Файл: modules/m/index.php
Строк: 1038
<?php
include '../../system/core.php';
include '../../system/header.php';
if(!$user['id']) {
header('Location: /index.php/?m=guest');
exit;
}
switch($_GET['m'])
{
default:
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
include '../../system/nvg.php';
if($user['status'] >= 4) echo '<div class="err"><a href="/m/nr">Добавить раздел</a></div>';
$magaz = mysql_query('select * from `m_tovar` order by `time` desc limit 1');
while($a = mysql_fetch_array($magaz))
{
/* Делаем лимит слов к описанию */
$text = ''.$a['opis'].'';
$array = explode(" ", $text);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
if(count($array) > 3) {
$text_v .= '...';
}
/* Делаем лимит слов к описанию */
echo '</div><div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" alt="*" class="image" align="left" style="margin: 1px 8px 0px 0px;"/>
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'р.</b></font>)
</small><br/>'.$text_v.'<br>
<img src="/images/new.png" class="ico" alt="N"/> <a href="/">
<img src="/images/dollar.png" class="ico" alt="*"/></a>
<a href="/"><img src="/images/cart.png" class="ico" alt="*"/></a></div>';
}
//////////////////
echo '<div class="post2"><form action="" method="POST">
Поиск: <br />
<input type="text" name="text" value="" maxlength="30" />
<input type="submit" name="submit" value="Искать!" />
</form></div>';
/* Если нажали кнопку искать */
if(isset($_POST['submit'])) {
$text = TextGuard($_POST['text']);
if(strlen($text) <1) {
echo '<div class="post2"><center><b>Минимальная длина запроса 1 символ!</b></center></div>';
exit();
}
echo '<div class="menu2">Результаты поиска:</div>';
$s = mysql_query("SELECT * FROM `m_tovar` where `name` LIKE '%".$text."%' ORDER BY `id` DESC ");
$sql = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` where `name` LIKE '%".$text."%' "),0);
/* Выводим */
while($a = mysql_fetch_assoc($s)){
$array = explode(" ", $a['opis']);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
$text_v .= '...';
echo '<div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" alt="*" style="max-width: 100px; max-height: 100px;"/>
<br />
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'</b></font>)</small>
<br />
'.$text_v.'
</div>';
}
if($sql == 0) echo '<div class="post2"><center><b>По вашему запросу ничего не найдено!</b></center></div>';
}
/////////////////
///echo '<div class="post2"><big>»</big> <a href="/m?m=poisk">Поиск</a></div>';
echo '<div class="tegi">Категории:</div>';
$m_razdel = mysql_query('select * from `m_razdel` order by `id` desc');
echo '<div class="menu">';
while($a = mysql_fetch_array($m_razdel)){
echo '<a href="/m/razdel'.$a['id'].'">
<table cols="2" width="100%" cellpadding="0" cellspacing="0" style="font-size:14px;">
<tr>
<td class="lst" width="95%">
<img src="/images/folder.png" alt="*" align="middle" />
'.$a['name'].'
<td class="lst" style="text-align:center;" width="5%">
'.mysql_result(mysql_query('select count(`id`) from `m_kat` where `razdel` = "'.$a['id'].'"'),0).'
</table></tr></td></td></a>';
}
echo '</div>
<div class="tegi">Разделы:</div>
<div class="menu">
<a href="/m/prodavec'.$user['id'].'"><div class="men"><img src="/images/tovar.png" alt="*" align="middle" /> Моя страница</div></a>
<a href="/m/my"><div class="men"><img src="/images/person.png" alt="*" align="middle" /> Кабинет</div></a>
<a href="/m/newst"><div class="men"><img src="/images/new2.png" alt="*" align="middle" /> Новые товары</div></a>
</div>';
break;
case 'add_kat':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$m_r = mysql_fetch_array(mysql_query('select * from `m_razdel` where `id` = "'.$id.'"'));
if($m_r == 0) {
header('Location: /m'); exit;
}
if($user['status'] < 4) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Новая категория</b></div>';
include '../../system/nvg.php';
if(isset($_POST['submit'])) {
$name = TextGuard($_POST['name']);
mysql_query("INSERT INTO `m_kat`(`name`,`razdel`)VALUES('".$name."','".$id."')");
header('Location: /m/razdel'.$id.''); exit;
}
echo '<div class="glav"><form action="/m/add_kat'.$id.'" method="POST">
Имя категории:<br><input name="name"/><br>
<input type="submit" value="Создать" name="submit"/>
</form></div>';
break;
case 'poisk':
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
echo '<div class="post2"><form action="" method="POST">
Введите имя файла: <br />
<input type="text" name="text" value="" maxlength="30" /><br />
<input type="submit" name="submit" value="Искать" />
</form></div>';
/* Если нажали кнопку искать */
if(isset($_POST['submit'])) {
$text = TextGuard($_POST['text']);
if(strlen($text) <1) {
echo '<div class="post2"><center><b>Минимальная длина запроса 1 символ!</b></center></div>';
include '../../system/shopfot.php';
exit();
}
echo '<div class="menu2">Результаты поиска:</div>';
$s = mysql_query("SELECT * FROM `m_tovar` where `name` LIKE '%".$text."%' ORDER BY `id` DESC ");
$sql = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` where `name` LIKE '%".$text."%' "),0);
/* Выводим */
while($a = mysql_fetch_assoc($s)){
$array = explode(" ", $a['opis']);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
$text_v .= '...';
echo '<div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" alt="*" style="max-width: 100px; max-height: 100px;"/>
<br />
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'</b></font>)</small>
<br />
'.$text_v.'
