Файл: modules/diary/index.php
Строк: 1203
<?php
/* Мод "Дневники"
* Версия v0.0.1
* Дата последнего редактирования 27.11.2014
* Двиг DCMS Special
* Модифицировал densnet
* Файл index.php
* Описание: выводит список дневников
*/
if (isset($_GET['img'])) {
require_once '../../sys/inc/start.php';
require_once H.'sys/inc/sess.php';
require_once H.'sys/inc/settings.php';
require_once H.'sys/inc/db_connect.php';
require_once H.'sys/inc/ipua.php';
require_once H.'sys/inc/fnc.php';
require_once H.'sys/inc/user.php';
if (!isset($_GET['p'])) {
exit;
}
$p = max(0, min(100, intval($_GET['p'])));
$k = max(0, intval(@$_GET['k']));
$a = max(0, intval(@$_GET['a']));
$x = 128;
$y = 10;
$x2 = @intval($x / (100 / $p));
$img = imagecreate($x, $y);
$col['back'] = imagecolorallocate($img, 460, 460, 0);
$col['draw'] = imagecolorallocate($img, 400, 400, 0);
$col['font'] = imagecolorallocate($img, 500, 500, 500);
$col['border'] = imagecolorallocate($img, 155, 155, 155);
imagefill($img, $x, $y, $col['back']);
imagefilledrectangle($img, 0, 0, $x2, $y, $col['draw']);
imagerectangle($img, 0, 0, $x - 1, $y - 1, $col['border']);
#imagettftext($img, 7, 0, $x / 10, $y - 2, $col['font'], H . 'sys/fonts/tahoma.ttf', "$p %");
imagestring($img, 1, $x / 10, 1, "$k/$a", $col['font']);
header("Content-type: image/png");
imagepng($img);
} else {
require_once '../../sys/inc/start.php';
require_once H.'sys/inc/compress.php';
require_once H.'sys/inc/sess.php';
require_once H.'sys/inc/settings.php';
require_once H.'sys/inc/db_connect.php';
require_once H.'sys/inc/ipua.php';
require_once H.'sys/inc/fnc.php';
require_once H.'sys/inc/user.php';
define('DIR_DIARY', '/modules/diary/');
if (isset($_GET['id'])) {
$id = abs(intval($_GET['id']));
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$id' LIMIT 1"));
$set['title'] = 'Дневники | ' . $ank['nick'] . '';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
$sel = mysql_query("SELECT * FROM `diary_files` ORDER BY id");
while ($selk = mysql_fetch_array($sel)) {
if ($selk['type'] == 'photo') {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` = '$selk[id_photo_local]' LIMIT 1"), 0) == 0) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$selk[id_diary]' LIMIT 1"));
if ($user['level'] >= 8) {
echo "Удалено фото из <a href = '?id=$diary[id_user]&diary=$diary[id]'>этого</a> дневника<br/>";
}
mysql_query("DELETE FROM `diary_files` WHERE `id` = '$selk[id]'");
}
} else {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `id` = '$selk[id_file_local]' LIMIT 1"), 0) == 0) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$selk[id_diary]' LIMIT 1"));
if ($user['level'] >= 8) {
echo "Удален файл из <a href = '?id=$diary[id_user]&diary=$diary[id]'>етого</a> дневника<br/>n";
}
mysql_query("DELETE FROM `diary_files` WHERE `id` = '$selk[id]'");
}
}
}
function zam($am) {
return strtr($am, " .&", "___");
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$ank[id]'"), 0) == 0) {
echo "<div class = 'errs'>Пользователь не найден!</div>";
} else {
if (isset($_GET['add_new_diary']) && $user['id'] == $ank['id']) {
if (isset($_GET['ok']) && isset($_POST['text'])) {
$name = $_POST['name'];
if ($Text->utf8_strlen($name) > 60) {
echo "<div class = 'errs'>Название слишком длинное</div>";
}
$name = mysql_real_escape_string($name);
$poll = $_POST['poll'];
$text = $_POST['text'];
if ($Text->utf8_strlen($text) > 100000) {
echo "<div class = 'errs'>Текст слишком длинный</div>";
}
if ($text == NULL) {
echo "<div class = 'errs'>Текст слишком короткий</div>";
}
$text = mysql_real_escape_string($text);
$tags = $_POST['tags'];
$tags = mysql_real_escape_string($tags);
$type = mysql_real_escape_string($_POST['type']);
$o18 = intval($_POST['+18']);
$no_komm = $_POST['no_komm'];
$tagss = explode(',', $tags);
if (count($tagss) > 10) {
echo "<div class = 'errs'>Не больше десяти меток!</div>";
}
if ($poll == '1') {
$poll_text = $_POST['poll_text'];
$result1 = $_POST['result1'];
if ($Text->utf8_strlen($result1) < 1) {
echo "<div class = 'errs'>1 вариант обязателен для заполнения</div>";
}
$result1 = mysql_real_escape_string($result1);
$result2 = $_POST['result2'];
if ($Text->utf8_strlen($result2) < 1) {
echo "<div class = 'errs'>2 вариант обязателен для заполнения</div>";
}
$result2 = mysql_real_escape_string($result2);
$result3 = $_POST['result3'];
$result3 = mysql_real_escape_string($result3);
$result4 = $_POST['result4'];
$result4 = mysql_real_escape_string($result4);
$result5 = $_POST['result5'];
$result5 = mysql_real_escape_string($result5);
$result6 = $_POST['result6'];
$result6 = mysql_real_escape_string($result6);
$result7 = $_POST['result7'];
$result7 = mysql_real_escape_string($result7);
$result8 = $_POST['result8'];
$result8 = mysql_real_escape_string($result8);
$result9 = $_POST['result9'];
$result9 = mysql_real_escape_string($result9);
$result10 = $_POST['result10'];
$result10 = mysql_real_escape_string($result10);
if ($Text->utf8_strlen($poll_text) < 1) {
echo "<div class = 'errs'>Введите текст</div>";
}
if ($Text->utf8_strlen($text) > 10024) {
echo "<div class = 'errs'>Текст слишком длинный</div>";
}
$poll_text = mysql_real_escape_string($poll_text);
$poll_time = $time + $_POST['poll_time'];
}
$pass = $_POST['pass'];
if (!isset($err)) {
for ($i = 0; $i < count($tagss); $i++) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_tags` WHERE `name` = '" . mysql_real_escape_string($tagss[$i]) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_tags` (`id_user`, `name`) values ('$user[id]', '" . mysql_real_escape_string($tagss[$i]) . "')");
}
}
if ($poll == '1') {
mysql_query("INSERT INTO `diary` (`id_user`, `name`, `text`, `time`, `tags`, `type`, `poll`, ` 18`, `no_komm`, `poll_text`, `poll_time`, `pass`) values ('$user[id]', '$name', '$text', '$time', '$tags', '$type', '1', '$o18', '" . mysql_real_escape_string($no_komm) . "', '$poll_text', '$poll_time', '$pass')");
} else {
mysql_query("INSERT INTO `diary` (`id_user`, `name`, `text`, `time`, `tags`, `type`, `poll`, `+18`, `no_komm`, `pass`) values ('$user[id]', '$name', '$text', '$time', '$tags', '$type', '0', '$o18', '" . intval($no_komm) . "', '$pass')");
}
$diary = mysql_insert_id();
if ($poll == '1') {
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result1', '1')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result2', '2')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result3', '3')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result4', '4')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result5', '5')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result6', '6')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result7', '7')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result8', '8')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result9', '9')");
mysql_query("INSERT INTO `diary_poll` (`id_diary`, `var`, `num`) VALUES ('$diary', '$result10', '10')");
}
$q = mysql_query("SELECT * FROM `friends` WHERE `user` = '$user[id]' AND `lenta_diary` = '1' AND `i` = '1'");
while ($f = mysql_fetch_array($q)) {
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[friends]' LIMIT 1"));
$msg_lenta = "[url=/modules/diary/?id=$user[id]&diary=$diary]" . $name . "[/url]";
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msg_lenta', '$time')");
}
header("Location:?id=$ank[id]&diary=$diary");
}
}
echo "<form method = 'post' class = 'razd' name = 'add' action = '?id=$ank[id]&add_new_diary&ok'>";
echo "<b>Название (60 знаков)</b><br />";
echo "<input type = 'text' name = 'name' value = '' /><br />";
echo "<b>Текст (10000 знаков)</b><br/>";
echo text::auto_bb('add', 'text');
echo "<textarea name = 'text' aria-required = 'true' aria-invalid = 'false' required = 'required'></textarea><br/>n";
echo "<b>Метки (не больше 10-ти)</b><br />";
echo "<input type = 'text' name = 'tags' value = '' /><br />";
echo "<label><input type = 'checkbox' name = '+18' value = '1' /> Только для взрослых</label><br />";
echo "<label><input type = 'checkbox' name = 'no_komm' value = '1' /> Запретить добавлять комментарии</label><br />";
echo "<br /><b>Давать доступ</b><br />";
echo "<label><input type = 'radio' name = 'type' value = 'all' checked = 'checked'/>" . img('globe-small.png') . "Всем</label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'only_me' />" . img('lock-small.png') . "Только мне</label> <br />";
echo "<label><input type = 'radio' name = 'type' value = 'friends' />" . img('user-small.png') . "Только друзьям</label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'pass' />" . img('bullet_key.png') . "Только по паролю <br />";
