PageRenderTime 49ms CodeModel.GetById 13ms RepoModel.GetById 1ms app.codeStats 0ms

/Quản lý website đọc truyện online PHP/soo/includes/nt.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 204 lines | 174 code | 6 blank | 24 comment | 42 complexity | e216e0e950c9877cafd6806f3f31632c MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4. WMR: R118530587041
    5. 

  5. ICQ: 365848916
    6. 

  6. Автор: VladiSs
    7. 

  7. Сайт: http://wapnex.ru
    8. 

  8. */
    9. 

  9. 

  10. defined('_IN_JOHNCMS') or die('Error: restricted access');
    11. 

  11. 

  12. /*
    13. 

  13. -----------------------------------------------------------------
    14. 

  14. Закрываем доступ для определенных ситуаций
    15. 

  15. -----------------------------------------------------------------
    16. 

  16. */
    17. 

  17. if (!$id || !$user_id || isset($ban['1']) || isset($ban['11']) || (!core::$user_rights && $set['mod_forum'] == 3)) {
    18. 

  18.     require('../incfiles/head.php');
    19. 

  19.     echo functions::display_error($lng['access_forbidden']);
    20. 

  20.     require('../incfiles/end.php');
    21. 

  21.     exit;
    22. 

  22. }
    23. 

  23. 

  24. /*
    25. 

  25. -----------------------------------------------------------------
    26. 

  26. Вспомогательная Функция обработки ссылок форума
    27. 

  27. -----------------------------------------------------------------
    28. 

  28. */
    29. 

  29. function forum_link($m)
    30. 

  30. {
    31. 

  31.     global $set;
    32. 

  32.     if (!isset($m[3])) {
    33. 

  33.         return '[url=' . $m[1] . ']' . $m[2] . '[/url]';
    34. 

  34.     } else {
    35. 

  35.         $p = parse_url($m[3]);
    36. 

  36.         if ('http://' . $p['host'] . $p['path'] . '?id=' == $set['homeurl'] . '../soo/?mod=forum&amp;id=') {
    37. 

  37.             $thid = abs(intval(preg_replace('/(.*?)id=/si', '', $m[3])));
    38. 

  38.             $req = mysql_query("SELECT `text` FROM `soo_forum` where `website` = '$website' AND  `id`= '$thid' AND `type` = 't' AND `close` != '1'");
    39. 

  39.             if (mysql_num_rows($req) > 0) {
    40. 

  40.                 $res = mysql_fetch_array($req);
    41. 

  41.                 $name = strtr($res['text'], array(
    42. 

  42.                                                  '&quot;' => '',
    43. 

  43.                                                  '&amp;' => '',
    44. 

  44.                                                  '&lt;' => '',
    45. 

  45.                                                  '&gt;' => '',
    46. 

  46.                                                  '&#039;' => '',
    47. 

  47.                                                  '[' => '',
    48. 

  48.                                                  ']' => ''
    49. 

  49.                                             ));
    50. 

  50.                 if (mb_strlen($name) > 40)
    51. 

  51.                     $name = mb_substr($name, 0, 40) . '...';
    52. 

  52.                 return '[url=' . $m[3] . ']' . $name . '[/url]';
    53. 

  53.             } else {
    54. 

  54.                 return $m[3];
    55. 

  55.             }
    56. 

  56.         } else
    57. 

  57.             return $m[3];
    58. 

  58.     }
    59. 

  59. }
    60. 

  60. 

  61. // Проверка на флуд
    62. 

  62. $flood = functions::antiflood();
    63. 

  63. if ($flood) {
    64. 

  64.     require('../incfiles/head.php');
    65. 

  65.     echo functions::display_error($lng['error_flood'] . ' ' . $flood . $lng['sec'] . ', <a href="../soo/?mod=forum&amp;id=' . $id . '&amp;start=' . $start . '">' . $lng['back'] . '</a>');
    66. 