</div>';
}
if($sql == 0) echo '<div class="post2"><center><b>По вашему запросу ничего не найдено!</b></center></div>';
}
break;
case 'nr':
if($user['status'] < 4) {
header('Location: /m'); exit;
}
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Новый раздел</b></div>';
include '../../system/nvg.php';
if(isset($_POST['submit'])) {
$name = TextGuard($_POST['name']);
mysql_query("INSERT INTO `m_razdel`(`name`)VALUES('".$name."')");
header('Location: /m'); exit;
}
echo '<div class="glav"><form action="/m/nr" method="POST">
Имя раздела:<br><input name="name"/><br>
<input type="submit" value="Создать" name="submit"/>
</form></div>';
break;
case 'newst':
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
include '../../system/nvg.php';
echo '<div class="tegi">Новые товары</div>';
$magaz = mysql_query('select * from `m_tovar` order by `time` desc limit 20');
while($a = mysql_fetch_array($magaz))
{
/* Делаем лимит слов к описанию */
$text = ''.$a['opis'].'';
$array = explode(" ", $text);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
if(count($array) > 3) {
$text_v .= '...';
}
/* Делаем лимит слов к описанию */
echo '<div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" alt="*" class="image" align="left" style="margin: 1px 8px 0px 0px;"/>
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'р.</b></font>)
</small><br/>'.$text_v.'<br>
<img src="/images/new.png" class="ico" alt="N"/> <a href="/">
<img src="/images/dollar.png" class="ico" alt="*"/></a>
<a href="/"><img src="/images/cart.png" class="ico" alt="*"/></a></div>';
}
break;
case 'razdel':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$m_r = mysql_fetch_array(mysql_query('select * from `m_razdel` where `id` = "'.$id.'"'));
if($m_r == 0) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '
<div class="tegi"><b>Директория: '.$m_r['name'].'</b></div>
<div class="tegi"><b>Категории и товары:</div>';
include '../../system/nvg.php';
if($user['status'] >= 4) echo '<div class="post1"><img src="http://profiwm.com/m/images/up.png"/> <a href="/m/add_kat'.$id.'">Добавить категорию</a></div>';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_kat` WHERE `razdel` = '".$id."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$m_tov = mysql_query("SELECT * FROM `m_kat` WHERE `razdel`='".$id."' ORDER BY `id` desc LIMIT $start,$cop");
echo '<div class="menu">';
while($a = mysql_fetch_array($m_tov)){
echo '<a href="/m/kat'.$a['id'].'"><table cols="2" width="100%" cellpadding="0" cellspacing="0" style="font-size:14px;">
<tr><td class="lst" width="95%"><img src="http://profiwm.com/m/images/folder.png" alt="*" align="middle" /> '.$a['name'].'
<td class="lst" style="text-align:center;" width="5%">'.mysql_result(mysql_query('select count(`id`) from `m_tovar` where `kat` = "'.$a['id'].'"'),0).'</div></a></td></tr></table>';
}
echo '</div>';
echo '<div class="spis">Стр. ';
if($p-2>0) echo '<a href="/m/razdel'.$id.'?p=1"><<</a> ';
if($p-1>0) echo '<a href="/m/razdel'.$id.'?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/m/razdel'.$id.'?p=1'.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/m/razdel'.$id.'?p=1'.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/m/razdel'.$id.'?p=1'.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/m/razdel'.$id.'?p=1'.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/m/razdel'.$id.'?p=1'.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/m/razdel'.$id.'?p=1'.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/m/razdel'.$id.'?p=1'.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/m/razdel'.$id.'?p=1'.ceil($ca/$cop).'">>></a>';
echo '</div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'kat':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$m_r = mysql_fetch_array(mysql_query('select * from `m_kat` where `id` = "'.$id.'"'));
if($m_r == 0) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Директория: '.$m_r['name'].'</b></div>';
echo '<div class="tegi"><b>Категории и товары:</b></div>';
include '../../system/nvg.php';
echo '<div class="post1"><img src="http://profiwm.com/m/images/up.png"/> <a href="/m/add'.$id.'">Добавить товар</a></div>';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` WHERE `kat` = '".$id."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$m_tov = mysql_query("SELECT * FROM `m_tovar` WHERE `kat`='".$id."' ORDER BY `id` desc LIMIT $start,$cop");
while($a = mysql_fetch_array($m_tov)){
/* Делаем лимит слов к описанию */
$text = ''.$a['opis'].'';
$array = explode(" ", $text);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
if(count($array) > 3) {
$text_v .= '...';
}
/* Делаем лимит слов к описанию */
echo '<div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" alt="*" style="max-width: 100px; max-height: 100px;"/>
<br />
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'</b></font>)</small>
<br />
'.$text_v.'