echo "<input name = 'pass' size = '16' maxlength = '16' type = 'text' value = '' /></label><br />";
echo "<label><input type = 'radio' name = 'type' value = 'list' />" . img('bullet_textfield.png') . "Пользователям из <a href = '?dl'>списка доступа</a></label><br />";
echo "<br /><label><input type = 'checkbox' name = 'poll' value = '1' /> Прикрепить опрос</label><br />";
echo "<textarea name = 'poll_text'></textarea><br />";
echo "<b>Варианты ответов</b> <br />";
echo "<input type = 'text' name = 'result1' value = '' />*<br />";
echo "<input type = 'text' name = 'result2' value = '' />*<br />";
echo "<input type = 'text' name = 'result3' value = '' /><br />";
echo "<input type = 'text' name = 'result4' value = '' /><br />";
echo "<input type = 'text' name = 'result5' value = '' /><br />";
echo "<input type = 'text' name = 'result6' value = '' /><br />";
echo "<input type = 'text' name = 'result7' value = '' /><br />";
echo "<input type = 'text' name = 'result8' value = '' /><br />";
echo "<input type = 'text' name = 'result9' value = '' /><br />";
echo "<input type = 'text' name = 'result10' value = '' /><br />";
echo "<b>Дата окончания через</b> <br />";
echo "<select name = 'poll_time'>";
echo ""
. "<option value = '145152000' selected = 'selected'>Бессрочное</option>"
. "<option value = '86400'>1 День</option>"
. "<option value = '259200'>3 Дня</option>"
. "<option value = '604800'>1 Неделю</option>"
. "<option value = '2419200'>1 Месяц</option>"
. "<option value = '2419200'>3 Месяца</option></select><br />";
echo "<button class = 'action'>";
echo "<span class = 'label'><span class = 'icon icon44' /> Добавить</span>";
echo "</button></form>";
} elseif (isset($_GET['del'])) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['del']) . "' LIMIT 1"));
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
if (isset($_POST['ok'])) {
if ($diary['poll'] == '1') {
mysql_query("DELETE FROM `diary_poll` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_pollen` WHERE `id_diary` = '$diary[id]'");
}
$komms = mysql_query("SELECT * FROM `diary_komm` WHERE `id_diary` = '$diary[id]'");
while ($post = mysql_fetch_array($komms)) {
mysql_query("DELETE FROM `diary_cmpl` WHERE `id_subject` = '$post[id]' AND `subject` = 'komm'");
}
mysql_query("DELETE FROM `diary_komm` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_komm_wrote` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_visited` WHERE `id_diary` = '$diary[id]'");
mysql_query("DELETE FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'");
mysql_query("DELETE FROM `diary` WHERE `id` = '$diary[id]'");
header("Location: ?id=$ank[id]");
} elseif (isset($_POST['abort'])) {
header("Location: ?id=$ank[id]&diary=$diary[id]");
} else {
echo "<div class = 'razdel'>Удаление записи</div>n";
echo "<form method = 'POST' class = 'razd' action = '?id=$ank[id]&del=$diary[id]'>n";
echo "Вы действительно хотите удалить запись?<br />";
echo "<input type = 'hidden' name = 'id' value = '" . md5($diary['id']) . "' />n";
echo "<input type = 'hidden' name = 'name' value = '" . md5($diary['name']) . "' />n";
echo "<button name = 'ok' class = 'action'>";
echo "<span class = 'label'><span class = 'icon icon44' /> Да</span>";
echo "</button>";
echo "<button name = 'abort' class = 'action'>";
echo "<span class = 'label'> Отмена</span>";
echo "</button></form>n";
}
} else {
echo "<div class = 'errs'>Не хватает прав!</div>";
}
} elseif (isset($_GET['edit'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['edit']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Запись не найдена!</div>";
} else {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['edit']) . "' LIMIT 1"));
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
if (isset($_GET['add'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]'"), 0) == '3') {
echo "<div class = 'errs'>Хватит и трех файлов!</div>";
} else {
if (isset($_GET['photo'])) {
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a class = 'active'>Фото</a>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&file'>Файлы</a>";
echo "</div>";
if (isset($_GET['local'])) {
if (isset($_GET['dir']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['dir']) . "' LIMIT 1"), 0) != 0) {
$gallery = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '" . intval($_GET['dir']) . "' AND `id_user` = '$ank[id]' LIMIT 1"));
if (isset($_GET['id_photo']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' AND `id` = '" . intval($_GET['id_photo']) . "' LIMIT 1"), 0) != 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_photo_local` = '" . intval($_GET['id_photo']) . "'"), 0) == 0) {
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_photo_local`) VALUES ('$diary[id]', 'photo', '" . intval($_GET['id_photo']) . "')");
}
header("Location: ?id=$ank[id]&edit=$diary[id]");
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
echo "<div class = 'razd'>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local&dir=$gallery[id]&id_photo=$post[id]'>";
echo "<img src = '/modules/foto/foto48/$post[id].$post[ras]' alt = 'Фото_$post[id]' /> $post[name]</a>";
echo "</div>";
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `gallery` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
$foto = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$post[id]' ORDER BY RAND()"));
echo "<div class = 'razd'>";
if ($foto == null) {
echo "<img src = '/modules/foto/foto48/0.png' alt = 'Нет фото' />";
} else {
echo "<img src = '/modules/foto/foto48/$foto[id].$foto[ras]' alt = 'Фото_$foto[id]' /> ";
}
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local&dir=$post[id]'><b>$post[name]</b><div class = 'count'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$post[id]'"), 0) . " фото</div></a>n";
echo "</div>";
}
if ($k_page > 1) {
str('?id=$ank[id]&edit=$diary[id]&add&local_photo&', $k_page, $page);
}
}
} else {
echo "<div class = 'razd'>Вы можете <b><a href = '?id=$ank[id]&edit=$diary[id]&add&photo&local'>выбрать уже добавленное фото</a></b> или выгрузить новое:</div>";
if (isset($_GET['ok'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `gallery` (`name`, `id_user`) values ('Вложения', '$ank[id]')");
$id_dir = mysql_insert_id();
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$id_dir' AND `id_user` = '$ank[id]' LIMIT 1"));
} else {
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `gallery` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' LIMIT 1"));
}
if ($imgc = @imagecreatefromstring(file_get_contents($_FILES['file']['tmp_name']))) {
$name = $Text->esc(stripcslashes(htmlspecialchars($_POST['name'])), 1);
if ($name == null) {
$name = $Text->esc(stripcslashes(htmlspecialchars(preg_replace('#.[^.]*$#i', NULL, $_FILES['file']['name']))));
} // имя файла без расширения)),1);
if (preg_match("#{|}|^|%|\$|#|@|!|~|'|"|`|<|>#", $name)) {
echo "<div class = 'errs'> В названии фото присутствуют запрещенные символы</div>";
}
if ($Text->utf8_strlen($name) < 3) {
echo "<div class = 'errs'> Короткое название</div>";
}
if ($Text->utf8_strlen($name) > 50) {
echo "<div class = 'errs'> Название не должно быть длиннее 50 символов</div>";
}
$name = mysql_real_escape_string($name);
$msg = $_POST['opis'];
if ($Text->utf8_strlen($msg) > 10024) {
echo "<div class = 'errs'> Длина описания превышает предел в 10024 символов</div>";
}
$msg = mysql_real_escape_string($msg);
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
if ($img_x > $set['max_upload_foto_x'] || $img_y > $set['max_upload_foto_y']) {
echo "<div class = 'errs'>Размер изображения превышает ограничения в $set[max_upload_foto_x]*$set[max_upload_foto_y]</div>";
}
if (!isset($err)) {
mysql_query("INSERT INTO `gallery_foto` (`id_gallery`, `name`, `ras`, `type`, `opis`) values ('$id_dir[id]', '$name', 'jpg', 'image/jpeg', '$msg')");
$id_foto = mysql_insert_id();
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_photo_local`) VALUES ('$diary[id]', 'photo', '$id_foto')");
mysql_query("UPDATE `gallery` SET `time` = '$time' WHERE `id` = '$id_dir[id]' LIMIT 1");
if ($img_x == $img_y) {
$dstW = 48; // ширина
$dstH = 48; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 48;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 48;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagejpeg($screen, H . "sys/gallery/48/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/48/$id_foto.jpg", 0777);
imagedestroy($screen);
if ($img_x == $img_y) {
$dstW = 128; // ширина
$dstH = 128; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 128;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 128;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
$screen = img_copyright($screen); // наложение копирайта
