} $tpl->compile('msg'); } } //Кнопка показ пред сообщений if ($row['msg_num'] > 10) { $tpl->set('[msg]', ''); $tpl->set('[/msg]', ''); } else { $tpl->set_block("'\\[msg\\](.*?)\\[/msg\\]'si", ""); } $tpl->load_template('forum/view.tpl'); $tpl->set('{id}', $public_id); $tpl->set('{fid}', $row['fid']); $tpl->set('{title}', stripslashes($row['title'])); $tpl->set('{edit-text}', stripslashes(myBrRn($row['text']))); //Прикрипленные файлы if ($row['attach']) { $attach_arr = explode('||', $row['attach']); $cnt_attach = 1; $cnt_attach_link = 1; $jid = 0; $attach_result = ''; foreach ($attach_arr as $attach_file) { $attach_type = explode('|', $attach_file); //Фото со стены юзера if ($attach_type[0] == 'photo_u') { $attauthor_user_id = $row['fuser_id']; if ($attach_type[1] == 'attach' and file_exists(ROOT_DIR . "/uploads/attach/{$attauthor_user_id}/c_{$attach_type[2]}")) { $attach_result .= "<img id=\"photo_wall_{$row['fid']}_{$cnt_attach}\" src=\"/uploads/attach/{$attauthor_user_id}/c_{$attach_type[2]}\" style=\"margin-top:3px;margin-right:3px\" align=\"left\" onClick=\"groups.wall_photo_view('{$row['fid']}', '', '{$attach_type[1]}', '{$cnt_attach}')\" class=\"cursor_pointer page_num{$row['fid']}\" height=\"{$rodImHeigh}\" />"; $cnt_attach++;
$comments = 1; } else { $comments = 0; } if ($_POST['del_photo']) { @unlink(ROOT_DIR . '/uploads/groups/' . $id . '/' . $row['photo']); $sql_line_del = ", photo = ''"; } $db->query("UPDATE `" . PREFIX . "_communities` SET title = '" . $title . "', descr = '" . $descr . "', comments = '" . $comments . "' " . $sql_line_del . " WHERE id = '" . $id . "'"); msgbox('Информация', 'Сообщество успешно отредактировано', '?mod=groups'); } else { msgbox('Ошибка', 'Заполните все поля', '?mod=groups&act=edit&id=' . $id); } } else { $row['title'] = stripslashes($row['title']); $row['descr'] = stripslashes(myBrRn($row['descr'])); if ($row['comments']) { $checked = 'checked'; } echoheader(); echohtmlstart('Редактирование сообщества'); echo <<<HTML <style type="text/css" media="all"> .inpu{width:447px;} textarea{width:450px;height:100px;} </style> <form action="" method="POST"> <input type="hidden" name="mod" value="notes" />
$tpl->set('{display-ava}', ''); } else { //FOR MOBILE VERSION 1.0 if ($config['temp'] == 'mobile') { $tpl->set('{photo}', "{theme}/images/no_ava_50.png"); } else { $tpl->set('{photo}', "{theme}/images/no_ava.gif"); } $tpl->set('{display-ava}', 'no_display'); } if ($row['descr']) { $tpl->set('{descr-css}', ''); } else { $tpl->set('{descr-css}', 'no_display'); } $tpl->set('{edit-descr}', myBrRn(stripslashes($row['descr']))); //КНопка Показать полностью.. $expBR = explode('<br />', $row['descr']); $textLength = count($expBR); $strTXT = strlen($row['descr']); if ($textLength > 9 or $strTXT > 600) { $row['descr'] = '<div class="wall_strlen" id="hide_wall_rec' . $row['id'] . '">' . $row['descr'] . '</div><div class="wall_strlen_full" onMouseDown="wall.FullText(' . $row['id'] . ', this.id)" id="hide_wall_rec_lnk' . $row['id'] . '">' . $lang['lang_624'] . '</div>'; } $tpl->set('{descr}', stripslashes($row['descr'])); $tpl->set('{num}', '<span id="traf">' . $row['traf'] . '</span> ' . gram_record($row['traf'], 'subscribers')); if ($row['traf']) { $tpl->set('{num-2}', '<a href="/public' . $row['id'] . '" onClick="groups.all_people(\'' . $row['id'] . '\'); return false">' . gram_record($row['traf'], 'subscribers2') . '</a>'); $tpl->set('{no-users}', ''); } else { $tpl->set('{num-2}', '<span class="color777">' . $lang['lang_711'] . '</span>'); $tpl->set('{no-users}', 'no_display');
