function IndexPollsViewPolls() { $polls = System::database()->Select('polls', GetWhereByAccess('view', "`active`='1'")); if (count($polls) > 0) { System::site()->AddTemplatedBox('Опросы', 'module/polls_main.html'); System::site()->AddBlock('polls_title', true, false, 'ptitle'); System::site()->Blocks['polls_title']['vars'] = array('public' => 'Добавлен', 'title' => 'Опрос', 'comments' => 'Комментарий', 'voices' => 'Всего ответов'); System::site()->AddBlock('polls', true, true, 'poll'); SortArray($polls, 'date', true); foreach ($polls as $poll) { $answers = unserialize($poll['answers']); $c = count($answers); $num_voices = 0; for ($i = 0; $i < $c; $i++) { $num_voices += SafeDB($answers[$i][2], 11, int); } $vars = array(); $vars['title'] = SafeDB($poll['question'], 255, str); $vars['url'] = Ufu('index.php?name=polls&op=viewpoll&poll_id=' . SafeDB($poll['id'], 11, int), 'polls/{poll_id}/'); $vars['public'] = TimeRender($poll['date'], false, false); $vars['num_voices'] = $num_voices; $vars['allow_comments'] = SafeDB($poll['allow_comments'], 1, int); $vars['comments'] = SafeDB($poll['com_counter'], 11, int); System::site()->AddSubBlock('polls', true, $vars); } } else { System::site()->AddTextBox('', '<p align="center">Опросов пока нет.</p>'); } }
function AdminAuditLog() { AddCenterBox('Лог действий администраторов'); $query = System::database()->Select('audit', ''); $count = count($query); if ($count > 0) { if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } SortArray($query, 'date', true); $num = 25; if ($count > $num) { $navigator = new Navigation($page); $navigator->GenNavigationMenu($query, $num, ADMIN_FILE . '?exe=audit&a=log'); $nav = true; } else { $nav = false; } $text = '<table cellspacing="0" cellpadding="0" class="cfgtable">'; $text .= Indent('<tr> <th>Пользователь</th> <th>Действие</th> <th>Дата</th> <th>IP</th> </tr>'); foreach ($query as $q) { $user = GetUserInfo(SafeDB($q['user'], 11, int)); $date = TimeRender(SafeDB($q['date'], 11, int)); $action = SafeDB($q['action'], 255, str); $action = nl2br(str_replace(array(' ', "\t"), array(' ', ' '), $action)); $ip = SafeDB($q['ip'], 255, str); $text .= '<tr> <td>' . System::admin()->Link(SafeDB($user['name'], 50, str), ADMIN_FILE . '?exe=admins&a=editadmin&id=' . SafeDB($user['id'], 11, int)) . '</td> <td style="text-align: left;">' . $action . '</td> <td>' . $date . '</td> <td>' . $ip . '</td> </tr>'; } $text .= '</table>'; $text .= System::admin()->SpeedConfirm('Очистить лог', ADMIN_FILE . '?exe=audit&a=clear_log', '', 'Очистить лог действий администраторов?', true, true); AddText($text); if ($nav) { AddNavigation(); } } else { System::admin()->Highlight('Администраторы не произвели никаких действий.'); } }
} $newsdb = System::database()->Select('news', GetWhereByAccess('view', $where), $max_news, 'date', true); $news = array(); foreach ($newsdb as $new) { $news[] = array('title' => SafeDB($new['title'], 255, str), 'text' => substr(SafeDB($new['start_text'], 0, str, true, false), 0, 255), 'date' => $new['date'], 'url' => Ufu('index.php?name=news&op=readfull&news=' . SafeDB($new['id'], 11, int) . '&topic=' . SafeDB($new['topic_id'], 11, int), 'news/{topic}/{news}/')); } System::cache()->Write('block', $bcache_name, $news); } else { $news = System::cache()->Get('block', $bcache_name); } $count = count($news); $en = !($count == 0); $tempvars['content'] = 'block/content/news.html'; System::site()->AddBlock('no_news', !$en); System::site()->AddBlock('block_news', $en); System::site()->AddBlock('block_news_news', true, true, 'news'); foreach ($news as $new) { $text = $new['text']; $pp = strpos($text, '. '); if ($pp !== false) { $text = substr($text, 0, $pp + 1); } else { $text = substr($text, 0, 128) . ' ...'; } $news_vars = array(); $news_vars['title'] = $new['title']; $news_vars['url'] = $new['url']; $news_vars['text'] = $text; $news_vars['date'] = TimeRender($new['date']); System::site()->AddSubBlock('block_news_news', true, $news_vars); }
* © 2012 LinkorCMS Development Group */ if (!defined('VALID_RUN')) { header("HTTP/1.1 404 Not Found"); exit; } global $search_results, $searchstr; $news_array = System::database()->Select('news', GetWhereByAccess('view', "`enabled`='1'")); foreach ($news_array as $news) { $result = array(); $result['mod'] = $plugin_info['mod_title']; // Имя модуля $result['coincidence'] = ''; // Показывает где было совпадение $result['title'] = SafeDB($news['title'], 255, str); $result['public'] = TimeRender(SafeDB($news['date'], 11, int)); // Дата публикации $result['link'] = Ufu('index.php?name=news&op=readfull&news=' . SafeDB($news['id'], 11, int) . '&topic=' . SafeDB($news['topic_id'], 11, int), 'news/{topic}/{news}/'); $result['text'] = SafeDB($news['start_text'], 0, str); if ($news['auto_br'] == '1') { $result['text'] = SafeDB(nl2br($result['text']), 0, str, false, false); } else { $result['text'] = SafeDB($result['text'], 0, str, false, false); } if (strlen($result['text']) > 255) { $result['text'] = substr($result['text'], 0, 255) . ' ...'; } if (SSearch($news['seo_keywords'], $searchstr) != false) { $result['coincidence'] = 'Ключевые слова новости'; $search_results[] = $result; } elseif (SSearch($news['seo_description'], $searchstr) != false) {
* © 2012 LinkorCMS Development Group */ if (!defined('VALID_RUN')) { header("HTTP/1.1 404 Not Found"); exit; } global $search_results, $searchstr; $objects = System::database()->Select('articles', GetWhereByAccess('view', "`active`='1'")); foreach ($objects as $object) { $result = array(); $result['mod'] = $plugin_info['mod_title']; // Имя модуля $result['coincidence'] = ''; // Показывает где было совпадение $result['title'] = SafeDB($object['title'], 255, str); $result['public'] = TimeRender(SafeDB($object['public'], 11, int)); // Дата публикации $result['link'] = Ufu('index.php?name=articles&op=read&art=' . SafeDB($object['id'], 11, int) . '&cat=' . SafeDB($object['cat_id'], 11, int), 'articles/{cat}/{art}/'); $result['text'] = SafeDB($object['description'], 0, str); if (strlen($result['text']) > 255) { $result['text'] = substr($result['text'], 0, 255) . ' ...'; } if (SSearch($object['seo_keywords'], $searchstr) != false) { $result['coincidence'] = 'Ключевые слова статьи'; $search_results[] = $result; } elseif (SSearch($object['seo_description'], $searchstr) != false) { $result['coincidence'] = 'Описание статьи'; $search_results[] = $result; } elseif (SSearch($object['title'], $searchstr) != false) { $result['coincidence'] = 'Заголовок статьи'; $search_results[] = $result;
function AdminPagesPreview() { $_POST = ObjectUtf8ToCp1251($_POST); $preview = new Page('module/page.html', '', false, PAGE_SPECIAL); $preview->Doctype = '<!DOCTYPE html>'; $preview->AddCSSFile('style.css'); $hits = 0; $modified = time(); $public = time(); if (isset($_GET['id'])) { $page_id = SafeEnv($_GET['id'], 11, int); System::database()->Select('pages', "`id`='{$page_id}'"); $page = System::database()->FetchRow(); $hits = SafeDB($page['hits'], 11, int); $modified = $page['modified']; $public = $page['date']; } $preview->AddBlock('page'); $vars = array(); $vars['show_title'] = isset($_POST['ins_title']); $vars['show_copy'] = isset($_POST['ins_copy']); $vars['show_public'] = isset($_POST['ins_date']); $vars['show_modified'] = isset($_POST['ins_modified']); $vars['show_hits'] = isset($_POST['ins_counter']); $vars['show_info'] = $vars['show_copy'] || $vars['show_public'] || $vars['show_modified'] || $vars['show_hits']; $vars['title'] = SafeDB($_POST['title'], 255, str); if ($_POST['auto_br'] == '1') { $text = nl2br(SafeDB($_POST['text'], 0, str, false, false)); } else { $text = SafeDB($_POST['text'], 0, str, false, false); } $vars['text'] = $text; $vars['copyright'] = '© ' . SafeDB($_POST['copy'], 255, str); $vars['public'] = 'Опубликована: ' . TimeRender($public); $vars['hits'] = 'Просмотров: ' . $hits; $vars['modified'] = 'Изменена: ' . TimeRender($modified); $preview->SetTitle($vars['title']); $preview->SetVars('page', $vars); $preview->TEcho(false, false); exit; }
function AdminNewsPreview() { $_POST = ObjectUtf8ToCp1251($_POST); $preview = new Page('module/news_preview.html', '', false, PAGE_SPECIAL); $preview->Doctype = '<!DOCTYPE html>'; $preview->AddCSSFile('style.css'); $preview->AddBlock('news', true, true); // Отключаем показ блоков с комментариями $preview->SetVar('template', 'enabled_comments', false); $preview->SetVar('template', 'disabled_comments', true); // Скрываем ненужные блоки $preview->AddBlock('comments_navigation', false); $preview->AddBlock('news_comments', false); $preview->AddBlock('news_comments_form', false); $preview->SetTitle(SafeDB($_POST['title'], 255, str)); $topic_id = SafeEnv($_POST['topic_id'], 11, int); System::database()->Select('news_topics', "`id`='{$topic_id}'"); $topic = System::database()->FetchRow(); $topic_title = SafeDB($topic['title'], 255, str); if (isset($_GET['id'])) { $news_id = SafeDB($_GET['id'], 11, int); System::database()->Select('news', "`id`='" . SafeEnv($_GET['id'], 11, int) . "'"); $news = System::database()->FetchRow(); $comments_counter = SafeDB($news['comments_counter'], 11, int); $hit_counter = SafeDB($news['hit_counter'], 11, int); } else { $news_id = 0; $comments_counter = 0; $hit_counter = 0; } $img_view = SafeDB($_POST['img_view'], 1, int); $link = Ufu('index.php?name=news&op=readfull&news=' . $news_id . '&topic=' . $topic_id, 'news/{topic}/{news}/'); $topic_link = Ufu('index.php?name=news&topic=' . $topic_id, 'news/{topic}/'); $vars['topic'] = $topic_title; $vars['id'] = $news_id; $vars['title'] = SafeDB($_POST['title'], 255, str); $vars['author'] = System::user()->Get('u_name'); $date = strtotime(str_replace('.', '-', $_POST['public_date']) . ' ' . $_POST['public_time']); $vars['date'] = TimeRender($date); $vars['time'] = date('H:i', $date); $vars['day'] = date('d', $date); $vars['month'] = date('m', $date); $vars['year'] = date('y', $date); $vars['year_full'] = date('Y', $date); $vars['link'] = $link; $vars['cat_link'] = $topic_link; $vars['com_count'] = $comments_counter; $vars['hit_count'] = $hit_counter; $vars['admin'] = System::user()->isAdmin(); if (strlen(strip_tags($_POST['continuation'])) > 0) { // Есть ли продолжение новости $vars['full'] = '<a href="' . $link . '">Читать далее…</a>'; $read_more = true; } else { $vars['full'] = ''; $read_more = false; } $image = SafeDB($_POST['icon'], 255, str); list($width, $height) = SafeDB(explode(':', System::config('news/tmb_size')), 11, int); if ($image == '' || substr($image, 0, 7) == 'http://') { $vars['image'] = $image; $vars['image_url'] = false; } elseif ($img_view == 1) { // Исходная картинка $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = false; } elseif ($img_view == 2) { // Эскиз $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = $image; } elseif ($img_view == 0) { // Авто $size = ImageSize($image); if ($size['width'] > $width) { $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = $image; } else { $vars['image'] = $image; $vars['image_url'] = false; } } $vars['com_status'] = ''; if ($read_more) { $vars['text'] = SafeDB($_POST['shorttext'] . $_POST['continuation'], 0, str, false, false); } else { $vars['text'] = SafeDB($_POST['shorttext'], 0, str, false, false); } if ($_POST['auto_br'] == 'on') { $vars['text'] = nl2br($vars['text']); } $preview->AddSubBlock('news', true, $vars); $preview->TEcho(false, false); exit; }
