Просмотр файла forum.php

Размер файла: 33.41Kb
<?php
// by Mike O. (mides), coolcms.mobi

$title = 'Форум';
require_once 'system/sys.php';
require_once 'system/header.php';

switch ($act) {
    default:
        tp($lang['forum']);
        $cats_r = mysql_query("SELECT `id`, `name` FROM `forum_cats` ORDER BY `order`, `name`");
        if (mysql_num_rows($cats_r)) {
            while ($cat = mysql_fetch_assoc($cats_r)) {
                $f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_cat` = '$cat[id]'"), 0);
                $f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_cat` = '$cat[id]'"), 0);
                echo '<a href="?act=cat&amp;id='.$cat['id'].'">'.$cat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
            }
        } else {
                echo $lang['there_are_no_categories'];
        }
        echo '<br /><form name="form" action="?act=newposts" method="post">
        <input name="submit" type="submit" value="'.$lang['new_msg'].'" />
        </form>';
        nav_main();
    break;
	
    case 'newposts':
        $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `last_time` > '".(TIME-43200)."'"), 0);
        if ($total > 0) {
            $pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                    $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            tp($lang['new_msg']);
            $topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `last_time` > '".(TIME-43200)."' ORDER BY `last_time` DESC LIMIT $begin, $config[onpage]");
            while($t = mysql_fetch_assoc($topics_r)){
                $t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$t[id]'"), 0);
                $last_page = ceil($t_msg/$config['onpage']);
                $cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$t[id_cat]'"));
                $lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$t[id]' ORDER BY `time` DESC limit 1"));
                echo '<a href="?act=cat&amp;id='.$t['id_cat'].'">'.$cat['name'].'</a>&gt;<a href="?act=topic&amp;id='.$t['id'].'">'.$t['title'].'</a> ('.login($lastuser['id_user']).' <a href="?act=topic&amp;id='.$t['id'].'&amp;p='.$last_page.'">&raquo;</a>, '.date('d.m,
H:i', $t['last_time']).')<br />';

            }
            navig($page, '?act=newposts&amp;', $pages);
            nav('?');
        } else {
            info($lang['nothing_yet']);
            nav('?');
        }
    break;
	
    case 'cat':
        $cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$id'"));
        if ($cat['name']) {
            tp('<a href="?">'.$lang['forum'].'</a> &gt; '.$cat['name']);
            $subcats_r = mysql_query("SELECT `id`, `name` FROM `forum_subcats` WHERE `id_cat` = '$id' ORDER BY `order`, `name`");
            if (mysql_num_rows($subcats_r)) {
                while ($subcat = mysql_fetch_assoc($subcats_r)) {
                    $f_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$subcat[id]'"), 0);
                    $f_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_subcat` = '$subcat[id]'"), 0);
                    echo '<a href="?act=subcat&amp;id='.$subcat['id'].'">'.$subcat['name'].'</a> ('.$f_topics.'/'.$f_msg.')<br />';
                }
            } else {
                echo $lang['no_subcategories_yet'];
            }
            nav('?');
        } else {
            redirect('?');
        }
    break;
			
    case 'subcat':
        $subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
        if ($subcat['name']) {
            $cat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
            tp('<a href="?">'.$lang['forum'].'</a> &gt; <a href="?act=cat&amp;id='.$subcat['id_cat'].'">'.$cat['name'].'</a> &gt; '.$subcat['name']);
            $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_subcat` = '$id'"), 0);
            if ($total > 0) {
                $pages = ceil($total / $config['onpage']);
                if ($page > $pages or $page == 0) {
                    $page = 1;
                }
                $begin = ($page - 1) * $config['onpage'];