$alt_name = totranslit($_POST['alt_name']); $text = $parse->BBparse(textFilter($_POST['text'])); if (isset($title) and !empty($title) and isset($text) and !empty($text) and isset($alt_name) and !empty($alt_name)) { $db->query("UPDATE`" . PREFIX . "_static` SET alt_name = '" . $alt_name . "', title = '" . $title . "', text = '" . $text . "' WHERE id = '" . $id . "'"); header("Location: ?mod=static"); } else { msgbox('Ошибка', 'Все поля обязательны к заполнению', 'javascript:history.go(-1)'); } die; } echoheader(); $row['title'] = stripslashes($row['title']); //Подключаем парсер include_once ENGINE_DIR . '/classes/parse.php'; $parse = new parse(); $row['text'] = $parse->BBdecode(myBrRn(stripslashes($row['text']))); echohtmlstart('Редактирование страницы'); echo <<<HTML <form method="POST" action=""> <style type="text/css" media="all"> .inpu{width:458px;} textarea{width:300px;height:300px;} </style> <div class="fllogall" style="width:130px">Заголовок:</div><input class="inpu" type="text" name="title" value="{$row['title']}" /><div class="mgcler"></div> <div class="fllogall" style="width:130px">Адрес: (например <b>test</b>):</div><input class="inpu" type="text" name="alt_name" value="{$row['alt_name']}" /><div class="mgcler"></div> <div class="fllogall" style="width:130px">Текст:</div><textarea class="inpu" name="text">{$row['text']}</textarea><div class="mgcler"></div>
break; //Страница Редактирование доп.полей //Страница Редактирование доп.полей case "all": $user_speedbar = $lang['editmyprofile'] . ' » Другое'; $tpl->load_template('editprofile.tpl'); $xfields = profileload(); $row = $db->super_query("SELECT xfields FROM `" . PREFIX . "_users` WHERE user_id = '" . $user_info['user_id'] . "'"); $xfieldsdata = xfieldsdataload($row['xfields']); foreach ($xfields as $name => $value) { $fieldvalue = $xfieldsdata[$value[0]]; $fieldvalue = stripslashes($fieldvalue); $output .= "<div class=\"texta\">{$value[1]}:</div>"; $for_js_list .= "'xfields[{$value[0]}]': \$('#{$value[0]}').val(), "; if ($value[2] == "textarea") { $output .= '<textarea id="' . $value[0] . '" class="inpst" style="width:300px;height:50px;">' . myBrRn($fieldvalue) . '</textarea>'; } elseif ($value[2] == "text") { $output .= '<input type="text" id="' . $value[0] . '" class="inpst" maxlength="100" value="' . $fieldvalue . '" style="width:300px;" />'; } elseif ($value[2] == "select") { $output .= '<select class="inpst" id="' . $value[0] . '">'; $output .= '<option value="">- Не выбрано -</option>'; foreach (explode("\r\n", $value[3]) as $index => $value) { $value = str_replace("'", "'", $value); $output .= "<option value=\"{$index}\"" . ($fieldvalue == $value ? " selected" : "") . ">{$value}</option>\r\n"; } $output .= '</select>'; } $output .= '<div class="mgclr"></div>'; } $for_js_list = substr($for_js_list, 0, strlen($for_js_list) - 2); $tpl->set('{xfields}', $output);
} die; break; //################### Страница редактирование альбома ###################// //################### Страница редактирование альбома ###################// case "edit_page": NoAjaxQuery(); $user_id = $user_info['user_id']; $id = $db->safesql(intval($_POST['id'])); $row = $db->super_query("SELECT aid, name, descr, privacy FROM `" . PREFIX . "_albums` WHERE aid = '{$id}' AND user_id = '{$user_id}'"); if ($row) { $album_privacy = explode('|', $row['privacy']); $tpl->load_template('albums_edit.tpl'); $tpl->set('{id}', $row['aid']); $tpl->set('{name}', stripslashes($row['name'])); $tpl->set('{descr}', stripslashes(myBrRn($row['descr']))); $tpl->set('{privacy}', $album_privacy[0]); $tpl->set('{privacy-text}', strtr($album_privacy[0], array('1' => 