function print_comments_table($fileid){
global $phrases,$member_data,$id,$content,$op_comment,$sec_img,$sec_string,$settings,$admin_path;
if($settings['files_comments_enable']){
//-------- send comment command ---------
if($op_comment=="send_comment"){
if(check_member_login()){
if($sec_img->verify_string($sec_string)){
$content = htmlspecialchars($content);
$memberid = $member_data['id'] ;
db_query("insert into mobile_files_comments (memberid,content,fileid,date) values('$memberid','$content','$id',now())");
open_table();
print "<center>$phrases[your_comment_sent_successfully]</center>";
close_table();
$content="";
}else{
open_table();
print "<center>$phrases[err_sec_code_not_valid]</center>";
close_table();
}
}else{
open_table();
print "<center> $phrases[please_login_first] </center>";
close_table();
}
}
$qr = db_query("select * from mobile_files_comments where fileid='$fileid'");
if(db_num($qr)){
open_table("$phrases[the_comments]");
print "<hr size=1 class=separate_line>";
while($data = db_fetch($qr)){
$dx = db_qr_fetch("select ".members_fields_replace('username').",".members_fields_replace('email')." from ".members_table_replace('mobile_members')." where ".members_fields_replace('id')."='$data[memberid]'",MEMBER_SQL);
print "<table width=100% border=0><tr><td width=50%><b>$dx[username]</b></td><td align=left>$data[date]</td></tr>";
print "<tr><td colspan=2>$data[content] <a href=\"javascript:report($id,$data[id]);\"><font color='red'>ΚΘανΫ</font></a>";
if(check_login_cookies()){
print " [<a href='".iif($admin_path,$admin_path,"admin")."/index.php?action=comment_del&id=$data[id]&cat=$id'>$phrases[delete]</a>]";
}
print "<br><hr size=1 class=separate_line></td></tr></table>";
}
close_table();
}
}
}
";
}
//------------------------------- Add Files ---------------------------------------------------
if($action =="photos_add"){
if_admin("photos");
if(!$add_limit){
$add_limit = $settings['photos_add_limit'] ;
}
$cat = intval($cat);
if($cat > 0){
$dir_data['cat'] = $cat ;
while($dir_data['cat']!=0){
$dir_data = db_qr_fetch("select name,id,cat from photos_cats where id='$dir_data[cat]'");
$dir_content = "<a href='index.php?action=photos_cats&cat=$dir_data[id]'>$dir_data[name]</a> / ". $dir_content ;
}
}
print "<p align=right><img src='images/link.gif'><a href='index.php?action=photos_cats&cat=0'>$phrases[main_page] </a> / $dir_content</p>";
$add_limit = intval($add_limit);
print " <center>
<form method=\"POST\" action=\"index.php\">
<input type=\"hidden\" name=\"cat\" value='$cat'>
<input type=hidden name=action value=photos_add>
<table width=30% class=grid>
}
// ********************************************************************************************
// display thread
if ($action == 'songs') {
$id = intval($id);
$qr = db_query("select name from songs_singers where id='{$id}'");
if (db_num($qr)) {
$data = db_fetch($qr);
$title_sub = "{$data['name']}";
} else {
$title_sub = "";
}
print_header("{$sitename} - {$title_sub}");
if (db_qr_num("select * from songs_singers where id='{$id}'")) {
$datasngr = db_qr_fetch("select name,id,cat from songs_singers where id='{$id}'");
$hdr = db_qr_fetch("select * from songs_cats where id='{$datasngr['cat']}'");
print "<div id='navbar'> <a href='index.php'> الرئيسية </a> > <a href='browse-{$hdr['id']}.html'>{$hdr['name']}</a> ";
print "</div>";
print "<p class=\"largefont\">عرض النسخة الكاملة : <a href='{$script_url}/songs.php?id={$id}'> {$title_sub} </a></p>\n";
}
$qr = db_query("select * from songs_songs where album='{$id}'");
if (db_num($qr)) {
while ($data = db_fetch($qr)) {
print "<li> <a href='{$script_url}/download.php?id={$data['id']}'>{$data['name']}</a></li>";
}
} else {
print "<center> لا يوجد محتوى </center>";
}
}
//***************************** news **********************************
if ($action == "news") {