                $topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `id_subcat` = '$id' ORDER BY `stuck` DESC, `last_time` DESC LIMIT $begin, $config[onpage]");
                while ($topic = mysql_fetch_assoc($topics_r)) {

                if ($topic['stuck']) echo '!';
                if ($topic['closed'] == 1 and empty($topic['stuck'])) echo '#';
                $t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$topic[id]'"), 0);
                $last_page = ceil($t_msg/$config['onpage']);
                $lastuser = mysql_fetch_assoc(mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$topic[id]' ORDER BY `time` DESC limit 1"));
                echo '<a href="?act=topic&amp;id='.$topic['id'].'">'.$topic['title'].'</a> ('.$t_msg.') '.login($lastuser['id_user']).'<a href="?act=topic&amp;id='.$topic['id'].'&amp;p='.$last_page.'">&raquo;</a><br />';
                }
            } else {
                echo $lang['no_topics_yet'].'<br />';
            }
            echo '<br /><form name="form" action="?act=topic_add&amp;id='.$id.'" method="post">
            <input name="" type="submit" value="Начать новую тему">
            </form>
            </div>';
            if (empty($pages)) $pages = 0;
            navig($page, '?act=subcat&amp;id='.$id.'&amp;', $pages);
            nav2('?act=cat&amp;id='.$subcat['id_cat'], $cat['name']);
        } else {
            redirect('?');
        }			
    break;
	
    case 'topic':
        $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
        if (isset($topic['id'])) {
            echo '<div class="title">'.$topic['title'].'</div><div class="list">';
            $total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);

            $pages = ceil($total / $config['onpage']);
            if ($page > $pages or $page == 0) {
                $page = 1;
            }
            $begin = ($page - 1) * $config['onpage'];

            $msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `time` LIMIT $begin, $config[onpage]");
            while ($msg = mysql_fetch_assoc($msg_r)) {
                if (!isset($num) ) $num = 1;  
                $num++;
                $row_class = (!($num % 2)) ? 'row1' : 'row2';
				
                echo '<div class="'.$row_class.'">
				
                <a href="profile.php?id='.$msg['id_user'].'">'.username($msg['id_user']).'</a> '.ccdate($msg['time'], $msg['id_user']).' <a href="?act=msg_reply&amp;id='.$msg['id'].'">Отв</a>|<a href="?act=msg_quote&amp;id='.$msg['id'].'">Цит</a>';
                if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) echo '|<a href="?act=msg_edit&amp;id='.$msg['id'].'">Ред</a>';
                if ($u['access'] > 1) echo '|<a href="?act=msg_del&amp;id='.$msg['id'].'">Уд</a>';
                if ($u['id']) {
                    echo ' ';
                    if ($msg['votes'] > 0) {
                        echo '+'.$msg['votes'];
                    }
                    $query = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'forum' and `id_who` = '$u[id]' and `id_for` = '$msg[id]'");
                    if (mysql_num_rows($query) or $msg['id_user'] == $u['id']) {
                        echo '<img src="inc/plus.png">';
                    } else {
                        echo '<a href="?act=vote&amp;id='.$msg['id'].'&amp;p='.$page.'"><img src="inc/plus.png"></a>';
                    }
                }
                echo '<br />'.bb($msg['text']);
                if ($msg['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">отредактировано: '.justusername($msg['edit_by']).' ('.date('d.m.y, H:i', $msg['edit_time']).' )</span>';
                echo '</div>';
            }

            if ($u['access'] > 0) {
                echo $topic['closed'] == 1 ? '<a href="?act=topic_open&amp;id='.$id.'">Откр.</a>' : '<a href="?act=topic_close&amp;id='.$id.'">Закр.</a>';
                echo '|<a href="?act=topic_edit&amp;id='.$topic['id'].'">Ред.</a>';
                if ($u['access'] > 1) echo '|<a href="?act=topic_del&amp;id='.$id.'">Уд.</a>';
            }
            navig($page, '?act=topic&amp;id='.$id.'&amp;', $pages);
            echo '</div><div class="main">';
            if ($u['id']) {
                if ($topic['closed'] == 0) {
                    echo bbpanel('form', 'text').'
                    <form name="form" action="?act=msg_add&amp;id='.$id.'" method="post">
                    <textarea name="text" cols="" rows="3"></textarea>';
                    echo '<input name="" type="submit" value="Ok">
                    </form>';
                } else {
                    echo 'Тема закрыта.';
                }
            } else {
                echo 'Вы не <a href="login.php">авторизованы</a> для добавления сообщений.';
            }
            echo '</div>';
            $subcat = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'"));
            nav2('?act=subcat&amp;id='.$topic['id_subcat'], $subcat['name']);
        } else {
            redirect('?');
        }
    break;
	
