<?php /** * announce.php * * @v4 Security checks by Gorlum for http://supernova.ws * @v2 (c) copyright 2010 by Gorlum for http://supernova.ws * based on admin/activeplanet.php (c) 2008 for XNova */ $allow_anonymous = true; include 'common.' . substr(strrchr(__FILE__, '.'), 1); global $config; nws_mark_read($user); $template = gettemplate('announce', true); $announce_id = sys_get_param_id('id'); $text = sys_get_param_str('text'); $announce_time = sys_get_param_str('dtDateTime'); $detail_url = sys_get_param_str('detail_url'); $mode = sys_get_param_str('mode'); $announce = array(); if ($user['authlevel'] >= 3) { if (!empty($text)) { // $idAnnounce = sys_get_param_id('id'); $announce_time = strtotime($announce_time, SN_TIME_NOW); $announce_time = $announce_time ? $announce_time : SN_TIME_NOW; if ($mode == 'edit') { doquery("UPDATE {{announce}} SET `tsTimeStamp` = FROM_UNIXTIME({$announce_time}), `strAnnounce`='{$text}', detail_url = '{$detail_url}' WHERE `idAnnounce`={$announce_id};"); doquery("DELETE FROM {{survey}} WHERE `survey_announce_id` = {$announce_id};"); } else { doquery("INSERT INTO {{announce}}\n SET `tsTimeStamp` = FROM_UNIXTIME({$announce_time}), `strAnnounce`='{$text}', detail_url = '{$detail_url}',\n `user_id` = {$user['id']}, `user_name` = '" . db_escape($user['username']) . "'"); $announce_id = db_insert_id();
// TODO ban if ($template_result[F_BANNED_STATUS] && !$skip_ban_check) { if (defined('IN_API')) { return; } $bantime = date(FMT_DATE_TIME, $template_result[F_BANNED_STATUS]); // TODO: Add ban reason. Add vacation time. Add message window sn_sys_logout(false, true); message("{$lang['sys_banned_msg']} {$bantime}", $lang['ban_title']); die("{$lang['sys_banned_msg']} {$bantime}"); } $template_result[F_USER_AUTHORIZED] = $sys_user_logged_in = !empty($user) && isset($user['id']) && $user['id']; // !!! Просто $allow_anonymous используется в платежных модулях !!! $allow_anonymous = $allow_anonymous || isset($sn_page_data['allow_anonymous']) && $sn_page_data['allow_anonymous']; if (!$allow_anonymous && !$sys_user_logged_in) { sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE); sys_redirect(SN_ROOT_VIRTUAL . 'login.php'); } $user_time_diff = user_time_diff_get(); //defined('SN_CLIENT_TIME_DIFF_SECONDS') or define('SN_CLIENT_TIME_DIFF_SECONDS', $user_time_diff[PLAYER_OPTION_TIME_DIFF]); //defined('SN_CLIENT_TIME_UTC_OFFSET') or define('SN_CLIENT_TIME_UTC_OFFSET', $user_time_diff[PLAYER_OPTION_TIME_DIFF_UTC_OFFSET]); //$time_diff = SN_CLIENT_TIME_DIFF_SECONDS + SN_CLIENT_TIME_UTC_OFFSET; //defined('SN_CLIENT_TIME_DIFF') or define('SN_CLIENT_TIME_DIFF', $time_diff); //defined('SN_CLIENT_TIME_LOCAL') or define('SN_CLIENT_TIME_LOCAL', SN_TIME_NOW + SN_CLIENT_TIME_DIFF); global $time_diff; define('SN_CLIENT_TIME_DIFF', $time_diff = $user_time_diff[PLAYER_OPTION_TIME_DIFF] + $user_time_diff[PLAYER_OPTION_TIME_DIFF_UTC_OFFSET]); define('SN_CLIENT_TIME_LOCAL', SN_TIME_NOW + SN_CLIENT_TIME_DIFF); !empty($user) && sys_get_param_id('only_hide_news') ? die(nws_mark_read($user)) : false; !empty($user) && sys_get_param_id('survey_vote') ? die(survey_vote($user)) : false; lng_load_i18n($sn_mvc['i18n'][$sn_page_name]); execute_hooks($sn_mvc['model'][''], $template);