Файл: smiles.php
Строк: 75
<?
include 'system/core.php';
$_title = 'Смайлы';
include 'system/header.php';
switch($_GET['mod']){
case 'add':
if($user['status'] != 4)
{
header('Location: /smiles.php'); exit;
}
echo '<div class="podverh">';
echo '<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co"><b>Новый смайл</b></div></div></div> ';
echo '<div class="start">';
include 'modules/op/c.php';
include 'modules/privat/c.php';
echo '<div class="s"><div class="ss"><span><a href="smiles.php">Смайлы</a></span></div></div>';
if(isset($_POST['submit']))
{
$cat = TextGuard($cat);
if(empty($cat)) $err[] = 'Вы не выбрали категорию...';
$name = TextGuard($name);
if(empty($name)) $err[] = 'Вы забыли написать имя смайла...';
$smiles_name = mysql_fetch_array(mysql_query('select * from `smiles` where `name` = "'.$name.'" limit 1'));
if($smiles_name != 0) $err[] = 'Такой смайл уже существует...';
if(!@file_exists($_FILES['filename']['tmp_name'])) $err[] = 'Вы не выбрали файл!';
if($_FILES['filename']['size'] != 0 and $_FILES['filename']['size'] > 1024000) $err[] = 'Слишком большой файл...';
$filetype = array ( 'jpg', 'gif', 'png', 'jpeg', 'bmp' );
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], "." )+1);
if(!in_array($upfiletype,$filetype)) $err[] = 'Вы пытаетесь загрузить недопустимый формат файла...';
if(!$err)
{
$fn = 'smile_s_'.time();
move_uploaded_file($_FILES['filename']['tmp_name'], "smiles/".$fn."");
mysql_query("INSERT INTO `smiles`(
`c`,
`name`,
`img`
)VALUES(
'".$cat."',
'".$name."',
'".$fn."'
)");
echo '<div class="err"><img src="/modules/profile/images/clean.png"/><b> Смайл упешно добавлен!</b></div>';
}
else
{
echo '<div class="err"><b>';
foreach($err as $err_info)
{
echo $err_info.'<br>';
}
echo '</b></div>';
}
}
echo '<div class="post">
<form action="" method="post" enctype="multipart/form-data">
Выберите категорию:<br>
<select name="cat">';
$smiles_c = mysql_query("SELECT * FROM `smiles_c` ORDER BY `id` DESC");
while($smiles_c2 = mysql_fetch_assoc($smiles_c))
{
echo '<option value="'.$smiles_c2['id'].'">'.$smiles_c2['name'].'</option>';
}
echo '</select><br>
Файл:<br><input type="file" name="filename"/><br>
Название:<br><input name="name"/><br>
<input type="submit" value="Загрузить" name="submit"/>
</form></div>';
break;
default:
echo '<div class="podverh">';
echo '<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co"><b>Смайлы</b></div></div></div> ';
echo '<div class="start">';
include 'modules/op/c.php';
include 'modules/privat/c.php';
echo '<div class="s"><div class="ss"><span><a href="/cab">В кабинет</a></span></div></div>';
if($user['status'] == 4) echo '<div class="poste"><img src="/images/addsmiles.png" alt="*"> <a href="/smiles.php?mod=add">Добавить смайл</a></div>';
$smiles_c = mysql_query("SELECT * FROM `smiles_c` ORDER BY `id` DESC");
while($smiles_c2 = mysql_fetch_assoc($smiles_c))
{
echo '<div class="post2"><img src="/images/crate.png" alt="*"> <a href="/smiles.php?mod=category&id='.$smiles_c2['id'].'">'.$smiles_c2['name'].'</a> ['.mysql_result(mysql_query('select count(`id`) from `smiles` where `c` = "'.$smiles_c2['id'].'"'),0).']</div>';
}
break;
case 'category':
$id = TextGuard($_GET['id']);
if(empty($id) or !is_numeric($id))
{
header('Location: /smiles.php'); exit;
}
$smiles_c = mysql_fetch_array(mysql_query('select * from `smiles_c` where `id` = "'.$id.'"'));
if($smiles_c == 0)
{
header('Location: ?'); exit;
}
echo '<div class="podverh">';
echo '<div class="uv"><div class="sm"></div><div class="sm"></div><div class="co"><b>'.$smiles_c['name'].'</b></div></div></div> ';
echo '<div class="start">';
include 'modules/op/c.php';
include 'modules/privat/c.php';
echo '<div class="s"><div class="ss"><span><a href="smiles.php">Смайлы</a></span></div></div>';
if(isset($_GET['delete']))
{
$smile_id = TextGuard($_GET['smile_id']);
if(empty($smile_id) or !is_numeric($smile_id))
{
header('Location: /smiles.php'); exit;
}
$smile = mysql_fetch_array(mysql_query('select * from `smiles` where `id` = "'.$smile_id.'"'));
if($smile == 0)
{
header('Location: /smiles.php?'); exit;
}
unlink('smiles/'.$smile['img'].'');
mysql_query("DELETE FROM `smiles` WHERE `id` = '".$smile_id."'");
header('Location: /smiles.php?mod=category&id='.$id.''); exit;
}
$smiles = mysql_query("SELECT * FROM `smiles` where `c` = '".$id."' ORDER BY `id` DESC");
while($smiles2 = mysql_fetch_assoc($smiles))
{
echo '<div class="post2">'.$smiles2['name'].' - <img src="smiles/'.$smiles2['img'].'"/>';
if($user['status'] == 4) echo ' [<a href="/smiles.php?mod=category&id='.$id.'&delete&smile_id='.$smiles2['id'].'">уд</a>]';
echo '</div>';
}
break;
}
include 'system/footer.php';
?>