    case 'topic_add':
        if ($u['id']) {
            $subcat = mysql_fetch_assoc(mysql_query("SELECT `id_cat`, `name` FROM `forum_subcats` WHERE `id` = '$id'"));
            if ($subcat['id_cat']) {
                if (TIME > $spam) {
                    if ($ok) {
                        if ($_POST['title'] and $_POST['text'] and !empty($_POST['code']) ) {
                            $code = abs(intval($_POST['code']));
                            if ($_SESSION['code'] == $code) {
                                mb_internal_encoding('UTF-8');
                                if (mb_strlen($_POST['text']) <= 750) {
                                    $title = check($_POST['title']);
                                    $text = check($_POST['text']);
                                    mysql_query("INSERT INTO `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `title` = '$title', `id_user` = '$u[id]', `last_time` = '".time()."', `stuck` = '$stuck', `closed` = '$closed'");
                                    $id_topic = mysql_insert_id();
                                    mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$id', `id_topic` = '$id_topic', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
                                    $_SESSION['antispam'] = time() + $config['antispam'];
                                    header('location: ?act=topic&id='.$id_topic);
                                } else {
                                    error('Слишком длинный текст.');
                                    nav('?act=topic_add&amp;id='.$id);
                                }
                            } else {
                                error('Неверный код.');
                               nav('?act=topic_add&amp;id='.$id);
                            }
                        } else {
                            error('Вы не заполнили поля.');
                            nav('?act=topic_add&amp;id='.$id);
                        }
                    } else {
                        tp('Создать тему');
                        echo '<form name="form" action="?act=topic_add&amp;id='.$id.'&amp;ok=1" method="post">
                        Заголовок(max50):<br /><input name="title" type="text" maxlength="50" /><br />
                        Сообщение(max750):<br /> '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="4"></textarea>
                        <img src="inc/code.php" alt="" /> провер. код:<br/>
    <input name="code" maxlength="5" /><br />
                        <input name="submit" type="submit" value="Ok" />
                        
                        </form>';
                        nav2('?act=subcat&amp;id='.$id, $subcat['name']);
                    }
                } else {
                    error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
                    nav2('?act=subcat&amp;id='.$id, $subcat['name']);
                }
            }
        } else {
            redirect('login.php');
        }
    break;
	
    case 'topic_edit':
        if ($u['access'] > 0) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if (isset($topic['id'])) {
                if ($ok) {
                    if (!empty($_POST['title']) and ($_POST['text'])) {
                            $subcat_id = abs(intval($_POST['subcat']));
                            $subcat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$subcat_id'"));
                            $title = check($_POST['title']);
                            $text = check($_POST['text']);
                            $stuck = abs(intval($_POST['stuck']));
                            $closed = abs(intval($_POST['closed']));
                            mysql_query("UPDATE `forum_topics` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]', `title` = '$title', `stuck` = '$stuck', `closed` = '$closed' WHERE `id` = '$id'");
                            mysql_query("UPDATE `forum_msg` SET `text` = '$text' WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
                            $msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
                            while ($msg = mysql_fetch_assoc($msg_r)) {
                                    mysql_query("UPDATE `forum_msg` SET `id_cat` = '$subcat[id_cat]', `id_subcat` = '$subcat[id]' WHERE `id` = '$msg[id]'");
                            }
                            header('location: ?act=topic&id='.$id);
                            exit;
                    } else {
                            header('location: ?act=topic_edit&id='.$id);
                            exit;
                    }
                } else {
                    $msg_r = mysql_query("SELECT `text` FROM `forum_msg` WHERE `id_topic` = '$id' ORDER BY `id` LIMIT 1");
                    $msg = mysql_fetch_assoc($msg_r);

                    tp('Редактирование темы');
                    echo '<form name="form" action="?act=topic_edit&amp;id='.$id.'&amp;ok=1" method="post">
                    <select name="subcat">';
                    $subcat_r1 = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` = '$topic[id_subcat]'");
                    $subcat1 = mysql_fetch_assoc($subcat_r1);
                    $cat1 = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat1[id_cat]'"));
                    echo '<option value="'.$subcat1['id'].'">'.$cat1['name'].' &gt; '.$subcat1['name'].'</option>';

