Файл: mob-lave.ru/moduls/blog/article.php
Строк: 245
<?php
require_once '../../core/set.php';
if (isset($user))$ank['id']=$user['id'];
if(isset($_GET['id']))
$ank['id'] = num($_GET['id']);
$ank = get_user($ank['id']); //
if(!$ank){header("Location: /index.php?");exit;}
if ($ank['id']==3){
header('Location: /index.php');
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == false){
$set['title'] = 'Статьи '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/">Микроблог</a>'.$z. $set['title'].'</div>';
echo '<div class="mess">Микроблог не создан</div>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
$blog = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"));
// ------------ Удалить статью ---------- //
if(isset($user['id']) && isset($_GET['article']) && isset($_GET['id']) && isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id` = '".num($_GET['article'])."'"),0) == true){
$article = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' && `id` = '".num($_GET['article'])."'"));
mysql_query("DELETE FROM `$system[perfix]_blog_article` WHERE `id_blog` = '".num($blog['id'])."' && `id` = '".num($article['id'])."'");
header("Location: /moduls/blog/article.php?id=$ank[id]");
$_SESSION['message'] = 'Статья удалена';
}
if(isset($user['id']) && isset($_GET['article']) && isset($_GET['id']) && isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id` = '".num($_GET['article'])."'"),0) == true){
$article = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' && `id` = '".num($_GET['article'])."'"));
$set['title'] = 'Удалить статью '.$article['title'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z.'<a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'">Статья</a>'.$z. $set['title'].'</div>';
echo '<div class="mess">Вы действительно хотите удалить статью <b>'.htmlspecialchars($article['title']).'</b>?<br />
<a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'&delete"><div id="dark" class="icon-checkmark"></div> Да</a> | <a href="/moduls/blog/?id='.$ank['id'].'&article='.$article['id'].'"><div id="dark" class="icon-undo2 "></div> Нет</a></div>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z.'<a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'">Статья</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
// ------------ Редактировать статью ---------- //
if(isset($user['id']) && isset($_GET['article']) && isset($_GET['id']) && isset($_GET['edit']) && isset($_GET['del_screen']) && ($_GET['del_screen'] == 1 or $_GET['del_screen'] == 2 or $_GET['del_screen'] == 3) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id` = '".num($_GET['article'])."'"),0) == true){
$article = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' && `id` = '".num($_GET['article'])."'"));
if($_GET['del_screen'] == 1){
unlink(H.'files/microblog/screen/'.$ank['id'].$article['id'].'1.jpg');
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen1` = '0' WHERE `id` = '$article[id]' &&`id_blog` = '$blog[id]'");
$_SESSION['message'] = 'Скрин удален';
loc("/moduls/blog/article.php?id=$ank[id]&article=$article[id]&edit");
}
if($_GET['del_screen'] == 2){
unlink(H.'files/microblog/screen/'.$ank['id'].$article['id'].'2.jpg');
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen2` = '0' WHERE `id` = '$article[id]' &&`id_blog` = '$blog[id]'");
$_SESSION['message'] = 'Скрин удален';
loc("/moduls/blog/article.php?id=$ank[id]&article=$article[id]&edit");
}
if($_GET['del_screen'] == 3){
unlink(H.'files/microblog/screen/'.$ank['id'].$article['id'].'3.jpg');
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen3` = '0' WHERE `id` = '$article[id]' &&`id_blog` = '$blog[id]'");
$_SESSION['message'] = 'Скрин удален';
loc("/moduls/blog/article.php?id=$ank[id]&article=$article[id]&edit");
}
}
if(isset($user['id']) && isset($_GET['article']) && isset($_GET['id']) && isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id` = '".num($_GET['article'])."'"),0) == true){
$article = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' && `id` = '".num($_GET['article'])."'"));
$set['title'] = 'Редактировать статью '.$article['title'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z.'<a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'">Статья</a>'.$z. $set['title'].'</div>';
if(isset($_POST['title']) && isset($_POST['msg'])){
$title = check($_POST['title']);
$msg = check($_POST['msg']);
// ----- Скрины ------ //
if(isset($_FILES['file1']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file1']['name']) && filesize($_FILES['file1']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile = $uploaddir.$ank['id'].$article['id'].'1.jpg';
if(@copy($_FILES['file1']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen1 = $ank['id'].$article['id'].'1';
}else{
$screen1 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen1` = '$screen1' WHERE `id` = '$article[id]' && `id_blog` = '$article[id_blog]'");
}
if(isset($_FILES['file2']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file2']['name']) && filesize($_FILES['file2']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile=$uploaddir.$ank['id'].$article['id'].'2.jpg';
if(@copy($_FILES['file2']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen2 = $ank['id'].$article['id_blog'].'2';
}else{
$screen2 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen2` = '$screen2' WHERE `id` = '$article[id]' && `id_blog` = '$article[id_blog]'");
}
if(isset($_FILES['file3']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file3']['name']) && filesize($_FILES['file3']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile=$uploaddir.$ank['id'].$article['id'].'3.jpg';
