`=" . intval ( $_GET['del'] ) );
	mysql_unbuffered_query ( "DELETE FROM `ip` WHERE `uid`=" . intval ( $_GET['del'] ) );	

if ( isset($_GET['del_ip'] ) AND $a )
{
mysql_unbuffered_query("TRUNCATE `ip`") or die(mysql_error());	
}

$id	=	abs ( $id );
switch ( $m )
{
	
	case 1:	// По порядку, с новых
		$query	=	"SELECT * FROM `bashorg_quotes` ORDER BY `id` DESC LIMIT " . $id . ", " . $n;
	break;
	
	case 2: // По порядку, старые
		$query	=	"SELECT * FROM `bashorg_quotes` ORDER BY `id` LIMIT " . $id . ", " . $n;
	break;
	
	case 3:	// Случайные
		$all	=	mysql_result ( mysql_query ( "SELECT COUNT(*) FROM `bashorg_quotes`"), 0 );
		$rand	=	rand ( 1, $all );
		$query = "SELECT * FROM `bashorg_quotes` LIMIT " . $rand . ", " . $n;

	break;
	
	case 5: // Топ 10 лучших
		$query	=	"SELECT * FROM `bashorg_quotes` ORDER BY `plus` DESC LIMIT 10";
	break;
	
	case 6: // Топ 10 худших
		$query	=	"SELECT * FROM `bashorg_quotes` ORDER BY `minus` DESC LIMIT 10";
	break;	
	case 4: // RSS
		header ( "Content-type: application/xml; charset=windows-1251" );
		$query	=	mysql_query ( "SELECT `quote` FROM `bashorg_quotes` ORDER BY `id` DESC LIMIT 50 ");
		echo '<?xml version="1.0" encoding="windows-1251"?>
<rss version="2.0"
	 xmlns:atom="http://www.w3.org/2005/Atom"
	 xmlns:dc="http://purl.org/dc/elements/1.1/"
	 xmlns:content="http://purl.org/rss/1.0/modules/content/">
	<channel>
		<title>RSS quotes</title>
		<link>http://wap-zone.org/</link>
		<description>' . iconv ( "UTF-8", "WINDOWS-1251", "Цитатник Рунета" ) . '</description>
		<language>ru</language>
';
		while ( $quote = mysql_fetch_array ( $query ) )
		{
			echo '<item>
			<title>Цитата</title>
			<description>
				' . htmlspecialchars ( $quote['quote'] ) . '
			</description>	
		</item>';
		}
		echo '</channel></rss>';
		exit;
	break;

}

switch ( $load )
{	
case 'add': 
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - &#1042; &#1084;&#1080;&#1088;&#1077; &#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1086;&#1082;!</div></div><br/>";
echo '<div class="title_bord">';
echo '<form action="./add.php?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '" method="post">';
echo '#Текст:<br/>';
echo '<textarea cols="25" rows="3" name="text"></textarea><br/>';
echo "<img src=\"./code.php?".session_name()."=".session_id()."\"  alt=\"Control\"/><br/>";
echo "Текст с картинки:<br/>";
echo "<input name=\"control\" maxlength=\"6\" format=\"*N\"/><br/>";
echo "<input type=\"hidden\" name=\"mode\" value=\"check\"/>";
echo "<input type=\"hidden\" name=\"".session_name()."\" value=\"".session_id()."\"/>";
echo '<input type="submit" value="Написать"/></form>';
echo '<a href="./index.php?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Назад</a>';
echo '</div>';
include 'functions.inc.php';
include '../foot.php';	
exit();	
	break;
	

case 'v': 	

$kol = '10';
@$num = mysql_num_rows(mysql_query("SELECT (`id`) FROM `bashorg_quotes` WHERE quote LIKE '*trtrtr%'"));
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$all = ceil($num/$kol);
if ($page>$all || $page<1) { 
$page=1; $start=0;
} else {
$start = $page*$kol-$kol;
}  

