Файл: mob-lave.ru/moduls/blog/index.php
Строк: 224
<?php
require_once '../../core/set.php';
if (isset($user))$ank['id']=$user['id'];
if(isset($_GET['id']))
$ank['id'] = num($_GET['id']);
$ank = get_user($ank['id']); //
if(!$ank){header("Location: /index.php?");exit;}
if ($ank['id']==3){
header('Location: /index.php');
}
$blog = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"));
// ----------------- Создаем новый если нету ------------- //
if(isset($user['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$user[id]'"),0) == false && isset($_GET['new'])){
$set['title'] = 'Новый микроблог';
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
if(isset($_POST['opis'])){
$opis = check($_POST['opis']);
if(strlen($opis) < 3 or strlen($opis) > 20000) $err = 'Описание должено быть в пределах 3 - 20 000 символов';
err();
if(!isset($err)){
mysql_query("INSERT INTO `$system[perfix]_blog` SET `id_user` = '$user[id]', `opis` = '$opis', `time` = '".time()."'");
$len = mysql_query("SELECT * FROM `$system[perfix]_frends` WHERE `id_user` = '$user[id]'");
while($lenta = mysql_fetch_assoc($len)){
mysql_query("INSERT INTO `$system[perfix]_lenta` (`id_ank`, `id_user`, `msg`, `time`, `read`, `razdel`, `link`) values('$user[id]', '$lenta[id_ank]', '".$user['login']." создал микроблог', '".time()."', '0', 'Микроблог', '/moduls/blog/?id=".$user['id']."')");
}
$blogs = mysql_fetch_assoc(mysql_query("SELECT * FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"));
if(isset($_FILES['file']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file']['name']) && filesize($_FILES['file']['tmp_name'])>0){
$uploaddir = H.'files/microblog/avatar/';
$uploadfile=$uploaddir.$blogs['id'].'.jpg';
if(@copy($_FILES['file']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$ava = $blogs['id'];
}else{
$ava = 0;
}
}
mysql_query("UPDATE `$system[perfix]_blog` SET `avatar` = '$ava' WHERE `id_user` = '$ank[id]'");
header('Location: /moduls/blog/');
$_SESSION['message'] = 'Микроблог создан. Теперь вы можете писать статьи в нем';
}
}
echo '<form enctype="multipart/form-data" method="post">
Аватар микроблога:<br /> <input name="file" type="file" /><br />
Введите описание вашего микроблога (max 20 000)<br />';
panel_bb('textarea');
echo '<textarea id="textarea" name="opis"></textarea><br />
<input type="submit" value="Создать" />
</form>';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$user[id]'"),0) == false && $ank['id'] == $user['id']){
$set['title'] = 'Микроблог '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
echo '<div class="mess">Ваш микроблог еще не создан. Нажмите ниже кнопку <b>Создать микроблог</b>.<br />Вы можете создать только один микроблог и неограниченное количество статей в нем.<br /><a href="?new">Создать микроблог</a></div>';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == false){
$set['title'] = 'Микроблог '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
echo '<div class="mess">Микроблог не создан</div>';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
// ------------------ Удалить ---------------- //
if(isset($user['id']) && $ank['id'] == $user['id'] && isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == true){
$q = mysql_query("SELECT * FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]'");
while($post = mysql_fetch_assoc($q)){
mysql_query("DELETE FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]'");
}
$article = mysql_fetch_assoc($q);
unlink(H."files/microblog/avatar/$blog[avatar].jpg");
if($article['screen1'] != 0) unlink(H.'files/microblog/screen/'.$blog['id'].$article['id'].'1.jpg');
if($article['screen2'] != 0) unlink(H.'files/microblog/screen/'.$blog['id'].$article['id'].'2.jpg');
if($article['screen3'] != 0) unlink(H.'files/microblog/screen/'.$blog['id'].$article['id'].'3.jpg');
