=7){ $order = ''; }else{ $order = ' AND `hide` = 0'; } /* Бан пользователя */ if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `razdel` = 'forum' AND `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0' OR `navsegda` = '1')"), 0)!=0) { header('Location: /ban.php?'.SID);exit; } if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE".((!isset($user) || !user_access('forum_post_ed'))?" `adm` = '0' AND":null)." `id` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_them']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_post']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id` = '".my_esc($_GET['id_post'])."' AND `id_them` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' $order"),0)==1 ) { $forum=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $razdel=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $them=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_t` WHERE `id` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $post=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id` = '".my_esc($_GET['id_post'])."' AND `id_them` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' $order AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $post2=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_p` WHERE `id_them` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' $order AND `id_forum` = '".my_esc($_GET['id_forum'])."' ORDER BY `id` DESC LIMIT 1")); if (isset($user)){ $ank=get_user($post['id_user']); if (isset($_GET['act']) && $_GET['act']=='edit' && isset($_POST['msg']) && isset($_POST['post']) && // редактирование поста ( (user_access('forum_post_ed')) // права группы на редактирование || (isset($user) && $user['id']==$post['id_user'] && $post['time']>time()-1200 && $post['id_user']==$post2['id_user']) // право на редактирование своего поста, если он поседний в теме ) ) { $msg=my_esc($_POST['msg']); include H.'/activday/size.php'; if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg); if (strlen2($msg)<2)$err[]='Короткое сообщение'; if (strlen2($msg)>1024)$err[]='Длина сообщения превышает предел в 1024 символа'; $mat=antimat($msg); if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat; if (!isset($err)){ include H.'/activday/avto_ban.php'; mysql_query("UPDATE `forum_p` SET `msg` = '".$msg."' WHERE `id` = '$post[id]' $order LIMIT 1"); $_SESSION['message'] = 'Пост был изменён!'; header('location:/forum/'.$forum['id'].'/'.$razdel['id'].'/'.$them['id'].'/?page='.$pages_n); exit; }} elseif (isset($_GET['act']) && $_GET['act']=='edit' && (user_access('forum_post_ed') && ($ank['level']<$user['level'] || $ank['level']==$user['level'] && $ank['id']==$user['id']) || isset($user) && $post['id']==$post2['id'] && $post['id_user']==$user['id'] && $post['time']>$time-1200)){ $set['title']='Форум - редактирование поста'; // заголовок страницы include '../sys/inc/thead.php'; title(); aut(); echo "
\n"; $insert = output_text($post['msg'],false,false,true,false,false,false,false); echo 'Информация:
'; if (is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php')) { include H.'style/themes/'.$set['set_them'].'/altername_post_form.php'; } echo "
\n"; echo "
\n"; echo "
\n"; echo "* В тему
\n"; echo "* " . text($razdel['name']) . "
\n"; echo "* " . text($forum['name']) . "
\n"; echo "* Форум
\n"; echo "
\n"; include '../sys/inc/tfoot.php'; } elseif (isset($_GET['act']) && $_GET['act']=='delete' && isset($user) && $them['close']==0 && ((user_access('forum_post_ed') && ($ank['level']<=$user['level'] || $ank['level']==$user['level'] && $ank['id']==$user['id'])) || $post['id']==$post2['id'] && $post['id_user']==$user['id'] && $post['time']>time()-1200)){ mysql_query("DELETE FROM `forum_p` WHERE `id` = '".my_esc($_GET['id_post'])."' $order AND `id_them` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1"); } elseif (isset($_GET['act']) && $_GET['act']=='msg' && $them['close']==0 && isset($user)){ $ank=get_user($post['id_user']); $set['title']='Форум - '.text($them['name']); // заголовок страницы include '../sys/inc/thead.php'; title(); aut(); echo "
\n"; echo "Посмотреть анкету
\n"; $msg2=$ank['nick'].', '; if (is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php')) include H.'style/themes/'.$set['set_them'].'/altername_post_form.php'; else echo "Сообщение:
\n
\n"; echo "
\n"; echo "
\n"; echo "
\n"; echo "* Смайлы
\n"; echo "* Правила форума
"; echo "
\n"; echo "
\n"; echo "* В тему
\n"; echo "* " . text($razdel['name']) . "
\n"; echo "* " . text($forum['name']) . "
\n"; echo "* Форум
\n"; echo "
\n"; include '../sys/inc/tfoot.php'; } elseif (isset($_GET['act']) && $_GET['act']=='cit' && $them['close']==0 && isset($user)){ //$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1")); $ank=get_user($post['id_user']); $set['title']='Форум - '.text($them['name']); // заголовок страницы include '../sys/inc/thead.php'; title(); aut(); echo "
Будет процитировано сообщение:
\n"; $c = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_files` WHERE `id_post` = '$post[id]'")); $a22=mysql_query("SELECT * FROM `forum_files` WHERE `id_post` = '$post[id]'"); if($c){ while ($files_avi22 = mysql_fetch_assoc($a22)) { $format22 ='[url=/download_forum/'.$files_avi22['id'].'.'.$files_avi22['ras'].']'.$files_avi22['id'].'.'.$files_avi22['ras'].'[/url]'; $nawww22 = $format22.'[br]'.$post['msg']; } }else{ $nawww22 = $post['msg']; } echo "
\n"; echo output_text($nawww22)."