imagejpeg($screen, H . "sys/gallery/128/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/128/$id_foto.jpg", 0777);
imagedestroy($screen);
if ($img_x > 640 || $img_y > 640) {
if ($img_x == $img_y) {
$dstW = 640; // ширина
$dstH = 640; // высота
} elseif ($img_x > $img_y) {
$prop = $img_x / $img_y;
$dstW = 640;
$dstH = ceil($dstW / $prop);
} else {
$prop = $img_y / $img_x;
$dstH = 640;
$dstW = ceil($dstH / $prop);
}
$screen = imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
$screen = img_copyright($screen); // наложение копирайта
imagejpeg($screen, H . "sys/gallery/640/$id_foto.jpg", 90);
imagedestroy($screen);
$imgc = img_copyright($imgc); // наложение копирайта
imagejpeg($imgc, H . "sys/gallery/foto/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/foto/$id_foto.jpg", 0777);
} else {
$imgc = img_copyright($imgc); // наложение копирайта
imagejpeg($imgc, H . "sys/gallery/640/$id_foto.jpg", 90);
imagejpeg($imgc, H . "sys/gallery/foto/$id_foto.jpg", 90);
@chmod(H . "sys/gallery/foto/$id_foto.jpg", 0777);
}
@chmod(H . "sys/gallery/640/$id_foto.jpg", 0777);
imagedestroy($imgc);
header("Location: ?id=$ank[id]&diary=$diary[id]");
}
} else {
$err[] = 'Выбранный Вами формат изображения не поддерживается';
}
}
echo "<form enctype = "multipart/form-data" class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&add&photo&ok' method = "post">";
echo "<b>Название</b><br />n";
echo "<input name = 'name' type = 'text' /><br />n";
echo "<b>Файл</b><br />n";
echo "<input name = 'file' type = 'file' accept = 'image/*,image/jpeg' /><br />n";
echo "<b>Описание</b><br />n";
echo L . "<textarea name = 'opis'></textarea><br />n";
echo "<button class = 'active'>";
echo "<span class = 'label'><span class = 'icon icon189' /> Выгрузить</span>";
echo "</button>";
echo "</form><div class = 'razd'><small>Новый файл будет загружен в специальную папку (Вложения)</small></div>";
}
} elseif (isset($_GET['file'])) {
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&photo'>Фото</a>";
echo "<a class = 'active'>Файлы</a>";
echo "</div>";
if (isset($_GET['local'])) {
if (isset($_GET['dir'])) {
$dir = $_GET['dir'];
} else {
$dir = 0;
}
$q = mysql_query("SELECT * FROM `user_dir` WHERE `id_user` = '$ank[id]' AND `dir` = '$dir' ORDER BY `name` ASC");
if (isset($_GET['id_file']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['id_file']) . "' LIMIT 1"), 0) != 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_file_local` = '" . intval($_GET['id_file']) . "'"), 0) == 0) {
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_file_local`) VALUES ('$diary[id]', 'file', '" . intval($_GET['id_file']) . "')");
}
header("Location: ?id=$ank[id]&edit=$diary[id]");
}
while ($post = mysql_fetch_array($q)) {
$set['p_str'] = 15;
$list[] = array('dir' => 1, 'post' => $post);
}
$q = mysql_query("SELECT * FROM `user_files` WHERE `dir` = '$dir' AND `id_user` = '$ank[id]' ORDER BY `time` DESC");
while ($post = mysql_fetch_array($q)) {
$set['p_str'] = 8;
$list[] = array('dir' => 0, 'post' => $post);
}
$k_post = @sizeof($list);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
for ($i = $start; $i < $k_post && $i < $set['p_str'] * $page; $i++) {
if ($list[$i]['dir'] == 1) {
$post = $list[$i]['post'];
$k_f = 0;
$q3 = mysql_query("SELECT * FROM `user_dir` WHERE `dir` = '$post[id]'");
while ($post2 = mysql_fetch_array($q3)) {
$k_f = $k_f + mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$post2[id]'"), 0);
}
$k_f = $k_f + mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$post[id]'"), 0);
echo "<div class = 'razd'>";
echo img('folder.png') . " <a href = '?id=$ank[id]&edit=$diary[id]&add&file&local&dir=$post[id]'>$post[name]</a> ($k_f)n";
echo "</div>";
} else {
$post = $list[$i]['post'];
$ras = $post['ras'];
$name = $post['name'];
$size = $post['size'];
$file_id['id'] = $post['id'];
echo "<div class = 'razd'>";
if (is_file(H . "sys/files/screens/$file_id[id].png")) {
echo "<img src = '/sys/files/screens/$file_id[id].png' alt = 'Скрин...' />n";
}
echo "<br/>n";
if (is_file(H . "style/img/files/$ras.png")) {
echo "<img src = '/style/img/files/$ras.png' alt = '$ras'/>n";
} else {
echo img('file.png');
}
echo "<a href = '?id=$ank[id]&edit=$diary[id]&add&file&local&dir=$dir&id_file=$file_id[id]'>$post[name].$post[ras]</a>n";
echo "<span style = 'color:#209143;font-size:small'>(" . size_file($size) . ")</span>n";
echo "<br/>n";
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files_komm` WHERE `id_file` = '$post[id]'"), 0);
echo "<span style = 'font-size:small;color:gray'>Скачано $post[k_loads] раз, $count комментариев.</span>n";
echo "</div>";
}
if ($k_page > 1) {
str('?id=$ank[id]&id=$diary[id]&add&file&local&dir=$dir', $k_page, $page);
}
}
} else {
echo "<div class = 'razd'>Вы можете <b><a href = '?id=$ank[id]&edit=$diary[id]&add&file&local'>выбрать уже добавленный файл</a></b> или выгрузить новый:</div>";
if (isset($_GET['ok'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_dir` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `user_dir` (`name`, `id_user`, `dir`) values ('Вложения', '$ank[id]', '0')");
$id_dir = mysql_insert_id();
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `user_dir` WHERE `id` = '$id_dir' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"));
} else {
$id_dir = mysql_fetch_array(mysql_query("SELECT * FROM `user_dir` WHERE `name` = 'Вложения' AND `id_user` = '$ank[id]' AND `dir` = '0' LIMIT 1"));
}
if (!isset($_FILES['file'])) {
echo "<div class = 'errs'> Ошибка при выгрузке файла</div>";
} else {
$file = $Text->esc(stripcslashes(htmlspecialchars($_FILES['file']['name'])));
$file = preg_replace('(#|?)', NULL, $file);
$name = preg_replace('#.[^.]*$#i', NULL, $file);
$imya = zam($name);
$ras = strtolower(preg_replace('#^.*.#i', NULL, $file));
$size = filesize($_FILES['file']['tmp_name']);
$rasss = explode(';', $ras);
$ras_ok = false;
for ($i = 0; $i < count($rasss); $i++) {
if ($rasss[$i] != NULL && $ras == $rasss[$i]) {
$ras_ok = true;
}
}
if (!$ras_ok) {
$err = 'Неверное расширение файла';
}
$opis = NULL;
if (isset($_POST['opis'])) {
$opis = stripslashes(htmlspecialchars($Text->esc($_POST['opis'])));
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_files` WHERE `dir` = '$id_dir[id]' AND `name` = '$imya'"), 0) != 0) {
echo "<div class = 'errs'> Файл с таким названием уже есть в этой папке</div>";
}
if (!isset($err)) {
mysql_query("INSERT INTO `user_files` (`dir`, `name`, `ras`, `size`, `time`, `id_user`, `opis` )VALUES ('$id_dir[id]', '$imya', '$ras', '$size', '$time', '$ank[id]', '$opis' )");
$id_file = mysql_insert_id();
$file_id = mysql_fetch_array(mysql_query("SELECT * FROM `user_files` WHERE `id` = '$id_file' LIMIT 1"));
mysql_query("INSERT INTO `diary_files` (`id_diary`, `type`, `id_file_local`) VALUES ('$diary[id]', 'file', '$id_file')");
if (!@copy($_FILES['file']['tmp_name'], H . "sys/files/$id_file.dat")) {
mysql_query("DELETE FROM `user_files` WHERE `id` = '$id_file' LIMIT 1");
mysql_query("DELETE FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `id_file_local` = '$id_file' LIMIT 1");
echo "<div class = 'errs'>Ошибка при выгрузке</div>";
}
header("location: ?id=$ank[id]&diary=$diary[id]");
}
}
}
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&add&file&ok' enctype = 'multipart/form-data'>n";
echo "<b>Файл</b><br />n";
echo "<input name = 'file' type = 'file'/><br />n";
echo "<b>Описание</b><br />n";
echo "<textarea name = 'opis'></textarea><br />n";
echo "<button class = 'active'>";
echo "<span class = 'label'><span class = 'icon icon189' /> Выгрузить</span>";
echo "</button>";
echo "</form><div class = 'razd'><small>Новый файл будет загружен в специальную папку (Вложения)</small></div>n";
}
} else {
header("Location: ?id=$ank[id]&edit=$diary[id]&add&photo");
}
}
echo "<a href = '?id=$ank[id]&diary=$diary[id]'><div class = 'razd'>" . img('left.png') . " Назад</div></a>n";
} else {
if (isset($_GET['ok'])) {
$name = $_POST['name'];
if ($Text->utf8_strlen($name) > 60) {
$err[] = 'Название слишком длинное';
}
$name = mysql_real_escape_string($name);
$text = $_POST['text'];
if ($Text->utf8_strlen($text) > 10000) {
$err[] = 'Текст слишком длинный';
}
if ($text == NULL) {
$err[] = 'Текст слишком короткий';
}
$text = mysql_real_escape_string($text);
$tags = mysql_real_escape_string($_POST['tags']);
$tags = mysql_real_escape_string($tags);
$type = mysql_real_escape_string($_POST['type']);
$o18 = intval($_POST['+18']);
$no_komm = $_POST['no_komm'];
$tagss = explode(',', $tags);
$pass = $_POST['pass'];
if (count($tagss) > 10) {
$err[] = 'Не больше десяти меток';
}
if (!isset($err)) {