function IndexFeedBackSend() { $err = array(); if (!isset($_POST['name']) || !isset($_POST['email']) || !isset($_POST['subject']) || !isset($_POST['department']) || !isset($_POST['message']) || !isset($_POST['feedback_form'])) { GO(Ufu('index.php')); } else { if ($_POST['name'] != '') { $name = SafeDB($_POST['name'], 250, str); } else { $err[] = 'Пожалуйста, укажите Ваше имя!'; } if ($_POST['email'] != '') { $email = SafeDB($_POST['email'], 50, str); } else { $err[] = 'Пожалуйста, укажите Ваш действительный адрес E-mail!'; } if ($_POST['subject'] != '') { $subject = SafeDB($_POST['subject'], 250, str, false, false, false); } else { $err[] = 'Пожалуйста, введите тему сообщения!'; } // Проверяем капчу if (!System::user()->isDef('captcha_keystring') || System::user()->Get('captcha_keystring') != $_POST['keystr']) { $err[] = 'Вы ошиблись при вводе кода с картинки.'; } if ($_POST['department'] != '') { $department = SafeEnv($_POST['department'], 11, int); System::database()->Select('feedback', "`active`='1' and `id`='{$department}'"); if (System::database()->NumRows() > 0) { $dep = System::database()->FetchRow(); $dep_email = SafeDB($dep['email'], 255, str); $department = SafeDB($dep['name'], 255, str); } else { $err[] = 'Департамент больше не существует или обратная связь с этим департаментом отключена.'; } } else { $err[] = 'Пожалуйста, выберите департамент!'; } if ($_POST['message'] != '') { $message = SafeDB($_POST['message'], 65535, str, false, false, false); } else { $err[] = 'Пожалуйста, введите сообщение!'; } } $size = $_FILES['attach']['size']; // / 1024; if ($_FILES['attach']['error'] == UPLOAD_ERR_OK && $size >= System::config('feedback/max_filesize')) { $err[] = 'Слишком большой размер файла.'; } if (count($err) == 0) { $mail = LmEmailExtended::Instance(); $mail->SetTo($dep_email, Cp1251ToUtf8($department)); $mail->SetFrom($email, Cp1251ToUtf8($name)); $mail->SetSubject(Cp1251ToUtf8($subject)); $text = Indent("\n\t\t\tЗдравствуйте!\n\n\t\t\tС помощью формы обратной связи на сайте \"" . System::config('general/site_name') . "\"\n\t\t\tвам было отправлено сообщение.\n\n\t\t\tДепартамент: {$department}\n\t\t\tИмя: {$name}\n\t\t\tE-mail: {$email}\n\t\t\tТема сообщения: {$subject}\n\t\t\tДата отправки: " . TimeRender(time(), true, false) . "\n\t\t\tСообщение: {$message}\n\t\t"); $mail->AddTextPart(Cp1251ToUtf8($text)); if ($_FILES['attach']['error'] == UPLOAD_ERR_OK) { $mail->AddAttachmentPart(file_get_contents($_FILES['attach']['tmp_name']), $_FILES['attach']['name']); } if ($mail->Send()) { System::site()->AddTextBox('Обратная связь', '<div style="text-align: center;">Ваше сообщение успешно отправлено!</div>'); } else { System::site()->AddTextBox('Обратная связь', '<div style="text-align: center;">При отправке вашего сообщения произошла ошибка, повторите попытку или обратитесь к администратору.</div>'); } } else { $text = 'Сообщение не отправлено:<br /><ul>'; foreach ($err as $error) { $text .= '<li>' . $error . '</li>'; } $text .= '</ul>'; System::site()->AddTextBox('Ошибка', $text); IndexFeedBackForm(); } }
function AdminUserMain() { global $user, $editing; $searchm = false; if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } if (isset($_GET['show'])) { $show = $_GET['show']; } else { $show = ''; } //Пользователи online $sonline = false; $onlwhere = ''; $where = '`type`=\'2\''; if ($show == 'online') { $donline = $user->Online(); $donline = $donline['members']; $onlwhere = ''; foreach ($donline as $memb) { $onlwhere .= "or `id`='" . SafeDB($memb['u_id'], 11, int) . "'"; } $onlwhere = substr($onlwhere, 3); $sonline = true; if (count($donline) > 0) { $where = "`type`='2' and ({$onlwhere})"; $users = AdminUserGetUsers($where); } else { $users = array(); } $searchm = true; } else { $users = AdminUserGetUsers(); } //Поиск $criterion = ''; $sstr = ''; if (isset($_GET['criterion']) && isset($_GET['stext']) && $_GET['stext'] != '') { $searchm = true; $criterion = $_GET['criterion']; $sstr = SafeEnv($_GET['stext'], 255, str); switch ($criterion) { case 'nikname': AdminUserQueryStristrFilter($users, $sstr, 'name'); break; case 'email': AdminUserQueryStristrFilter($users, $sstr, 'email'); break; case 'rname': AdminUserQueryStristrFilter($users, $sstr, 'truename'); break; case 'age': AdminUserQueryStristrFilter($users, $sstr, 'age'); break; case 'city': AdminUserQueryStristrFilter($users, $sstr, 'city'); break; case 'site': AdminUserQueryStristrFilter($users, $sstr, 'url'); break; case 'icq': AdminUserQueryStristrFilter($users, $sstr, 'icq'); break; case 'gmt': AdminUserQueryStristrFilter($users, $sstr, 'timezone'); break; case 'active': AdminUserQueryStristrFilter($users, $sstr, 'active'); break; case 'points': AdminUserQueryStristrFilter2($users, $sstr, 'points'); break; case 'ip': AdminUserQueryStristrFilter($users, $sstr, 'lastip'); break; } Audit('Пользователи: Поиск пользователей, критерий: "' . $criterion . '", запрос: "' . $sstr . '"'); } $sstr = strval($sstr); $showd = array(); System::site()->DataAdd($showd, 'all', 'Все пользователи', $show == ''); System::site()->DataAdd($showd, 'online', 'Пользователи OnLine', $show == 'online'); $searchd = array(); System::site()->DataAdd($searchd, 'nikname', 'Ник', $criterion == 'nikname'); System::site()->DataAdd($searchd, 'email', 'E-mail', $criterion == 'email'); System::site()->DataAdd($searchd, 'rname', 'Настоящее имя', $criterion == 'rname'); System::site()->DataAdd($searchd, 'age', 'Возраст', $criterion == 'age'); System::site()->DataAdd($searchd, 'city', 'Город', $criterion == 'city'); System::site()->DataAdd($searchd, 'site', 'Сайт', $criterion == 'site'); System::site()->DataAdd($searchd, 'icq', 'ICQ', $criterion == 'icq'); System::site()->DataAdd($searchd, 'gmt', 'Часовой пояс', $criterion == 'gmt'); System::site()->DataAdd($searchd, 'active', 'Активен', $criterion == 'active'); System::site()->DataAdd($searchd, 'points', 'Пунктов более', $criterion == 'points'); System::site()->DataAdd($searchd, 'ip', 'IP', $criterion == 'ip'); System::admin()->AddJS(' SearchUsers = function(){ var cri = "&criterion="+$("#criterion").val(); var stext = "&stext="+$("#stext").val(); var online = "&show="+$("#online").val(); Admin.LoadPage("' . ADMIN_FILE . '?exe=user"+cri+stext+online, undefined, "Идёт поиск"); } '); TAddSubTitle('Главная'); AddCenterBox('Зарегистрированные пользователи (' . count($users) . ')'); $searchtool = '<style>.ustd td{ border: none; padding: 0; }</style>'; $searchtool .= '<table cellspacing="0" cellpadding="0" border="0" class="cfgtable"><tr><td>' . "\n"; $searchtool .= '<table cellspacing="0" cellpadding="0" border="0" width="100%" class="ustd"> <tr> <td>Поиск: </td> <td>' . System::site()->Select('criterion', $searchd, false, 'id="criterion"') . ' ' . System::site()->Edit('stext', $sstr, false, 'id="stext"') . ' ' . System::site()->Select('show', $showd, false, 'id="online"') . '</td> <td>' . System::admin()->SpeedConfirmJs('Поиск', 'SearchUsers();', 'images/search.png', '', true) . '</td> </tr> </table>' . "\n"; $searchtool .= '</td></tr></table>' . "\n"; AddText($searchtool); SortArray($users, 'regdate', true); // Сортируем по дате регистрации if (count($users) > System::config('user/users_on_page')) { $navigator = new Navigation($page); $navigator->GenNavigationMenu($users, System::config('user/users_on_page'), ADMIN_FILE . '?exe=user' . ($searchm ? '&criterion=' . $criterion . '&stext=' . $sstr . '&show=' . $show : '')); $nav = true; } else { $nav = false; AddText('<br />'); } $text = ''; $text .= '<table cellspacing="0" cellpadding="0" class="cfgtable">'; $text .= '<tr><th>Ник</th><th>E-mail</th><th>Дата региcтрации</th><th>Посл. посещение</th><th>Посещений</th><th>Пунктов</th><th>Активация</th><th>IP</th><th>Функции</th></tr>'; foreach ($users as $row) { $uid = SafeDB($row['id'], 11, int); if ($row['active'] == '1') { $active = 'Да'; } elseif ($row['active'] == '0' && $row['activate'] == '') { $active = 'Нет'; } elseif ($row['active'] == '0' && $row['activate'] != '') { $active = 'Ожидается'; } $funcs = ''; if ($editing) { $funcs .= System::admin()->SpeedButton('Редактировать', ADMIN_FILE . '?exe=user&a=edituser&id=' . $uid, 'images/admin/edit.png'); $funcs .= System::admin()->SpeedButton('Удалить', ADMIN_FILE . '?exe=user&a=deluser&id=' . $uid, 'images/admin/delete.png'); // Всё верно } $text .= '<tr> <td>' . ($editing ? '<b>' . System::admin()->Link(SafeDB($row['name'], 50, str), ADMIN_FILE . '?exe=user&a=edituser&id=' . $uid) . '</b>' : SafeDB($row['name'], 50, str)) . '</td> <td>' . PrintEmail($row['email']) . '</td> <td>' . TimeRender($row['regdate']) . '</td> <td>' . TimeRender($row['lastvisit']) . '</td> <td>' . SafeDB($row['visits'], 11, int) . '</td> <td>' . SafeDB($row['points'], 11, int) . '</td> <td>' . $active . '</td> <td>' . SafeDB($row['lastip'], 20, str) . '</td> <td>' . $funcs . '</td> </tr>'; } $text .= '</table>'; AddText($text); if ($nav) { AddNavigation(); } }
