DB::run()->query("INSERT INTO `posts` (`posts_topics_id`, `posts_forums_id`, `posts_user`, `posts_text`, `posts_time`, `posts_ip`, `posts_brow`) VALUES (?, ?, ?, ?, ?, ?, ?);", array($tid, $topics['topics_forums_id'], $log, $msg, SITETIME, $ip, $brow)); $lastid = DB::run()->lastInsertId(); DB::run()->query("UPDATE `users` SET `users_allforum`=`users_allforum`+1, `users_point`=`users_point`+1, `users_money`=`users_money`+5 WHERE `users_login`=? LIMIT 1;", array($log)); DB::run()->query("UPDATE `topics` SET `topics_posts`=`topics_posts`+1, `topics_last_user`=?, `topics_last_time`=? WHERE `topics_id`=?;", array($log, SITETIME, $tid)); DB::run()->query("UPDATE `forums` SET `forums_posts`=`forums_posts`+1, `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['topics_forums_id'])); // Обновление родительского форума if ($topics['forums_parent'] > 0) { DB::run()->query("UPDATE `forums` SET `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['forums_parent'])); } } // -- Загрузка файла -- // if (!empty($_FILES['file']['name']) && !empty($lastid)) { if ($udata['users_point'] >= $config['forumloadpoints']) { if (is_uploaded_file($_FILES['file']['tmp_name'])) { $filename = check($_FILES['file']['name']); $filename = !is_utf($filename) ? utf_lower(win_to_utf($filename)) : utf_lower($filename); $filesize = $_FILES['file']['size']; if ($filesize > 0 && $filesize <= $config['forumloadsize']) { $arrext = explode(',', $config['forumextload']); $ext = getExtension($filename); if (in_array($ext, $arrext) && $ext != 'php') { if (utf_strlen($filename) > 50) { $filename = utf_substr($filename, 0, 45) . '.' . $ext; } if (!file_exists(BASEDIR . '/upload/forum/' . $topics['topics_id'])) { $old = umask(0); mkdir(BASEDIR . '/upload/forum/' . $topics['topics_id'], 0777, true); umask($old); } $num = 0; $hash = $lastid . '.' . $ext;
if (!empty($downs) && $view !== '') { if (!empty($downs['downs_active'])) { $zip = new PclZip('files/' . $downs['downs_link']); $content = $zip->extract(PCLZIP_OPT_BY_INDEX, $view, PCLZIP_OPT_EXTRACT_AS_STRING); if (!empty($content)) { $filecontent = $content[0]['content']; $filename = $content[0]['filename']; $config['newtitle'] = 'Просмотр файла - ' . $filename; echo '<img src="/images/img/zip.gif" alt="image" /> <b>' . $downs['downs_title'] . '</b><br /><br />'; echo '<b>' . $filename . '</b> (' . formatsize($content[0]['size']) . ')<hr />'; if (!preg_match("/\\.(gif|png|bmp|wbmp|jpg|jpeg)\$/", $filename)) { if ($content[0]['size'] > 0) { if (is_utf($filecontent)) { echo '<pre class="prettyprint linenums">' . htmlspecialchars($filecontent) . '</pre><br />'; } else { echo '<pre class="prettyprint linenums">' . win_to_utf(htmlspecialchars($filecontent)) . '</pre><br />'; } } else { show_error('Данный файл пустой!'); } } else { if (!empty($_GET['img'])) { $ext = getExtension($filename); while (ob_get_level()) { ob_end_clean(); } header("Content-Encoding: none"); header("Content-type: image/{$ext}"); header("Content-Length: " . strlen($filecontent)); header('Content-Disposition: inline; filename="' . $filename . '";'); die($filecontent);
} break; ############################################################################################ ## Поиск ## ############################################################################################ ############################################################################################ ## Поиск ## ############################################################################################ case 'search': $find = check(strval($_GET['find'])); $type = abs(intval($_GET['type'])); $where = abs(intval($_GET['where'])); $period = abs(intval($_GET['period'])); $section = abs(intval($_GET['section'])); if (!is_utf($find)) { $find = win_to_utf($find); } if (utf_strlen($find) >= 3 && utf_strlen($find) <= 50) { $findmewords = explode(" ", utf_lower($find)); $arrfind = array(); foreach ($findmewords as $val) { if (utf_strlen($val) >= 3) { $arrfind[] = empty($type) ? '+' . $val . '*' : $val . '*'; } } $findme = implode(" ", $arrfind); if ($type == 2 && count($findmewords) > 1) { $findme = "\"{$find}\""; } $config['newtitle'] = $find . ' - Результаты поиска'; $wheres = empty($where) ? 'topics' : 'posts';
$max = max($arraytags); $min = min($arraytags); render('blog/tags', array('tags' => $arraytags, 'max' => $max, 'min' => $min)); break; ############################################################################################ ## Главная страница ## ############################################################################################ ############################################################################################ ## Главная страница ## ############################################################################################ case 'search': show_title('Поиск по тегам'); $config['newtitle'] = 'Блоги - Поиск по тегам'; $tags = isset($_GET['tags']) ? check($_GET['tags']) : ''; if (!is_utf($tags)) { $tags = win_to_utf($tags); } if (utf_strlen($tags) >= 2) { if (empty($_SESSION['findresult']) || empty($_SESSION['blogfind']) || $tags != $_SESSION['blogfind']) { $querysearch = DB::run()->query("SELECT `blogs_id` FROM `blogs` WHERE `blogs_tags` LIKE '%" . $tags . "%' LIMIT 500;"); $result = $querysearch->fetchAll(PDO::FETCH_COLUMN); $_SESSION['blogfind'] = $tags; $_SESSION['findresult'] = $result; } $total = count($_SESSION['findresult']); if ($total > 0) { if ($start >= $total) { $start = last_page($total, $config['blogpost']); } $result = implode(',', $_SESSION['findresult']); $queryblog = DB::run()->query("SELECT `blogs`.*, `cats_id`, `cats_name` FROM `blogs` LEFT JOIN `catsblog` ON `blogs`.`blogs_cats_id`=`catsblog`.`cats_id` WHERE `blogs_id` IN (" . $result . ") ORDER BY `blogs_time` DESC LIMIT " . $start . ", " . $config['blogpost'] . ";");