Файл: vxas.ru/forum/inc/them.php
Строк: 518
<?
if (isset($_GET['act']) && $_GET['act']=='txt')
{
ob_clean();
ob_implicit_flush();
header('Content-Type: text/plain; charset=utf-8', true);
header('Content-Disposition: attachment; filename="'.retranslit($them['name']).'.txt";');
echo "Тема: $them[name] ($forum[name]/$razdel[name])rn";
$q=mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' ORDER BY `time` ASC");
//echo "rn";
while ($post = mysql_fetch_assoc($q))
{
echo "rn";
$ank=get_user($post['id_user']);
echo "$ank[nick] (".date("j M Y в H:i", $post['time']).")rn";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post[cit])."'"),0)==1)
{
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post[cit])."' LIMIT 1"));
$ank_c=get_user($cit['id_user']);
echo "--Цитата--rn";
echo "$ank_c[nick] (".date("j M Y в H:i", $cit['time'])."):rn";
echo trim(br($cit['msg'],"rn"))."rn";
echo "----------rn";
}
echo trim(br($post['msg'],"rn"))."rn";
}
echo "rnИсточник: http://$_SERVER[SERVER_NAME]/forum/$forum[id]/$razdel[id]/$them[id]/rn";
exit;
}
if (isset($user) && isset($_GET['f_del']) && is_numeric($_GET['f_del']) && isset($_SESSION['file'][$_GET['f_del']]))
{
unlink($_SESSION['file'][$_GET['f_del']]['tmp_name']);
}
if (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==1)
{
mysql_query("INSERT INTO `forum_zakl` (`id_user`, `time`, `id_them`, `time_obn`) values('".mysql_real_escape_string($user[id])."', '".mysql_real_escape_string($time)."', '".mysql_real_escape_string($them[id])."', '".mysql_real_escape_string($time)."')");
//if (mysql_error()!=NULL)echo mysql_error();
msg('Тема добавлена в закладки');
}
elseif (isset($user) && isset($_GET['zakl']) && $_GET['zakl']==0)
{
mysql_query("DELETE FROM `forum_zakl` WHERE `id_user` = '".mysql_real_escape_string($user[id])."' AND `id_them` = '".mysql_real_escape_string($them[id])."'");
//if (mysql_error()!=NULL)echo mysql_error();
msg('Тема удалена из закладок');
}
if (isset($user) && isset($_GET['act']) && $_GET['act']=='new' && isset($_FILES['file_f']) && ereg('.', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.htmlspecialchars($user['id']).'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
chmod(H.'sys/tmp/'.htmlspecialchars($user['id']).'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp', 0777);
if (isset($_SESSION['file']))$next_f=count($_SESSION['file']);else $next_f=0;
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['name']=eregi_replace('.[^.]*$', NULL, $file); // имя файла без расширения
$_SESSION['file'][$next_f]['ras']=strtolower(eregi_replace('^.*.', NULL, $file));
$_SESSION['file'][$next_f]['tmp_name']=H.'sys/tmp/'.htmlspecialchars($user['id']).'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp';
$_SESSION['file'][$next_f]['size']=filesize(H.'sys/tmp/'.htmlspecialchars($user['id']).'_'.md5_file($_FILES['file_f']['tmp_name']).'.forum.tmp');
$_SESSION['file'][$next_f]['type']=$_FILES['file_f']['type'];
}
/////////////////////////////////////////////////////
if (isset($user) && ($them['close']==0 || $them['close']==1 && user_access('forum_post_close')) && isset($_GET['act']) && $_GET['act']=='g')
{
$golos=intval($_GET['g']);
if (strlen2($msg)<2)$err='Короткое сообщение';
if (strlen2($msg)>10000)$err='Длина сообщения превышает предел в 10000 символа';
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_user` = '".mysql_real_escape_string($user[id])."' AND `msg` = '".my_esc($msg)."' LIMIT 1"),0)!=0)$err='Ваше сообщение повторяет предыдущее';
if (!isset($err))
{
if (isset($_POST['cit']) && is_numeric($_POST['cit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_razdel` = '".intval($_GET['id_razdel'])."' AND `id_forum` = '".intval($_GET['id_forum'])."'"),0)==1)
$cit=intval($_POST['cit']); else $cit='null';
