Файл: diary/index.php
Строк: 1417
<?php
if (isset($_GET['img'])) {
require_once '../sys/inc/start.php';
require_once '../sys/inc/sess.php';
require_once '../sys/inc/settings.php';
require_once '../sys/inc/db_connect.php';
require_once '../sys/inc/ipua.php';
require_once '../sys/inc/fnc.php';
require_once '../sys/inc/user.php';
if (!isset($_GET['p'])) {
exit;
}
$p = max(0, min(100, intval($_GET['p'])));
$k = max(0, intval(@$_GET['k']));
$a = max(0, intval(@$_GET['a']));
$x = 128;
$y = 10;
$x2 = @intval($x / (100 / $p));
$img = imagecreate($x, $y);
$col['back'] = imagecolorallocate($img, 460, 460, 0);
$col['draw'] = imagecolorallocate($img, 400, 400, 0);
$col['font'] = imagecolorallocate($img, 500, 500, 500);
$col['border'] = imagecolorallocate($img, 155, 155, 155);
imagefill($img, $x, $y, $col['back']);
imagefilledrectangle($img, 0, 0, $x2, $y, $col['draw']);
imagerectangle($img, 0, 0, $x - 1, $y - 1, $col['border']);
#imagettftext($img, 7, 0, $x / 10, $y - 2, $col['font'], H . 'sys/fonts/tahoma.ttf', "$p %");
imagestring($img, 1, $x / 10, 1, "$k/$a", $col['font']);
header("Content-type: image/png");
imagepng($img);
} else {
require_once '../sys/inc/start.php';
require_once '../sys/inc/compress.php';
require_once '../sys/inc/sess.php';
require_once '../sys/inc/settings.php';
require_once '../sys/inc/db_connect.php';
require_once '../sys/inc/ipua.php';
require_once '../sys/inc/fnc.php';
require_once '../sys/inc/user.php';
function cut_diary($text, $maxwords = 10, $maxchar = 30) {
$sep = ' ';
$words = @preg_split(" ", $text);
$char = iconv_strlen($text, 'utf-8');
if (count($words) > $maxwords) {
$text = join($sep, array_slice($words, 0, $maxwords));
}
return $text;
}
if (isset($_GET['id'])) {
$id = abs(intval($_GET['id']));
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$id' LIMIT 1"));
$set['title'] = 'Дневники | ' . $ank['nick'] . '';
require_once '../sys/inc/thead.php';
aut();
err();
$sel = mysql_query("SELECT * FROM `diary_files` ORDER BY id");
while ($selk = mysql_fetch_array($sel)) {
if ($selk['type'] == 'photo') {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` = '$selk[id_photo_local]' LIMIT 1"), 0) == 0) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$selk[id_diary]' LIMIT 1"));
if ($user['level'] >= 8) {
echo "Удалено фото из <a href = '?id=$diary[id_user]&diary=$diary[id]'>этого</a> дневника<br/>";
}
mysql_query("DELETE FROM `diary_files` WHERE `id` = '$selk[id]'");
}
} else {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `id` = '$selk[id_file_local]' LIMIT 1"), 0) == 0) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$selk[id_diary]' LIMIT 1"));
if ($user['level'] >= 8) {
echo "Удален файл из <a href = '?id=$diary[id_user]&diary=$diary[id]'>етого</a> дневника<br/>n";
}
mysql_query("DELETE FROM `diary_files` WHERE `id` = '$selk[id]'");
}
}
}
function zam($am) {
return strtr($am, " .&", "___");
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$ank[id]'"), 0) == 0) {
echo "<div class = 'err'>Пользователь не найден!</div>";
} else {
if (isset($_GET['add_new_diary']) && $user['id'] == $ank['id']) {
if (isset($_GET['ok']) && isset($_POST['text'])) {
$name = $_POST['name'];
if (utf8_strlen($name) > 60) {
echo "<div class = 'err'>Название слишком длинное</div>";
}
$name = mysql_real_escape_string($name);
$poll = $_POST['poll'];
$text = $_POST['text'];
if (utf8_strlen($text) > 100000) {
echo "<div class = 'err'>Текст слишком длинный</div>";
}
if ($text == NULL) {
echo "<div class = 'err'>Текст слишком короткий</div>";
}
$text = mysql_real_escape_string($text);
$tags = $_POST['tags'];
$tags = mysql_real_escape_string($tags);
$type = mysql_real_escape_string($_POST['type']);
$o18 = intval($_POST['+18']);
$no_komm = $_POST['no_komm'];
$tagss = explode(',', $tags);
if (count($tagss) > 10) {
echo "<div class = 'err'>Не больше десяти меток!</div>";
}
if ($poll == '1') {
$poll_text = $_POST['poll_text'];
$result1 = $_POST['result1'];
if (utf8_strlen($result1) < 1) {
echo "<div class = 'err'>1 вариант обязателен для заполнения</div>";
}
$result1 = mysql_real_escape_string($result1);
$result2 = $_POST['result2'];
if (utf8_strlen($result2) < 1) {
echo "<div class = 'err'>2 вариант обязателен для заполнения</div>";
}
$result2 = mysql_real_escape_string($result2);
$result3 = $_POST['result3'];
$result3 = mysql_real_escape_string($result3);
$result4 = $_POST['result4'];
$result4 = mysql_real_escape_string($result4);
$result5 = $_POST['result5'];
$result5 = mysql_real_escape_string($result5);
$result6 = $_POST['result6'];
$result6 = mysql_real_escape_string($result6);
$result7 = $_POST['result7'];
$result7 = mysql_real_escape_string($result7);
$result8 = $_POST['result8'];
$result8 = mysql_real_escape_string($result8);
$result9 = $_POST['result9'];
$result9 = mysql_real_escape_string($result9);
$result10 = $_POST['result10'];
$result10 = mysql_real_escape_string($result10);
if (utf8_strlen($poll_text) < 1) {
echo "<div class = 'err'>Введите текст</div>";
}
if (utf8_strlen($text) > 1024) {
echo "<div class = 'err'>Текст слишком длинный</div>";
}
$poll_text = mysql_real_escape_string($poll_text);
$poll_time = $time + $_POST['poll_time'];
}
$pass = $_POST['pass'];
if (!isset($err)) {
for ($i = 0; $i < count($tagss); $i++) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_tags` WHERE `name` = '" . mysql_real_escape_string($tagss[$i]) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_tags` (`id_user`, `name`) values ('$user[id]', '" . mysql_real_escape_string($tagss[$i]) . "')");
}
}
if ($poll == '1') {
mysql_query("INSERT INTO `diary` (`id_user`, `name`, `text`, `time`, `tags`, `type`, `poll`, ` 18`, `no_komm`, `poll_text`, `poll_time`, `pass`) values ('$user[id]', '$name', '$text', '$time', '$tags', '$type', '1', '$o18', '" . mysql_real_escape_string($no_komm) . "', '$poll_text', '$poll_time', '$pass')");
} else {
mysql_query("INSERT INTO `diary` (`id_user`, `name`, `text`, `time`, `tags`, `type`, `poll`, `+18`, `no_komm`, `pass`) values ('$user[id]', '$name', '$text', '$time', '$tags', '$type', '0', '$o18', '" . intval($no_komm) . "', '$pass')");
}
$diary = mysql_insert_id();
if ($poll == '1') {
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result1', '1')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result2', '2')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result3', '3')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result4', '4')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result5', '5')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result6', '6')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result7', '7')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result8', '8')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result9', '9')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result10', '10')");
}
$q = mysql_query("SELECT * FROM `friends` WHERE `user` = '$user[id]' AND `lenta_diary` = '1' AND `i` = '1'");
while ($f = mysql_fetch_array($q)) {
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[friends]' LIMIT 1"));
$msg_lenta = "[url=/diary/?id=$user[id]&diary=$diary]" . $name . "[/url]";
mysql_query("INSERT INTO `tape` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msg_lenta', '$time')");
}
header("Location:?id=$ank[id]&diary=$diary");
}
}
echo "<form method = 'post' class = 'razd' name = 'add' action = '?id=$ank[id]&add_new_diary&ok'>";
echo "Название (60 знаков)<br />";
echo "<input type = 'text' name = 'name' value = '' /><br />";
echo "Текст (100000 знаков)<br/>";
echo text::auto_bb('add', 'text');
echo L . "<textarea name = 'text' aria-required = 'true' aria-invalid = 'false' required = 'required'></textarea><br/>n";
echo "Метки (не больше 10-ти)<br />";
echo "<input type = 'text' name = 'tags' value = '' /><br />";
echo "<label><input type = 'checkbox' name = '+18' value = '1' /> Только для взрослых</label><br />";
echo "<label><input type = 'checkbox' name = 'no_komm' value = '1' /> Запретить добавлять комментарии</label><br />";
echo "<br />Давать доступ:<br />";
echo "<label><input type = 'radio' name = 'type' value = 'all' checked = 'checked'/><img src = '/style/img/globe-small.png'/>Всем</label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'only_me' /><img src = '/style/img/lock-small.png' />Только мне</label> <br />";
echo "<label><input type = 'radio' name = 'type' value = 'friends' /><img src = '/style/img/user-small.png' />Только друзьям</label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'pass' /><img src = '/style/img/bullet_key.png' />Только по паролю ";