if(@copy($_FILES['file3']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen3 = $ank['id'].$article['id_blog'].'3';
}else{
$screen3 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen3` = '$screen3' WHERE `id` = '$article[id]' && `id_blog` = '$article[id_blog]'");
}
if(strlen($title) < 2 or strlen($title) > 250) $err = 'Название статьи должено быть в пределах 2 - 250 символов';
if(strlen($msg) < 2 or strlen($msg) > 50000) $err = 'Текст статьи должен быть в пределах 2 - 50 000 символов';
err();
if(!isset($err)){
mysql_query("UPDATE `$system[perfix]_blog_article` SET `title` = '$title', `msg` = '$msg' WHERE `id_blog` = '$article[id_blog]' && `id` = '$ank[id]'");
header('Location: /moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'');
$_SESSION['message'] = 'Статья отредактирована';
}
}
echo '<form method="post" enctype="multipart/form-data">
<input type="text" name="title" value="'.htmlspecialchars($article['title']).'" /><br />
Скриншет 1: ';
if($article['screen1'] != 0) echo '<div id="dark" class="icon-cancel"></div> <a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'&edit&del_screen=1">Удалить</a>';
echo '<br /> <input name="file1" type="file" /><br />
Скриншет 2: ';
if($article['screen2'] != 0) echo '<div id="dark" class="icon-cancel"></div> <a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'&edit&del_screen=2">Удалить</a>';
echo '<br /> <input name="file2" type="file" /><br />
Скриншет 3: ';
if($article['screen3'] != 0) echo '<div id="dark" class="icon-cancel"></div> <a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'&edit&del_screen=3">Удалить</a>';
echo '<br /> <input name="file3" type="file" /><br />';
panel_bb('textarea');
echo '<textarea id="textarea" name="msg">'.text($article['msg']).'</textarea><br />
<input type="submit" value="Сохранить" />
</form>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z.'<a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'">Статья</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
// ------------ Читать статью --------------- //
if(isset($_GET['article']) && isset($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id` = '".num($_GET['article'])."'"),0) == true){
$article = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' && `id` = '".num($_GET['article'])."'"));
$set['title'] = $article['title'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
echo '<div class="mess"><img src="/design/images/site/font.png" /> <b>'.htmlspecialchars($article['title']).'</b><br />';
echo avatar($ank['id'], false, 50). online($ank['id']).' <a href="/?login='.$ank['login'].'">'.$ank['login'].'</a>';
echo '</div>';
if($article['screen1'] != 0 or $article['screen2'] != 0 or $article['screen3'] != 0) echo '<div class="mess">';
if($article['screen1'] != 0) echo ' <a href="/files/microblog/screen/'.$ank['id'].$article['id'].'1.jpg" title="Скриншот 1"><img src="/files/microblog/screen/'.$ank['id'].$article['id'].'1.jpg" style="max-width:25%"/></a> ';
if($article['screen2'] != 0) echo ' <a href="/files/microblog/screen/'.$ank['id'].$article['id'].'2.jpg" title="Скриншот 2"><img src="/files/microblog/screen/'.$ank['id'].$article['id'].'2.jpg" style="max-width:25%"/></a> ';
if($article['screen3'] != 0) echo ' <a href="/files/microblog/screen/'.$ank['id'].$article['id'].'3.jpg" title="Скриншот 3"><img src="/files/microblog/screen/'.$ank['id'].$article['id'].'3.jpg" style="max-width:25%"/></a> ';
if($article['screen1'] != 0 or $article['screen2'] != 0 or $article['screen3'] != 0)echo '</div>';
echo '<div class="menu">'.text($article['msg']).'</div>';
echo '<div class="mess">';
if(isset($user['id']) && $ank['id'] == $user['id']) echo '<div id="dark" class="icon-pencil"></div> <a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.num($_GET['article']).'&edit">Ред</a> | ';
if(isset($user['id']) && $ank['id'] == $user['id']) echo '<div id="dark" class="icon-cancel"></div> <a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.num($_GET['article']).'&del">Удл</a><br />';
echo '<div id="dark" class="icon-clock"></div> '.vremja($article['time']).'<br />';
?>
Поделиться с друзьями<br /><script type="text/javascript">(function() {
if (window.pluso)if (typeof window.pluso.start == "function") return;
if (window.ifpluso==undefined) { window.ifpluso = 1;
var d = document, s = d.createElement('script'), g = 'getElementsByTagName';
s.type = 'text/javascript'; s.charset='UTF-8'; s.async = true;
s.src = ('https:' == window.location.protocol ? 'https' : 'http') + '://share.pluso.ru/pluso-like.js';
var h=d[g]('body')[0];
h.appendChild(s);
}
})();
</script>
<div class="pluso" data-background="transparent" data-options="small,square,line,horizontal,counter,theme=03" data-services="vkontakte,odnoklassniki,facebook,twitter,moimir"></div></div>
<?
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_komm` WHERE `id_blog` = '$blog[id]' && `id_article` = '$article[id]'"),0);
echo '<div class="foot">Комментарии ('.$count_komm.')</div>';
require_once 'komm.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
$set['title'] = 'Статьи '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
if ($k_post == 0) echo '<div class="menu">Статей нет</div>';
$q = mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while($article = mysql_fetch_assoc($q)){
echo '<div class="menu_touch"><a href="/moduls/blog/article.php?id='.$ank['id'].'&article='.$article['id'].'"><b>'.htmlspecialchars($article['title']).'</b><br />';
echo rez_text(text($article['msg']));
echo '<br /><div id="dark" class="icon-clock"></div> '.vremja($article['time']).'</a></div>';
}
if ($k_page>1)str('index.php?',$k_page,$page); // Вывод страниц
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
?>