Различные вопросы по PHP и MySQL

Udesign

16 июн 2016 г., 12:02

http://johncms.com/forum/index ... 01138 помощь
фот функсия мода

func (+/-)

<?php
////////////////////////////////////////////////////
//                 Статьи                         //
////////////////////////////////////////////////////
// Автор:              web_demon                  //
// Oф. сайт поддержки: http://annimon.com         //
// E-mail:             web_demon@mail.ru          //
////////////////////////////////////////////////////

class ablogs
{
  function image_tag_del($string)
  {
    return preg_replace('/\[(file|img)\=([^\n\&\/\"\\\\<\>\+\&\;\:]{1,200})\](.*?)\[\/\1\]/', '\3', $string);  
  }  
    
  function is_image_3($string)
  {
    $exts = array('png', 'jpg', 'gif', 'jpeg');  
    if(in_array(self::getextension($string),$exts))
      return TRUE;
    else
      return FALSE;
  }  
    
  function cut_extension($string)
  {
    $n=strrpos($string,".");
    if($n)
    {
      $ext=substr($string,0,$n);
      return $ext;
    }
    else
     return $string;
  }

  function cut_filename($string,$cut = 15)
  { 
     $ext = self::getextension($string);
     $string = self::cut_extension($string);
     if(mb_strlen($string) > $cut)
     {
       $string = mb_substr($string, 0, $cut);
       $string = htmlentities($string, ENT_QUOTES, 'UTF-8').'(...)';
     }
     return  $string.'.'.$ext;
  } 
    
  function getextension($string)
  {
    $n=strrpos($string,".");
    if($n)
    {
      $n=$n+1;
      $ext=mb_strtolower(substr($string,$n));
      return $ext;
    }
    else    
     return '';
  }  
    
  public static function ablogs_com_new()
  {
    $old = time() - (3 * 24 * 3600);
    return mysql_result(mysql_query("SELECT COUNT(*) FROM `ablogs` LEFT JOIN `ablogs_com_rdm` ON `ablogs`.`id` = `ablogs_com_rdm`.`comid` AND `ablogs_com_rdm`.`userid` = '" . core::$user_id . "' WHERE `ablogs_com_rdm`.`userid` IS NULL AND `ablogs`.`type` = 'cm'  AND `ablogs`.`time` > '".$old."' ORDER BY `ablogs`.`time`;"), 0);  
  }

  public static function ablogs_new()
  {
    //Счетчик новых фотографий в фотоальбомах
    $old = time() - (3 * 24 * 3600);
    return mysql_result(mysql_query("SELECT COUNT(*) FROM `ablogs` LEFT JOIN `ablogs_rdm` ON `ablogs`.`id` = `ablogs_rdm`.`photoid` AND `ablogs_rdm`.`userid` = '" . core::$user_id . "' WHERE `ablogs_rdm`.`userid` IS NULL AND `ablogs`.`type` = 'ph' AND `ablogs`.`realtime` > '".$old."' ORDER BY `ablogs`.`realtime`;"), 0);  
  }

  public static function ablogs_mod()
  {  
    if (core::$user_rights >= 6 )
      return mysql_result(mysql_query('SELECT COUNT(*) FROM `ablogs_mod`;'), 0);
    else '';  
  }

  public static function ablogs_total()
  {  
    //Счетчик фотоашльбомов для меню
    global $lng_ablogs_ind;
    $photos = mysql_result(mysql_query('SELECT COUNT(*) FROM `ablogs` WHERE `type` = "ph";'), 0);
    $new = self::ablogs_new();
    if(core::$user_id)
      $com_new = self::ablogs_com_new();
    $mod = self::ablogs_mod();
    return $photos.($new ? ' / <span class="red"><a href="articles/?act=new">+'.$new.'</a></span>' : '').($com_new ? ' / <span style="text-color: blue"><a href="articles/?act=newcm">+'.$com_new.'</a></span>' : '').($mod  ? ' / <span class="red"><a href="articles/?act=mod">'.$lng_ablogs_ind['this_mod'].' '.$mod.'</a></span>' : ''); 
  }
  