\n"; echo "
\n"; echo "
\n"; echo ""; $msg2=$ank['nick'].', '; if (is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php')) include H.'style/themes/'.$set['set_them'].'/altername_post_form.php'; else echo "Сообщение:
\n
\n"; echo "
\n"; echo "
\n"; echo "
\n"; echo "* В тему
\n"; echo "* " . text($razdel['name']) . "
\n"; echo "* " . text($forum['name']) . "
\n"; echo "* Форум
\n"; echo "
\n"; include '../sys/inc/tfoot.php'; } } } if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE".((!isset($user) || !user_access('forum_post_ed'))?" `adm` = '0' AND":null)." `id` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_them']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."'"),0)==1 ) { $forum=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $razdel=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $them=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_t` WHERE `id` = '".my_esc($_GET['id_them'])."' AND `id_razdel` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); /* =============================== Помечаем уведомление прочитанным =============================== */ mysql_query("UPDATE `notification` SET `read` = '1' WHERE `id_object` = '$them[id]' AND `type` = 'them_komm' AND `id_user` = '$user[id]'"); /*------------очищаем счетчик этого обсуждения-------------*/ if (isset($user)){ mysql_query("UPDATE `discussions` SET `count` = '0' WHERE `id_user` = '$user[id]' AND `type` = 'them' AND `id_sim` = '$them[id]' LIMIT 1"); } /*---------------------------------------------------------*/ $set['title']='Форум - '.text($them['name']); // заголовок страницы include '../sys/inc/thead.php'; title(); $ank2=get_user($them['id_user']); include 'inc/set_them_act.php'; include 'inc/them.php'; include 'inc/set_them_form.php'; echo "
\n"; echo "* Форум | " . text($forum['name']) . " | " . text($razdel['name']) . "
\n"; echo "
\n"; include '../sys/inc/tfoot.php'; } if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE".((!isset($user) || !user_access('forum_post_ed'))?" `adm` = '0' AND":null)." `id` = '".my_esc($_GET['id_forum'])."'"),0)==1 && isset($_GET['id_razdel']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."'"),0)==1) { $forum=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $razdel=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_r` WHERE `id` = '".my_esc($_GET['id_razdel'])."' AND `id_forum` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); if (isset($user) && isset($_GET['act']) && $_GET['act']=='new' && (!isset($_SESSION['time_c_t_forum']) || $_SESSION['time_c_t_forum']<$time-1200 || $user['level']>0)) include 'inc/new_t.php'; // создание новой темы else { $set['title']='Форум - '.text($razdel['name']); // заголовок страницы include '../sys/inc/thead.php'; title(); if (user_access('forum_razd_edit'))include 'inc/set_razdel_act.php'; include 'inc/razdel.php'; if (user_access('forum_razd_edit'))include 'inc/set_razdel_form.php'; echo "
\n"; echo "* " . text($forum['name']) . "
\n"; echo "* Форум
\n"; echo "