echo "<input name = 'pass' size = '16' maxlength = '16' type = 'text' value = '' /></label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'list' /><img src = '/style/img/bullet_textfield.png' />Обитателям из <a href = '?dl'>списка доступа</a></label><br />";
echo "<label><input type = 'checkbox' name = 'poll' value = '1' /> Прикрепить опрос</label><br />";
echo "<textarea name = 'poll_text'></textarea><br />";
echo "Варианты ответов: <br />";
echo "<input type = 'text' name = 'result1' value = '' />*<br />";
echo "<input type = 'text' name = 'result2' value = '' />*<br />";
echo "<input type = 'text' name = 'result3' value = '' /><br />";
echo "<input type = 'text' name = 'result4' value = '' /><br />";
echo "<input type = 'text' name = 'result5' value = '' /><br />";
echo "<input type = 'text' name = 'result6' value = '' /><br />";
echo "<input type = 'text' name = 'result7' value = '' /><br />";
echo "<input type = 'text' name = 'result8' value = '' /><br />";
echo "<input type = 'text' name = 'result9' value = '' /><br />";
echo "<input type = 'text' name = 'result10' value = '' /><br />";
echo "Дата окончания через: <br />";
echo "<select name = 'poll_time'>";
echo ""
. "<option value = '145152000' selected = 'selected'>Бессрочное</option>"
. "<option value = '86400'>1 День</option>"
. "<option value = '259200'>3 Дня</option>"
. "<option value = '604800'>1 Неделю</option>"
. "<option value = '2419200'>1 Месяц</option>"
. "<option value = '2419200'>3 Месяца</option></select><br />";
echo "<button class = 'action'>";
echo "<span class = 'label'><span class = 'icon icon44' /> Добавить</span>";
echo "</button></form>";
} elseif (isset($_GET['del'])) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['del']) . "' LIMIT 1"));
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
if (isset($_POST['ok'])) {
if ($diary['poll'] == '1') {
mysql_query("DELETE FROM `diary_poll` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_pollen` WHERE `id_diary` = '$diary[id]'");
}
$komms = mysql_query("SELECT * FROM `diary_komm` WHERE `id_diary` = '$diary[id]'");
while ($post = mysql_fetch_array($komms)) {
mysql_query("DELETE FROM `diary_cmpl` WHERE `id_subject` = '$post[id]' AND `subject` = 'komm'");
}
mysql_query("DELETE FROM `diary_komm` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_komm_wrote` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_visited` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'");
mysql_query("DELETE FROM `diary` WHERE `id` = '$diary[id]'");
header("Location: ?id=$ank[id]");
} elseif (isset($_POST['abort'])) {
header("Location: ?id=$ank[id]&diary=$diary[id]");
} else {
echo "<div class = 'menu_razd'>Удаление записи</div>n";
echo "<div class = 'razd'>n";
echo "Вы действительно хотите удалить запись?</div>";
echo "<form method = 'POST' class = 'razd' action = '?id=$ank[id]&del=$diary[id]'>n";
echo "<input type = 'hidden' name = 'id' value = '" . md5($diary['id']) . "' />n";
echo "<input type = 'hidden' name = 'name' value = '" . md5($diary['name']) . "' />n";
echo "<input type = 'submit' name = 'ok' value = 'Удалить'/><input type = 'submit' name = 'abort' value = 'Отмена'/>n";
echo "</form>n";
}
} else {
echo "<div class = 'err'>Не хватает прав!</div>";
}
} elseif (isset($_GET['edit'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['edit']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
echo "<div class = 'err'>Запись не найдена!</div>";
} else {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['edit']) . "' LIMIT 1"));
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
if (isset($_GET['add'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]'"), 0) == '3') {
echo "<div class = 'err'>Хватит и трех файлов!</div>";
} else {
if (isset($_GET['photo'])) {
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a class = 'active'>Фото</a>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&file'>Файлы</a>";
echo "</div>";
if (isset($_GET['local'])) {
if (isset($_GET['dir']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['dir']) . "' LIMIT 1"), 0) != 0) {
$gallery = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '" . intval($_GET['dir']) . "' AND `id_user` = '$ank[id]' LIMIT 1"));
if (isset($_GET['id_photo']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' AND `id` = '" . intval($_GET['id_photo']) . "' LIMIT 1"), 0) != 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_photo_local` = '" . intval($_GET['id_photo']) . "'"), 0) == 0) {
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_photo_local`) VALUES ('$diary[id]', 'photo', '" . intval($_GET['id_photo']) . "')");
}
header("Location: ?id=$ank[id]&edit=$diary[id]");
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'razd'>";
echo "<img src = '/style/img/error.png' /> Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
echo "<div class = 'razd'>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local&dir=$gallery[id]&id_photo=$post[id]'>";
echo "<img src = '/foto/foto48/$post[id].$post[ras]' alt = 'Фото_$post[id]' /> $post[name]</a>";
echo "</div>";
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'razd'>";
echo "<img src = '/style/img/error.png' /> Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `gallery` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
$foto = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$post[id]' ORDER BY RAND()"));
echo "<div class = 'razd'>";
if ($foto == null) {
echo "<img src = '/foto/foto48/0.png' alt = 'Нет фото' />";
} else {
echo "<img src = '/foto/foto48/$foto[id].$foto[ras]' alt = 'Фото_$foto[id]' /> ";
}
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local&dir=$post[id]'><b>$post[name]</b><div class = 'count'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$post[id]'"), 0) . " фото</div></a>n";
echo "</div>";
}
if ($k_page > 1) {
str('?id=$ank[id]&edit=$diary[id]&add&local_photo&', $k_page, $page);
}
}
} else {
echo "<div class = 'razd'>Вы можете <b><a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local'>выбрать уже добавленное фото</a></b> или выгрузить новое:</div><br/>n";
if (isset($_GET['ok'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `gallery` (`name`, `id_user`) values ('Вложения', '$ank[id]')");
$id_dir = mysql_insert_id();
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$id_dir' AND `id_user` = '$ank[id]' LIMIT 1"));
} else {
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `gallery` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' LIMIT 1"));
}
if ($imgc = @imagecreatefromstring(file_get_contents($_FILES['file']['tmp_name']))) {
$name = text::esc(stripcslashes(htmlspecialchars($_POST['name'])), 1);
if ($name == null) {
$name = text::esc(stripcslashes(htmlspecialchars(eregi_replace('.[^.]*$', NULL, $_FILES['file']['name']))));
} // имя файла без расширения)),1);
if (preg_match("#{|}|^|%|\$|#|@|!|~|'|"|`|<|>#", $name)) {
echo "<div class = 'err'> В названии фото присутствуют запрещенные символы</div>";
}
if (utf8_strlen($name) < 3) {
echo "<div class = 'err'> Короткое название</div>";
}
if (utf8_strlen($name) > 32) {
echo "<div class = 'err'> Название не должно быть длиннее 32-х символов</div>";
}
$name = mysql_real_escape_string($name);
$msg = $_POST['opis'];
if (utf8_strlen($msg) > 1024) {
echo "<div class = 'err'> Длина описания превышает предел в 1024 символов</div>";
}
$msg = mysql_real_escape_string($msg);
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
if ($img_x > $set['max_upload_foto_x'] || $img_y > $set['max_upload_foto_y']) {
echo "<div class = 'err'>Размер изображения превышает ограничения в $set[max_upload_foto_x]*$set[max_upload_foto_y]</div>";
}
if (!isset($err)) {
mysql_query("INSERT INTO `gallery_foto` (`id_gallery`, `name`, `ras`, `type`, `opis`) values ('$id_dir[id]', '$name', 'jpg', 'image/jpeg', '$msg')");
$id_foto = mysql_insert_id();
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_photo_local`) VALUES ('$diary[id]', 'photo', '$id_foto')");
mysql_query("UPDATE `gallery` SET `time` = '$time' WHERE `id` = '$id_dir[id]' LIMIT 1");
if ($img_x == $img_y) {
$dstW = 48; // ширина
$dstH = 48; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 48;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 48;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagejpeg($screen, H . "sys/gallery/48/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/48/$id_foto.jpg", 0777);
imagedestroy($screen);
if ($img_x == $img_y) {
$dstW = 128; // ширина
$dstH = 128; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 128;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 128;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