</div>';
}
echo '<div class="spis">Стр. ';
if($p-2>0) echo '<a href="/m/kat'.$id.'?p=1"><<</a> ';
if($p-1>0) echo '<a href="/m/kat'.$id.'?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/m/kat'.$id.'?p=1'.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/m/kat'.$id.'?p=1'.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/m/kat'.$id.'?p=1'.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/m/kat'.$id.'?p=1'.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/m/kat'.$id.'?p=1'.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/kat'.$id.'?p=1'.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/m/kat'.$id.'?p=1'.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/m/kat'.$id.'?p=1'.ceil($ca/$cop).'">>></a>';
echo '</div>';
break;
case 'prodavec':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /index.php '); exit;
}
$us = mysql_fetch_array(mysql_query('select * from `user` where `id` = '.$id.''));
if($us == 0){
header('Location: /index.php'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Продавец '.$us['login'].'</b></div>';
include '../../system/nvg.php';
echo '<div class="post1"><a href="/us'.$id.'">Страница на сайте</a> <br />
<img src="/modules/profile/images/rating.png"/> Рейтинг: '.$us['rating'].' <br />
<img src="/images/plus.png"/> <a href="/us'.$id.'?m=arbitr">Арбитраж</a>
[<b><font color="green">'.mysql_result(mysql_query("SELECT COUNT(*) FROM `arbitr` WHERE `ho` = '".$us['id']."' and `ver` = '1'"),0).'</font></b>/<b><font color="red">'.mysql_result(mysql_query("SELECT COUNT(*) FROM `arbitr` WHERE `ho` = '".$us['id']."' and `ver` = '2'"),0).'</font></b>]</div>
<div class="post1">';
if($us['wmid'] == NULL){
echo 'WMID не заполнен!';
} else {
echo 'WMID: <a href="https://passport.webmoney.ru/asp/certView.asp?wmid='.$us['wmid'].'">'.$us['wmid'].' </a><br/>
BL <img src="http://stats.wmtransfer.com/Levels/pWMIDLevel.aspx?wmid='.$us['wmid'].'&w=35&h=18&bg=0XFFFFFF" /><br/>
Претензии/Отзывы: <img src="http://arbitrage.webmoney.ru/xml/AL.aspx?wmid='.$us['wmid'].'" />';
}
echo '</div>
<div class="post1"><a href="/m/shop'.$id.'">Товаров в магазине:</a> ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` WHERE `us` = '".$us['id']."' "),0).')</div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>
';
break;
case 'tovar_del':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$tovar = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = "'.$id.'"'));
if($tovar == 0) {
header('Location: /m'); exit;
}
if($tovar['us'] == $user['id'] or $user['status'] >= 4) {
mysql_query("DELETE FROM `m_tovar` WHERE `id` = '".$id."'");
header('Location: /m');
} else {
header('Location: /m');
exit();
}
break;
case 'tovar_red':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Редактирование товара '.$tovar['name'].'</b>
</div>';
include '../../system/nvg.php';
$tovar = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = "'.$id.'"'));
if($tovar == 0) {
header('Location: /m'); exit;
}
if($tovar['us'] == $user['id'] or $user['status'] >= 4) {
if(isset($_POST['submit'])){
$name = TextGuard($_POST['name']);
if(empty($name)) $err[] = 'Название осталось пустым...';
$opis = TextGuard($_POST['opis']);
if(empty($opis)) $err[] = 'Описание осталось пустым...';
$rub = TextGuard($_POST['rub']);
if(empty($rub)) $err[] = 'Вы не ввели стоимость товара...';
$koppr = TextGuard($_POST['koppr']);
if(empty($koppr)) $err[] = 'Вы не ввели количество копий к продаже товара...';
if(!empty($koppr)) if(!is_numeric($koppr)) $err[] = 'Разрешено вводить только цифры..';
if(!empty($rub)) if(!is_numeric($rub)) $err[] = 'Разрешено вводить только цифры..';
$dop = TextGuard($_POST['dop']);
if(!$err){
echo '<div class="msg"><b>Товар успешно отредактирован..</b></div>';
mysql_query("UPDATE `m_tovar` SET `name`='".$name."',`opis`='".$opis."',`rub`='".$rub."',`koppr`='".$koppr."',`dop`='".$dop."' WHERE `id`='".$id."' limit 1");
} else {
echo '<div class="err"><b>';
foreach($err as $err_info) {
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="glav"><form action="/m/tovar_red'.$id.'" method="post">
Название:<br><input name="name" value="'.$tovar['name'].'"/><br />