function IndexForumShowTopic($one_post = false) { global $forum_lang; $forums_tree = ForumTree::Instance(); // Вспомогательные переменные $user_auth = System::user()->Auth; $user_id = System::user()->Get('u_id'); $user_admin = System::user()->isAdmin(); $time = time(); $max_word_length = System::config('forum/max_word_length'); if (isset($_GET['topic'])) { $topic_id = SafeEnv($_GET['topic'], 11, int); } else { System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']); return; } // Берём тему и проверяем на доступ System::database()->Select('forum_topics', "`id`='" . $topic_id . "'"); if (System::database()->NumRows() == 0) { System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']); return; } $topic = System::database()->FetchRow(); if (!$user_admin && $topic['starter_id'] == $user_id && $topic['delete'] == '1') { // Тема удалена в корзину (только админы видят корзину и автор темы) System::site()->AddTextBox($forum_lang['topic_basket_current_post'], '<p align="center">' . $forum_lang['topic_basket_post'] . '.<br><input type="button" value="' . $forum_lang['back'] . '"onclick="history.back();"></p>'); return; } // Проверяем доступ к форуму $forum_id = SafeEnv($topic['forum_id'], 11, int); $forum_config = $forums_tree->GetForumConfigRecursive($forum_id); // Параметры доступа на форум if (!$forum_config['access']) { System::site()->AddTextBox($forum_lang['error'], $forum_config['access_reason']); // Нет доступа в этот форум return; } // $forum_config['add_post'] - право добавлять сообщения // $forum_config['add_post_reason'] - причина запрета добавления сообщений // $forum_config['no_link_guest'] - скрывать ссылки от гостей // $forum_config['new_message_email'] - разрешить подписку на новые сообщения // Определяем следующую и предыдущую темы $topics_data = ForumCacheGetTopics(); $topics_data = $topics_data[$forum_id]; $prev_topic = null; $next_topic = null; $find = false; foreach ($topics_data as $topic_row) { if ($topic_row['id'] == $topic_id) { $find = true; continue; } if ($find) { $next_topic = $topic_row; break; } $prev_topic = $topic_row; } // Параметры постраничной навигации if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 11, int); } else { $page = 1; } if (isset($_GET['view']) && $_GET['view'] == 'lastpost') { $lastpost = true; } else { $lastpost = false; } $posts_on_page = System::config('forum/posts_on_page'); // Обновляем метку о прочтении темы, если пользователь авторизован if ($user_auth) { System::database()->Delete('forum_topics_read', "`tid`='{$topic_id}' and `mid`='{$user_id}'"); System::database()->Insert('forum_topics_read', "'{$user_id}','{$topic_id}','{$time}'"); } // Объект онлайн $online = ForumOnline::Instance($forum_id, $topic_id); // Устанавливаем заголовок страницы $topic_title = SafeDB($topic['title'], 255, str); System::site()->SetTitle($topic_title . ($page > 1 ? ' - Страница ' . $page : '')); // Хлебные крошки $forums_tree->BreadCrumbsF($forum_id); System::site()->BreadCrumbAdd(SafeDB($topic['title'], 255, str)); // Добавляем корзину (если тема удалена в корзину) if ($topic['delete'] == '1') { $basket_topics = ForumBasketGetData('forum_basket_topics'); if (isset($basket_topics[$topic['id']])) { System::site()->AddTextBox($forum_lang['topic_basket_red'], ForumBasketRender($topic['id'], $topic['title'], $basket_topics, true)); } } // Увеличиваем счётчик просмотров System::database()->Update('forum_topics', "`hits`='" . (SafeDB($topic['hits'], 11, int) + 1) . "'", "`id`='" . $topic_id . "'"); // Инициализируем постраничную навигацию $navigation = new Navigation($page); $navigation->FrendlyUrl = System::config('general/ufu'); // Загружаем сообщения из базы данных $basket_where = ''; // Администратор (подготавливаем запрос выборки т.к. нужно знать сколько всего сообщений для постр. навигации) if ($user_auth) { if (!$user_admin) { $basket_where = " and (`delete`='0' or `user_id`='{$user_id}')"; // Пользователь } } else { $basket_where = " and `delete`='0'"; // Гость } $posts = System::database()->Select('forum_posts', ($one_post !== false ? "`id`='{$one_post}'" : "`object`='{$topic_id}'") . $basket_where); SortArray($posts, 'public', false); //Сортируем по дате // Вывод постраничной навигации if (count($posts) > $posts_on_page) { if ($lastpost) { $page = ceil(count($posts) / $posts_on_page); } $navigation->GenNavigationMenu($posts, $posts_on_page, Ufu('index.php?name=forum&op=showtopic&topic=' . $topic_id, 'forum/topic' . $topic_id . '-{page}.html', true), $page); } else { $navigation->DisableNavigation(); } // Загружаем корзину для сообщений $basket = ForumBasketGetData('forum_basket_post'); // Блок с информацией о теме System::site()->AddBlock('topic', true, false); System::site()->SetVars('topic', ForumTopicFilterData($topic)); // Блок шаблонизатора для вывода сообщений System::site()->AddBlock('forum_posts', true, true, 'post'); $is_forum_member = AccessIsResolved(2); // Для определения первого и последнего сообщения $i = 1; // Выводим сообщения в шаблонизатор foreach ($posts as $post) { $post_user_id = SafeDB($post['user_id'], 11, int); if ($post_user_id == 0) { continue; } $vars = array(); // Обрабатываем текст сообщения if ($post['delete'] == '1') { // Сообщение удалено в корзину $vars['text'] = ForumBasketRender($post['id'], $post['message'], $basket); } else { $vars['text'] = HtmlChars($post['message']); if ($forum_config['no_link_guest']) { // Скрываем ссылки от гостей $replace = '<p class="notice">' . $forum_lang['hide_links_for_guests'] . '</p>'; $vars['text'] = preg_replace('/\\<a[^\\>]*?(http|https|ftp|www)(.*?)\\<\\/a\\>/is', $replace, $vars['text']); $vars['text'] = preg_replace('/(http:\\/\\/|https:\\/\\/|ftp:\\/\\/|www\\.)?([a-zA-Z0-9]+)\\.(ru|su|com|org|net|info|name|ws|cc|tv|tel|kz|biz|mobi|asia|me|tw|ua)+([а-яА-Яa-zA-Z0-9\'~;,@#%&_\\!\\$\\^\\*\\(\\)\\-\\=\\+\\?\\.\\:\\/\\\\]*)?/is', $replace, $vars['text']); } SmiliesReplace($vars['text']); $vars['text'] = nl2br($vars['text']); $vars['text'] = BbCodePrepare($vars['text']); if ($max_word_length > 0) { $vars['text'] = word_wrapped_string($vars['text'], $max_word_length); } } // Обрабатываем данные сообщения // Пользователь $user_info = GetUserInfo($post_user_id); $vars['usertopics'] = '<a href="' . Ufu('index.php?name=forum&op=usertopics&user='******'forum/usertopics/{user}/') . '">' . $forum_lang['allusertopics'] . '</a>'; if ($user_info['rank_name'] != '') { $vars['author'] = '<a href="' . Ufu('index.php?name=user&op=userinfo&user='******'user/{user}/info/') . '">' . $user_info['name'] . '</a>'; $vars['author_name'] = $user_info['name']; } else { $vars['author'] = $post['name']; $vars['author_name'] = $post['name']; } if ($user_info['hideemail'] == '0') { $vars['email'] = AntispamEmail($user_info['email']); } else { $vars['email'] = ' '; } if ($user_info['url'] != '') { $vars['homepage'] = '<a href="http://' . $user_info['url'] . '" target="_blank">' . $user_info['url'] . '</a>'; } else { $vars['homepage'] = ' '; } $vars['icq'] = $user_info['icq']; if ($user_info['online']) { $vars['status'] = $forum_lang['user_online']; } else { $vars['status'] = ''; } $vars['rank_image'] = $user_info['rank_image'] != '' ? $user_info['rank_image'] : ''; $vars['rank_name'] = $user_info['rank_name'] != '' ? $user_info['rank_name'] : ''; $vars['avatar'] = $user_info['avatar_file'] != '' ? $user_info['avatar_file'] : GetPersonalAvatar(0); $vars['regdate'] = TimeRender($user_info['regdate'], false, true); if (isset($user_info['data']['forum_counters'])) { $vars['user_posts_count'] = $user_info['data']['forum_counters']['posts']; $vars['user_topics_count'] = $user_info['data']['forum_counters']['topics']; } else { $vars['user_posts_count'] = '0'; $vars['user_topics_count'] = '0'; } // Сообщение $vars['public'] = $forum_lang['added'] . TimeRender($post['public']); $vars['public_date'] = TimeRender($post['public']); $vars['ip'] = SafeDB($post['user_ip'], 19, str); $vars['topic_id'] = $topic_id; $vars['id'] = SafeDB($post['id'], 11, int); $vars['nodelete'] = SafeDB($post['delete'], 1, int) == 1 ? false : true; $vars['is_admin_and_nodelete'] = $vars['nodelete'] && $user_admin; $vars['page'] = $page; // is_current_user Пользователь является владельцем сообщения (кнопки редактировать и удалить) if ($post['delete'] == '0') { $vars['is_current_user'] = $user_id == $post['user_id'] && $topic['close_topics'] == '0' || $user_admin; } else { $vars['is_current_user'] = false; } if ($one_post === false) { $vars['num'] = $page > 1 ? $page * $posts_on_page - $posts_on_page + $i : $i; $vars['url'] = "javascript:link_post('" . GetSiteUrl() . Ufu("index.php?name=forum&op=post&topic=" . $topic_id . "&post=" . $post['id'], 'forum/t{topic}/post{post}.html') . "')"; } else { $vars['num'] = ''; $vars['url'] = 'javascript:history.go(-1)'; } $vars['is_forum_member'] = $is_forum_member; System::site()->AddSubBlock('forum_posts', true, $vars, array(), 'module/forum_post.html'); $i++; } // Форма добавления сообщений System::site()->AddBlock('post_form', $forum_config['add_post'], false); ForumRenderPostForm(false, $forum_id, $topic_id, 0, '', '', $is_forum_member); // Подписка на тему System::site()->AddBlock('subscription', $forum_config['new_message_email'], false, 'subs'); $vars_subs = array(); $vars_subs['topic'] = $topic_id; $vars_subs['sub_status'] = Forum_Subscription_Status($topic_id); $vars_subs['status'] = $vars_subs['sub_status'] ? 'Отписаться от этой темы' : 'Подписаться на эту тему'; System::site()->SetVars('subscription', $vars_subs); System::site()->AddBlock('is_forum_member', $is_forum_member, false, 'marker'); System::site()->SetVars('is_forum_member', array('id' => $topic_id)); // Подключаем шаблон System::site()->AddTemplatedBox('', 'module/forum_showtopic.html'); // Выводим блок онлайн $online->Render($forum_id, $topic_id, $forum_lang['current_online'], 'forum_online'); // Предыдущая и следующая тема System::site()->AddBlock('forum_prev_topic', isset($prev_topic), false, 'topic'); if (isset($prev_topic)) { System::site()->SetVars('forum_prev_topic', array('url' => Ufu('index.php?name=forum&op=showtopic&topic=' . SafeDB($prev_topic['id'], 11, int), 'forum/topic{topic}.html'), 'title' => SafeDB($prev_topic['title'], 255, str), 'lang_prev_topic' => $forum_lang['prev_topic'])); } System::site()->AddBlock('forum_next_topic', isset($next_topic), false, 'topic'); if (isset($next_topic)) { System::site()->SetVars('forum_next_topic', array('url' => Ufu('index.php?name=forum&op=showtopic&topic=' . SafeDB($next_topic['id'], 11, int), 'forum/topic{topic}.html'), 'title' => SafeDB($next_topic['title'], 255, str), 'lang_next_topic' => $forum_lang['next_topic'])); } // Быстрый переход по форумам ForumQuickTransitionBox($forum_id, $forum_lang['quick_transition']); }