$screen = img_copyright($screen); // наложение копирайта
imagejpeg($screen, H . "sys/gallery/128/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/128/$id_foto.jpg", 0777);
imagedestroy($screen);
if ($img_x > 640 || $img_y > 640) {
if ($img_x == $img_y) {
$dstW = 640; // ширина
$dstH = 640; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 640;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 640;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
$screen = img_copyright($screen); // наложение копирайта
imagejpeg($screen, H . "sys/gallery/640/$id_foto.jpg", 90);
imagedestroy($screen);
$imgc = img_copyright($imgc); // наложение копирайта
imagejpeg($imgc, H . "sys/gallery/foto/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/foto/$id_foto.jpg", 0777);
} else {
$imgc = img_copyright($imgc); // наложение копирайта
imagejpeg($imgc, H . "sys/gallery/640/$id_foto.jpg", 90);
imagejpeg($imgc, H . "sys/gallery/foto/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/foto/$id_foto.jpg", 0777);
}
@chmod(H . "sys/gallery/640/$id_foto.jpg", 0777);
imagedestroy($imgc);
header("Location: ?id=$ank[id]&diary=$diary[id]");
}
} else {
$err[] = 'Выбранный Вами формат изображения не поддерживается';
}
}
echo "<form enctype = "multipart/form-data" class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&add&photo&ok' method = "post">";
echo "Название:<br />n";
echo "<input name = 'name' type = 'text' /><br />n";
echo "Файл:<br />n";
echo "<input name = 'file' type = 'file' accept = 'image/*,image/jpeg' /><br />n";
echo "Описание:<br />n";
echo "<textarea name = 'opis'></textarea><br />n";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/upload.png' /> Загрузить";
echo "</button>";
echo "</form><div class = 'razd'><small>Новый файл будет загружен в специальную папку (Вложения)</small></div>";
}
} elseif (isset($_GET['file'])) {
echo "<div class = 'menu_razd'>Выберите файл</div>";
echo "<div class = 'tabs'>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo'>Фото</a>";
echo "<a class = 'active'>Файлы</a>";
echo "</div><div class = 'tabcontent'>";
if (isset($_GET['local'])) {
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
} else {
$dir = 0;
}
$q = mysql_query("SELECT * FROM `user_dir` WHERE `id_user` = '$ank[id]' AND `dir` = '$dir' ORDER BY `name` ASC");
if (isset($_GET['id_file']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['id_file']) . "' LIMIT 1"), 0) != 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_file_local` = '" . intval($_GET['id_file']) . "'"), 0) == 0) {
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_file_local`) VALUES ('$diary[id]', 'file', '" . intval($_GET['id_file']) . "')");
}
header("Location: ?id=$ank[id]&edit=$diary[id]");
}
while ($post = mysql_fetch_array($q)) {
$set['p_str'] = 15;
$list[] = array('dir' => 1, 'post' => $post);
}
$q = mysql_query("SELECT * FROM `user_files` WHERE `dir` = '$dir' AND `id_user` = '$ank[id]' ORDER BY `time` DESC");
while ($post = mysql_fetch_array($q)) {
$set['p_str'] = 8;
$list[] = array('dir' => 0, 'post' => $post);
}
$k_post = @sizeof($list);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<table><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Папка пуста";
echo "</td></tr></table>";
}
for ($i = $start; $i < $k_post && $i < $set['p_str'] * $page; $i++) {
if ($list[$i]['dir'] == 1) {
$post = $list[$i]['post'];
$k_f = 0;
$q3 = mysql_query("SELECT * FROM `user_dir` WHERE `dir` = '$post[id]'");
while ($post2 = mysql_fetch_array($q3)) {
$k_f = $k_f + mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$post2[id]'"), 0);
}
$k_f = $k_f + mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$post[id]'"), 0);
echo "<table><tr><td class = 'null'>";
echo "<img src = '/style/icons/folder(2).png'/> <a href = '?id=$ank[id]&edit=$diary[id]&add&file&local&dir=$post[id]'>$post[name]</a> ($k_f)n";
echo "</td></tr></table>";
} else {
$post = $list[$i]['post'];
$ras = $post['ras'];
$name = $post['name'];
$size = $post['size'];
$file_id['id'] = $post['id'];
if (is_file(H . "sys/files/screens/$file_id[id].png")) {
echo "<img src = '/sys/files/screens/$file_id[id].png' alt = 'Скрин...' />n";
}
echo "<br/>n";
if (is_file(H . "style/icons/files/$ras.png")) {
echo "<img src = '/style/icons/files/$ras.png' alt = '$ras'/>n";
} else {
echo "<img src = 'style/icons/file.png' />n";
}
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&file&local&dir=$dir&id_file=$file_id[id]'>$post[name].$post[ras]</a>n";
echo "<span style = 'color:#209143;font-size:small'>(" . size_file($size) . ")</span>n";
echo "<br/>n";
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files_komm` WHERE `id_file` = '$post[id]'"), 0);
echo "<span style = 'font-size:small;color:gray'>Скачано $post[k_loads] раз, $count комментариев.</span>n";
}
if ($k_page > 1) {
str('?id=$ank[id]&edit=$diary[id]&add&file&local&dir=$dir', $k_page, $page);
}
}
} else {
echo "<div class = 'msg'>Вы можете <b><a href = '?id=$ank[id]&edit=$diary[id]&add&file&local'>выбрать уже добавленный файл</a></b> или выгрузить новый:</div><br/>n";
if (isset($_GET['ok'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_dir` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `user_dir` (`name`, `id_user`, `dir`) values ('Вложения', '$ank[id]', '0')");
$id_dir = mysql_insert_id();
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `user_dir` WHERE `id` = '$id_dir' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"));
} else {
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `user_dir` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"));
}
if (!isset($_FILES['file'])) {
echo "<div class = 'err'> Ошибка при выгрузке файла</div>";
} else {
$file = text::esc(stripcslashes(htmlspecialchars($_FILES['file']['name'])));
$file = preg_replace('(#|?)', NULL, $file);
$name = preg_replace('#.[^.]*$#i', NULL, $file);
$imya = zam($name);
$ras = strtolower(preg_replace('#^.*.#i', NULL, $file));
$size = filesize($_FILES['file']['tmp_name']);
$rasss = explode(';', $ras);
$ras_ok = false;
for ($i = 0; $i < count($rasss); $i++) {
if ($rasss[$i] != NULL && $ras == $rasss[$i]) {
$ras_ok = true;
}
}
if (!$ras_ok) {
$err = 'Неверное расширение файла';
}
$opis = NULL;
if (isset($_POST['opis'])) {
$opis = stripslashes(htmlspecialchars(text::esc($_POST['opis'])));
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$id_dir[id]' AND `name` = '$imya'"), 0) != 0) {
echo "<div class = 'err'> Файл с таким названием уже есть в этой папке</div>";
}
if (!isset($err)) {
mysql_query("INSERT INTO `user_files` (`dir`, `name`, `ras`, `size`, `time`, `id_user`, `opis` )VALUES ('$id_dir[id]', '$imya', '$ras', '$size', '$time', '$ank[id]', '$opis' )");
$id_file = mysql_insert_id();
$file_id = mysql_fetch_array(mysql_query("SELECT * FROM `user_files` WHERE `id` = '$id_file' LIMIT 1"));
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_file_local`) VALUES ('$diary[id]', 'file', '$id_file')");
if (!@copy($_FILES['file']['tmp_name'], H . "sys/files/$id_file.dat")) {
mysql_query("DELETE FROM `user_files` WHERE `id` = '$id_file' LIMIT 1");
mysql_query("DELETE FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_file_local` = '$id_file' LIMIT 1");
echo "<div class = 'err'>Ошибка при выгрузке</div>";
}
header("location: ?id=$ank[id]&diary=$diary[id]");
}
}
}
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&add&file&ok' enctype = 'multipart/form-data'>n";
echo "Файл:<br />n";
echo "<input name = 'file' type = 'file'/><br />n";
echo "Описание:<br />n";
echo "<textarea name = 'opis'></textarea><br />n";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/upload.png' /> Загрузить";
echo "</button>";
echo "</form><div class = 'razd'><small>Новый файл будет загружен в специальную папку (Вложения)</small></div>n";
}
echo "</div>";
} else {
header("Location: ?id=$ank[id]&edit=$diary[id]&add&photo");
}
}
echo "<a href = '?id=$ank[id]&diary=$diary[id]'><div class = 'razd'><img src = '/style/icons/left.png' /> Назад</div></a>n";
} else {
if (isset($_GET['ok'])) {
$name = $_POST['name'];
if (utf8_strlen($name) > 60) {
$err[] = 'Название слишком длинное';
}
$name = mysql_real_escape_string($name);
$text = $_POST['text'];
if (utf8_strlen($text) > 100000) {
$err[] = 'Текст слишком длинный';
}
if ($text == NULL) {
$err[] = 'Текст слишком короткий';
}
$text = mysql_real_escape_string($text);
$tags = $_POST['tags'];
$tags = mysql_real_escape_string($tags);
$type = $_POST['type'];
$o18 = $_POST['+18'];
$no_komm = $_POST['no_komm'];
$tagss = explode(',', $tags);
