assign("STATUS", "
Сообщение успешно отправлено. После проверки модератором сообщение будет опубликовано на сайте.
"); } else { $xtpl->assign("STATUS", "

Сообщение успешно добавлено !


"); } } elseif ($status == "errorcode") { $xtpl->assign("STATUS", "

Указан неверный код!


"); } else { $xtpl->assign("STATUS", ""); } $page=((!isset($_GET["page"]))?"":$_GET["page"]); $gb_search=((!isset($_GET["gb_search"]))?"":trim($_GET["gb_search"])); if ($page == "") { $page = 1; } if (isset($_SERVER["DOCUMENT_URI"] )) { $script_name = $_SERVER["DOCUMENT_URI"]; } else { $script_name = $_SERVER["SCRIPT_NAME"]; } if ( get_magic_quotes_gpc() == 1 ) { $gb_search = stripslashes($gb_search); } if (strlen($gb_search) > 255) { $gb_search = substr($gb_search, 0, 255); } $xtpl->assign("SEARCH_VALUE", htmlspecialchars($gb_search)); $gb_search = addslashes($gb_search); $search_string = ""; if ($gb_search != "") { $f_search = str_replace("%", "$%", $gb_search); $search_string .= " AND (guestbook.content LIKE '%".$f_search."%' OR guestbook.reply LIKE '%".$f_search."%' OR guestbook.user_name LIKE '%".$f_search."%' OR guestbook.email LIKE '%".$f_search."%' OR guestbook.href LIKE '%".$f_search."%')"; } $xtpl->assign("URL", $script_name); if ($isSecurityImage) { $xtpl->assign("RND", getGUID()); $xtpl->parse("gb.securitycode"); } else { $xtpl->parse("gb.securitycode"); $xtpl->reset("gb.securitycode"); } $sSQL_cnt = "SELECT count(*) As Total FROM guestbook WHERE publication = 1 ".$search_string; $result_cnt = mysql_query($sSQL_cnt, $link); $row = mysql_fetch_object($result_cnt); $nrows = $row -> Total; $navbar = pager($page, $pageSize, $nrows, $script_name, $gb_search != "" ? "gb_search=".urlencode(stripslashes($gb_search)) : ""); $offset = ($page - 1)*$pageSize; $sSQL = "SELECT guestbook_id, DATE_FORMAT(issuedate,\"%d-%m-%Y %H:%i\") As fissuedate, content, user_name, email, href, reply FROM guestbook WHERE publication = 1 ".$search_string." ORDER BY issuedate DESC, guestbook_id DESC LIMIT $offset,$pageSize"; $result = mysql_query($sSQL, $link); $nr =mysql_num_rows($result); if ($nr == 0) { $xtpl->parse("gb.content"); $xtpl->reset("gb.content"); } while($row = mysql_fetch_array($result)) { if ($row["email"] != "") { $xtpl->assign("USER_NAME", "".filter_words($row["user_name"]).""); } else { $xtpl->assign("USER_NAME", "".filter_words($row["user_name"]).""); } if ($row["href"] != "http://") { $xtpl->assign("HOMEPAGE", "".filter_words($row["href"]).""); } else { $xtpl->assign("HOMEPAGE", ""); } $xtpl->assign("COMMENT", filter_words(wordwrap_msg(nl2br($row["content"])))); $xtpl->assign("ISSUEDATE", $row["fissuedate"]); if ($row["reply"] != "") { $xtpl->assign("REPLY", "
Ответ: ".nl2br($row["reply"])."
"); } else { $xtpl->assign("REPLY", ""); } $xtpl->parse("gb.content"); } if ($navbar != "") { $xtpl->assign("NAVBAR", $navbar); $xtpl->parse("gb.pager"); } else { $xtpl->parse("gb.pager"); $xtpl->reset("gb.pager"); } $xtpl->assign("SCRIPT_NAME", $script_name); $xtpl->parse("gb"); $xtpl->out("gb"); mysql_close($link); ?>