Файл: diary.php
Строк: 457
<?php
require_once("core/core.php");
$location = '(Смотрит дневники)';
switch ($_GET['act']) {
//~~~~~~~~~Создание записи~~~~~~~~~~~~~~~//
case 'add':
if (!$u['id']) {
header("Location: reg.php?err=1");
exit;
}
$title = $title . ' :: Дневник :: Новая запись';
require('head.php');
require('core/panel.php');
echo '<div class="title"><center><a href = "diary.php?act=view&id=' . $u['id'] . '">Дневник</a> :: <b>Новая запись</b></center></div>';
$flood = mysql_query("SELECT `time` FROM `diary_messages` WHERE `user` = '" . $u['id'] . "' AND `time` > '" . (time() - $system['diary_antiflud']) . "'");
if (mysql_num_rows($flood)) {
error(' <b>Ошибка!</b></br> Можно добавлять дневники только раз в ' . $system['diary_antiflud'] . ' сек.');
require('foot.php');
exit;
}
if (isset($_POST['submit']) && $_POST['name'] && $_POST['message']) {
$name = check(substr($_POST['name'], 0, 100));
$message = check(substr($_POST['message'], 0, 10000));
$priv = num($_POST['priv']);
$comm_priv = num($_POST['comm_priv']);
$sex = num($_POST['18']);
if (empty($name)) {
echo ' Ошибка, так делать нельзя!<br/>';
$error = '1';
}
if (empty($error)) {
mysql_query("INSERT INTO `diary_messages` SET
`user` = '" . $u['id'] . "',
`name` = '$name',
`message` = '$message',
`priv` = '$priv',
`comm_priv` = '$comm_priv',
`18` = '$sex',
`time` = '" . time() . "',
`rating` = '0',
`view` = '0'
");
$id = mysql_insert_id();
if ($u['sex'] == 'm') {
$action[0] = 'Опубликовал';
} else {
$action[0] = 'Опубликовала';
}
$text = $action[0] . ' <a href = "diary.php?act=message&id=' . $id . '&link=1">дневник</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`forum` = '0',
`blog` = '0',
`foto` = '0',
`diary` = '1',
`comm` = '0'
");
//------------------------------Уведомляем от имени админа--------------------------//
if ($u['id'] == 1){
mysql_query("UPDATE `users` SET `news` = '1'");
}
//-----------------------------------------------------------------------------//
mysql_query("UPDATE `users` SET `rating` = `rating`+10 WHERE `id` = '" . $u['id'] . "'");
header('location: diary.php?act=message&id=' . $id . '&link=1"');
}
} else {
echo '<div class="div">';
echo '<form action="diary.php?act=add" method="post" name="form">';
echo 'Название (100 символов):<br/><input type="text" name="name" maxlength="50" placeholder="Название дневника..."><br/>';
echo '</div><div class="div">';
echo 'Описание (10000 символов):<br/>';
echo '<textarea name="message" placeholder="Описание дневника..."></textarea>';
echo '</div>';
echo '<div class="div">';
echo 'Помощь: <small><a href = "smiles.php">Смайлы</a> | <a href = "code.php">Теги</a></small>';
echo '</div>';
echo '<div class="div">';
echo 'Запись доступна: <br/><select name="priv">
<option value="0">Всем</option>
<option value="1">Друзьям</option>
<option value="2">Только мне</option>
</select><br/>
Разрешить комментировать?: <br/><select name="comm_priv">
<option value="0">Да</option>
<option value="1">Нет</option>
</select></div>';
echo '<div class="div">';
echo '<input name="18" type="checkbox" value="1"/> Только для взрослых <font color="red">(18+)</font>';
echo '</div><div class="div">';
echo '<input type="submit" name="submit" value="Добавить" class="submit white"></form>';
}
echo '</div>';
require('foot.php');
break;
//~~~~~~~~~~~~~~~~Дневник пользователя~~~~~~~~~~~~~~~~~~~~~~~//
case 'view':
$id = num($_GET['id']);
if ($id == 0)
$id = $u['id'];
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req))
$user = mysql_fetch_assoc($req); else
header("Location: index.php");
$title = $title . ' :: Дневник :: ' . $user['login'] . '';
require('head.php');
if ($user['delete'] == 1) {
error('Автор данного дневника был заблокирован!');
require('foot.php');
exit;
}
if ($user['id'] == $u['id'])
$zag = 'Мой дневник';else
$zag = '<a href = "diary.php?act=view&id=' . $user['id'] . '">Дневник</a> :: <a href = "id' . $user['id'] . '">' . $user['login'] . '</a>';
echo '<div class="title"><center>' . $zag . '</center></div>';
if ($user['id'] == $u['id'])
echo '<div class="busi"><img src="style/page/edit.gif"> <a href = "diary.php?act=add"><font color="black"><u>Написать в дневник</u></font></a></div>';
