private function RenderPost($ObjectId, &$Posts, $BlockName, $Level) { if (count($Posts) == 0) { return false; } foreach ($Posts as $post) { $post_id = SafeDB($post['id'], 11, int); $user_id = SafeDB($post['user_id'], 11, int); $vars = array(); $vars['level_padding'] = Posts::$LevelMargin * $Level; $vars['post_message'] = HtmlChars($post['post_message']); SmiliesReplace($vars['post_message']); $vars['post_message'] = nl2br($vars['post_message']); $vars['post_message'] = BbCodePrepare($vars['post_message']); if ($user_id != 0) { // Зарегистрированный пользователь $userinfo = GetUserInfo($user_id); $vars['user_link'] = Ufu("index.php?name=user&op=userinfo&user={$user_id}", 'user/{user}/info/'); $vars['user_name'] = '<a href="' . $vars['user_link'] . '">' . $userinfo['name'] . '</a>'; $vars['post_date'] = SafeDB($post['post_date'], 11, int); if ($userinfo['hideemail'] == '0') { $vars['user_email'] = AntispamEmail($userinfo['email']); } else { $vars['user_email'] = ''; } $vars['user_homepage'] = SafeDB($userinfo['url'], 255, str); $vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str)); if ($userinfo['online']) { $vars['user_status'] = 'Сейчас на сайте.'; } else { $vars['user_status'] = ''; } $vars['user_rank_image'] = $userinfo['rank_image']; $vars['user_rank_name'] = $userinfo['rank_name']; $vars['user_avatar'] = $userinfo['avatar_file']; $vars['user_avatar_small'] = $userinfo['avatar_file_small']; $vars['user_avatar_smallest'] = $userinfo['avatar_file_smallest']; $vars['user_regdate'] = TimeRender($userinfo['regdate'], false, false); } else { $vars['user_name'] = SafeDB($post['user_name'], 255, str); $vars['post_date'] = SafeDB($post['post_date'], 11, int); if ($post['user_email'] != '' && $post['user_hideemail'] != 0) { $vars['user_email'] = AntispamEmail(SafeDB($post['user_email'], 255, str)); } else { $vars['user_email'] = ''; } if ($post['user_homepage'] != '') { $vars['user_homepage'] = SafeDB($post['user_homepage'], 255, str); $vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str)); } else { $vars['user_homepage'] = ''; $vars['user_homepage_url'] = ''; } $vars['user_status'] = ''; $vars['user_rank_image'] = ''; $vars['user_rank_name'] = ''; $vars['user_avatar'] = GetPersonalAvatar(0); $vars['user_avatar_small'] = GetSmallUserAvatar(0, $vars['user_avatar']); $vars['user_avatar_smallest'] = GetSmallestUserAvatar(0, $vars['user_avatar']); $vars['user_regdate'] = ''; } $vars['user_id'] = SafeDB($post['user_id'], 11, int); $vars['post_id'] = $post_id; $vars['user_ip'] = SafeDB($post['user_ip'], 19, str); $vars['object_id'] = $ObjectId; $vars['parent_id'] = SafeDB($post['post_parent_id'], 11, int); if ($vars['user_homepage'] != '') { $vars['user_homepage'] = '<a href="' . $vars['user_homepage_url'] . '" target="_blank">' . $vars['user_homepage'] . '</a>'; } else { $vars['user_homepage'] = ''; } $vars['post_date'] = TimeRender($vars['post_date']); if (System::user()->Auth) { $vars['editing'] = System::user()->Get('u_id') == $user_id || System::user()->isAdmin(); } else { $vars['editing'] = $user_id == '0' && $vars['user_ip'] == getip(); } $vars['answers'] = $this->Answers != '0' || System::user()->isAdmin(); if (!System::user()->Auth && !$this->GuestPost) { $vars['answers'] = false; } if (!$this->AlloyComments) { $vars['answers'] = false; } $vars['no_answers'] = !$vars['answers']; $back = SaveRefererUrl(); $vars['edit_url'] = $this->EditPageUrl . '&post_id=' . $post_id . '&back=' . $back; $vars['delete_url'] = $this->DeletePageUrl . '&post_id=' . $post_id . '&back=' . $back; $vars['parent_post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . SafeDB($post['post_parent_id'], 11, int); $vars['post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . $post_id; System::site()->AddSubBlock($BlockName, true, $vars, array(), $this->PostTemplate); if (isset($this->PostsTree[$post_id])) { if ($this->MaxTreeLevel > $Level) { $newLevel = $Level + 1; } else { $newLevel = $Level; } $this->RenderPost($ObjectId, $this->PostsTree[$post_id], $BlockName, $newLevel); } } return true; }
