[code=php]<?php /* ///////////////////////////////////////////////////////////////////////...

Post #2381
ㅤㅤㅤㅤʟᴀᴄᴏsᴛᴇ
16:54:27, 30 Jan 2020
<?php
/*
////////////////////////////////////////////////////////////////////////////////
// JohnCMS                                                                    //
// Официальный сайт сайт проекта:      http://johncms.com                     //
// Дополнительный сайт поддержки:      http://gazenwagen.com                  //
////////////////////////////////////////////////////////////////////////////////
// JohnCMS core team:                                                         //
// Евгений Рябинин aka john77          john77@johncms.com                     //
// Олег Касьянов aka AlkatraZ          alkatraz@johncms.com                   //
//                                                                            //
// Информацию о версиях смотрите в прилагаемом файле version.txt              //
////////////////////////////////////////////////////////////////////////////////
*/
defined('_IN_JOHNCMS') or die('Error: restricted access');
if($id) {
$query = mysql_query("SELECT * FROM `cms_news` WHERE `id`='$id' LIMIT 1;");
if (mysql_num_rows($query)) {
$res1 = mysql_fetch_assoc($query);
if(empty($_SESSION['error']))
$_SESSION['error'] = '';
require_once('../incfiles/head.php');
 
$com = isset($_REQUEST) ? abs(intval($_REQUEST['com'])) : '';
 
switch($mod) {
case 'javob':
    $q = mysql_query("SELECT * FROM `cms_news_comments` WHERE `id`='$com' LIMIT 1;");
    if (mysql_num_rows($q)) {
        $r = mysql_fetch_assoc($q);
        $muallif = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '{$r['user_id']}'"));
        if(isset($_POST['submit'])) {
            $text = isset($_POST['text']) ? trim($_POST['text']) : '';
            $error = array();
            if(!$text)
                $eror[] = $lng_news['message_not_empty'] . '!';
            elseif (mb_strlen($text) < 4 || mb_strlen($text) > 5000)
                $eror[] = $lng_news['message_long_error'] . '!';
                $flood = functions::antiflood();
            if($flood)
            $eror[] = $lng['error_flood'] . ' ' . $flood . $lng['sec'];
$textl = $lng['news'] . ' | ' . $lng_news['comments_on_news'] . ' "' . htmlentities($res1['imname'], ENT_QUOTES, 'UTF-8') . '"';
 
            if(empty($eror)) {
$lo = ''.$muallif['imname'].', ';
                mysql_query("INSERT INTO `cms_news_comments` SET
                    `refid` = '$id',
                    `time` = '" . time() . "',
                    `user_id` = '" . $user_id . "',
                    `text` = '" . mysql_real_escape_string($lo.$text) . "';
                ");
 
$name = '[url=' . $home . '/users/profile.php?user=' . $user_id . ']' . $ism . '[/url]';
$qayer = '[url=' . $home . '/news/index.php?act=view&id=' . $id . ']bu yerda[/url]';
 
 
 
                mysql_query("UPDATE `users` SET
                `lastpost` = '" . time() . "'
                WHERE `id` = '$user_id'
                ");
            } else {
                $_SESSION['eror'] = '<div class="rmenu">' . implode('<br />', $eror) . '</div>';
            }
 
                Header('Location: index.php?act=view&id=' . $id. '#comm');
 
            exit;
        } // submit
        echo $_SESSION['error'] . '
        <div class="phdr"><b>Javob yozish</b></div>
        <div class="menu">
        <form action="../news/index.php?act=comments&mod=javob&id=' . $id . '&com=' . $com . '" method="post"  enctype="multipart/form-data"><div>
        Xabar matni (max 500):<br/>
        <textarea rows="3" name="text"> </textarea>
        <br />
        <input type="submit" name="submit" value="' . $lng['reply'] . '"/>
        </div></form>
        </div>';
 
            $link = 'index.php?act=view&id=' . $id. '#comm';
 
        echo '<div class="phdr"><a href="'.$link.'">Qaytish</a></div>';
    } else {
        echo functions::display_error($lng_news['message_does_not_exist'] . '!');
    } 
break;
 
