use DBI;
use CGI;
$CGI_PARAMS=new CGI;
#use POSIX qw(locale_h);
#setlocale(LC_CTYPE, "RU.Windows-1251");
####### Default/Startup paramters values #######
$rand_number=int(rand(99999));
$DEFAULT_PART=1;
$SESSIONID=time().$$;
@months=('Января', 'Февраля', 'Марта', 'Апреля', 'Мая', 'Июня', 'Июля', 'Августа', 'Сентября', 'Октября', 'Ноября', 'Декабря');
$READ_GROUP='user';
$SUPERADMIN_GROUP='superadmin';
$ADMIN_GROUP='admin';
$WRITE_GROUP='confwriter';
$MODERATOR_GROUP='confmoderator';
$HTML_WRITE_GROUP='htmlconfwriter';
$dbconnect=1;
$columns = 3;
#include /home/hobbydomru/www/inc/dbiconnect.inc
## If connected to DB
if ($dbconnect)
{
## If connected to DB
if (($part=$CGI_PARAMS->param('part')) eq '')
{
$part=$DEFAULT_PART;
}
$query="select * from forum_part where id=$part";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$title="Форум :: ".$data_hash->{'partname'};
}
#include ../../inc/head2.inc
$remote_user=$ENV{'REMOTE_USER'} ? $ENV{'REMOTE_USER'} : "guest";
$q_remote_user=$DB->quote($remote_user);
$query="select groupname from group_member where login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
$ACL{$data_hash->{'groupname'}}='yes';
}
$query="select groupname, subgroupname from subgroup_member where login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
$ACL{$data_hash->{'groupname'}."_".$data_hash->{'subgroupname'}}='yes';
}
$archive_flag = 1;
if (defined($CGI_PARAMS->param('archive')) and ( $CGI_PARAMS->param('archive') eq 'yes' ))
{
$archive_flag = 2;
}
if (defined($CGI_PARAMS->param('add'))
&& defined($CGI_PARAMS->param('name')) && ($CGI_PARAMS->param('name') ne '')
&& defined($CGI_PARAMS->param('message')) && ($CGI_PARAMS->param('message') ne '')
&& defined($CGI_PARAMS->param('sessionid')) && ($CGI_PARAMS->param('sessionid') ne '')
&& defined($ACL{$WRITE_GROUP}))
{
$PASSED_SESSIONID=$CGI_PARAMS->param('sessionid');
######### Determining id sessionid presents #########
$query="select id from forum_thread where sessionid=$PASSED_SESSIONID";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if (!$result->rows)
{
######### Thread creation #########
my $name=$CGI_PARAMS->param('name');
if (!defined($ACL{$HTML_WRITE_GROUP}))
{
$name=~s/\>/\>\;/g;
$name=~s/\\<\;/g;
}
$query="insert into forum_thread (id, partid, threadname, login, sessionid, time, inform) values (";
$query.="NULL, $part, ";
$query.=$DB->quote($name).", ";
$query.="$q_remote_user, ";
$query.="\'$PASSED_SESSIONID\', now(), 1) ";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
$query="select id from forum_thread where sessionid=\'$PASSED_SESSIONID\'";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
($data_hash=$result->fetchrow_hashref) or die "Can't find inserted message: $query\n";
$created_thread_id=$data_hash->{'id'};
######### Determining id sessionid presents in messages #########
$query="select id from forum_message where sessionid=$PASSED_SESSIONID";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if (!$result->rows)
{
######### First thread message creation #########
$query="insert into forum_message (id, threadid, login, time, messagetext, sessionid) values (";
$query.="NULL, $created_thread_id, $q_remote_user, now(), ";
$message=$CGI_PARAMS->param('message');
$url=$CGI_PARAMS->param('url');
if (!defined($ACL{$HTML_WRITE_GROUP}))
{
$message=~s/\>/\>\;/g;
$message=~s/\\<\;/g;
$url=~s/\>/\>\;/g;
$url=~s/\\<\;/g;
}
$message=~s/[\n\r]+$/
/gm;
$url=~s/^(http\:\/\/)+//;
if ($url ne '')
{
$message.="
URL: http://$url";
}
$query.=$DB->quote($message).", ";
$query.="\'$PASSED_SESSIONID\') ";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
$query="insert into forum_thread_read (threadid, login, time) values ($created_thread_id, $q_remote_user, now())";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
}
}
if (defined($CGI_PARAMS->param('archive_tred')) && ($CGI_PARAMS->param('archive_tred')=~/[\d]+/))
{
$tr_num=$CGI_PARAMS->param('archive_tred');
$query="select partid from forum_thread where id=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$part=$data_hash->{'partid'};
}
if ( defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part}) )
{
$query="update forum_thread set inform=2 where id=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
}
if (defined($CGI_PARAMS->param('delete')) && ($CGI_PARAMS->param('delete')=~/[\d]+/))
{
$tr_num=$CGI_PARAMS->param('delete');