mysql_query("UPDATE `user` SET `balls` = '".mysql_real_escape_string($user['balls']+1)."' WHERE `id` = '".mysql_real_escape_string($user[id])."' LIMIT 1");
mysql_query("UPDATE `forum_zakl` SET `time_obn` = '".mysql_real_escape_string($time)."' WHERE `id_them` = '".mysql_real_escape_string($them[id])."'");
mysql_query("INSERT INTO `forum_p` (`id_forum`, `id_razdel`, `id_them`, `id_user`, `msg`, `time`, `cit`) values('".mysql_real_escape_string($forum[id])."', '".mysql_real_escape_string($razdel[id])."', '".mysql_real_escape_string($them[id])."', '".mysql_real_escape_string($user[id])."', '".my_esc($msg)."', '".mysql_real_escape_string($time)."', $cit)");
$post_id=mysql_insert_id();
mysql_query("UPDATE `forum_r` SET `time` = '".mysql_real_escape_string($time)."' WHERE `id` = '".mysql_real_escape_string($razdel[id])."' LIMIT 1");
mysql_query("UPDATE `forum_t` SET `time` = '".mysql_real_escape_string($time)."' WHERE `id` = '".mysql_real_escape_string($them[id])."' LIMIT 1");
$post1=mysql_fetch_array(mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' ORDER BY `time` ASC LIMIT 1"));
$an=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($post1[id_user])."' LIMIT 1"));
$us_adm = mysql_real_escape_string($an['id']);
if($user['id']!=$us_adm) {
$msgrat1="В вашей теме оставили сообщение [url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end]$them[name][/url] ($forum[name]/$razdel[name])";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`) values('0', '".mysql_real_escape_string($an[id])."', '".mysql_real_escape_string($msgrat1)."', '".mysql_real_escape_string($time)."', 'forum')"); }
if($_GET[ud] && $user[id]!=$_GET[ud] && $_GET[ud]!=$us_adm) {
$msg1="Вам ответили в теме [url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end]$them[name][/url] ($forum[name]/$razdel[name])";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`) values('0', '".mysql_real_escape_string($_GET[ud])."', '".mysql_real_escape_string($msg1)."', '".mysql_real_escape_string($time)."', 'forum_otv')");
msg('Ответ принят');
}
msg('Сообщение успешно добавлено');
aut();
header("Refresh: 1; url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end&".SID);
echo "<div class='menu'>n";
echo "<a style='font-weight:bold;' href="/forum/$forum[id]/$razdel[id]/$them[id]/?page=end" title='Перейти в тему'>Перейти в тему</a><br />n";
echo "<a href="/forum/$forum[id]/$razdel[id]/" title='Вернуться в раздел'>$razdel[name]</a><br />n";
echo "<a href="/forum/$forum[id]/">$forum[name]</a><br />n";
echo "<a href="/forum/">Форум</a><br />n";
echo "</div>n";
include_once '../sys/inc/tfoot.php';
}
}
///////////////////////////////////////////////////////////////
if (isset($user) && ($them['close']==0 || $them['close']==1 && user_access('forum_post_close')) && isset($_GET['act']) && $_GET['act']=='new' && isset($_POST['msg']) && !isset($_POST['file_s']))
{
$msg=mysql_real_escape_string($_POST['msg']);
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)<2)$err='Короткое сообщение';
if ($user['rating']<10)$err='Ваш рейтинг меньше 10. Вы не можите писать в форуме';
if (strlen2($msg)>10000)$err='Длина сообщения превышает предел в 10000 символа';
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_user` = '".mysql_real_escape_string($user[id])."' AND `msg` = '".my_esc($msg)."' LIMIT 1"),0)!=0)$err='Ваше сообщение повторяет предыдущее';
if (!isset($err))
{
if (isset($_POST['cit']) && is_numeric($_POST['cit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".intval($_POST['cit'])."' AND `id_them` = '".intval($_GET['id_them'])."' AND `id_razdel` = '".intval($_GET['id_razdel'])."' AND `id_forum` = '".intval($_GET['id_forum'])."'"),0)==1)
$cit=intval($_POST['cit']); else $cit='null';
