Файл: world-faces.ru/world-faces.ru/foto/inc/user_gallery_show.php
Строк: 64
<?php
if(!isset($user) && !isset($_GET['id_user'])){
header("Location: index.php");
exit;
}
if(isset($user)){
$ank['id'] = $user['id'];
}
if(isset($_GET['id_user'])){
$ank['id'] = intval($_GET['id_user']);
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".$ank['id']."' LIMIT 1"),0)==0){
header("Location: index.php");
exit;
}
$ank = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".$ank['id']."' LIMIT 1"));
$gallery['id'] = intval($_GET['id_gallery']);
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id` = '".$gallery['id']."' AND `id_user` = '".$ank['id']."' LIMIT 1"),0)==0){
header("Location: /foto/$ank[id]/");
exit;
}
$gallery = mysql_fetch_array(mysql_query("SELECT * FROM `gallery` WHERE `id` = '".$gallery['id']."' AND `id_user` = '".$ank['id']."' LIMIT 1"));
$set['title'] = 'Фотоальбом: '.$gallery['name'];
include_once '../sys/inc/thead.php';
title();
aut();
echo '<div class="rowup">';
if(isset($user) && ($user['level']>$ank['level'] || $user['id']==$ank['id'] || $user['level']>3)){
include 'inc/gallery_show_act.php';
}
err();
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '".$gallery['id']."'"),0);
$k_page = k_page($k_post,$set['p_str']);
$page = page($k_page);
$start = $set['p_str']*$page-$set['p_str'];
echo '<div class="menu">';
echo '<form action="/foto/'.$ank['id'].'/'.$gallery['id'].'/?page='.$page.'" method="post">';
echo '<b>Сорт</b>: <select name="sort"><option value="name">имя</option><option value="rating">рейтинг</option><option value="posl">старые</option><option value="new">новые</option></select>';
echo '<input type="submit" value="ok"></div></form>';
echo "</div>n";
echo '<table class="post">';
if($k_post==0){
echo '<tr><td class="p_t">Нет фотографий</td></tr>';
}
$asc='DESC';
$order='id';
if(isset($_POST['sort']) && $_POST['sort']=='name'){
$order='name';
}else if(isset($_POST['sort']) && $_POST['sort']=='rating'){
$order='rating';
}else if(isset($_POST['sort']) && $_POST['sort']=='new'){
$order='id';
$asc='DESC';
}else if(isset($_POST['sort']) && $_POST['sort']=='posl'){
$order='id';
$asc='ASC';
}
$q = mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '".$gallery['id']."' ORDER BY $order $asc LIMIT $start, $set[p_str]");
while($post = mysql_fetch_array($q)){
echo '<tr><td class="icon14">';
if(is_file(H.'/files/gallery/48/'.$post['id'].'.jpg')){
echo '<img src="/files/gallery/48/'.$post['id'].'.jpg" alt""/>';
}else{
echo 'no image';
}
echo '</td><td class="p_m">';
echo ' <a href="/foto/'.$ank['id'].'/'.$gallery['id'].'/'.$post['id'].'/">'.esc(trim(smiles(stripcslashes(htmlspecialchars($post['name']))))).'</a><br/>';
if($post['sex']==1){
echo '<div class="err">Файл 18+</div>';
}
if($post['opis']!=null){
echo output_text($post['opis']).'<br/>';
}
echo '<b>Рейтинг</b>: '.$post['rating'].'<br/>';
echo '</td></tr>';
}
echo '</table>';
if($k_page>1){
str('?',$k_page,$page);
}
if(isset($user) && ($user['level']>$ank['level'] || $user['id']==$ank['id'] || $user['level']>3)){
include 'inc/gallery_show_form.php';
}
echo '<a href="/foto/'.$ank['id'].'/">К фотоальбомам</a> ('.$ank['nick'].')</div>';
include_once '../sys/inc/tfoot.php';
exit;
?>