Файл: usnews.php
Строк: 77
<?php
include 'system/sys.php';
include 'system/funcs.php';
if (!isset ($us)) {
header ('location: /');
exit;
}
if (!isset ($_GET['id'])) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
$u = $query -> fetch ();
$items = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `new` WHERE (`us`='" . $u['id'] . "')");
H ('Новости ' . $u['nick'], 'Новости ' .uNick ($u['id']) .' (' . $items . ')');
if ($u['id']==$us['id']) {
echo '<div class="lst">';
echo '<form action="/usnews.php?id=' . $u['id'] . '&send" method="post">';
echo 'Новости:<br/><textarea name="text"></textarea><br/>';
echo '<input type="submit" value="Отправить"/>';
echo '</form>';
echo '</div>';
if (isset ($_GET['send'])) {
$_POST['text'] = htmlspecialchars (addslashes (trim ($_POST['text'])));
if (empty ($_POST['text'])) {
echo '<div class="list1">Вы не ввели текст новости..</div>';
}
else {
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `new` WHERE (`us`='" . $us['id'] . "') AND (`t`>'" . (time () - 60) . "')") != 0) {
echo '<div class="list">Вы пишите слишком часто!</div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `new` (`us`,`kem`,`text`,`t`) VALUES ('" . $u['id'] . "', '" . $us['id'] . "', ?, '" . time () . "')", array ($_POST['text']));
header ('location: /usnews.php?id=' . $u['id']);
}
}
}
}
if (isset ($_GET['del'])) {
if ($u['id']==$us['id'] || $u['level']<$us['level'] && $us['level']>1) {
$query = DB :: $dbs -> query ("SELECT * FROM `new` WHERE (`id`=?)", array (intval ($_GET['del'])));
if ($query -> rowCount () != 0) {
$new = $query -> fetch ();
if ($new['us']==$u['id']) {
DB :: $dbs -> query ("DELETE FROM `new` WHERE (`id`='" . $new['id'] . "')");
DB :: $dbs -> query ("DELETE FROM `new_komm` WHERE (`id_new`='" . $new['id'] . "')");
}
}
}
header ('location: /usnews.php?id=' . $u['id']);
}
$items_per_page = 10;
$pages = ceil ( $items / $items_per_page );
$page = (int) $_GET['page'];
if ($page < 1) {
$page = 1;
}
if ($page > $pages) {
$page = $pages;
}
$start = $page * $items_per_page - $items_per_page;
if ($items == 0) {
echo '<div class="list1">У <b>' . uNick ($u['id']) . '</b> пока нет новостей!</div>';
}
else {
$query = DB :: $dbs -> query ("SELECT * FROM `new` WHERE (`us`='" . $u['id'] . "') ORDER BY `id` DESC LIMIT $start, $items_per_page");
while ($new = $query -> fetch ()) {
//
echo '<div class="list1">';
echo uNick ($new['kem']) . ' (' . datef ($new['t']) . ')<br/>';
//
if (!empty ($new['komm'])) {
echo 'Комментарий: <b>' . bb ($new['komm']) . '</b><br/>';
}
//
if ($new['id_p']!=0) {
$p = DB :: $dbs -> queryFetch ("SELECT * FROM `forum_p` WHERE (`id`='" . $new['id_p'] . "')");
$t = DB :: $dbs -> queryFetch ("SELECT * FROM `forum_t` WHERE (`id`='" . $p['id_t'] . "')");
echo '<img src="/images/re.png" alt=""/> ' . uNick ($p['us']) . '<br/>';
echo 'Тема: <a href="/forum/thema' . $t['id'] . '"><b>' . $t['name'] . '</b></a><br/>';
echo 'Сообщение: ';
if ($p['del']==0) {
if (mb_strlen ($p['text']) > 150) {
echo mb_substr (bb ($p['text']), 0, 150) . '.. <img src="" alt=""/><br/>';
echo '<a href="/newkomm.php?id=' . $new['id'] . '">читать полностью</a>';
}
else {
echo bb ($p['text']);
}
}
else {
echo '<b>Сообщение удалено!</b>';
}
}
//
if ($new['id_f']!=0) {
$f = DB :: $dbs -> queryFetch ("SELECT * FROM `zc_f` WHERE (`id`='" . $new['id_f'] . "')");
echo '<img src="/images/re.png" alt=""/> ' . uNick ($f['us']) . '<br/>';
echo 'Файл: <a href="/zc/file' . $f['id'] . '"><b>' . $f['name'] . '</b></a>';
}
echo '<br/>';
//
if (!empty ($new['text'])) {
echo bb ($new['text']);
}
//
if ($u['id']==$us['id'] || $u['level']<$us['level'] && $us['level']>1) {
echo ' <a href="/usnews.php?id=' . $u['id'] . '&del=' . $new['id'] . '">удал.</a>';
}
echo '</div>';
//
echo '<div class="lst">';
echo '<form action="/newkomm.php?id=' . $new['id'] . '&add" method="post">';
echo 'Комментарий: <input name="komm"/> <input type="submit" value="Добавить"/>';
echo '</form>';
echo '</div>';
$itemss = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `new_komm` WHERE (`id_new`='" . $new['id'] . "')");
if ($itemss != 0) {
echo '<div style="padding-left:15%;">';
$q = DB :: $dbs -> query ("SELECT * FROM `new_komm` WHERE (`id_new`='" . $new['id'] . "') ORDER BY `id` DESC LIMIT 3");
while ($komm = $q -> fetch ()) {
echo '<div class="lst">';
echo uNick ($komm['us']) . ' (' . datef ($komm['t']) . ')';
if ($komm['us']!=$us['id']) {
echo ' [<a href="/newkomm.php?id=' . $new['id'] . '&komu=' . $komm['us'] . '">отв</a>] ';
}
if ($komm['us']==$us['id'] && $us['level']>1 || $u['level']<$us['level'] && $us['level']>1) {
echo ' [<a href="/newkomm.php?id=' . $new['id'] . '&del=' . $komm['id'] . '">x</a>] ';
}
echo '<br/>';
echo bb ($komm['text']);
echo '</div>';
}
//
if ($itemss>5) {
echo '<div class="list1"><a href="">Показать все комментарии</a> (' . $itemss . ')</div>';
}
echo '</div>';
}
echo '<hr/>';
}
echo '<div class="lst">' . pages ('/usnews' . $u['id']) . '</div>';
}
echo '<div class="list1"><a href="/us' . $u['id'] . '">В анкету ' . $u['nick'] . '</a></div>';
F ();