// Функция коннекта к БД
function db_connect (){
$host = "localhost";
$user = "root";
$password = "root";
$dbname = "myblog";
mysql_connect ($host, $user, $password) or die (mysql_error());
mysql_select_db ($dbname) or die (mysql_error());
}
function remote_addr(){
static $param = array ('REMOTE_ADDR', 'X_FORWARDED_FOR', 'X_LOCAL_FORWARDED_FOR');
$ip = "";
for ($i = 0; $i < count ($param); $i++)
if ( isset ($_SERVER[$param[$i]]) && strpos ($ip, $_SERVER[$param[$i]]) === false )
{
if ( strlen ($ip . $_SERVER[$param[$i]]) > 253 ) break;
else $ip .= (( $ip == "" ) ? "" : ", " ) . $_SERVER[$param[$i]];
}
return $ip;
}
function show_category(){
$q = mysql_query ("SELECT *, id AS cid, (SELECT COUNT(id) FROM posts WHERE category=cid) AS count FROM category;");
if (mysql_num_rows ($q) <= 0) echo ("Пусто.");
while ($str = mysql_fetch_array ($q)){
echo "<a href=\"/category/".$str['url']."/\">".$str['title']."</a> (".$str['count'].")<br>";
}
}
function show_content(){
if (empty ($_GET['post']))
show_category_post();
else
show_post();
}
function show_category_post(){
if (!empty ($_GET['category'])){
$str = mysql_fetch_array (mysql_query ("SELECT * FROM category WHERE url='".$_GET['category']."';"));
$where = "WHERE category=".$str['id'];
}
$q = mysql_query ("SELECT *, DATE_FORMAT(dt, '%H:%i %d.%m.%Y') AS dt2 FROM posts $where ORDER BY dt DESC;") or die (mysql_error());
if (mysql_num_rows ($q) <= 0) echo ("Пусто.");
while ($str = mysql_fetch_array ($q)){
echo "<h2><a href=\"/".$str['url'].".html\">".$str['title']."</a></h2>";
echo "<font size=2>Написано: ".$str['dt2']."</font><br><br>";
echo nl2br($str['post']);
echo "<hr><br>";
}
}
function show_comments($id){
$q = mysql_query ("SELECT * FROM comments WHERE post_id=$id AND moderation=1;") or die(mysql_error());
if (mysql_num_rows($q) <= 0) echo "Нет комментариев.<br><br>";
while ($str = mysql_fetch_array ($q)){
$str['site'] = str_replace ("http://", "", $str['site']);
$str['site'] = "http://".$str['site'];
echo "Добавил: <a href=\"".htmlspecialchars(trim($str['site']))."\">".htmlspecialchars(trim($str['id']))."</a><br>";
echo htmlspecialchars(trim($str['comment']))."<hr>";
}
?>
<hr>Добавление комментария:<br>
<form action="/do/add_comment.php" method="post">
Имя: <input type="text" name="name"><br>
Почта: <input type="text" name="email"><br>
Сайт: <input type="text" name="site"><br>
Комментарий:<br> <textarea name="comment" cols="60" rows="6"></textarea><br>
<input type="hidden" name="post_id" value="<?PHP echo $id; ?>">
<input type="submit" value="Комментировать">
</form>
<?PHP
}
function show_post(){
$post = $_GET['post'];
$q = mysql_query ("SELECT *, DATE_FORMAT(dt, '%H:%i %d.%m.%Y') AS dt2 FROM posts WHERE url='$post';") or
die (mysql_error());
echo "<h2>".$str['title']."</h2>";
echo "<font size=2>Написано: ".$str['dt2']."</font><br><br>";
echo nl2br($str['post'])."<br><hr><br>"; echo "<b>Комментарии:</b><br><br>";
show_comments ($str['id']);
}
?>