Описание:<br/><textarea name="opis">'.$tovar['opis'].'</textarea> <br />
Цена (в рублях):<br><input name="rub" value="'.$tovar['rub'].'"/><br />
Копий к продаже:<br><input name="koppr" value="'.$tovar['koppr'].'"/><br />
<input type="radio" name="dop" value="1"/> права на перепродажу<br/>
<input type="submit" value="Отправить" name="submit"/>
</form></div>
<div class="post1"><a href="/modules/m/files/'.$tovar['file'].'"><img src="http://profiwm.com/m/images/up.png"/> Скачать файл</a></div>
<div class="post1"><a href="/m/tovar_del'.$id.'"><big>Удалить товар</big></a></div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
} else {
header('Location: /m'); exit;
}
break;
case 'tovar':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$tovar = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = "'.$id.'"'));
$t_r = mysql_fetch_array(mysql_query('select * from `user` where `id` = "'.$tovar['us'].'"'));
if($tovar == 0) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b> '.$tovar['name'].'</b></div>';
include '../../system/nvg.php';
$kup = mysql_fetch_array(mysql_query('select * from `m_kup` where `tovar` = "'.$id.'" and `us` = "'.$user['id'].'" limit 1'));
/* Если купили товар */
if(!$kup == 0) echo '<div class="post1">
<a href="/modules/m/files/'.$tovar['file'].'">
<img src="http://profiwm.com/m/images/up.png"/> Загрузить файл</a>
</div>';
/* Если все копии проданы */
if($tovar['koppr'] == $tovar['countp']) {
echo '<div class="post1">Все копии проданы!</div>
<div class="post1"><img src="/images/cart.png"/> <a href="/m/">Магазин</a></div>';
include '../../system/shopfot.php';
exit();
}
echo '
<a href="/m/dir.php?id=0" style="color:white;"></a>
<a href="/m/dir.php?id=" style="color:white;"></a>
<a href="/m/dir.php?id=" style="color:white;"></a>
</center></div><div class="post1">
<img src="/modules/m/files/'.$tovar['scrin'].'" rel="lightbox" alt="*" class="image" align="left" style="margin: 1px 8px 0px 0px;"/>
<a>'.$tovar['name'].'</a>
<br/>'.$tovar['opis'].' <hr/></dev> ';
/* Действия */
if($user['id'] != $tovar['us']){
/* Купить */
if($kup == 0) echo ' <a href="/m/tov_kup'.$id.'"><img src="http://profiwm.com/m/images/dollar.png"/> </a>';
/* В корзину */
$k = mysql_fetch_array(mysql_query('select * from `m_korz` where `tovar` = "'.$id.'" and `us` = "'.$user['id'].'" limit 1'));
if($k == 0){
echo ' <a href="/m/tov_korz'.$id.'"><img src="http://profiwm.com/m/images/cart.png"/> </a>';
} else {
echo ' <a href="/m/tov_korz'.$id.'"><img src=""/><img src="http://profiwm.com/m/images/cart2.png"/></a>';
}
}
echo '</div>';
/* Добавление скриншота */
if($user['id'] == $tovar['us']) {
echo '<div class="post1"><a href="/m/scrin'.$id.'">Добавить новый скриншот</a></div>';
}
/* Редактирование товара */
if($user['id'] == $tovar['us'] or $user['status'] >= 4) {
echo '<div class="post1"><a href="/m/tovar_red'.$id.'">Редактировать товар</a></div>';
}
echo '<div class="post1">Цена: <b>'.$tovar['rub'].'р</b>';
if($tovar['dop'] == 1) echo '<br /><b>Дополнительно: <font color="red">права на перепродажу</font></b>';
echo '<br />Вес: '.round(filesize('files/'.$tovar['file'].'')/1024).' Kb <br />
Дата добавления: '.times($tovar['time']).' <br />
Автор: '.ustatus($tovar['us']).' <a href="/us'.$tovar['us'].'">'.uname($tovar['us']).'</a> '.uaccess($tovar['us']).'
[<a href="/m/prodavec'.$tovar['us'].'">!!!</a>] (<img src="/modules/profile/images/rating.png"/>'.$t_r['rating'].')';
if(!$tovar['countp'] == NULL) {
echo ' ('.$tovar['countp'].' проданы)';
}
echo '<br />
Копий к продаже: '.$tovar['koppr'].' <br />
Добавили в корзину: '.mysql_result(mysql_query('select count(`id`) from `m_korz` where `tovar` = "'.$id.'"'),0).' <br />
</div><div class="post1">WMID: <a href="https://passport.webmoney.ru/asp/certView.asp?wmid='.$t_r['wmid'].'">'.$t_r['wmid'].' </a> <br />
BL: <img src="http://stats.wmtransfer.com/Levels/pWMIDLevel.aspx?wmid='.$t_r['wmid'].'&w=35&h=18&bg=0XFFFFFF" /> <br />
Претензии/Отзывы: <img src="http://arbitrage.webmoney.ru/xml/AL.aspx?wmid='.$t_r['wmid'].'" /> <br />
<a href="/m/shop'.$t_r['id'].'">Все товары продавца</a> ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` WHERE `us` = '".$t_r['id']."' "),0).')