  function image_replace($mach)
  {
  global $out_fil, $home;  
  $item = $mach[2];
  $text = $mach[3];  
  if($mach[1]=='file')
  {
    $item = trim($item);
     preg_match('/\?([0-9]{0,4})x([0-9]{0,4})$/',$item,$maches);
     if ($maches[0])
       $item=str_replace($maches[0],'',$item);
     if(!$text)
       $text = $out_fil[$item]['name'];
     return '<a title="'.$text.'" href="./file'.$out_fil[$item]['id'].'/'.rawurlencode($out_fil[$item]['name']).'"><img src="./img/9.png" /> '.$text.'</a>';  
  }
  elseif($mach[1]=='img')
  {
     if(preg_match('/^ ([^\s]{1,}) $/',$item))
       $align='none_float';  
     elseif(preg_match('/^ ([^\s]{1,})$/',$item))
       $align='right_float';    
     elseif(preg_match('/^([^\s]{1,}) $/',$item))
       $align='left_float';
     $item = trim($item); 
     
     preg_match('/\?([0-9]{0,4})x([0-9]{0,4})$/',$item,$maches);
     if ($maches[0])
     {
       $item=str_replace($maches[0],'',$item);
       $w= $maches[1];
       $h= $maches[2];
     }
     
     if($out_fil[$item])
     {
       if(self::is_image_3($item))
       {
          $maxh=250;
          $maxw= 250; 
          $size= getimagesize('attach/'.$item.'.dat');
          //определяемся с размерами
          if(!$h and !$w)
          {
           $h = $size[1];
           $w = $size[0];
           if ($h>=$w and $h>= $maxh)
           {
              $w=$w*$maxh/$h;
              $h=$maxh; 
           }
           elseif($w>$h and $w> $maxw)
           {
               $h=$h*$maxw/$w;
               $w=$maxh;             
           }
         } 
         if($h and !$w)
         {
            if($h > $maxh)
            {
              $w=$size[0]*$maxh/$size[1];
              $h=$maxh; 
            }
            else
              $w=$size[0]*$h/$size[1];  
         }
         elseif($w and !$h)
         {
            if($w > $maxw)
            {
              $h=$size[1]*$maxw/$size[0];
              $w=$maxw; 
           }
           else
              $h=$size[1]*$w/$size[0];
          }    
         else
         {
           if ($h>$w and $h> $maxh)
           {
              $w=$w*$maxh/$h;
              $h=$maxh; 
           }
           elseif($w>$h and $w> $maxw)
           {
               $h=$h*$maxw/$w;
               $w=$maxh;             
           }
         }  
         
         $h=ceil($h);
         $w=ceil($w);
           
         if(file_exists('imcache/'.$item.'.'.$w.'x'.$h.'.png'))
           return '<a title="'.$text.'" href="./file'.$out_fil[$item]['id'].'/'.rawurlencode($out_fil[$item]['name']).'"><img '.($align ? 'class="'.$align.'"' : '').' alt="'.$text.'"  src="'.$home.'/articles/imcache/'.$item.'.'.$w.'x'.$h.'.png"/></a>';
         else  
           return '<a alt="'.$text.'" href="./file'.$out_fil[$item]['id'].'/'.rawurlencode($out_fil[$item]['name']).'"><img '.($align ? 'class="'.$align.'"' : '').'  title="'.$text.'" src="'.$home.'/articles/img.php?i='.$item.''.($w ? '&amp;w='.$w : '').''.($h ? '&amp;h='.$h : '').'" /></a>';  
       }   
       else
        return $mach[0]; 
     } 
     else
      return $mach[0]; 
  }
  else
   return $mach[0]; 
  }
  
  
  function download($filename = '', $data = '', $prefix = '', $attachment = TRUE)
  {
    if ($filename == '' OR $data == '')
      return FALSE;
    if (FALSE === strpos($filename, '.'))
      return FALSE;
    