$pass = $_POST['pass'];
if (count($tagss) > 10) {
$err[] = 'Не больше десяти меток';
}
if (!isset($err)) {
if ($type == 'pass' && $diary['pass'] != $pass) {
mysql_query("DELETE FROM `diary_enter` WHERE `id_diary` = '$diary[id]' AND `type` = 'dostyp'");
}
for ($i = 0; $i < count($tagss); $i++) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_tags` WHERE `name` = '$tagss[$i]' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_tags` (`id_user`, `name`) values ('$ank[id]', '$tagss[$i]')");
}
}
mysql_query("UPDATE `diary` SET `name` = '$name', `text` = '$text', `tags` = '$tags', `type` = '$type', ` 18` = '" . mysql_real_escape_string($o18) . "', `no_komm` = '$no_komm', `pass` = '$pass' WHERE `id` = '$diary[id]' LIMIT 1");
$_SESSION['edit_diary'] = 1;
header("location: ?id=$ank[id]&diary=$diary[id]");
}
} else {
echo "<div class = 'menu_razd'>Редактирование записи</div>n";
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&ok'>n";
echo "Название (60 знаков)<br/>";
echo "<input type = 'text' name = 'name' value = '$diary[name]' /><br/>n";
echo "Текст (100000 знаков)<br/>";
echo "<textarea name = 'text'>$diary[text]</textarea><br/>n";
echo "Метки (не больше 10-ти)<br/>";
echo "<input type = 'text' name = 'tags' value = '$diary[tags]' /><br/>n";
if ($diary['+18'] == '1') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type = "checkbox"$check name = "+18" value = "1" /> Только для взрослых</label><br />n";
if ($diary['no_komm'] == '1') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type = "checkbox"$check name = "no_komm" value = "1" /> Запретить добавлять комментарии</label><br />";
echo "Доступ:<br />";
if ($diary['type'] == 'all') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type = "radio"$check name = "type" value = "all" /><img src = '/style/icons/globe-small.png'/>Всем</label><br />n";
if ($diary['type'] == 'only_me') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="only_me" /><img src = '/style/icons/lock-small.png' />Только мне</label><br />n";
if ($diary['type'] == 'friends') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="friends" /><img src='/style/icons/user-small.png' />Только друзям</label><br />n";
if ($diary['type'] == 'pass') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="pass" /><img src='/style/icons/bullet_key.png' />Только по паролю n";
echo "<input name='pass' size='16' maxlength='16' type='text' value='$diary[pass]'/></label><br/>n";
if ($diary['type'] == 'list') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="list" /><img src='/style/icons/bullet_textfield.png' />Пользователям из <a href='?dl'>списка доступа</a></label><br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/save.png' /> Сохранить изменения";
echo "</button></form>";
}
echo "<a href='?id=$ank[id]&diary=$diary[id]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>";
}
} else {
echo "<div class='err'>Это не ваш дневник!</div>";
}
}
} elseif (isset($_GET['tag'])) {
$diary_tag = mysql_fetch_array(mysql_query("SELECT * FROM `diary_tags` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['tag']) . "' LIMIT 1"));
echo "<div class='razd'>Дневники с меткой <b>''" . text::toOutput($diary_tag['name']) . "''</b></div>n";
echo "<div class='razd'>Поиск по метке <a href='/diary'>Все дневники</a><br/></div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id_user` = '$ank[id]' AND `tags` like '%$diary_tag[name]%'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' AND `tags` like '%$diary_tag[name]%' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
if (mysql_num_rows($diary_list) == 0) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if (utf8_strlen($post['name']) > 0) {
echo "<img src='/style/icons/book.png' /> <b>" . text::toOutput($post['name']) . "</b><br/>n";
} else {
echo "<img src='/style/icons/book' /> n";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<span style='float: right; font-size: small; color: grey'><a class='icolink' href='?id=$avtor[id]&del=$post[id]' title='удалить' style='color:red;font-size:small'><b>x</b></a> | <a class='icolink' href='?id=$avtor[id]&edit=$post[id]' title='редактировать' style='color:green;font-size:small'><b>ред</b></a></span>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<span style='color:#79358c'>Комментариев: $count_komm</span> | <span style='color:#79358c'>Время создания: " . vremja($post['time']) . "</span><br/>";
if ($user['level'] >= 0) {
echo "<a href='?id=$avtor[id]&diary=$post[id]'>Обсудить <img src='img/row.png' /></a>n";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if (utf8_strlen($post['name']) >= 8) {
echo "<img src='/style/icons/book.png' /> <b>" . text::toOutput($post['name']) . "</b><br/>n";
} else {
echo "<img src='/style/icons/book.png' /> n";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class='right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='удалить'><img src='/style/icons/cross.png' /></a> <a href='?id=$avtor[id]&edit=$post[id]' title='редактировать'><img src='/style/icons/set.png' /></a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<img src='/style/icons/comment_white.png' /> $count_komm <img src='/style/icons/time.png' /> " . vremja($post['time']) . "<br/>";
if ($user['level'] >= 0) {
echo "<img src='/style/icons/book--pencil.png' /> <a href='?id=$avtor[id]&diary=$post[id]'>Обсудить</a>";
}
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?id=$ank[id]&tag=$diary_tag[id]&back_diary=$_GET[back_diary]&", $k_page, $page);
}
//echo "<a href='?id=$ank[id]&diary=$_GET[back_diary]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
} elseif (isset($_GET['diary'])) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['diary']) . "' AND `id_user` = '$ank[id]'LIMIT 1"));
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$diary[id_user]' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['diary']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) != 0) {
if ($diary['type'] == 'only_me') {
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
require_once 'diary_form.php';
} else {
echo "<div class='err'>Запись доступна только автору!</div>";
}
} elseif ($diary['type'] == 'friends') {
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$diary[id_user]') OR (`user` = '$diary[id_user]' AND `frend` = '$user[id]')"), 0) != 0) {
require_once 'diary_form.php';
} else {
echo "<div class='err'>Запись доступна только друзям автора!</div>";
}
} elseif ($diary['type'] == 'pass') {
if (!isset($_POST['pass']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0 && $user['level'] == 0 && $user['id'] != $avtor['id']) {
echo "<div class='err'>Доступ запрещен пользователем!<br /> Чтобы пройти в дневник пользователя, введите пароль:</div>";
echo "<form class = 'razd' action="$SCRIPT_NAME" method="post">";
echo "<input type="text" name="pass" />";
echo "<br /><input type="submit" name="go" /></form>";
} elseif (isset($_POST['pass']) && $_POST['pass'] != $diary['pass'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0 && isset($user)) {
echo "<div class='err'>Пароль не правильный<br/></div>";
} elseif (isset($_POST['pass']) && $_POST['pass'] == $diary['pass'] || $user['id'] == $avtor['id'] || mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) != 0 && isset($user) || $user['level'] > 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_enter` (`id_user`, `id_diary`, `type`) values ('$user[id]', '$diary[id]', 'dostyp')");
}
require_once 'diary_form.php';
}
} elseif ($diary['type'] == 'list') {
if ($user['id'] == $diary['id_user'] || $user['level'] > 0 || mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_user` = '$ank[id]' AND `id_ank` = '$user[id]'"), 0) != 0) {
require_once 'diary_form.php';
} else {
echo "<div class='err'>Доступ к записи закрыт!</div>";
}
} else {
require_once 'diary_form.php';
}
} else {
echo "<div class='err'>Запись не найдена!</div>";
}
} elseif (isset($_GET['info']) && $user['level'] >= 0) {
echo "<div class='menu_razd'>Краткое инфо о дневнике</div>n";
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['info']) . "' AND `id_user` = '$ank[id]'LIMIT 1"));
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$diary[id_user]' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['info']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) != 0) {
if (isset($_GET['write_diary'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['write_diary']) . "' LIMIT 1"));
if ($doc['write_diary'] == 0) {
echo "<a href='?id=$ank[id]&info=$diary[id]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "Вы действительно хотите запретить писать дневники даному пользователю?<br />n";
