Файл: pages/forum/index.php
Строк: 154
<?php
include '../../system/mysql.php';
include '../../system/sys_func.php';
switch (@$_GET['menu']) {
/*
==============================
Создание раздела
==============================
*/
case 'create':
$error = false;
$errort = '';
if (isset($_POST['create'])) {
$name = htmlspecialchars(mysql_real_escape_string($_POST['name']));
$opis = htmlspecialchars(mysql_real_escape_string($_POST['opis']));
if (strlen($name) < 1) {
$error = true;
$errort .= '<div class="err">Длина имени должна быть не менее 1-ого символа.</div>';
} elseif (strlen($name) > 64) {
$error = true;
$errort .= '<div class="err">Длина имени должна быть не более 64-х символов.</div>';
}
if (strlen($opis) > 150) {
$error = true;
$errort .= '<div class="err">Длина описания должна быть не более 150-и символов.</div>';
}
if (!$error) {
mysql_query("INSERT INTO `forum` (`name`, `opis`) values('$name', '$opis')");
header('Location: /pages/forum/');
exit;
}
}
$title = 'Форум/Создание раздела';
include '../../system/head.php';
echo '<div class="title"><a href="/pages/forum/">Форум</a> / Создание раздела</div>';
echo $errort;
if ($user['position'] == 'admin' || $user['position'] == 'mod_f') {
echo '<form method="post" name="message">
<b>Имя раздела</b>:<br><input type="text" name="name"">
<br><b>Описание раздела</b> (можно оставить пустым)<b>:</b><br><input type="text" name="opis">
<br><input value="Создать" type="submit" name="create" />
</form>
<a class="link" href="/pages/forum/"><img src="/design/imgs/arr_b.png" align="center"> Назад</a>';
include '../../system/foot.php';
} else {
echo '<div class="err">У вас недостаточно прав!</div>
<a class="link" href="/pages/forum/"><img src="/design/imgs/arr_b.png" align="center"> Назад</a>';
include '../../system/foot.php';
exit;
}
break;
/*
==============================
Мои темы
==============================
*/
case 'my_t':
$title = 'Форум / Мои темы';
include '../../system/head.php';
echo '<div class="title"><a href="/pages/forum/">Форум</a> / <a href="new_t.php">Новые темы</a> | Мои темы</div>';
$c_f = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_theme` WHERE `id_user` = '".$user['id']."' "), 0);
if (isset($user)) $p_page = $user['p_page'];
else $p_page = '10';
$k_page = k_page($c_f, $p_page);
$page = page($k_page);
$start = $p_page*$page-$p_page;
if ($c_f == 0) {
echo '<div class="post">
Нет ваших тем!
</div>';
}
$q = mysql_query("SELECT * FROM `f_theme` WHERE `id_user` = '".$user['id']."' ORDER BY `id` ASC LIMIT $start, ". $p_page);
while ($forum = mysql_fetch_assoc($q)) {
echo '<a class="link" href="/pages/forum/topic.php?id='.$forum['id'].'">
<img src="/design/imgs/report.png"> '. $forum['name'] .'';
echo '</a>';
}
if ($k_page > 1) str('?forum='. $forum['id'] .'&', $k_page, $page);
include '../../system/foot.php';
break;
default:
if (isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum` WHERE `id` = '". intval($_GET['del']) ."'"), 0) == 1) {
$forum = mysql_fetch_array(mysql_query("SELECT * FROM `forum` WHERE `id` = '". intval($_GET['del']) ."'"));
if ($user['position'] == 'admin' || $user['position'] == 'mod_f') {
if (isset($_POST['yes'])) {
mysql_query("DELETE FROM `forum` WHERE `id` = '". $forum['id'] ."'");
mysql_query("DELETE FROM `f_category` WHERE `forum_id` = '". $forum['id'] ."'");
mysql_query("DELETE FROM `f_theme` WHERE `forum_id` = '". $forum['id'] ."'");
mysql_query("DELETE FROM `f_post` WHERE `forum_id` = '". $forum['id'] ."'");
header('Location: /pages/forum/');
exit;
}
$title = 'Форум/Удаление раздела';
include '../../system/head.php';
echo '<div class="title"><a href="/pages/forum/">Форум</a> / Удаление раздела</div>
<form method="post">
Вы уверены что хотите удалить этот раздел со всеми темами?<br>
<input type="submit" name="yes" value="Да" /> <a href="category.php?id='. $forum['id'] .'">Нет</a>
</form>';
include '../../system/foot.php';
}
}
if (isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum` WHERE `id` = '". intval($_GET['edit']) ."'"),0) == 1) {
$forum = mysql_fetch_array(mysql_query("SELECT * FROM `forum` WHERE `id` = '". intval($_GET['edit']) ."'"));
if ($user['position'] == 'admin' || $user['position'] == 'mod_f') {
if (isset($_POST['change'])) {
$name = htmlspecialchars(mysql_real_escape_string($_POST['name']));
$opis = htmlspecialchars(mysql_real_escape_string($_POST['opis']));
mysql_query("UPDATE `forum` SET `name` = '$name', `opis` = '$opis' WHERE `id` = '". $forum['id'] ."'");
header('Location: /pages/forum/');
exit;
}
$title = 'Форум/Редактирование раздела';
include '../../system/head.php';
echo '<div class="title"><a href="/pages/forum/">Форум</a> / Редактирование раздела</div>';
echo '<form method="post" name="message">
