295 lines
12 KiB
PHP
295 lines
12 KiB
PHP
<?
|
||
session_name( "EQUIPALSA" );
|
||
$v1="user_id";
|
||
$v2="user_name";
|
||
$v3="user_auth";
|
||
session_register($v1,$v2,$v3);
|
||
session_start();
|
||
|
||
if ( !$user_auth ) die( "<META CONTENT=\"0; URL=error.htm\" HTTP-EQUIV=\"REFRESH\">" );
|
||
|
||
require ("common/config.inc.php");
|
||
require ("common/dbnav_bar.php");
|
||
|
||
$limit = 8;
|
||
if ( !isset( $offset ) ) $offset = 0;
|
||
|
||
// Segun TIPO selecionamos las pelis
|
||
$conexion = mysql_connect( 'localhost', 'equipalsa_users', '06mar2002' ) OR die("No puedo conectar");
|
||
$id = mysql_select_db( 'EQUIPALSA', $conexion ) OR die("No puedo abrir Base de Datos");
|
||
?>
|
||
<html>
|
||
<head>
|
||
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
|
||
<title>-= foro =- </title>
|
||
<link href="images/eq.ico" rel="SHORTCUT ICON">
|
||
<link rel="stylesheet" type="text/css" href="eq.css" body="eq.css">
|
||
</head>
|
||
|
||
<body bgcolor="#057CD8">
|
||
|
||
<?
|
||
if ( !isset( $accion ) )
|
||
{
|
||
$qFROM = "foro WHERE post_ant is NULL";
|
||
$consulta = "SELECT id, post_ant, owner, Apodo, fecha, hora, Asunto FROM $qFROM ORDER BY id DESC LIMIT $offset, $limit";
|
||
CreateDBnav( $qFROM );
|
||
$res = mysql_query( $consulta, $conexion ) OR die("No puedo realizar la consulta<br>$consulta<br>".mysql_error($conexion));
|
||
?>
|
||
<div align="center"><center>
|
||
<table border="1" cellpadding="0" cellspacing="0" width="600" bgcolor="#52ABF0" bordercolor="#000000" bordercolordark="#000000" bordercolorlight="#000000">
|
||
<tr>
|
||
<td><table border="0" cellpadding="2" cellspacing="0" width="100%">
|
||
<tr>
|
||
<td valign="top" width="225">
|
||
<p style='text-align:center'><font size="6">-foro-</font><br>
|
||
-=[ <a href="<? echo $PHP_SELF ?>?accion=sins">Insertar nueva noticia</a> ]=-</p></td>
|
||
<td valign="top"><table border="0" cellpadding="0" cellspacing="0" width="100%">
|
||
<tr>
|
||
<td> </td>
|
||
<td width="20">
|
||
<a href="<? echo $PHP_SELF ?>" target="_blank">
|
||
<img src="images/exp.gif" alt="Hacer zoom (Iniciar en una ventana nueva)" align="absmiddle" border="0" width="20" height="18">
|
||
</a>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
<hr>
|
||
<table border="0" width="100%">
|
||
<tr bgcolor="#057CD8"><td width="80">Fecha -</td><td>Asunto</td><td width="20">Resp.</td><td width="100">Usuario</td><td width="26">.</td><td width="26">.</td></tr>
|
||
<?
|
||
// Bucle de NOTICIAS (Cabeceras)
|
||
while ( $datos = mysql_fetch_array($res) )
|
||
{
|
||
// Contamos las respuestas (Si tiene) a este mensaje...
|
||
$resp = mysql_query( "SELECT COUNT(*) AS Respuestas FROM foro WHERE post_ant=$datos[0]", $conexion ) or die("No puedo obtener el número de registros<br>".mysql_error($conexion));
|
||
$NResp = mysql_result( $resp, 0, 'Respuestas' );
|
||
|
||
echo "<tr><td width=\"80\"><strong>$datos[4] -</td><td><a href=\"foro.php?accion=vn&nid=$datos[0]\">$datos[6]</a></strong></td>".
