array (
'comments_table' => 'comments',
),
'ajax' => array (
'comments_table' => 'comments',
),
'lastcomments' => array (
'comments_table' => 'comments',
),
);
if (! is_array($allowed_areas[$area]) ) die( "error" );
$parse = new ParseFilter( );
$parse->safe_mode = true;
if( ! $is_logged ) die( "error" );
$id = intval( $_REQUEST['id'] );
if( ! $id ) die( "error" );
$user_group = $cache->get( "usergroup" );
if( ! $user_group ) {$user_group = array ();
$db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" );
while ( $row = $db->get_row() ) {$user_group[$row['id']] = array ();
foreach ( $row as $key => $value ) {$user_group[$row['id']][$key] = stripslashes($value);}
}
$cache->set( "usergroup", $user_group );
$db->free();
}
$parse->allow_url = $user_group[$member_id['user_group']]['allow_url'];
$parse->allow_image = $user_group[$member_id['user_group']]['allow_image'];
if( $_REQUEST['action'] == "edit" ) {
$row = $db->super_query( "SELECT id, text, is_register, autor FROM " . PREFIX . "_{$allowed_areas[$area]['comments_table']} where id = '$id'" );
if( $id != $row['id'] ) die( "error" );
$have_perm = 0;
if( $is_logged and (($member_id['name'] == $row['autor'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_editc']) or $user_group[$member_id['user_group']]['edit_allc']) ) {
$have_perm = 1;
}
if( ! $have_perm ) die( "error" );
include_once SYSTEM_DIR . '/ajax/bbcode.php';
$comm_txt = $parse->decodeBBCodes( $row['text'], false );
$buffer = <<
HTML;
} elseif( $_REQUEST['action'] == "save" ) {
$row = $db->super_query( "SELECT id, post_id, text, is_register, autor FROM " . PREFIX . "_{$allowed_areas[$area]['comments_table']} where id = '$id'" );
if( $id != $row['id'] ) die( "error" );
$have_perm = 0;
if( $is_logged AND (($member_id['name'] == $row['autor'] AND $row['is_register'] AND $user_group[$member_id['user_group']]['allow_editc']) OR $user_group[$member_id['user_group']]['edit_allc']) ) {
$have_perm = 1;
}
if( ! $have_perm ) die( "error" );
$use_html = false;
$comm_txt = trim( $parse->BB_Parse( $parse->process( convert_unicode( $_POST['comm_txt'], $config['charset'] ) ), $use_html ) );
if( $parse->not_allowed_tags ) {die( "error" );}
if( $parse->not_allowed_text ) {die( "error" );}
if( strlen( $comm_txt ) > $config['comments_maxlen'] ) {die( "error" );}
if( $comm_txt == "" ) {die( "error" );}
//* Автоперенос длинных слов
if( intval( $config['auto_wrap'] ) ) {
$comm_txt = preg_split( '((>)|(<))', $comm_txt, - 1, PREG_SPLIT_DELIM_CAPTURE );
$n = count( $comm_txt );
for($i = 0; $i < $n; $i ++) {
if( $comm_txt[$i] == "<" ) {
$i ++;
continue;
}
$comm_txt[$i] = preg_replace( "#([^\s\n\r]{" . intval( $config['auto_wrap'] ) . "})#i", "\\1
", $comm_txt[$i] );
}
$comm_txt = join( "", $comm_txt );
}
$comm_update = $db->safesql( $comm_txt );
$db->query( "UPDATE " . PREFIX . "_{$allowed_areas[$area]['comments_table']} set text='$comm_update' where id = '$id'" );
$comm_txt = preg_replace( "'\[hide\](.*?)\[/hide\]'si", "\\1", $comm_txt );
$comm_txt = preg_replace ( "'\[hide=(.*?)\](.*?)\[/hide\]'sie",'comm_hide($1,"\\2")',$comm_txt);
$buffer = stripslashes( $comm_txt );
$cache->clear( 'comm_'.$row['post_id'] );
} else
die( "error" );
$db->close();
@header( "Content-type: text/html; charset=" . $config['charset'] );
echo $buffer;
?>