  66.     require('../incfiles/end.php');
    67. 

  67.     exit;
    68. 

  68. }
    69. 

  69. $req_r = mysql_query("SELECT * FROM `soo_forum` where `website` = '$website' AND  `id` = '$id' AND `type` = 'r' LIMIT 1");
    70. 

  70. if (!mysql_num_rows($req_r)) {
    71. 

  71.     require('../incfiles/head.php');
    72. 

  72.     echo functions::display_error($lng['error_wrong_data']);
    73. 

  73.     require('../incfiles/end.php');
    74. 

  74.     exit;
    75. 

  75. }
    76. 

  76. $th = isset($_POST['th']) ? functions::check(mb_substr(trim($_POST['th']), 0, 100)) : '';
    77. 

  77. $msg = isset($_POST['msg']) ? trim($_POST['msg']) : '';
    78. 

  78. if (isset($_POST['msgtrans'])) {
    79. 

  79.     $th = functions::trans($th);
    80. 

  80.     $msg = functions::trans($msg);
    81. 

  81. }
    82. 

  82. $msg = preg_replace_callback('~\\[url=(http://.+?)\\](.+?)\\[/url\\]|(http://(www.)?[0-9a-zA-Z\.-]+\.[0-9a-zA-Z]{2,6}[0-9a-zA-Z/\?\.\~&amp;_=/%-:#]*)~', 'forum_link', $msg);
    83. 

  83. if (isset($_POST['submit'])) {
    84. 

  84.     $error = array();
    85. 

  85.     if (empty($th))
    86. 

  86.         $error[] = $lng_forum['error_topic_name'];
    87. 

  87.     if (mb_strlen($th) < 2)
    88. 

  88.         $error[] = $lng_forum['error_topic_name_lenght'];
    89. 

  89.     if (empty($msg))
    90. 

  90.         $error[] = $lng['error_empty_message'];
    91. 

  91.     if (mb_strlen($msg) < 4)
    92. 

  92.         $error[] = $lng['error_message_short'];
    93. 

  93.     if (!$error) {
    94. 

  94.         $msg = preg_replace_callback('~\\[url=(http://.+?)\\](.+?)\\[/url\\]|(http://(www.)?[0-9a-zA-Z\.-]+\.[0-9a-zA-Z]{2,6}[0-9a-zA-Z/\?\.\~&amp;_=/%-:#]*)~', 'forum_link', $msg);
    95. 

  95.         // Прверяем, есть ли уже такая тема в текущем разделе?
    96. 

  96.         if (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forum` where `website` = '$website' AND  `type` = 't' AND `refid` = '$id' AND `text` = '$th'"), 0) > 0)
    97. 

  97.             $error[] = $lng_forum['error_topic_exists'];
    98. 

  98.         // Проверяем, не повторяется ли сообщение?
    99. 

  99.         $req = mysql_query("SELECT * FROM `soo_forum` where `website` = '$website' AND  `user_id` = '$user_id' AND `type` = 'm' ORDER BY `time` DESC");
    100. 

  100.         if (mysql_num_rows($req) > 0) {
    101. 

  101.             $res = mysql_fetch_array($req);
    102. 

  102.             if ($msg == $res['text'])
    103. 

  103.                 $error[] = $lng['error_message_exists'];
    104. 

  104.         }
    105. 

  105.     }
    106. 

  106.     if (!$error) {
    107. 

  107.         // Добавляем тему
    108. 

  108.         mysql_query("INSERT INTO `soo_forum` SET
    109. 

  109.             `refid` = '$id',
    110. 

  110.             `type` = 't',
    111. 

  111.             `time` = '" . time() . "',
    112. 

  112.             `user_id` = '$user_id',
    113. 

  113.             `from` = '$login',
    114. 

  114.             `text` = '$th',
    115. 

  115.             `sid` = '$sid',
    116. 

  116. 					`website` = '$website'
    117. 

