Файл: mklik.tk/besedka/user.php
Строк: 153
<?php
error_reporting(0);
session_name('PHP');
session_start();
include '../header/config.inc.php';
include '../header/function.inc.php';
include '../header/header.inc.php';
include '../header/connect.inc.php';
include '../header/click-club.class.php';
If (!isset($_GET['log'])) define("anybody","true");
include '../header/enter.inc.php';
include '../ban.php';
@mysql_query("update `".prefix."users` set `mesto`='В беседке', `online`='".time()."' where `id` = '".$_USER['id']."';");
//$news_id = mysql_escape_string(trim(intval($_GET['news_id'])));
//$sql = mysql_query("SELECT * FROM `news_news` WHERE `id` = '$news_id'");
//if (mysql_num_rows($sql) < '1') {
// header("Location: /news/");
//}
If (!isset($_GET['page']) || !is_numeric($_GET['page'])) $page=1;
else { $page=$_GET['page']; (int)$page;}
$userr = stripslashes(mysql_escape_string($_GET['user']));
$user = stripslashes(mysql_escape_string($_GET['user']));
$result=@mysql_query("SELECT * FROM `".prefix."users` WHERE `login`='".$user."'");
If(mysql_num_rows($result)) {
//header("Location: /besedka/");
$result=@mysql_query("SELECT * FROM `".prefix."chat` WHERE `user`='".$user."' ORDER BY `id` DESC LIMIT ".(($page-1)*num_best_on_page).",".(num_best_on_page+1));
If (!$result){
echo '<div class="menuindex">Oшибкa зaпpoca к бд...</div>';
break;
}
echo'<div class="downsw"><b>Сообщения пользователя</b></div>';
$next=false;
$num=mysql_num_rows($result);
If ($num>0){
If ($num<=num_best_on_page) $read=$num; else {
$read=num_best_on_page;
$next=true;
}
for ($i=0;$i<$read;$i++){
$id = ''.mysql_result($result,$i,'id').'';
$user = ''.mysql_result($result,$i,'user').'';
$login = ''.mysql_result($result,$i,'user').'';
$nastr = ''.mysql_result($result,$i,'nastr').'';
$date = ''.mysql_result($result,$i,'date').'';
$text = ''.mysql_result($result,$i,'text').'';
$anss = ''.mysql_result($result,$i,'ans').'';
$ansuser = ''.mysql_result($result,$i,'ansuser').'';
$text = smiles(parsebb(smile(antirek(antimat(stripslashes(nl2br($text)))))));
// $text=smiles($text);
//$text=smile($text);
$d = @mysql_query("select * from `".prefix."users` where login='".$user."'");
$dat = mysql_fetch_array($d);
$time = time();
$online = ($dat['online'] > ($time - 300));
switch($dat['online'])
{
case $online: $online='[<font color="#00AA00">On</font>]'; break;
default: $online='[<font color="red">Off</font>]'; break;}
$ggg=mysql_query("SELECT * FROM `".prefix."users` WHERE `login`='".$user."'");
$row=mysql_fetch_array($ggg);
$admin=$row['admin'];
$mod=@mysql_query("SELECT * FROM `".prefix."moderka` WHERE `mod`='".$user."'");
$rowj=mysql_fetch_array($mod);
$moders=$rowj['ml'];
if($moders=='1') $user ="<font color='0000aa'>".$user."</font></a> <img src='/m.gif' alt='!'/>";
if($moders=='2') $user ="<font color='11aa11'>".$user."</font></a> <img src='/m2.gif' alt='!'/>";
if($admin=='1') $user ="<font color='ff0000'>".$user."</font></a> <img src='/pod.gif' alt='!'/>";
$mode=@mysql_query("SELECT * FROM `".prefix."moderka` WHERE `mod`='".$_USER['login']."'");
If(!$mode){echo 'err';}
if (mysql_num_rows($mode)!=0){
$moder = $_USER['login'];
}
If ($_USER['admin'] || $moder){$adm ='[<a href="del.php?id='.$id.'"><font color="red">del</font></a>] [<a href="ans.php?id='.$id.'"><font color="yellow">Aотв</font></a>]'; }
if($_USER['login']==$login || $_USER['admin']) {$edit='[<a href="edit.php?id='.$id.'"><font color="yellow">ред</font></a>]';}
else{$edit='';}
if (!empty($anss)) {
$ans = smiles(smile(parsebb(stripslashes(nl2br(htmlspecialchars($anss))))));
$ans = '<div class="reply"><b><font color ="green">'.$ansuser.':</font></b> <br /><font color ="red">'.$ans.'</font></div>';
} else {
$ans = '';
}
echo '
<div class="menuindex"><a href="/info.php'.$_zapros.'user='.$login.'"><b>'.$user.'</b></a>'.$online.' <small>'.$nastr.'</small><small>['.$date.']</small> '.$adm.' [<a href="add.php?user='.$login.'"><font color="yellow">отв</font></a>]'.$edit.'<br />'.$text.'
'.$ans.'</div>
';
}
} else echo '<div class="menuindex">'.$user.'Cообщений нет!</div>';
echo '<div class="menuindex">';
If ($page>1) echo '<a href="'.$_zapros.'user='.$userr.'&page='.($page-1).'">';
echo '« Haзaд';
If ($page>1) echo '</a>';
echo ' | ';
If ($next) echo '<a href="'.$_zapros.'user='.$userr.'&page='.($page+1).'">';
echo 'Дaлee »';
If ($next) echo '</a>';
echo '</div>';
///////////////////////////////////////
include "../header/end.inc.php";
}else{echo '<div class="menuindex">Юзер не найден</div>';
include "../header/end.inc.php";
}
?>