Sql
PHP Code:
CREATE TABLE `shoutbox` ( `id` smallint(6) NOT NULL auto_increment, `userid` smallint(6) NOT NULL default '0', `class` int(11) NOT NULL default '0', `username` varchar(25) character set cp1251 collate cp1251_bin NOT NULL default '', `date` int(11) NOT NULL default '0', `text` text character set cp1251 collate cp1251_bin NOT NULL, `orig_text` text character set cp1251 collate cp1251_bin NOT NULL, `warned` enum('yes','no') collate latin2_czech_cs NOT NULL default 'no', `donor` enum('yes','no') collate latin2_czech_cs NOT NULL default 'no', PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin2 COLLATE=latin2_czech_cs AUTO_INCREMENT=72 ;
Block-chat.php
PHP Code:
<?php if (!defined('BLOCK_FILE')) { Header("Location: ../index.php"); exit; }
global $tracker_lang, $CURUSER;
?><script language=javascript> function SmileIT(smile,form,text){ document.forms[form].elements[text].value = document.forms[form].elements[text].value+" "+smile+" "; document.forms[form].elements[text].focus(); } </script>
<script LANGUAGE="JavaScript"><!-- function mySubmit() { setTimeout('document.shbox.reset()',100); } //--></SCRIPT> <? $content = "<table width='100%' border='2' cellspacing='0' cellpadding='0'><td class=text>"; $content .= "<iframe src='shoutbox.php' width='100%' height='180' align='center' frameborder='0' name='sbox' marginwidth='0' marginheight='0'></iframe><br><br>"; if($CURUSER){ $content .= "<form action='shoutbox.php' method='get' target='sbox' name='shbox' onSubmit=\"mySubmit()\">"; $content .= "<p align=\"center\">Сообщение: <input type='text' name='shbox_text' size='80'>"; $content .= "<input type='hidden' name='sent' value='yes'><br>"; $content .= "<center><a href=\"javascript: SmileIT(';-)','shbox','shbox_text')\"><img src=pic/smilies/wink.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-P','shbox','shbox_text')\"><img src=pic/smilies/tongue.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-)','shbox','shbox_text')\"><img border=0 src=pic/smilies/smile1.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':w00t:','shbox','shbox_text')\"><img border=0 src=pic/smilies/w00t.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-D','shbox','shbox_text')\"><img border=0 src=pic/smilies/grin.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':lol:','shbox','shbox_text')\"><img border=0 src=pic/smilies/laugh.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-/','shbox','shbox_text')\"><img border=0 src=pic/smilies/confused.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-(','shbox','shbox_text')\"><img border=0 src=pic/smilies/sad.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':-O','shbox','shbox_text')\"><img src=pic/smilies/ohmy.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT('8-)','shbox','shbox_text')\"><img src=pic/smilies/cool1.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':sly:','shbox','shbox_text')\"><img src=pic/smilies/sly.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':greedy:','shbox','shbox_text')\"><img src=pic/smilies/greedy.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':weirdo:','shbox','shbox_text')\"><img src=pic/smilies/weirdo.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':sneaky:','shbox','shbox_text')\"><img src=pic/smilies/sneaky.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':shit:','shbox','shbox_text')\"><img src=pic/smilies/shit.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':?:','shbox','shbox_text')\"><img src=pic/smilies/question.gif border=0></a>"; $content .= "<a href=\"javascript: SmileIT(':!:','shbox','shbox_text')\"><img src=pic/smilies/excl.gif border=0></a><br><br></center>"; $content .= "<center><input type='submit' value=' Сказать '><input type='hidden' name='sent' value='yes'> <a href='shoutbox.php' target='sbox'><b>Обновить</b></a></center>"; } $content .= "</td></table></form>";
?>
Shoutbox.php
PHP Code:
<? header("Content-Type: text/html; charset=windows-1251"); require_once("include/bittorrent.php"); dbconn(false);
$line = "143"; //text..