function IndexUserInfo() { if (isset($_GET['user'])) { $user_id = SafeEnv($_GET['user'], 11, int); } elseif (System::user()->Auth) { $user_id = System::user()->Get('u_id'); } else { System::site()->Login(); return; } $usr = GetUserInfo($user_id); if ($usr !== false) { System::site()->SetTitle('Информация о пользователе ' . SafeDB($usr['name'], 50, str)); System::site()->AddTemplatedBox('', 'module/user_info.html'); System::site()->AddBlock('userinfo', true, false, 'user'); $vars['user_id'] = SafeDB($usr['id'], 11, int); $vars['name'] = SafeDB($usr['name'], 50, str); $vars['true_name'] = SafeDB($usr['truename'], 250, str); $vars['avatar'] = RealPath2(SafeDB($usr['avatar_file'], 255, str)); $vars['rankimage'] = RealPath2(SafeDB($usr['rank_image'], 255, str)); $vars['rank'] = SafeDB($usr['rank_name'], 255, str); $vars['age'] = SafeDB($usr['age'], 11, str); $vars['city'] = SafeDB($usr['city'], 100, str); if ($usr['hideemail'] == '1') { $vars['email'] = 'Скрывается'; } else { $vars['email'] = SafeDB($usr['email'], 50, str); } $vars['icq'] = SafeDB($usr['icq'], 15, str); $vars['site'] = Url(SafeDB($usr['url'], 250, str)); $vars['site_url'] = UrlRender(SafeDB($usr['url'], 250, str)); $vars['about'] = SafeDB($usr['about'], 0, str); $vars['regdate'] = TimeRender($usr['regdate'], false); $vars['lastdate'] = TimeRender($usr['lastvisit']); $vars['counter'] = SafeDB($usr['visits'], 11, int); if ($usr['online']) { $vars['online'] = 'Сейчас на сайте.'; } else { $vars['online'] = ''; } System::site()->BreadCrumbAdd('Личные данные "' . $vars['name'] . '"'); System::site()->Blocks['userinfo']['vars'] = $vars; } else { System::site()->AddTextBox('Ошибка', '<p align="center">Пользователь не найден.<p>'); } }
function RenderArticle(&$art) { $vars = array(); $art_id = SafeDB($art['id'], 11, int); $cat_id = SafeDB($art['cat_id'], 11, int); $func = IndexArticlesFunc($art_id); $vars['title'] = SafeDB($art['title'], 250, str) . (System::user()->isAdmin() ? $func : ''); $vars['cat'] = IndexArticlesGetTree()->IdCats[$cat_id]['title']; $vars['catlink'] = Ufu("index.php?name=articles&cat={$cat_id}", 'articles/{cat}/'); if ($art['image'] != '') { $vars['image'] = RealPath2(System::config('articles/images_dir') . SafeDB($art['image'], 255, str)); $vars['thumb_image'] = RealPath2(System::config('articles/images_dir') . 'thumbs/' . SafeDB($art['image'], 255, str)); } else { $vars['image'] = false; } if ($art['auto_br_desc'] == '1') { $vars['description'] = nl2br(SafeDB($art['description'], 0, str, false, false, false)); } else { $vars['description'] = SafeDB($art['description'], 0, str, false, false, false); } $vars['lauthor'] = 'Автор'; $vars['author'] = SafeDB($art['author'], 200, str); $vars['lemail'] = 'E-mail'; $vars['email'] = SafeDB($art['email'], 50, str); $vars['lurl'] = 'Источник'; $vars['site'] = SafeDB($art['www'], 250, str); $vars['site_url'] = UrlRender(SafeDB($art['www'], 250, str)); $vars['lpublic'] = 'Опубликована'; $vars['public'] = TimeRender(SafeDB($art['public'], 11, int), false); $vars['link2'] = Ufu("index.php?name=articles&op=read&art={$art_id}&cat={$cat_id}", 'articles/{cat}/{art}/'); $vars['link'] = '<a href="' . $vars['link2'] . '">Читать...