    $extension = self::getextension($filename);
    $mimes = array(
    'hqx'    =>    'application/mac-binhex40',
    'cpt'    =>    'application/mac-compactpro',
    'csv'    =>    array('text/x-comma-separated-values', 'text/comma-separated-values', 'application/octet-stream', 'application/vnd.ms-excel', 'text/csv', 'application/csv', 'application/excel', 'application/vnd.msexcel'),
    'bin'    =>    'application/macbinary',
    'dms'    =>    'application/octet-stream',
    'lha'    =>    'application/octet-stream',
    'lzh'    =>    'application/octet-stream',
    'exe'    =>    'application/octet-stream',
    'class'    =>    'application/octet-stream',
    'psd'    =>    'application/x-photoshop',
    'so'    =>    'application/octet-stream',
    'sea'    =>    'application/octet-stream',
    'dll'    =>    'application/octet-stream',
    'oda'    =>    'application/oda',
    'pdf'    =>    array('application/pdf', 'application/x-download'),
    'ai'    =>    'application/postscript',
    'eps'    =>    'application/postscript',
    'ps'    =>    'application/postscript',
    'smi'    =>    'application/smil',
    'smil'    =>    'application/smil',
    'mif'    =>    'application/vnd.mif',
    'xls'    =>    array('application/excel', 'application/vnd.ms-excel', 'application/msexcel'),
    'ppt'    =>    array('application/powerpoint', 'application/vnd.ms-powerpoint'),
    'wbxml'    =>    'application/wbxml',
    'wmlc'    =>    'application/wmlc',
    'dcr'    =>    'application/x-director',
    'dir'    =>    'application/x-director',
    'dxr'    =>    'application/x-director',
    'dvi'    =>    'application/x-dvi',
    'gtar'    =>    'application/x-gtar',
    'gz'    =>    'application/x-gzip',
    'php'    =>    'application/x-httpd-php',
    'php4'    =>    'application/x-httpd-php',
    'php3'    =>    'application/x-httpd-php',
    'phtml'    =>    'application/x-httpd-php',
    'phps'    =>    'application/x-httpd-php-source',
    'js'    =>    'application/x-javascript',
    'swf'    =>    'application/x-shockwave-flash',
    'sit'    =>    'application/x-stuffit',
    'tar'    =>    'application/x-tar',
    'tgz'    =>    'application/x-tar',
    'xhtml'    =>    'application/xhtml+xml',
    'xht'    =>    'application/xhtml+xml',
    'zip'    =>  array('application/x-zip', 'application/zip', 'application/x-zip-compressed'),
    'mid'    =>    'audio/midi',
    'midi'    =>    'audio/midi',
    'mpga'    =>    'audio/mpeg',
    'mp2'    =>    'audio/mpeg',
    'mp3'    =>    array('audio/mpeg', 'audio/mpg'),
    'aif'    =>    'audio/x-aiff',
    'aiff'    =>    'audio/x-aiff',
    'aifc'    =>    'audio/x-aiff',
    'ram'    =>    'audio/x-pn-realaudio',
    'rm'    =>    'audio/x-pn-realaudio',
    'rpm'    =>    'audio/x-pn-realaudio-plugin',
    'ra'    =>    'audio/x-realaudio',
    'rv'    =>    'video/vnd.rn-realvideo',
    'wav'    =>    'audio/x-wav',
    'bmp'    =>    'image/bmp',
    'gif'    =>    'image/gif',
    'jpeg'    =>    array('image/jpeg', 'image/pjpeg'),
    'jpg'    =>    array('image/jpeg', 'image/pjpeg'),
    'jpe'    =>    array('image/jpeg', 'image/pjpeg'),
    'png'    =>    array('image/png',  'image/x-png'),
    'tiff'    =>    'image/tiff',
    'tif'    =>    'image/tiff',
    'css'    =>    'text/css',
    'html'    =>    'text/html',
    'htm'    =>    'text/html',
    'shtml'    =>    'text/html',
    'txt'    =>    'text/plain',
    'text'    =>    'text/plain',
    'log'    =>    array('text/plain', 'text/x-log'),
    'rtx'    =>    'text/richtext',
    'rtf'    =>    'text/rtf',
    'xml'    =>    'text/xml',
    'xsl'    =>    'text/xml',
    'mpeg'    =>    'video/mpeg',
    'mpg'    =>    'video/mpeg',
    'mpe'    =>    'video/mpeg',
    'qt'    =>    'video/quicktime',
    'mov'    =>    'video/quicktime',
    'avi'    =>    'video/x-msvideo',
    'movie'    =>    'video/x-sgi-movie',
    'doc'    =>    'application/msword',
    'docx'    =>    'application/vnd.openxmlformats-officedocument.wordprocessingml.document',
    'xlsx'    =>    'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
    'word'    =>    array('application/msword', 'application/octet-stream'),
    'xl'    =>    'application/excel',
    'eml'    =>    'message/rfc822',
    'jar'   =>     'application/java-archive',
    'jad'   =>     'text/vnd.sun.j2me.app-descriptor;charset=UTF-8',
    'sis'   =>     'application/vnd.symbian.install',
    'thm'    =>     'application/vnd.eri.thm'
    );

