function makeDateRange($start = '', $end = '', $field = '')
{
$st = maketime($start . '-01');
$et = maketime($end . '-01');
$start = date('Y-m-d', mktime(0, 0, 0, date('n', $st), 1, date('Y', $st)));
$end = date('Y-m-d', mktime(0, 0, 0, date('n', $et) + 1, 0, date('Y', $et)));
return $field == '' ? array('start' => $start, 'end' => $end) : "({$field} >= '{$start}' AND {$field} <= '{$end}')";
}
function announce_edit()
{
global $set, $apx, $db;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$apx->lang->dropaction('forum', 'announce_edit');
//Forum-Liste
if (!is_array($_POST['forumid']) || $_POST['forumid'][0] == 'all') {
$_POST['forumid'] = array('all');
}
//Absenden
if ($_POST['send']) {
if (!checkToken()) {
infoInvalidToken();
} elseif (!count($_POST['forumid']) || !$_POST['title'] || !$_POST['text']) {
infoNotComplete();
} else {
//Veröffentlichung
$_POST['starttime'] = maketime(1);
if ($_POST['starttime']) {
$_POST['endtime'] = maketime(2);
if (!$_POST['endtime'] || $_POST['endtime'] < $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
}
//Ankündigung erstellen
$db->dupdate(PRE . '_forum_announcements', 'title,text,starttime,endtime', "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
//Foren eintragen
$db->query("DELETE FROM " . PRE . "_forum_anndisplay WHERE id='" . $_REQUEST['id'] . "'");
if ($_POST['forumid'][0] == 'all') {
$db->query("\n\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_forum_anndisplay\n\t\t\t\t\tVALUES ('" . $_REQUEST['id'] . "', '0')\n\t\t\t\t");
} else {
foreach ($_POST['forumid'] as $fid) {
$fid = (int) $fid;
if (!$fid) {
continue;
}
$db->query("\n\t\t\t\t\t\tINSERT IGNORE INTO " . PRE . "_forum_anndisplay\n\t\t\t\t\t\tVALUES ('" . $_REQUEST['id'] . "', '" . $fid . "')\n\t\t\t\t\t");
}
}
logit('FORUM_ANNOUNCEADD', 'ID #' . $nid);
printJSRedirect('action.php?action=forum.announce');
}
} else {
$_POST = $db->first("SELECT title,text,starttime,endtime FROM " . PRE . "_forum_announcements WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
//Forum-Ids auslesen
$data = $db->fetch("SELECT forumid FROM " . PRE . "_forum_anndisplay WHERE id='" . $_REQUEST['id'] . "'");
$_POST['forumid'] = array();
foreach ($data as $res) {
if ($res['forumid'] == 0) {
$_POST['forumid'] = array('all');
break;
} else {
$_POST['forumid'][] = $res['forumid'];
}
}
//Veröffentlichung
if ($_POST['starttime']) {
maketimepost(1, $_POST['starttime']);
if ($_POST['endtime'] < 2147483647) {
maketimepost(2, $_POST['endtime']);
}
}
//Foren auslesen
$data = $this->cat->getTree(array('iscat', 'title', 'posts', 'threads'));
$forumlist = '<option value="all" style="font-weight:bold;"' . iif(in_array('all', $_POST['forumid']), ' selected="selected"') . '>' . $apx->lang->get('ALLFORUMS') . '</option>';
if (count($data)) {
foreach ($data as $res) {
$space = str_repeat(' ', $res['level'] - 1);
if ($res['iscat']) {
$style = ' style="background:#EAEAEA"';
} else {
$style = '';
}
$forumlist .= '<option value="' . $res['forumid'] . '"' . $style . '' . iif(in_array($res['forumid'], $_POST['forumid']), ' selected="selected"') . '>' . $space . replace($res['title']) . '</option>';
}
}
$apx->tmpl->assign('FORUMLIST', $forumlist);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('STARTTIME', choosetime(1, 1, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
$apx->tmpl->assign('ACTION', 'edit');
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->parse('announceadd_announceedit');
}
}
function enable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
if (!checkToken()) {
return printInvalidToken();
} elseif ($starttime) {
$db->query("UPDATE " . PRE . "_banner SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('BANNER_ENABLE', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('banner.show'));
return;
}
}
list($title) = $db->first("SELECT partner FROM " . PRE . "_banner WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('TITLE', compatible_hsc($title));
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, time()));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1));
tmessageOverlay('enable');
}
function isodate($v)
{
return empty($v) || strpos(' ' . $v, '0000-00-00') > 0 ? '' : date('Y-m-d', maketime($v));
}
function enable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
$db->query("UPDATE " . PRE . "_poll SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' ) LIMIT 1");