 
 
case 'delete':
if($rights >= 7) {
$q = mysql_query("SELECT * FROM `cms_news_comments` WHERE `id`='$com' LIMIT 1;");
if (mysql_num_rows($q)) {
if(isset($_POST['submit'])) {
mysql_query("DELETE FROM `cms_news_comments` WHERE `id`='$com'");
$_SESSION['error'] = '<div class="gmenu">' . $lng_news['message_deleted'] . '</div>';
Header('Location: index.php?act=comments&id=' . $id);
exit;
}
echo $_SESSION['error'] . '<div class="rmenu">
<form action="index.php?act=comments&amp;mod=delete&amp;id=' . $id . '&amp;com=' . $com . '" method="post"  enctype="multipart/form-data"><div>
' . $lng_news['confirm_the_deletion'] . '<br />
<input type="submit" name="submit" value="' . $lng['delete'] . '"/>
</div></form>
</div>';
} else {
echo functions::display_error($lng_news['message_does_not_exist'] . '!');
}
} else {
Header('Location: ../?err');
exit;
}
break;
 
case 'yoqdi':
        $q = mysql_fetch_assoc(mysql_query("SELECT * FROM `cms_news_comments` WHERE `id`='$com' LIMIT 1;"));
        if ($q['ovoz_berdi_id'] != $user_id) {
            $_SESSION['id'] = $id;
            mysql_query('UPDATE `cms_news_comments` SET  `yoqdi`="' . ($q['yoqdi'] ? ++$q['yoqdi'] : 1) . '"  WHERE `id`=' . $com);
            mysql_query('UPDATE `cms_news_comments` SET  `ovoz_berdi_id`="' .$user_id. '"  WHERE `id`=' . $com);
echo '<div class="gmenu">Like bosdingiz. <a href="../news/index.php?act=view&id=' . $id. '#comments">Yangilikga qaytish</a></div>';
        } else {
echo '<div class="gmenu">Siz oldin <b>Like</b> bosgansiz.  <a href="../news/index.php?act=view&id=' . $id. '#comments">Yangilikga qaytish</a></div>';
        }
        //Header('Location: ../news/index.php?act=view&id=' . $id);
break;
case 'yoqmadi':
        $q = mysql_fetch_assoc(mysql_query("SELECT * FROM `cms_news_comments` WHERE `id`='$com' LIMIT 1;"));
        if ($q['ovoz_berdi_id'] != $user_id) {
        $_SESSION['id'] = $id;
        mysql_query('UPDATE `cms_news_comments` SET  `yoqmadi`="' . ($q['yoqmadi'] ? ++$q['yoqmadi'] : 1) . '"  WHERE `id`=' . $com);
        echo '<div class="gmenu"Izohga <b>Salbiy</b> ovoz berdingiz. <a href="../news/index.php?act=view&id=' . $id. '#comments">Yangilikga qaytish</a></div>';
        mysql_query('UPDATE `cms_news_comments` SET  `ovoz_berdi_id`="' .$user_id. '"  WHERE `id`=' . $com);
        } else {
            echo '<div class="gmenu">Siz bu postga  <b>Salbiy</b> ovoz bergansiz.  <a href="../news/index.php?act=view&id=' . $id. '#comments">Yangilikga qaytish</a></div>';
        }
        //Header('Location: ../news/index.php?act=view&id=' . $id);
break;
 
default:
if($user_id && empty($ban[1]) ) {
if(isset($_POST['submit'])) {
$text = isset($_POST['text']) ? trim($_POST['text']) : '';
$error = array();
if(!$text)
$error[] = $lng_news['message_not_empty'] . '!';
elseif (mb_strlen($text) < 4 || mb_strlen($text) > 5000)
$error[] = $lng_news['message_long_error'] . '!';
$flood = functions::antiflood();
if($flood)
$error[] = $lng['error_flood'] . ' ' . $flood . $lng['sec'];
 
if(empty($error)) {
mysql_query("INSERT INTO `cms_news_comments` SET
`refid` = '$id',
`time` = '" . time() . "',
`user_id` = '" . $user_id . "',
`text` = '" . mysql_real_escape_string($text) . "';");
mysql_query("UPDATE `users` SET
`lastpost` = '" . time() . "'
WHERE `id` = '$user_id'
");
$_SESSION['error'] = '<div class="gmenu">' . $lng_news['added_message'] . '</div>';
} else {
$_SESSION['error'] = '<div class="rmenu">' . implode('<br />', $error) . '</div>';
}
Header('Location: index.php?act=view&id=' . $id);
 
exit;
}
echo $_SESSION['error'] . '<div class="phdr"><b>Izoh qoldirish</b></div><div class="menu1">
 