'Все пользователи', '2' => 'Только друзья', '3' => 'Только я'))); $tpl->set('{privacy-comment}', $album_privacy[1]); $tpl->set('{privacy-comment-text}', strtr($album_privacy[1], array('1' => 'Все пользователи', '2' => 'Только друзья', '3' => 'Только я'))); $tpl->compile('content'); AjaxTpl(); } die; break; //################### Сохранение настроек альбома ###################// //################### Сохранение настроек альбома ###################// case "save_album": NoAjaxQuery(); $id = intval($_POST['id']); $user_id = $user_info['user_id'];
//################### Страница редактирования ###################// case "edit": if ($user_group[$user_info['user_group']]['addnews']) { $id = intval($_GET['id']); $row = $db->super_query("SELECT title, story FROM `" . PREFIX . "_blog` WHERE id = '{$id}'"); if ($row) { //Подключаем парсер include ENGINE_DIR . '/classes/parse.php'; $parse = new parse(); function BBdecodeImg($source) { return '[img]' . $source . '[/img]'; } $row['story'] = preg_replace("#\\<img src=\"(.*?)\\\" alt=\"\" />#ies", "\\BBdecodeImg('\\1')", $row['story']); $tpl->load_template('blog/edit.tpl'); $tpl->set('{story}', $parse->BBdecode(stripslashes(myBrRn($row['story'])))); $tpl->set('{title}', stripslashes($row['title'])); $tpl->set('{id}', $id); $tpl->compile('content'); } else { Hacking(); } } else { Hacking(); } break; //################### Сохранение отредактированых ###################// //################### Сохранение отредактированых ###################// case "save": NoAjaxQuery(); if ($user_group[$user_info['user_group']]['addnews']) {
if ($row) { //Подключаем парсер include ENGINE_DIR . '/classes/parse.php'; $parse = new parse(); if (isset($_POST['save'])) { $title = textFilter($_POST['title'], false, true); $text = $parse->BBparse(textFilter($_POST['full_text'])); if (isset($title) and !empty($title) and isset($text) and !empty($text)) { $db->query("UPDATE `" . PREFIX . "_notes` SET title = '" . $title . "', full_text = '" . $text . "' WHERE id = '" . $note_id . "'"); msgbox('Информация', 'Заметка успешно сохранена', '?mod=notes'); } else { msgbox('Ошибка', 'Заполните все поля', '?mod=notes&act=edit&id=' . $note_id); } } else { $row['title'] = stripslashes($row['title']); $row['full_text'] = $parse->BBdecode(stripslashes(myBrRn($row['full_text']))); echoheader(); echohtmlstart('Редактирование заметки'); echo <<<HTML <style type="text/css" media="all"> .inpu{width:487px;} textarea{width:450px;height:400px;} </style> <form action="" method="POST"> <input type="hidden" name="mod" value="notes" /> <div class="fllogall" style="width:100px">Заголовок:</div> <input type="text" name="title" class="inpu" value="{$row['title']}" /> <div class="mgcler"></div>
<div class="fllogall"> </div><input type="submit" value="Сохранить" name="save" class="inp" style="margin-top:0px" /> </form> HTML; echohtmlstart('Список заблокированных IP адресов'); $sql_ = $db->super_query("SELECT SQL_CALC_FOUND_ROWS id, descr, date, ip FROM `" . PREFIX . "_banned` ORDER by `id` DESC", 1); if ($sql_) { foreach ($sql_ as $row) { if ($row['date']) { $row['date'] = langdate('j F Y в H:i', $row['date']); } else { $row['date'] = 'Неограниченно'; } $row['descr'] = stripslashes($row['descr']); $short = substr(strip_tags($row['descr']), 0, 50) . '..'; $row['descr'] = myBrRn($row['descr']); $banList .