function IndexFormSendMail($email, $form_name, $time, $user, $ip, $data_rows) { if ($user != 0) { $user_info = GetUserInfo($user); $user = SafeDB($user_info['name'], 255, str) . ' ( id:' . SafeDB($user_info['id'], 11, int) . ' )'; $from = $user_info['name']; $from_email = $user_info['email']; } else { $user = '******'; $from = System::config('general/site_name'); $from_email = System::config('general/site_email'); } $subject = 'Веб форма "' . SafeDB($form_name, 255, str) . '"'; $mail = LmEmailExtended::Instance(); $mail->SetSubject(Cp1251ToUtf8($subject)); $mail->SetFrom($from_email, Cp1251ToUtf8($from)); $mail->AddTo($email, Cp1251ToUtf8('Администратор')); $post_text = ''; foreach ($data_rows as $row) { if ($row[2] == 'file') { $mail->AddAttachmentPart(file_get_contents($row[1]), $row[3]); } else { $post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br />' . SafeDB($row[1], 0, str) . '<br />'; } } $text = Indent(' <html> <head> <title>Форма</title> </head> <body> <table cellspacing="2" cellpadding="10" border="1"> <tr> <th>Дата: ' . TimeRender($time, true, false) . '</th> <th>Пользователь: ' . $user . '</th> <th>IP: ' . $ip . '</th> </tr> <tr> <td colspan="3" style="text-align: left;">' . $post_text . '</td> </tr> </table> </body> </html> '); $mail->AddHtmlPart(Cp1251ToUtf8($text)); if (!$mail->Send()) { ErrorHandler(USER_ERROR, 'Проблема при отправке E-mail "' . $subject . '".', __FILE__); } }
function AdminCommentsMain() { System::admin()->AddCenterBox('Глобальная модерация комментариев'); if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } System::admin()->AddJS(' UpdateSelectComment = function(){ $(".comment_check").each(function(){ $("#comment"+$(this).val()).removeClass("commtable_selected"); }); $(".comment_check:checked").each(function(){ $("#comment"+$(this).val()).addClass("commtable_selected"); }); }; SelectAllComments = function(){ $(".comment_check").each(function(){ $(this).attr("checked", true); }); UpdateSelectComment(); }; DeleteComments = function(){ var del = ""; $(".comment_check:checked").each(function(){ del += "#"+$(this).val(); }); Admin.LoadPagePost("' . ADMIN_FILE . '?exe=comments&a=delete&page=' . $page . '", {delcomments: del}, "Удаление..."); }; '); $commentsOnPage = 50; // Выбираем комментарии из всех таблиц $where = ''; $posts = array(); $comments_tables = System::database()->Select('comments'); foreach ($comments_tables as $table) { $temp_posts = System::database()->Select($table['table'], $where); AdminConfigMarkPosts($temp_posts, $table); $posts = array_merge($posts, $temp_posts); } // Сортируем комментарии по дате(Новые сверху) SortArray($posts, 'post_date', true); // Добавляем постраничную навигацию if (count($posts) > $commentsOnPage) { $navigator = new Navigation($page); $navigator->GenNavigationMenu($posts, $commentsOnPage, ADMIN_FILE . '?exe=comments'); $nav = true; } else { $nav = false; AddText('<br />'); } // Шапка if (count($posts) == 0) { System::admin()->Highlight('На сайте нет комментариев.'); return; } else { $text = ''; } $text .= '<table cellspacing="0" cellpadding="0" width="90%" align="center" class="commtable_header"> <tr> <th style="width: 160px;">Пользователь</th> <th style="width: 260px;">E-mail</th> <th style="width: 260px;">Сайт</th> <th style="width: 260px;">Дата и время</th> <th style="width: 70px;">IP</th> <th>Функции</th> </tr></table>'; // Выводим комментарии foreach ($posts as $post) { $post_id = SafeDB($post['id'], 11, int); $object_id = SafeDB($post['object_id'], 11, int); $user_id = SafeDB($post['user_id'], 11, int); $user_name = SafeDB($post['user_name'], 255, str); $user_homepage = SafeDB($post['user_homepage'], 255, str); $user_email = SafeDB($post['user_email'], 255, str); $user_ip = SafeDB($post['user_ip'], 19, str); $post_date = TimeRender($post['post_date']); $post_message = SafeDB($post['post_message'], 0, str, false); $post_message = nl2br($post_message); $edit = ADMIN_FILE . '?exe=comments&a=edit&id=' . $post_id . '&table=' . $post['_table'] . '&page=' . $page; if ($user_id != 0) { $userinfo = GetUserInfo($user_id); $user_name = $userinfo['name']; $user_homepage = $userinfo['url']; $user_email = PrintEmail($userinfo['email']); if ($userinfo['online']) { $online = '<b>Сейчас на сайте.</b>'; } else { $online = ''; } $avatar = '<img src="' . $userinfo['avatar_file'] . '" />'; $rank_image = '<img src="' . $userinfo['rank_image'] . '" />'; $rank_name = $userinfo['rank_name']; $regdate = 'Зарегистрирован: ' . TimeRender($userinfo['regdate'], false); $ruser = true; } else { $user_email = PrintEmail($user_email); $online = ''; $avatar = '<img src="' . GetPersonalAvatar(0) . '" />'; $rank_image = ''; $rank_name = ''; $regdate = ''; $ruser = false; } if ($user_homepage != '') { $user_homepage = '<a href="http://' . $user_homepage . '" target="_blank">' . $user_homepage . '</a>'; } else { $user_homepage = ' '; } if ($ruser) { $user_name = '<a href="' . Ufu("index.php?name=user&op=userinfo&user={$user_id}", 'user/{user}/info/') . '" target="_blank">' . $user_name . '</a>'; } $link_go = ADMIN_FILE . '?exe=comments&a=find&table=' . SafeDB($post['_id'], 11, int) . '&post_id=' . $post_id; $func = ''; if ($post['_url'] != '') { $func .= System::admin()->SpeedButton('Найти комментарий', $link_go, 'images/search.png', false, false, 'target="_blank"'); } $func .= SpeedButton('Редактировать', $edit, 'images/admin/edit.png'); $text .= Indent(' <table cellspacing="0" cellpadding="0" width="90%" align="center" class="commtable" id="comment' . $post_id . '--' . $post['_table'] . '--' . $object_id . '"> <tr> <th style="width: 160px;"><b>' . $user_name . '</b></th> <th style="width: 260px;">' . $user_email . '</th> <th style="width: 260px;">' . $user_homepage . '</th> <th style="width: 260px;">' . $post_date . '</th> <th style="width: 70px;">' . $user_ip . '</th> <th>' . $func . '</th> <th>' . System::admin()->Check('delcomments[]', $post_id . '--' . $post['_table'] . '--' . $object_id, false, 'class="comment_check" onchange="UpdateSelectComment();"') . '</th> </tr> <tr> <td valign="top" width="140">' . $avatar . '<br>' . $rank_image . '<br>' . $rank_name . '</td> <td colspan="6" class="commtable_text">' . $post_message . '</td> </tr> </table> '); } // Подвал AddText($text); if ($nav) { AddNavigation(); } $text = ''; if (count($posts) > 0) { $text .= '<div style="text-align: right;">' . System::admin()->SpeedConfirmJs('Выделить все', 'SelectAllComments();', '', '', true) . ' ' . System::admin()->SpeedConfirmJs('Удалить выделенные', 'DeleteComments();', 'images/admin/delete.png', 'Удалить выделенные комментарии?', true) . '</div>'; } AddText($text); }
function AdminForumBasket($table = 'forum_basket_post') { global $config, $site; if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } if ($table == 'forum_basket_post') { $site->Title .= ' > Удаляемые сообщения'; $caption = 'Удаляемые сообщения'; } else { $site->Title .= ' > Удаляемые Темы'; $caption = 'Удаляемые Темы'; } $result = System::database()->Select($table); if (count($result) > 20) { $navigator = new Navigation($page); $navigator->GenNavigationMenu($result, 20, ADMIN_FILE . '?exe=forum&a=' . $table); $nav = true; } else { $nav = false; } $mop = 'showtopic&topic='; if ($table == 'forum_basket_post') { $table_caption = ' (сообщение)'; if (count($result) > 0) { $mposts = array(); $where = ''; foreach ($result as $mpost) { $where .= "`id`='" . $mpost['obj_id'] . "' or "; } $where = substr($where, 0, strlen($where) - 3); $result_posts = System::database()->Select('forum_posts', $where); if (count($result_posts) > 0) { foreach ($result_posts as $mpost) { $mposts[$mpost['id']] = $mpost['object']; $mpostsm[$mpost['id']] = $mpost['message']; } foreach ($result as $mpost) { $mpost['obj_id2'] = $mposts[$mpost['obj_id']]; $mpost['obj_id'] = $mpost['obj_id']; $mpost['date'] = $mpost['date']; $mpost['user'] = $mpost['user']; $mpost['reason'] = $mpost['reason']; $mpost['message'] = $mpostsm[$mpost['obj_id']]; $result2[] = $mpost; } $result = $result2; } } } else { $table_caption = ' (название темы)'; if (count($result) > 0) { $where = ''; foreach ($result as $mpost) { $where .= "`id`='" . $mpost['obj_id'] . "' or "; } $where = substr($where, 0, strlen($where) - 3); $result_topics = System::database()->Select('forum_topics', $where); if (count($result_topics) > 0) { foreach ($result_topics as $mtopic) { $mtopics[$mtopic['id']] = $mtopic['title']; } foreach ($result as $mtopic) { $mpost['obj_id'] = $mtopic['obj_id']; $mpost['date'] = $mtopic['date']; $mpost['user'] = $mtopic['user']; $mpost['reason'] = $mtopic['reason']; $mpost['message'] = $mtopics[$mtopic['obj_id']]; $result2[] = $mpost; } $result = $result2; } } } $text = '<table cellspacing="0" cellpadding="0" class="cfgtable">'; $text .= '<tr><th>Кто удалил</th><th>Дата удаления</th><th>Дата окончательного удаления</th><th>Комментарий</th><th>Содержимое удаляемого <BR>' . $table_caption . '</th><th>Функции</th></tr>'; foreach ($result as $basket) { $mop = 'showtopic&topic=' . ($table == 'forum_basket_post' ? $basket['obj_id2'] : $basket['obj_id']); $restore_link = ADMIN_FILE . '?exe=forum&a=basket_restore&' . $table . '=' . $basket['obj_id']; $ainfo = GetUserInfo($basket['user']); $text .= '<tr> <td>' . $ainfo['name'] . '</td> <td>' . TimeRender($basket['date'], false, false) . '</td> <td>' . TimeRender($basket['date'] + 86400 * $config['forum']['clear_basket_day'], false, false) . '</td> <td>' . $basket['reason'] . '</td> <td>' . (isset($basket['message']) ? $basket['message'] : '') . '</td> <td><a href="' . $restore_link . '">Восстановить</a> <a href="index.php?name=forum&op=' . $mop . '" target="_blank">Просмотр</a></td> </tr>'; } $text .= '</table>'; AddTextBox($caption, $text); if ($nav) { AddNavigation(); } }