  117.         ");
    118. 

  118.         $rid = mysql_insert_id();
    119. 

  119.         // Добавляем текст поста
    120. 

  120.         mysql_query("INSERT INTO `soo_forum` SET
    121. 

  121.             `refid` = '$rid',
    122. 

  122.             `type` = 'm',
    123. 

  123.             `time` = '" . time() . "',
    124. 

  124.             `user_id` = '$user_id',
    125. 

  125.             `from` = '$login',
    126. 

  126.             `ip` = '" . core::$ip . "',
    127. 

  127.             `ip_via_proxy` = '" . core::$ip_via_proxy . "',
    128. 

  128.             `soft` = '" . mysql_real_escape_string($agn) . "',
    129. 

  129.             `text` = '" . mysql_real_escape_string($msg) . "',
    130. 

  130.             `sid` = '$sid',
    131. 

  131. 					`website` = '$website'
    132. 

  132.         ");
    133. 

  133.         $postid = mysql_insert_id();
    134. 

  134.         // Записываем счетчик постов юзера
    135. 

  135.         $fpst = $datauser['postforum'] + 1;
    136. 

  136.         mysql_query("UPDATE `users` SET
    137. 

  137.             `postforum` = '$fpst',
    138. 

  138.             `lastpost` = '" . time() . "'
    139. 

  139.             where `website` = '$website' AND  `id` = '$user_id'
    140. 

  140.         ");
    141. 

  141.         // Ставим метку о прочтении
    142. 

  142.         mysql_query("INSERT INTO `soo_forum_rdm` SET
    143. 

  143.             `topic_id`='$rid',
    144. 

  144.             `user_id`='$user_id',
    145. 

  145.             `time`='" . time() . "',
    146. 

  146. 					`website` = '$website'
    147. 

  147.         ");
    148. 

  148.         if ($_POST['addfiles'] == 1)
    149. 

  149.             header("Location: ../soo/?mod=forum&sid=$sid&id=$postid&act=addfile");
    150. 

  150.         else
    151. 

  151.             header("Location: ../soo/?mod=forum&sid=$sid&id=$rid");
    152. 

  152.     } else {
    153. 

  153.         // Выводим сообщение об ошибке
    154. 

  154.         require('../incfiles/head.php');
    155. 

  155.         echo functions::display_error($error, '<a href="../soo/?mod=forum&amp;act=nt&amp;sid='. $sid .'&amp;id=' . $id . '">' . $lng['repeat'] . '</a>');
    156. 

  156.         require('../incfiles/end.php');
    157. 

  157.         exit;
    158. 

  158.     }
    159. 

  159. } else {
    160. 

  160.     $res_r = mysql_fetch_assoc($req_r);
    161. 

  161.     $req_c = mysql_query("SELECT * FROM `soo_forum` where `website` = '$website' AND  `id` = '" . $res_r['refid'] . "'");
    162. 

  162.     $res_c = mysql_fetch_assoc($req_c);
    163. 

  163.     require('../incfiles/head.php');
    164. 

  164.     if ($datauser['postforum'] == 0) {
    165. 

  165.         if (!isset($_GET['yes'])) {
    166. 

  166.             $lng_faq = core::load_lng('faq');
    167. 

  167.             echo '<p>' . $lng_faq['forum_rules_text'] . '</p>';
    168. 

  168.             echo '<p><a href="../soo/?mod=forum&amp;act=nt&amp;sid='. $sid .'&amp;id=' . $id . '&amp;yes">' . $lng_forum['agree'] . '</a> | <a href="../soo/?mod=forum&amp;id=' . $id . '">' . $lng_forum['not_agree'] . '</a></p>';
    169. 

  169.             require('../incfiles/end.php');
    170. 

  170.             exit;
    171. 

  171.         }
    172. 

  172.     }
    173. 

  173.     $msg_pre = functions::checkout($msg, 1, 1);
    174. 