}
print "<p align=center class=title> гск ЪфЪйб ЧсуцЧноЩ </p>";
$qr=db_query("select * from store_products_data where active=0 and userid !=0 order by id");
if(db_num($qr)){
print "<table width=100% class=grid>";
while($data=db_fetch($qr)){
$data_client = db_qr_fetch("select ".members_fields_replace('username')." from ".members_table_replace('store_clients')." where id='$data[userid]'",MEMBER_SQL);
print "<tr><td><a href='index.php?action=client_edit&id=$data[userid]'>$data_client[username]</a></td>
<td>$data[name]</td>
<td>";
unset($dir_content);
$dir_data['cat'] = $data['cat'] ;
while($dir_data['cat']!=0){
$dir_data = db_qr_fetch("select name,id,cat from store_products_cats where id='$dir_data[cat]'");
$dir_content = "$dir_data[name] / ". $dir_content ;
}
print "$dir_content</td>
<td>
<a href='index.php?action=clients_items_activate&id=$data[id]'> Ънкэс </a>
- <a href='index.php?action=product_edit&id=$data[id]&cat=$data[cat]'>удЧхЯЩ / ЪкЯэс </a>
- <a href='index.php?action=products_del&id=$data[id]&cat=$data[cat]' onClick=\"return confirm('$phrases[are_you_sure]');\">Эан</a>
</td></tr>";
}
print "</table>";
}else{
print_admin_table("<center> сЧ ЪцЬЯ гск </center>");
}
if($action=="events_add_ok"){
db_query("insert into events_data (name,content,day,month,year,typeid) values('$name','$content','$day','$month','$year','$typeid')");
}
if($action=="events_edit_ok"){
db_query("update events_data set name='$name',content='$content',day='$day',month='$month',year='$year',typeid='$typeid' where id='$id'");
}
if($action=="events_del"){
db_query("delete from events_data where id='$id'");
}
//------------- show events ------------------------
print "<center> [ <a href='index.php?action=events_add'> $phrases[add_event] </a> ] </center><br>";
$qr = db_query("select * from events_data order by day,month,year DESC");
if(db_num($qr)){
print "<center><table width=98% class=grid>";
while($data = db_fetch($qr)){
$datax = db_qr_fetch("select * from events_types where id='$data[typeid]'");
print "<tr><td width=5 bgcolor='$datax[color]'> </td>
<td><span dir=ltr>$data[day]/$data[month]/$data[year]</span></td>
<td width=50%>$data[name]</td>
<td>$datax[name]</td>
<td> <a href='index.php?action=events_edit&id=$data[id]'> $phrases[edit] </a>
- <a href='index.php?action=events_del&id=$data[id]' onClick=\"return confirm('Are you sure you want to delete ?');\"> $phrases[delete] </a></td></tr>";
}
print "</table></center>";
<td><a href='index.php?action=guestbook_edit&id=$data[id]'>�����</a></td>
<td><a href='index.php?action=guestbook_del&id=$data[id]' onclick=\"confirm('�� ��� ����� �')\">���</a></td></tr>";
}
print "</table></center>";
}else{
print_admin_table("<center> �� ���� ����� </center>");
}
}
if($action=="guestbook_edit"){
if_admin("guestbook");
$id=intval($id);
$data = db_qr_fetch("select * from guestbook_data where id='$id'");
print "<form action=index.php method=post>
<input type=hidden name=action value='guestbook_edit_ok'>
<input type=hidden name=id value='$id'>
<input type=hidden name=redirect value='".intval($redirect)."'>
<table width=100% class=grid>
<tr><td colspan=2>$data[date]</td></tr>
<tr><td width=20%><b>�����:</b></td><td> <input type=text name=name size=20 value='$data[name]'></td></tr>
<tr><td width=20%><b>������ ���������� :</b></td><td><input type=text name=email size=20 dir=ltr value='$data[email]'></td></tr>
<tr><td width=20%><b>������� :</b></td><td> <textarea cols=30 rows=5 name=msg>$data[msg]</textarea></td></tr>
<tr><td colspan=2 align=center><input type=submit value=' ����� '></td></tr>
</table></form>";
}
</td></tr>
";
print "<td><b> $phrases[the_cat] : </b> </td><td><select id=cat name=cat ".iif($type=="audio","onChange=\"get_send_file_form(\$('type').value,\$('cat').value,0);\"").">
<option value=''> -- اختر القسم --</option>";
