Файл: zc/komm.php
Строк: 29
<?
include '../system/sys.php';
include '../system/funcs.php';
if (!isset ($us)) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `zc_f` WHERE (`id`=?)", array ((int) $_GET['id']));
if ($query -> rowCount () == 0) {
header ('location: /zc');
exit;
}
$f = $query -> fetch ();
if (!isset ($f['dop']) || $f['dop']=='net') {
header ('location: /zc');
exit;
}
$items = DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `zc_komm` WHERE (`id_f`='" . $f['id'] . "')");
H ($f['name'], 'Комментарии к файлу (' . $items . ')');
$items_per_page = 10;
$pages = ceil ( $items / $items_per_page );
$page = (int) $_GET['page'];
if ($page < 1)
$page = 1;
if ($page > $pages)
$page = $pages;
$start = $page * $items_per_page - $items_per_page;
$_GET['komu'] = isset ($_GET['komu']) ? intval ($_GET['komu']) : 0;
if ($_GET['komu']!=0) {
$query = DB :: $dbs -> query ("SELECT * FROM `us` WHERE (`id`='" . $_GET['komu'] . "')");
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
$komu = $query -> fetch ();
if ($komu['id'] == $us['id']) {
header ('location: /');
exit;
}
}
echo '<div class="list1">';
echo 'Файл: <a href="/zc/file' . $f['id'] . '">' . $f['name'] . '</a><br/>';
echo 'Загрузил: ' . uNick ($f['us']);
echo '</div>';
echo '<div class="list1">';
echo '<form action="/zc/komm.php?id=' . $f['id'] . '&komu=' . $komu['id'] . '&add" method="post">';
echo 'Комментарии:<br/><textarea name="kom">' . ($_GET['komu']!=0 ? '[b]' . $komu['nick'] . '[/b], ':'') . '</textarea><br/>';
echo '<input type="submit" value="Добавить"/>';
echo '</form>';
echo '</div>';
if (isset ($_GET['add'])) {
$_POST['kom'] = htmlspecialchars (addslashes (trim ($_POST['kom'])));
if (empty ($_POST['kom'])) {
echo '<div class="list1"><b style="color:red;">Вы не ввели текст комментария..</b></div>';
}
else {
if (DB :: $dbs -> querySingle ("SELECT COUNT(*) FROM `zc_komm` WHERE (`id_f`='" . $f['id'] . "') AND (`us`='" . $us['id'] . "') AND (`text`=?)", array ($_POST['kom'])) != 0) {
echo '<div class="list1"><b style="color:red;">Вы уже писали это.</b></div>';
}
else {
DB :: $dbs -> query ("INSERT INTO `zc_komm` (`id_f`,`us`,`komu`, `text`,`t`) VALUES ('" . $f['id'] . "','" . $us['id'] . "', '" . $_GET['komu'] . "',?,'" . time () . "')", array ($_POST['kom']));
if ($_GET['komu']!=0) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} ответил вам в [url=/zc/komm.php?id=" . $f['id'] . "]комментариях[/url] к файлу!', '" . time () . "', '" . $_GET['komu'] . "')");
}
if ($f['us']!=$us['id']) {
DB :: $dbs -> query ("INSERT INTO `action` (`value`,`t`,`us`) VALUES ('us{" . $us['id'] . "} [url=/zc/komm.php?id=" . $f['id'] . "]прокомментировал[/url] ваш файл!', '" . time () . "', '" . $f['us'] . "')");
}
header ('location: /zc/komm.php?id=' . $f['id']);
}
}
}
if ($items == 0) {
echo '<div class="list1">Комментариев нет..</div>';
}
else {
if (isset ($_GET['del'])) {
$query = DB :: $dbs -> query ("SELECT * FROM `zc_komm` WHERE (`id_f`='" . $f['id'] . "') AND (`id`=?)", array (intval ($_GET['del'])));
if ($query -> rowCount () != 0) {
$komm = $query -> fetch ();
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $komm['us'] . "')");
if ($u['id']==$us['id'] && $us['level']>0 || $u['level']<$us['level']) {
DB :: $dbs -> query ("DELETE FROM `zc_komm` WHERE (`id`='" . $komm['id'] . "')");
}
}
header ('lcoation: /zc/komm.php?id=' . $f['id']);
}
$query = DB :: $dbs -> query ("SELECT * FROM `zc_komm` WHERE (`id_f`='" . $f['id'] . "') ORDER BY `id` DESC LIMIT $start, $items_per_page");
while ($komm = $query -> fetch ()) {
$u = DB :: $dbs -> queryFetch ("SELECT * FROM `us` WHERE (`id`='" . $komm['us'] . "')");
echo '<div class="list1">';
echo uNick ($komm['us']) . ' (' . datef ($komm['t']) . ')';
if ($komm['us']!=$us['id']) {
echo ' [<a href="/zc/komm.php?id=' . $f['id'] . '&komu=' . $komm['us'] . '">отв</a>]';
}
if ($u['id']==$us['id'] && $us['level']>0 || $u['level']<$us['level']) {
echo ' [<a href="/zc/komm.php?id=' . $f['id'] . '&del=' . $komm['id'] . '">x</a>]';
}
echo '<br/>';
echo bb ($komm['text']);
echo '</div>';
}
echo '<div class="list1">' . pages ('/zc/komm' . $f['id']) . '</div>';
}
F ();
?>