if ($type == 'pass' && $diary['pass'] != $pass) {
mysql_query("DELETE FROM `diary_enter` WHERE `id_diary` = '$diary[id]' AND `type` = 'dostyp'");
}
for ($i = 0; $i < count($tagss); $i++) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_tags` WHERE `name` = '$tagss[$i]' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_tags` (`id_user`, `name`) values ('$ank[id]', '$tagss[$i]')");
}
}
//mysql_query("INSERT INTO `diary` (`id_user`, `name`, `text`, `time`, `tags`, `type`, `poll`, `+18`, `no_komm`, `pass`) values ('$user[id]', '$name', '$text', '$time', '$tags', '$type', '0', '$o18', '" . intval($no_komm) . "', '$pass')");
mysql_query("UPDATE `diary` SET `name` = '$name', `text` = '$text', `tags` = '$tags', `type` = '$type', `+18` = '" . mysql_real_escape_string($o18) . "', `no_komm` = '" . intval($no_komm) . "', `pass` = '$pass' WHERE `id` = '$diary[id]' LIMIT 1");
$_SESSION['edit_diary'] = 1;
header("location: ?id=$ank[id]&diary=$diary[id]");
}
} else {
echo "<div class = 'razdel'>Редактирование записи</div>n";
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&edit=$diary[id]&ok'>n";
echo "<b>Название (60 знаков)</b><br/>";
echo "<input type = 'text' name = 'name' value = '$diary[name]' /><br/>n";
echo "<b>Текст (10000 знаков)</b><br/>";
echo "<textarea name = 'text'>" . $Text->toOutput($diary['text']) . "</textarea><br/>n";
echo "<b>Метки (не больше 10-ти)</b><br/>";
echo "<input type = 'text' name = 'tags' value = '$diary[tags]' /><br/>n";
echo "<label><input type = 'checkbox'" . ($diary['+18'] ? " checked = 'checked'" : null) . " name = '+18' value = '1' /> Только для взрослых</label><br />";
echo "<label><input type = 'checkbox'" . ($diary['no_komm'] ? " checked = 'checked'" : null) . " name = 'no_komm' value = '1' /> Запретить добавлять комментарии</label><br />";
echo "<b>Доступ:</b><br />";
if ($diary['type'] == 'all') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type = 'radio'$check name = 'type' value = 'all' />" . img('globe-small.png') . "Всем</label><br />n";
if ($diary['type'] == 'only_me') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="only_me" />" . img('lock-small.png') . "Только мне</label><br />n";
if ($diary['type'] == 'friends') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="friends" />" . img('user-small.png') . "Только друзям</label><br />n";
if ($diary['type'] == 'pass') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="pass" />" . img('bullet_key.png') . "Только по паролю <br />";
echo "<input name='pass' size='16' maxlength='16' type='text' value='$diary[pass]'/></label><br/>n";
if ($diary['type'] == 'list') {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="radio"$check name="type" value="list" />" . img('bullet_textfield.png') . "Пользователям из <a href='?dl'>списка доступа</a></label><br />n";
echo "<button class = 'active' name='ok'>";
echo "<span class = 'label'><span class = 'icon icon67' /> Сохранить</span>";
echo "</button></form>";
}
echo "<div class = 'razd'>" . img('left.png') . " <a href = '?id=$ank[id]&diary=$diary[id]'>Назад</a></div>";
}
} else {
echo "<div class = 'errs'>Это не ваш дневник!</div>";
}
}
} elseif (isset($_GET['tag'])) {
$diary_tag = mysql_fetch_array(mysql_query("SELECT * FROM `diary_tags` WHERE `id_user` = '$ank[id]' AND `id` = '" . intval($_GET['tag']) . "' LIMIT 1"));
echo "<div class = 'razd'>Дневники с меткой <b>''" . $Text->toOutput($diary_tag['name']) . "''</b></div>n";
echo "<div class = 'razd'>" . img('left.png') . " <a href = '".DIR_DIARY."'>Все дневники</a></div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id_user` = '$ank[id]' AND `tags` like '%$diary_tag[name]%'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' AND `tags` like '%$diary_tag[name]%' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
if (mysql_num_rows($diary_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo "<div style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></div>";
echo "<br />";
if ($Text->utf8_strlen($post['name']) > 0) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b><br/>n";
} else {
echo img('book.png') . " n";
}
$tmp = text::cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float:right;'>";
echo "<a class = 'add' href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a> ";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать'>" . img('set_mini.png') . "</a>";
echo "</div>";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<br /><a class = 'add'>" . img('comment_white.png') . " $count_komm</a> <a class = 'add'>" . $Date->time($post['time']) . "</a> ";
if ($user['level'] >= 0) {
echo "<a class = 'add' href='?id=$avtor[id]&diary=$post[id]'>" . img('pen.png') . " Обсудить</a>";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
user($avtor['id']) . "n";
echo "<div style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></div>";
echo "<br />";
if ($Text->utf8_strlen($post['name']) >= 8) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b><br/>n";
} else {
echo img('book.png');
}
$tmp = text::cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float:right;'>";
echo "<a class = 'add' href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a> ";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать'>" . img('set_mini.png') . "</a>";
echo "</div>";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<br /><a class = 'add'>" . img('comment_white.png') . " $count_komm</a> <a class = 'add'>" . $Date->time($post['time']) . "</a> ";
if ($user['level'] >= 0) {
echo "<a class = 'add' href='?id=$avtor[id]&diary=$post[id]'>" . img('pen.png') . " Обсудить</a>";
}
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?id=$ank[id]&tag=$diary_tag[id]&back_diary=$_GET[back_diary]&", $k_page, $page);
}
//echo "<a href='?id=$ank[id]&diary=$_GET[back_diary]'><div class='razd'><img src='/style/icons/left.png' /> Назад</div></a>n";
} elseif (isset($_GET['diary'])) {
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['diary']) . "' AND `id_user` = '$ank[id]'LIMIT 1"));
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$diary[id_user]' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['diary']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) != 0) {
if ($diary['type'] == 'only_me') {
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8) {
require_once 'diary_form.php';
} else {
echo "<div class = 'errs'>Запись доступна только автору!</div>";
}
} elseif ($diary['type'] == 'friends') {
if ($user['id'] == $diary['id_user'] || $user['level'] >= 8 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$diary[id_user]') OR (`user` = '$diary[id_user]' AND `frend` = '$user[id]')"), 0) != 0) {
require_once 'diary_form.php';
} else {
echo "<div class = 'errs'>Запись доступна только друзям автора!</div>";
}
} elseif ($diary['type'] == 'pass') {
if (!isset($_POST['pass']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0 && $user['level'] == 0 && $user['id'] != $avtor['id']) {
echo "<div class = 'errs'>Доступ запрещен пользователем!<br /> Чтобы пройти в дневник пользователя, введите пароль:</div>";
echo "<form class = 'razd' action="$SCRIPT_NAME" method="post">";
echo "<input type="text" name="pass" />";
echo "<br /><input type="submit" name="go" /></form>";
} elseif (isset($_POST['pass']) && $_POST['pass'] != $diary['pass'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0 && isset($user)) {
echo "<div class='errs'>Пароль не правильный<br/></div>";
} elseif (isset($_POST['pass']) && $_POST['pass'] == $diary['pass'] || $user['id'] == $avtor['id'] || mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) != 0 && isset($user) || $user['level'] > 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_enter` WHERE `id_user` = '$user[id]' AND `id_diary` = '$diary[id]' AND `type` = 'dostyp' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `diary_enter` (`id_user`, `id_diary`, `type`) values ('$user[id]', '$diary[id]', 'dostyp')");
}
require_once 'diary_form.php';
}
} elseif ($diary['type'] == 'list') {
if ($user['id'] == $diary['id_user'] || $user['level'] > 0 || mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_user` = '$ank[id]' AND `id_ank` = '$user[id]'"), 0) != 0) {
require_once 'diary_form.php';
} else {
echo "<div class = 'errs'>Доступ к записи закрыт!</div>";
}
} else {
require_once 'diary_form.php';
}
} else {
echo "<div class = 'errs'>Запись не найдена!</div>";
}
} elseif (isset($_GET['info']) && $user['level'] >= 0) {
echo "<div class = 'razdel'>Информация о дневнике</div>n";
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . intval($_GET['info']) . "' AND `id_user` = '$ank[id]'LIMIT 1"));