mysql_query("UPDATE `user` SET `balls` = '".mysql_real_escape_string($user['balls']+1)."' WHERE `id` = '".mysql_real_escape_string($user[id])."' LIMIT 1");
mysql_query("UPDATE `forum_zakl` SET `time_obn` = '".mysql_real_escape_string($time)."' WHERE `id_them` = '".mysql_real_escape_string($them[id])."'");
mysql_query("INSERT INTO `forum_p` (`id_forum`, `id_razdel`, `id_them`, `id_user`, `msg`, `time`, `cit`) values('".mysql_real_escape_string($forum[id])."', '".mysql_real_escape_string($razdel[id])."', '".mysql_real_escape_string($them[id])."', '".mysql_real_escape_string($user[id])."', '".my_esc($msg)."', '".mysql_real_escape_string($time)."', $cit)");
$post_id=mysql_insert_id();
if (isset($_SESSION['file']) && isset($user))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name']))
{
mysql_query("INSERT INTO `forum_files` (`id_post`, `name`, `ras`, `size`, `type`) values('".mysql_real_escape_string($post_id)."', '".mysql_real_escape_string($_SESSION['file'][$i]['name'])."', '".mysql_real_escape_string($_SESSION['file'][$i]['ras'])."', '".mysql_real_escape_string($_SESSION['file'][$i]['size'])."', '".mysql_real_escape_string($_SESSION['file'][$i]['type'])."')");
$file_id=mysql_insert_id();
copy($_SESSION['file'][$i]['tmp_name'], H.'sys/forum/files/'.htmlspecialchars($file_id).'.frf');
unlink($_SESSION['file'][$i]['tmp_name']);
}
}
unset($_SESSION['file']);
}
unset($_SESSION['msg']);
mysql_query("UPDATE `forum_r` SET `time` = '".mysql_real_escape_string($time)."' WHERE `id` = '".mysql_real_escape_string($razdel[id])."' LIMIT 1");
mysql_query("UPDATE `forum_t` SET `time` = '".mysql_real_escape_string($time)."' WHERE `id` = '".mysql_real_escape_string($them[id])."' LIMIT 1");
$post1=mysql_fetch_array(mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' ORDER BY `time` ASC LIMIT 1"));
$an=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($post1[id_user])."' LIMIT 1"));
$us_adm = mysql_real_escape_string($an['id']);
if($user['id']!=$us_adm) {
$msgrat1="В вашей теме оставили сообщение [url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end]$them[name][/url] ($forum[name]/$razdel[name])";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`) values('0', '".mysql_real_escape_string($an[id])."', '".mysql_real_escape_string($msgrat1)."', '".mysql_real_escape_string($time)."', 'forum')"); }
if($_GET[ud] && $user[id]!=$_GET[ud] && $_GET[ud]!=$us_adm) {
$msg1="Вам ответили в теме [url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end]$them[name][/url] ($forum[name]/$razdel[name])";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`) values('0', '".mysql_real_escape_string($_GET[ud])."', '".mysql_real_escape_string($msg1)."', '".mysql_real_escape_string($time)."', 'forum_otv')");
msg('Ответ принят');
}
msg('Сообщение успешно добавлено');
aut();
header("Refresh: 1; url=/forum/$forum[id]/$razdel[id]/$them[id]/?page=end&".SID);
echo "<div class='menu'>n";
echo "<a style='font-weight:bold;' href="/forum/$forum[id]/$razdel[id]/$them[id]/?page=end" title='Перейти в тему'>Перейти в тему</a><br />n";
echo "<a href="/forum/$forum[id]/$razdel[id]/" title='Вернуться в раздел'>$razdel[name]</a><br />n";
echo "<a href="/forum/$forum[id]/">$forum[name]</a><br />n";
echo "<a href="/forum/">Форум</a><br />n";
echo "</div>n";
include_once '../sys/inc/tfoot.php';
}
}
if ($them['close']==1)
msg('Тема закрыта для обсуждения');
###################################
if (isset($user) && $user['balls']>=50 && $user['rating']>=0 && isset($_GET['id_file'])
&&
mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_files` WHERE `id` = '".intval($_GET['id_file'])."'"), 0)==1
&&
mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_files_rating` WHERE `id_user` = '".mysql_real_escape_string($user[id])."' AND `id_file` = '".intval($_GET['id_file'])."'"), 0)==0)
