<?php
/*---------------------------------------------------+
|
| 2007 (c)
| 
| ver. 1.0
| 
| skype: Mr.bdZ
| mod site: http://tts.lt/~vln/test/news.php
|
+----------------------------------------------------*/
require_once "../maincore.php";
//require_once INCLUDES."forum_functions_include.php";
require_once THEMES."templates/header.php";
include LOCALE.LOCALESET."forum/main.php";
include INFUSIONS."reputation/infusion_db.php";
error_reporting(E_ALL);

if (file_exists(INFUSIONS."reputation/locale/".$settings['locale'].".php")) {
	include INFUSIONS."reputation/locale/".$settings['locale'].".php";
} else {
	include INFUSIONS."reputation/locale/English.php";
}

//if (!isset($_GET['uid']) || !isnum($_GET['uid'])) redirect("index.php");

//if (!isset($_GET['pid']) || !isnum($_GET['pid'])) redirect("index.php");

$uid = $data['user_id'];
$pid = $data['post_id'];

$udata = dbarray(dbquery("SELECT user_id, user_name, user_posts, user_level FROM ".$db_prefix."users WHERE user_id = '".mysql_escape_string($_GET['uid'])."'"));

# Function
function maxpost() {
	global $db_prefix, $userdata;
	
$rsettings = dbarray(dbquery("SELECT * FROM ".$db_prefix."reputation_settings"));
	$max_post = 0;
	
	if ($rsettings['selecttype'] == 1) {
		if ($userdata['user_level'] == 103) {
			$max_post = $rsettings['max_post_sadm'];
		} else if ($userdata['user_level'] == 102) {
			$max_post = $rsettings['max_post_adm'];
		} else if ($userdata['user_level'] == 101) {
			$max_post = $rsettings['max_posts'];
		}
	} else {
		$forum_post = dbcount("(post_author)", "".$db_prefix."posts", " post_author='".$userdata['user_id']."'");
		
		if ($forum_post > $rsettings['forum_post1'] && $forum_post < $rsettings['forum_post2']) {
			$max_post = 1; #$rsettings['forum_post1'];
		} else if ($forum_post > $rsettings['forum_post2'] && $forum_post < $rsettings['forum_post3']) {
			$max_post = 2; #$rsettings['forum_post2'];
		}else if ($forum_post > $rsettings['forum_post3']) {
			$max_post = 3; #$rsettings['forum_post3'];
		}
	}
	
	return $max_post;
}

function cheakpost($user_id, $post_id) {
	global $db_prefix, $userdata;
	
	$result = dbquery("SELECT * FROM ".$db_prefix."reputation WHERE from_id='".$userdata['user_id']."' AND to_id='$user_id' AND post_id='$post_id'");
	$info = 0;
	if (dbrows($result) != 0) {
		$info = 1;
	}
	return $info;
}

function totalrep($user_id) {
	global $userdata;
	
return dbcount("(reputation_id)", "".DB_REPUTATION."", "from_id='".$userdata['user_id']."' AND to_id='".$user_id."'");
}

function postauthor($user_id, $post_id) {
	global $db_prefix;
	
	$result = dbquery("SELECT * FROM ".$db_prefix."posts WHERE post_id='$post_id' AND post_author='$user_id'");
	
	if (dbrows($result) != 0) {
		return true;
	} else {
		return false;
	}
}

# ADD
opentable($locale['rpm230'].$udata['user_name']);

if (iMEMBER && isset($_POST['addreputation'])) {
	$error = 0; # no errors
	$uid = $_GET['uid'];
	//$pid = $_GET['pid'];
	$cangive = false;
	if (isset($_POST['cangive'])) {
		$cangive = true;
	}
	
	if ((cheakpost($uid,$pid) != 0) && (totalrep($uid) < maxpost())) {
		$error = 1; # Can`t give any more rep. for this post
		$cangive = false;
	} else if (totalrep($uid) >= maxpost()) {
		$error = 2; # Rep. limit
		$cangive = false;
	}

	if ($cangive) {
		if (isset($_POST['type'])) {
			if (isnum($_POST['type'])) {
				$type = $_POST['type'];
				$rsettings = dbarray(dbquery("SELECT * FROM ".$db_prefix."reputation_settings"));
				if (!isset ($_POST['message']) or (($_POST['message'] == "") && ($rsettings['discription'] == 1))) {
					$error = 4; # message error
				} else if (postauthor($uid, $pid)) {
					$message = stripinput(censorwords($_POST['message']));
					$addresult = dbquery("
								INSERT INTO 
									".$db_prefix."reputation 
										(reputation_id, from_id, to_id, post_id, type, message, datestamp) 
								VALUES 
										('', '".$userdata['user_id']."', '$uid', '$pid', '$type', '$message', '".time()."')
								");
				} else {
					$error = 5; # This post NOT written by this user
				}
			} else {
				$error = 20; # type not NUM
			}
		} else {
			$error = 3; # NO select rep.
		}
	}
	redirect(FUSION_SELF."?uid=$uid&pid=$pid&error=$error", "script");
}

# ADD meniu reputation

if (iMEMBER) {
	$info = "";
	
	$error = 0;
	if(isset($_GET['error']) && isnum($_GET['error'])) $error = $_GET['error'];
	
	if ($userdata['user_id'] == $uid) { 
		#edit to user_id
		$info = $locale['rpm210'];
	} else if(!$error) {
		if ((cheakpost($uid,$pid) == 0) && (totalrep($uid) < maxpost()) && postauthor($uid,$pid)) {
			$info = "<form name='inputform' method='post' action='".FUSION_SELF."?uid=$uid&pid=$pid'>
				<table cellpadding='0' cellspacing='1' width='80%' class='tbl-border' align='center'>
					<tr>
						<td align='center' class='tbl2'><input type='radio' name='type' value='1'> +1 ".$locale['rpm231']." <input type='radio' name='type' value='0'> -1 ".$locale['rpm231']."</td>
					</tr>
					<tr>
						<td align='center' class='tbl2'><textarea name='message' cols='70' rows='5' class='textbox'></textarea></td>
					</tr>
					<tr>
						<td align='center' class='tbl2'>
							<input type='button' value='b' class='button' style='font-weight:bold;width:25px;' onClick=\"addText('message', '[b]', '[/b]');\">
							<input type='button' value='i' class='button' style='font-style:italic;width:25px;' onClick=\"addText('message', '[i]', '[/i]');\">
							<input type='button' value='u' class='button' style='text-decoration:underline;width:25px;' onClick=\"addText('message', '[u]', '[/u]');\">
							<input type='button' value='url' class='button' style='width:30px;' onClick=\"addText('message', '[url]', '[/url]');\">
							<input type='button' value='mail' class='button' style='width:35px;' onClick=\"addText('message', '[mail]', '[/mail]');\">
							<input type='button' value='img' class='button' style='width:30px;' onClick=\"addText('message', '[img]', '[/img]');\">
							<input type='button' value='center' class='button' style='width:45px;' onClick=\"addText('message', '[center]', '[/center]');\">
							<input type='button' value='small' class='button' style='width:40px;' onClick=\"addText('message', '[small]', '[/small]');\">
							<input type='button' value='code' class='button' style='width:40px;' onClick=\"addText('message', '[code]', '