<?
require_once ('power.php');
require_once ('head.php');
$fuser->aut();
switch($mode) {
///новый комментарий
case 'write':
$text = shit($_POST['text']);
$te = $db -> query("SELECT * FROM `comes` WHERE `where`='ferma' and `user` = '".$ya['id']."' LIMIT 1");
if (mb_strlen($func->delprobel($text)) < 3) {
echo '<div class="fon">'.language('Слишком короткий текст').'</div>';
header('refresh: 3; url=comments'.$id.'');
}else{
$mtime = $db -> query("SELECT * FROM `comes` WHERE `user` = '".$ya['id']."' order by `time` DESC limit 0,1")->fetch_assoc();
if($mtime['time']+$db->settings('floodkom')<=time()){
$db -> query("INSERT INTO `comes` SET `where`='ferma', `user` = '".$ya['id']."', `idwh` = '".$id."',`text` = '".$text."',`time` = '".time()."'");
header('location: ?');
}else{
echo '<div class="fon">'.language('Попробуйте через').' '.$db->settings('floodkom').' '.language('сек').'.</div>';
header('refresh: 3; url=?');
}
}
break;
///удаляем комментарий
case 'del':
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$id."' and `where`='ferma' LIMIT 1");
if ($sql -> num_rows > 0) {
$assoc = $sql -> fetch_assoc();
if ($assoc['user']==$ya['id'] or ($admin->user_can($settings['admin_name'],$ya['id'],false) or $admin->user_can($settings['moder_name'],$ya['id'],false))){
if (!isset($_GET['true'])) {
echo '<div class="fon">'.language('Вы подтверждаете это действие').'?</div>';
echo '<div class="dialog">
<a class="dialog_m" href="?id='.$id.'&mode=del&page='.$page.'&true">'.language('Да').'</a>
<a class="dialog_m" href="?page='.$page.'">'.language('Нет').'</a>
</div>';
} else {
$db -> query("DELETE FROM `comes` WHERE `id` = '".$id."' LIMIT 1");
header('location: ?page='.$page);
}
} else header('location: ?page='.$page);
} else header('location: ?page='.$page);
break;
//все комментарии
default:
$count = $db -> dbcount('COUNT(`id`)','comes',"`where`='ferma'");
$num = isset($ya['num']) ? $ya['num'] : 10;
$total = intval(($count - 1) / $num) + 1;
if (!isset($_GET['page']) || !is_numeric($_GET['page']) || $_GET['page'] < 1 )
{
$page = 1;
} elseif($_GET['page'] > $total)
{ $page = $total;
} else $page = (int)$_GET['page'];
$start = $page * $num - $num;
if ($count>0){
$for = $db -> query("SELECT * FROM `comes` WHERE `where`='ferma' ORDER BY `id` DESC LIMIT ".$start.",".$num);
while ($assoc = $for -> fetch_assoc()) {
echo '<div class="fon">
<table><tr valign="top"><td>'.$fuser->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$fuser->famname($assoc['user']).' <span class="date">'.$func -> times(date('d m Y H:i',ustime($ya['gmt'],$assoc['time']))).'</span></br>
'.$func -> tags($assoc['text']).'
</td></tr></table></div>';
//проверяем автор,администратор или модератор
if ($assoc['user']==$ya['id'] or ($admin->user_can($settings['admin_name'],$ya['id'],false)
or $admin->user_can($settings['moder_name'],$ya['id'],false)))echo '<div class="zap"><a href="?id='.$assoc['id'].'&mode=del&page='.$page.'" class="zap_b">Удалить</a></div>';
}
}else echo '<div class="fon">'.language('Комментарии отсутсвутют').'</div>';
echo '<div class="fon"><form action="?mode=write&page='.$page.'" method="post">
'.language('Комментарий').':<br/>
<textarea name="text" required></textarea><br/>
<input type="submit" value="'.language('Написать').'"/></form></div>';
$act = 'comments.php?id='.$id;
echo $func -> pagenav($act,$page,$total);
}
///foot
include_once ('foot.php');
///
?>