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_messages` WHERE `user` = '" . $user['id'] . "'"), 0);
if ($all > 0) {
$total = num(($all - 1) / 10) + 1;
@$page = num($_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * 10 - 10;
$result = mysql_query("SELECT * FROM `diary_messages` WHERE `user` = '" . $user['id'] . "' ORDER BY `time` DESC LIMIT $start, 10");
while ($message = mysql_fetch_assoc($result)) {
echo $i % 2 ? '<div class="item">' : '<div class="item">';
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $message['user'] . "' LIMIT 1"));
$name = checkout($message['name']);
$msg = checkout($message['message']);
if (iconv_strlen($msg, 'UTF-8') > 50) {
$msg = iconv_substr($msg, 0, 47, 'UTF-8');
$msg = '' . $msg . '...';
}
$ccomm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_comm` WHERE `diary` = '" . $message['id'] . "'"), 0);
echo '<a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">' . $name . '</a>';
if ($message['priv'] == 2 || $message['priv'] == 1) {
echo '<span style="float:right;"> <img src="style/page/clock_diary.png" alt="image" /></span>';
} else {
echo '<span style="float:right"> <img src="style/page/all_diary.png" alt="image" /></span>';
}
echo '<span style="float:right;color:green">('.vremya($message['time']).')</span><br />';
if ($message['18'] == 1)
echo ' <font color="red">18+</font>';
echo '<br/>';
if ($message['priv'] == 2 || $message['priv'] == 1 || $message['18'] == 1) {
echo 'Просмотр недоступен!<br />';
} else {
echo '' . $msg . '<br />';
}
echo '</br><img src="style/page/view_comm.gif" alt="!" /> <a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">Обсудить</a> <font color="darkred">(' . $ccomm . ')</font></br>';
$i++;
echo '</div>';
}
echo '</div>';
echo '</div>';
navigation($page, $total, 'diary.php?act=view&id=' . $user['id'] . '&');
} else {
error(' Топиков пока нет!');
}
echo '</div>';
require('foot.php');
break;
//~~~~~~~~~~~~~~~~Редактирование~~~~~~~~~~~~~~~~~~~~//
case 'edit':
if (!$u['id']) {
header("Location: reg.php?err=1");
exit;
}
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `diary_messages` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$msg = mysql_fetch_assoc($req);
} else {
$title = $title . ' :: Дневники';
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Ошибка</b></center></div>';
echo '<div class="div">';
echo '<table><tr><td VALIGN=top><img src="style/error/notice.png" alt="Ошибка" /></td><td VALIGN=top> Запись не найдена, возможно она была удалена ранее!</table></div>';
echo '</div>';
echo '<div class="title">';
echo '<img src="style/page/back.png" alt="Back"> <a href = "?sid=back" onclick="history.back()">Назад</a>';
echo '</div>';
require('foot.php');
exit;
}
} else {
header("Location: diary.php");
exit;
}
if ($u['admin'] == 1 || $u['admin'] == 2 || $msg['user'] == $u['id']) {
$title = $title . ' :: Дневник';
require('head.php');
require('core/panel.php');
echo '<div class="title"><center><a href = "diary.php?act=message&id=' . $msg['id'] . '&link=1">Дневник</a> :: Редактирование</center></div>';
if (isset($_POST['submit']) and $_POST['name'] and $_POST['message']) {
$name = check(substr($_POST['name'], 0, 100));
$decer = check(substr($_POST['message'], 0, 10000));
$priv = num($_POST['priv']);
$comm_priv = num($_POST['comm_priv']);
$sex = num($_POST['18']);
$who = num($_POST['who']);
if (empty($name)) {
echo ' Ошибка, так делать нельзя !<br/>';
$error = '1';
}
if (empty($error)) {
mysql_query("UPDATE `diary_messages` SET
`name` = '$name',
`message` = '$decer',
`priv` = '$priv',
`comm_priv` = '$comm_priv',
`18` = '$sex',
`who` = '" . $u['id'] . "',
`cedit` = `cedit`+1,
`etime` = '" . time() . "'
WHERE `id` = '$id'
");
if ($u['admin'] == 1 || $u['admin'] == 2 and $msg['user'] != $u['id']) {
if ($u['sex'] == 'm') {
$action[0] = 'Отредактировал';
} else {
$action[0] = 'Отредактировала';
}
$text = $action[0] . ' <a href = "diary.php?act=message&id=' . $msg['id'] . '&link=1">дневник</a>.';
mysql_query("INSERT INTO `admin_jurnal` SET
`user` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`news` = '0',