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - &#1042; &#1084;&#1080;&#1088;&#1077; &#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1086;&#1082;!</div></div><br/>";
echo '
<div class="title_bord">
<div class="a">';
$m ==1 ? print "<b>Новые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=1&amp;n=" . $n . "&amp;id=" . $id . "\">Новые</a>";
print "|";
$m ==2 ? print "<b>Старые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=2&amp;n=" . $n . "&amp;id=" . $id . "\">Старые</a>";
print "|";
$m ==3 ? print "<b>Случайные</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=3&amp;n=" . $n . "&amp;id=" . $id . "\">Случайные</a>";
print "|";
$m ==5 ? print "<b>Топ 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=5&amp;n=" . $n . "&amp;id=" . $id . "\">Топ 10</a>";
print "|";
$m ==6 ? print "<b>сТоп 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=6&amp;n=" . $n . "&amp;id=" . $id . "\">сТоп 10</a>";
print "|";

print " <a href=\"" . $_SERVER['PHP_SELF'] . "?m=4\">RSS</a>|";//exit($query);




	echo '</div></div>';
if($num<1){   
    echo '<b>Пусто!!</b><br/>';  
    }else{
    
    $WR=mysql_query("SELECT * FROM `bashorg_quotes` WHERE quote LIKE '*trtrtr%' ORDER BY id DESC LIMIT ".$start.",".$kol."");	
    while($q=mysql_fetch_array($WR)){
    
	$q['quote'] = str_replace('*trtrtr','',$q['quote']);
	
	echo '<table width="350"><tr><td>Цитата <b>#' . $q['id'] . '</b></td><td>Рейтинг: <a href="./index.php?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '&amp;pid=' . $q['id'] . '">[+]</a>' . $q['plus'] . '/<a href="./index.php?id=' . $id . '&amp;n=' . $n . '&amp;m=' . $m . '&amp;mid=' . $q['id'] . '">[-]</a>' . $q['minus'] . '</td></tr></table>';
	
	echo str_replace ( "\n", "<br/>", htmlspecialchars ( iconv ( 'Windows-1251', 'UTF-8', $q['quote'] ) ) ) ;
	
}
}
echo '<br/>';
for($i =1; $i <= $all; $i++)
	{
echo $pr=(($i == 1 || $i == $all || abs($i-$page) < 2) ? ($i == $page ? " [$i] " : ' <b><a href="./index.php?load=v&amp;page='.$i.'&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">'.$i.'</a></b>') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
	}
echo '<br/><a href="./index.php?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Назад</a>';	

echo '</div></div>';
include_once 'functions.inc.php';
include_once '../foot.php';	
	
exit();	
break;	
}




if($a){
switch ( $mode )
{	
case 'tmp_text': 
$kol = '10';
@$num = mysql_num_rows(mysql_query("SELECT (`id`) FROM `tmp_text`"));
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$all = ceil($num/$kol);
if ($page>$all || $page<1) { 
$page=1; $start=0;
} else {
$start = $page*$kol-$kol;
}  
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - &#1042; &#1084;&#1080;&#1088;&#1077; &#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1086;&#1082;!</div></div><br/>";
if($num<1){   
    echo '<b>Пусто!!</b><br/>';  
    }else{
    $WR=mysql_query("SELECT * FROM `tmp_text` ORDER BY id DESC LIMIT ".$start.",".$kol."");	
    while($q=mysql_fetch_array($WR)){    
    $q['text'] = htmlspecialchars($q['text']);  
    echo '#Текст: <b>'.nl2br($q['text']).'</b><br/>'; 
    echo '<a href="./index.php?mode=mod&amp;dbid='.$q['id'].'&amp;ms=1&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Разрешить</a> | ';   
   	echo '<a href="./index.php?mode=mod&amp;dbid='.$q['id'].'&amp;ms=2&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Удалить</a>';
    echo '<hr/>';
}
}
for($i =1; $i <= $all; $i++)
	{
echo $pr=(($i == 1 || $i == $all || abs($i-$page) < 2) ? ($i == $page ? " [$i] " : ' <b><a href="./index.php?m=tmp_text&amp;page='.$i.'">'.$i.'</a></b>') : (($pr == ' ... ' || $pr == '')? '' : ' ... '));
	}
echo '<br/><a href="./index.php?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Назад</a>';	
include 'functions.inc.php';
include '../foot.php';	
exit();	
	break;

case 'mod': 