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$diary[id_user]' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . intval($_GET['info']) . "' AND `id_user` = '$ank[id]' LIMIT 1"), 0) != 0) {
if (isset($_GET['write_diary'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['write_diary']) . "' LIMIT 1"));
if ($doc['write_diary'] == 0) {
echo "<a href = '?id=$ank[id]&info=$diary[id]'><div class = 'razd'>" . img('left.png') . " Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method = 'post' class = 'razd' action='?id=$ank[id]&info=$diary[id]&write_diary=$doc[id]'>n";
echo "Вы действительно хотите запретить писать дневники данному пользователю?<br />n";
echo "<input type = 'submit' name = 'ok' value = 'Да' />n";
echo "<small> <a href = '?id=$ank[id]&info=$diary[id]'>Нет</a></small><br />n";
echo "</form>n";
}
} else {
echo "<a href = '?id=$ank[id]&info=$diary[id]'><div class = 'razd'>" . img('left.png') . " Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&info=$diary[id]&write_diary=$doc[id]'>n";
echo "Вы действительно хотите разрешить писать дневники данному пользователю?<br />n";
echo "<input type = 'submit' name = 'ok' value = 'Да' />n";
echo "<small> <a href = '?id=$ank[id]&info=$diary[id]'>Нет</a></small><br />n";
echo "</form>n";
}
}
} else {
echo "<div class = 'razd'>n";
echo "<span style = 'float: right;'><a class = 'add' href = '?id=$avtor[id]&del=$diary[id]' title = 'Удалить'>" . img('del.png') . "</a> ";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$diary[id]' title = 'Редактировать'>" . img('set_mini.png') . "</a></span>n";
echo "<u>Данный дневник создал <a href = '/info.php'>$avtor[nick]</a></u><br />";
echo "Время создания: " . $Date->time($diary['time']) . "<br/>";
echo "Комментариев: " . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$diary[id]'"), 0) . "<br />";
echo "Просмотров: <a href = '?id=$avtor[id]&diary=$diary[id]&visits&back'>$diary[count_visits]</a><br/>";
echo "В закладках у <a href = '?id=$avtor[id]&diary=$diary[id]&user_bm&back'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]'"), 0) . " чел.</a><br/>";
echo "Жалоб на дневник: <a href = '?id=$avtor[id]&diary=$diary[id]&cmpl&back'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'"), 0) . "</a><br/>";
if ($diary['poll'] == 1) {
echo "<font color='green'>К дневнику прикреплен <a href='?id=$avtor[id]&diary[id]&poll'>опрос</a></font><br/>";
}
echo "<a href='?id=$avtor[id]&diary=$diary[id]'>Перейти в днев</a><br/>n";
echo "<a href='?id=$ank[id]&info=$diary[id]&write_diary=$avtor[id]'>" . ($avtor['write_diary'] == '0' ? 'Запретить' : 'Разрешить') . " пользователю создавать дневники</a><br/>n";
echo "<a href='?id=$avtor[id]'>Все дневники пользователя</a><br/>n";
echo "</div>n";
echo "<div class = 'razd'>" . img('left.png') . " <a href = '".DIR_DIARY."'>Вернуться</a></div>";
}
} else {
echo "<div class = 'errs'>Запись не найдена!</div>";
}
} elseif (isset($_GET['bookmarks'])) {
echo "<div class = 'razdel'>Закладки $ank[nick]</div>n";
if (isset($_GET['add'])) {
$diary_id = intval($_GET['add']);
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '" . mysql_real_escape_string($diary_id) . "' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '" . mysql_real_escape_string($diary_id) . "' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Дневник не найден!</div>";
} elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_diary` = '$diary[id]' AND `id_user` = '$user[id]' LIMIT 1"), 0) != 0) {
echo "<div class = 'errs'>Дневник уже есть в ваших закладках!</div>";
} else {
if (isset($_POST['name']) && isset($_GET['ok'])) {
$name = mysql_real_escape_string($_POST['name']);
$name = $Text->esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['private'])) {
$private = '1';
} else {
$private = '0';
}
if ($Text->utf8_strlen($name) < 1) {
echo "<div class = 'errs'>Название слишком короткое</div>";
} elseif ($Text->utf8_strlen($name) > 50) {
echo "<div class = 'errs'>Название слишком длинное</div>";
} else {
mysql_query("INSERT INTO `diary_bookmarks` (`id_user`, `id_diary`, `name`, `time`, `private`) values ('$user[id]', '$diary_id', '" . mysql_real_escape_string($name) . "', '$time', '$private')");
msg("Дневник добавлен в закладки");
}
} else {
echo "<form method = 'post' class = 'razd' action = '?id=$ank[id]&bookmarks&add=$diary[id]&ok'>n";
echo "<b>Название (50 знаков)</b><br />";
echo "<input type = 'text' name = 'name' value = '' /><br />";
echo "<label><input type="checkbox" name="private" value="1" /> Показывать только мне</label><br />n";
echo "<button class = 'active'>";
echo "<span class = 'label'><span class = 'icon icon44' /> Добавить</span>";
echo "</button></form>";
}
echo "<a href='?id=$diary[id_user]&diary=$diary[id]'><div class = 'razd'>" . img('left.png') . " Назад</div></a>n";
}
} elseif (isset($_GET['edit_bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '$_GET[edit_bm]' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Закладка не найдена!</div>";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['edit_bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($user['id'] == $bm['id_user'] || $user['level'] >= 0) {
if (isset($_POST['name']) && isset($_GET['ok'])) {
$name = $_POST['name'];
$name = $Text->esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['private']) && $_POST['private'] == 1 && $bm['private'] == 0) {
$private = 1;
} elseif ($bm['private'] == 1 && (!isset($_POST['private']) || $_POST['private'] == 0)) {
$private = 0;
} else {
$private = $bm['private'];
}
if ($Text->utf8_strlen($name) < 1) {
$err[] = "<div class = 'errs'>Название слишком короткое</div>";
} elseif ($Text->utf8_strlen($name) > 50) {
$err[] = "<div class = 'errs'>Название слишком длинное</div>";
} else {
mysql_query("UPDATE `diary_bookmarks` SET `name` = '" . mysql_real_escape_string($name) . "', `private` = '$private' WHERE `id` = '$bm[id]' LIMIT 1");
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
header("location: ?id=$diary[id_user]&diary=$diary[id]");
} else {
header("location: ?id=$ank[id]&bookmarks");
}
}
} else {
echo "<form method = 'post' class = 'razd' action='?id=$ank[id]&bookmarks&edit_bm=$bm[id]&back=diary&ok'>n";
echo "<b>Название (50 знаков)</b><br/>";
echo "<input type='text' name='name' value='$bm[name]'/> <br />n";
if ($bm['private'] == 1) {
$check = ' checked="checked"';
} else {
$check = NULL;
}
echo "<label><input type="checkbox"$check name="private" value="1" /> Показывать только мне</label><br />n";
echo "<button class = 'active'>";
echo "<span class = 'label'><span class = 'icon icon67' /> Сохранить</span>";
echo "</button></form>";
}
} else {
echo "<div class = 'errs'>Это не ваша закладка!</div>";
}
}
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
echo "<div class = 'razd'>" . img('left.png') . " <a href = '?id=$diary[id_user]&diary=$diary[id]'>Вернуться</a></div>";
} else {
echo "<div class = 'razd'>" . img('left.png') . " <a href = '?id=$ank[id]&bookmarks'>Вернуться</a></div>";
}
} elseif (isset($_GET['del_bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['del_bm']) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Закладка не найдена!</div>";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['del_bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($user['id'] == $bm['id_user'] || $user['level'] >= 0) {
if (isset($_POST['ok']) && isset($_GET['ok'])) {
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
$_SESSION['back'] = $bm['id_diary'];
$_SESSION['back2'] = $diary['id_user'];
}
mysql_query("DELETE FROM `diary_bookmarks` WHERE `id` = '$bm[id]' AND `id_user` = '$ank[id]'");
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
header("location: ?id=$_SESSION[back2]&diary=$_SESSION[back]");
unset($_SESSION['back']);
unset($_SESSION['back2']);
} else {
header("location: ?id=$ank[id]&bookmarks");
}
} else {
echo "<form method = 'post' class = 'razd' action='?id=$ank[id]&bookmarks&del_bm=$bm[id]&back=diary&ok'>n";
echo "Вы уверены, что хотите удалить эту закладку?<br />n";
echo "<button class = 'active' name='ok'>Да</button> <a href='?id=$ank[id]&bookmarks'>Нет</a></form>n";
}
} else {
echo "<div class = 'errs'>Это не ваша закладка!</div>";
}
if (isset($_GET['back']) && $_GET['back'] == 'diary') {
echo "<a href='?id=$diary[id_user]&diary=$diary[id]'><div class = 'razd'>" . img('left.png') . " Назад</div></a>n";
} else {
echo "<a href='?id=$ank[id]&bookmarks'><div class='razd'>" . img('left.png') . " Назад</div></a>";
}
}
} elseif (isset($_GET['bm'])) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['bm']) . "' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Закладка не найдена!</div>";