`forum` = '0',
`diary` = '1',
`chat` = '0',
`blog` = '0',
`foto` = '0',
`ban` = '0',
`edit` = '0',
`new` = '1'
");
}
header('location: diary.php?act=message&id=' . $msg['id'] . '&link=1&ok=1');
}
} else {
$name = $msg['name'];
$message = $msg['message'];
echo '<div class="div">';
echo '<form action="diary.php?act=edit&id=' . $id . '" method="post" name="form">';
echo 'Название (100 символов):<br/><textarea cols="20" rows="1" name="name"style="width: 30%;height: 20px;">' . $name . '</textarea>';
echo '</div><div class="div">';
echo 'Текст (10000 символов):<br/>';
echo '<textarea cols="20" rows="3" name="message" >' . $message . '</textarea><br/>';
echo '</div>';
echo '<div class="div">';
echo 'Помощь: <small><a href = "smiles.php">Смайлы</a> | <a href = "code.php">Теги</a></small>';
echo '</div>';
echo '<div class="div">';
echo 'Доступен: <br/><select name="priv">
<option value="0"' . ($msg['priv'] == '0' ? ' selected="selected"' : '') . '>Всем</option>
<option value="1"' . ($msg['priv'] == '1' ? ' selected="selected"' : '') . '>Друзьям</option>
<option value="2"' . ($msg['priv'] == '2' ? ' selected="selected"' : '') . '>Только мне</option>
</select><br/>';
echo 'Комментирование разрешено: <br/><select name="comm_priv">
<option value="0"' . ($msg['comm_priv'] == '0' ? ' selected="selected"' : '') . '>Да</option>
<option value="1"' . ($msg['comm_priv'] == '1' ? ' selected="selected"' : '') . '>Нет</option>
</select><br/></div>';
echo '<div class="div">';
echo '<input name="18" type="checkbox" value="1"' . ($msg["18"] == 1 ? ' checked' : '') . '/> Только для взрослых <font color="red">(18+)</font>';
echo '</div><div class="div">';
echo '<input type="submit" name="submit" value="Сохранить" class="submit white"/>';
echo '</form></div>';
}
echo '</div>';
require('foot.php');
} else {
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Ошибка</b></center></div>';
error('У вас не хватает прав доступа к сайту!');
require('foot.php');
exit;
}
break;
//~~~~~~~~~~~~~~~~~Удаление~~~~~~~~~~~~~~~~~~~~~~~~//
case 'delete':
if (!$u['id']) {
header("Location: registration.php?err=1");
exit;
}
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `diary_messages` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$message = mysql_fetch_assoc($req);
} else {
$title = $title . ' :: Дневники';
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Ошибка</b></center></div>';
error('Ошибка, такого дневника не существует!');
require('foot.php');
exit;
}
} else {
header("Location: diary.php");
exit;
}
if ($u['admin'] == 1 || $u['admin'] == 2 || $message['user'] == $u['id']) {
$title = $title . ' :: Дневники';
require('head.php');
echo '<div class="title"><center><a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">Дневник</a> :: <b>Удалить</b></center></div>';
if (isset($_POST['submit'])) {
mysql_query("DELETE FROM `diary_messages` WHERE `id` = '" . $id . "'");
mysql_query("DELETE FROM `diary_like` WHERE `diary` = '" . $id . "'");
mysql_query("DELETE FROM `diary_view` WHERE `diary` = '" . $id . "'");
mysql_query("DELETE FROM `diary_comm` WHERE `diary` = '" . $id . "'");
if ($u['admin'] == 1 || $u['admin'] == 2 and $message['user'] != $u['id']) {
if ($u['sex'] == 'm') {
$action[0] = 'Удалил';
} else {
$action[0] = 'Удалила';
}
$text = $action[0] . ' <a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">дневник</a>.';
mysql_query("INSERT INTO `admin_jurnal` SET
`user` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`news` = '0',
`forum` = '0',
`diary` = '1',
`chat` = '0',
`blog` = '0',
`foto` = '0',
`ban` = '0',
`edit` = '0',
`new` = '1'
");
}
header('location: diary.php?act=view&id=' . $u['id'] . '');
} else {
$name = $message['name'];
echo '<div class="div">';
echo 'Вы уверены, что хотите удалить запись "<a href = "diary.php?act=message&id=' . $message['id'] . '">' . $name . '</a>" ?';
echo '<form action="diary.php?act=delete&id=' . $id . '" method="post">';
echo '<input type="submit" name="submit" value="Да, удалить" class="submit white"/>';
echo '</form>';
echo '</div>';
}
echo '</div>';
require('foot.php');
} else {