$dbid = intval($_GET['dbid']);
$ms = intval($_GET['ms']);
$row = mysql_fetch_array(mysql_query("SELECT * FROM `tmp_text` WHERE id='".$dbid."'"));
$row['text'] = htmlspecialchars($row['text']);
if($ms == '1'){
$row['text']	=	htmlspecialchars ( iconv ( 'UTF-8', 'WINDOWS-1251', trim ( $row['text'] ) ) );
mysql_unbuffered_query ( "INSERT INTO `bashorg_quotes` ( `quote` ) VALUES ( '*trtrtr" . $row['text'] . "') " );
mysql_unbuffered_query ( "DELETE FROM `tmp_text` WHERE `id`=".intval($dbid)."");	
	
			$sPathFile = "log.dat";
	$fp = @fopen($sPathFile, "r");
	$iCounter = 0;
	if ($fp)
	{
		$iCounter = intval(fgets($fp, 100));
		fclose($fp);
	}
	$iCounter++;
	$fp = fopen($sPathFile, "w");
	if ($fp)
	{
		fputs($fp, strval($iCounter));
		fclose($fp);
	}
                     
}else{
mysql_unbuffered_query ( "DELETE FROM `tmp_text` WHERE `id`=".intval($dbid)."");
}
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();	
break;


case 'wew':
$text = (isset($_POST['text'])) ? mysql_escape_string(trim($_POST['text'])) : ''; 
$text = substr($text,0,1000);

if(empty($text)){
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit();
}else{

	$quote	=	htmlspecialchars ( iconv ( 'UTF-8', 'WINDOWS-1251', trim ( $text ) ) );	
	mysql_unbuffered_query("INSERT INTO `bashorg_quotes` VALUES('NULL','". $text."','0','0')") or die(mysql_error());		
}
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
break;

}
}
$ip = mysql_escape_string(trim($_SERVER['REMOTE_ADDR']));
// Голос
if ( !empty ( $_GET['pid']) )
{
$PR2=mysql_query("SELECT * FROM `ip` WHERE `uid`='".intval($_GET['pid'])."' AND `ip`='".$ip."' LIMIT 1");
if(mysql_num_rows($PR2))
{
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit(); 
}else{
	mysql_unbuffered_query ( "UPDATE `bashorg_quotes` SET `plus`=`plus`+1 WHERE `id`=" . intval ( $_GET['pid'] ) );//exit(mysql_error());	
	mysql_unbuffered_query("INSERT INTO `ip` VALUES('NULL','". intval($_GET['pid'])."','".$ip."')") or die(mysql_error());
}
}
if ( !empty ( $_GET['mid']) )
{
$PR2=mysql_query("SELECT * FROM `ip` WHERE `uid`='".intval($_GET['mid'])."' AND `ip`='".$ip."' LIMIT 1");
if(mysql_num_rows($PR2))
{
header('Location: ./index.php?id=' . $id . '&m=' . $m . '&n=' . $n . '');
exit(); 
}else{
	mysql_unbuffered_query ( "UPDATE `bashorg_quotes` SET `minus`=`minus`+1 WHERE `id`=" . intval ( $_GET['mid'] ) );
	mysql_unbuffered_query("INSERT INTO `ip` VALUES('NULL','". intval($_GET['mid'])."','".$ip."')") or die(mysql_error());
}
}

echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10-flat.dtd\">";
echo "<html><head>";
echo "<meta http-equiv=\"Content-Type\" content=\"application/xhtml+xml; charset=UTF-8\"/>";
echo '<link rel="stylesheet" type="text/css" href="../theme/'.$themes.'.css"/>';
echo "<title>BiWap.Net</title>";
echo "<style type=\"text/css\">";
echo "</style></head>";
echo "<body><div style=\"text-align: left\">";
echo "<div class=\"title_bord\"><div class=\"title\">";
echo "BiWap.Net - &#1042; &#1084;&#1080;&#1088;&#1077; &#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1086;&#1082;!</div></div><br/>";
echo '
<div class="title_bord">
<div class="a">';
$m ==1 ? print "<b>Новые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=1&amp;n=" . $n . "&amp;id=" . $id . "\">Новые</a>";
print "|";
$m ==2 ? print "<b>Старые</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=2&amp;n=" . $n . "&amp;id=" . $id . "\">Старые</a>";
print "|";
$m ==3 ? print "<b>Случайные</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=3&amp;n=" . $n . "&amp;id=" . $id . "\">Случайные</a>";
print "|";
$m ==5 ? print "<b>Топ 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=5&amp;n=" . $n . "&amp;id=" . $id . "\">Топ 10</a>";
print "|";
$m ==6 ? print "<b>сТоп 10</b>" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=6&amp;n=" . $n . "&amp;id=" . $id . "\">сТоп 10</a>";
print "|";


