Файл: bloodlands.pw/anketa.php
Строк: 273
<?php
define('cms', 1);
$title = 'Анкета';
require_once 'core.php';
if ($user) {
echo'<div class="pt">';
switch($_GET['a']){
default:
$avtou = mysql_num_rows(mysql_query("SELECT `id` FROM `users` WHERE `id` = '".$id."'"));
if($avtou == 0 or empty($id)) $id = $user;
$fri = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '1'"),0);
$ene = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '2'"),0);
$req = mysql_query("SELECT * FROM `anketa` WHERE `user` = '".$id."'");
$avto = mysql_num_rows($req);
$u = mysql_fetch_array($req);
echo'<a class="links" href="?a=friend&id='.$id.'"><img src="./img/icon/m.png" alt=""> Друзья ['.$fri.']</a>
<a class="links" href="?a=enemy&id='.$id.'"><img src="./img/icon/pit.png" alt=""> Враги ['.$ene.']</a>';
echo'<br/><b>ID персонажа:</b><input type="text" class="text" value="'.$id.'"/><br/>';
if($avto == 0){
echo'<b>Данных об этом игроке еще нет!</b><br/><br/>';
if($id == $user) echo'<a class="links" href="?a=new"><img src="./img/icon/clan.png" alt=""> Заполнить анкету</a>';
echo'<a class="links" href="user.php?id='.$id.'"><img src="./img/icon/back.png" alt=""> В персонажа</a></div>';
include './include/foot1.php'; exit;
}
if(!empty($u['name'])) echo'<b>Имя:</b> '.$u['name'].'<br/>';
if(!empty($u['o_sebe'])) echo'<b>О себе:</b> '.$u['o_sebe'].'<br/>';
if(!empty($u['gorod'])) echo'<b>Город:</b> '.$u['gorod'].'<br/>';
if(calc_age($u['vozrast']) > 0) echo'<b>Возраст:</b> '.calc_age($u['vozrast']).'<br/>';
echo'<br/>';
if(!empty($u['vk'])) echo'<a class="links" href="http://m.vk.com/id'.$u['vk'].'"><img src="http://vk.com/favicon.ico" alt=""> Страница в VK</a>';
if($id == $user) echo'<a class="links" href="?a=izm"><img src="./img/icon/clan.png" alt=""> Изменить анкету</a>'; else {
$f = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '1' AND `user_dob` = '".$id."'"),0);
$e = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '2' AND `user_dop` = '".$id."'"),0);
if($f == 0) echo'<a class="links" href="?a=add_f&id='.$id.'"><img src="./img/icon/m.png" alt=""> Добавить в друзья</a>'; else echo'<a class="links" href="?a=del_f&id='.$id.'"><img src="./img/0.png" alt=""> Удалить из друзей</a>';
if($e == 0) echo'<a class="links" href="?a=add_e&id='.$id.'"><img src="./img/icon/pit.png" alt=""> Добавить во враги</a>'; else echo'<a class="links" href="?a=del_e&id='.$id.'"><img src="./img/0.png" alt=""> Удалить из врагов</a>';
}
echo'<a class="links" href="user.php?id='.$id.'"><img src="./img/icon/back.png" alt=""> В персонажа</a>';
break;
case 'friend':
if(empty($id)) $id = $user;
$all = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '1'"),0);
if($all > 0){
$total = intval(($all-1)/$us['kol'])+1;
$page = abs(intval($_GET['page']));
if(empty($page) OR $page <= 0) $page = 1;
if($page > $total) $page = $total;
$past = intval($all/$us['kol']);
$start = round($page*$us['kol']-$us['kol']);
$top = mysql_query("SELECT `user_dob` FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '1' ORDER BY `id` DESC LIMIT ".$start.",".$us['kol']."");
while($res = mysql_fetch_array($top)){
pers_info($res['user_dob']);
echo' <a class="link" href="/anketa.php?id='.$res['user_dob'].'">[В анкету]</a>
<a class="link" href="/mail.php?a=create&id='.$res['user_dob'].'">[Написать]</a>';
echo'<br/>';
}
navigation($all,$us['kol'],$page,'anketa.php?a=friend&id='.$id.'&',$total);
} else echo '<div class="error" style="text-align:left;">У данного игрока друзей не найдено!</div>';
echo '<a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'enemy':
if(empty($id)) $id = $user;
$all = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '2'"),0);
if($all > 0){
$total = intval(($all-1)/$us['kol'])+1;
$page = abs(intval($_GET['page']));
if(empty($page) OR $page <= 0) $page = 1;
if($page > $total) $page = $total;
$past = intval($all/$us['kol']);
$start = round($page*$us['kol']-$us['kol']);