function IndexNewsAdd(&$news, $topic, $readfull = false) { $func = IndexNewsFunc(SafeDB($news['id'], 11, int)); $img_view = SafeDB($news['img_view'], 1, int); $link = Ufu('index.php?name=news&op=readfull&news=' . SafeDB($news['id'], 11, int) . '&topic=' . SafeDB($news['topic_id'], 11, int), 'news/{topic}/{news}/'); $topic_link = Ufu('index.php?name=news&topic=' . SafeDB($news['topic_id'], 11, int), 'news/{topic}/'); $vars['topic'] = $topic; $vars['id'] = SafeDB($news['id'], 11, int); $vars['title'] = SafeDB($news['title'], 255, str) . (System::user()->isAdmin() ? $func : ''); $vars['author'] = SafeDB($news['author'], 255, str); $date = SafeDB($news['date'], 11, int); $vars['date'] = TimeRender($date); $vars['time'] = date('H:i', $date); $vars['day'] = date('d', $date); $vars['month'] = date('m', $date); $vars['year'] = date('y', $date); $vars['year_full'] = date('Y', $date); $vars['link'] = $link; $vars['cat_link'] = $topic_link; $vars['com_count'] = SafeDB($news['comments_counter'], 11, int); $vars['hit_count'] = SafeDB($news['hit_counter'], 11, int); $vars['admin'] = System::user()->isAdmin(); if (strlen(strip_tags($news['end_text'])) > 0) { // Есть ли продолжение новости. $vars['full'] = '<a href="' . $link . '">Читать далее…</a>'; $read_more = true; } else { $vars['full'] = ''; $read_more = false; } $image = SafeDB($news['icon'], 255, str); list($width, $height) = SafeDB(explode(':', System::config('news/tmb_size')), 11, int); if ($image == '' || substr($image, 0, 7) == 'http://') { $vars['image'] = $image; $vars['image_url'] = false; } elseif ($img_view == 1) { // Исходная картинка $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = false; } elseif ($img_view == 2) { // Эскиз $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = $image; } elseif ($img_view == 0) { // Авто $size = ImageSize($image); if ($size['width'] > $width) { $vars['image'] = GetThumb($image, $width, $height); $vars['image_url'] = $image; } else { $vars['image'] = $image; $vars['image_url'] = false; } } if (!$readfull) { // Короткая новость if ($news['allow_comments'] == '1') { $vars['com'] = '<a href="' . $link . '#comments">Комментировать(' . SafeDB($news['comments_counter'], 11, int) . ')</a>'; } else { $vars['com'] = ''; } if ($news['auto_br'] == '1') { $news['start_text'] = SafeDB(nl2br($news['start_text']), 0, str, false, false); } else { $news['start_text'] = SafeDB($news['start_text'], 0, str, false, false); } $vars['text'] = $news['start_text']; } else { // Полная новость if (SafeDB($news['comments_counter'], 11, int) > 0) { $vars['com_status'] = 'Комментарии'; } else { $vars['com_status'] = 'Комментариев пока нет'; } if ($news['auto_br'] == '1' && $read_more) { $news['end_text'] = SafeDB(nl2br($news['end_text']), 0, str, false, false); } elseif ($news['auto_br'] == '0' && $read_more) { $news['end_text'] = SafeDB($news['end_text'], 0, str, false, false); } elseif ($news['auto_br'] == '1' && !$read_more) { $news['end_text'] = SafeDB(nl2br($news['start_text']), 0, str, false, false); } else { $news['end_text'] = SafeDB($news['start_text'], 0, str, false, false); } $vars['text'] = $news['end_text']; } System::site()->AddSubBlock('news', true, $vars); }
function AdminFormsViewPosts($new) { $file_save_dir = 'uploads/forms'; if (!isset($_GET['id'])) { return; } $id = SafeEnv($_GET['id'], 11, int); System::database()->Select('forms', "`id`='{$id}'"); $form = System::database()->FetchRow(); $box_title = $form['hname']; if ($new) { $moderated = " and `moderated`='0'"; } else { $moderated = ''; } $posts = System::database()->Select('forms_data', "`form_id`='{$id}'" . $moderated); if (count($posts) == 0) { System::admin()->AddCenterBox('Новые поcты формы "' . $box_title . '"'); System::admin()->Highlight('Нет новых сообщений'); return; } $text = ''; foreach ($posts as $post) { $time = TimeRender(SafeDB($post['time'], 11, int)); if ($post['user_id'] > 0) { $user_info = GetUserInfo(SafeDB($post['user_id'], 11, int)); $user_name = '<a href="' . 'index.php?name=user&op=userinfo&user='******'id'] . '">' . $user_info['name'] . '</a>'; } else { $user_name = '-'; } $ip = SafeDB($post['user_ip'], 20, str); $data_rows = unserialize($post['data']); $post_text = ''; foreach ($data_rows as $row) { if ($row[2] == 'file') { $post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br><a href="' . SafeDB($file_save_dir . '/' . $row[1], 0, str) . '">' . SafeDB($row[3], 255, str) . '</a><br>'; } else { $post_text .= '<b>' . SafeDB($row[0], 255, str) . ':</b><br>' . SafeDB($row[1], 0, str) . '<br>'; } } $delfunc = System::admin()->SpeedConfirm('Удалить данные формы', ADMIN_FILE . '?exe=forms&a=delpost&id=' . $id . '&pid=' . SafeDB($post['id'], 11, int) . '&ok=0' . ($new ? '&new=1' : ''), 'images/admin/delete.png', 'Удалить?'); //'<a href="'.ADMIN_FILE.'?exe=forms&a=delpost&id='.$id.'&pid='.SafeDB($post['id'], 11, int).'&ok=0&new=1"><img src="images/admin/delete.png" title="Удалить эти данные" /></a>'; $text .= '<table cellspacing="0" cellpadding="0" border="0" class="cfgtable">'; $text .= '<tr><th>Дата: ' . $time . '</td><th>Пользователь: ' . $user_name . '</td><th>IP: ' . $ip . '</td><th width="30">' . $delfunc . '</td></tr>'; $text .= '<tr><td colspan="4" style="text-align:left;padding-left:10px;">' . $post_text . '</td></tr>'; $text .= '</table>'; } if ($new) { $text .= '<div style="text-align: right;">' . System::admin()->SpeedButton('Отметить все как просмотренные', ADMIN_FILE . '?exe=forms&a=checkall&id=' . $id, '', true, true) . '</div>'; } AddTextBox('Новые поcты формы "' . $box_title . '"', $text); }
function RenderArticle(&$art) { $vars = array(); $art_id = SafeDB($art['id'], 11, int); $cat_id = SafeDB($art['cat_id'], 11, int); $func = IndexArticlesFunc($art_id); $vars['title'] = SafeDB($art['title'], 250, str) . (System::user()->isAdmin() ? $func : ''); $vars['cat'] = IndexArticlesGetTree()->IdCats[$cat_id]['title']; $vars['catlink'] = Ufu("index.php?name=articles&cat={$cat_id}", 'articles/{cat}/'); if ($art['image'] != '') { $vars['image'] = RealPath2(System::config('articles/images_dir') . SafeDB($art['image'], 255, str)); $vars['thumb_image'] = RealPath2(System::config('articles/images_dir') . 'thumbs/' . SafeDB($art['image'], 255, str)); } else { $vars['image'] = false; } if ($art['auto_br_desc'] == '1') { $vars['description'] = nl2br(SafeDB($art['description'], 0, str, false, false, false)); } else { $vars['description'] = SafeDB($art['description'], 0, str, false, false, false); } $vars['lauthor'] = 'Автор'; $vars['author'] = SafeDB($art['author'], 200, str); $vars['lemail'] = 'E-mail'; $vars['email'] = SafeDB($art['email'], 50, str); $vars['lurl'] = 'Источник'; $vars['site'] = SafeDB($art['www'], 250, str); $vars['site_url'] = UrlRender(SafeDB($art['www'], 250, str)); $vars['lpublic'] = 'Опубликована'; $vars['public'] = TimeRender(SafeDB($art['public'], 11, int), false); $vars['link2'] = Ufu("index.php?name=articles&op=read&art={$art_id}&cat={$cat_id}", 'articles/{cat}/{art}/'); $vars['link'] = '<a href="' . $vars['link2'] . '">Читать...</a>'; $vars['lhits'] = 'Просмотров'; $vars['hits'] = SafeDB($art['hits'], 11, int); $vars['lcomments'] = 'Комментарий'; $vars['comments'] = SafeDB($art['comments_counter'], 11, int); //Выводим rating $rating = GetRatingImage(SafeDB($art['num_votes'], 11, int), SafeDB($art['all_votes'], 11, int)); $vars['rating_image'] = $rating; $vars['alloy_rating'] = SafeDB($art['allow_votes'], 1, bool); $vars['disable_rating'] = !$vars['alloy_rating']; $vars['lrating'] = 'Оценка'; $vars['rating_num_votes'] = SafeDB($art['num_votes'], 11, int); // $vars['form'] = SafeDB($art['form'], 11, int); $vars['product_id'] = SafeDB($art['product_id'], 255, str); $vars['form_url'] = false; if ($vars['form'] != 0 && $vars['product_id'] != '') { $vars['form_url'] = 'index.php?name=forms&form=' . $vars['form'] . '&f_product_id=' . rawurlencode($vars['product_id']); } System::site()->AddSubBlock('articles', true, $vars); }
function AddDetailDownload(&$down) { $id = SafeDB($down['id'], 11, int); $cat_id = SafeDB($down['category'], 11, int); $func = IndexDownloadsFunc($id); $vars = array(); $vars['category_url'] = Ufu("index.php?name=downloads&cat={$cat_id}", 'downloads/{cat}/'); $vars['category_title'] = IndexDownloadsGetTree()->IdCats[$down['category']]['title']; $vars['category'] = '<a href="' . $vars['category_url'] . '">' . $vars['category_title'] . '</a>'; $vars['file_link'] = "index.php?name=downloads&op=download&file={$id}"; // Если сделать ЧПУ ссылку, то появляется проблема с относительным адресом файла if (AccessIsResolved($down['view'])) { $vars['access'] = true; $url = '<a href="' . $vars['file_link'] . '" target="_blank">Скачать файл</a>'; } else { $vars['access'] = false; $url = 'Файл только для зарегистрированных пользователей.'; } $vars['not_access'] = !$vars['access']; $vars['url'] = $url; $vars['file_title'] = SafeDB($down['title'], 255, str) . (System::user()->isAdmin() ? $func : ''); $vars['description'] = SafeDB($down['description'], 0, str, false, false); $vars['author'] = SafeDB($down['author'], 200, str); $vars['homepage'] = SafeDB($down['author_site'], 250, str); $vars['homepage_url'] = UrlRender(SafeDB($down['author_site'], 250, str)); $vars['mail'] = SafeDB($down['author_email'], 50, str); $vars['date'] = TimeRender($down['public']); $vars['hits'] = SafeDB($down['hits'], 11, int); $vars['version'] = SafeDB($down['file_version'], 250, str); $vars['size'] = FormatFileSize(SafeDB($down['size'], 11, real), SafeDB($down['size_type'], 1, str)); $vars['filetype'] = IndexDownloadsGetFileType(SafeDB($down['url'], 250, str)); $vars['addvote_url'] = "index.php?name=downloads&op=addvote&file={$id}"; System::site()->DataAdd($vdata, '0', 'Ваша оценка'); System::site()->DataAdd($vdata, '1', 'Очень плохо'); System::site()->DataAdd($vdata, '2', 'Плохо'); System::site()->DataAdd($vdata, '3', 'Средне'); System::site()->DataAdd($vdata, '4', 'Хорошо'); System::site()->DataAdd($vdata, '5', 'Отлично'); $vars['votes'] = System::site()->Select('vote', $vdata); $vars['addvotesubm'] = System::site()->Submit('Оценить файл'); $vars['allow_votes'] = SafeDB($down['allow_votes'], 1, bool); if ($down['image'] != '') { $vars['image'] = RealPath2(System::config('downloads/images_dir') . SafeDB($down['image'], 255, str)); $vars['thumb_image'] = RealPath2(System::config('downloads/images_dir') . 'thumbs/' . SafeDB($down['image'], 255, str)); } else { $vars['image'] = false; } //Выводим rating $vars['rating_num_votes'] = SafeDB($down['votes_amount'], 11, int); $vars['rating_image'] = GetRatingImage(SafeDB($down['votes_amount'], 11, int), SafeDB($down['votes'], 11, int)); $rating = $vars['rating_image']; if ($rating == '' && SafeDB($down['allow_votes'], 1, bool)) { // allow_rating $rating = 'Нет оценки'; } elseif (SafeDB($down['allow_votes'], 1, bool)) { $rating = '<img src="' . $rating . '" /> (Оценок: ' . SafeDB($down['votes_amount'], 11, int) . ')'; } else { $rating = ' - '; } $vars['rating'] = $rating; // if (!SafeDB($down['allow_comments'], 1, bool)) { // allow coments $vars['comments'] = ' - '; } else { $vars['comments'] = SafeDB($down['comments_counter'], 11, int); } System::site()->AddBlock('download', true, false, 'dl'); System::site()->Blocks['download']['vars'] = $vars; }