\n"; } include '../sys/inc/tfoot.php'; } if (isset($_GET['id_forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f` WHERE".((!isset($user) || !user_access('forum_post_ed'))?" `adm` = '0' AND":null)." `id` = '".my_esc($_GET['id_forum'])."'"),0)==1) { $forum=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_f` WHERE `id` = '".my_esc($_GET['id_forum'])."' LIMIT 1")); $set['title']='Форум - '.text($forum['name']); // заголовок страницы include '../sys/inc/thead.php'; title(); include 'inc/set_forum_act.php'; // действия над подфорумом include 'inc/forum.php'; // содержимое include 'inc/set_forum_form.php'; // формы действий над подфорумом echo "
\n"; echo "* Форум
\n"; echo "
\n"; include '../sys/inc/tfoot.php'; } $set['title']='Форум'; // заголовок страницы include '../sys/inc/thead.php'; title(); if (user_access('forum_for_create') && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='new' && isset($_POST['name']) && isset($_POST['opis']) && isset($_POST['pos'])) { $name=my_esc($_POST['name']); if (strlen2($name)<3)$err='Слишком короткое название'; if (strlen2($name)>32)$err='Слишком днинное название'; $opis=my_esc($_POST['opis']); if (strlen2($opis)>512)$err='Слишком длинное описание'; if (!isset($_POST['icon']) || $_POST['icon']==null) $icons='default'; else $icons=preg_replace('#[^a-z0-9 _\-\.]#i', null, $_POST['icon']); $pos=my_esc($_POST['pos']); if (!isset($err)){ admin_log('Форум','Подфорумы',"Создание подфорума '$name'"); mysql_query("INSERT INTO `forum_f` (`opis`, `name`, `pos`, `icon`) values('$opis', '$name', '$pos', '$icons')"); msg('Подфорум успешно создан'); } } err(); aut(); // форма авторизации echo "
\n"; echo " Новые: • темы | \n"; echo "• комментарии
\n"; if (isset($user)){ echo " Мои: • темы | \n"; echo " • закладки | • посты
"; } echo " Поиск по форуму
\n"; echo "
\n"; echo "\n"; if(!user_access('forum_post_ed')){ $p = " WHERE `adm`='0'"; }else{ $p =null; } $q=mysql_query("SELECT * FROM `forum_f` $p ORDER BY `pos` ASC"); if (mysql_num_rows($q)==0) { echo "
\n"; echo "Нет подфорумов\n"; echo "
\n"; } while ($forum = mysql_fetch_assoc($q)) { /*-----------зебра-----------*/ if ($num==0){ echo "
\n"; $num=1; } elseif ($num==1) { echo "
\n"; $num=0; } /*---------------------------*/ if($forum['adm']==1){ $k = '(Скрытый)'; }else{ $k = null; } echo "* "; echo "" . output_text($forum['name']) . " (".mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_p` WHERE `id_forum` = '$forum[id]' $order"),0).'/'.mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_t` WHERE `id_forum` = '$forum[id]'"),0).") ".$k." \n"; if ($forum['opis']!=NULL)echo '
'.output_text($forum['opis']); echo "
\n"; } echo "
\n"; echo "
"; echo " * Правила форума
Кто в форуме?
Модераторы"; echo "
"; if (user_access('forum_for_create') && (isset($_GET['act']) && $_GET['act']=='new' || mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f`"),0)==0)) { echo "
\n"; echo "Название подфорума:
\n"; echo "
\n"; echo "Описание:
\n"; echo "
\n"; echo "Позиция:
\n"; $pos=mysql_result(mysql_query("SELECT MAX(`pos`) FROM `forum_f`"), 0)+1; echo "
\n"; $icon=array(); $opendiricon=opendir(H.'style/forum'); while ($icons=readdir($opendiricon)) { if (preg_match('#^\.|default.png#',$icons))continue; $icon[]=$icons; } closedir($opendiricon); echo "Иконка:
\n"; echo "
\n"; if ($user['group_access'] >= 8) { if ($forum['adm']==1)$check=' checked="checked"'; else $check=NULL; echo "
\n"; } echo "
\n"; echo "* Отмена
\n"; echo "
\n"; } if (user_access('forum_for_create') && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_f`"),0)>0){ echo "
\n"; echo "* Новый подфорум
\n"; echo "
\n"; } include '../sys/inc/tfoot.php'; ?>