{
if (isset($_GET['rating']) && $_GET['rating']=='down')
{
mysql_query("INSERT INTO `forum_files_rating` (`id_user`, `id_file`, `rating`) values('".mysql_real_escape_string($user[id])."', '".intval($_GET['id_file'])."', '-1')");
msg ('Ваш отрицательный отзыв принят');
}
elseif(isset($_GET['rating']) && $_GET['rating']=='up')
{
mysql_query("INSERT INTO `forum_files_rating` (`id_user`, `id_file`, `rating`) values('".mysql_real_escape_string($user[id])."', '".intval($_GET['id_file'])."', '1')");
msg ('Ваш положительный отзыв принят');
}
}
###################################
if (isset($_GET['act']) && $_GET['act']=='rating' && isset($_GET['plus']))
{
if (isset($_GET['plus'])) {$post_id = $_GET['plus'];}
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post_id)."'"));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p_rating` WHERE `id_user` = '".mysql_real_escape_string($user['id'])."' AND `id_post` = '".mysql_real_escape_string($post['id'])."'"), 0)==0 && $post['id_user']!=$user['id']){
mysql_query("UPDATE `forum_p` SET `rating` = '".mysql_real_escape_string($post['rating']+1)."' WHERE `id` = '".mysql_real_escape_string($post_id)."' LIMIT 1");
mysql_query("INSERT INTO `forum_p_rating` (`id_user`, `id_post`, `rating`) values('".mysql_real_escape_string($user['id'])."', '".mysql_real_escape_string($post_id)."','1')");
$_SESSION['true'] = 'Положительный отзыв к сообщению принят';
header ("Location: ?page=".htmlspecialchars($_GET['page'])."".SID);
exit;
}}
if (isset($_GET['act']) && $_GET['act']=='rating' && isset($_GET['minus']))
{
if (isset($_GET['minus'])) {$post_id = $_GET['minus'];}
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post_id)."'"));
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p_rating` WHERE `id_user` = '".mysql_real_escape_string($user['id'])."' AND `id_post` = '".mysql_real_escape_string($post['id'])."'"), 0)==0 && $post['id_user']!=$user['id']){
mysql_query("UPDATE `forum_p` SET `rating` = '".mysql_real_escape_string($post['rating']-1)."' WHERE `id` = '".mysql_real_escape_string($post_id)."' LIMIT 1");
mysql_query("INSERT INTO `forum_p_rating` (`id_user`, `id_post`, `rating`) values('".mysql_real_escape_string($user['id'])."', '".mysql_real_escape_string($post_id)."','1')");
$_SESSION['true'] = 'Негативный отзыв к сообщению принят';
header ("Location: ?page=".htmlspecialchars($_GET['page'])."".SID);
exit;
}}
###################################
err();
aut();
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
echo "<table class='post'>n";
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){$lim=NULL;}else $lim=" LIMIT $start, $set[p_str]";
$q=mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' ORDER BY `time` ASC$lim");
if (mysql_num_rows($q)==0) {
echo " <tr>n";
echo " <td class='p_t'>n";
echo "Нет сообщений в теме "$them[name]"n";
echo " </td>n";
echo " </tr>n";
}
$post_k=$start;
while ($post = mysql_fetch_assoc($q))
{
$ank=get_user($post['id_user']);
$post_k++;
echo " <tr>n";
if ($set['set_show_icon']==2){
echo " <td class='icon48' rowspan='2'>n";
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
{
echo "<input type='checkbox' name='post_$post[id]' value='1' />";
}
else
avatar($ank['id']);
echo " </td>n";
}
elseif ($set['set_show_icon']==1)
{
echo " <td class='icon14'>n";
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete')
{
echo "<input type='checkbox' name='post_$post[id]' value='1' />";
}
else
echo "<img src='/style/themes/$set[set_them]/user/$ank[pol].png' alt='' />";
echo " </td>n";
}
if ($set['show_num_post']==1)$num_post=$post_k.') '; else $num_post=NULL;
if ($set['show_num_post']==1)$num_post1=$post_k; else $num_post1=NULL;
echo " <td class='p_t'>n";
if (isset($user) && $them['close']==0){