logit('POLL_ENABLE', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('poll.show'));
} else {
list($title) = $db->first("SELECT question FROM " . PRE . "_poll WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($title));
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, time()));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1));
tmessageOverlay('enable', $input);
}
}
## Добавление сообщения ##
############################################################################################
case 'add':
$uid = !empty($_GET['uid']) ? check($_GET['uid']) : 0;
$msg = isset($_POST['msg']) ? check($_POST['msg']) : '';
if (is_user()) {
$topics = DB::run()->queryFetch("SELECT `topics`.*, `forums`.`forums_parent` FROM `topics` LEFT JOIN `forums` ON `topics`.`topics_forums_id`=`forums`.`forums_id` WHERE `topics`.`topics_id`=? LIMIT 1;", array($tid));
$validation = new Validation();
$validation->addRule('equal', array($uid, $_SESSION['token']), 'Неверный идентификатор сессии, повторите действие!')->addRule('not_empty', $topics, 'Выбранная вами тема не существует, возможно она была удалена!')->addRule('empty', $topics['topics_closed'], 'Запрещено писать в закрытую тему!')->addRule('equal', array(is_quarantine($log), true), 'Карантин! Вы не можете писать в течении ' . round($config['karantin'] / 3600) . ' часов!')->addRule('equal', array(is_flood($log), true), 'Антифлуд! Разрешается отправлять сообщения раз в ' . flood_period() . ' сек!')->addRule('string', $msg, 'Слишком длинное или короткое сообщение!', true, 5, $config['forumtextlength']);
// Проверка сообщения на схожесть
$post = DB::run()->queryFetch("SELECT * FROM `posts` WHERE `posts_topics_id`=? ORDER BY `posts_id` DESC LIMIT 1;", array($tid));
$validation->addRule('not_equal', array($msg, $post['posts_text']), 'Ваше сообщение повторяет предыдущий пост!');
if ($validation->run()) {
$msg = antimat($msg);
if ($log == $post['posts_user'] && $post['posts_time'] + 600 > SITETIME && utf_strlen($msg) + utf_strlen($post['posts_text']) <= $config['forumtextlength']) {
$newpost = $post['posts_text'] . "\n\n" . '[i][size=1]Добавлено через ' . maketime(SITETIME - $post['posts_time']) . ' сек.[/size][/i]' . "\n" . $msg;
DB::run()->query("UPDATE `posts` SET `posts_text`=? WHERE `posts_id`=? LIMIT 1;", array($newpost, $post['posts_id']));
$lastid = $post['posts_id'];
} else {
DB::run()->query("INSERT INTO `posts` (`posts_topics_id`, `posts_forums_id`, `posts_user`, `posts_text`, `posts_time`, `posts_ip`, `posts_brow`) VALUES (?, ?, ?, ?, ?, ?, ?);", array($tid, $topics['topics_forums_id'], $log, $msg, SITETIME, $ip, $brow));
$lastid = DB::run()->lastInsertId();
DB::run()->query("UPDATE `users` SET `users_allforum`=`users_allforum`+1, `users_point`=`users_point`+1, `users_money`=`users_money`+5 WHERE `users_login`=? LIMIT 1;", array($log));
DB::run()->query("UPDATE `topics` SET `topics_posts`=`topics_posts`+1, `topics_last_user`=?, `topics_last_time`=? WHERE `topics_id`=?;", array($log, SITETIME, $tid));
DB::run()->query("UPDATE `forums` SET `forums_posts`=`forums_posts`+1, `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['topics_forums_id']));
// Обновление родительского форума
if ($topics['forums_parent'] > 0) {
DB::run()->query("UPDATE `forums` SET `forums_last_id`=?, `forums_last_themes`=?, `forums_last_user`=?, `forums_last_time`=? WHERE `forums_id`=?;", array($tid, $topics['topics_title'], $log, SITETIME, $topics['forums_parent']));
}
}
// -- Загрузка файла -- //
if (!empty($_FILES['file']['name']) && !empty($lastid)) {
$config['servername'] = preg_replace('#wap\\.#', '', $config['servername'], 1);
}
//---------------------- Установка сессионных переменных -----------------------//
if (empty($_SESSION['counton'])) {
$_SESSION['counton'] = 0;
}
if (empty($_SESSION['currs'])) {
$_SESSION['currs'] = SITETIME;
}
if (empty($_SESSION['token'])) {
$_SESSION['token'] = generate_password(6);
}
if (empty($_SESSION['protect'])) {
$_SESSION['protect'] = mt_rand(1000, 9999);
}
$_SESSION['timeon'] = maketime(SITETIME - $_SESSION['currs']);
ob_start('ob_processing');
############################################################################################
## Авторизация ##
############################################################################################
if (isset($_SESSION['log']) && isset($_SESSION['par']) && preg_match('|^[a-z0-9\\-]+$|i', $_SESSION['log'])) {
if (file_exists(DATADIR . 'profil/' . $_SESSION['log'] . '.prof')) {
