Файл: world-faces.ru/world-faces.ru/foto/inc/user_gallery.php
Строк: 53
<?php
if(!isset($user) && !isset($_GET['id_user'])){
header("Location: /foto/?".SID);exit;
}
if(isset($user)){
$ank['id']=$user['id'];
}
if(isset($_GET['id_user'])){
$ank['id'] = intval($_GET['id_user']);
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".$ank['id']."' LIMIT 1"),0)==0){
header("Location: index.php");
exit;
}
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".$ank['id']."' LIMIT 1"));
$set['title'] = 'Фотоальбомы '.$ank['nick'];
include_once '../sys/inc/thead.php';
title();
aut();
if(isset($access['foto_alb_cr']) && ($user['level']>$ank['level'] || $user['id']==$ank['id'] || $user['level']>3)){
include 'inc/gallery_act.php';
}
err();
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id_user` = '".$ank['id']."'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
echo '<form action="/foto/'.$ank['id'].'/?page='.$page.'" method="post">';
echo '<div class="str"><b>Сорт</b>: <select name="sort"><option value="name">имя</option><option value="time_create">дата создания</option><option value="time">последнее обновление</option><option value="posl">старые</option><option value="new">новые</option></select>';
echo '<input type="submit" value="ok"></div></form>';
echo '<table class="post">';
if($k_post==0){
echo '<tr><td class="p_t">Нет фотоальбомов</td></tr>';
}
$asc='DESC';
$order='id';
if(isset($_POST['sort']) && $_POST['sort']=='name'){
$order='name';
}else if(isset($_POST['sort']) && $_POST['sort']=='time_create'){
$order='time_create';
}else if(isset($_POST['sort']) && $_POST['sort']=='time'){
$order='time';
}else if(isset($_POST['sort']) && $_POST['sort']=='new'){
$order='id';
$asc='DESC';
}else if(isset($_POST['sort']) && $_POST['sort']=='posl'){
$order='time_create';
$asc='ASC';
}
$q = mysql_query("SELECT * FROM `gallery` WHERE `id_user` = '".$ank['id']."' ORDER BY $order $asc LIMIT $start, $set[p_str]");
while($post = mysql_fetch_array($q)){
echo '<tr><td class="p_m"><img src="/style/themes/'.$set['set_them'].'/user/'.$ank['pol'].'.png" alt=""/>';
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '".$post['id']."'"),0);
echo '<a href="/foto/'.$ank['id'].'/'.$post['id'].'/">'.esc(trim(smiles(stripcslashes(htmlspecialchars($post['name']))))).'</a> ('.$all.' фото)<br/>';
if($post['opis']!=null){
echo output_text($post['opis']).'<br/>';
}
echo '<b>Создан</b>: '.vremja($post['time_create']).'<br/>';
echo '<b>Обновлён</b>: '.vremja($post['time']).'<br/>';
echo '</td></tr>';
}
echo '</table>';
if($k_page>1){
str('?',$k_page,$page);
}
if(isset($access['foto_alb_cr']) && ($user['level']>$ank['level'] || $user['id']==$ank['id'] || $user['level']>3)){
include 'inc/gallery_form.php';
}
echo '<a href="/foto/">Все альбомы</a></div>';
include_once '../sys/inc/tfoot.php';
exit;
?>