<br />
<a href="/us'.$t_r['id'].'?m=arbitr">Арбитраж</a>
[<b><font color="green">'.mysql_result(mysql_query("SELECT COUNT(*) FROM `arbitr` WHERE `ho` = '".$t_r['id']."' and `ver` = '1'"),0).'</font></b>/<b><font color="red">'.mysql_result(mysql_query("SELECT COUNT(*) FROM `arbitr` WHERE `ho` = '".$t_r['id']."' and `ver` = '2'"),0).'</font></b>]
</div>';
///////////////////////////////////////////
echo '<div class="scr"><center><a href="/modules/m/files/'.$tovar['scrin'].'">
<img src="/modules/m/files/'.$tovar['scrin'].'" class="screen" alt="*"/></a> ';
$m_scrin = mysql_query("SELECT * FROM `m_tov_scrin` WHERE `tovar`='".$id."' ");
while($a = mysql_fetch_array($m_scrin)){
echo '<a href="/modules/m/files/'.$a['file'].'"><img src="/modules/m/files/'.$a['file'].'" class="screen" alt="*"/></a> ';
}
echo '</center></div>';
///////////////////////////////////////////
if(isset($_POST['submit'])) {
$text = TextGuard($text);
if(empty($text)) $err[] = 'Сообщение осталось пустым...';
$kom = mysql_fetch_array(mysql_query('select * from `m_t_comm` where `author` = "'.$user['id'].'" and `text` = "'.$text.'"'));
if($kom != 0) $err[] = 'Вы уже писали подобное сообщение...';
if(!$err){
mysql_query("INSERT INTO `m_t_comm`(`tovar`,`author`,`text`,`time`)VALUES('".$id."','".$user['id']."','".$text."','".time()."')");
header('Location: /m/tovar'.$id.''); exit;
} else {
echo '<div class="err"><b>';
foreach($err as $err_info){
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="tegi"><img src="/images/comment.png" alt="*" align="middle"/> Обсуждение товара:</div>';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_t_comm` where `tovar` = '".$id."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p']) && $ca != 0){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$m_to = mysql_query("SELECT * FROM `m_t_comm` where `tovar` = '".$id."' ORDER BY `id` DESC LIMIT $start,$cop");
while($a = mysql_fetch_assoc($m_to)){
echo '<div class="post2">'.ustatus($a['author']).' <a href="/us'.$a['author'].'">'.uname($a['author']).'</a> '.uaccess($a['author']).'
('.times($a['time']).') <br/> '.smiles(bbcode($a['text'])).'</div>';
}
echo '<div class="glav"><form action="" method="post">
Ваш комментарий:<br><textarea name="text" style="width:98%;" rows="3"></textarea><br>
<input type="submit" name="submit" value="Комментировать"/>
</form></div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'scrin':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$tovar = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = "'.$id.'"'));
if($tovar == 0) {
header('Location: /m'); exit;
}
echo '<div class="tegi"><b>Добавление скриншота </b>
</div>';
include '../../system/nvg.php';
if($user['id'] == $tovar['us']){
if(isset($_POST['submit'])){
if(!@file_exists($_FILES['filename']['tmp_name'])) $err[] = 'Вы не выбрали файл...';
if($_FILES['filename']['size'] != 0 and $_FILES['filename']['size'] > 10024000) $err[] = 'Слишком большой файл...';
$filetype = array ( 'jpg', 'gif', 'png', 'jpeg', 'bmp' );
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], "." )+1);
if(!in_array($upfiletype,$filetype)) $err[] = 'Вы пытаетесь загрузить недопустимый формат файла...';
if(!$err){
$fn = date('dmY').'_fn'.rand(1234,5678).'_'.$_FILES['filename']['name'];
move_uploaded_file($_FILES['filename']['tmp_name'], "files/".$fn."");
mysql_query("INSERT INTO `m_tov_scrin`(`tovar`,`file`)VALUES('".$id."','".$fn."')");
echo '<div class="msg"><b>Скрин успешно загружен..</b></div>';
} else {
echo '<div class="err"><b>';
foreach($err as $err_info) {
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="glav"><form action="/m/scrin'.$id.'" method="post" enctype="multipart/form-data">
Выберите скрин:<br><input type="file" name="filename"/><br />
<input type="submit" value="Загрузить" name="submit"/>
</form></div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
} else {
echo '<div class="post1">Это не ваш товар!</div>';
}
break;
case 'my':
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Кабинет</b>
</div>';
include '../../system/nvg.php';
echo '<div class="menu">
<a href="/m/shop'.$user['id'].'"><div class="men"><img src="http://profiwm.com/m/images/add.png" alt="*" align="middle" /> Мои товары</div></a>
<a href="/m/korzin"><div class="men"><img src="http://profiwm.com/m/images/cart.png" alt="*" align="middle" /> Моя корзина</div></a>
<a href="/m/my_kup"><div class="men"><img src="http://profiwm.com/m/images/my_bag.png" alt="*" align="middle" /> Мои покупки</div></a>
</div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'comm':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$tovar = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = "'.$id.'"'));
if($tovar == 0) {