$userprof = file_get_contents(DATADIR . 'profil/' . $_SESSION['log'] . '.prof');
$udata = explode(':||:', $userprof);
if ($udata[0] == $_SESSION['log'] && $udata[1] == md5(md5($_SESSION['par'])) && !empty($udata[25])) {
$log = $_SESSION['log'];
$config['themes'] = check($udata[20]);
# Скин/тема по умолчанию
$config['bookpost'] = (int) $udata[21];
# Вывод сообщений в гостевой
$config['postnews'] = (int) $udata[22];
function enable()
{
global $set, $db, $apx;
//Mehrere
if (is_array($_REQUEST['multiid'])) {
if (!checkToken()) {
printInvalidToken();
} else {
$cache = array_map('intval', $_REQUEST['multiid']);
if (!count($cache)) {
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('videos.show'));
return;
}
$data = $db->fetch("SELECT id FROM " . PRE . "_videos WHERE ( id IN (" . implode(',', $cache) . ") " . iif(!$apx->user->has_spright('videos.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " )");
$cache = array();
if (!is_array($data) || !count($data)) {
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('videos.show'));
return;
}
foreach ($data as $res) {
$cache[] = $res['id'];
}
if (!count($cache)) {
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('videos.show'));
return;
}
$db->query("UPDATE " . PRE . "_videos SET starttime='" . time() . "',endtime='3000000000' WHERE id IN (" . implode(',', $cache) . ")");
foreach ($cache as $id) {
logit('VIDEOS_ENABLE', 'ID #' . $id);
}
header("HTTP/1.1 301 Moved Permanently");
header('Location: ' . get_index('videos.show'));
}
} else {
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
$db->query("UPDATE " . PRE . "_videos SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('videos.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1");
logit('VIDEOS_ENABLE', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('videos.show'));
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_videos WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('TITLE', compatible_hsc($title));
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, time()));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1));
tmessageOverlay('enable');
}
}
}
function enable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
$db->query("UPDATE " . PRE . "_news SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE ( id='" . $_REQUEST['id'] . "' " . iif(!$apx->user->has_spright('news.enable'), " AND userid='" . $apx->user->info['userid'] . "'") . " ) LIMIT 1");
logit('NEWS_ENABLE', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('news.show'));
}
} else {
list($title, $subtitle) = $db->first("SELECT title, subtitle FROM " . PRE . "_news WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($title . ($subtitle ? ' - ' . $subtitle : '')));
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, time()));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1));
tmessageOverlay('enable');
}
}
function enable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
$db->query("UPDATE " . PRE . "_calendar_events SET active='" . time() . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('CALENDAR_ENABLE', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('calendar.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_calendar_events WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('MESSAGE', $apx->lang->get('MSG_TEXT', array('TITLE' => compatible_hsc($title))));
tmessageOverlay('enable', array('ID' => $_REQUEST['id']));
}
}
function enable()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
if ($_POST['send'] == 1) {
if (!checkToken()) {
printInvalidToken();
} else {
$starttime = maketime(1);
$endtime = maketime(2);
if (!$endtime || $endtime <= $starttime) {
$endtime = 3000000000;
}
//Elternknoten ebenfalls aktivieren
$path = $this->cat->getPathTo(array('starttime'), $_REQUEST['id']);
foreach ($path as $res) {
if (!$res['starttime']) {
$db->query("UPDATE " . PRE . "_gallery SET starttime='" . $starttime . "',endtime='" . $endtime . "' WHERE id='" . $res['id'] . "' LIMIT 1");
logit('GALLERY_ENABLE', 'ID #' . $res['id']);
}
}
printJSRedirect(get_index('gallery.show'));
}
} else {
list($title) = $db->first("SELECT title FROM " . PRE . "_gallery WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($title));
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, time()));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1));
tmessageOverlay('enable');
}
}