<form action="index.php?act=comments&amp;id=' . $id . '" method="post"  enctype="multipart/form-data"><div>
<p>Matn:<font color="red"> *</font></p>
<p><textarea rows="3" name="text">' . (!empty($_POST['text']) ? htmlentities($_POST['text'], ENT_QUOTES, 'UTF-8') : '') . '</textarea></p>
<input type="submit" name="submit" value="' . $lng['sent'] . '"/> – <a href="/news/index.php?act=view&id=' . $id . '">Yangilash</a>
</div></form>
</div>';
echo '<div class="phdr"><b>Fikrlar</b></div>';
}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_news_comments` WHERE `refid`='$id';"), 0);
if($total) {
if ($total > $kmess)
echo '<div class="topmenu">' . functions::display_pagination('index.php?act=view&amp;id=' . $id . '&amp;', $start, $total, $kmess) . '</div>';
$i = 1;
$req = mysql_query("SELECT `cms_news_comments`.*, `cms_news_comments`.`time` as `mtime`, `cms_news_comments`.`id` as `mid`, `users`.* FROM `cms_news_comments` LEFT JOIN `users` ON `cms_news_comments`.`user_id`=`users`.`id` WHERE `cms_news_comments`.`refid`='$id' ORDER BY `cms_news_comments`.`time` DESC LIMIT "
. $start . "," . $kmess);
while (($row = mysql_fetch_assoc($req)) !== false) {
echo '<div class="menu1">';
$post = $row['text'];
$post = functions::checkout($post, 1, 1);
if ($set_user['smileys'])
$post = functions::smileys($post, $row['rights'] >= 1 ? 1 : 0);
if($row['reply'])
$post .= '<div class="reply">' . functions::checkout($row['reply'], 1, 1) . '</div>';
 
$text = '<br/><b>' . functions::display_date($row['mtime']) . '</b><br/>';
 
 
$arg = array(
'like',
'header' => $text,
'body' => $post,
'sub' => $subtext
);
echo functions::display_user($row, $arg);
if ($user_id) {               if ($user_id == $row['user_id']) {
 
}else { 
echo '<a href="index.php?act=comments&mod=javob&id=' .$id. '&com=' . $row['mid'] . '"><font color="#000066">Javob yozish</font></a>';
}} if ($rights >= 6) { echo ' | <a href="index.php?act=comments&amp;mod=delete&amp;id=' . $id . '&amp;com=' . $row['mid'] . '"><font color="#CC0000">' . $lng['delete']. '</font></a>'; } echo '</div>';
++$i;
}
echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
if ($total > $kmess) {
echo '<div class="topmenu">' . functions::display_pagination('index.php?act=view&id=' . $id . '&amp;', $start, $total, $kmess) . '</div>';
echo '<p><form action="index.php" method="get">
<input type="hidden" name="act" value="comments"/>
<input type="hidden" name="id" value="' . $id . '"/>
<input type="text" name="page" size="2"/>
<input type="submit" value="' . $lng['to_page'] . ' &gt;&gt;"/></form></p>';
}
 
} else {
echo '<div class="rmenu">Hozircha hech kim izoh qoldirmagan.</div>';
}
}
} else {
$textl = $lng['news'];
require_once('../incfiles/head.php');
echo functions::display_error($lng_news['news_does_not_exist']);
}
} else {
$textl = $lng['news'];
require_once('../incfiles/head.php');
}
0 Mavzuga qaytish
Navigatsiya

Forum Chat 1113 Foydalanuvchilar Forum faollari Forumdagi fayllar Mukofotlar Sayt statistikasi Ma'lumot markazi Foydali kodlar Sayt qoidalari
CORES.UZ
Платформа разработчиков
который можно найти всё
UZFOR.NET - Rasmiy guruh
t.me/@uzfornet_rasmiy
Menyu

Navigatsiya