echo "<form method='post' action='?id=$ank[id]&info=$diary[id]&write_diary=$doc[id]'>n";
echo "<input type='submit' name='ok' value='Да' />n";
echo "</form>n";
echo "<small> <a href='?id=$ank[id]&info=$diary[id]'>Нет</a></small><br />n";
}
} else {
echo "<div class='backlink'><img src='img/back.png' alt=''/><a href='?id=$ank[id]&info=$diary[id]'>Назад</a></div>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "Вы действительно хотите разрешить писать дневники даному пользователю?<br />n";
echo "<form method='post' action='?id=$ank[id]&info=$diary[id]&write_diary=$doc[id]'>n";
echo "<input type='submit' name='ok' value='Да' />n";
echo "</form>n";
echo "<small> <a href='?id=$ank[id]&info=$diary[id]'>Нет</a></small><br />n";
}
}
} else {
echo "<div class='menu'>n";
echo "<span style='float: right; font-size: small; color: grey'><a class='icolink' href='?id=$avtor[id]&del=$diary[id]' title='удалить' style='color:red;font-size:small'><b>x</b></a> | <a class='icolink' href='?id=$avtor[id]&edit=$diary[id]' title='редактировать' style='color:green;font-size:small'><b>ред</b></a></span>n";
echo "<u>Данный дневник создал <a href='/info.php'><span style='color:#79358c'>$avtor[nick]</span></a></u><br/>n";
echo "<span style='color:#79358c'>Время создания:</span> " . vremja($diary['time']) . "<br/>";
echo "<span style='color:#79358c'>Комментариев:</span> " . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$diary[id]'"), 0) . "<br/>";
echo "<span style='color:#79358c'>Просмотров:</span> <a href='?id=$avtor[id]&diary=$diary[id]&visits&back'>$diary[count_visits]</a><br/>";
echo "<span style='color:#79358c'>В закладках у <a href='?id=$avtor[id]&diary=$diary[id]&user_bm&back'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]'"), 0) . " чел.</a></span><br/>";
echo "<span style='color:#79358c'>Жалоб на дневник: <a href='?id=$avtor[id]&diary=$diary[id]&cmpl&back'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'"), 0) . "</a></span><br/>";
if ($diary['poll'] == 1) {
echo "<font color='green'>К дневнику прикреплен <a href='?id=$avtor[id]&diary[id]&poll'>опрос</a></font><br/>";
}
echo "� <a href='?id=$avtor[id]&diary=$diary[id]'>Перейти в днев</a><br/>n";
echo "� <a href='?id=$ank[id]&info=$diary[id]&write_diary=$avtor[id]'>" . ($avtor['write_diary'] == '0' ? 'Запретить' : 'Разрешить') . " пользователю создавать дневники</a><br/>n";
echo "� <a href='?id=$avtor[id]'>Все дневники пользователя</a><br/>n";
echo "</div>n";
echo "<div class='backlink'><img src='img/back.png' /> <a href='/diary'>Назад</a></div>n";
}
} else {
echo "<div class='err'>Запись не найдена!</div>";
}
} elseif (isset($_GET['bookmarks'])) {
echo "<div class='menu_razd'>Закладки $ank[nick]</div>n";
if (isset($_GET['add'])) {
$diary_id = intval($_GET['add']);
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . mysql_real_escape_string($diary_id) . "' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . mysql_real_escape_string($diary_id) . "' LIMIT 1"), 0) == 0) {
echo "<div class='err'>Дневник не найден!</div>";
} elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]' AND `id_user` = '$user[id]' LIMIT 1"), 0) != 0) {
echo "<div class='err'>Дневник уже есть в ваших закладках!</div>";
} else {
if (isset($_POST['name']) && isset($_GET['ok'])) {
$name = mysql_real_escape_string($_POST['name']);
$name = text::esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['private'])) {
$private = '1';
} else {
$private = '0';
}
if (utf8_strlen($name) < 1) {
echo "Название слишком короткоеn";
} elseif (utf8_strlen($name) > 50) {
echo "Название слишком длинноеn";
} else {
mysql_query("INSERT INTO `diary_bookmarks` (`id_user`, `id_diary`, `name`, `time`, `private`) values ('$user[id]', '$diary_id', '" . mysql_real_escape_string($name) . "', '$time', '$private')");
msg("Дневник добавлен в закладки");
}
} else {
echo "<form method='post' class = 'razd' action='?id=$ank[id]&bookmarks&add=$diary[id]&ok'>n";
echo "Название (50 знаков)<br />";
echo "<input type='text' name='name' value='' /><br/>n";
echo "<label><input type="checkbox" name="private" value="1" /> Показывать только мне</label><br />n";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/add.png' /> Добавить";
echo "</button></form>";
}
echo "<a href='?id=$diary[id_user]&diary=$diary[id]'><div class='razd'><img src='/style/icons/left.png' />Назад</div></a>n";
}
} elseif (isset($_GET['edit_bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '$_GET[edit_bm]' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
echo "Закладка не найдена!n";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['edit_bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($user['id'] == $bm['id_user'] || $user['level'] >= 0) {
if (isset($_POST['name']) && isset($_GET['ok'])) {
$name = $_POST['name'];
$name = text::esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['private']) && $_POST['private'] == 1 && $bm['private'] == 0) {
$private = 1;
} elseif ($bm['private'] == 1 && (!isset($_POST['private']) || $_POST['private'] == 0)) {
$private = 0;
} else {
$private = $bm['private'];
}
if (utf8_strlen($name) < 1) {
$err[] = "Название слишком короткое";
} elseif (utf8_strlen($name) > 50) {
$err[] = "Название слишком длинное";
} else {
mysql_query("UPDATE `diary_bookmarks` SET `name` = '" . mysql_real_escape_string($name) . "', `private` = '$private' WHERE `id` = '$bm[id]' LIMIT 1");
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
header("location: ?id=$diary[id_user]&diary=$diary[id]");
} else
header("location: ?id=$ank[id]&bookmarks");
}
} else {
echo "<form method='post' class = 'razd' action='?id=$ank[id]&bookmarks&edit_bm=$bm[id]&back=diary&ok'>n";
echo "Название (50 знаков)<br/>";
echo "<input type='text' name='name' value='$bm[name]'/> <br />n";
if ($bm['private'] == 1) {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="checkbox"$check name="private" value="1" /> Показывать только мне</label><br />n";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/save.png' /> Сохранить изменения";
echo "</button></form>";
}
} else {
echo "<div class = 'err'>Это не ваша закладка!</div>";
}
}
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
echo "<a href='?id=$diary[id_user]&diary=$diary[id]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
} else {
echo "<a href='?id=$ank[id]&bookmarks'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
}
} elseif (isset($_GET['del_bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['del_bm']) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
echo "<div class = 'err'>Закладка не найдена!</div>";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['del_bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($user['id'] == $bm['id_user'] || $user['level'] >= 0) {
if (isset($_POST['ok']) && isset($_GET['ok'])) {
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
$_SESSION['back'] = $bm['id_diary'];
$_SESSION['back2'] = $diary['id_user'];
}
mysql_query("DELETE FROM `diary_bookmarks` WHERE `id` = '$bm[id]' AND `id_user` = '$ank[id]'");
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
header("location: ?id=$_SESSION[back2]&diary=$_SESSION[back]");
unset($_SESSION['back']);
unset($_SESSION['back2']);
} else {
header("location: ?id=$ank[id]&bookmarks");
}
} else {
echo "<form method='post' class = 'razd' action='?id=$ank[id]&bookmarks&del_bm=$bm[id]&back=diary&ok'>n";
echo "Вы уверены, что хотите удалить эту закладку?<br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/tick.png' /> Да";
echo "</button> <a href='?id=$ank[id]&bookmarks'>Нет</a></form>n";
}
} else {
echo "<div class = 'err'>Это не ваша закладка!</div>";
}
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
echo "<a href='?id=$diary[id_user]&diary=$diary[id]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
} else {
echo "<a href='?id=$ank[id]&bookmarks'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>";
}
}
} elseif (isset($_GET['bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['bm']) . "' LIMIT 1"), 0) == 0) {
echo "Закладка не найдена!n";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($bm['private'] == 1)
echo "<img src='img/closed.png' /> Закрытая закладка<br/>n";
elseif ($bm['private'] == 0)
echo "<img src='img/open.png' /> Открытая закладка<br/>n";
if ($bm['private'] == 1 && ($user['id'] == $bm['id_user'] || $user['level'] >= 0)) {
echo "Дата создания:" . vremja($bm['time']) . "<br/>n";
echo "Дневник:<a href='?id=$ank[id]&diary=$diary[id]'>Ссылка</a><br/>n";
} elseif ($bm['private'] == 0) {