header('Location: /m'); exit;
}
echo '<div class="podverh">
<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co"><b>Online SHOP / Комментарии к товару</b>
</div></div></div><div class="start"><div class="s"><div class="ss"><span><a href="/cab">В кабинет</a></span></div></div>';
include '../../system/nvg.php';
if(isset($_POST['submit'])) {
$text = TextGuard($text);
if(empty($text)) $err[] = 'Сообщение осталось пустым...';
$kom = mysql_fetch_array(mysql_query('select * from `m_t_comm` where `author` = "'.$user['id'].'" and `text` = "'.$text.'"'));
if($kom != 0) $err[] = 'Вы уже писали подобное сообщение...';
if(!$err){
mysql_query("INSERT INTO `m_t_comm`(`tovar`,`author`,`text`,`time`)VALUES('".$id."','".$user['id']."','".$text."','".time()."')");
header('Location: /m/comm'.$id.''); exit;
} else {
echo '<div class="err"><b>';
foreach($err as $err_info){
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="post2">Товар: <a href="/m/tovar'.$id.'">'.$tovar['name'].'</a></div>
<div class="post2">Комментарии:</div>
<div class="glav"><form action="" method="post">
Ваш комментарий:<br><textarea name="text" style="width:98%;" rows="3"></textarea><br>
<input type="submit" name="submit" value="Комментировать"/>
</form></div>';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_t_comm` where `tovar` = '".$id."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p']) && $ca != 0){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$m_to = mysql_query("SELECT * FROM `m_t_comm` where `tovar` = '".$id."' ORDER BY `id` DESC LIMIT $start,$cop");
while($a = mysql_fetch_assoc($m_to)){
echo '<div class="post2">'.ustatus($a['author']).' <a href="/us'.$a['author'].'">'.uname($a['author']).'</a> '.uaccess($a['author']).'
('.times($a['time']).') <br/> '.smiles(bbcode($a['text'])).'</div>';
}
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'my_kup':
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Мои покупки</b>
</div>';
include '../../system/nvg.php';
$cop = 10;
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_kup` where `us` = '".$user['id']."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
} else {
$p = 1;
}
$start = $p*$cop-$cop;
$ab = mysql_query("SELECT * FROM `m_kup` where `us` = '".$user['id']."' ORDER BY `id` DESC LIMIT $start,$cop");
while($a = mysql_fetch_array($ab)){
echo '<div class="post2">
<a href="/m/tovar'.$a['tovar'].'">'.$a['name'].'</a>
</div>';
}
echo '<div class="spis">Стр. ';
if($p-2>0) echo '<a href="/m/my_kup?p=1"><<</a> ';
if($p-1>0) echo '<a href="/m/my_kup?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/m/my_kup?p=1'.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/m/my_kup?p=1'.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/m/my_kup?p=1'.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/m/my_kup?p=1'.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/m/my_kup?p=1'.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/m/my_kup?p=1'.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/m/my_kup?p=1'.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/m/my_kup?p=1'.ceil($ca/$cop).'">>></a>';
echo '</div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'korzin':
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Моя корзина</b>
</div>';
include '../../system/nvg.php';
$cop = 10;
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_korz` where `us` = '".$user['id']."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
} else {
$p = 1;
}
$start = $p*$cop-$cop;
$ab = mysql_query("SELECT * FROM `m_korz` where `us` = '".$user['id']."' ORDER BY `id` DESC LIMIT $start,$cop");
while($a = mysql_fetch_array($ab)){
echo '<div class="post2">
<a href="/m/tovar'.$a['tovar'].'">'.$a['name'].'</a>
</div>';
}
echo '<div class="spis">Стр. ';
if($p-2>0) echo '<a href="/m/korzin?p=1"><<</a> ';
if($p-1>0) echo '<a href="/m/korzin?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/m/korzin?p=1'.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/m/korzin?p=1'.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/m/korzin?p=1'.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/m/korzin?p=1'.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/m/korzin?p=1'.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/m/korzin?p=1'.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/m/korzin?p=1'.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/m/korzinp?p=1'.ceil($ca/$cop).'">>></a>';
echo '</div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'add':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /m'); exit;
}
$r = mysql_fetch_array(mysql_query('select * from `m_kat` where `id` = "'.$id.'"'));
if($r == 0) {