    if ( ! isset($mimes[$extension]))
      $mime = 'application/octet-stream';
    else
      $mime = (is_array($mimes[$extension])) ? $mimes[$extension][0] : $mimes[$extension];
    
    if(in_array($extension,array('jpg', 'jpeg', 'gif', 'png', 'jpe')))
      $is_image = 1;
      
    if(!$attachment)
    {
      header('Content-Type: '.$mime);
      header("Content-Length: ".strlen($data));
    }
    else
    {
      if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE"))
      {
        header('Content-Type: '.$mime);
        header('Content-Disposition: attachment; filename='.$prefix . '"'.$filename.'"');
        header('Expires: 0');
        header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
        header("Content-Transfer-Encoding: binary");
        header('Pragma: public');
        header("Content-Length: ".strlen($data));
      }
      else
      {
        header('Content-Type: '.$mime);
        header('Content-Disposition: '.($is_image ? 'inline' : 'attachment' ).'; filename='.$prefix . '"'.$filename.'"');
        header("Content-Transfer-Encoding: binary");
        header('Expires: 0');
        header('Pragma: no-cache');
      }
    }
  exit($data);
  }
}

вот сам файл

файл (+/-)

<?php
////////////////////////////////////////////////////
//                 Статьи                         //
////////////////////////////////////////////////////
// Автор:              web_demon                  //
// Oф. сайт поддержки: http://annimon.com         //
// E-mail:             web_demon@mail.ru          //
////////////////////////////////////////////////////

defined('_IN_JOHNCMS') or die('Error: restricted access');
$cat=intval(abs($_POST['cat']));
require_once ('../incfiles/head.php');
if ($user_id)
{
  $do=$_GET['do'];
  if(isset($_POST['add_attachment']))
  {
  function gename($string)
  {
    $tr = array(
      "а"=>"a","б"=>"b",
      "в"=>"v","г"=>"g","д"=>"d","е"=>"e","ж"=>"j",
      "з"=>"z","и"=>"i","й"=>"y","к"=>"k","л"=>"l",
      "м"=>"m","н"=>"n","о"=>"o","п"=>"p","р"=>"r",
      "с"=>"s","т"=>"t","у"=>"u","ф"=>"f","х"=>"h",
      "ц"=>"ts","ч"=>"ch","ш"=>"sh","щ"=>"sch","ъ"=>"y",
      "ы"=>"yi","ь"=>"","э"=>"e","ю"=>"yu","я"=>"ya"," "=>"_" );
      $len=mb_strlen($string);
      $string=str_replace(' ','_',$string);
      $string=str_replace('\\','',$string);
      for($i=0;$i<=$len;$i++)
      {
          $text=mb_substr($string,$i,1);
          if (preg_match("/[0-9A-zА-я\-\_]/iu",$text))
           $out .= $text;
      }
    $out=mb_strtolower($out);
    $out=strtr($out,$tr);
    return $out;
  }  

  function cut_ext($string)
  {
    $n=strrpos($string,".");
    $ext=substr($string,0,$n);
    return $ext;
  }
  