echo "Дата создания:" . vremja($bm['time']) . "<br/>n";
echo "Дневник:<a href='?id=$diary[id_user]&diary=$diary[id]'>Ссылка</a><br/>n";
}
if ($bm['id_user'] == $user['id'] || $user['level'] >= 0) {
echo "<a class='icolink' href='?id=$ank[id]&bookmarks&del_bm=$bm[id]' title='удалить' style='color:red;font-size:small'><b>x</b></a>n";
echo " | <a class='icolink' href='?id=$ank[id]&bookmarks&edit_bm=$bm[id]&back=diary' title='редактировать' style='color:red;font-size:small'><b>ред</b></a>n";
}
echo "<div class='backlink'><img src='img/back.png' alt=''/><a href='?id=$bm[id_user]&bookmarks'>Назад</a></div>n";
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$bm_list = mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id_user` = '$ank[id]' ORDER BY time ASC LIMIT $start, $set[p_str]");
if (mysql_num_rows($bm_list) == 0) {
echo " <tr>n";
echo " <td class='p_t'>n";
echo "Список пустn";
echo " </td>n";
echo " </tr>n";
}
while ($post = mysql_fetch_array($bm_list)) {
if (isset($num) && $num == 1) {
echo "<div class='forum1'>";
$num = 0;
} else {
echo "<div class='forum2'>";
$num = 1;
}
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $post[id_diary] LIMIT 1"));
if ($post['private'] == 1)
echo "<img src='img/closed.png' />n";
elseif ($post['private'] == 0)
echo "<img src='img/open.png' />n";
echo "<a href='?id=$ank[id]&bookmarks&bm=$post[id]&back=diary'>$post[name]</a> <span style='color: #209143;font-size: small'>(" . vremja($post['time']) . ")</span>n";
if ($post['id_user'] == $user['id'] || $user['level'] >= 0) {
echo "<a class='icolink' href='?id=$ank[id]&bookmarks&del_bm=$post[id]' title='удалить' style='color:red;font-size:small'><b>x</b></a>n";
echo " | <a class='icolink' href='?id=$ank[id]&bookmarks&edit_bm=$post[id]&back=diary' title='редактировать' style='color:red;font-size:small'><b>ред</b></a>n";
}
echo "</div>n";
}
if ($k_page > 1) {
str("?id=$ank[id]&bookmarks&", $k_page, $page);
}
echo "</div>n";
}
} else {
if ($ank['diary_text'] != NULL) {
echo "<div class = 'razd'>$ank[diary_text]</div>n";
}
if ($ank['id'] == $user['id']) {
echo "<a href='?id=$ank[id]&add_new_diary'><div class = 'razd'><img src='/style/icons/add.png' /> Написать в дневнике</div></a>";
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC,`id` DESC LIMIT $start, $set[p_str]");
if (mysql_num_rows($diary_list) == 0) {
echo "<table class = 'blok'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<a href='?id=$avtor[id]'>";
echo text::gradient("$avtor[nick]", "$avtor[ncolor]", "$avtor[ncolor2]");
echo "</a>";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if (utf8_strlen($post['name']) > 0) {
echo "<img src='/style/icons/diary.png' /> <b>" . text::toOutput($post['name']) . "</b><br />";
} else {
echo "<img src='/style/icons/diary.png' /> ";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class='right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='Удалить дневник'><img src='/style/icons/cross.png' /></a>";
echo "<a href='?id=$avtor[id]&edit=$post[id]' title='Редактировать дневник'><img src='/style/icons/set.png' /></a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<span style='color:#79358c'>Комментариев: $count_komm</span> | <span style='color:#79358c'>Время создания: " . vremja($post['time']) . "</span><br/>";
if ($user['level'] >= 0) {
echo "<a href='?id=$avtor[id]&diary=$post[id]'>Обсудить <img src='img/row.png' /></a></div>n";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<a href='?id=$avtor[id]'>";
echo text::gradient("$avtor[nick]", "$avtor[ncolor]", "$avtor[ncolor2]");
echo "</a> ";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class = 'right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='Удалить дневник'><img src='/style/icons/cross.png' /></a>";
echo "<a href = '?id=$avtor[id]&edit=$post[id]' title='Редактировать дневник'><img src='/style/icons/set.png' /></a></div>";
}
echo "<div class = 'right' id = 'hides'>" . vremja($post['time']) . "</div>";
if (utf8_strlen($post['name']) >= 8) {
echo "<img src='/style/icons/diary.png' /> <b>" . text::toOutput($post['name']) . "</b><br/>n";
} else {
echo "<img src='/style/icons/diary.png' /> n";
}
$tmp = cut_diary($post['text']);
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
if ($user['level'] >= 0) {
echo "<a href='?id=$avtor[id]&diary=$post[id]'>Комментировать </a>";
}
echo "<img src='/style/icons/comment_white.png' /> $count_komm <br/>";
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?id=$ank[id]&", $k_page, $page);
}
if ($user['id'] == $ank['id']) {
echo "<a href='?edit_text'><div class='razd'><img src='/style/icons/set.png' /> Настройки страницы</div></a>n";
}
echo "<a href = '/info.php?id=$ank[id]'><div class='blok'><img src='/style/icons/left.png' /> Страница $ank[nick]</div></a>n";
}
}
} elseif (isset($_GET['cmpl']) && $user['level'] >= 8) {
$set['title'] = 'Дневники | Жалобы';
require_once '../sys/inc/thead.php';
aut();
err();
echo "<div class='menu_razd'>Жалобы</div>n";
if (isset($_GET['komm'])) {
if (isset($_GET['msg'])) {
echo "<a href='?cmpl&komm'><div class='razd'><img src='/style/icons/left.png' /> Жалобы на комментарии</div></a>";
$msg_id = intval($_GET['msg']);
$msg = mysql_fetch_array(mysql_query("SELECT * FROM `diary_cmpl` WHERE `id` = '$msg_id' AND `subject` = 'komm' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id` = '$msg[id]' AND `subject` = 'komm' LIMIT 1"), 0) == 0) {
echo "<div class='err'>Сообщение не найдено!</div>";
} elseif (utf8_strlen($msg['msg']) < 0) {
echo "<div class='err'>Сообщение не найдено!</div>";
} else {
echo "<div class = 'razd'>";
echo text::toOutput($msg['msg']);
echo "</div>";
}
} else {
echo "<div class = 'tabs'>";
echo "<a href = '?cmpl&komm' class = 'active'>Комментарии</a>";
echo "<a href = '?cmpl&diary'>Дневники</a>";
echo "</div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$cmpl_list = mysql_query("SELECT * FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm' ORDER BY time LIMIT $start, $set[p_str]");
if (mysql_num_rows($cmpl_list) == 0) {
echo "<table class = 'tabcontent'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
if (isset($_GET['ok'])) {
mysql_query("UPDATE `diary_cmpl` SET `ok` = '1' WHERE `id` = '" . intval($_GET['ok']) . "' AND `ok` = '0' AND `subject` = 'komm'");
header("Location:?cmpl&komm");
}
while ($post = mysql_fetch_array($cmpl_list)) {
echo "<table class = 'tabcontent'><tr><td class = 'null'>";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id` = '$post[id_subject]'"), 0) != 0) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$komm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_komm` WHERE `id` = $post[id_subject] LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $komm[id_diary] LIMIT 1"));
$avtor2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $komm[id_user] LIMIT 1"));
echo user($avtor['id']);
echo "<br />Писать жалобы: ";
if ($avtor['do_cmpl_diary'] == 0) {
echo "<font color = 'green'>Разрешено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>запретить</a>]<br/>n";
} else {
echo "<font color = 'red'>Запрещено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>разрешить</a>]<br/>n";
}
echo "Время: " . vremja($post['time']) . "<br />";
echo "Комментарий: <a href='?id=$diary[id_user]&diary=$diary[id]&otvet_komm=$komm[id]'>Ссылка</a><br/>n";
echo "Автор комментария: <a href='/info.php?id=$komm[id_user]'>$avtor2[nick]</a><br/>n";
echo "Причина жалобы:n";
if ($post['type'] == 'reklama') {
echo "Это реклама!n";
} elseif ($post['type'] == 'leks') {
echo "Нецензурная лексикаn";
} elseif ($post['type'] == 'oskorb') {
echo "Оскорблениen";
} elseif ($post['type'] == 'prop') {
echo "Пропаганда ненавистиn";
} elseif ($post['type'] == 'bessmsl') {
echo "Бессмысленная темаn";
} else {
echo "Иноеn";
}
if (utf8_strlen($post['msg']) > 0) {
echo " | <b><a href='?cmpl&komm&msg=$post[id]'>Сообщение</a></b> ";
} else {
echo "<br/>n";
}
} else {
echo "<font color='red'>Комментарий удален</font> ";
}
echo "<form method = 'POST' action = '?cmpl&komm&ok=$post[id]'>";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/tick.png' /> Проверено";
echo "</button></form>";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?cmpl&komm&", $k_page, $page);
}
echo "<a href='?cmpl'><div class='razd'><img src='/style/icons/left.png' />Жалобы</div></a>";
}
} elseif (isset($_GET['diary'])) {
if (isset($_GET['msg'])) {
echo "<a href='?cmpl&diary'><div class='razd'><img src='/style/icons/left.png' />Жалобы на дневники</div></a>";
$msg_id = intval($_GET['msg']);