if($CURUSER){ //delete if (isset($_GET['del']) && get_user_class() >= UC_MODERATOR && is_valid_id($_GET['del'])) sql_query("DELETE FROM shoutbox WHERE id=".sqlesc($_GET['del']));
//update if (isset($_GET['edit']) && get_user_class() >= UC_MODERATOR && is_valid_id($_GET['edit'])) { $sql=sql_query("SELECT id,text FROM shoutbox WHERE id=".sqlesc($_GET['edit'])); $res=mysql_fetch_array($sql); if (!empty($res)) { ?> <meta http-equiv="expires" content="0"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> </head> <body bgcolor=#F5F4EA> <?php echo '<form method=post action=shoutbox.php>'; echo '<input type=hidden name=id value='.(int)$res['id'].'>'; echo 'Редактировать текст.<hr>'; echo '<textarea name=text rows=3 cols=80 id=specialbox>'.htmlspecialchars($res['text']).'</textarea>'; echo '<br><input type=submit name=save value="Обновить" class=btn>'; echo '</form></body></html>'; die; } }
//view if (isset($_GET['orig']) && get_user_class() >= UC_MODERATOR && is_valid_id($_GET['orig'])) { $sql=sql_query("SELECT id, orig_text FROM shoutbox WHERE id=".sqlesc($_GET['orig'])); $res=mysql_fetch_array($sql); if (!empty($res)) { ?> <meta http-equiv="expires" content="0"> <meta http-equiv="Content-Type" content="text/html; charset=windows-1251" /> </head> <body bgcolor=#F5F4EA> <?php echo 'оригинальный текст.<hr>'; echo format_comment($res['orig_text'])."<br><br><br><a href=\"/shoutbox.php\"><input type=submit value=\"Обратно\" class=btn></a></body></html>"; die; } }
//update edit if (isset($_POST['text']) && get_user_class() >= UC_MODERATOR && is_valid_id($_POST['id'])) { $text = trim($_POST['text']); $id = (int)$_POST['id']; if(strlen($text) > $line) die("Слишком длинный текст"); if (isset($text) && isset($id) && is_valid_id($id)) sql_query("UPDATE shoutbox SET text = ".sqlesc($text)." WHERE id=".sqlesc($id)); }
// post if($_GET["sent"] == "yes") { $text = trim($_GET["shbox_text"]); if(strlen($text) > $line) die("Слишком длинный текст"); if($text != "") { mysql_query("INSERT INTO shoutbox (id, userid, class, warned, donor, username, date, text, orig_text) VALUES ('id'," . sqlesc($CURUSER["id"]) . ", " . sqlesc($CURUSER["class"]) . ", " . sqlesc($CURUSER["warned"]) . ", " . sqlesc($CURUSER["donor"]) . ", " . sqlesc($CURUSER["username"]) . ", ".time().", " . sqlesc($text) . ", " . sqlesc($text) . ")") or sqlerr(__FILE__, __LINE__); } }
} ?> <html><head> <title>ShoutBox</title> <meta http-equiv="Content-Type" content="text/html; charset=windows-1250"> <META HTTP-EQUIV=REFRESH CONTENT="120; URL=shoutbox.php"> <style type="text/css"> A {color: #000000; font-weight: bold; } A:hover {color: #FF0000;} .small {font-size: 8pt; font-family: tahoma; } .date {font-size: 7pt;} </style> <STYLE>BODY { background-color: #F0F0E6; SCROLLBAR-3DLIGHT-COLOR: #004E98; SCROLLBAR-ARROW-COLOR: #004E98; SCROLLBAR-DARKSHADOW-COLOR: white; SCROLLBAR-BASE-COLOR: white; } </STYLE> </head> <body> <?
/* if ($CURUSER["chatpost"] == 'no') { print("<h2><br><center>You are banned.</center></h2>"); exit; } else { */
$res = mysql_query("SELECT * FROM shoutbox ORDER BY date DESC LIMIT 35") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($res) == 0) print("\n"); else { print("<table border=0 cellspacing=0 cellpadding=2 width='100%' align='left' class='small'>\n");
while ($arr = mysql_fetch_assoc($res)) { $usercolor = get_user_class_color($arr["class"], $arr["username"]); if (get_user_class() >= UC_MODERATOR) { $orig = ""; if($arr['text'] != $arr['orig_text']) $orig .= "<span class='date'><a href=shoutbox.php?orig=".$arr[id].">(orig)</a></span>\n";
$del = "<span class='date'><a href=shoutbox.php?del=".$arr[id]."><img src=\"pic/warned2.gif\" border=0></a></span>\n"; $edit = "<span class='date'><a href=shoutbox.php?edit=".$arr[id]."><img src=\"pic/forum.png\" border=0></a></span>\n"; } if($CURUSER) $pm = "<span class='date'>[<a target=_blank href=message.php?action=sendmessage&receiver=".$arr['userid'].">pm</a>]</span>\n";
print("<tr><td>\n<span class='date'>[".strftime("%d.%m %H:%M",$arr["date"])."]</span>\n$del $edit $pm $orig ". ($CURUSER?"<a href='userdetails.php?id=".$arr["userid"]."' target='_blank'>$usercolor</a>":"<b>$usercolor</b>") ."\n" . ($arr["donor"] == "yes" ? "<img src='".$pic_base_url."star.gif' alt='donate' title='donate'>\n" : "") . ($arr["warned"] == "yes" ? "<img src='".$pic_base_url."warned.gif' alt='warn' title='warn'>\n" : "") . " ".format_comment($arr["text"])."\n</td></tr>\n"); } print("</table>");
}
?> </body> </html>
|