if($type=="" || $type=="audio"){
$qr=db_query("select * from songs_cats where active=1 order by id asc");
while($data = db_fetch($qr)){
print "<option value='$data[id]'".iif($data['id']==$cat," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>";
}
}else{
$qr=db_query("select * from songs_videos_cats where active=1 order by cat asc");
while($data = db_fetch($qr)){
$data_cat = db_qr_fetch("select name from songs_videos_cats where id='$data[cat]'");
print "<option value='$data[id]'".iif($data['id']==$cat," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>";
}
}
print "</select></td></tr>";
if($type=="audio" && $cat){
print "<tr><td><b> $phrases[singer] : </b> </td><td><select id='singer' name=singer ".iif($type=="audio","onChange=\"get_send_file_form(\$('type').value,\$('cat').value,this.value);\"").">";
$qr=db_query("select * from songs_singers where active=1 and cat='$cat' order by id asc");
while($data = db_fetch($qr)){
if(!$singer){$singer=$data['id'];}
print "<option value='$data[id]'".iif($data['id']==$singer," selected").">$data[name]</option>";
}
print "
<form action=index.php method=post>
<input type=hidden name=id value='$id'>
<input type=hidden name=action value='members_files_accept'>
<input type=hidden name=userid value='$userid'>
<table width=100% class=grid>
<tr><td colspan=2 align=center><img src=\"../".get_image($data['img'])."\"></td></tr>
<tr>
<td><b> Чгу Чсусн : </b> </td><td><input type=text name='name' value=\"$data[name]\" size=30></td></tr>
<td><b> бЧШи Чсусн : </b> </td><td><input type=text name=url value=\"$data[url]\" size=40 dir=ltr></td></tr>
<td><b> ецбЩ Чсусн : </b> </td><td><input type=text name=img value=\"$data[img]\" size=40 dir=ltr></td></tr>
<td><b> цен Чсусн : </b> </td><td><textarea cols=40 rows=5 name=details>$data[details]</textarea></td></tr>
<td><b> Чсогу : </b> </td><td><select name=cat>";
$qr=db_query("select * from mobile_cats order by cat asc");
while($data = db_fetch($qr)){
$data_cat = db_qr_fetch("select name from mobile_cats where id='$data[cat]'");
print "<option value='$data[id]'".iif($data['id']==$data['cat']," selected").">".iif($data_cat['name'],"$data_cat[name] -> ")."$data[name]</option>";
}
print "</select></td></tr>
<tr><td colspan=2 align=center><input type=submit value=' оШцс Чсусн '></td></tr>
<tr><td colspan=2 align=left><a href='index.php?action=members_files_del&id=$data[id]' onClick=\"return confirm('are you sure ?');\">Эан Чсусн</a></td></tr>
</table>
</form>";
}else{
print_admin_table("<center>wrong url</center>");
}
}
$dedi_msg_max = 200 ;
//if($action=="send" && (strlen($msg) >= $dedi_msg_min) && (strlen($msg) <= $dedi_msg_max)){
//setcookie('songs_dedi_added', "1" , time() + $dedi_timeout,"/");
//setcookie('songs_dedi_name', "$name" , (time() + 60*60*24*30),"/");
//}
print "<html dir=rtl>
<meta http-equiv=\"Content-Type\" content=\"text/html; charset=$settings[site_pages_encoding]\" />
<LINK href=\"css.php\" type=\"text/css\" rel=\"stylesheet\">
<title>الإهداءات</title>\n";
open_table();
if(check_member_login()){
$data_prev = db_qr_fetch("select date from songs_dedications where `user` like '".db_escape($member_data['username'])."' order by date desc limit 1");
if($data_prev['date'] && (strtotime($data_prev['date'])+$dedi_timeout) > time()){
print "<center> عفوا , يمكنك ارسال اهداء كل ".intval(($dedi_timeout/60)) ." دقيقة </center>";
}else{
if($action=="send"){
$msg = trim($msg);
// $msg = htmlspecialchars($msg);
// if (!$_COOKIE['songs_dedi_added']){
if((strlen($msg) >= $dedi_msg_min) && (strlen($msg) <= $dedi_msg_max)){
db_query("insert into songs_dedications(user,msg,date,active)values('".db_escape($member_data['username'])."','".db_escape($msg)."',now(),'".iif($dedications_admin_review,0,1)."')");
print "<center> تم ارسال اهدائك </center>";
print "<script>
<?