$msg = mysql_fetch_array(mysql_query("SELECT * FROM `diary_cmpl` WHERE `id` = '$msg_id' AND `subject` = 'diary' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id` = '$msg[id]' AND `subject` = 'diary' LIMIT 1"), 0) == 0) {
echo "<div class='err'>Сообщение не найдено!</div>";
} elseif (utf8_strlen($msg['msg']) < 0) {
echo "<div class='err'>Сообщение не найдено!</div>";
} else {
echo "<div class = 'razd'>";
echo text::toOutput($msg['msg']);
echo "</div>";
}
} else {
echo "<div class = 'tabs'>";
echo "<a href = '?cmpl&komm'>Комментарии</a>";
echo "<a href = '?cmpl&diary' class = 'active'>Дневники</a>";
echo "</div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$cmpl_list = mysql_query("SELECT * FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary' ORDER BY time LIMIT $start, $set[p_str]");
if (mysql_num_rows($cmpl_list) == 0) {
echo "<table class = 'tabcontent'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
if (isset($_GET['ok'])) {
mysql_query("UPDATE `diary_cmpl` SET `ok` = '1', `id_resh` = '$user[id]' WHERE `id` = '" . intval($_GET['ok']) . "' AND `ok` = '0' AND `subject` = 'diary'");
header("Location: ?cmpl&diary");
}
while ($post = mysql_fetch_array($cmpl_list)) {
echo "<table class = 'tabcontent'><tr><td class = 'null'>";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '$post[id_subject]'"), 0) != 0) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $post[id_subject] LIMIT 1"));
$avtor2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $diary[id_user] LIMIT 1"));
echo user($avtor['id']);
echo "<br />Писать жалобы: ";
if ($avtor['do_cmpl_diary'] == 0) {
echo "<font color = 'green'>Разрешено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>запретить</a>]<br/>n";
} else {
echo "<font color = 'red'>Запрещено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>разрешить</a>]<br/>n";
}
echo "Время: " . vremja($post['time']) . "<br />";
echo "Дневник: <a href='?id=$diary[id_user]&diary=$post[id_subject]'>Ссылка</a><br/>n";
echo "Автор дневника: <a href='/info.php?id=$avtor2[id]'>$avtor2[nick]</a><br/>n";
echo "Причина жалобы:n";
if ($post['type'] == 'reklama') {
echo "Это реклама!n";
} elseif ($post['type'] == 'leks') {
echo "Нецензурная лексикаn";
} elseif ($post['type'] == 'oskorb') {
echo "Оскорблениen";
} elseif ($post['type'] == 'prop') {
echo "Пропаганда ненавистиn";
} elseif ($post['type'] == 'bessmsl') {
echo "Бессмысленная темаn";
} else {
echo "Иноеn";
}
if (utf8_strlen($post['msg']) > 0) {
echo " | <b><a href='?cmpl&diary&msg=$post[id]'>Сообщение</a></b>n";
}
$count_cmpl = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'"), 0);
if ($user['level'] >= 8) {
echo "<br/><a href='?id=$diary[id_user]&diary=$diary[id]&cmpl'>Еще жалобы на дневник ($count_cmpl)</a>n";
}
} else {
echo "<font color='red'>Дневник удален</font> ";
}
echo "<form method = 'POST' action = '?cmpl&diary&ok=$post[id]'>";
echo "<button class = 'btn'>";
echo "<img src = '/style/icons/tick.png' /> Проверено";
echo "</button></form>";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?cmpl&diary&", $k_page, $page);
}
echo "<a href='?cmpl'><div class='razd'><img src='/style/icons/left.png' />Жалобы</div></a>";
}
} elseif (isset($_GET['do_cmpl'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['do_cmpl']) . "' LIMIT 1"));
if ($doc['do_cmpl_diary'] == 0) {
echo "<a href='?cmpl'><div class='razd'><img src='/style/icons/left.png' />Жалобы</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `do_cmpl_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?cmpl&do_cmpl=$doc[id]'>n";
echo "Вы действительно хотите запретить писать жалобы даному пользователю?<br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/tick.png' /> Да";
echo "</button> <a href='?cmpl'>Нет</a></form>n";
}
} else {
echo "<a href='?cmpl'><div class='razd'><img src='/style/icons/left.png' />Жалобы</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `do_cmpl_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?cmpl&do_cmpl=$doc[id]'>n";
echo "Вы действительно хотите разрешить писать жалобы даному пользователю?<br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/tick.png' /> Да";
echo "</button> <a href='?cmpl'>Нет</a></form>n";
}
}
} else {
echo "<a href='/diary'><div class='razd'><img src='/style/icons/left.png' /> Дневники</div></a>n";
$diary_k = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm'"), 0);
$diary_d = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary'"), 0);
echo "<div class = 'razd'>";
echo "<img src='/style/icons/mini_right.png' /> <a href='?cmpl&komm'>Жалобы на комментарии</a> [$diary_k]<br/>n";
echo "<img src='/style/icons/mini_right.png' /> <a href='?cmpl&diary'>Жалобы на дневники</a> [$diary_d]";
echo "</div>";
}
} elseif (isset($_GET['dl']) && isset($user)) {
$set['title'] = 'Дневники | Список доступа';
require_once '../sys/inc/thead.php';
aut();
err();
echo "<div class='menu_razd'>Список доступа</div>n";
if (isset($_GET['del'])) {
mysql_query("DELETE FROM `diary_dl` WHERE `id_ank` = '" . mysql_real_escape_string($_GET[del]) . "' AND `id_user` = '$user[id]' LIMIT 1");
} elseif (isset($_GET['add']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_ank` = '$_GET[add]' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$_GET[add]' LIMIT 1"), 0) != 0) {
mysql_query("INSERT INTO `diary_dl` (`id_user`, `id_ank`) VALUES ('$user[id]', '" . mysql_real_escape_string($_GET[add]) . "')");
msg("Пользователь добавлен в список доступа");
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_user` = '$user[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$list = mysql_query("SELECT * FROM `diary_dl` WHERE `id_user` = '$user[id]' ORDER BY id_ank LIMIT $start, $set[p_str]");
if (mysql_num_rows($list) == 0) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
while ($post = mysql_fetch_array($list)) {
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_ank]' LIMIT 1"));
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<span style='font-size: small'><a href='/info.php?id=$ank[id]'><span style='color:#660066'>$ank[nick]</span></a></span> <font color='green'>[" . vremja($ank['date_last']) . "]</font>n";
echo "[<a class='icolink' href='?dl&del=$post[id_ank]' title='удалить' style='color:red;font-size:small'><b>x</b></a>]n";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?dl&", $k_page, $page);
}
}
} elseif (isset($_GET['bans'])) {
$set['title'] = 'Дневники | Список заблокированых';
require_once '../sys/inc/thead.php';
aut();
err();
echo "<div class='menu_razd'>Заблокированые пользователи</div>n";
if (isset($_GET['write_diary'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['write_diary']) . "' LIMIT 1"));
if ($doc['write_diary'] == 0) {
echo "<a href='?bans'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?bans&write_diary=$doc[id]'>n";
echo "Вы действительно хотите запретить писать дневники даному пользователю?<br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/tick.png' /> Да";
echo "</button> <a href='?bans'>Нет</a></form>n";
}
} else {
echo "<a href='?bans'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' action='?bans&write_diary=$doc[id]'>n";
echo "Вы действительно хотите разрешить писать дневники даному пользователю?<br />n";
echo "<button class = 'btn' name='ok'>";
echo "<img src = '/style/icons/tick.png' /> Да";
echo "</button> <a href='?bans'>Нет</a></form>n";
}
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `write_diary` = '1'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$baned = mysql_query("SELECT * FROM `user` WHERE `write_diary` = '1' ORDER BY nick LIMIT $start, $set[p_str]");
if (mysql_num_rows($baned) == 0) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
while ($post = mysql_fetch_array($baned)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<a href='/info.php?id=$post[id]'>$post[nick]</a> <font color='green'>[" . vremja($post['date_last']) . "]</font>n";
if ($post['write_diary'] == 0) {
echo "[<a href='?bans&write_diary=$post[id]' style='color:red;font-size:small'><b>x</b></a>]n";
} else {
echo "[<a href='?bans&write_diary=$post[id]' style='color:green;font-size:small'><b>x</b></a>]n";
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?bans&", $k_page, $page);
}
echo "<a href='/diary/'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
}
} elseif (isset($_GET['search'])) {
$set['title'] = 'Дневники | Поиск';
require_once '../sys/inc/thead.php';
aut();
err();
$search = NULL;
if (isset($_SESSION['search'])) {
$search = $_SESSION['search'];
}
if (isset($_POST['search'])) {
$search = $_POST['search'];
}
$_SESSION['search'] = $search;
$search = preg_replace("#( ){2,}#", " ", $search);