|
||
"<td width=\"20\">$NResp</td>".
|
||
"<td width=\"100\">[-<font color=\"#FFFFBB\">$datos[3]</font>-]</td>".
|
||
"<td width=\"26\">";
|
||
if ( $user_auth && ( $user_id == $datos[2] || $user_id == 1 ) )
|
||
echo "<a href=\"$PHP_SELF?accion=sedit&new=$datos[0]\"><img src=\"images/edit.gif\" width=\"25\" height=\"31\" border=\"0\"></a>";
|
||
echo "</td><td valign=\"bottom\" width=\"26\">";
|
||
if ( $user_auth && ( $user_id == $datos[2] || $user_id == 1 ) )
|
||
echo "'<a href=\"$PHP_SELF?accion=del&new=$datos[0]\"><img src=\"images/del.gif\" alt=\"Eliminar esta noticia\" width=\"17\" height=\"15\" border=\"0\"></a>";
|
||
echo "</td></tr>";
|
||
}
|
||
// Fin del bucle de noticias (Cabeceras)
|
||
?>
|
||
</table>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
</center></div><br>
|
||
|
||
<?
|
||
$navBarBox = MakeBox( GetDBnav() );
|
||
echo $navBarBox;
|
||
} else {
|
||
// Muestra la pantalla de insertar...
|
||
if ( strcmp( $accion, "sins" )==0 ||
|
||
strcmp( $accion, "sedit" )==0 )
|
||
{
|
||
if ( strcmp( $accion, "sins" ) == 0 )
|
||
{
|
||
if ( isset( $nid ) )
|
||
$next_action = "ins&nid=$nid";
|
||
else
|
||
$next_action = "ins";
|
||
$fecha = date("Y-m-d");
|
||
$n_user_name = $user_name;
|
||
} else {
|
||
$next_action = "edit&new=$new";
|
||
// Leemos los datos actuales...
|
||
$sql = "SELECT fecha, Apodo, Asunto, Comentario FROM foro WHERE id = $new";
|
||
$res = mysql_query( $sql, $conexion );
|
||
$datos = mysql_fetch_array($res);
|
||
$fecha = $datos[0];
|
||
$n_user_name = $datos[1];
|
||
$p_asunto = $datos[2];
|
||
$p_comentario = $datos[3];
|
||
}
|
||
?>
|
||
<form action="<? echo "$PHP_SELF?accion=$next_action" ?>" method="POST">
|
||
<div align="center"><center>
|
||
<table border="1" cellpadding="0" cellspacing="0" width="600"
|
||
bgcolor="#52ABF0" bordercolor="#000000" bordercolordark="#000000"
|
||
bordercolorlight="#000000">
|
||
<tr>
|
||
<td><table border="0" cellpadding="2" cellspacing="0"
|
||
width="100%">
|
||
<tr>
|
||
<td valign="top" width="225"><!--webbot
|
||
bot="HTMLMarkup" startspan --><p style='text-align:center'><!--webbot
|
||
bot="HTMLMarkup" endspan --><font size="6">-foro-</font><br>
|
||
-=[ <font color="#FFFF80">Insertando nueva
|
||
Noticia</font> ]=-<!--webbot bot="HTMLMarkup"
|
||
startspan --></p><!--webbot bot="HTMLMarkup"
|
||
endspan --></td>
|
||
<td valign="top"><table border="0"
|
||
cellpadding="0" cellspacing="0" width="100%">
|
||
<tr>
|
||
<td> </td>
|
||
<td width="20"><a href="javascript:history.go(-1);"><img src="images/del.gif"
|
||
alt="Cancelar la operaci<63>n actual"
|
||
align="absmiddle" border="0" width="20"
|
||
height="18"></a></td>
|
||
</tr>
|
||
</table>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
<hr>
|
||
<table border="0" cellpadding="0" cellspacing="0"
|
||
width="100%" bgcolor="#057CD8">
|
||
<tr>
|
||
<td><strong><? echo $fecha; ?></strong></td>
|
||
<td><input type="text" size="40"
|
||
name="p_asunto" value="<? echo $p_asunto ?>"></td>
|
||
<td width="100">[<? echo $n_user_name ?>]</td>
|
||
</tr>
|
||
<tr>
|
||
<td align="center"><!--webbot
|
||
bot="HTMLMarkup" startspan --><p style='text-align:center'><!--webbot
|
||
bot="HTMLMarkup" endspan --><input
|
||
type="image" name="I1"
|
||
src="images/enviar.gif" align="bottom"
|
||
border="0" width="20" height="71"><!--webbot
|
||
bot="HTMLMarkup" startspan --></p><!--webbot
|
||
bot="HTMLMarkup" endspan --></td>
|
||
<td colspan="2"><textarea name="p_comentario"
|
||
rows="6" cols="60"><? echo $p_comentario ?></textarea></td>
|
||
</tr>
|
||
</table>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
</center></div>
|
||
</form>
|
||
|
||
<?