</a>'; $vars['lhits'] = 'Просмотров'; $vars['hits'] = SafeDB($art['hits'], 11, int); $vars['lcomments'] = 'Комментарий'; $vars['comments'] = SafeDB($art['comments_counter'], 11, int); //Выводим rating $rating = GetRatingImage(SafeDB($art['num_votes'], 11, int), SafeDB($art['all_votes'], 11, int)); $vars['rating_image'] = $rating; $vars['alloy_rating'] = SafeDB($art['allow_votes'], 1, bool); $vars['disable_rating'] = !$vars['alloy_rating']; $vars['lrating'] = 'Оценка'; $vars['rating_num_votes'] = SafeDB($art['num_votes'], 11, int); // $vars['form'] = SafeDB($art['form'], 11, int); $vars['product_id'] = SafeDB($art['product_id'], 255, str); $vars['form_url'] = false; if ($vars['form'] != 0 && $vars['product_id'] != '') { $vars['form_url'] = 'index.php?name=forms&form=' . $vars['form'] . '&f_product_id=' . rawurlencode($vars['product_id']); } System::site()->AddSubBlock('articles', true, $vars); }
function IndexGBAddMessage(&$msg) { // Имя и электронная почта if ($msg['email'] != '' && $msg['hide_email'] != '1') { $vars['name'] = '<a href="mailto:' . SafeDB($msg['email'], 50, str) . '">' . SafeDB($msg['name'], 50, str) . '</a>'; $vars['name2'] = SafeDB($msg['name'], 50, str); $vars['email'] = '<a href="mailto:' . SafeDB($msg['email'], 50, str) . '"><img src="images/buttons/email.gif" /></a>'; $vars['email2'] = SafeDB($msg['email'], 50, str); } else { $vars['name'] = SafeDB($msg['name'], 50, str); $vars['email'] = ''; $vars['email2'] = ''; } // Сайт if ($msg['url'] != '') { $url = UrlRender(SafeDB($msg['url'], 255, str)); $vars['url'] = '<a href="' . $url . '" target="_blank"><img src="images/buttons/www.gif" /></a>'; $vars['url2'] = $url; } else { $vars['url'] = ''; $vars['url2'] = ''; } // Аська if ($msg['icq'] != '') { $vars['icq'] = '<a href="http://web.icq.com/' . SafeDB($msg['icq'], 255, str) . '" target="_blank"><img src="images/buttons/icq.gif" /></a>'; $vars['icq2'] = SafeDB($msg['icq'], 255, str); } else { $vars['icq'] = ''; $vars['icq2'] = ''; } // Ответы if (trim($msg['answers']) == '') { $answers = array(); } else { $answers = unserialize($msg['answers']); } // Функции для администратора $id = SafeDB($msg['id'], 11, int); $vars['access_answer'] = System::user()->CheckAccess2('guestbook', 'answer'); $vars['edit_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=editanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Редактировать ответ $vars['delete_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=delanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Удалить ответ $vars['add_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=addanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Ответить $vars['edit_message_url'] = ADMIN_FILE . '?exe=guestbook&a=edit&id=' . $id . '&back=' . SaveRefererUrl(); // Редактировать сообщение $vars['delete_message_url'] = ADMIN_FILE . '?exe=guestbook&a=delete&id=' . $id . '&ok=0' . '&back=' . SaveRefererUrl(); // Удалить сообщение if (System::user()->isAdmin()) { $func = ''; $msg_func = ''; if (array_key_exists(System::user()->Name(), $answers)) { if ($vars['access_answer']) { $func = '<a href="' . $vars['edit_answer_url'] . '">Редактировать ответ</a> :: ' . '<a href="' . $vars['delete_answer_url'] . '">Удалить ответ</a>'; } else { $func = ''; } } elseif ($vars['access_answer']) { $func = '<a href="' . $vars['add_answer_url'] . '">Ответить</a>'; } $msg_func = ($func != '' ? ' :: ' : '') . '<a href="' . $vars['edit_message_url'] . '">Редактировать сообщение</a> :: ' . '<a href="' . $vars['delete_message_url'] . '">Удалить сообщение</a>'; $vars['admin'] = $func . $msg_func; } else { $vars['admin'] = ''; } $keys = array_keys($answers); $answerstext = ''; if (count($answers) > 0) { $answerstext = 'Ответы: <ul style="margin:3px;margin-left:16px;">' . EOL; foreach ($keys as $key) { $answerstext .= '<li>' . $key . ' - ' . $answers[$key] . EOL; } $answerstext .= '</ul>' . EOL; } $vars['date'] = TimeRender(SafeDB($msg['date'], 11, int)); $vars['text'] = SafeDB($msg['message'], 0, str); $vars['answers'] = $answerstext; System::site()->AddSubBlock('guestbook', true, $vars); }