                    $subcat_r = mysql_query("SELECT * FROM `forum_subcats` WHERE `id` != '$topic[id_subcat]' ORDER BY `id_cat`, `name`");
                    while ($subcat = mysql_fetch_assoc($subcat_r)) {
                            $cat = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_cats` WHERE `id` = '$subcat[id_cat]'"));
                            echo '<option value="'.$subcat['id'].'">'.$cat['name'].' &gt; '.$subcat['name'].'</option>';
                    }
                    echo '</select><br />

                    '.$lang['title'].'(max50):<br /><input name="title" type="text" value="'.$topic['title'].'" maxlength="50" /><br />
                    '.$lang['text'].':<br /> '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="5">'.$msg['text'].'</textarea><br />';
                    echo $topic['stuck'] == 1 ? '<input name="stuck" type="checkbox" value="1" checked />' : '<input name="stuck" type="checkbox" value="1" />';
                    echo ' закрепить<br />';
                    echo $topic['closed'] == 1 ? '<input name="closed" type="checkbox" value="1" checked />' : '<input name="closed" type="checkbox" value="1" />';
                    echo ' закрыть<br />';
                    echo '<input name="submit" type="submit" value="Ok" />
                    </form>';
                    nav('?act=topic&amp;id='.$id);
                }
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;
	
    case 'topic_close':
        if ($u['access'] > 0) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if ($topic['id']) {
                mysql_query("UPDATE `forum_topics` SET `closed` = 1 WHERE `id` = '$id'");
				mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$topic[id_cat]', `id_subcat` = '$topic[id_subcat]', `id_topic` = '$topic[id]', `id_user` = '$u[id]', `text` = ':closed', `time` = '".TIME."'");
                redirect('?act=topic&id='.$id);
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'topic_open':
        if ($u['access'] > 0) {
            $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
            if ($topic['id']) {
                mysql_query("UPDATE `forum_topics` SET `closed` = 0 WHERE `id` = '$id'");
                header('location: ?act=topic&id='.$id);
                exit;
            } else {
                redirect('?');
            }
        } else {
            redirect('?');
        }
    break;

    case 'topic_del':
            if ($u['access'] > 1) {
                    $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
                    if ($topic['id']) {
                            if (isset($_GET['ok'])) {
                                    $forum_msg_r = mysql_query("SELECT `id` FROM `forum_msg` WHERE `id_topic` = '$id'");
                                    while ($forum_msg = mysql_fetch_assoc($forum_msg_r) ) {
                                            mysql_query("DELETE FROM `voting` WHERE `type` = 'forum' and `id_for` = '$forum_msg[id]'");
                                    }

                                    mysql_query("DELETE FROM `forum_msg` WHERE `id_topic` = '$id'");
                                    mysql_query("DELETE FROM `forum_topics` WHERE `id` = '$id'");
                                    header('location: ?act=subcat&id='.$topic['id_subcat']);
                                    exit;
                            } else {
                                    tp('Подтверждение');
                                    echo '<form name="form" action="?act=topic_del&amp;id='.$id.'&amp;ok=1" method="post">
                                    Вы действительно хотите удалить тему "'.$topic['title'].'"?<br />
                                    <input name="submit" type="submit" value="&#1044;&#1072;" />
                                    </form>';
                                    nav('?act=topic&amp;id='.$id);
                            }
                    } else {
                            error('Тема не существует.');
                            nav('?');
                    }
            } else {
                    header('location: ?');
                    exit;
            }
    break;