  //прикрепление файлов
  $att= intval(abs($_GET['att']));
  if($att)
    $total_att = mysql_result(mysql_query("SELECT COUNT(*) FROM `ablog_files` WHERE `attach` = '".$att."'"), 0);  
  else
    $total_att=0;
  if($total_att>=20)
  {
    echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
    echo '<div class="menu">'.$lng_ablogs['max_files'].'';
    echo '</div><div class="phdr"><form action="./?act=load&amp;do=save'.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
    require_once ('../incfiles/end.php');
    exit();
  }   
  $file=$_FILES['file']['name'];
  if($file)
  {
    if(ceil($_FILES['file']['size']/1024) < $set['flsz'])
    { 
      $ext=mb_strtolower(ablogs::getextension($file));
      if($ext)
      {
      $filename=gename(cut_ext($file));
        if(file_exists('attach/'.$filename.'.'.$ext.'.dat'))
        {
          $num= file_get_contents('cache/count.dat')+1;
          $filename=$filename.'_'.$num;
          file_put_contents('cache/count.dat',$num, LOCK_EX);
        }
        move_uploaded_file($_FILES['file']['tmp_name'], 'attach/'.$filename.'.'.$ext.'.dat');
        $at_num=intval(abs($_GET['att']));
        if (!$at_num)
          $at_num= file_get_contents('cache/post_count.dat')+1;
        file_put_contents('cache/post_count.dat',$at_num, LOCK_EX);
        mysql_query('INSERT INTO `ablog_files` SET
          `attach` = "'.$at_num.'",
          `time` = "'.time().'",
          `filename` = "'.mysql_real_escape_string($filename.'.'.$ext).'",
          `name` = "'.mysql_real_escape_string(htmlentities($file, ENT_QUOTES, 'UTF-8')).'",
          `count` = "0"');
       
       echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
       echo '<div class="menu">'.$lng_ablogs['file_added'].'';
       echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.'&amp;att='.$at_num.'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['continue'].'"/></form></div>';
       require_once ('../incfiles/end.php');
       exit();
      }
      else
      {
        echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
        echo '<div class="rmenu"><b>'.$lng_ablogs['error'].'</b> '.$lng_ablogs['file_denied'].'</div>';
        echo '<div class="menu">'.$lng_ablogs['file_dhave_ext'].'';
        echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
        require_once ('../incfiles/end.php');
        exit(); 
      }                                 
    }
    else
    {
       echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
       echo '<div class="rmenu"><b>'.$lng_ablogs['error'].'</b> '.$lng_ablogs['too_big_file'].'</div>';
       echo '<div class="menu">'.$lng_ablogs['file_big_mess_one'].' '.$set['flsz'].' '.$lng_ablogs['file_big_mess_two'].' ';
       echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
       require_once ('../incfiles/end.php');
       exit();  
    }
  }
  else
  {
    require_once ("../incfiles/head.php");
    echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
    echo '<div class="menu">'.$lng_ablogs['nothing_ch'].'';
    echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
    require_once ('../incfiles/end.php');
    exit();
  }
exit();
}
elseif($_POST['del_attachment'])
{
   $file_del = $_POST['del_attachment'];
   $file_del = intval(abs(implode('',array_flip($file_del))));
   if ($file_del)
   {
      $req_file = mysql_query("SELECT * FROM `ablog_files` WHERE `id` = '".$file_del."' LIMIT 1");
      if (mysql_num_rows($req_file))
      { 
        $fd = mysql_fetch_assoc($req_file);
        if ($fd['post']==0)
        {
          mysql_query("DELETE FROM `ablog_files` WHERE `id` = '".$file_del."' LIMIT 1");
          if(file_exists('./attach/' . $fd['filename'].'.dat'))
            unlink('./attach/' . $fd['filename'].'.dat');
          
          echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
          echo '<div class="menu">'.$lng_ablogs['file_del_one'].' '.$fd['name'].'('.$fd['filename'].') '.$lng_ablogs['file_del_two'].'';
          echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
          require_once ('../incfiles/end.php');
          exit(); 
        }
        else
        {
          echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
          echo '<div class="menu">'.$lng_ablogs['file_of_an_post'].'';
          echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
          require_once ('../incfiles/end.php');
          exit();  
        }
      }
      else
      {
        echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
        echo '<div class="menu">'.$lng_ablogs['this_del_file_nexists'].'';
        echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
        require_once ('../incfiles/end.php');
        exit();  
      }
   }
   else
   {
      echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['file_att'].'</div>';
      echo '<div class="menu">'.$lng_ablogs['this_del_file_nexists'].'';
      echo '</div><div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
      require_once ('../incfiles/end.php');
      exit();  
   }
   exit();
}
  elseif($do=='save')
  {
    $cat=intval(abs($_POST['cat']));
    if ($cat)
    {
       $raz1 = mysql_query('SELECT * FROM `ablogs` where `type` = "al" AND `id`= "'.$cat.'" LIMIT 1;');
       if(mysql_num_rows($raz1))
       {
          $raz = mysql_fetch_assoc($raz1);
            $codetxt = trim($_POST['codetext']);
            $code_name = trim($_POST['name']);  
            if($codetxt)
            {
              if($ban['1'] or $ban['10'])
              {
                echo '<div class="menu">'.$lng_ablogs['banned'].'<br/><a href="./">'.$lng_ablogs['back'].'</a></div>';
                echo '<div class="phdr">&nbsp;</div>';
                require_once ("../incfiles/end.php");
                exit;  
              }
               $size = mb_strlen($codetxt);
               if($size < $kode_max)
               {
                  if (mb_strlen($code_name) < $name_max and $code_name)
                  {
                    if ($rights >= 6)
                    {
                      mysql_query('INSERT INTO `ablogs` SET
                       `catid` = "'.$cat.'",
                       `type` = "ph",
                       `userid` = "'.$user_id.'",
                       `autor` = "'.$datauser['name'].'",
                       `name` = "'.mysql_real_escape_string(htmlentities($code_name, ENT_QUOTES, 'UTF-8')).'",
                       `text` = "'.mysql_real_escape_string($codetxt).'",
                       `subtext` = "'.mysql_real_escape_string(trim($_POST['text'])).'",
                       `time` = "'.time().'",
                       `realtime` = "'.time().'",
                       `view` = "0"');
                    
                      $postid = mysql_insert_id();
                      
                      $att_id=intval(abs($_GET['att']));
                      if ($att_id)
                        mysql_query('UPDATE `ablog_files` SET `post` = "'.$postid.'" WHERE `attach` = "'.$att_id.'" AND `post` = "0"'); 
                      
                      mysql_query("UPDATE `ablogs` SET `time` = '".time()."' WHERE `id` = '".$cat."' LIMIT 1");
                      mysql_query("INSERT INTO `ablogs_com_rdm` SET `comid` = '0', `photoid` = '".$postid."', `userid` = '0', `time` = '0';");
                      if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ablogs_rdm` WHERE `photoid` = '".$postid."' AND `userid` = '".$user_id."'"), 0)==0)
                        mysql_query("INSERT INTO `ablogs_rdm` SET `photoid` = '".$postid."', `userid` = '".$user_id."', `time` = '".time()."'");
                      echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
                      echo '<div class="menu">'.$lng_ablogs['article_added'].'<br/><a href="./?act=album&amp;id='.$cat.'">'.$lng_ablogs['continue'].'</a></div>';
                      echo '<div class="phdr">&nbsp;</div>';
                    }
                    else
                    {
                       mysql_query('INSERT INTO `ablogs_mod` SET
                       `catid` = "'.$cat.'",
                       `type` = "ph",
                       `userid` = "'.$user_id.'",
                       `autor` = "'.$datauser['name'].'",
                       `name` = "'.mysql_real_escape_string(htmlentities($code_name, ENT_QUOTES, 'UTF-8')).'",
                       `text` = "'.mysql_real_escape_string($codetxt).'",
                       `subtext` = "'.mysql_real_escape_string(trim($_POST['text'])).'",
                       `time` = "'.time().'",
                       `realtime` = "'.time().'",
                       `view` = "0"');
                       
                       $postid = mysql_insert_id();
                       
                       $att_id=intval(abs($_GET['att']));
                       if ($att_id)
                         mysql_query('UPDATE `ablog_files` SET `atmod` = "'.$postid.'" WHERE `attach` = "'.$att_id.'" AND `post` = "0"');
                        
