Файл: public_html/modules/lessons/les.php
Строк: 245
<?
/**********************************
* @package: cssliga.ru *
* @year: 2013 *
* @author: AIIeJIbCiH4iK *
* @link: http://cssliga.ru *
* ------------------------------- */
if(isset($_GET['id']))
{
$inf = $db->query("SELECT * FROM `lessons_les` WHERE `id` = '". abs(intval($_GET['id'])) ."' LIMIT 1")->fetch();
$cat = $db->query("SELECT * FROM `lessons_cat` WHERE `id` = '".$inf['refid']."' LIMIT 1")->fetch();
} else {
echo '<div class="menu">Нету такого урока</div>';
require_once(SYS.'/view/footer.php');
exit;
}
if(isset($_GET['act']) && $_GET['act'] == 'add') {
if(!empty($_POST['text'])) {
$text = substr(input($_POST['text']), 0, 5000);
} else { $err = ''.$lang->word('chat_mess_n').''; }
if(isset($user)) { $userid = $user['id']; } else { $userid = '0'; }
$s = $db->query("SELECT * FROM `lessons_komm` WHERE `user_id` = '". $user['id'] ."' AND `time` > '". (time()-$system['spam']) ."'")->rowCount();
if ($s>0) {
header('location: /lessons/les?id='.$inf['id'].'&act=spam');
} else {
if(!isset($err)) {
$db->query("UPDATE `users` SET `balans` = '".($user['balans']+$system[balans_chat])."' WHERE `id` = '".$user['id'] . "'");
$db->query("INSERT INTO `lessons_komm` SET `text` = '$text', `refid` = '$inf[id]', `user_id` = '$userid', `time` = '". time() ."'");
if($db->query("SELECT * FROM `notify` WHERE `user_id` = '". $user['id'] ."' AND `type` = 'notify_lessons_reply' AND `request_id` = '".$inf['id']."'")->rowCount() == 0)
{
$db->query("INSERT INTO `notify` SET `user_id` = '".$inf['user']."', `from_id` ='". $user['id'] ."', `request_id` = '".$inf['id']."', `type` = 'notify_lessons_reply', `read` = '0', `time` = '". time() ."'");
// print_r($db->errorInfo());
$db->query("UPDATE `notify` SET `read` = '0', `time` = '". time() ."' WHERE `user_id` = '".$inf['user']."' AND `from_id` = '". $user['id'] ."' AND `type` = 'notify_lessons_reply' AND `request_id` = '".$inf['id']."'");
// print_r($db->errorInfo());
}
else
{
$db->query("UPDATE `notify` SET `from_id` = '". $user['id'] ."', `read` = '0', `time` = '". time() ."' WHERE `type` = 'notify_lessons_reply' AND `request_id` = '".$inf['id']."' AND `user_id` != '".$inf['user']."'");
// print_r($db->errorInfo());
}
header('location: /lessons/les?id='.$inf['id'].'');
exit;
} else {
$tpl->div('error', $err);
}
}
}
if(isset($_GET['act']) && $_GET['act'] == 'delete') {
$mini_chat_del = $db->query("SELECT * FROM `lessons_komm` WHERE `id` = '".$_GET['uid']."'")->fetch();
if(($_GET['uid'] != 0 || !empty($_GET['uid'])) && $user['level'] >= 5 || $user['level'] == 2 || $mini_chat_del['user_id'] == $user['id']) {
$db->query("DELETE FROM `lessons_komm` WHERE `id` = '". abs(intval($_GET['uid'])) ."'");
header('location: /lessons/les?id='.$inf['id'].'');
exit;
} else { $tpl->div('error', $lang->word('chat_not_g')); }
}
if(isset($_GET['act']) && $_GET['act'] == 'edit') {
if(isset($_POST['edit'])) {
if(!empty($_POST['text'])) {
$text = substr(input($_POST['text']), 0, 5000);
$db->query("UPDATE `lessons_komm` SET `text` = '". $text ."' WHERE `id` = '".abs(intval($_GET['uid']))."'");
}
header('location: /lessons/les?id='.$inf['id'].'');
exit;
}
}
// редактирование
if(isset($_GET['editfo']) && $user['id'] == $inf['user'] || isset($_GET['editfo']) && $user['level'] >= 5) {
$info = $db->query("SELECT * FROM `lessons_clas` WHERE `id` = '". abs(intval($_GET['editfo'])) ."' LIMIT 1")->fetch();
if(isset($_POST['save'])) {
$text = substr(input($_POST['text']), 0, 2000);
if (mb_strlen($text) < 3 || mb_strlen($text) > 2000) $err.= 'Недопустимая длина описания!';
if(isset($err)){$tpl->div('error', $err); }
else {
$db->query("UPDATE `lessons_clas` SET `text` = '".$text."' WHERE `id` = '".$info['id']."'");
header('location: les?id='.$inf['id'].'');
}
}
}
$title = $inf['name'];
$locate = 'in_portfolio';