header('Location: /m'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Новый товар</b>
</div>';
include '../../system/nvg.php';
if($user['wmid'] == NULL){
echo '<div class="post2">У вас не заполнен WMID!</div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
include '../../system/shopfot.php';
exit();
}
if(isset($_POST['submit'])){
$name = TextGuard($_POST['name']);
if(empty($name)) $err[] = 'Название осталось пустым...';
$opis = TextGuard($_POST['opis']);
if(empty($opis)) $err[] = 'Описание осталось пустым...';
$rub = TextGuard($_POST['rub']);
if(empty($rub)) $err[] = 'Вы не ввели стоимость товара...';
$koppr = TextGuard($_POST['koppr']);
if(empty($koppr)) $err[] = 'Вы не ввели количество копий к продаже товара...';
if(!empty($koppr)) if(!is_numeric($koppr)) $err[] = 'Разрешено вводить только цифры..';
if(!empty($rub)) if(!is_numeric($rub)) $err[] = 'Разрешено вводить только цифры..';
$dop = TextGuard($_POST['dop']);
if(!@file_exists($_FILES['filename']['tmp_name'])) $err[] = 'Вы не выбрали файл...';
if($_FILES['filename']['size'] != 0 and $_FILES['filename']['size'] > 10024000) $err[] = 'Слишком большой файл...';
$filetype = array ( 'zip' );
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], "." )+1);
if(!in_array($upfiletype,$filetype)) $err[] = 'Вы пытаетесь загрузить недопустимый формат файла...';
if(!@file_exists($_FILES['file']['tmp_name'])) $err[] = 'Вы не выбрали файл...';
if($_FILES['file']['size'] != 0 and $_FILES['file']['size'] > 10024000) $err[] = 'Слишком большой файл...';
$filetype1 = array ( 'jpg', 'gif', 'png', 'jpeg', 'bmp', 'zip', 'rar', '7z', 'txt', 'mp3', 'avi', 'mp4', '3gp' );
$upfiletype1 = substr($_FILES['file']['name'], strrpos( $_FILES['file']['name'], "." )+1);
if(!in_array($upfiletype1,$filetype1)) $err[] = 'Вы пытаетесь загрузить недопустимый формат файла...';
if(!$err){
$fn = date('dmY').'_fn'.rand(1234,5678).'_'.$_FILES['filename']['name'];
move_uploaded_file($_FILES['filename']['tmp_name'], "files/".$fn."");
$file = date('dmY').'_fn'.rand(1234,5678).'_'.$_FILES['file']['name'];
move_uploaded_file($_FILES['file']['tmp_name'], "files/".$file."");
mysql_query("INSERT INTO `m_tovar`(`kat`,`name`,`opis`,`rub`,`us`,`countp`,`dop`,`time`,`koppr`,`file`,`scrin`)VALUES('".$id."','".$name."','".$opis."','".$rub."','".$user['id']."','0','".$dop."','".time()."','".$koppr."','".$fn."','".$file."')");
echo '<div class="msg"><b>Товар успешно выставлен на продажу..</b></div>';
} else {
echo '<div class="err"><b>';
foreach($err as $err_info) {
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="glav"><form action="/m/add'.$id.'" method="post" enctype="multipart/form-data">
Название:<br><input name="name"/><br />
Описание:<br/><textarea name="opis"></textarea> <br />
Файл:<br><input type="file" name="filename"/><br />
Скриншот:<br><input type="file" name="file"/><br />
Цена (в рублях):<br><input name="rub"/><br />
Копий к продаже:<br><input name="koppr"/><br />
<input type="radio" name="dop" value="1"/> права на перепродажу<br/>
<input type="submit" value="Отправить" name="submit"/>
</form></div>
<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'kup':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /index.php '); exit;
}
$kup = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = '.$id.''));
if($kup == 0){
header('Location: /index.php'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Покупка товара</b>
</div>';
include '../../system/nvg.php';
$k = mysql_fetch_array(mysql_query('select * from `m_kup` where `tovar` = "'.$id.'" and `us` = "'.$user['id'].'" limit 1'));
if(!$k == 0){
echo '<div class="post2">Вы уже покупали данный товар!</div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
include '../../system/shopfot.php';
exit();
}
if($user['rub'] >= $kup['rub']) {
mysql_query("INSERT INTO `op`(`who`,`ho`,`text`,`time`,`read`,`sort`)VALUES('".$kup['us']."','".$user['id']."','Купил ваш товар в магазине [url=/m/tovar".$id."]ссылка на товар[/url]!','".time()."','0','3')");
mysql_query("INSERT INTO `m_kup`(`tovar`,`us`,`name`)VALUES('".$id."','".$user['id']."','".$kup['name']."')");
mysql_query("UPDATE `user` SET `rub`=`rub`-'".$kup['rub']."' WHERE `id`='".$user['id']."' limit 1");
mysql_query("UPDATE `user` SET `rub`=`rub`+'".$kup['rub']."' WHERE `id`='".$kup['us']."' limit 1");
mysql_query("UPDATE `m_tovar` SET `countp`=`countp`+1 WHERE `id`='".$id."' limit 1");
echo '<div class="post2">Вы успешно купили товар!</div>';
} else {
echo '<div class="post2">На вашем счету не достаточно денег!</div>';
}
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'korz':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /index.php '); exit;
}
$korz = mysql_fetch_array(mysql_query('select * from `m_tovar` where `id` = '.$id.''));