echo "$num_post<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/msg' title='Ответить $ank[nick]'>$ank[nick]</a> ".online($ank['id'])." (".vremja($post['time']).")n";
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/zhal'>[Жалоба]</a>n";}
else{
echo "$num_post<a href='/info.php?id=$ank[id]' title='Анкета $ank[nick]'>$ank[nick]</a> ".online($ank['id'])." (".vremja($post['time']).")n";
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/zhal'>[Жалоба]</a>n";}
#################
#################
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($set['set_show_icon']==1)echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post[cit])."'"),0)==1)
{
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '".mysql_real_escape_string($post[cit])."' LIMIT 1"));
//$ank_c=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($cit[id_user])."' LIMIT 1"));
$ank_c=get_user($cit['id_user']);
echo "<div class='cit'>n";
echo "<b>$ank_c[nick] (".vremja($cit['time'])."):</b><br />n";
echo output_text($cit['msg'])."<br />n";
echo "</div>n";
}
if ($post['opros']=='1' and $num_post1=='1'){
echo '<b>';
echo output_text($post['msg'])."<br />n";
echo '</b>';
$q2=mysql_query("SELECT * FROM `forum_opr` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' ORDER BY `id` ASC");
if (mysql_num_rows($q2)==0) {
echo "Ошибка не найдено ни одного варианта n";
}
while ($post2 = mysql_fetch_assoc($q2))
{
$zavse=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_opres` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' ",$db), 0);
$zaet=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_opres` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' AND `id_var`='".mysql_real_escape_string($post2[id])."' ",$db), 0);
$prov=mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_opres` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' AND `id_user`='".mysql_real_escape_string($user[id])."' ",$db), 0);
echo "$post2[var] (<b>$zaet</b>)<br/>";
echo "<img src='/forum/img.php?p=".@intval($zaet/$zavse*100)."&k=$zaet&a=$zavse' alt=''/>";
if ($prov==0)echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/$post2[id]/golos'><img src='/forum/plus.png' alt='' /></a>n";
echo "<br />";
}
}else{
echo output_text($post['msg'])."<br />n";
}
if ($post['ban']==1){
$bannn=mysql_fetch_array(mysql_query("SELECT * FROM `forum_ban` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' AND `id_user`='".mysql_real_escape_string($ank[id])."' LIMIT 1"));
echo "<font color='red'>";
echo output_text($bannn['msg'])."n";
echo "</font><br/>";
}
if ($post['red']==1){
$redakt=mysql_fetch_array(mysql_query("SELECT * FROM `forum_phis` WHERE `id_them` = '".mysql_real_escape_string($them[id])."' AND `id_forum` = '".mysql_real_escape_string($forum[id])."' AND `id_razdel` = '".mysql_real_escape_string($razdel[id])."' AND `id_post`='".mysql_real_escape_string($post[id])."' ORDER BY `id` DESC LIMIT 1"));
$ank5=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($redakt[id_user])."' LIMIT 1"));
echo "<u>Редактировал последний раз <a href='/info.php?id=$ank5[id]'> $ank5[nick]</a> в ".vremja($redakt['data'])."</u><br/>";
}
include H.'/forum/inc/file.php';
if (user_access('forum_post_ed') && ($ank['level']<=$user['level'] || $ank['level']==$user['level'] && $ank['id']==$user['id']))
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Ред</a>n";
elseif (isset($user) && $user['id']==$post['id_user'])
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/edit'>Ред</a>n";
if (isset($user) && $them['close']==0 && $user['id']==$post['id_user'] && $post['time']>time()-600 && $post_k==$k_post)
echo ' | ';
elseif ($them['close']==0 && user_access('forum_post_ed') && ($ank['level']<$user['level'] || $ank['level']==$user['level'] && $ank['id']==$user['id']))