function AddDetailDownload(&$down) { $id = SafeDB($down['id'], 11, int); $cat_id = SafeDB($down['category'], 11, int); $func = IndexDownloadsFunc($id); $vars = array(); $vars['category_url'] = Ufu("index.php?name=downloads&cat={$cat_id}", 'downloads/{cat}/'); $vars['category_title'] = IndexDownloadsGetTree()->IdCats[$down['category']]['title']; $vars['category'] = '<a href="' . $vars['category_url'] . '">' . $vars['category_title'] . '</a>'; $vars['file_link'] = "index.php?name=downloads&op=download&file={$id}"; // Если сделать ЧПУ ссылку, то появляется проблема с относительным адресом файла if (AccessIsResolved($down['view'])) { $vars['access'] = true; $url = '<a href="' . $vars['file_link'] . '" target="_blank">Скачать файл</a>'; } else { $vars['access'] = false; $url = 'Файл только для зарегистрированных пользователей.'; } $vars['not_access'] = !$vars['access']; $vars['url'] = $url; $vars['file_title'] = SafeDB($down['title'], 255, str) . (System::user()->isAdmin() ? $func : ''); $vars['description'] = SafeDB($down['description'], 0, str, false, false); $vars['author'] = SafeDB($down['author'], 200, str); $vars['homepage'] = SafeDB($down['author_site'], 250, str); $vars['homepage_url'] = UrlRender(SafeDB($down['author_site'], 250, str)); $vars['mail'] = SafeDB($down['author_email'], 50, str); $vars['date'] = TimeRender($down['public']); $vars['hits'] = SafeDB($down['hits'], 11, int); $vars['version'] = SafeDB($down['file_version'], 250, str); $vars['size'] = FormatFileSize(SafeDB($down['size'], 11, real), SafeDB($down['size_type'], 1, str)); $vars['filetype'] = IndexDownloadsGetFileType(SafeDB($down['url'], 250, str)); $vars['addvote_url'] = "index.php?name=downloads&op=addvote&file={$id}"; System::site()->DataAdd($vdata, '0', 'Ваша оценка'); System::site()->DataAdd($vdata, '1', 'Очень плохо'); System::site()->DataAdd($vdata, '2', 'Плохо'); System::site()->DataAdd($vdata, '3', 'Средне'); System::site()->DataAdd($vdata, '4', 'Хорошо'); System::site()->DataAdd($vdata, '5', 'Отлично'); $vars['votes'] = System::site()->Select('vote', $vdata); $vars['addvotesubm'] = System::site()->Submit('Оценить файл'); $vars['allow_votes'] = SafeDB($down['allow_votes'], 1, bool); if ($down['image'] != '') { $vars['image'] = RealPath2(System::config('downloads/images_dir') . SafeDB($down['image'], 255, str)); $vars['thumb_image'] = RealPath2(System::config('downloads/images_dir') . 'thumbs/' . SafeDB($down['image'], 255, str)); } else { $vars['image'] = false; } //Выводим rating $vars['rating_num_votes'] = SafeDB($down['votes_amount'], 11, int); $vars['rating_image'] = GetRatingImage(SafeDB($down['votes_amount'], 11, int), SafeDB($down['votes'], 11, int)); $rating = $vars['rating_image']; if ($rating == '' && SafeDB($down['allow_votes'], 1, bool)) { // allow_rating $rating = 'Нет оценки'; } elseif (SafeDB($down['allow_votes'], 1, bool)) { $rating = '<img src="' . $rating . '" /> (Оценок: ' . SafeDB($down['votes_amount'], 11, int) . ')'; } else { $rating = ' - '; } $vars['rating'] = $rating; // if (!SafeDB($down['allow_comments'], 1, bool)) { // allow coments $vars['comments'] = ' - '; } else { $vars['comments'] = SafeDB($down['comments_counter'], 11, int); } System::site()->AddBlock('download', true, false, 'dl'); System::site()->Blocks['download']['vars'] = $vars; }