Файл: BlogExl_v_3/modules/pages/read.php
Строк: 39
<?
$id = $func->num($_GET['id']);
$reads = $dbs->query("SELECT * FROM `blog` where ".($user['level']>=2?NULL:'activ = 1 and')." `id` = '$id' limit 1");
if(!$reads->num_rows){head('Error');echo '<div class="post2">Запись не найдена или она на модерации!</div>';foot();exit();}
$r = $reads->fetch_assoc();
$cat = $dbs->query("SELECT * FROM `cat` where `id` = '$r[id_cat]' limit 1")->fetch_assoc();
head($r['name']);
info();
if(isset($_GET['like']) && $user['id']){
if($dbs->query("SELECT * FROM `blog_vote` WHERE `id_us` = '$user[id]' AND `id_blog` = '$r[id]' LIMIT 1")->num_rows>=0){
$dbs->query("INSERT INTO `blog_vote` SET `id_blog` = '$r[id]', `id_us` = '$user[id]', `like` = '1'");
header('Location: read'.$id);
die();
}
}
if(isset($_GET['dlike']) && $user['id']){
if($dbs->query("SELECT * FROM `blog_vote` WHERE `id_us` = '$user[id]' AND `id_blog` = '$r[id]' LIMIT 1")->num_rows>=0){
$dbs->query("INSERT INTO `blog_vote` SET `id_blog` = '$r[id]', `id_us` = '$user[id]', `like` = '0'");
header('Location: read'.$id);
die();
}
}
if(isset($_GET['down'])){
$cl = str_replace('"','"',$r['name']);
$cl = str_replace('"','"',$r['msg']);
$cl = str_replace('>','>',$cl);
$cl = str_replace('<','<',$cl);
$order = stripslashes($cl);
$filename = htmlentities($_SERVER['DOCUMENT_ROOT']).'/files/'.$id.'.txt';
$file = fopen($filename, 'w');
fwrite($file, $order);
fclose($file);
header('location:'.URL.'/files/'.$id.'.txt');
}
$dbs->query("UPDATE `blog` SET `look` = `look`+1 WHERE `id` = '$id' LIMIT 1");
echo '<div class="rega">Статья: <b>'.$r['name'].'</b></div><div class="text_stat">'.$func->out($r['msg']).'</div>';
if(!empty($r['file'])){
echo '<div class="rega">Файлы</div>';
echo '<div class="stat_stat"><a href="'.URL.'/files/read/'.$r['file'].'">'.$r['file'].'</a></div>';
}
echo '<div class="stat_stat">';
echo 'Дата публикации: '.times($r['time']).'<br/>';
if($user['id'] && !$dbs->query("SELECT * FROM `blog_vote` WHERE `id_us` = '$user[id]' AND `id_blog` = '$r[id]' LIMIT 1")->num_rows){
echo 'Рейтинг: <a href="?id='.$r['id'].'&like"><img src="/design/klass.png">Классно!</a> | <a href="?id='.$r['id'].'&dlike"><img src="/design/ploho.png"> Фигня!</a><br/>';
} else {
echo 'Рейтинг: <img src="/design/klass.png"> Классно!('.$dbs->query("SELECT * FROM `blog_vote` WHERE `like` = '1' AND `id_blog` = '$r[id]'")->num_rows.') | <img src="design/ploho.png"> Фигня!('.$dbs->query("SELECT * FROM `blog_vote` WHERE `like` = '0' AND `id_blog` = '$r[id]'")->num_rows.')<br/>';
}
echo 'Просмотрв: '.$r['look'].'<br/><hr></hr>';
echo 'Автор: '.$func->nik($r['id_us']).'<br/>Раздел: <a href="pages/cat.php?id='.$cat['id'].'">'.$cat['name'].'</a><br/>';
if(!empty($r['metka'])){
echo 'Метки: <b>'.$r['metka'].'</b>';
} else {
echo 'Метки: <b>меток нет</b>';
}
echo '</div>';
echo '<div class="razd"><a href="/pages/read.php?id='.$id.'&down">Скачать .txt</a><br/>Ссылка:<br/><textarea rows="1" cols="20" name="tat">http://'.$func->txt($_SERVER['HTTP_HOST']).'/read'.$r['id'].'</textarea></div>';
echo '<div class="rega"><a href="/komm'.$r['id'].'">Комментарии </a>('.$dbs->query("SELECT * FROM `komm` where `id_blog` = '$r[id]'")->num_rows.')</div>';
if($user['level']==2){echo '<div class="post2"><a href="admin/upstat.php?id='.$r['id'].'"><b>Апдейт</b></a></div>';}
foot();
?>