require_once(SYS.'/view/header.php');
$tpl->div('title', ''. $inf['name'].''.($user['id'] == $inf['user'] || $user['level'] >= 5 ? '<span style="float:right">( <a href="les?delles&id='.$inf['id'].'">'.img('delete_11.png').'</a> | <a href="les?editfoss&id='.$inf['id'].'">'.img('edit_11.png').'</a> )</span>' : NULL).'');
// редактировать урок
if(isset($_GET['editfoss']) && $user['id'] == $inf['user'] || isset($_GET['editfoss']) && $user['level'] >= 5) {
if(isset($_POST['save'])) {
$name = substr(input($_POST['name']), 0, 200);
if (mb_strlen($name) < 3 || mb_strlen($name) > 200) $err.= 'Недопустимая длина названия!';
if(isset($err)){$tpl->div('error', $err); }
else {
$db->query("UPDATE `lessons_les` SET `name` = '".$name."' WHERE `id` = '".$inf['id']."'");
$tpl->div('menu', 'Изменения приняты <br /><a href="/lessons"> Продолжить</a>');
require_once(SYS.'/view/footer.php');
exit();
}
}
echo '<div class="post">
<form action="les?id='.$inf['id'].'&editfoss" method="post">
<u>Название</u>: <br/>
<input type="text" name="name" value="'. $inf['name'] .'" /><br/>
<input name="save" type="submit" value="Сохранить" />
</form></div>
';
}
// удаление урока
if(isset($_GET['delles']) && $user['id'] == $inf['user'] || isset($_GET['delles']) && $user['level'] >= 5) {
echo '<div class="menu"> Вы уверены ? <br /> <a href="les?id='.$inf['id'].'&les">Да</a> | <a href="les?id='.$inf['id'].'">Нет</a> </div>';
}
if(isset($_GET['les']) && $user['id'] == $inf['user'] || isset($_GET['les']) && $user['level'] >= 5) {
$user5 = $db->query("SELECT * FROM `users` WHERE `id` = '".$inf['user']."'")->fetch();
$db->query("DELETE FROM `lessons_clas` WHERE `ref` = '".$inf['id']."'");
$db->query("DELETE FROM `lessons_les` WHERE `id` = '".$inf['id']."'");
$db->query("UPDATE `users` SET `rub` = '".($user5['rub']-0.30)."' WHERE `id` = '".$user5['id'] . "'");
$foldel = $db->query("SELECT * FROM `lessons_clas` WHERE `ref` = '".$inf['id']."' ORDER BY `id` DESC");
while($fodel = $foldel->fetch())
{
unlink(ROOT.'/files/lessons/'.$cat['folder'].'/'.$fodel['url']);
}
$tpl->div('menu', 'Урок удален <br /><a href="cat?id='.$cat['id'].'"> Продолжить</a>');
require_once(SYS.'/view/footer.php');
exit;
}
// удаление части
if(isset($_GET['del']) && $user['id'] == $inf['user'] || isset($_GET['del']) && $user['level'] >= 5) {
echo '<div class="menu"> Вы уверены ? <br /> <a href="les?id='.$inf['id'].'&ok='.abs(intval($_GET['del'])).'">Да</a> | <a href="les?id='.$inf['id'].'">Нет</a> </div>';
}
if(isset($_GET['ok']) && $user['id'] == $inf['user'] || isset($_GET['ok']) && $user['level'] >= 5) {
$fold_del = $db->query("SELECT * FROM `lessons_clas` WHERE `id` = '".abs(intval($_GET['ok']))."'")->fetch();
$db->query("DELETE FROM `lessons_clas` WHERE `id` = '".$fold_del['id']."'");
unlink(ROOT.'/files/lessons/'.$cat['folder'].'/'.$fold_del['url']);
$tpl->div('menu', 'Часть удалена <br /><a href="les?id='.$inf['id'].'"> Продолжить</a>');
require_once(SYS.'/view/footer.php');
exit;
}
// редактирование
if(isset($_GET['editfo']) && $user['id'] == $inf['user'] || isset($_GET['editfo']) && $user['level'] >= 5) {
echo '<div class="post">
<form action="les?id='.$inf['id'].'&editfo='.$info['id'].'" method="post">
<u>Информация</u>: <br/>
<textarea name="text">'. $info['text'] .'</textarea><br/>
<input name="save" type="submit" value="Сохранить" />
</form></div>
';
}
$folder = $db->query("SELECT * FROM `lessons_clas` WHERE `ref` = '".$inf['id']."' ORDER BY `id`");
while($fo = $folder->fetch())
{
$c = $i+++1;
echo '<div class="post"><b> Шаг '. $c .' </b>
'.($user['id'] == $inf['user'] || $user['level'] >= 5 ? '<span style="float:right">( <a href="les?del='.$fo['id'].'&id='.$inf['id'].'">'.img('delete_11.png').'</a> | <a href="les?editfo='.$fo['id'].'&id='.$inf['id'].'">'.img('edit_11.png').'</a> )</span>' : NULL).'