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> <b>Ошибка</b></center></div>';
error('У вас не хватает прав доступа к сайту!');
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~~Ответ~~~~~~~~~~~~~~~//
case 'answer':
if (!$u['id']) {
header("Location: registration.php?err=1");
exit;
}
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `diary_comm` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$msg = mysql_fetch_assoc($req);
}
}
if ($msg) {
$diary = mysql_fetch_assoc(mysql_query("SELECT * FROM `diary_messages` WHERE `id` = '" . $msg['diary'] . "' LIMIT 1"));
if (isset($_POST['submit']) and $_POST['message']) {
$message = check(substr($_POST['message'], 0, 10000));
if (empty($message)) {
require('head.php');
error('Ошибка, так делать нельзя!');
$error = '1';
require('foot.php');
}
if (empty($error)) {
mysql_query("INSERT INTO `diary_comm` SET
`user` = '" . $u['id'] . "',
`message` = '$message',
`time` = '" . time() . "',
`diary` = '" . $diary['id'] . "'
");
if($message['user'] != $u['id']){
if ($u['sex'] == 'm') {
$action[0] = 'Прокомментировал';
} else {
$action[0] = 'Прокомментировала';
}
$text = $action[0] . ' <a href = "diary.php?act=message&id=' . $diary['id'] . '&link=1">Дневник</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`forum` = '0',
`blog` = '0',
`foto` = '0',
`diary` = '1',
`comm` = '1'
");
if ($u['sex'] == 'm') {
$action[0] = 'Оставил';
} else {
$action[0] = 'Оставила';
}
$text = $action[0] . ' комментарий к вашей <a href = "diary.php?act=message&id=' . $diary['id'] . '">записи</a> в дневнике.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $diary['user'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
}
if ($msg['id'] != $u['id']) {
if ($u['sex'] == 'm') {
$action[0] = 'Ответил';
} else {
$action[0] = 'Ответила';
}
$text = $action[0] . ' вам в <a href = "diary.php?act=message&id=' . $diary['id'] . '">дневнике</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $msg['user'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
}
mysql_query("UPDATE `users` SET `rating` = `rating`+1 WHERE `id` = '" . $u['id'] . "'");
header("Location: diary.php?act=message&id=" . $diary['id'] . "");
}
} else {
if ($msg['user'] == $u['id']) {
require('head.php');
echo '<div class="cred"><a href = "diary.php">Дневники</a> <b>Ошибка</b></div>';
error('Отказано в доступе!');
echo '<div class="cred"><a href = "diary.php">Дневники</a> <b>Ошибка</b></div>';
require('foot.php');
exit;
}
$title = $title . ' :: Дневник';
require('head.php');
require('core/panel.php');
echo '<div class="cred"><a href = "diary.php">Дневник</a> <a href = "diary.php?act=message&id=' . $diary['id'] . '">' . $diary['name'] . '</a></div>';
echo '<div class="div">';
echo '<form action="diary.php?act=answer&id=' . $id . '" method="post" name="form">';
echo '<textarea cols="20" rows="3" name="message" style="width: 97%">' . login($msg['user']) . ', </textarea><br/>';
echo '<input type="submit" name="submit" value="Ответить" class="submit white"/>';
echo '<small><a href = "smiles.php">Смайлы</a> | <a href = "tegs.php">Теги</a></small>';
echo '</form>';
echo '</div>';
echo '<div class="cred"><a href = "diary.php">Дневник</a> <a href = "diary.php?act=message&id=' . $diary['id'] . '">' . $diary['name'] . '</a></div>';
require('foot.php');
}
} else {
require('head.php');
echo '<div class="cred"><a href = "diary.php">Дневники</a> <b>Ошибка</b></div>';
error(' Ошибка, такого сообщения нет !');
echo '<div class="cred"><a href = "diary.php">Дневники</a> <b>Ошибка</b></div>';
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~Просмотр записи~~~~~~~~~~~~~~~~~~~//
case 'message':
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `diary_messages` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$message = mysql_fetch_assoc($req);
} else {
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Ошибка</b></center></div>';
error('Ошибка, такого дневника не существует!');
require('foot.php');
exit;
}
} else {
header("Location: diary.php");
exit;
}
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $message['user'] . "' LIMIT 1"));