$top = mysql_query("SELECT `user_dob` FROM `kontakts` WHERE `user` = '".$id."' AND `type` = '2' ORDER BY `id` DESC LIMIT ".$start.",".$us['kol']."");
while($res = mysql_fetch_array($top)){
pers_info($res['user_dob']);
echo' <a class="link" href="/anketa.php?id='.$res['user_dob'].'">[В анкету]</a>';
echo'<br/>';
}
navigation($all,$us['kol'],$page,'anketa.php?a=enemy&id='.$id.'&',$total);
} else echo '<div class="error" style="text-align:left;">У данного игрока врагов не найдено!</div>';
echo '<a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'add_f':
$use = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `id` = '".$id."'"),0);
$f = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '1' AND `user_dob` = '".$id."'"),0);
if($id != $user && $use == 1 && $f == 0){
mysql_query("INSERT INTO `kontakts` SET `user` = '".$user."', `type` = '1', `user_dob` = '".$id."'");
header('Location: ?id='.$id);
} else echo'<div class="error" style="text-align:left;">Игрок не найден или уже добавлен!</div><a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'add_e':
$use = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `id` = '".$id."'"),0);
$f = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '2' AND `user_dob` = '".$id."'"),0);
if($id != $user && $use == 1 && $f == 0){
mysql_query("INSERT INTO `kontakts` SET `user` = '".$user."', `type` = '2', `user_dob` = '".$id."'");
header('Location: ?id='.$id);
} else echo'<div class="error" style="text-align:left;">Игрок не найден или уже добавлен!</div><a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'del_f':
$use = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `id` = '".$id."'"),0);
$f = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '1' AND `user_dob` = '".$id."'"),0);
if($id != $user && $use == 1 && $f == 1){
mysql_query("DELETE FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '1' AND `user_dob` = '".$id."'");
header('Location: ?id='.$id);
} else echo'<div class="error" style="text-align:left;">Игрок не найден или не является другом!</div><a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'del_e':
$use = mysql_result(mysql_query("SELECT count(*) FROM `users` WHERE `id` = '".$id."'"),0);
$f = mysql_result(mysql_query("SELECT count(*) FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '2' AND `user_dob` = '".$id."'"),0);
if($id != $user && $use == 1 && $f == 1){
mysql_query("DELETE FROM `kontakts` WHERE `user` = '".$user."' AND `type` = '2' AND `user_dob` = '".$id."'");
header('Location: ?id='.$id);
} else echo'<div class="error" style="text-align:left;">Игрок не найден или не является врагом!</div><a class="links" href="?id='.$id.'"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
break;
case 'new':
if(empty($_POST['ok'])){
echo '<form action="?a=new" method="post"><b>Имя [40]:</b>
<input type="text" name="name" maxlength="40" class="text"><b>Город [30]:</b>
<input type="text" name="gorod" maxlength="30" class="text"><b>О себе [400]:</b>
<textarea name="o_sebe" cols="19" rows="4" class="text"></textarea><b>ID Вконтакте:</b>
<input type="text" name="vk" maxlength="9" class="text"><b>Дата рождения:</b><br/>
<select name="day"><option value="">Число</option>';
for($i = 1; $i <= 31; $i++){
echo'<option value="'.$i.'">'.$i.'</option>';
}
echo '</select> <select name="month"><option value="">Месяц</option>';
for($i = 1; $i <= 12; $i++){
echo '<option value="'.$i.'">' . m($i) . '</option>';
}
echo '</select> <select name="year"><option value="">Год</option>';
for($i = 2008; $i >= 1940; $i--){
echo '<option value="'.$i.'">'.$i.'</option>';
}
echo'</select><br/><input name="ok" type="submit" value="Сохранить" class="button">
</form><a class="links" href="?"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
} else {
$name = filter($_POST['name']);
$o_sebe = filter($_POST['o_sebe']);
$vk = abs(intval($_POST['vk']));
$day = abs(intval($_POST['day']));
$month = abs(intval($_POST['month']));
$year = abs(intval($_POST['year']));
$gorod = filter($_POST['gorod']);