|
||
}
|
||
// Inserta los datos...
|
||
if ( strcmp( $accion, "ins" )==0 )
|
||
{
|
||
if ( isset( $p_asunto ) && !empty( $p_asunto ) &&
|
||
isset( $p_comentario ) && !empty( $p_comentario ) )
|
||
{
|
||
if ( $user_id != 1 ) $ps_comentario = strip_tags($p_comentario); else $ps_comentario = $p_comentario;
|
||
if ( !isset( $nid ) )
|
||
{
|
||
$sql_ins = "INSERT INTO foro (owner, Apodo, fecha, hora, Asunto, Comentario)".
|
||
"VALUES ('$user_id', '$user_name', '".date("Y-m-d")."', '".date("H:i:s")."', '$p_asunto', '$ps_comentario')";
|
||
} else {
|
||
$sql_ins = "INSERT INTO foro (owner, post_ant, Apodo, fecha, hora, Asunto, Comentario)".
|
||
"VALUES ('$user_id', '$nid', '$user_name', '".date("Y-m-d")."', '".date("H:i:s")."', '$p_asunto', '$ps_comentario')";
|
||
}
|
||
$res = mysql_query( $sql_ins, $conexion ) OR die("No puedo realizar la Insersi<73>n en el foro<br>$sql_ins<br>".mysql_error($conexion));
|
||
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">Tu \"Noticia\" ha sido insertada<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
} else {
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">No puedo insertar una noticia VACIA.<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
}
|
||
echo $dev;
|
||
}
|
||
// Actualizamos los datos
|
||
if ( strcmp( $accion, "edit" )==0 )
|
||
{
|
||
if ( isset( $p_asunto ) && !empty( $p_asunto ) &&
|
||
isset( $p_comentario ) && !empty( $p_comentario ) )
|
||
{
|
||
if ( $user_id != 1 ) $ps_comentario = strip_tags($p_comentario); else $ps_comentario = $p_comentario;
|
||
$sql_upd = "UPDATE foro SET Asunto='$p_asunto', Comentario='$p_comentario' WHERE id=$new";
|
||
$res = mysql_query( $sql_upd, $conexion ) OR die("No puedo realizar la Actualizacion de la Noticia<br>$sql_upd<br>".mysql_error($conexion));
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">Tu \"Noticia\" ha sido actualizada<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
} else {
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">No puedo modificar una noticia a VACIA.<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
}
|
||
echo $dev;
|
||
}
|
||
// Eliminamos la noticia
|
||
if ( strcmp( $accion, "del" )==0 )
|
||
{
|
||
if ( isset( $new ) )
|
||
{
|
||
$sql_upd = "DELETE FROM foro WHERE id=$new";
|
||
$res = mysql_query( $sql_upd, $conexion ) OR die("No puedo eliminar la Noticia<br>$sql_upd<br>".mysql_error($conexion));
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">La \"Noticia\" ha sido eliminada<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
} else {
|
||
$dev = MakeBox( "<br><p style=\"text-align:center\">No estas autorizado a eliminar esa Noticia<br>-[<a href=\"$PHP_SELF\">ver noticias</a>]-</p><br>" );