<b>Имя раздела</b>:<br><input type="text" name="name" value="'. $forum['name'] .'">
<br><b>Описание раздела</b> (можно оставить пустым)<b>:</b><br><input type="text" name="opis" value="'. $forum['opis'] .'">
<br><input value="Изменить" type="submit" name="change" />
</form>
<a class="link" href="/pages/forum/?del='. $forum['id'] .'"><img src="/design/imgs/delete.png"> Удалить раздел</a>
<a class="link" href="category.php?id='. $forum['id'] .'"><img src="/design/imgs/arr_b.png" align="center"> Отмена</a>';
include '../../system/foot.php';
exit;
} else {
echo '<div class="err">У вас недостаточно прав!</div>
<a class="link" href="/pages/forum/"><img src="/design/imgs/arr_b.png" align="center"> Назад</a>';
include '../../system/foot.php';
exit;
}
}
$title = 'Форум';
include '../../system/head.php';
echo '<div class="title">Форум</div>';
echo '<div class="title">Разделы | <a href="new_t.php">Новые темы</a> | <a href="?menu=my_t">Мои темы</a></div>';
/*
==============================
Поиск по форуму
==============================
*/
if (isset($_POST['go'])) {
header('Location: ?search='. filter($_POST['search']));
}
if (isset($_GET['search'])) {
$search = filter($_GET['search']);
$c_d = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_theme` WHERE `name` like '%". $search ."%' OR `msg` like '%". $search ."%'"), 0);
if (isset($user)) $p_page = $user['p_page'];
else $p_page = '10';
$k_page = k_page($c_d, $p_page);
$page = page($k_page);
$start = $p_page*$page-$p_page;
echo '<form method="post">
<input style="width: 80%" type="text" value="'. $search .'" name="search">
<input type="submit" value="Поиск" name="go"><br>
</form>';
if ($c_d == 0) {
echo '<div class="post">
Поиск не дал результатов!
</div>';
}
$q = mysql_query("SELECT * FROM `f_theme` WHERE `name` like '%". $search ."%' OR `msg` like '%". $search ."%' AND `id_user` = '". $ank['id'] ."' ORDER BY `time` DESC LIMIT $start, ". $p_page);
while ($t_search = mysql_fetch_assoc($q)) {
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '". $t_search['id_user'] ."'"));
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_theme` WHERE `id` = '". $t_search['id'] ."'"), 0);
if (string($t_search['msg']) <= 200) $t_search_msg = $t_search['msg'];
else $t_search_msg = output(cut($t_search['msg'], 200)) .'...';
echo '<div class="post">
<span class="c_date">'. ptime($t_search['time']) .'</span>';
echo online($ank['id']);
echo ' <a href="/pages/users/user.php?name='. $ank['login'] .'">'. $ank['login'] .'</a> : <a href="topic.php?id='. $t_search['id'] .'"><b>'. $t_search['name'] .'</b></a><br>';
echo '<div>'. $t_search_msg .'</div>';
echo '<br><a href="topic.php?id='. $t_search['id'] .'">Обсудить</a> ('. $count .')';
echo '</div>';
}
if ($k_page > 1) str('?menu=t_search&id='. $ank['id'] .'&search='. $search .'&', $k_page, $page);
echo '<a class="link" href="index.php"><img src="/design/imgs/arr_b.png" align="center"> Назад</a>';
include H.'system/foot.php';
} else {
$search = filter($_GET['search']);
echo '<form method="post">
<input style="width: 80%" type="text" value="'. $search .'" name="search">
<input type="submit" value="Поиск" name="go"><br>
</form>';
}
$c_f = mysql_result(mysql_query("SELECT COUNT(*) FROM `forum`"), 0);
if (isset($user)) $p_page = $user['p_page'];
else $p_page = '10';
$k_page = k_page($c_f, $p_page);
$page = page($k_page);
$start = $p_page*$page-$p_page;
if ($c_f == 0) {
echo '<div class="post">
Нет разделов!
</div>';
}
$q = mysql_query("SELECT * FROM `forum` ORDER BY `id` ASC LIMIT $start, ". $p_page);
while ($forum = mysql_fetch_assoc($q)) {
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_theme` WHERE `forum_id` = '". $forum['id'] ."'"), 0);
$c_p = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_post` WHERE `forum_id` = '". $forum['id'] ."'"), 0);
$c_t = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_theme` WHERE `time` > '". (time()-86400) ."' AND `forum_id` = '". $forum['id'] ."'"), 0);
$c_c = mysql_result(mysql_query("SELECT COUNT(*) FROM `f_category` WHERE `forum_id` = '". $forum['id'] ."'"), 0);
if ($c_t == 0) $c_t = NULL;
else $c_t = '+'. $c_t;
echo '<a class="link" title="Постов: '. $c_p .'/Тем: '. $count .'/Категорий: '. $c_c .'" href="category.php?id='. $forum['id'] .'">
<img src="/design/imgs/forum_f.png"> '. $forum['name'] .' ('. $count .') <span class="new">'. $c_t .'</span>';
if ($forum['opis'] != NULL) echo '<hr>'. $forum['opis'];
echo '</a>';
}
if ($k_page > 1) str('?forum='. $forum['id'] .'&', $k_page, $page);
if ($user['position'] == 'admin' || $user['position'] == 'mod_f') echo '<a class="link" href="?menu=create"><img src="/design/imgs/add.png"> Создать раздел</a>';
include '../../system/foot.php';
break;
}
?>