use DBI;
use CGI;
$CGI_PARAMS=new CGI;
#use POSIX qw(locale_h);
#setlocale(LC_CTYPE, "RU.Windows-1251");
####### Default/Startup paramters values #######
$rand_number=int(rand(99999));
$DEFAULT_THREAD=1;
$SESSIONID=time().$$;
@months=('Января', 'Февраля', 'Марта', 'Апреля', 'Мая', 'Июня', 'Июля', 'Августа', 'Сентября', 'Октября', 'Ноября', 'Декабря');
$READ_GROUP='user';
$WRITE_GROUP='confwriter';
$HTML_WRITE_GROUP='htmlconfwriter';
$MODERATOR_GROUP='confmoderator';
$dbconnect=1;
#include ../../inc/dbiconnect.inc
#include ../../inc/head2.inc
#$DB = DBI->connect("DBI:$DBD:$DBNAME",$DBUSER,$DBUSERPASS) || ($dbconnect=0);
## If connected to DB
if ($dbconnect)
{
$remote_user=$ENV{'REMOTE_USER'};
$q_remote_user=$DB->quote($remote_user);
#$query="select * from user_options where login=$q_remote_user";
#print $query."
\n";
#$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
#$result->execute or die "Can't execute query: $query\n";
#while ($data_hash=$result->fetchrow_hashref)
#{
# foreach $optionname (keys(%$data_hash))
# {
# $user_options{$optionname}=$data_hash->{$optionname};
# }
#}
$query="select groupname from group_member where login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
$ACL{$data_hash->{'groupname'}}='yes';
}
$query="select groupname, subgroupname from subgroup_member where login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
while ($data_hash=$result->fetchrow_hashref)
{
$ACL{$data_hash->{'groupname'}."_".$data_hash->{'subgroupname'}}='yes';
}
if ($CGI_PARAMS->param('thread')=~/^\d+$/)
{
$thread=$CGI_PARAMS->param('thread');
}
else
{
$thread=$DEFAULT_THREAD;
}
$query="select forum.id as fid, threadname, partname, partid, forum_thread.id as tid, inform from forum, forum_thread, forum_part where forum_thread.id=$thread and forum_thread.partid=forum_part.id and forum_part.forumid=forum.id";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$title=$data_hash->{'threadname'};
$part=$data_hash->{'partid'};
$thread=$data_hash->{'tid'};
$inform=$data_hash->{'inform'};
if($inform==1) { $IS_WRITABLE = 1; }
else {$IS_WRITABLE = 0;}
$partname=$data_hash->{'partname'};
$back="
{'fid'}."\" class=\"menu2\"> вернуться к списку разделов\n
";
$back.=" вернуться к списку тем
";
if($IS_WRITABLE) {
$back.=" ваше мнение";
}
}
if (defined($CGI_PARAMS->param('add')) && defined($CGI_PARAMS->param('sessionid'))
&& ($CGI_PARAMS->param('sessionid') ne '') && defined($CGI_PARAMS->param('content'))
&& ($CGI_PARAMS->param('content') ne '') && defined($ACL{$WRITE_GROUP}))
{
$PASSED_SESSIONID=$CGI_PARAMS->param('sessionid');
######### Determining id sessionid presents #########
$query="select id from forum_message where sessionid=$PASSED_SESSIONID";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if (!$result->rows)
{
######### First thread message creation #########
$query="insert into forum_message (id, threadid, login, time, messagetext, sessionid) values (";
$query.="NULL, $thread, $q_remote_user, now(), ";
if (defined($CGI_PARAMS->param('content')) && ($CGI_PARAMS->param('content') ne ''))
{
$message=$CGI_PARAMS->param('content');
$url=$CGI_PARAMS->param('url');
if (!defined($ACL{$HTML_WRITE_GROUP}))
{
$message=~s/\>/\>\;/g;
$message=~s/\\<\;/g;
$url=~s/\>/\>\;/g;
$url=~s/\\<\;/g;
}
$message=~s/[\n\r]+$/
/gm;
$url=~s/^(http\:\/\/)+//;
if ($url ne '')
{
$message.="
URL: http://$url";
}
$query.=$DB->quote($message).", ";
}
else
{
$query.="NULL, ";
}
$query.="\'$PASSED_SESSIONID\') ";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
}
if ($CGI_PARAMS->param('editmessage')=~/[\d]+/
&& (defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part})) )
{
$query="update forum_message";
$query.=" set messagetext=".$DB->quote($CGI_PARAMS->param('message'));
$query.=" where id=".$CGI_PARAMS->param('editmessage');
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
if ($CGI_PARAMS->param('delete')=~/[\d]+/
&& (defined($ACL{$MODERATOR_GROUP}) || defined($ACL{$MODERATOR_GROUP."_".$part})) )
{
$message_num=$CGI_PARAMS->param('delete');
$query="delete from forum_message where id=$message_num";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
if (defined($ACL{$READ_GROUP}))
{
$query="select tr.time from forum_thread t, forum_thread_read tr where t.id=$thread and t.id=tr.threadid and tr.login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
if ($data_hash=$result->fetchrow_hashref)
{
$last_visit_time=$data_hash->{'time'};
if ($data_hash->{'time'}=~/^(\d\d\d\d)-(\d\d)-(\d\d) (\d\d):(\d\d):(\d\d)$/)
{
$last_visit_timestamp="$1$2$3$4$5$6";
}
else
{
$last_visit_timestamp=0;
}
$query="update forum_thread_read set time=now() where threadid=$thread and login=$q_remote_user";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
else
{
$query="insert into forum_thread_read (threadid, login, time) values ($thread, $q_remote_user, now())";
#print $query."
\n";
$result = $DB->prepare($query) or die "Can't prepare query: $query\n";
$result->execute or die "Can't execute query: $query\n";
}
!>
Раздел " print $partname !>"Тема: print $title !> | print $back !> |
print $printable_time !> | |
print $message !> |