$search = preg_replace("#^( ){1,}|( ){1,}$#", "", $search);
if (isset($_GET['go']) && $search != NULL) {
$q_search = str_replace('%', '', $search);
$q_search = str_replace(' ', '%', $q_search);
echo "<div class='razd'>Результаты поиска <b>"" . htmlspecialchars($search) . ""</b></div>n";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `name` like '%" . mysql_escape_string($q_search) . "%' OR `text` like '%" . mysql_escape_string($q_search) . "%'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<img src = '/style/icons/bullet_error.png' /> Нет результатов";
echo "</td></tr></table>";
}
$q = mysql_query("SELECT * FROM `diary` WHERE `name` like '%" . mysql_escape_string($q_search) . "%' OR `text` like '%" . mysql_escape_string($q_search) . "%' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if (utf8_strlen($post['name']) > 0) {
echo "<img src='/style/icons/book.png' /> <b>" . text::toOutput($post['name']) . "</b><br/>n";
} else {
echo "<img src='/style/icons/book.png' /> n";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class='right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='удалить'><img src='/style/icons/cross.png' /></a> <a href='?id=$avtor[id]&edit=$post[id]' title='редактировать' ><img src='/style/icons/set.png' /></a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<img src='/style/icons/comment_white.png' /> $count_komm <img src='/style/icons/time.png' /> " . vremja($post['time']) . "<br/>";
if ($user['level'] >= 0) {
echo "<img src='/style/icons/book--pencil.png' /> <a href='?id=$avtor[id]&diary=$post[id]'>Обсудить</a>";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo " <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font><br/>n";
if (utf8_strlen($post['name']) > 0) {
echo "<img src='/style/icons/book.png' /> <b>" . text::toOutput($post['name']) . "</b><br/>n";
} else {
echo "<img src='/style/icons/book.png' /> n";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class='right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='удалить'><img src='/style/icons/cross.png' /></a> <a href='?id=$avtor[id]&edit=$post[id]' title='редактировать' ><img src='/style/icons/set.png' /></a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<img src='/style/icons/comment_white.png' /> $count_komm <img src='/style/icons/time.png' /> " . vremja($post['time']) . "<br/>";
if ($user['level'] >= 0) {
echo "<img src='/style/icons/book--pencil.png' /> <a href='?id=$avtor[id]&diary=$post[id]'>Обсудить</a>";
}
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?search&go&", $k_page, $page);
}
} else {
echo "<span style='font-size:small;color:darkblue'><b>Текст для поиска:</b></span><br/>";
}
echo'<form method="post" action="?search&go" class="razd">';
$search = stripcslashes(htmlspecialchars($search));
echo'<input type="text" name="search" maxlength="64" value="' . $search . '" /><br/>';
echo'<input type="submit" value="Поиск" />';
echo'</form>';
echo "<a href='/diary'><div class='razd'><img src='/style/icons/left.png' /> Дневники</div></a>";
} elseif (isset($_GET['edit_text']) && isset($user)) {
$set['title'] = 'Настройки страницы';
require_once '../sys/inc/thead.php';
aut();
err();
if (isset($_GET['ok'])) {
$text = $_POST['text'];
$text = text::esc(stripcslashes(htmlspecialchars($text)));
if (utf8_strlen($text) > 1024) {
$err[] = 'Текст слишком длинный';
}
$text = mysql_real_escape_string($text);
if (!isset($err)) {
mysql_query("UPDATE `user` SET `diary_text` = '$text' WHERE `id` = '$user[id]'");
header("Location:?id=$user[id]");
}
}
echo "<div class = 'blok'>Настройте вашу страницу дневников</div>";
echo "<form method = 'POST' class = 'blok' name = 'opis_set' action='?edit_text&ok'>n";
echo "Приветствие страницы (1024 знаков)<br/>";
echo L . "<textarea name='text'>$user[diary_text]</textarea><br/>n";
echo "<div class = 'button_blue'>";
echo "<button name='ok'>Сохранить изменения</button>";
echo "</div></form>";
} else {
$set['title'] = 'Дневники';
require_once '../sys/inc/thead.php';
aut();
err();
$search = NULL;
if (isset($_SESSION['search'])) {
$search = $_SESSION['search'];
}
if (isset($_POST['search'])) {
$search = $_POST['search'];
}
$_SESSION['search'] = $search;
$search = preg_replace("#( ){2,}#", " ", $search);
$search = preg_replace("#^( ){1,}|( ){1,}$#", "", $search);
$search = stripcslashes(htmlspecialchars($search));
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a href = '/pages/search/'>Люди</a>";
echo "<a href = '/diary/' class = 'active'>Дневники</a>";
echo "</div>";
echo "<form class = 'razd' action='?search&go' method='POST'>";
echo "<input type='search' name='search' value='$search' />";
echo "<button class = 'action'>";
echo "<img src = '/style/img/zoom.png' />";
echo "</button></form>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary`"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` ORDER BY `time` DESC,`id` DESC LIMIT $start, $set[p_str]");
if (mysql_num_rows($diary_list) == 0) {
echo "<div class = 'razd'>";
echo "<img src = '/style/img/error.png' /> Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<div class = 'razd'>";
if ($post['type'] == 'only_me' && ($user['id'] == $post['id_user'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<div class = 'right'><a href='?id=$avtor[id]'>";
echo text::gradient("$avtor[nick]", "$avtor[ncolor]", "$avtor[ncolor2]");
echo "</a> <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font></div>";
if (utf8_strlen($post['name']) > 0) {
echo "<a href = '?id=$avtor[id]&diary=$post[id]'><img src = '/style/img/book.png' /> <b>" . text::toOutput($post['name']) . "</b></a><br />";
} else {
echo "<img src = '/style/img/book.png' /> ";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class = 'right' id = 'hide'>";
echo "<a href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить'><img src = '/style/img/delete.png' /></a>";
echo "<a href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать'><img src = '/style/img/wrench.png' /></a>";
echo "</div>";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<img src='/style/icons/comment_white.png' /> $count_komm <img src='/style/icons/time.png' /> " . vremja($post['time']) . "<br/>";
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<div style = 'float: right;'><a href='?id=$avtor[id]'>";
echo text::gradient("$avtor[nick]", "$avtor[ncolor]", "$avtor[ncolor2]");
echo "</a> <font color='red'>n";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "[Закрытая запись, +18]";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "[Только для друзей, +18]";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "[Расширенные настройки, +18]";
} elseif ($post['type'] == 'only_me') {
echo "[Закрытая запись]";
} elseif ($post['type'] == 'friends') {
echo "[Только для друзей]";
} elseif ($post['type'] == 'pass') {
echo "[Расширенные настройки]";
} elseif ($post['type'] == 'list') {
echo "[Расширенные настройки]";
} elseif ($post['+18'] == '1') {
echo "[+18]";
}
echo "</font></div>";
if (utf8_strlen($post['name']) > 0) {
echo "<a href = '?id=$avtor[id]&diary=$post[id]'><img src = '/style/img/book.png' /> <b>" . text::toOutput($post['name']) . "</b></a><br />";
} else {
echo "<img src = '/style/img/book.png' /> n";
}
$tmp = cut_diary($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float: right;' id = 'hide'>";
echo "<a href = '?id=$avtor[id]&del=$post[id]' title = 'удалить'><img src = '/style/img/delete.png' /></a>";
echo "<a href = '?id=$avtor[id]&edit=$post[id]' title = 'редактировать'><img src = '/style/img/wrench.png' /></a>";
echo "</div>n";
}
echo htmlspecialchars($tmp) . "<br />";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<a class = 'button left'><span class = 'icon icon42' /><span class = 'label'>Комментарии </span></a>";
echo "<a class = 'button middle'><span class = 'label'>$count_komm</span></a>";
echo "<a class = 'button right'><span class = 'icon icon109'></span><span class = 'label'>" . vremja($post['time']) . "</span></a>";
}
echo "</div>";
}
if ($k_page > 1) {
str("?", $k_page, $page);
} // Вывод страниц
if (isset($user)) {
echo "<div class = 'razd'>";
echo "<img src = '/style/img/book_add.png' /> <a href = '?id=$user[id]&add_new_diary'>Создать дневник</a>n";
echo "</div>n";
}
if (isset($user) && $user['level'] >= 8) {
echo "<div class = 'razd'>";
echo "<img src = '/style/img/fire.png' alt = ''/> <a href = '?cmpl'>Жалобы</a><br />";
echo "<img src = '/style/img/text_columns.png' alt = ''/> <a href = '?bans'><u>Список нарушителей</u></a>n";
echo "</div>n";
}
}
require_once '../sys/inc/tfoot.php';
}
exit();