} else {
$bm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id` = '" . intval($_GET['bm']) . "' LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = '$bm[id_diary]' LIMIT 1"));
if ($bm['private'] == 1) {
echo img('lock-small.png') . " Закрытая закладка<br/>n";
} elseif ($bm['private'] == 0) {
echo img('ulock-small.png') . " Открытая закладка<br/>n";
}
if ($bm['private'] == 1 && ($user['id'] == $bm['id_user'] || $user['level'] >= 0)) {
echo "Дата создания:" . $Date->time($bm['time']) . "<br/>n";
echo "Дневник: <a href='?id=$ank[id]&diary=$diary[id]'>Ссылка</a><br/>n";
} elseif ($bm['private'] == 0) {
echo "Дата создания:" . $Date->time($bm['time']) . "<br/>n";
echo "Дневник: <a href='?id=$diary[id_user]&diary=$diary[id]'>Ссылка</a><br/>n";
}
if ($bm['id_user'] == $user['id'] || $user['level'] >= 0) {
echo "<a class = 'add' href = '?id=$ank[id]&bookmarks&del_bm=$bm[id]' title = 'удалить'>" . img('del.png') . "</a>n";
echo "<a class = 'add' href = '?id=$ank[id]&bookmarks&edit_bm=$bm[id]&back=diary' title = 'редактировать'>" . img('set_mini.png') . "</a>n";
}
echo "<div class = 'razd'>" . img('left.png') . " <a href = '?id=$bm[id_user]&bookmarks'>Вернуться</a></div>";
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_bookmarks` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$bm_list = mysql_query("SELECT * FROM `diary_bookmarks` WHERE `id_user` = '$ank[id]' ORDER BY time ASC LIMIT $start, $set[p_str]");
if (mysql_num_rows($bm_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($bm_list)) {
echo "<div class = 'razd'>";
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $post[id_diary] LIMIT 1"));
if ($post['private'] == 1) {
echo img('lock-small.png');
} elseif ($post['private'] == 0) {
echo img('ulock-small.png');
}
echo "<a href = '?id=$ank[id]&bookmarks&bm=$post[id]&back=diary'>$post[name]</a> (" . $Date->time($post['time']) . ")";
if ($post['id_user'] == $user['id'] || $user['level'] >= 0) {
echo "<span style = 'float:right;'>";
echo "<a class = 'add' href = '?id=$ank[id]&bookmarks&del_bm=$post[id]' title = 'Удалить'>" . img('del.png') . "</a> ";
echo "<a class = 'add' href = '?id=$ank[id]&bookmarks&edit_bm=$post[id]&back=diary' title = 'Редактировать'>" . img('set_mini.png') . "</a>";
echo "</span>";
}
echo "</div>n";
}
if ($k_page > 1) {
str("?id=$ank[id]&bookmarks&", $k_page, $page);
}
}
} else {
if ($ank['diary_text'] != NULL) {
echo "<div class = 'razd'>$ank[diary_text]</div>n";
}
if ($ank['id'] == $user['id']) {
echo "<a href = '?id=$ank[id]&add_new_diary'><div class = 'razd'>" . img('plus.png') . " Написать в дневнике</div></a>";
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id_user` = '$ank[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC,`id` DESC LIMIT $start, $set[p_str]");
if (mysql_num_rows($diary_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>n";
echo user($avtor['id']);
echo "<br />";
if ($Text->utf8_strlen($post['name']) > 0) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b> (" . $Date->time($post['time']) . ")<br />";
} else {
echo img('book.png') . " (" . $Date->time($post['time']) . ")";
}
$tmp = text::cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div class='right' id = 'hide'><a href='?id=$avtor[id]&del=$post[id]' title='Удалить дневник'><img src='/style/icons/cross.png' /></a>";
echo "<a href='?id=$avtor[id]&edit=$post[id]' title='Редактировать дневник'><img src='/style/icons/set.png' /></a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "Комментариев: $count_komm<br/>";
if ($user['level'] >= 0) {
echo "<a href='?id=$avtor[id]&diary=$post[id]'>Обсудить </a>";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>n";
echo user($avtor['id']);
echo "<br />";
if ($Text->utf8_strlen($post['name']) >= 8) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b> (" . $Date->time($post['time']) . ")<br/>n";
} else {
echo img('book.png') . " (" . $Date->time($post['time']) . ")n";
}
$tmp = text::cut_text($post['text']);
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float:right;' id = 'hide'><a class = 'add' href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить дневник'>" . img('del.png') . "</a>";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать дневник'>" . img('set_mini.png') . "</a></div>";
}
echo "<br />";
if ($user['level'] >= 0) {
echo "<a class = 'add' href='?id=$avtor[id]&diary=$post[id]'>Комментировать </a>";
}
echo "<a class = 'add'>" . img('comment_white.png') . " $count_komm </a><br/>";
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?id=$ank[id]&", $k_page, $page);
}
if ($user['id'] == $ank['id']) {
echo "<a href = '?edit_text'><div class = 'razd'>" . img('set_mini.png') . " Настройки страницы</div></a>n";
}
echo "<div class = 'razd'>" . img('left.png') . " <a href = '/info.php?id=$ank[id]'>Вернуться в профиль</a></div>";
}
}
} elseif (isset($_GET['cmpl']) && $user['level'] >= 8) {
$set['title'] = 'Дневники | Жалобы';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
echo "<div class = 'razdel'>Жалобы</div>n";
if (isset($_GET['komm'])) {
if (isset($_GET['msg'])) {
echo "<a href = '?cmpl&komm'><div class = 'razd'>" . img('left.png') . " Жалобы на комментарии</div></a>";
$msg_id = intval($_GET['msg']);
$msg = mysql_fetch_array(mysql_query("SELECT * FROM `diary_cmpl` WHERE `id` = '$msg_id' AND `subject` = 'komm' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id` = '$msg[id]' AND `subject` = 'komm' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Сообщение не найдено!</div>";
} elseif ($Text->utf8_strlen($msg['msg']) < 0) {
echo "<div class = 'errs'>Сообщение не найдено!</div>";
} else {
echo "<div class = 'razd'>";
echo $Text->toOutput($msg['msg']);
echo "</div>";
}
} else {
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a href = '?cmpl&komm' class = 'active'>Комментарии</a>";
echo "<a href = '?cmpl&diary'>Дневники</a>";
echo "</div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$cmpl_list = mysql_query("SELECT * FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm' ORDER BY time LIMIT $start, $set[p_str]");
if (mysql_num_rows($cmpl_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
if (isset($_GET['ok'])) {
mysql_query("UPDATE `diary_cmpl` SET `ok` = '1' WHERE `id` = '" . intval($_GET['ok']) . "' AND `ok` = '0' AND `subject` = 'komm'");
header("Location:?cmpl&komm");
}
while ($post = mysql_fetch_array($cmpl_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id` = '$post[id_subject]'"), 0) != 0) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$komm = mysql_fetch_array(mysql_query("SELECT * FROM `diary_komm` WHERE `id` = $post[id_subject] LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $komm[id_diary] LIMIT 1"));
$avtor2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $komm[id_user] LIMIT 1"));
echo user($avtor['id']);
echo "<br />Писать жалобы: ";
if ($avtor['do_cmpl_diary'] == 0) {
echo "<font color = 'green'>Разрешено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>запретить</a>]<br/>n";
} else {
echo "<font color = 'red'>Запрещено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>разрешить</a>]<br/>n";
}
echo "Время: " . $Date->time($post['time']) . "<br />";
echo "Комментарий: <a href='?id=$diary[id_user]&diary=$diary[id]&otvet_komm=$komm[id]'>Ссылка</a><br/>n";
echo "Автор комментария: <a href='/info.php?id=$komm[id_user]'>$avtor2[nick]</a><br/>n";
echo "Причина жалобы:n";
if ($post['type'] == 'reklama') {
echo "Это реклама!n";
} elseif ($post['type'] == 'leks') {
echo "Нецензурная лексикаn";
} elseif ($post['type'] == 'oskorb') {
echo "Оскорблениen";
} elseif ($post['type'] == 'prop') {
echo "Пропаганда ненавистиn";
} elseif ($post['type'] == 'bessmsl') {
echo "Бессмысленная темаn";
} else {
echo "Иноеn";
}
if ($Text->utf8_strlen($post['msg']) > 0) {
echo " | <b><a href='?cmpl&komm&msg=$post[id]'>Сообщение</a></b> ";
} else {
echo "<br/>n";
}
} else {
echo "<font color='red'>Комментарий удален</font> ";
}
echo "<form method = 'POST' action = '?cmpl&komm&ok=$post[id]'>";
echo "<button class = 'active'>";
echo img('tick.png') . " Проверено";
echo "</button></form>";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?cmpl&komm&", $k_page, $page);
}
echo "<a href = '?cmpl'><div class = 'razd'>" . img('left.png') . " Жалобы</div></a>";
}
} elseif (isset($_GET['diary'])) {
if (isset($_GET['msg'])) {
echo "<a href = '?cmpl&diary'><div class = 'razd'>" . img('left.png') . " Жалобы на дневники</div></a>";
$msg_id = intval($_GET['msg']);
$msg = mysql_fetch_array(mysql_query("SELECT * FROM `diary_cmpl` WHERE `id` = '$msg_id' AND `subject` = 'diary' LIMIT 1"));