|
||
}
|
||
echo $dev;
|
||
}
|
||
}
|
||
|
||
// VER NOTICIA
|
||
if ( strcmp( $accion, "vn" ) == 0 )
|
||
{
|
||
$qFROM = "foro WHERE id=$nid OR post_ant=$nid";
|
||
$consulta = "SELECT * FROM $qFROM ORDER BY id LIMIT $offset, $limit";
|
||
$res = mysql_query( $consulta, $conexion ) OR die("No puedo realizar la consulta<br>$consulta<br>".mysql_error($conexion));
|
||
|
||
?>
|
||
<div align="center"><center>
|
||
<table border="1" cellpadding="0" cellspacing="0" width="600" bgcolor="#52ABF0" bordercolor="#000000" bordercolordark="#000000" bordercolorlight="#000000">
|
||
<tr>
|
||
<td><table border="0" cellpadding="2" cellspacing="0" width="100%">
|
||
<tr>
|
||
<td valign="top" width="225">
|
||
<p style='text-align:center'><font size="6">-foro-</font><br>
|
||
-=[ <a href="<? echo $PHP_SELF ?>?accion=sins&nid=<? echo $nid ?>">Responder a esta noticia</a> ]=-</p></td>
|
||
<td valign="top"><table border="0" cellpadding="0" cellspacing="0" width="100%">
|
||
<tr>
|
||
<td> </td>
|
||
<td width="20">
|
||
<a href="<? echo $PHP_SELF ?>" target="_blank">
|
||
<img src="images/exp.gif" alt="Hacer zoom (Iniciar en una ventana nueva)" align="absmiddle" border="0" width="20" height="18">
|
||
</a>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
<hr>
|
||
<table border="0" width="100%">
|
||
<?
|
||
// Bucle de NOTICIAS
|
||
while ( $datos = mysql_fetch_array($res) )
|
||
{
|
||
echo "<tr bgcolor=\"#057CD8\">" .
|
||
"<td><table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\">".
|
||
"<tr><td><strong>$datos[4] - $datos[6]</strong></td>".
|
||
"<td width=\"100\">[-<font color=\"#FFFFBB\">$datos[3]</font>-]</td>".
|
||
"<td width=\"26\">";
|
||
if ( $user_auth && ( $user_id == $datos[2] || $user_id == 1 ) )
|
||
echo "<a href=\"$PHP_SELF?accion=sedit&new=$datos[0]\"><img src=\"images/edit.gif\" width=\"26\" height=\"34\" border=\"0\"></a>";
|
||
echo "</td><td valign=\"bottom\" width=\"26\">";
|
||
if ( $user_auth && ( $user_id == $datos[2] || $user_id == 1 ) )
|
||
echo "'<a href=\"$PHP_SELF?accion=del&new=$datos[0]\"><img src=\"images/del.gif\" alt=\"Eliminar esta noticia\" width=\"17\" height=\"15\" border=\"0\"></a>";
|
||
echo "</td>".
|
||
"</tr>".
|
||
"</table></td></tr>".
|
||
"<tr><td><blockquote><p>". nl2br($datos[7]) ."</p></blockquote></td></tr>";
|
||
}
|
||
// Fin del bucle de noticias
|
||
?>
|
||
</table>
|
||
<hr><center>-=[ <a href="javascript:history.go(-1);">volver al foro</a> ]=-</center><br>
|
||
</td>
|
||
</tr>
|
||
</table>
|
||
</center></div><br>
|
||
<?
|
||
}
|
||
mysql_close($conexion);
|
||
|
||
?>
|
||
</body>
|
||
</html>
|