Файл: gifts/index.php
Строк: 183
<?php
require_once '../sys/inc/start.php';
require_once '../sys/inc/compress.php';
require_once '../sys/inc/sess.php';
require_once '../sys/inc/settings.php';
require_once '../sys/inc/db_connect.php';
require_once '../sys/inc/ipua.php';
require_once '../sys/inc/fnc.php';
require_once '../sys/inc/user.php';
if (isset($_GET['id'])) {
$id = intval($_GET['id']);
} elseif (isset($user)) {
$id = $user['id'];
}
$ank = get_user($id);
if (!$ank || $ank['id'] == 0) {
header("Location:/index.php?");
exit;
}
$set['title'] = 'Подарки ' . $ank['nick'];
require_once '../sys/inc/thead.php';
aut();
if (isset($_GET['do'])) {
only_reg();
if (isset($_GET['cat']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift_cat` WHERE `id` = '" . intval($_GET['cat']) . "'"), 0) != 0) {
$cat = mysql_fetch_array(mysql_query("SELECT * FROM `gift_cat` WHERE `id` = '" . intval($_GET['cat']) . "'"));
if ($cat['show'] == 1 || $cat['show'] == 0 && $user['level'] >= 3) {
$cat = $cat;
} else {
$cat = array();
$cat['id'] = 1;
$cat['show'] = 1;
}
} else {
$cat = array();
$cat['id'] = 1;
$cat['show'] = 1;
}
if (isset($_GET['gift']) && intval($_GET['gift']) != NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gift` WHERE `id` = '" . intval($_GET['gift']) . "' AND `id_cat` = '$cat[id]'"), 0) != 0 && ($cat['show'] == 1 || $cat['show'] == 0 && $user['level'] >= 3)) {
$gift = mysql_fetch_array(mysql_query("SELECT * FROM `gift` WHERE `id` = '" . intval($_GET['gift']) . "' AND `id_cat` = '$cat[id]'"));
if (isset($_POST['submited'])) {
$msg = $_POST['msg'];
if (utf8_strlen($msg) > 512) {
$err[] = "Сообщение длиннее 512-ти символов";
}
if ($user['money'] < $gift['cena']) {
$err[] = "Вам не хватает монет!";
}
if (!isset($err)) {
if ($_POST['mode'] == 2 || $_POST['mode'] == 3) {
$type = intval($_POST['mode']);
} else {
$type = 1;
}
mysql_query("INSERT INTO `gifts` SET `id_user` = '$ank[id]', `id_kont` = '$user[id]', `msg` = '" . mysql_real_escape_string($msg) . "', `time` = '$time', `id_gift` = '$gift[id]', `type` = '$type'");
$id = mysql_insert_id();
mysql_query("UPDATE `user` SET `money` = '" . ($user['money'] - $gift['cena']) . "' WHERE `id` = '$user[id]'");
$msg = "У Вас новый подарок! [url=/gifts/?id=$ank[id]&gift=$id]Открыть[/url]";
mail_add(0, $ank['id'], $msg);
header("Location: ?id=$ank[id]");
exit;
}
}
echo "<div class = 'foot'>";
echo "Подарок для <a href='/info.php?id=$ank[id]'><b>$ank[nick]</b></a>";
echo "</div><div class = 'foot'>";
echo "<img src='images/$gift[image]' /><br />";
echo "Стоимость: <font color = 'green'><b>$gift[cena]</b></font> монет<br />";
echo "У вас на счету: <font color = 'green'><b>$user[money] монет</b></font><br />";
echo "</div>";
echo "<form method='post' class = 'foot' action=''>";
echo "<b>Тип подарка:</b><br />";
echo "<input type='radio' name='mode' value='1' checked='checked' id='mode' />Публичный<br />";
echo "<small>Все будут видеть Ваш подарок, сообщение и Ник.</small><br />";
echo "<input type='radio' name='mode' value='2' checked='checked' id='mode1' />Личный<br />";
echo "<small>Все будут видеть ваш подарок, но только получатель сможет видеть ваш Ник и сообщение.</small><br />";
echo "<input type='radio' name='mode' value='3' checked='checked' id='mode2' />Анонимный<br />";
echo "<small>Все будут видеть ваш подарок. Только получатель увидит ваше сообщение. Никто не увидит ваш Ник.</small><br />";
echo "<textarea name='msg'>Лови подарок!</textarea><br />";
echo "<button class = 'btn' name='submited'>";
echo "<img src = '/style/icons/gifts.png' /> Отправить";
echo "</button></form>";
echo "<a href = '?id=$ank[id]&cat=$cat[id]'><div class = 'foot'><img src = '/style/icons/left.png' /> Назад</div></a>";
require_once '../sys/inc/tfoot.php';
exit;
}
$q = mysql_query("SELECT * FROM `gift_cat`");
echo "<div class = 'foot'>";
echo "Выберите подарок для ";
echo "<a href = '/info.php?id=$ank[id]'>";
echo text::gradient("$ank[nick]", "$ank[ncolor]", "$ank[ncolor2]");
echo "</a> ";
echo "</div><div class = 'foot'>";
$i = 0;
while ($post = mysql_fetch_array($q)) {
if ($post['show'] == 1 || $post['show'] == 0 && $user['level'] >= 3) {
echo ($i != 0 && $i < mysql_num_rows($q) ? " | " : NULL) . ($post['id'] != $cat['id'] ? "<a href='?id=$ank[id]&do&cat=$post[id]'>" : NULL) . "$post[name]" . ($post['id'] != $cat['id'] ? "</a>" : NULL) . "";
}
$i++;
}
echo "</div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gift` WHERE `id_cat` = '$cat[id]'"), 0);