echo ' | ';
if ($them['close']==0 && isset($user)) echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/msg' title='Ответить $ank[nick]'>Отв</a> n";
echo ' | ';
if ($them['close']==0 && isset($user))
echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/cit' title='Цитировать $ank[nick]'>Цит</a>n";
echo ' | ';
if (isset($user) && $user['id']!=$ank['id'])echo "<a href="/mail.php?id=$ank[id]">Прив</a>n";
if ($ank['level'] < $user['level'])echo "<a href='/adm_panel/banf.php?f=$forum[id]&r=$razdel[id]&t=$them[id]&p=$post[id]&id=$ank[id]'>| Бан</a>n";
if ($post['red']==1)echo "<a href='/forum/$forum[id]/$razdel[id]/$them[id]/$post[id]/hist'>| Ист</a>n";
######################
echo "<div style='text-align:right;'>";
if ($post['rating'] < 0)echo "<font color='red'>";
if ($post['rating'] > 0)echo "<font color='#00FF00'>+";
echo "".$post['rating']." ";
if ($post['rating'] < 0)echo "</font>";
if ($post['rating'] > 0)echo "</font>";
echo "<a href='?page=$page&act=rating&plus=".htmlspecialchars($post['id'])."'><img src='/forum/thumbu.png' /></a> <a href='?page=$page&act=rating&minus=".htmlspecialchars($post['id'])."'><img src='/forum/thumbd.png' /></a>";
echo "</div>n";
######################
echo " </td>n";
echo " </tr>n";
}
echo "</table>n";
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){}
elseif ($k_page>1)str("/forum/$forum[id]/$razdel[id]/$them[id]/?",$k_page,$page); // Вывод страниц
if ((user_access('forum_post_ed') || isset($user) && $ank2['id']==$user['id']) && isset($_GET['act']) && $_GET['act']=='post_delete'){}
elseif (isset($user) && ($them['close']==0 || $them['close']==1 && user_access('forum_post_close')))
{
if ($user['set_files']==1)
echo "<form method='post' name='message' enctype='multipart/form-data' action='/forum/$forum[id]/$razdel[id]/$them[id]/new?$passgen'>n";
else
echo "<form method='post' name='message' action='/forum/$forum[id]/$razdel[id]/$them[id]/new?$passgen'>n";
if (isset($_POST['msg']) && isset($_POST['file_s']))$msg2=output_text($_POST['msg'],false,true,false,false,false); else $msg2=NULL;
if ($set['web'] && is_file(H.'style/themes/'.htmlspecialchars($set['set_them']).'/altername_post_form.php'))
include_once H.'style/themes/'.htmlspecialchars($set['set_them']).'/altername_post_form.php';
else
echo "Сообщение:<br />n<textarea name="msg">$msg2</textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
if ($user['set_files']==1){
if (isset($_SESSION['file']))
{
echo "Прикрепленные файлы:<br />n";
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]) && is_file($_SESSION['file'][$i]['tmp_name']))
{
echo "<img src='/style/themes/$set[set_them]/forum/14/file.png' alt='' />n";
echo $_SESSION['file'][$i]['name'].'.'.htmlspecialchars($_SESSION['file'][$i]['ras']).' (';
echo size_file($_SESSION['file'][$i]['size']);
echo ") <a href='/forum/$forum[id]/$razdel[id]/$them[id]/d_file$i' title='Удалить из списка'><img src='/style/themes/$set[set_them]/forum/14/del_file.png' alt='' /></a>n";
echo "<br />n";
}
}
}
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Прикрепить файл' type='submit' /><br />n";
}
echo "<input name='post' value='Отправить' type='submit' /><br />n";
echo "</form>n";
}
echo '<br/>*ccылкa нa тeмy<br/>'; echo "<input type='text' value='http://$_SERVER[SERVER_NAME]/forum/$forum[id]/$razdel[id]/$them[id]/' /><br />n"; echo "<img src='/forum/moder.gif' alt=''/>n"; echo "<a href="/forum/moder.php"><font color=blue>Модераторы</font color></a> n";
echo "<div class="foot">n";
echo "»<a href="/smiles.php">Смайлы</a><br />n";
echo "»<a href="/pomosh.php">Теги</a><br />n";
echo "»<a href="/rules.php">Правила</a><br />n";
echo "</div>n";
echo "<div class="foot">n";
echo "»<a href="txt">Скачать тему в txt</a><br />n";
echo "</div>n";
?>