                      echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
                      echo '<div class="menu">'.$lng_ablogs['article_on_mod'].'<br/><a href="./">'.$lng_ablogs['continue'].'</a></div>';
                      echo '<div class="phdr">&nbsp;</div>';
                    }
                  }
                  else
                  {
                    echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | </div>';
                    echo '<div class="menu">'.$lng_ablogs['err_name_one'].' '.$name_max.' '.$lng_ablogs['err_name_two'].'</div>';
                    echo '<div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="hidden" name="text" value="'.base64_encode($_POST['text']).'" /><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
                  } 
               }
               else
               {
                  echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | </div>';
                  echo '<div class="menu">'.$lng_ablogs['stat_too_long_one'].' '.$kode_max.' '.$lng_ablogs['stat_too_long_two'].'</div>';
                  echo '<div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="hidden" name="text" value="'.base64_encode($_POST['text']).'" /><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
               }
            }
            else
            {
               echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
               echo '<div class="menu">'.$lng_ablogs['no_body'].'</div>';
               echo '<div class="phdr"><form action="./?act=load&amp;id='.$cat.''.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="hidden" name="text" value="'.base64_encode($_POST['text']).'" /><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
            }
       }
       else
       {
          echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
          echo '<div class="menu">'.$lng_ablogs['cat_no_ch'].'</div>';
          echo '<div class="phdr"><form action="./?act=load'.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post"><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="hidden" name="text" value="'.base64_encode($_POST['text']).'" /><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>'; 
       } 
    }
    else
    {
      echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
      echo '<div class="menu">'.$lng_ablogs['cat_no_ch'].'</div>';
      echo '<div class="phdr"><form action="./?act=load" method="post"><input type="hidden" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'" /><input type="hidden" name="text" value="'.base64_encode($_POST['text']).'" /><input type="hidden" name="codetext" value="'.base64_encode($_POST['codetext']).'" /><input type="submit" value="'.$lng_ablogs['back'].'"/></form></div>';
    }
  }
  else
  {
    if($ban['1'] or $ban['10'])
    {
       echo '<div class="menu">'.$lng_ablogs['banned'].'<br/><a href="./">'.$lng_ablogs['back'].'</a></div>';
       echo '<div class="phdr">&nbsp;</div>';
       require_once ("../incfiles/end.php");
       exit;  
    }
    $raz1 = mysql_query('SELECT * FROM `ablogs` where `type` = "al" order by time;');
    if(mysql_num_rows($raz1))
    {
      echo '<div class="phdr"><a href="./">'.$lng_ablogs['articles'].'</a> | '.$lng_ablogs['new_article'].'</div>';
      echo '<form name="mess" action="./?act=load&amp;do=save'.($_GET['att'] ? '&amp;att='.intval(abs($_GET['att'])) : '').'" method="post" enctype="multipart/form-data">';
      if ($rights < 6)
      {
        echo '<div class="topmenu"> '.$lng_ablogs['add_after_mod'].'</div>';  
      }
      echo '<div class="gmenu">'.$lng_ablogs['this_cat'].'<br/><select name="cat">';
      while($raz = mysql_fetch_array($raz1))
      {
        echo '<option value="'.$raz['id'].'" '.($raz['id']==$id ? 'selected="selected"' : '' ).'>'.(mb_strlen($raz['text']) > 25 ? htmlentities(mb_substr($raz['text'],0,25), ENT_QUOTES, 'UTF-8').'...' : htmlentities($raz['text'], ENT_QUOTES, 'UTF-8')).'</option>';  
      }
      echo '</select></div>';
      echo '<div class="menu">';
      echo ''.$lng_ablogs['ar_name'].' ('.$lng_ablogs['max_symb_one'].' '.$name_max.' '.$lng_ablogs['max_symb_two'].')<br/><input type="text" name="name" value="'.htmlentities($_POST['name'], ENT_QUOTES, 'UTF-8').'"/>';
      echo '</div>';
      echo '<div class="menu">';
      echo ''.$lng_ablogs['text'].' ('.$lng_ablogs['max_symb_one'].' '.$kode_max.' '.$lng_ablogs['max_symb_two'].'):<br/>'.bbcode::auto_bb('mess', 'codetext').'<textarea name="codetext" cols="30" rows="12">'.htmlentities(base64_decode($_POST['codetext']), ENT_QUOTES, 'UTF-8').'</textarea><br/>';
      echo '</div>';
      $att=intval(abs($_GET['att']));
      if($att)
      {
        $at1 = mysql_query('SELECT * FROM `ablog_files` WHERE `attach` = "'.$att.'"');
        if (mysql_num_rows($at1))
        {
          echo '<div class="gmenu">';
          echo '<b>'.$lng_ablogs['att_files'].'</b><br/>';
          while ($at = mysql_fetch_assoc($at1))
          {
           $ext=ablogs::getextension($at['name']);
           echo ((file_exists('./ext/'.$ext.'.png') ? '<img src="./ext/'.$ext.'.png" />' : '<img src="./img/9.png" />')).' <a href="./file'.$at['id'].'/'.rawurlencode($at['name']).'">'.ablogs::cut_filename($at['name']).'</a> | <a class="edittext_4" href="javascript:tag(\'\', \' ['.(ablogs::is_image_3($at['filename']) ? 'img' : 'file').'='.$at['filename'].']'.$at['name'].'[\/'.(ablogs::is_image_3($at['filename']) ? 'img' : 'file').'] \')">'.$lng_ablogs['put_dick_in_vagina'].'</a> <input type="submit" name="del_attachment['.$at['id'].']" value="'.$lng_ablogs['delete'].'"/><br/>';
          }
          echo '</div>';
        }      
      }
      