if($korz == 0){
header('Location: /index.php'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Добавление товара в корзину</b>
</div>';
include '../../system/nvg.php';
$k = mysql_fetch_array(mysql_query('select * from `m_korz` where `tovar` = "'.$id.'" and `us` = "'.$user['id'].'" limit 1'));
if($k == 0){
mysql_query("INSERT INTO `m_korz`(`tovar`,`us`,`name`)VALUES('".$id."','".$user['id']."','".$korz['name']."')");
echo '<div class="post2">Товар успешно добавлен в корзину!</div>';
} else {
mysql_query("DELETE FROM `m_korz` WHERE `tovar` = '".$id."'");
echo '<div class="post2">Товар успешно удален из корзины!</div>';
}
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
case 'tov_prod':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id)) {
header('Location: /index.php '); exit;
}
$us = mysql_fetch_array(mysql_query('select * from `user` where `id` = '.$id.''));
if($us == 0){
header('Location: /index.php'); exit;
}
echo '<div class="mag"><div class="logo2"><center><img src="/images/logo1.png" alt="*"/></div> ';
////////////////////////////////////////////////////////////////////////////////////
$rek = mysql_query("SELECT * FROM `ads` WHERE `mode` = '1'");
echo '<div class="rek"><div class="rekl">';
while($rek2 = mysql_fetch_array($rek))
{
echo '<img src="/images/r.png" alt="*"> <a href="'.$rek2['link'].'">'.$rek2['name'].'</a></br>';
}
echo '<img src="/images/r.png" alt="*"> <a href="bl?bl=rek">Купить рекламу</a></br>';
echo '</div>';
echo '</div>';
include 'system/nvg.php';
/////////////////////////////////////////////////
if($user['id']) {
echo ' <div class="start">';
echo '<div class="s" style="border-bottom:none;">';
echo '<table style="width:100%" cellspacing="0" cellpadding="0">';
echo '<tbody><tr><td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/cab/" title="Кабинет"><img class="ico" align="middle" src="/images/vcard.png" alt="*"></a></center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center>';
echo '<a href="/privat/" title="Почта"><img class="ico" align="middle" src="/images/mail2.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `privat` where `ho` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo ' <b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '<td style="vertical-align:top;width:10%;">';
echo '<center><a href="/op/" title="Оповещения"><img class="ico" align="middle" src="/images/warning.png" alt="*"></a>';
if($user['id']){
$c = mysql_result(mysql_query('select count(`id`) from `op` where `who` = "'.$user['id'].'" and `read` = "0"'),0);
if($c != 0) echo '<b> (+'.$c.')</b>';
}
echo '</center></td>';
echo '</tr></tbody></table>';
echo '</div>';
}
//////////////////////////////////////////////////////
echo '<div class="tegi"><b>Товары '.$us['login'].'</b></div>';
include '../../system/nvg.php';
$cop = $user['on_page'];
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `m_tovar` WHERE `us` = '".$id."'"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = $_GET['p'];
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$m_tov = mysql_query("SELECT * FROM `m_tovar` WHERE `us`='".$id."' ORDER BY `id` desc LIMIT $start,$cop");
while($a = mysql_fetch_array($m_tov)){
/* Делаем лимит слов к описанию */
$text = ''.$a['opis'].'';
$array = explode(" ", $text);
$text_num = array_slice($array, 0, 20);
$text_v = implode(" ", $text_num);
if(count($array) > 3) {
$text_v .= '...';
}
/* Делаем лимит слов к описанию */
echo '<div class="post2">
<img src="/modules/m/files/'.$a['scrin'].'" rel="lightbox" alt="*" class="image" align="left" style="margin: 1px 8px 0px 0px;"/>
<br />
<a href="/m/tovar'.$a['id'].'">'.$a['name'].'</a> <small>(<font color="green"><b>'.$a['rub'].'р</b></font>)</small>
<br />
'.$text_v.'
</div>';
}
echo '<div class="spis">Стр. ';
if($p-2>0) echo '<a href="/m/shop'.$id.'?p=1"><<</a> ';
if($p-1>0) echo '<a href="/m/shop'.$id.'?p='.($p-1).'"><</a> ';
if($p-3>0) echo '<a href="/m/shop'.$id.'?p=1'.($p-3).'">'.($p-3).'</a> | ';
if($p-2>0) echo '<a href="/m/shop'.$id.'?p=1'.($p-2).'">'.($p-2).'</a> | ';
if($p-1>0) echo '<a href="/m/shop'.$id.'?p=1'.($p-1).'">'.($p-1).'</a> | ';
echo '<b>'.$p.'</b>';
if($p+1<=$cp) echo ' | <a href="/m/shop'.$id.'?p=1'.($p+1).'">'.($p+1).'</a>';
if($p+2<=$cp) echo ' | <a href="/m/shop'.$id.'?p=1'.($p+2).'">'.($p+2).'</a>';
if($p+3<=$cp) echo ' | <a href="/m/shop'.$id.'?p=1'.($p+3).'">'.($p+3).'</a>';
if($p+1<=$cp) echo ' <a href="/m/shop'.$id.'?p=1'.($p+1).'">></a>';
if($p+2<=$cp) echo ' <a href="/m/shop'.$id.'?p=1'.ceil($ca/$cop).'">>></a>';
echo '</div>';
echo '<div class="post1"><img src="http://profiwm.com/m/images/cart.png"/> <a href="/m/">Магазин</a></div>';
break;
}
include '../../system/shopfot.php';
?>