mysql_query("DELETE FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'");
header('Location: /'.$ank['id'].'');
$_SESSION['message'] = 'Микроблог удален';
}
if(isset($user['id']) && $ank['id'] == $user['id'] && isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == true){
$set['title'] = 'Удалить микроблог';
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
echo '<div class="mess">Вы действительно хотите удалить ваш микроблог со всеми статьями?<br />
<a href="/moduls/blog/?delete"><div id="dark" class="icon-checkmark"></div> Да</a> | <a href="/moduls/blog/"><div id="dark" class="icon-undo2 "></div> Нет</a></div>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
// ------------------ Редактировать ---------------- //
if(isset($user['id']) && $ank['id'] == $user['id'] && isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == true){
$set['title'] = 'Редактировать микроблог';
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
if(isset($_POST['opis'])){
if(isset($_FILES['file']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file']['name']) && filesize($_FILES['file']['tmp_name'])>0){
$uploaddir = H.'files/microblog/avatar/';
$uploadfile=$uploaddir.$blog['id'].'.jpg';
if(@copy($_FILES['file']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
}
}
if(isset($_FILES['file']) != NULL) $ava = $blog['id'];
else $ava = 0;
$opis = check($_POST['opis']);
if(strlen($opis) < 3 or strlen($opis) > 20000) $err = 'Описание должено быть в пределах 3 - 20 000 символов';
err();
if(!isset($err)){
mysql_query("UPDATE `$system[perfix]_blog` SET `opis` = '$opis', `avatar` = '$ava' WHERE `id_user` = '$ank[id]'");
header('Location: /moduls/blog/');
$_SESSION['message'] = 'Микроблог отредактирован';
}
}
// -------------- Удалить аву --------- //
if(isset($_GET['del_ava'])){
unlink(H."files/microblog/avatar/$blog[avatar].jpg");
mysql_query("UPDATE `$system[perfix]_blog` SET `avatar` = '0' WHERE `id_user` = '$ank[id]'");
header('Location: /moduls/blog/?edit');
$_SESSION['message'] = 'Аватара микроблога удалена';
}
echo '<form enctype="multipart/form-data" method="post">';
echo 'Аватар микроблога:<br /> <input name="file" type="file" /><br />';
if($blog['avatar'] != 0) echo '<a href="?edit&del_ava">Удалить аватар</a><br />';
panel_bb('textarea');
echo '<textarea id="textarea" name="opis">'.$blog['opis'].'</textarea><br />
<input type="submit" value="Сохранить" value="submit" />
</form>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
// ------------------ Новая статья ---------------- //
if(isset($user['id']) && $ank['id'] == $user['id'] && isset($_GET['article']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog` WHERE `id_user` = '$ank[id]'"),0) == true){
$set['title'] = 'Новая статья';
require_once '../../core/head.php';
require_once '../../core/panel.php';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
if(isset($_POST['title']) && isset($_POST['msg'])){
$title = check($_POST['title']);
$msg = check($_POST['msg']);
if(strlen($title) < 2 or strlen($title) > 250) $err = 'Название статьи должено быть в пределах 2 - 250 символов';
if(strlen($msg) < 2 or strlen($msg) > 50000) $err = 'Текст статьи должен быть в пределах 2 - 50 000 символов';
err();
if(!isset($err)){
mysql_query("INSERT INTO `$system[perfix]_blog_article` SET `id_blog` = '$blog[id]', `title` = '$title', `msg` = '$msg', `time` = '".time()."'");
$test = mysql_fetch_assoc(mysql_query("SELECT `id`,`id_blog` FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]' ORDER BY `id` DESC"));
// ----- Скрины ------ //
if(isset($_FILES['file1']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file1']['name']) && filesize($_FILES['file1']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile = $uploaddir.$ank['id'].$test['id'].'1.jpg';