$query="select partid from forum_thread where id=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$part=$data_hash->{'partid'};
}
if ( defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part}) )
{
$query="delete from forum_thread where id=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
$query="delete from forum_thread_read where threadid=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
$query="delete from forum_message where threadid=$tr_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
}
if (defined($CGI_PARAMS->param('markread')) && ($CGI_PARAMS->param('part')=~/[\d]+/))
{
$query="select now() as currtime";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$currtime=$data_hash->{'currtime'};
}
$query="select id from forum_thread where partid=".$CGI_PARAMS->param('part');
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
undef @threads_to_markread;
while ($data_hash=$result->fetchrow_hashref)
{
push(@threads_to_markread,$data_hash->{'id'});
}
foreach $tr_num (sort(@threads_to_markread))
{
$query="delete from forum_thread_read where threadid=$tr_num and login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
$query="insert into forum_thread_read values ($tr_num, $q_remote_user, '$currtime')";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
}
if ($CGI_PARAMS->param('editthread')=~/[\d]+/
&& (defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part})) )
{
$query="update forum_thread";
$query.=" set threadname=".$DB->quote($CGI_PARAMS->param('name') || '');
$query.=" where id=".$CGI_PARAMS->param('editthread');
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
if (defined($ACL{$READ_GROUP}))
{
$query="select * from forum_part where id=$part";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
!>
if($archive_flag == 2) { !>
Архив
} else { !>
Темы
} !>
раздела "
if ($data_hash=$result->fetchrow_hashref)
{
$forum=$data_hash->{'forumid'};
print $data_hash->{'partname'};
}
!>"
if ( defined($ACL{$MODERATOR_GROUP}) )
{
print " {'id'}."\">";
}
if ( defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part}) )
{
print " {'id'}."\">";
}
!> (
if($archive_flag == 2) { !>
Все темы
} else { !>
Архив
} !>
)
$query="select r.time, r.threadid, count(t.id) as count, max(m.time) as maxtime";
$query.=" from forum_thread_read r, forum_message m, forum_thread t";
$query.=" where t.id=r.threadid and r.login=$q_remote_user and r.threadid=m.threadid and t.partid=$part";
#$query.=" group by t.id having r.time\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
$time=$data_hash->{'time'};
$time=~s/[^\d]*//g;
$maxtime=$data_hash->{'maxtime'};
$maxtime=~s/[^\d]*//g;
# print $data_hash->{'count'}."[$time][$maxtime]
";
$counts{$data_hash->{'threadid'}}=$data_hash->{'count'};
if ($time<$maxtime)
{
$maxtimes{$data_hash->{'threadid'}}=$data_hash->{'maxtime'};
}
else
{
$maxtimes{$data_hash->{'threadid'}}="";
}
}
$query="select * from forum_thread where partid=$part and forum_thread.inform=$archive_flag order by time desc";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
!>
while ($data_hash=$result->fetchrow_hashref)
{
print "- ";
if (defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part}))
{
print "{'id'}."\"> ";
print "{'id'}."\"> ";
print " {'id'}."\">в архив ";
}
print "{'id'}."\">".$data_hash->{'threadname'}."";
if (defined($counts{$data_hash->{'id'}}))
{
print " (".$counts{$data_hash->{'id'}}.")";
}
if ($remote_user ne 'guest')
{
if (defined($maxtimes{$data_hash->{'id'}}))
{
if ($maxtimes{$data_hash->{'id'}}=~/^(\d\d\d\d)-(\d\d)-(\d\d) (\d\d):(\d\d):(\d\d)$/)
{
print "
обновлена $3 $months[$2-1] $4:$5";
}
}
else
{
print "
нечитана";
}
}
print "
\n";
}
!>
if ($remote_user ne 'guest')
{
!>
Пометить все темы как прочитанные >>>
}
}
if (defined($ACL{$WRITE_GROUP}))
{
!>
}
!>
if (defined($ACL{$READ_GROUP}))
{
!>
|
Разделы конференций
$query="select * from forum_part where forumid=$forum";
if (!(defined($ACL{$ADMIN_GROUP}) || defined($ACL{$SUPERADMIN_GROUP})))
{
$query.=" and isnull(adminonly)";
}
$query.=" order by partname";
#print $query." \n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
if ($data_hash->{'id'} eq $part)
{
!>
print $data_hash->{'partname'}!>
}
else
{
print "{'id'}."\" >".$data_hash->{'partname'}." \n";
}
}
!>
|
|
}
$result->finish;
$DB->disconnect;
}
else
{
!>
ОШИБКА: Нет доступа к базе данных
}
#include ../../inc/bottom2.inc
!>