<br />'.output($fo['text']).'<br />';
echo '<a href="/files/lessons/'.$cat['folder'].'/'. $fo['url'] .'"><img src="/files/lessons/'.$cat['folder'].'/'. $fo['url'] .'" alt="" width="200" /></a>';
echo '</div>';
}
echo '<div class="menu">Добавил: '.nick($inf['user']).'<br /> Добавлено: '.rtime($inf['time']).'</div>';
$tpl->div('title', 'Комментарии');
if(isset($_GET['act']) && $_GET['act'] == 'edit') {
$mini_chat_ed = $db->query("SELECT * FROM `lessons_komm` WHERE `id` = '".$_GET['uid']."'")->fetch();
if(($_GET['uid'] != 0 || !empty($_GET['uid'])) && $user['level'] >= 5 || $user['level'] == 2 || $mini_chat_ed['user_id'] == $user['id']) {
$tpl->div('title', $lang->word('edit_post'));
echo '<form action="/lessons/les?id='.$inf['id'].'&act=edit&uid='.$_GET['uid'].'" method="post">
<div class="menu">
<b>'. $lang->word('message') .'</b>:<br/>
<textarea name="text">'.$mini_chat_ed['text'].'</textarea><br/>
<input name="edit" type="submit" value="'. $lang->word('edit') .'" /><br/>
</div>
</form>';
$tpl->div('block', NAV .'<a href="/lessons/les?id='.$inf['id'].'">К уроку</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
require_once(SYS.'/view/footer.php');
exit;
} else { $tpl->div('error', $lang->word('chat_not_g')); }
}
if(isset($_GET['act']) && $_GET['act'] == 'spam') {
$tpl->div('block', $lang->word('spam') .' <b>'.$system['spam'].'</b> '.$lang->word('sec'));
}
echo '<div class="menu">'.$lang->word('chat_write_mess').':<br/> ';
require_once(SYS.'/inc/bb.php');
echo '
<form action="/lessons/les?act=add&id='.$inf['id'].'" method="post">
<textarea name="text" id="view_bar">'.(isset($_GET['reply']) ? '[b]'.tnick(abs(intval($_GET['reply']))).'[/b], ' : NULL).'</textarea><br/>
[ <a href="/pages/smiles.php">'. $lang->word('smiles') .'</a> | <a href="/pages/tags.php">'. $lang->word('tags') .'</a> ]<br/><input type="submit" value="'. $lang->word('chat_mess_send') .'" /> <a href="/lessons/les?id='.$inf['id'].'" title="'. $lang->word('update') .'">'.img('refresh.png').'</a>
</form>
</div>';
$lessons_komm = $db->query("SELECT * FROM `lessons_komm` WHERE `refid` = '".$inf['id']."'")->rowCount();
$pages = new Paginator($lessons_komm, $ames);
if($lessons_komm == 0) {
$tpl->div('menu', $lang->word('chat_not_mess'));
} else {
$komm = $db->query("SELECT * FROM `lessons_komm` WHERE `refid` = '".$inf['id']."' ORDER BY `time` DESC LIMIT $start, $ames");
while($km = $komm->fetch()) {
$tpl->div('post', nick($km['user_id']) .' ('. rtime($km['time']) .') <span style="float:right">'.($km['user_id'] != $user['id'] ? ' <a href="/lessons/les?id='.$inf['id'].'&reply='.$km['user_id'].'" title="'. $lang->word('reply') .'">'. img('reply_11.png').'</a> ':NULL) .' '.($user['level'] >= 5 || $user['level'] == 2 || $km['user_id'] == $user['id'] ? ' <a href="/lessons/les?id='.$inf['id'].'&act=delete&uid='.$km['id'].'" title="'. $lang->word('delete') .'">'. img('delete_11.png').'</a> <a href="/lessons/les?id='.$inf['id'].'&act=edit&uid='.$km['id'].'" title="'. $lang->word('edit') .'">'. img('edit_11.png').' </a>' : NULL).'</span><br/>
'.output($km['text']));
}
$pages->view('/lessons/les?id='.$inf['id'].'&');
}
// Комментарии
$tpl->div('block', '<a href="cat?id='.$inf['refid'].'">В папку</a> | <a href="/lessons/">К категориям</a>');
$tpl->div('block', HICO .'<a href="/">'. $lang->word('home') .'</a>');
require_once(SYS.'/view/footer.php');
?>