print "<a href=\"" . $_SERVER['PHP_SELF'] . "?m=4\">RSS</a>|";//exit($query);

$query	=	mysql_query ( $query ) or die ( mysql_error () );
while ( $quote = mysql_fetch_array ( $query ) )
{
$quote['quote'] = str_replace('*trtrtr','',$quote['quote']);
	echo '</div></div><div class="title_bord">
<div class="a"><div class="i_bar_t">';
	echo '<table width="350"><tr><td>Цитата <b>#' . $quote['id'] . '</b></td><td>Рейтинг: <a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '&amp;pid=' . $quote['id'] . '">[+]</a>' . $quote['plus'] . '/<a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&amp;n=' . $n . '&amp;m=' . $m . '&amp;mid=' . $quote['id'] . '">[-]</a>' . $quote['minus'] . '</td></tr></table>';
	echo str_replace ( "\n", "<br/>", htmlspecialchars ( iconv ( 'Windows-1251', 'UTF-8', $quote['quote'] ) ) ) ;
	if ( $a )
		echo '<br/><a href="' . $_SERVER['PHP_SELF'] . '?id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '&amp;del=' . $quote['id'] . '">[Удалить]</a>';
	echo '</div></div></div>---';
	$nid	=	$quote['id'];
}
echo "<br/><a href=\"" . $_SERVER['PHP_SELF'] . "?n=" . $n . "&amp;m=" . $m . "&amp;id=";
$m == 1 ? print ( $id - $n + 1 ) : print ( $nid + $n - 1 );
echo "\">Следующая</a>";
echo "</div>";
echo "На страницу: ";
$n ==1 ? print "1" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=1&amp;m=" . $m . "&amp;id=" . $id . "\">1</a>";
print ", ";
$n ==2 ? print "2" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=2&amp;m=" . $m . "&amp;id=" . $id . "\">2</a>";
print ", ";
$n ==5 ? print "5" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=5&amp;m=" . $m . "&amp;id=" . $id . "\">5</a>";
print ", ";
$n ==10 ? print "10" : print "<a href=\"" . $_SERVER['PHP_SELF'] . "?n=10&amp;m=" . $m . "&amp;id=" . $id . "\">10</a>";
echo '<br/>';
$od = file_get_contents('log.dat');
echo 'Одобрено:'.$od.' | На проверке:'.$tmp.'<br/>';
echo '<a href="./index.php?load=add&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Добавить свою цитату</a>';
if ( $a )
{
$c_tmp = mysql_query("SELECT COUNT(`id`) FROM `tmp_text`");
$tmp = mysql_result($c_tmp, 0); 
echo '<br/>';
echo '<a href="./index.php?mode=tmp_text&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Модерация текстов('.$tmp.')</a><br/>';
echo '<a href="./index.php?del_ip=del&amp;id=' . $id . '&amp;m=' . $m . '&amp;n=' . $n . '">Очистить IP адреса</a>';
echo "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?mode=wew&amp;id=" . $id . "&amp;m=" . $m . "&amp;n=" . $n . "\">";
echo "&#1044;&#1086;&#1073;&#1072;&#1074;&#1080;&#1090;&#1100; &#1094;&#1080;&#1090;&#1072;&#1090;&#1091;<br/>
<textarea cols=\"20\" rows=\"4\" name=\"text\"></textarea>
<br/>
<input type=\"submit\" value=\"OK!\"/></form>";
}
echo '
</div>';
include 'functions.inc.php';
include '../foot.php';

?>