OF56/App
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity
e9b3a8d313
App/pgs/board/new.php

78 lines
3.6 KiB
PHP
Executable File
Raw Blame History

<?php #pgs/board/main.php
// Liste aus Kategorien mit Threads
$tpl["main"] = tplExtrSection(tplLoadFile("pgs/board/new.html"), "###BOARDNEW###");
$tpl["new"] = "";
if ($userID = lgnCheckLogin($mysqli)) {
$tpl["new"] = $tpl["main"];
$replyto = isset($input["replyto"]);
$qry = "SELECT c.ID, c.name, c.description "
.($replyto
? ", m.ID mID, m.rootID, m.title, m.text, m.dttm, g.prenames, g.surnames FROM board_messages m "
."LEFT JOIN board_categories c ON c.ID=m.categoryID LEFT JOIN guests g ON g.ID=m.guestID "
: "FROM board_categories c ")
."LEFT JOIN rolerights r ON r.rightID=c.rightID "
."LEFT JOIN users u ON u.roleID=r.roleID "
."WHERE (c.rightID IS NULL OR u.ID = ?) AND "
.($replyto ? "m.ID = ? " : "c.ID = ? ");
if ($stmt = $mysqli->prepare($qry)) {
$whereID = $replyto ? $input["replyto"] : $input["cat"];
$stmt->bind_param("ii", $userID, $whereID);
$stmt->execute();
$catres = $stmt->get_result();
if ($catres->num_rows==0) {
addError("Access", "Kategorie nicht vorhanden oder Zugriff nicht erlaubt");
} else {
$cat = $catres->fetch_assoc();
$replace = array(
"###BOARDNEW.CAT.ID###" => $cat["ID"],
"###BOARDNEW.CAT.NAME###" => $cat["name"],
"###BOARDNEW.CAT.DESC###" => $cat["description"],
"###BOARDNEW.REPLYTO.ID###" => $cat["mID"] ?? "created",
"###BOARDNEW.REPLYTO.ROOTID###" => $cat["rootID"] ?? ($cat["mID"] ?? "error"),
"###BOARDMSG.DATETIME###" => $cat["dttm"] ?? "",
"###BOARDMSG.TITLE###" => cntCipherTextSym($cat["title"] ?? "", SYM_CIPHER_KEY),
"###BOARDMSG.TEXT###" => str_replace("\\r\\n", "<br />", cntCipherTextSym($cat["text"] ?? "", SYM_CIPHER_KEY))
);
if ($replyto) {
$tpl["new"] = tplReplSection($tpl["new"], "###BOARDNEW.START###", "");
preg_match_all("/([\s-]?)([A-Z])/", $cat["surnames"], $matches);
$replace["###BOARDMSG.AUTHOR###"] = $cat["prenames"]." ".implode(".", $matches[0]).".";
$tpl["msg"] = tplExtrSection(tplLoadFile("pgs/board/msg.html"), "###BOARDMSG###");
$tpl["msg"] = tplReplSection($tpl["msg"], "###BOARDMSG.FOOTER###", "");
$tpl["msg"] = tplReplSection($tpl["msg"], "###BOARDMSG.INDENT.IN###", "");
$tpl["msg"] = tplReplSection($tpl["msg"], "###BOARDMSG.INDENT.OUT###", "");
$tpl["new"] = tplReplMarker($tpl["new"], "###BOARDNEW.REPLYTO.PRINT###", $tpl["msg"]);
} else {
$tpl["new"] = tplReplSection($tpl["new"], "###BOARDNEW.REPLYTO###", "");
$tpl["new"] = tplReplSection($tpl["new"], "###BOARDNEW.BACKTOTHREAD###", "");
}
$tpl["new"] = tplReplMarkerArray($tpl["new"], $replace);
$tpl["author"] = tplExtrSection($tpl["new"], "###BOARDNEW.AUTHOR###");
$authors = "";
$qry = "SELECT g.ID, g.prenames, g.surnames FROM guests g WHERE g.companion=0 AND g.groupID = (SELECT groupID FROM users WHERE ID = ?)";
if ($stmt = $mysqli->prepare($qry)) {
$stmt->bind_param("i", $userID);
$stmt->execute();
$res = $stmt->get_result();
while ($row = $res->fetch_assoc()) {
preg_match_all("/([\s-]?)([A-Z])/", $row["surnames"], $matches);
$author = tplReplMarker($tpl["author"], "###BOARDNEW.AUTHOR.ID", $row["ID"]);
$author = tplReplMarker($author, "###BOARDNEW.AUTHOR.NAME", $row["prenames"]." ".implode(".", $matches[0]).".");
$authors.= $author;
}
}
$stmt->close();
$tpl["new"] = tplReplSection($tpl["new"], "###BOARDNEW.AUTHOR###", $authors);
}
} else {
addError("Mysql", $mysqli->error);
}
}
$tpl["main"] = $tpl["new"];
?>
Reference in New Issue View Git Blame Copy Permalink