    case 'msg_add':
            if ($u['id']) {
                    $topic = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topics` WHERE `id` = '$id'"));
                    if ($topic['id_cat'] and empty($topic['closed'])) {
                            if (time() > $_SESSION['antispam']) {
                                    $t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$id'"), 0);
                                    $last_page = ceil($t_msg/$config['onpage']);
                                    if ($_POST['text']) {
                                            $text = check($_POST['text']);
                                            mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$id'");
                                            mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$topic[id_cat]', `id_subcat` = '$topic[id_subcat]', `id_topic` = '$id', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
                                            $_SESSION['antispam'] = time() + $config['antispam'];
                                            header('location: ?act=topic&id='.$id.'&p='.$last_page);
                                            exit;
                                    } else {
                                            header('location: ?act=topic&id='.$id.'&p='.$last_page);
                                            exit;
                                    }
                            } else {
                                    error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
                                    nav('?act=topic&amp;id='.$id);
                            }
                    } else {
                            header('location: ?');
                            exit;
                    }
            } else {
                    header('location: login.php');
                    exit;
            }
    break;

    case 'msg_reply':
            if ($u['id']) {
                    $msg = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
                    if ($msg['id']) {
                            $topic = mysql_fetch_assoc(mysql_query("SELECT `closed` FROM `forum_topics` WHERE `id` = '$msg[id_topic]'"));
                            if (empty($topic['closed'])) {
                                    if ($ok) {
                                            if (time() > $_SESSION['antispam']) {
                                                    if ($_POST['text']) {
                                                            $text = check($_POST['text']);
                                                            mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$msg[id_topic]'");
                                                            mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$msg[id_cat]', `id_subcat` = '$msg[id_subcat]', `id_topic` = '$msg[id_topic]', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
                                                            $_SESSION['antispam'] = time() + $config['antispam'];
                                                            $t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$msg[id_topic]'"), 0);
                                                            $last_page = ceil($t_msg/$config['onpage']);
                                                            header('location: ?act=topic&id='.$msg['id_topic'].'&p='.$last_page);
                                                            exit;
                                                    } else {
                                                            error('Вы не заполнили поле.');
                                                            nav('?act=msg_reply&amp;id='.$msg['id_topic']);
                                                    }
                                            } else {
                                                    error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
                                                    nav('?act=topic&amp;id='.$msg['id_topic']);
                                            }
                                    } else {
                                            tp('Ответ на сообщение');
                                            echo '<form name="form" action="?act=msg_reply&amp;id='.$id.'&amp;ok=1" method="post">
                                             '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="4">[b]'.justusername($msg['id_user']).'[/b], </textarea><br />
                                            <input name="submit" type="submit" value="Ok" />
                                            </form>';
                                            nav('?act=topic&amp;id='.$msg['id_topic']);
                                    }
                            } else {
                                    redirect('?act=topic&id='.$msg['id_topic']);
                            }
                    } else {
                            redirect('?');
                    }
            } else {
                    redirect('login.php');
            }
    break;

    case 'msg_quote':
            if ($u['id']) {
                    $msg = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
                    if ($msg['id']) {
                            $topic = mysql_fetch_assoc(mysql_query("SELECT `closed` FROM `forum_topics` WHERE `id` = '$msg[id_topic]'"));
                            if (empty($topic['closed'])) {
                                    if ($ok) {
                                            if (time() > $_SESSION['antispam']) {
                                                    if (!empty($_POST['text'])) {
                                                            $text = check($_POST['text']);
                                                            mysql_query("UPDATE `forum_topics` SET `last_time` = '".time()."' WHERE `id` = '$msg[id_topic]'");
                                                            mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$msg[id_cat]', `id_subcat` = '$msg[id_subcat]', `id_topic` = '$msg[id_topic]', `id_user` = '$u[id]', `text` = '$text', `time` = '".time()."'");
                                                            $_SESSION['antispam'] = time() + $config['antispam'];
                                                            $t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$msg[id_topic]'"), 0);
                                                            $last_page = ceil($t_msg/$config['onpage']);
                                                            header('location: ?act=topic&id='.$msg['id_topic'].'&p='.$last_page);
                                                            exit;
                                                    } else {
                                                            error('Вы не заполнили поле.');
                                                            nav('?act=msg_quote&amp;id='.$msg['id_topic']);
                                                    }
                                            } else {
                                                    error('Антиспам. Разрешено пиcать раз в '.$config['antispam'].' сек.');
                                                    nav('?act=topic&amp;id='.$msg['id_topic']);
                                            }
                                    } else {
                                            tp('Цитирование сообщения');
                                            echo '<form name="form" action="?act=msg_quote&amp;id='.$id.'&amp;ok=1" method="post">
                                             '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="4">[i]'.justusername($msg['id_user']).'[/i] пишет:[q]'.$msg['text'].'[/q]
    </textarea><br />
                                            <input name="submit" type="submit" value="Ok" />
                                            </form>';
                                            nav('?act=topic&amp;id='.$msg['id_topic']);
                                    }
                            } else {
                                    redirect('?act=topic&id='.$msg['id_topic']);
                            }
                    } else {
                            redirect('?');
                    }
            } else {
                    redirect('login.php');
            }
    break;

