Файл: mob-lave.ru/user/profile/frends.php
Строк: 160
<?php
require_once '../../core/set.php';
if (isset($user))$ank['id']=$user['id']; //
if(isset($_GET['id']))
$ank['id'] = num($_GET['id']);
$ank=get_user($ank['id']); //
if(!$ank){header("Location: /index.php?");exit;}
if ($ank['id']==0){
$ank=get_user($ank['id']);
$set['title'] = 'Друзья '.$ank['login']; // заголовок страницы
}
$set['title'] = 'Друзья '.$ank['login'];
require_once H.'core/head.php';
require_once H.'core/panel.php';
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
// ---------------------- Новый друг ----------------------- //
if(isset($user['id']) && $user['id'] == $ank['id'] && isset($_GET['new_frends']) &&
(mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_frends_new` WHERE (`id_user` = '$user[id]' && `id_ank` = '$ank[id]') or (`id_user` = '$ank[id]' && `id_ank` = '$user[id]')"),0) == false &&
mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_frends` WHERE (`id_user` = '$user[id]' && `id_ank` = '$ank[id]') or (`id_user` = '$ank[id]' && `id_ank` = '$user[id]')"),0) == false)){
$new = num($_GET['new_frends']);
mysql_query("INSERT INTO `$system[perfix]_frends` SET `id_user` = '$user[id]', `id_ank` = '$new', `time` = '".time()."'");
mysql_query("INSERT INTO `$system[perfix]_frends` SET `id_user` = '$new', `id_ank` = '$user[id]', `time` = '".time()."'");
mysql_query("DELETE FROM `$system[perfix]_frends_new` WHERE `id_ank` = '$user[id]' && `id_user` = '$new'");
mysql_query("INSERT INTO `$system[perfix]_mail` SET `id_user` = '$new', `id_kont` = '3', `time` = '".time()."', `msg` = '$user[login] принял ваше предложение дружбы', `read` = '0'");
header("Location: /user/profile/frends.php?id=$ank[id]&all");
$_SESSION['message'] = 'Предложение дружбы принято';
}
if(isset($user['id']) && $user['id'] == $ank['id'] && isset($_GET['all'])){
echo '<div class="top_group"><table width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="top_menu_act" style="border-radius: 8px 0px 0px 8px"><a href="?id='.$ank['id'].'"><center>Все друзья</center></a></td>
<td class="top_menu" style="border-radius: 0px 8px 8px 0px"><center>Заявки</center></td>
</tr></table></div>';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_frends_new` WHERE `id_ank` = '$user[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
if($k_post==0)echo '<div class="mess">Новых заявок нет</div>';
$q = mysql_query("SELECT * FROM `$system[perfix]_frends_new` WHERE `id_ank` = '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)){
$frends = mysql_fetch_array(mysql_query("SELECT `login`,`id` FROM `$system[perfix]_users` WHERE `id` = '".num($post['id_user'])."'"));
echo '<div class="mess"><table><tr><td>';
echo avatar($frends['id'], false, 50);
echo '</td><td>';
echo online($frends['id']).' <a href="/?login='.$frends['login'].'">'.$frends['login'].'</a><br/>';
echo '<a href="?id='.num($post['id_ank']).'&new_frends='.num($frends['id']).'"><div id="dark" class="icon-checkmark"></div></a>';
echo ' | <a href="?id='.$ank['id'].'&del_frends='.num($frends['id']).'"><div id="dark" class="icon-cancel"></div></a>';
echo '</td></tr></table></a></div>';
}
if($k_page>1)str("?id=$ank[id]&all&",$k_page,$page);
require_once H.'core/foot.php';
exit();
}
if(isset($user['id']) && $user['id'] == $ank['id']){
echo '<div class="top_group"><table width="100%" cellspacing="0" cellpadding="0">
<tr>
<td class="top_menu" style="border-radius: 8px 0px 0px 8px"><center>Все друзья</center></td>
<td class="top_menu_act" style="border-radius: 0px 8px 8px 0px"><a href="?id='.$ank['id'].'&all"><center>Заявки</center></a></td>
</tr></table></div>';
}
// ------------------ Удаление друзей --------------------- //
if(isset($user['id']) && $user['id'] == $ank['id'] && isset($_GET['delete'])){
$delete = num($_GET['delete']);
mysql_query("DELETE FROM `$system[perfix]_frends` WHERE `id_user` = '$ank[id]' && `id_ank` = '$delete' LIMIT 1");
mysql_query("DELETE FROM `$system[perfix]_frends` WHERE `id_user` = '$delete' && `id_ank` = '$ank[id]' LIMIT 1");
mysql_query("INSERT INTO `$system[perfix]_mail` SET `id_user` = '3', `id_kont` = '$delete', `time` = '".time()."', `msg` = '$user[login] удалил вас из списка своих друзей :(', `read` = '0'");
header("Location: /user/profile/frends.php?id=$ank[id]");
$_SESSION['message'] = 'Пользователь удален из списка ваших друзей';
}
if(isset($user['id']) && $user['id'] == $ank['id'] && isset($_GET['del'])){
$del = num($_GET['del']);
$fr = mysql_fetch_array(mysql_query("SELECT `login`,`id` FROM `$system[perfix]_users` WHERE `id` = '$del'"));
echo '<div class="mess">Вы действительно хотите удалить <b>'.$fr['login'].'</b> из списка ваших друзей?<br/>';
echo '<div id="dark" class="icon-checkmark"></div><a href="?id='.$ank['id'].'&delete='.num($del).'"> Да</a> | <div id="dark" class="icon-undo2 "></div><a href="?id='.$ank['id'].'"> Нет</a></div>';
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `$system[perfix]_frends` WHERE `id_user` = '$ank[id]'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
if($k_post==0)echo '<div class="mess">Друзей нет</div>';
$q = mysql_query("SELECT * FROM `$system[perfix]_frends` WHERE `id_user` = '$ank[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)){
$frends = mysql_fetch_array(mysql_query("SELECT `login`,`id` FROM `$system[perfix]_users` WHERE `id` = '".num($post['id_ank'])."'"));
echo '<div class="mess"><table><tr><td>';
echo avatar($frends['id'], false, 50);
echo '</td><td>';
echo online($frends['id']).' <a href="/?login='.$frends['login'].'">'.$frends['login'].'</a><br/>';
echo '<a href="/user/mail/mail.php?id='.num($post['id_ank']).'"><div id="dark" class="icon-mail2"></div></a>';
if(isset($user['id']) && $user['id'] == $ank['id']) echo ' | <a href="?id='.$ank['id'].'&del='.num($post['id_ank']).'"><div id="dark" class="icon-cancel"></div></a>';
echo '</td></tr></table></a></div>';
}
if($k_page>1)str("?id=$ank[id]&",$k_page,$page);
echo '<div class="navig">'.$home. $z. $set['title'].'</div>';
require_once H.'core/foot.php';
?>