/** * Фильтрует данные топика для вывода в шаблон. * @param type $topic * @global type $forum_lang * @internal param \type $root * @return string */ function ForumTopicFilterData($topic) { global $forum_lang; $topic2 = array(); $topic2['id'] = SafeDB($topic['id'], 11, int); $topic2['forum_id'] = SafeDB($topic['forum_id'], 11, int); $topic2['category'] = $topic2['forum_id']; $topic2['title'] = SafeDB($topic['title'], 255, str); $topic2['state'] = SafeDB($topic['state'], 1, int); // TODO: Что это? $topic2['posts'] = SafeDB($topic['posts'], 11, int) < 0 ? 0 : SafeDB($topic['posts'], 11, int); $topic2['hits'] = SafeDB($topic['hits'], 11, int); $topic2['start_date'] = TimeRender(SafeDB($topic['start_date'], 11, int), true, true); $topic2['starter_id'] = SafeDB($topic['starter_id'], 11, int); $topic2['starter_name'] = SafeDB($topic['starter_name'], 255, str); $topic2['starter_url'] = Ufu('index.php?name=user&op=userinfo&user='******'starter_id'], 'user/{user}/info/'); $topic2['last_post_date'] = SafeDB($topic['last_post'], 11, int); $topic2['last_post'] = TimeRender(SafeDB($topic['last_post'], 11, int), true, true); if ($topic2['last_post_date'] > time() - 86400) { $topic2['last_post'] = '<font color="#FF0000">' . $topic2['last_post'] . '</font>'; } $topic2['last_poster_id'] = SafeDB($topic['last_poster_id'], 11, int); $topic2['last_poster_name'] = SafeDB($topic['last_poster_name'], 255, str); $topic2['last_poster_url'] = Ufu('index.php?name=user&op=userinfo&user='******'last_poster_id'], 'user/{user}/info/'); $topic2['count_read'] = ForumOnline::Instance()->GetTopicOnlineCount($topic2['id']); $topic2['read'] = $topic2['count_read'] > 0 ? '<small> (' . $forum_lang['online'] . ': ' . $topic2['count_read'] . ')</small>' : ''; $topic2['close'] = SafeDB($topic['close_topics'], 1, int) == 1; $topic2['begin'] = !$topic2['close']; if (isset($topic['status'])) { // Статус топика, если он удалён в корзину $topic2['status'] = $topic['status']; // Ссылка удалить показывается только админам и только если топик не удалён в корзину $topic2['show_delete'] = $topic['show_delete']; } else { $topic2['status'] = ''; $topic2['show_delete'] = System::user()->isAdmin(); } // Статус "Важная" $topic2['stick'] = $topic['stick'] == 1 ? $forum_lang['it_is_important'] : ''; $topic2['delete'] = SafeDB($topic['delete'], 1, int) == 1; $topic2['nodelete'] = SafeDB($topic['delete'], 1, int) == 0; $topic2['url'] = Ufu('index.php?name=forum&op=showtopic&topic=' . $topic2['id'], 'forum/topic{topic}.html'); $topic2['last_url'] = Ufu('index.php?name=forum&op=showtopic&topic=' . $topic2['id'] . '&view=lastpost', 'forum/topic{topic}-new.html'); // Страницы $topic2['pages'] = ''; $posts_on_page = System::config('forum/posts_on_page'); if ($topic2['posts'] + 1 > $posts_on_page) { $forum_nav_url = 'index.php?name=forum&op=showtopic&topic=' . $topic2['id']; $forum_nav_url_u = 'forum/topic{topic}-'; $page = ceil(($topic2['posts'] + 1) / $posts_on_page); $str = $forum_lang['pages']; for ($i = 0; $i < $page; $i++) { $str .= '<a href="' . Ufu($forum_nav_url . '&page=' . ($i + 1), $forum_nav_url_u . ($i + 1) . '.html') . '"><font size="1">' . ($i + 1) . ' </font></a>'; // FIXME: Возможно ошибка в UFU шаблоне, нужно подставлять {page} if ($i > 5 && $page > 10) { $str .= '....<a href="' . Ufu($forum_nav_url . '&page=' . ($page - 1), $forum_nav_url_u . ($page - 1) . '.html') . '"><font size="1">' . ($page - 1) . ' </font></a>'; $str .= '<a href="' . Ufu($forum_nav_url . '&page=' . $page, $forum_nav_url_u . $page) . '"><font size="1">' . $page . ' </font></a>'; break; } } $topic2['pages'] .= $str . '<br />'; } return $topic2; }
function IndexForumSavePost() { global $forum_lang; if (!System::user()->Auth) { System::site()->AddTextBox($forum_lang['forum'], '<p align="center">' . $forum_lang['error_auth'] . '</p>'); return; } if (!CheckGet('post') || !CheckPost('text')) { HackOff(); return; } if (isset($_GET['page'])) { $page = '&page=' . SafeEnv($_GET['page'], 11, int); $page_ufu = '-{page}'; } else { $page = ''; $page_ufu = ''; } // Берём пост, проверяем на существование и удаление в корзину $post_id = SafeEnv($_GET['post'], 11, int); System::database()->Select('forum_posts', "`id`='{$post_id}'"); if (System::database()->NumRows() == 0) { System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_post']); return; } $post = System::database()->FetchRow(); if ($post['delete'] == '1') { // Удалён в корзину System::site()->AddTextBox($forum_lang['post_basket'], '<p align="center">' . $forum_lang['post_basket_no_edit'] . '.<br><input type="button" value="' . $forum_lang['back'] . '"onclick="history.back();"></p>'); return; } // Берём тему $topic_id = SafeEnv($post['object'], 11, int); System::database()->Select('forum_topics', "`id`='" . $topic_id . "'"); if (System::database()->NumRows() == 0) { System::site()->AddTextBox($forum_lang['error'], $forum_lang['error_no_topic']); return; } $topic = System::database()->FetchRow(); if ($topic['delete'] == '1') { // Тема удалена в корзину System::site()->AddTextBox($forum_lang['topic_basket_current_post'], '<p align="center">' . $forum_lang['topic_basket_post'] . '.<br><input type="button" value="' . $forum_lang['back'] . '"onclick="history.back();"></p>'); return; } // Пользователи могут редактировать только свои сообщения. // Админы могут редактировать все сообщения. if (System::user()->Get('u_id') == $post['user_id'] || System::user()->isAdmin()) { // Меняем текст сообщения $post_text = SafeEnv($_POST['text'], 100000, str); // Добавляем метку об изменении сообщения $post_text .= "\n\n" . '[i]-- Изменено "' . System::user()->Name() . '": ' . TimeRender(time(), true, false) . ' --[/i]'; System::database()->Update('forum_posts', "`message`='{$post_text}'", "`id`='{$post_id}'"); // Меняем заголовок темы if (isset($_POST['title'])) { $topic_title = SafeEnv($_POST['title'], 255, str); System::database()->Update('forum_topics', "`title`='{$topic_title}'", "`id`='{$topic_id}'"); } // Очищаем кэш форума ForumCacheClear(); GO(Ufu('index.php?name=forum&op=showtopic&topic=' . $topic_id . $page . '#' . $post_id, 'forum/topic{topic}' . $page_ufu . '.html')); } else { System::site()->AddTextBox($forum_lang['forum'], '<p align="center">' . $forum_lang['no_right_comment_edit'] . '</p>'); return; } }
function IndexMailShowId() { if (isset($_GET['topic_id'])) { $topic_id = SafeEnv($_GET['topic_id'], 11, int); } else { GO(GetSiteUrl() . Ufu('index.php?name=mail&op=topics', 'mail/{op}/')); } if (isset($_GET['id'])) { $id = SafeEnv($_GET['id'], 11, int); } else { GO(GetSiteUrl() . Ufu('index.php?name=mail&op=topics', 'mail/{op}/')); } $mails = System::database()->Select('mail_history', "`topic_id`='{$topic_id}'"); SortArray($mails, 'date', false); $prev_id = false; $next_id = false; $find = false; for ($i = 0, $c = count($mails); $i < $c; $i++) { if ($mails[$i]['id'] == $id) { if ($i < $c - 1) { $next_id = $mails[$i + 1]['id']; } if ($i > 0) { $prev_id = $mails[$i - 1]['id']; } $mail = $mails[$i]; $find = true; break; } } if (!$find) { GO(GetSiteUrl() . Ufu('index.php?name=mail&op=topics', 'mail/{op}/')); } System::site()->AddTemplatedBox('', 'module/mail_showid_nav.html'); System::site()->AddBlock('mail_nav'); $vars['lprev'] = 'Предыдущий выпуск'; $vars['lnext'] = 'Следующий выпуск'; $vars['lback'] = 'Назад к списку'; $vars['prev_id'] = $prev_id; $vars['next_id'] = $next_id; $vars['back'] = true; $vars['prev_url'] = Ufu("index.php?name=mail&op=showid&topic_id={$topic_id}&id={$prev_id}", 'mail/show/topic{topic_id}/id{id}/'); $vars['back_url'] = Ufu("index.php?name=mail&op=history&topic_id={$topic_id}", 'mail/history/topic{topic_id}/'); $vars['next_url'] = Ufu("index.php?name=mail&op=showid&topic_id={$topic_id}&id='.{$next_id}", 'mail/show/topic{topic_id}/id{id}/'); System::site()->Blocks['mail_nav']['vars'] = $vars; System::site()->AddTemplatedBox('Архив рассылки ', 'module/mail_showid.html'); System::site()->AddBlock('mail'); $vars['subject'] = SafeDB($mail['subject'], 255, str); $vars['date'] = TimeRender(SafeDB($mail['date'], 11, int)); $vars['ldate'] = 'Дата выпуска'; $vars['text'] = nl2br(SafeDB($mail['plain_text'], 0, str)); // HTML //($mail[8]?nl2br(SafeDB($mail[7],0,str)):SafeDB($mail[7],0,str)); System::site()->Blocks['mail']['vars'] = $vars; System::site()->AddTemplatedBox('', 'module/mail_down_tab.html'); System::site()->AddBlock('mail_down_tab'); $vars['lsubscribe'] = 'Подписаться на эту рассылку.'; $vars['subscribe_url'] = Ufu("index.php?name=mail&op=subscribe&topic_id={$topic_id}", 'mail/subscribe/topic{topic_id}/'); System::site()->Blocks['mail_down_tab']['vars'] = $vars; }