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id` = '$msg[id]' AND `subject` = 'diary' LIMIT 1"), 0) == 0) {
echo "<div class = 'errs'>Сообщение не найдено!</div>";
} elseif ($Text->utf8_strlen($msg['msg']) < 0) {
echo "<div class = 'errs'>Сообщение не найдено!</div>";
} else {
echo "<div class = 'razd'>";
echo $Text->toOutput($msg['msg']);
echo "</div>";
}
} else {
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a href = '?cmpl&komm'>Комментарии</a>";
echo "<a href = '?cmpl&diary' class = 'active'>Дневники</a>";
echo "</div>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$cmpl_list = mysql_query("SELECT * FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary' ORDER BY time LIMIT $start, $set[p_str]");
if (mysql_num_rows($cmpl_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
if (isset($_GET['ok'])) {
mysql_query("UPDATE `diary_cmpl` SET `ok` = '1', `id_resh` = '$user[id]' WHERE `id` = '" . intval($_GET['ok']) . "' AND `ok` = '0' AND `subject` = 'diary'");
header("Location: ?cmpl&diary");
}
while ($post = mysql_fetch_array($cmpl_list)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `id` = '$post[id_subject]'"), 0) != 0) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $post[id_user] LIMIT 1"));
$diary = mysql_fetch_array(mysql_query("SELECT * FROM `diary` WHERE `id` = $post[id_subject] LIMIT 1"));
$avtor2 = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = $diary[id_user] LIMIT 1"));
echo user($avtor['id']);
echo "<br />Писать жалобы: ";
if ($avtor['do_cmpl_diary'] == 0) {
echo "<font color = 'green'>Разрешено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>запретить</a>]<br/>n";
} else {
echo "<font color = 'red'>Запрещено</font>";
echo " [<a href='?cmpl&do_cmpl=$avtor[id]'>разрешить</a>]<br/>n";
}
echo "Время: " . $Date->time($post['time']) . "<br />";
echo "Дневник: <a href='?id=$diary[id_user]&diary=$post[id_subject]'>Ссылка</a><br/>n";
echo "Автор дневника: <a href='/info.php?id=$avtor2[id]'>$avtor2[nick]</a><br/>n";
echo "Причина жалобы:n";
if ($post['type'] == 'reklama') {
echo "Это реклама!n";
} elseif ($post['type'] == 'leks') {
echo "Нецензурная лексикаn";
} elseif ($post['type'] == 'oskorb') {
echo "Оскорблениen";
} elseif ($post['type'] == 'prop') {
echo "Пропаганда ненавистиn";
} elseif ($post['type'] == 'bessmsl') {
echo "Бессмысленная темаn";
} else {
echo "Иноеn";
}
if ($Text->utf8_strlen($post['msg']) > 0) {
echo " | <b><a href='?cmpl&diary&msg=$post[id]'>Сообщение</a></b>n";
}
$count_cmpl = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `id_subject` = '$diary[id]' AND `subject` = 'diary'"), 0);
if ($user['level'] >= 8) {
echo "<br/><a href='?id=$diary[id_user]&diary=$diary[id]&cmpl'>Еще жалобы на дневник ($count_cmpl)</a>n";
}
} else {
echo "<font color='red'>Дневник удален</font> ";
}
echo "<form method = 'POST' action = '?cmpl&diary&ok=$post[id]'>";
echo "<button class = 'active'>";
echo img('tick.png') . " Проверено";
echo "</button></form>";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?cmpl&diary&", $k_page, $page);
}
echo "<a href = '?cmpl'><div class = 'razd'>" . img('left.png') . " Жалобы</div></a>";
}
} elseif (isset($_GET['do_cmpl'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['do_cmpl']) . "' LIMIT 1"));
if ($doc['do_cmpl_diary'] == 0) {
echo "<a href = '?cmpl'><div class = 'razd'>" . img('left.png') . " Жалобы</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `do_cmpl_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?cmpl&do_cmpl=$doc[id]'>n";
echo "Вы действительно хотите запретить писать жалобы даному пользователю?<br />n";
echo "<button class = 'active' name='ok'>";
echo img('tick.png') . " Да";
echo "</button> <a href='?cmpl'>Нет</a></form>n";
}
} else {
echo "<a href='?cmpl'><div class='razd'>" . img('left.png') . " Жалобы</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `do_cmpl_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?cmpl&do_cmpl=$doc[id]'>n";
echo "Вы действительно хотите разрешить писать жалобы даному пользователю?<br />n";
echo "<button class = 'active' name='ok'>";
echo img('tick.png') . " Да";
echo "</button> <a href='?cmpl'>Нет</a></form>n";
}
}
} else {
echo "<a href='".DIR_DIARY."'><div class = 'razd'>" . img('left.png') . " Дневники</div></a>n";
$diary_k = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'komm'"), 0);
$diary_d = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_cmpl` WHERE `ok` = '0' AND `subject` = 'diary'"), 0);
echo "<div class = 'razd'>";
echo img('comment_white.png') . " <a href='?cmpl&komm'>Жалобы на комментарии</a> [$diary_k]<br/>n";
echo img('book.png') . " <a href='?cmpl&diary'>Жалобы на дневники</a> [$diary_d]";
echo "</div>";
}
} elseif (isset($_GET['dl']) && isset($user)) {
$set['title'] = 'Дневники | Список доступа';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
echo "<div class='razdel'>Список доступа</div>n";
if (isset($_GET['del'])) {
mysql_query("DELETE FROM `diary_dl` WHERE `id_ank` = '" . mysql_real_escape_string($_GET['del']) . "' AND `id_user` = '$user[id]' LIMIT 1");
} elseif (isset($_GET['add']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_ank` = '" . mysql_real_escape_string($_GET['add']) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '" . mysql_real_escape_string($_GET['add']) . "' LIMIT 1"), 0) != 0) {
mysql_query("INSERT INTO `diary_dl` (`id_user`, `id_ank`) VALUES ('$user[id]', '" . mysql_real_escape_string($_GET[add]) . "')");
msg("Пользователь добавлен в список доступа");
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_dl` WHERE `id_user` = '$user[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$list = mysql_query("SELECT * FROM `diary_dl` WHERE `id_user` = '$user[id]' ORDER BY id_ank LIMIT $start, $set[p_str]");
if (mysql_num_rows($list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($list)) {
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_ank]' LIMIT 1"));
echo "<table class = 'razd'><tr><td class = 'null'>";
echo user($ank['id']);
echo "<br /> <font color='green'>[" . $Date->time($ank['date_last']) . "]</font>n";
echo "<a class='add' href='?dl&del=$post[id_ank]' title='удалить'>" . img('del.png') . "</a>";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?dl&", $k_page, $page);
}
}
} elseif (isset($_GET['bans'])) {
$set['title'] = 'Дневники | Список заблокированых';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
echo "<div class='razdel'>Заблокированые пользователи</div>n";
if (isset($_GET['write_diary'])) {
$doc = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '" . intval($_GET['write_diary']) . "' LIMIT 1"));
if ($doc['write_diary'] == 0) {
echo "<a href='?bans'><div class='razd'>" . img('left.png') . " Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '1' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?bans&write_diary=$doc[id]'>n";
echo "Вы действительно хотите запретить писать дневники даному пользователю?<br />n";
echo "<button class = 'clik' name='ok'>Да</button>";
echo "<a href='?bans'>Нет</a></form>n";
}
} else {
echo "<a href='?bans'><div class='razd'>" . img('left.png') . " Назад</div></a>n";
if (isset($_POST['ok'])) {
mysql_query("UPDATE `user` SET `write_diary` = '0' WHERE `id` = '$doc[id]' LIMIT 1");
msg("Успешно!");
} else {
echo "<form method='post' class = 'razd' action='?bans&write_diary=$doc[id]'>n";
echo "Вы действительно хотите разрешить писать дневники даному пользователю?<br />n";
echo "<button class = 'clik' name='ok'>Да</button> ";
echo "<a href='?bans'>Нет</a></form>n";
}
}
} else {
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `write_diary` = '1'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$baned = mysql_query("SELECT * FROM `user` WHERE `write_diary` = '1' ORDER BY nick LIMIT $start, $set[p_str]");
if (mysql_num_rows($baned) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($baned)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
echo "<span style = 'float:right;'>";
if ($post['write_diary'] == 0) {
echo "<a class = 'add' href='?bans&write_diary=$post[id]'>" . img('del.png') . "</a>";
} else {
echo "<a class = 'add' href='?bans&write_diary=$post[id]'>" . img('del.png') . "</a>";
}
echo "</span>";
echo user($post['id']);
echo "<br /> <font color='green'>[" . $Date->time($post['date_last']) . "]</font>n";
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?bans&", $k_page, $page);
}
echo "<a href='".DIR_DIARY."'><div class='razd'>" . img('left.png') . " Назад</div></a>n";
}
} elseif (isset($_GET['search'])) {
$set['title'] = 'Дневники | Поиск';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
$search = NULL;
if (isset($_SESSION['search'])) {