if ($k_post == 0) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$q = mysql_query("SELECT * FROM `gift` WHERE `id_cat` = '$cat[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)) {
echo "<a href = '?id=$ank[id]&do&cat=$cat[id]&gift=$post[id]'><table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/gifts/images/$post[image]' height='30' width='30' /><br />";
echo htmlspecialchars($post['name']);
echo " $post[cena] монет<br />";
echo "</td></tr></table></a>";
}
if ($k_page > 1) {
str("?id=$ank[id]&do&cat=$cat[id]&", $k_page, $page);
}
echo "<div class = 'foot'>";
echo "<img src = '/style/icons/left.png' /> <a href = '?id=$ank[id]'>Назад</a>";
echo "</div>";
require_once '../sys/inc/tfoot.php';
exit;
}
if (isset($_GET['gift']) && intval($_GET['gift']) != NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gifts` WHERE `id` = '" . intval($_GET['gift']) . "' AND `id_user` = '$ank[id]'"), 0) != 0) {
$gift = mysql_fetch_array(mysql_query("SELECT * FROM `gifts` WHERE `id` = '" . intval($_GET['gift']) . "' AND `id_user` = '$ank[id]'"));
$giftt = mysql_fetch_array(mysql_query("SELECT * FROM `gift` WHERE `id` = '$gift[id_gift]'"));
$ank2 = get_user($gift['id_kont']);
if ($gift['type'] == 2) {
$type = 'Личный';
} elseif ($gift['type'] == 3) {
$type = 'Анонимный';
} else {
$type = 'Публичный';
}
echo "<div class = 'foot'>";
if ($gift['type'] == 1 || $gift['type'] == 2 && ($ank['id'] == $user['id'] || $user['level'] >= 3) || $gift['type'] == 3 && $user['level'] >= 3) {
echo "<a href = '/info.php?id=$ank2[id]'>";
echo text::gradient("$ank2[nick]", "$ank2[ncolor]", "$ank2[ncolor2]");
echo "</a><br />";
}
echo "<img src='images/$giftt[image]' /><br />";
echo ($gift['type'] == 1 || $gift['type'] == 2 && ($ank['id'] == $user['id'] || $user['level'] >= 3) || $gift['type'] == 3 && ($ank['id'] == $user['id'] || $user['level'] >= 3) ? "" . ($gift['msg'] != NULL ? "" . output_text($gift['msg']) . "<br />n" : null) . "" : null);
echo "<small><font color = 'grey'>".vremja($gift['time'])."</font> ($type)</small>";
if ($ank['id'] == $user['id'] || $user['level'] >= 3) {
echo "<br />";
if ($ank['id'] == $user['id'] && ($gift['type'] == 1 || $gift['type'] == 2 && ($ank['id'] == $user['id'] || $user['level'] >= 3) || $gift['type'] == 3 && $user['level'] >= 3)) {
echo "<a href='?id=$ank2[id]&do'><small>Отправить подарок</small></a> | ";
}
echo "<a href='?id=$ank[id]&del=$gift[id]'><small>Удалить</small></a>";
}
echo "</div>";
echo "<a href = '?id=$ank[id]'><div class = 'foot'><img src = '/style/icons/left.png' /> Все подарки $ank[nick]</div></a>";
require_once '../sys/inc/tfoot.php';
exit();
}
if (isset($_GET['del']) && intval($_GET['del']) != NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `gifts` WHERE `id` = '" . intval($_GET['del']) . "'"), 0) != 0) {
$gift = mysql_fetch_array(mysql_query("SELECT * FROM `gifts` WHERE `id` = '" . intval($_GET['del']) . "'"));
if ($gift['id_user'] == $user['id'] || $user['level'] >= 3) {
mysql_query("DELETE FROM `gifts` WHERE `id` = '" . intval($_GET['del']) . "'");
header("Location:?id=$ank[id]");
exit;
}
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gifts` WHERE `id_user` = '$user[id]' AND `read` = '0'"), 0) != 0 && $ank['id'] == $user['id']) {
mysql_query("UPDATE `gifts` SET `read` = '1' WHERE `id_user` = '$user[id]' AND `read` = '0'");
header("Location:?id=$user[id]");
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gifts` WHERE `id_user` = '$ank[id]'"), 0);
echo "<a href = '?id=$ank[id]&do'><div class = 'foot'><img src = '/style/icons/present--arrow.png' /> Сделать подарок</div></a>";
if ($k_post == 0) {
echo "<table class = 'foot'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$q = mysql_query("SELECT * FROM `gifts` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)) {
echo "<table class = 'foot'><tr><td class = 'null'>";
$ank2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_kont]'"));
$gift = mysql_fetch_array(mysql_query("SELECT * FROM `gift` WHERE `id` = '$post[id_gift]'"));
echo "<div class = 'right' id = 'hides'>";
echo "<img src = '/style/icons/time.png' /> " . vremja($post['time']);
echo "</div>";
echo "<a href='?id=$ank[id]&gift=$post[id]'><img src='images/$gift[image]' height='30' width='30'/>";
echo text::gradient("$ank2[nick]", "$ank2[ncolor]", "$ank2[ncolor2]");
echo "</a></td></tr></table>";
}
if ($k_page > 1) {
str("?id=$ank[id]&", $k_page, $page);
}
echo "<a href = '/info.php?id=$ank[id]'><div class = 'foot'><img src = '/style/icons/left.png' /> Страница $ank[nick]</div></a>";
require_once '../sys/inc/tfoot.php';