function IndexGBAddMessage(&$msg) { // Имя и электронная почта if ($msg['email'] != '' && $msg['hide_email'] != '1') { $vars['name'] = '<a href="mailto:' . SafeDB($msg['email'], 50, str) . '">' . SafeDB($msg['name'], 50, str) . '</a>'; $vars['name2'] = SafeDB($msg['name'], 50, str); $vars['email'] = '<a href="mailto:' . SafeDB($msg['email'], 50, str) . '"><img src="images/buttons/email.gif" /></a>'; $vars['email2'] = SafeDB($msg['email'], 50, str); } else { $vars['name'] = SafeDB($msg['name'], 50, str); $vars['email'] = ''; $vars['email2'] = ''; } // Сайт if ($msg['url'] != '') { $url = UrlRender(SafeDB($msg['url'], 255, str)); $vars['url'] = '<a href="' . $url . '" target="_blank"><img src="images/buttons/www.gif" /></a>'; $vars['url2'] = $url; } else { $vars['url'] = ''; $vars['url2'] = ''; } // Аська if ($msg['icq'] != '') { $vars['icq'] = '<a href="http://web.icq.com/' . SafeDB($msg['icq'], 255, str) . '" target="_blank"><img src="images/buttons/icq.gif" /></a>'; $vars['icq2'] = SafeDB($msg['icq'], 255, str); } else { $vars['icq'] = ''; $vars['icq2'] = ''; } // Ответы if (trim($msg['answers']) == '') { $answers = array(); } else { $answers = unserialize($msg['answers']); } // Функции для администратора $id = SafeDB($msg['id'], 11, int); $vars['access_answer'] = System::user()->CheckAccess2('guestbook', 'answer'); $vars['edit_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=editanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Редактировать ответ $vars['delete_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=delanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Удалить ответ $vars['add_answer_url'] = ADMIN_FILE . '?exe=guestbook&a=addanswer&id=' . $id . '&back=' . SaveRefererUrl(); // Ответить $vars['edit_message_url'] = ADMIN_FILE . '?exe=guestbook&a=edit&id=' . $id . '&back=' . SaveRefererUrl(); // Редактировать сообщение $vars['delete_message_url'] = ADMIN_FILE . '?exe=guestbook&a=delete&id=' . $id . '&ok=0' . '&back=' . SaveRefererUrl(); // Удалить сообщение if (System::user()->isAdmin()) { $func = ''; $msg_func = ''; if (array_key_exists(System::user()->Name(), $answers)) { if ($vars['access_answer']) { $func = '<a href="' . $vars['edit_answer_url'] . '">Редактировать ответ</a> :: ' . '<a href="' . $vars['delete_answer_url'] . '">Удалить ответ</a>'; } else { $func = ''; } } elseif ($vars['access_answer']) { $func = '<a href="' . $vars['add_answer_url'] . '">Ответить</a>'; } $msg_func = ($func != '' ? ' :: ' : '') . '<a href="' . $vars['edit_message_url'] . '">Редактировать сообщение</a> :: ' . '<a href="' . $vars['delete_message_url'] . '">Удалить сообщение</a>'; $vars['admin'] = $func . $msg_func; } else { $vars['admin'] = ''; } $keys = array_keys($answers); $answerstext = ''; if (count($answers) > 0) { $answerstext = 'Ответы: <ul style="margin:3px;margin-left:16px;">' . EOL; foreach ($keys as $key) { $answerstext .= '<li>' . $key . ' - ' . $answers[$key] . EOL; } $answerstext .= '</ul>' . EOL; } $vars['date'] = TimeRender(SafeDB($msg['date'], 11, int)); $vars['text'] = SafeDB($msg['message'], 0, str); $vars['answers'] = $answerstext; System::site()->AddSubBlock('guestbook', true, $vars); }
System::site()->Seo(SafeDB($page['seo_title'], 255, str), SafeDB($page['seo_keywords'], 255, str), SafeDB($page['seo_description'], 255, str)); System::site()->AddTemplatedBox('', 'module/page.html'); System::site()->AddBlock('page'); $vars = array(); ErrorsOff(); $vars['show_title'] = $page['info_showmode'][0] == '1'; $vars['show_copy'] = $page['info_showmode'][1] == '1'; $vars['show_public'] = $page['info_showmode'][2] == '1'; $vars['show_modified'] = $page['info_showmode'][3] == '1'; $vars['show_hits'] = $page['info_showmode'][4] == '1'; $vars['show_info'] = $vars['show_copy'] || $vars['show_public'] || $vars['show_modified'] || $vars['show_hits']; ErrorsOn(); $vars['title'] = SafeDB($page['title'], 255, str); if ($page['auto_br'] == '1') { $text = nl2br(SafeDB($page['text'], 0, str, false, false)); } else { $text = SafeDB($page['text'], 0, str, false, false); } $vars['text'] = $text; $vars['copyright'] = '© ' . SafeDB($page['copyright'], 255, str); $vars['public'] = 'Опубликована: ' . TimeRender(SafeDB($page['date'], 11, int)); $vars['hits'] = 'Просмотров: ' . $hits; $vars['modified'] = 'Изменена: ' . TimeRender(SafeDB($page['modified'], 11, int)); System::site()->BreadCrumbAdd($vars['title']); System::site()->Blocks['page']['vars'] = $vars; } else { System::site()->AddTextBox('', '<p align="center">Доступ к этой странице запрещен.</p>'); } } else { System::site()->AddTextBox('', '<p align="center">Страница не существует или временно недоступна.</p>'); }
function AdminGuestBookPremoderationMain() { System::admin()->AddCenterBox('Премодерация'); $premoderation = System::user()->CheckAccess2('guestbook', 'premoderation'); $premoderate = System::database()->Select('guestbook', "`premoderate`='0'"); if (System::database()->NumRows() == 0) { System::admin()->Highlight('В премодерации нет сообщений.'); return; } if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } SortArray($premoderate, 'date', true); $num = System::config('gb/msgonpage'); if (count($premoderate) > $num) { $navigator = new Navigation($page); $navigator->GenNavigationMenu($premoderate, $num, ADMIN_FILE . '?exe=guestbook&a=premoderation'); $nav = true; } else { $nav = false; } $text = ''; $back = SaveRefererUrl(); foreach ($premoderate as $pre) { if ($pre['url'] == '') { $url = 'Нет'; } else { $url = '<a href="http://' . SafeDB($pre['url'], 250, str) . '" target="_blank">' . SafeDB($pre['url'], 250, str) . '</a>'; } if ($pre['email'] == '') { $name = SafeDB($pre['name'], 50, str); } else { $name = PrintEmail($pre['email'], $pre['name']); } $mid = SafeDB($pre['id'], 11, int); $del = System::admin()->SpeedConfirm('Удалить сообщение', ADMIN_FILE . '?exe=guestbook&a=delete&id=' . $mid . '&back=' . $back, 'images/admin/delete.png', 'Удалить сообщение?'); $func2 = ''; $func2 = System::admin()->Link('Разрешить', ADMIN_FILE . '?exe=guestbook&a=prem_yes&id=' . $mid . '&back=' . $back); $text .= '<table cellspacing="0" cellpadding="0" class="commtable" style="width:75%;">'; $text .= '<tr> <th style="text-align: left; width: 180px;">' . $name . '</th> <th style="width: 160px;">Сайт: ' . $url . '</th> <th style="width: 120px;">ICQ: ' . SafeDB($pre['icq'], 15, str) . '</th> <th style="width: 120px;">IP: ' . SafeDB($pre['user_ip'], 20, str) . '</th> <th> ' . $del . ' </th> </tr>'; $text .= '<tr><td colspan="5" style="text-align:left;padding:10px;" class="commtable_text">' . SafeDB($pre['message'], 0, str) . '</td></tr>'; $text .= '<tr><th>Дата: ' . TimeRender($pre['date']) . '</th><th colspan="4" style="text-align:right;">' . $func2 . '</th></tr>'; $text .= '</table>'; } AddText($text); if ($nav) { AddNavigation(); } AddText('<div style="text-align: center;">' . System::admin()->SpeedConfirm('Разрешить все', ADMIN_FILE . '?exe=guestbook&a=prem_yes_all&back=' . $back, 'images/admin/accept.png', 'Разрешить все сообщения?', true, true) . ' ' . System::admin()->SpeedConfirm('Удалить все', ADMIN_FILE . '?exe=guestbook&a=prem_del_all&back=' . $back, 'images/admin/delete.png', 'Удалить все сообщения?', true, true) . '</div>'); }
function AdminsMain() { $atypes = System::database()->Select('usertypes', ''); foreach ($atypes as $type) { $types[SafeDB($type['id'], 11, int)] = array('<span style="color: ' . SafeDB($type['color'], 9, str) . ';">' . SafeDB($type['name'], 255, str) . '</span>', SafeDB($type['system'], 1, bool), $type['image'] != '' ? '<img src="' . System::config('general/ranks_dir') . SafeDB($type['image'], 255, str) . '"><br>' : ''); } $admins = System::database()->Select('users', "`type`='1'"); //Подсчитываем количество главных администраторов $system = 0; for ($i = 0, $c = count($admins); $i < $c; $i++) { if ($types[$admins[$i]['access']][1]) { $system++; } } $text = '<table cellspacing="0" cellpadding="0" class="cfgtable"><tr><th> </th><th>Имя</th><th>E-mail</th><th>Группа</th><th>Посл. посещение</th><th>Посещений</th><th>Функции</th></tr>'; foreach ($admins as $adm) { $id = SafeDB($adm['id'], 11, int); $funcs = ''; $funcs .= System::admin()->SpeedButton('Редактировать', ADMIN_FILE . '?exe=admins&a=editadmin&id=' . $id, 'images/admin/edit.png'); if ($system > 1 || !$types[$adm['access']][1]) { $funcs .= System::admin()->SpeedButton('Удалить или перевести в пользователи', ADMIN_FILE . '?exe=admins&a=deladmin&id=' . $id, 'images/admin/delete.png'); } $text .= '<tr> <td><img src="' . GetSmallestUserAvatar($id) . '"></td> <td><b>' . System::admin()->Link(SafeDB($adm['name'], 50, str), ADMIN_FILE . '?exe=admins&a=editadmin&id=' . $id) . '</b></td> <td>' . PrintEmail($adm['email']) . '</td> <td>' . $types[$adm['access']][2] . $types[$adm['access']][0] . '</td> <td>' . TimeRender($adm['lastvisit']) . '</td> <td>' . SafeDB($adm['visits'], 11, int) . '</td> <td>' . $funcs . '</td> </tr>'; } $text .= '</table>'; AddTextBox('Администраторы сайта (' . count($admins) . ')', $text); }
function IndexGalleryFilterImageData($img, $index, $count) { global $ThumbsDir, $GalleryDir; $id = SafeDB($img['id'], 11, int); $cat_id = SafeDB($img['cat_id'], 11, int); $filename = SafeDB($img['file'], 255, str); $vars = array(); $vars['id'] = $id; $vars['cat_id'] = $cat_id; $vars['date'] = TimeRender($img['public'], false); $vars['date_time'] = TimeRender($img['public']); $vars['title'] = SafeDB($img['title'], 255, str); $vars['description_plain'] = SafeDB($img['description'], 0, str); $vars['description'] = SafeDB($img['description'], 0, str, false, false); $vars['thumb_src'] = $ThumbsDir . $filename; $vars['image_src'] = $GalleryDir . $filename; $vars['image_view_full'] = $vars['image_src']; $vars['image_view'] = Ufu('index.php?name=gallery&op=view&img=' . $id . '&cat=' . $cat_id, 'gallery/{cat}/{img}/'); $vars['size'] = false; $vars['asize'] = ''; if (is_file($GalleryDir . $filename)) { $vars['size'] = FormatFileSize(filesize($GalleryDir . $filename)); $asize = getimagesize($GalleryDir . $filename); $asize = $asize[0] . 'x' . $asize[1]; $vars['asize'] = $asize; } $vars['hits'] = SafeDB($img['hits'], 11, int); $vars['author'] = SafeDB($img['author'], 255, str); $vars['email'] = SafeDB($img['email'], 255, str); $vars['site'] = SafeDB($img['site'], 255, str); $vars['allow_comments'] = SafeDB($img['allow_comments'], 255, str); $vars['comments'] = SafeDB($img['com_counter'], 11, int); $vars['allow_votes'] = SafeDB($img['allow_votes'], 1, bool); $vars['num_votes'] = SafeDB($img['num_votes'], 11, int); $vars['rating'] = GetRatingImage(SafeDB($img['num_votes'], 11, int), SafeDB($img['sum_votes'], 11, int)); $vars['lcomments'] = 'Комментариев'; $vars['ldescription'] = 'Описание'; $vars['index'] = $index; $vars['count'] = $count; $vars['addvote_url'] = "index.php?name=gallery&op=addvote&img={$id}"; System::site()->DataAdd($vdata, '0', 'Ваша оценка'); System::site()->DataAdd($vdata, '1', 'Очень плохо'); System::site()->DataAdd($vdata, '2', 'Плохо'); System::site()->DataAdd($vdata, '3', 'Средне'); System::site()->DataAdd($vdata, '4', 'Хорошо'); System::site()->DataAdd($vdata, '5', 'Отлично'); $vars['votes'] = System::site()->Select('vote', $vdata); $vars['addvotesubm'] = System::site()->Submit('Оценить изображение'); return $vars; }