= <<<HTML <div style="background:#fff;float:left;padding:5px;width:150px;text-align:center;border-bottom:1px dashed #ccc">{$row['ip']}</div> <div style="background:#fff;float:left;padding:5px;width:130px;text-align:center;margin-left:1px;border-bottom:1px dashed #ccc">{$row['date']}</div> <div style="background:#fff;float:left;padding:5px;width:177px;text-align:center;margin-left:1px;border-bottom:1px dashed #ccc" title="{$row['descr']}">{$short}</div> <div style="background:#fff;float:left;padding:5px;width:100px;text-align:center;margin-left:1px;border-bottom:1px dashed #ccc"><a href="?mod=ban&act=unban&id={$row['id']}">Разблокировать</a></div> HTML; } } else { $banList = '<center><b>Список пуст</b></center>'; } echo <<<HTML <div style="background:#f0f0f0;float:left;padding:5px;width:150px;text-align:center;font-weight:bold;margin-top:-5px">IP</div> <div style="background:#f0f0f0;float:left;padding:5px;width:130px;text-align:center;font-weight:bold;margin-top:-5px;margin-left:1px">Срок окончания бана</div> <div style="background:#f0f0f0;float:left;padding:5px;width:177px;text-align:center;font-weight:bold;margin-top:-5px;margin-left:1px">Причина бана</div> <div style="background:#f0f0f0;float:left;padding:5px;width:100px;text-align:center;font-weight:bold;margin-top:-5px;margin-left:1px">Действие</div>
if ($row) { if (isset($_POST['save'])) { $title = textFilter($_POST['title'], false, true); $descr = textFilter($_POST['descr']); if (isset($title) and !empty($title) and isset($descr) and !empty($descr)) { $db->query("UPDATE `" . PREFIX . "_videos` SET title = '" . $title . "', descr = '" . $descr . "' WHERE id = '" . $id . "'"); //Чистим кеш mozg_mass_clear_cache_file("user_{$row['owner_user_id']}/page_videos_user|user_{$row['owner_user_id']}/page_videos_user_friends|user_{$row['owner_user_id']}/page_videos_user_all|user_{$row['owner_user_id']}/videos_num_all|user_{$row['owner_user_id']}/videos_num_friends"); msgbox('Информация', 'Видеозапись успешно отредактирована', '?mod=videos'); } else { msgbox('Ошибка', 'Заполните все поля', '?mod=videos&act=edit&id=' . $id); } } else { $row['title'] = stripslashes($row['title']); $row['descr'] = stripslashes(myBrRn($row['descr'])); $row['video'] = stripslashes(myBrRn($row['video'])); echoheader(); echohtmlstart('Редактирование видео'); echo <<<HTML <style type="text/css" media="all"> .inpu{width:447px;} textarea{width:450px;height:100px;} </style> <form action="" method="POST"> <input type="hidden" name="mod" value="notes" /> <div class="fllogall" style="width:140px">Название:</div> <input type="text" name="title" class="inpu" value="{$row['title']}" /> <div class="mgcler"></div>
include ENGINE_DIR . '/classes/parse.php'; $parse = new parse(); //Загруажем head заметок $tpl->load_template('notes/head.tpl'); $tpl->set('{note-id}', $note_id); $tpl->set('[edit]', ''); $tpl->set('[/edit]', ''); $tpl->set_block("'\\[all\\](.*?)\\[/all\\]'si", ""); $tpl->set_block("'\\[add\\](.*?)\\[/add\\]'si", ""); $tpl->set_block("'\\[view\\](.*?)\\[/view\\]'si", ""); $tpl->compile('info'); //Загружаем шаблон редактирования $tpl->load_template('notes/edit.tpl'); $tpl->set('{note-id}', $note_id); $tpl->set('{title}', stripslashes($row['title'])); $tpl->set('{text}', $parse->BBdecode(stripslashes(myBrRn($row['full_text'])))); $tpl->compile('content'); } else { $user_speedbar = $lang['error']; msgbox('', $lang['no_notes'], 'info'); } break; //################### Сохранение изменений ###################// //################### Сохранение изменений ###################// case "editsave": NoAjaxQuery(); //Подключаем парсер include ENGINE_DIR . '/classes/parse.php'; $parse = new parse(); $note_id = intval($_POST['note_id']); $title = textFilter(ajax_utf8($_POST['title']), false, true);