if(@copy($_FILES['file1']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen1 = $ank['id'].$test['id'].'1';
}else{
$screen1 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen1` = '$screen1' WHERE `id` = '$test[id]' && `id_blog` = '$test[id_blog]'");
}
if(isset($_FILES['file2']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file2']['name']) && filesize($_FILES['file2']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile=$uploaddir.$ank['id'].$test['id'].'2.jpg';
if(@copy($_FILES['file2']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen2 = $ank['id'].$test['id_blog'].'2';
}else{
$screen2 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen2` = '$screen2' WHERE `id` = '$test[id]' && `id_blog` = '$test[id_blog]'");
}
if(isset($_FILES['file3']) && preg_match('#^.|.jpg|.png$|.gif$|.jpeg$#i',$_FILES['file3']['name']) && filesize($_FILES['file3']['tmp_name'])>0){
$uploaddir = H.'files/microblog/screen/';
$uploadfile=$uploaddir.$ank['id'].$test['id'].'3.jpg';
if(@copy($_FILES['file3']['tmp_name'],$uploadfile)){
@chmod("$uploadfile", 0777);
$screen3 = $ank['id'].$test['id_blog'].'3';
}else{
$screen3 = 0;
}
mysql_query("UPDATE `$system[perfix]_blog_article` SET `screen3` = '$screen3' WHERE `id` = '$test[id]' && `id_blog` = '$test[id_blog]'");
}
$len = mysql_query("SELECT * FROM `$system[perfix]_frends` WHERE `id_user` = '$user[id]'");
while($lenta = mysql_fetch_assoc($len)){
mysql_query("INSERT INTO `$system[perfix]_lenta` (`id_ank`, `id_user`, `msg`, `time`, `read`, `razdel`, `link`) values('$user[id]', '$lenta[id_ank]', '".$user['login']." написал новую статью в микроблоге [b]".$title."[/b]', '".time()."', '0', 'Микроблог', '/moduls/blog/article.php?id=".$user['id']."&article=".$test['id']."')");
}
header("Location: /moduls/blog/article.php?id=$ank[id]&article=$test[id]");
$_SESSION['message'] = 'Статья создана';
}
}
echo '<form method="post" enctype="multipart/form-data">
Название статьи (2 - 250)<br /><input type="text" name="title" /><br />
Скриншет 1:<br /> <input name="file1" type="file" /><br />
Скриншет 2:<br /> <input name="file2" type="file" /><br />
Скриншет 3:<br /> <input name="file3" type="file" /><br />';
panel_bb('textarea');
echo '<textarea id="textarea" name="msg"></textarea><br />
<input type="submit" value="Написать" />
</form>';
echo '<div class="navig">'.$home. $z.'<a href="/moduls/blog/?id='.$blog['id'].'">Микроблог</a>'.$z. $set['title'].'</div>';
require_once H.'core/foot.php';
exit();
}
$set['title'] = 'Микроблог '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
if($blog['avatar'] == 0) echo '<div class="menu"><img src="/files/microblog/avatar/no_avatar.jpg" alt="Аватара нет" style="max-width:120px; max-height:120px" /></div>';
else echo '<div class="menu"><img src="/files/microblog/avatar/'.$blog['avatar'].'.jpg" alt="Micro-Book.ru" style="max-width:120px; max-height:120px" /></div>';
echo '<div class="mess">Микроблог ';
echo online($ank['id']).' <a href="/?login='.$ank['login'].'">'.$ank['login'].'</a>';
if(isset($user['id']) && $ank['id'] == $user['id']) echo '<br /><div id="dark" class="icon-pencil"></div> <a href="/moduls/blog/?edit">Ред</a> | ';
if(isset($user['id']) && $ank['id'] == $user['id']) echo '<div id="dark" class="icon-cancel"></div> <a href="/moduls/blog/?del">Удл</a>';
echo '</div>';
echo '<div class="mess">Описание:<br /> '.text($blog['opis']).'</div>';
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_blog_article` WHERE `id_blog` = '$blog[id]'"),0);
echo '<div class="menu_touch"><a href="/moduls/blog/article.php?id='.$ank['id'].'">Все статьи <span class="count">'.$count.'</span></a></div>';
if(isset($user['id']) && $ank['id'] == $user['id']) echo '<div class="menu_touch"><a href="/moduls/blog/?article">Написать статью</a></div>';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
require_once H.'core/foot.php';
?>