$search = $_SESSION['search'];
}
if (isset($_POST['search'])) {
$search = $_POST['search'];
}
$_SESSION['search'] = $search;
$search = preg_replace("#( ){2,}#", " ", $search);
$search = preg_replace("#^( ){1,}|( ){1,}$#", "", $search);
if (isset($_GET['go']) && $search != NULL) {
$q_search = str_replace('%', '', $search);
$q_search = str_replace(' ', '%', $q_search);
echo "<div class='razd'>Результаты поиска <b>"" . htmlspecialchars($search) . ""</b></div>n";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary` WHERE `name` like '%" . mysql_real_escape_string($q_search) . "%' OR `text` like '%" . mysql_real_escape_string($q_search) . "%'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `diary` WHERE `name` like '%" . mysql_real_escape_string($q_search) . "%' OR `text` like '%" . mysql_real_escape_string($q_search) . "%' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
echo "<table class = 'razd'><tr><td class = 'null'>";
if ($post['type'] == 'only_me' && ($user['id'] == $avtor['id'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>n";
user($avtor['id']) . "n";
echo "<br />";
if ($Text->utf8_strlen($post['name']) > 0) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b><br/>n";
} else {
echo img('book.png') . "";
}
$tmp = text::cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float:right;' id = 'hide'><a class = 'add' href='?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a> <a class = 'add' href='?id=$avtor[id]&edit=$post[id]' title='редактировать' >" . img('set_mini.png') . "</a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "" . $Date->time($post['time']) . "<br/><br/>";
if ($user['level'] >= 0) {
echo "<a class = 'add'>" . img('comment_white.png') . " $count_komm </a> <a class = 'add' href='?id=$avtor[id]&diary=$post[id]'>" . img('pen.png') . " Обсудить</a>";
}
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>n";
user($avtor['id']) . "n";
echo "<br />";
if ($Text->utf8_strlen($post['name']) > 0) {
echo img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b><br/>n";
} else {
echo img('book.png');
}
$tmp = text::cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float:right;' id = 'hide'><a class = 'add' href='?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a> <a class = 'add' href='?id=$avtor[id]&edit=$post[id]' title='редактировать' >" . img('set_mini.png') . "</a></div>n";
}
echo htmlspecialchars($tmp) . "<br/>n";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "" . $Date->time($post['time']) . "<br/><br/>";
if ($user['level'] >= 0) {
echo "<a class = 'add'>" . img('comment_white.png') . " $count_komm </a> <a class = 'add' href='?id=$avtor[id]&diary=$post[id]'>" . img('pen.png') . " Обсудить</a>";
}
}
echo "</td></tr></table>";
}
if ($k_page > 1) {
str("?search&go&", $k_page, $page);
}
} else {
echo "<span class = 'razd' style='font-size:small;color:darkblue'><b>Текст для поиска:</b></span><br/>";
}
echo'<form method="post" action="?search&go" class="razd">';
$search = stripcslashes(htmlspecialchars($search));
echo'<input type="text" name="search" maxlength="64" value="' . $search . '" /><br/>';
echo'<input type="submit" value="Поиск" />';
echo'</form>';
echo "<a href='/diary'><div class='razd'>" . img('left.png') . " Дневники</div></a>";
} elseif (isset($_GET['edit_text']) && isset($user)) {
$set['title'] = 'Настройки страницы';
require_once H.'sys/inc/thead.php';
aut();
err();
if (isset($_GET['ok'])) {
$text = $_POST['text'];
$text = $Text->esc(stripcslashes(htmlspecialchars($text)));
if ($Text->utf8_strlen($text) > 1024) {
$err[] = 'Текст слишком длинный';
}
$text = mysql_real_escape_string($text);
if (!isset($err)) {
mysql_query("UPDATE `user` SET `diary_text` = '$text' WHERE `id` = '$user[id]'");
header("Location:?id=$user[id]");
}
}
echo "<div class = 'razdel'>Настройте вашу страницу дневников</div>";
echo "<form method = 'POST' class = 'razd' name = 'opis_set' action='?edit_text&ok'>n";
echo "Приветствие страницы (1024 знаков)<br/>";
echo L . "<textarea name='text'>$user[diary_text]</textarea><br/>n";
echo "<button name = 'ok' class = 'action'>";
echo "<span class = 'label'><span class = 'icon icon67' /> Сохранить</span>";
echo "</button></form>";
} else {
$set['title'] = 'Дневники';
require_once H.'sys/inc/thead.php';
title();
aut();
err();
$search = NULL;
if (isset($_SESSION['search'])) {
$search = $_SESSION['search'];
}
if (isset($_POST['search'])) {
$search = $_POST['search'];
}
$_SESSION['search'] = $search;
$search = preg_replace("#( ){2,}#", " ", $search);
$search = preg_replace("#^( ){1,}|( ){1,}$#", "", $search);
$search = stripcslashes(htmlspecialchars($search));
echo "<div class = 'tabs t_bar clear_fix'>";
echo "<a href = '/pages/search/'>Люди</a>";
echo "<a href = '".DIR_DIARY."' class = 'active'>Дневники</a>";
echo "</div>";
echo "<form class = 'razd' action = '?search&go' method = 'POST'>";
echo "<input type = 'search' name = 'search' value = '$search' />";
echo "<button class = 'action'>";
echo img('zoom.png');
echo "</button></form>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary`"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
$diary_list = mysql_query("SELECT * FROM `diary` ORDER BY `time` DESC,`id` DESC LIMIT $start, $set[p_str]");
if (isset($user)) {
echo "<div class = 'razd'><a class = 'add' href = '?id=$user[id]&add_new_diary'>" . img('1.png') . " Создать дневник</a></div>";
}
if (mysql_num_rows($diary_list) == 0) {
echo "<div class = 'errs'>";
echo img('error.png') . " Нет результатов";
echo "</div>";
}
while ($post = mysql_fetch_array($diary_list)) {
echo "<div class = 'razd'>";
if ($post['type'] == 'only_me' && ($user['id'] == $post['id_user'] || $user['level'] >= 0)) {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>";
if ($Text->utf8_strlen($post['name']) > 0) {
echo "<a href = '?id=$avtor[id]&diary=$post[id]'>" . img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b></a> (" . $Date->time($post['time']) . ")<br />";
} else {
echo img('book.png') . " ";
}
$tmp = $Text->cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float: right;' id = 'hide'>";
echo "<a class = 'add' href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a>";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать'>" . img('set_mini.png') . "</a>";
echo "</div>n";
}
echo text::toOutput($tmp) . "<br/>n";
echo user($avtor['id']);
echo "<br /><br />";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<a class = 'add'>" . img('comment_white.png') . " Комментарии</a>";
echo "<a class = 'add'>$count_komm</a>";
} else {
$avtor = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<span style = 'float:right;'><small>";
if ($post['type'] == 'only_me' && $post['+18'] == '1') {
echo "Закрытая запись, +18";
} elseif ($post['type'] == 'friends' && $post['+18'] == '1') {
echo "Только для друзей, +18";
} elseif ($post['type'] == 'pass' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'list' && $post['+18'] == '1') {
echo "Расширенные настройки, +18";
} elseif ($post['type'] == 'only_me') {
echo "Закрытая запись";
} elseif ($post['type'] == 'friends') {
echo "Только для друзей";
} elseif ($post['type'] == 'pass') {
echo "Расширенные настройки";
} elseif ($post['type'] == 'list') {
echo "Расширенные настройки";
} elseif ($post['+18'] == '1') {
echo "+18";
}
echo "</small></span>";
if ($Text->utf8_strlen($post['name']) > 0) {
echo "<a href = '?id=$avtor[id]&diary=$post[id]'>" . img('book.png') . " <b>" . $Text->toOutput($post['name']) . "</b></a> (" . $Date->time($post['time']) . ")<br />";
} else {
echo img('book.png') . " ";
}
$tmp = $Text->cut_text($post['text']);
if ($user['id'] == $post['id_user'] || $user['level'] >= 8) {
echo "<div style = 'float: right;' id = 'hide'>";
echo "<a class = 'add' href = '?id=$avtor[id]&del=$post[id]' title = 'Удалить'>" . img('del.png') . "</a>";
echo "<a class = 'add' href = '?id=$avtor[id]&edit=$post[id]' title = 'Редактировать'>" . img('set_mini.png') . "</a>";
echo "</div>n";
}
echo text::toOutput($tmp) . "<br />";
echo user($avtor['id']);
echo "<br /><br />";
$count_komm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_komm` WHERE `id_diary` = '$post[id]'"), 0);
echo "<a class = 'add'>" . img('comment_white.png') . " Комментарии</a>";
echo "<a class = 'add'>$count_komm</a>";
}
echo "</div>";
}
if ($k_page > 1) {
str("?", $k_page, $page);
}
if (isset($user) && $user['level'] >= 8) {
echo "<div class = 'razd'>" . img('fire.png') . " <a href = '?cmpl'>Жалобы</a></div>";
echo "<div class = 'razd'>" . img('text_columns.png') . " <a href = '?bans'>Список нарушителей</a></div>";
}
}
require_once H.'sys/inc/tfoot.php';
}
exit();