      if($att)
        $total_att = mysql_result(mysql_query("SELECT COUNT(*) FROM `ablog_files` WHERE `attach` = '".$att."'"), 0);  
      else
        $total_att=0;
        
      if($total_att<20)
      {
        echo '<div class="gmenu">'.$lng_ablogs['att_file'].'<br/>';
        echo '<input type="file" name="file" /> ';
        echo '<input type="submit" name="add_attachment" value="'.$lng_ablogs['attach'].'"/>';
        echo '</div>';
      }
      echo '<div class="phdr"><input type="submit" value="'.$lng_ablogs['add_article'].'" /></div>';
      echo '</form>';
    }
    else
    {
      echo '<div class="phdr">'.$lng_ablogs['articles'].'</div>';
      echo '<div class="menu">'.$lng_ablogs['no_cats'].'<br/><a href="./">'.$lng_ablogs['back'].'</a></div>';
      echo '<div class="phdr">&nbsp;</div>';
    } 
  }
}
else
{
   echo '<div class="phdr">'.$lng_ablogs['articles'].'</div>';
   echo '<div class="menu">'.$lng_ablogs['only_reg_users'].'<br/><a href="./">'.$lng_ablogs['back'].'</a></div>';
   echo '<div class="phdr">&nbsp;</div>'; 
}
require_once ('../incfiles/end.php');

исправьте кто может

fanatos

16 июн 2016 г., 12:16

Менделеев

mysql_real_escape_string у тебя при записи в базу

fanatos

16 июн 2016 г., 12:20

Менделеев

Используй functions::checkin и checkout ,все просто,просто в старых модулях нету их

Udesign

16 июн 2016 г., 12:40

# fanatos (16.06.2016 / 12:16)
mysql_real_escape_string у тебя при записи в базу

на что надо менять mysql_real_escape_string

Udesign

16 июн 2016 г., 13:13

# fanatos (16.06.2016 / 12:20)
Используй functions::checkin и checkout ,все просто,просто в старых модулях нету их

a base64_encode тоже надо менят?

fanatos

16 июн 2016 г., 14:15

Менделеев

# Udesign (16.06.2016 / 13:13)
a base64_encode тоже надо менят?

Нет,где запись в базу идёт,там смотри

Alexis22

16 июн 2016 г., 15:02

# ДоХтор (16.06.2016 / 00:41)
Понял. Для этого понадобится либо дополнительное поле, либо дополнительная кнопка (например, галка "чекбокс"). Подумай, что было бы лучше, и напиши. Код смогу написать не раньше завтрашнего вечера, ил

либо дополнительная кнопка (например, галка "чекбокс").

так думаю лучше будет

Udesign

16 июн 2016 г., 16:39

fanatos, спасибо работает

Udesign

16 июн 2016 г., 16:43

еще нужен помощь я хочу сделать так когда пользователи пишет Коментарии в новости туда надо добавит цит и ответ как сделать так модуль новости крите

ValekS

16 июн 2016 г., 17:34

Ей 25

# Udesign (16.06.2016 / 16:43)
еще нужен помощь я хочу сделать так когда пользователи пишет Коментарии в новости туда надо добавит цит и ответ как сделать так модуль новости крите

На JavaScript проще всего сделать вставку цитаты и ника для ответа в поле ввода.