$stmt = $base->prepare("SELECT * FROM `forum_topic` WHERE id = ?");
$stmt->bind_param("i", $id);
$stmt->execute();
$topic = $stmt->get_result()->fetch_assoc();
$stmt = $base->prepare("SELECT * FROM `profile` WHERE id = ?");
$stmt->bind_param("i", $topic['uid']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
class MyPDO extends PDO
{
public function run($sql, $args = NULL)
{
$stmt = $this->prepare($sql);
$stmt->execute($args);
return $stmt;
}
}
$data = $pdo->run("SELECT * FROM users WHERE sex='male'")->fetchAll();
include '../system/base.php';
include '../system/function.php';
auth(); // Закроем от неавторизированых
$id = intval(trim($_GET['id']));
$stmt = $base->prepare("SELECT * FROM `forum_topic` WHERE id = ?");
$stmt->bind_param("i", $id);
$stmt->execute();
$topic = $stmt->get_result()->fetch_assoc();
$stmt = $base->prepare("SELECT * FROM `profile` WHERE id = ?");
$title = $topic['name'];
include '../system/header.php';
$reply = intval(trim($_GET['reply']));
if($reply) {
$stmt->bind_param("i", $reply);
$stmt->execute();
$_reply = $stmt->get_result()->fetch_assoc();
if(!$_reply['id'] OR $_reply['id'] == $profile['id']) {
header('location: /forum/t-'.$topic['id'].'/');
exit();
}
$stmt->close();
}
if(!$topic){
$stmt = $base->prepare("INSERT INTO log (uid, self, url, time) VALUES (?, ?, ?, ?)");
$stmt->bind_param('issi', $profile['id'], $_SERVER['PHP_SELF'], $_SERVER['REQUEST_URI'], $time);
$stmt->execute();
$stmt->close();
header('Location: /forum'); exit();
}
$stmt->bind_param("i", $topic['uid']);
$stmt->execute();
$result = $stmt->get_result()->fetch_assoc();
echo '<div class="block">';
echo '<div style="padding: 10px;">';
echo 'Автор: <a href="/profile/'.$result['id'].'" style="font-weight: bold">'.$result['login'].'</a> <span style="float: right;">'.timestep($topic['time']).'</span>';
echo '</div>';
echo '<div class="link-line"></div>';
echo '<div style="padding: 10px;">'.$topic['text'].'</div>';
$stmt = $base->prepare("SELECT * FROM `forum_comment` WHERE topic = ?");
$stmt->bind_param("i", $id);
$stmt->execute();
$data = $stmt->get_result()->fetch_all(MYSQLI_ASSOC);
echo '<div class="link-line"></div>';
foreach ($data as $comment) {
$stmt = $base->prepare("SELECT * FROM `profile` WHERE id = ?");
$stmt->bind_param("i", $comment['uid']);
$stmt->execute();
$res = $stmt->get_result()->fetch_assoc();
echo '<a href="/profile/'.$res['id'].'/" style="font-weight: bold">'.$res['login'].'</a>';
echo ''.($comment['uid'] == $profile['id'] ? ': ' : '<a href="/forum/t-'.$topic['id'].'?reply='.$comment['uid'].'">(»)</a>: ').'';
echo ''.$comment['text'].'';
echo '<div class="link-line"></div>';
}
if($topic['status'] == 'open'){
if(isset($_REQUEST['ok'])){
$text = trim(filter_input(INPUT_POST, 'text', FILTER_SANITIZE_STRING));
if(empty($text)) msg('Введите сообщение');
elseif(!preg_match("#[a-zа-я0-9]+#ui", $text)) msg('В тексте могут содержаться только буквы и цифры');
elseif(mb_strlen($text) > 1199 or mb_strlen($login) < 5) msg('Количество символов от 5 до 3000');
else{
$stmt = $base->prepare("INSERT INTO forum_comment (uid, topic, reply, text, time) VALUES (?, ?, ?, ?, ?)");
$stmt->bind_param('iiisi', $profile['id'], $topic['id'], $reply, $text, $time);
$stmt->execute();
$stmt->close();
header('Location: /forum/t-'.$topic['id'].'/');
}
}
echo '<div class="content" align="center">';
echo '<form active="" method="post">
<textarea class="forum" name="text">'.($reply == '0' ? '' : ''.$_reply['login'].', ').'</textarea>
<button name="ok" class="sub" >Отправить</button>
</form>';
echo '</div><div class="link-line"></div>';
}else{
echo '<div class="content" align="center" style="color: red; font-weight: bold">Тема закрыта...</div>';
}
echo '<div style="padding: 15px;">';
echo '<a href="/forum/'.$topic['section'].'/" class="pages" style="padding: 5px;"> Назад</a> ';
echo '<a href="/forum/moder/t-'.$topic['id'].'/" class="pages" style="padding: 5px;"> Пожаловаться</a>';
echo '</div>';
echo '</div>';
include '../system/footer.php';
$data = $bitrixDB->getRow(
'SELECT SUM(QUANTITY) AS amount, SUM(b_sale_basket.PRICE * QUANTITY) AS money FROM b_sale_basket JOIN b_sale_order ON ORDER_ID = b_sale_order.ID WHERE PAYED = ?s AND DATE_PAYED BETWEEN ?s AND ?s AND PRODUCT_ID > 0 AND PERSON_TYPE_ID = ?i',
'Y', $from, $to, PaySystems::PAYER_SHOP_CUSTOMER
);
$sql = "SELECT * FROM `forum_topic` WHERE id = ?";
$topic = mysqli($base, $sql, [$id])->get_result()->fetch_assoc();
$sql = "SELECT * FROM `profile` WHERE id = ?";
$profile = mysqli($base, $sql, [$topic['uid']])->get_result()->fetch_assoc();
$sql = "SELECT * FROM forum_topic, t profile p WHERE p.id=t.uid AND t.id = ?";
$topic = mysqli($base, $sql, [$id])->get_result()->fetch_assoc();
function mysqli_assoc($mysqli, $sql, $params) {
return mysqli($mysqli, $sql, $params)->get_result()->fetch_assoc();
}