if(!defined("CUR_FILENAME")){
die("You can't access file directly ... ");
}
//--------------------------- Video Browse ---------------------------------------
if($action=="videos"){
if($cat){
$qr = db_query("select * from videos_data where cat='$cat' order by id DESC");
$data_title = db_qr_fetch("select name from videos_cats where id='$cat'");
open_table($data_title['name']);
if(db_num($qr)){
print "<center><table width=100%>" ;
$c=0;
while($data = db_fetch($qr)){
if ($c==$settings['news_cells']) {
print " </tr><TR>" ;
$c = 0 ;
}
++$c ;
print " <td><center><a href='index.php?action=video_preview&id=$data[id]'>
<img border=0 alt='$phrases[the_name] : $data[name] \n$phrases[add_date] : ".substr($data['date'],0,10)."'
src='".get_image($data['img'])."'>
<?
require("global.php");
$data = db_qr_fetch("select url from members_files where id='".$id."'");
$url = $data['url'];
run_template('song_listen');
}else{
print "<SCRIPT>window.location=\"index.php?action=comments\";</script>";
}
}
if ($action == "comment_activate"){
$id = intval( $id );
db_query( "update comments_data set active=1 where id='".$id."'" );
}
$qr = db_query( "select * from comments_data where active=0 order by id desc" );
print "<p align=center class=title> ÊÚáíÞÇÊ ÊäÊÙÑ ÇáãæÇÝÞÉ </p>";
if (db_num($qr)){
print "<center><table width=100% class=grid>";
while($data = db_fetch($qr)){
$data_news = db_qr_fetch("select title from news_news where id='$data[news_id]'");
print "<tr><td><a href='$scripturl/index.php?action=news&id=$data[news_id]' target=_blank>$data_news[title]</a></td>
<td>$data[name]</td><td>$data[email]</td><td>$data[content]</td><td>$data[date]</td><td><a href='index.php?action=comment_activate&id=$data[id]'> ÊÝÚíá </a> - <a href='index.php?action=comment_edit&id=$data[id]'>ÊÚÏíá</a> - <a href='index.php?action=comment_del&id=$data[id]' onClick=\"return confirm('Are You Sure ?');\">ÍÐÝ</a></td></tr>";
}
print "</table></center>";
}else{
print "<center> áÇ ÊæÌÏ ÊÚáÞíÇÊ </center>";
}
}
//--------- comments del ----
if ($action == "comment_del"){
if_admin( "comments" );
}else{
print "<tr><td align=center> áÇÊæÌÏ ßáíÈÇÊ </td></tr>";
}
print "</table>";
}
}
//-----------------------------------------------------------------------------
if($action == "video_edit"){
$id = intval($id);
$data=db_qr_fetch("select * from videos_data where id=$id");
print "<center>" ;
print "<form name=sender action=index.php method=post>
<input type=hidden name=action value='video_edit_ok'>
<input type=hidden name=cat value='$cat'>
<input type=hidden name=id value='$id'>
<table class=grid width=40% >
<tr><td> ÇáÇÓã : </td><td><input type=text name=name size=30 value=\"$data[name]\"></td></tr>
<tr><td> ÑÇÈØ ÇáÊÍãíá : </td><td><input type=text name=url size=30 value='$data[url]'></td></tr>
<tr><td>
ÇáÕæÑÉ :</td>
<td> <table><tr><td><input type=text dir=ltr size=30 name=img value=\"$data[img]\"></td><td><a href=\"javascript:uploader('videos','img');\"><img src='images/file_up.gif' border=0 alt='ÑÝÚ ÕæÑÉ ãä ÇáÌåÇÒ'></a></td></tr></table>
</td></tr>
<?