    case 'msg_edit':
            if ($u['id']) {
                    $msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'");
                    $msg = mysql_fetch_assoc($msg_r);
                    if ($msg['id']) {
                            if ($u['access'] > 0 or $u['id'] == $msg['id_user'] and time() - $msg['time'] < $config['edit_time']) {
                                    tp('Редактирование сообщения');
                                    if (empty($_GET['ok'])) {
                                            echo '<form name="form" action="?act=msg_edit&amp;id='.$id.'&amp;ok=1" method="post">
                                             '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="3">'.$msg['text'].'</textarea>
                                            <input name="submit" type="submit" value="Ok" />
                                            </form>';
                                            nav('?act=topic&id='.$msg['id_topic']);
                                    } else {
                                            if ($_POST['text']) {
                                                    $text = check($_POST['text']);
                                                    mysql_query("UPDATE `forum_msg` SET `text` = '$text', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
                                                    header('location: ?act=topic&id='.$msg['id_topic']);
                                                    exit;
                                            } else {
                                                    error('Вы не заполнили поле.');
                                                    nav('?act=msg_edit&amp;id='.$id);
                                            }
                                    }
                            } else {
                                    error('Нельзя отредактировать это сообщение.');
                                    nav('?act=topic&id='.$msg['id_topic']);
                            }
                    } else {
                            error('Сообщение не существует.');
                            nav('?');
                    }
            } else {
                    header('location: login.php');
                    exit;
            }
    break;

    case 'msg_del':
            $msg = mysql_fetch_assoc(mysql_query("SELECT `id`, `id_topic` FROM `forum_msg` WHERE `id` = '$id'"));
            if ($msg['id']) {
                    mysql_query("DELETE FROM `forum_msg` WHERE `id` = '$id'");
                    mysql_query("DELETE FROM `voting` WHERE `type` = 'forum' and `id_for` = '$id'");
                    header('location: ?act=topic&id='.$msg['id_topic']);
                    exit;
            } else {
                    error('Сообщение не существует.');
                    nav('?act=topic&amp;id='.$msg['id_topic']);
            }
    break;

    case 'vote':
            if ($u['id']) {
                    $p = abs(intval($_GET['p']));
                    $msg_r = mysql_query("SELECT `id`, `id_topic`, `id_user` FROM `forum_msg` WHERE `id` = '$id'");
                    $msg = mysql_fetch_assoc($msg_r);
                    if ($msg['id']) {
                            if ($msg['id_user'] != $u['id']) {
                                    $query = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'forum' and `id_who` = '$u[id]' and `id_for` = '$id'");
                                    if (!mysql_num_rows($query)) {
                                            mysql_query("UPDATE `forum_msg` SET `votes` = (`votes`+1) WHERE `id` = '$id'");
                                            mysql_query("INSERT INTO `voting` SET `type` = 'forum', `id_who` = '$u[id]', `id_for` = '$id'");
                                            mysql_query("UPDATE `users` SET `karma` = (`karma`+1) WHERE `id` = '$msg[id_user]'");

                                    }
                            }
                            header('location: ?act=topic&id='.$msg[id_topic].'&p='.$p);
                            exit;
                    } else {
                            header('location: ?');
                            exit;
                    }
            } else {
                    header('location: login.php');
                    exit;
            }
    break;	
		
}

require_once 'system/tail.php';
?>