  174.     if ($set_user['smileys'])
    175. 

  175.         $msg_pre = functions::smileys($msg_pre, $datauser['rights'] ? 1 : 0);
    176. 

  176.     $msg_pre = preg_replace('#\[c\](.*?)\[/c\]#si', '<div class="quote">\1</div>', $msg_pre);
    177. 

  177.     echo '<div class="phdr"><a href="../soo/?act=soo&amp;id=' . $sid . '"><b>Сообщество </b></a> | ' . $lng_forum['new_topic'] . '</div>';
    178. 

  178.     if ($msg && $th && !isset($_POST['submit']))
    179. 

  179.         echo '<div class="list1"><img src="http://img.infoviet.net/theme/default/images/op.gif" border="0" alt="op" /> <span style="font-weight: bold">' . $th . '</span></div>' .
    180. 

  180.              '<div class="list2">' . functions::display_user($datauser, array('iphide' => 1, 'header' => '<span class="gray">(' . functions::display_date(time()) . ')</span>', 'body' => $msg_pre)) . '</div>';
    181. 

  181.     echo '<form name="form" action="../soo/?mod=forum&amp;act=nt&amp;sid='. $sid .'&amp;id=' . $id . '" method="post">' .
    182. 

  182.          '<div class="gmenu">' .
    183. 

  183.          '<p><h3>' . $lng['section'] . '</h3>' .
    184. 

  184.          '<a href="../soo/?mod=forum&amp;sid='. $sid .'&amp;id=' . $res_c['id'] . '">' . $res_c['text'] . '</a> | <a href="../soo/?mod=forum&amp;sid='. $sid .'&amp;id=' . $res_r['id'] . '">' . $res_r['text'] . '</a></p>' .
    185. 

  185.          '<p><h3>' . $lng_forum['new_topic_name'] . '</h3>' .
    186. 

  186.          '<input type="text" size="20" maxlength="100" name="th" value="' . $th . '"/></p>' .
    187. 

  187.          '<p><h3>' . $lng_forum['post'] . '</h3>';
    188. 

  188.     if (!$is_mobile)
    189. 

  189.         echo '</p><p>' . bbcode::auto_bb('form', 'msg');
    190. 

  190.     echo '<textarea rows="' . $set_user['field_h'] . '" name="msg">' . (isset($_POST['msg']) ? functions::checkout($_POST['msg']) : '') . '</textarea></p>' .
    191. 

  191.          '<p><input type="checkbox" name="addfiles" value="1" ' . (isset($_POST['addfiles']) ? 'checked="checked" ' : '') . '/> ' . $lng_forum['add_file'];
    192. 

  192.     if ($set_user['translit'])
    193. 

  193.         echo '<br /><input type="checkbox" name="msgtrans" value="1" ' . (isset($_POST['msgtrans']) ? 'checked="checked" ' : '') . '/> ' . $lng['translit'];
    194. 

  194. echo '</p><p><input type="submit" name="submit" value="' . $lng['save'] . '" style="width: 107px; cursor: pointer;"/> ' .
    195. 

  195.          ($set_forum['preview'] ? '<input type="submit" value="' . $lng['preview'] . '" style="width: 107px; cursor: pointer;"/>' : '') .
    196. 

  196.          '</p></div></form>' .
    197. 

  197.          '<div class="phdr"><a href="../pages/faq.php?act=trans">' . $lng['translit'] . '</a> | ' .
    198. 

  198.          '<a href="../pages/faq.php?act=smileys">' . $lng['smileys'] . '</a></div>' .
    199. 

  199.          '<p><a href="../soo/?mod=forum&amp;sid='. $sid .'&amp;id=' . $id . '">' . $lng['back'] . '</a></p>';
    200. 

  200. }
    201. 

  201. require_once('../incfiles/end.php');
    202. 

  202. break;
    203. 

  203. 

  204. ?>
    205.