function AdminMailHistory() { System::admin()->AddCenterBox('История рассылки'); if (isset($_GET['topic_id'])) { $topic = SafeEnv($_GET['topic_id'], 11, int); } elseif (isset($_POST['topic'])) { $topic = SafeEnv($_POST['topic_id'], 11, int); } else { System::admin()->Highlight('Тема не указана.'); return; } $msgs = System::database()->Select('mail_history', ''); if (System::database()->NumRows() == 0) { System::admin()->Highlight('Рассылок по данной теме не проводилось.'); return; } if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 10, int); } else { $page = 1; } SortArray($msgs, 'date', true); $num = 10; if (count($msgs) > $num) { $nav = new Navigation($page); $nav->GenNavigationMenu($msgs, $num, ADMIN_FILE . '?exe=mail&a=history&topic_id=' . $topic); $nav = true; } else { $nav = false; } $text = '<table cellspacing="0" cellpadding="0" align="center" class="commtable_header" style="width:80%;"> <tr> <th style="width: 120px;">Дата</th> <th style="width: 510px;">Тема</th> <th>Функции</th> </tr></table>'; foreach ($msgs as $msg) { $mid = SafeDB($msg['id'], 11, int); $subject = SafeDB($msg['subject'], 255, str); $date = SafeDB($msg['date'], 11, int); $from = SafeDB($msg['from'], 255, str); $from_email = SafeDB($msg['from_email'], 255, str); $mailtext = nl2br(SafeDB($msg['plain_text'], 0, str)); $func = ''; $func .= System::admin()->SpeedButton('Редактировать письмо', ADMIN_FILE . '?exe=mail&a=edit&id=' . $mid . '&topic_id=' . $topic, 'images/admin/edit.png'); $func .= System::admin()->SpeedConfirm('Удалить письмо', ADMIN_FILE . '?exe=mail&a=delete&id=' . $mid . '&topic_id=' . $topic . '&ok=0', 'images/admin/delete.png', 'Удалить письмо из истории?'); $text .= '<table cellspacing="0" cellpadding="0" class="commtable" style="width:80%;">'; $text .= '<tr> <th style="text-align: left; width: 120px;">' . TimeRender($date) . '</td> <th style="text-align: left; width: 510px;">' . $subject . '</td> <th>' . $func . '</td> </tr>'; $text .= '<tr><td colspan="3" class="commtable_text">' . $mailtext . '</td></tr>'; $text .= '</table>'; } AddText($text); if ($nav) { AddNavigation(); } }
function IndexUserlist() { System::site()->SetTitle('Список пользователей'); System::site()->BreadCrumbAdd('Список пользователей'); $page = 0; if (isset($_GET['page'])) { $page = SafeEnv($_GET['page'], 11, int); } else { $page = 1; } $users = System::database()->Select('users', "`active`='1'"); SortArray($users, 'points', true); // regdate SortArray($users, 'type', false); // type $num = System::config('user/users_on_page'); $navigation = new Navigation($page); $navigation->FrendlyUrl = System::site()->Ufu; $navigation->GenNavigationMenu($users, $num, Ufu('index.php?name=user&op=userslist', 'user/users/page{page}/', true)); System::site()->AddTemplatedBox('Список пользователей', 'module/user_list.html'); System::site()->AddBlock('userlist_th', true, false, 'title'); System::site()->Blocks['userlist_th']['vars'] = array('name' => 'Имя', 'email' => 'E-mail', 'date' => 'Дата регистрации', 'last_visit' => 'Посл. посещение', 'last' => 'Посл. посещение', 'rank' => 'Ранг/статус'); System::site()->AddBlock('userlist', true, true, 'user'); foreach ($users as $usr) { $vars = array(); $rank_stat = GetUserRank($usr['points'], $usr['type'], $usr['access']); $rank_stat = $rank_stat[0]; $vars['avatar'] = GetUserAvatar($usr['id']); $vars['avatar_small'] = GetSmallUserAvatar($usr['id'], $vars['avatar']); $vars['avatar_smallest'] = GetSmallestUserAvatar($usr['id'], $vars['avatar']); $vars['user_id'] = SafeDB($usr['id'], 11, int); $vars['url'] = Ufu('index.php?name=user&op=userinfo&user='******'id'], 11, int), 'user/{user}/info/'); $vars['name'] = SafeDB($usr['name'], 50, str); if ($usr['hideemail'] == '1') { $vars['email'] = 'Скрывается'; } else { $vars['email'] = SafeDB($usr['email'], 50, str); } $vars['date'] = TimeRender($usr['regdate'], true); $vars['lastdate'] = TimeRender($usr['lastvisit'], true); $vars['rank'] = $rank_stat; System::site()->AddSubBlock('userlist', true, $vars); } }
private function RenderPost($ObjectId, &$Posts, $BlockName, $Level) { if (count($Posts) == 0) { return false; } foreach ($Posts as $post) { $post_id = SafeDB($post['id'], 11, int); $user_id = SafeDB($post['user_id'], 11, int); $vars = array(); $vars['level_padding'] = Posts::$LevelMargin * $Level; $vars['post_message'] = HtmlChars($post['post_message']); SmiliesReplace($vars['post_message']); $vars['post_message'] = nl2br($vars['post_message']); $vars['post_message'] = BbCodePrepare($vars['post_message']); if ($user_id != 0) { // Зарегистрированный пользователь $userinfo = GetUserInfo($user_id); $vars['user_link'] = Ufu("index.php?name=user&op=userinfo&user={$user_id}", 'user/{user}/info/'); $vars['user_name'] = '<a href="' . $vars['user_link'] . '">' . $userinfo['name'] . '</a>'; $vars['post_date'] = SafeDB($post['post_date'], 11, int); if ($userinfo['hideemail'] == '0') { $vars['user_email'] = AntispamEmail($userinfo['email']); } else { $vars['user_email'] = ''; } $vars['user_homepage'] = SafeDB($userinfo['url'], 255, str); $vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str)); if ($userinfo['online']) { $vars['user_status'] = 'Сейчас на сайте.'; } else { $vars['user_status'] = ''; } $vars['user_rank_image'] = $userinfo['rank_image']; $vars['user_rank_name'] = $userinfo['rank_name']; $vars['user_avatar'] = $userinfo['avatar_file']; $vars['user_avatar_small'] = $userinfo['avatar_file_small']; $vars['user_avatar_smallest'] = $userinfo['avatar_file_smallest']; $vars['user_regdate'] = TimeRender($userinfo['regdate'], false, false); } else { $vars['user_name'] = SafeDB($post['user_name'], 255, str); $vars['post_date'] = SafeDB($post['post_date'], 11, int); if ($post['user_email'] != '' && $post['user_hideemail'] != 0) { $vars['user_email'] = AntispamEmail(SafeDB($post['user_email'], 255, str)); } else { $vars['user_email'] = ''; } if ($post['user_homepage'] != '') { $vars['user_homepage'] = SafeDB($post['user_homepage'], 255, str); $vars['user_homepage_url'] = UrlRender(SafeDB($post['user_homepage'], 255, str)); } else { $vars['user_homepage'] = ''; $vars['user_homepage_url'] = ''; } $vars['user_status'] = ''; $vars['user_rank_image'] = ''; $vars['user_rank_name'] = ''; $vars['user_avatar'] = GetPersonalAvatar(0); $vars['user_avatar_small'] = GetSmallUserAvatar(0, $vars['user_avatar']); $vars['user_avatar_smallest'] = GetSmallestUserAvatar(0, $vars['user_avatar']); $vars['user_regdate'] = ''; } $vars['user_id'] = SafeDB($post['user_id'], 11, int); $vars['post_id'] = $post_id; $vars['user_ip'] = SafeDB($post['user_ip'], 19, str); $vars['object_id'] = $ObjectId; $vars['parent_id'] = SafeDB($post['post_parent_id'], 11, int); if ($vars['user_homepage'] != '') { $vars['user_homepage'] = '<a href="' . $vars['user_homepage_url'] . '" target="_blank">' . $vars['user_homepage'] . '</a>'; } else { $vars['user_homepage'] = ''; } $vars['post_date'] = TimeRender($vars['post_date']); if (System::user()->Auth) { $vars['editing'] = System::user()->Get('u_id') == $user_id || System::user()->isAdmin(); } else { $vars['editing'] = $user_id == '0' && $vars['user_ip'] == getip(); } $vars['answers'] = $this->Answers != '0' || System::user()->isAdmin(); if (!System::user()->Auth && !$this->GuestPost) { $vars['answers'] = false; } if (!$this->AlloyComments) { $vars['answers'] = false; } $vars['no_answers'] = !$vars['answers']; $back = SaveRefererUrl(); $vars['edit_url'] = $this->EditPageUrl . '&post_id=' . $post_id . '&back=' . $back; $vars['delete_url'] = $this->DeletePageUrl . '&post_id=' . $post_id . '&back=' . $back; $vars['parent_post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . SafeDB($post['post_parent_id'], 11, int); $vars['post_url'] = $_SERVER['REQUEST_URI'] . '#post_' . $post_id; System::site()->AddSubBlock($BlockName, true, $vars, array(), $this->PostTemplate); if (isset($this->PostsTree[$post_id])) { if ($this->MaxTreeLevel > $Level) { $newLevel = $Level + 1; } else { $newLevel = $Level; } $this->RenderPost($ObjectId, $this->PostsTree[$post_id], $BlockName, $newLevel); } } return true; }
$forums = System::database()->Select('forums', "`view`='4'"); foreach ($forums as $forum) { $available[$forum['id']] = true; } $topics = System::database()->Select('forum_topics', "`state`='1'"); foreach ($topics as $topic) { if (!isset($available[$topic['forum_id']])) { continue; } $result = array(); $result['mod'] = $plugin_info['mod_title']; // Имя модуля $result['coincidence'] = ''; // Показывает где было совпадение $result['title'] = SafeDB($topic['title'], 255, str); $result['public'] = TimeRender(SafeDB($topic['start_date'], 11, int)); $result['link'] = 'index.php?name=forum&op=showtopic&topic=' . SafeDB($topic['id'], 11, int); if (SSearch($topic['title'], $searchstr) != false) { $result['text'] = SCoincidence($topic['title'], $searchstr); $result['coincidence'] = 'Название темы на форуме'; $search_results[] = $result; } $pid = SafeDB($topic['id'], 11, int); $posts = System::database()->Select('forum_posts', "`object`='{$pid}'"); foreach ($posts as $post) { if (SSearch($post['message'], $searchstr) != false) { $result['text'] = SCoincidence($post['message'], $searchstr); $result['coincidence'] = 'Текст сообщения в теме на форуме'; $search_results[] = $result; } }