$error = '';
if(mb_strlen($name) > 40 or mb_strlen($o_sebe) > 400 or mb_strlen($vk) > 9 or mb_strlen($day) > 2 or mb_strlen($month) > 2 or mb_strlen($year) > 4 or mb_strlen($gorod) > 30) $error .= 'Превышение количества символов в полях!<br>';
if(empty($name) && empty($o_sebe) && empty($vk) && empty($gorod)) $error .= 'Заполните хотя бы одно поле!<br>';
if(mysql_num_rows(mysql_query("SELECT `id` FROM `anketa` WHERE `user` = '".$user."'")) == 1) $error .= 'У вас уже есть анкета!<br>';
if(!empty($error)){
echo '<div class="error" style="text-align:left;">'.$error.'</div>';
} else {
mysql_query("INSERT INTO `anketa` SET `name` = '".$name."', `o_sebe` = '".$o_sebe."', `vk` = '".$vk."', `vozrast` = '".$day.".".$month.".".$year."', `gorod` = '".$gorod."', `user` = '".$user."'");
if($se['anketa'] == 0) mysql_query("UPDATE `settings` SET `anketa` = '1' WHERE `id` = '".$set."'");
echo 'Анкета успешно сохранена!<br/><a class="links" href="anketa.php?id='.$user.'"><img src="./img/icon/profile.png" alt=""> Посмотреть</a>';
}}
break;
case 'izm':
if(!isset($_POST['ok'])){
$u = mysql_fetch_array(mysql_query("SELECT * FROM `anketa` WHERE `user` = '".$user."'"));
$b = explode('.', $u['vozrast']);
$d = $b[0];
$m = $b[1];
$y = $b[2];
echo '<form action="?a=izm" method="post"><b>Имя [40]:</b>
<input type="text" class="text" name="name" maxlength="40" value="'.$u['name'].'" /><b>Город [30]:</b>
<input type="text" class="text" name="gorod" maxlength="30" value="'.$u['gorod'].'" /><b>О себе [400]:</b>
<textarea name="o_sebe" cols="19" rows="4" class="text">'.$u['o_sebe'].'</textarea><b>ID Вконтакте:</b>
<input type="text" class="text" name="vk" maxlength="9" value="'.$u['vk'].'" /><b>Дата рождения:</b><br/>
<select name="day"><option value="">День</option>';
for($i = 1; $i <= 31; $i++){
echo '<option '.($d == $i ? 'selected' : '').' value="'.$i.'">'.$i.'</option>';
}
echo '</select> <select name="month"><option value="">Месяц</option>';
for($i = 1; $i <= 12; $i++){
echo '<option '.($m == $i ? 'selected' : '').' value="'.$i.'">'.m($i).'</option>';
}
echo '</select> <select name="year"><option value="">Год</option>';
for($i = 2008; $i >= 1940; $i--){
echo '<option '.($y == $i ? 'selected' : '').' value="'.$i.'">'.$i.'</option>';
}
echo '</select><br/><input name="ok" type="submit" value="Сохранить" class="button">
</form><a class="links" href="?"><img src="./img/icon/back.png" alt=""> Вернуться</a>';
} else {
$name = filter($_POST['name']);
$o_sebe = filter($_POST['o_sebe']);
$vk = abs(intval($_POST['vk']));
$day = abs(intval($_POST['day']));
$month = abs(intval($_POST['month']));
$year = abs(intval($_POST['year']));
$gorod = filter($_POST['gorod']);
$error = '';
if(mb_strlen($name) > 40 or mb_strlen($o_sebe) > 400 or mb_strlen($vk) > 9 or mb_strlen($day) > 2 or mb_strlen($month) > 2 or mb_strlen($year) > 4 or mb_strlen($gorod) > 30) $error .= 'Превышение количества символов в полях!<br>';
if(!empty($error)){
echo '<div class="error" style="text-align:left;">'.$error.'</div>';
} else {
if(empty($name) && empty($o_sebe) && empty($vk) && empty($day) && empty($month) && empty($year) && empty($gorod)) {
$ok = mysql_query("DELETE FROM `anketa` WHERE `user` = '".$user."'");
if($ok) echo 'Ваша анкета успешно удалена!<br/><a class="links" href="user.php?id='.$user.'"><img src="./img/icon/'.$us['sex'].'.png" alt=""> В персонажа</a>';
} else {
$ok = mysql_query("UPDATE `anketa` SET `name` = '".$name."', `o_sebe` = '".$o_sebe."', `vk` = '".$vk."', `vozrast` = '".$day.".".$month.".".$year."', `gorod` = '".$gorod."' WHERE `user` = '".$user."'");
if($se['anketa'] == 0) mysql_query("UPDATE `settings` SET `anketa` = '1' WHERE `id` = '".$set."'");
if($ok) echo 'Данные о вас успешно изменены!<br/><a class="links" href="?id='.$user.'"><img src="./img/icon/profile.png" alt=""> Посмотреть</a>';}}}
break;
}} else header('Location: ./index.php');
echo'</div>';
include './include/foot1.php';
?>