if($action=="download"){
$id= (int) $id;
$cat = (int) $cat;
if(!$cat){$cat=1;}
$data = db_qr_fetch("select songs_songs.name,songs_songs.album_id, songs_singers.name as singer_name,songs_cats.name as cat_name from songs_songs,songs_singers,songs_cats where songs_singers.id=songs_songs.album and songs_cats.id = songs_singers.cat and songs_songs.id='$id'");
open_table("$data[singer_name] - $data[name]");
print "<center><a href='song_download_".$id."_".$cat."'><h3>تحميل الاغنية</h3></a></center>";
close_table();
}
function get_client_name($id){
$id =(int) $id;
$product_client = db_qr_fetch("select username from store_clients where id='".$id."'");
return $product_client['username'];
}
//------------------ Guest Book --------------------------
if($action=="guestbook"){
print "<img src='images/arrw.gif'> <a href='index.php?action=guestbook_add'> ����� ��� ����� </a><br><br>";
$start = intval($start);
if(!$limit){$limit=30;}
$limit=intval($limit);
$qr = db_query("select * from guestbook_data where active=1 order by id DESC limit $start,$limit");
if(db_num($qr)){
$page_result = db_qr_fetch("select count(*) as count from guestbook_data where active=1");
$numrows=$page_result['count'];
$previous_page=$start - $m_perpage;
$next_page=$start + $m_perpage;
$m_perpage = $limit ;
$page_string = "index.php?action=guestbook";
while($data = db_fetch($qr)){
open_table();
print "<table >
<tr><td colspan=2>$data[date]</td></tr>
<?
if(!check_admin_login()){die("<center> $phrases[access_denied] </center>");}
//-------------- main ---------------
if(!$action){
if($dedications_admin_review){
$count = db_qr_fetch("select count(*) as count from songs_dedications where active=0");
print "<br>";
print_admin_table("<b>اهدائات تنتظر الموافقة : </b> <a href='index.php?action=dedications'>".intval($count['count'])." </a>");
}
}
//-------------------------- Dedications ---------------------
if($action=="dedications" || $action=="dedications_del" || $action=="dedications_edit_ok" || $action=="dedications_enable" || $action=="dedications_disable"){
if_admin("dedications");
print "<p align=center class=title> الإهدائات </p>" ;
//-------------- del --------------------
if($action=="dedications_del"){
if(!is_array($d_id)){$d_id=array($id);}
foreach($d_id as $del_id){
db_query("delete from songs_dedications where id='$del_id'");
}
}
//---------- edit -------------------
if($action=="dedications_edit_ok"){
<META http-equiv=Content-Type content=\"text/html; charset=$settings[site_pages_encoding]\">
<LINK href='css.php' type=text/css rel=StyleSheet>";
print "<title> ΚΘανΫ </title>";
open_table();
if(!$HTTP_COOKIE_VARS[$cookie_name]){
if($id && $cid){
$cid = (int) $cid;
$id = (int) $id;
$data=db_qr_fetch("select * from mobile_files_comments where id='$cid'");
$msg = "Ηαγαέ : <a href=\"$scripturl/details_".$id.".html\">$scripturl/details_".$id.".html</a>";
$msg .= "<br><br>-----------------------<br>";
$msg .= "<br> $data[content] <br>";
$msg .= "<br>-----------------------<br>";
$mailResult = send_email($sitename,$mailing_email,$admin_email,"ΚΘανΫ",$msg,$settings['mailing_default_use_html'],$settings['mailing_default_encoding']);
print "<center> Κγ ΚΘανΫ ΗαΗΟΗΡΙ , ΤίΡΗ αί </center>";
}else{
print "<center> ΡΗΘΨ ΞΗΨνΑ </center>";
}
}else{
print "<center> н—ћм ”ћнб «бѕќжб «жб« </center>";
close_table();
}
}
//-------------- Comments --------------------
$qr = db_query("select * from store_products_comments where cat ='$id' and active=1");
if(db_num($qr)){
$is_admin = check_login_cookies() && if_admin("products_comments",1) ;
open_table("«б Џбнё« ");
print "<hr size=1 class=separate_line>";
while($data = db_fetch($qr)){
$dx = db_qr_fetch("select * from ".members_table_replace('store_clients')." where ".members_fields_replace('id')."='$data[userid]'",MEMBER_SQL);
print "<table width=100% border=0><tr><td width=50%><b>$dx[username]</b><td align=left>$data[date]</td></tr>";
print "<tr><td colspan=2>$data[content]";
if($is_admin){
print " [<a href='".iif($admin_folder,$admin_folder,"admin")."/index.php?action=products_comment_del&id=$data[id]&cat=$id'>Ќ–Ё</a>]";
}
print "<br><hr size=1 class=separate_line></td></tr></table>";
}
close_table();
}
//------------ send comment ---------------
open_table("«—”«б Џбнё");