if ($u['id'] and @$_POST['message']) {
$msg = check(substr($_POST['message'], 0, 5000));
if (empty($msg)) {
require('head.php');
error('Ошибка, так делать нельзя!');
$error = '1';
require('foot.php');
exit;
}
$flood = mysql_query("SELECT `time` FROM `diary_comm` WHERE `user` = '" . $u['id'] . "' AND `time` > '" . (time() - 3) . "'");
if (mysql_num_rows($flood) > 0) {
header("Location: diary.php?act=message&id=" . $message['id'] . "");
exit;
}
if (empty($error) and ($message['comm_priv'] == 0)) {
mysql_query("INSERT INTO `diary_comm` SET
`user` = '" . $u['id'] . "',
`message` = '$msg',
`time` = '" . time() . "',
`diary` = '" . $message['id'] . "'
");
if ($u['sex'] == 'm') {
$action[0] = 'Прокомментировал';
} else {
$action[0] = 'Прокомментировала';
}
$text = $action[0] . ' <a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">Дневник</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
mysql_query("UPDATE `users` SET `rating` = `rating`+1 WHERE `id` = '" . $u['id'] . "'");
if ($u['sex'] == 'm') {
$action[0] = 'Оставил';
} else {
$action[0] = 'Оставила';
}
$text = $action[0] . ' комментарий к Вашей <a href = "diary.php?act=message&id=' . $message['id'] . '">записи</a> в дневнике.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $user['id'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`forum` = '0',
`blog` = '0',
`foto` = '0',
`diary` = '1',
`comm` = '1'
");
}
header("Location: diary.php?act=message&id=" . $message['id'] . "");
}
if ($u['id']) {
$req = mysql_query("SELECT * FROM `diary_view` WHERE `user` = '" . $u['id'] . "' AND `diary` = '" . $message['id'] . "' LIMIT 1");
if (!mysql_num_rows($req)) {
mysql_query("INSERT INTO `diary_view` SET
`user` = '" . $u['id'] . "',
`view` = '1',
`last_time` = '" . time() . "',
`time` = '" . time() . "',
`diary` = '" . $message['id'] . "'
");
mysql_query("UPDATE `diary_messages` SET
`view` = `view`+1
WHERE `id` = '" . $message['id'] . "'
");
$message['view']++;
} else {
$view = mysql_fetch_assoc($req);
mysql_query("UPDATE `diary_view` SET
`view` = `view`+1,
`last_time` = '" . time() . "'
WHERE `id` = '" . $view['id'] . "'
");
}
}
if (@$_GET['like'] && $u['id']) {
$req = mysql_query("SELECT * FROM `diary_like` WHERE `user` = '" . $u['id'] . "' AND `diary` = '" . $message['id'] . "' LIMIT 1");
if (!mysql_num_rows($req)) {
$message['rating']++;
mysql_query("INSERT INTO `diary_like` SET
`user` = '" . $u['id'] . "',
`time` = '" . time() . "',
`diary` = '" . $message['id'] . "'
");
mysql_query("UPDATE `diary_messages` SET
`rating` = '" . $message['rating'] . "'
WHERE `id` = '" . $message['id'] . "'
");
header("Location: diary.php?act=message&id=" . $message['id'] . "");
if ($message['user'] != $u['id']) {
if ($u['sex'] == 'm') {
$action[0] = 'Отметил';
$action[1] = 'ему';
} else {
$action[0] = 'Отметила';
$action[1] = 'ей';
}
$text = $action[0] . ' что ' . $action[1] . ' понравилась ваша <a href = "diary.php?act=message&id=' . $message['id'] . '">запись</a> в дневнике.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $user['id'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
}
}
}
if ($user['delete'] == 1) {
require('head.php');
error('Автор данного дневника был заблокирован!');
require('foot.php');
exit;
}
if ($message['priv'] == 2 and $user['id'] != $u['id']) {
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Просмотр</b></center></div>';
error('Ошибка, доступ к записи закрыт!');
require('foot.php');
exit;
}
if ($message['priv'] == 1 and $user['id'] != $u['id']) {
$req = mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $u['id'] . "' and friend = '" . $user['id'] . "' LIMIT 1");
if (mysql_num_rows($req)) {
} else {
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Просмотр</b></center></div>';
error('Ошибка, доступ к записи открыт только для друзей!');
require('foot.php');
exit;
}
}
$title = $title . ' :: Дневники';
require('head.php');
require('core/bb_code.php');
require('core/panel.php');
$name = $message['name'];
$msg = checkout($message['message']);
echo '<div class="title"><center><a href = "diary.php?act=view&id=' . $user['id'] . '">Дневник</a> :: <a href = "diary.php?act=message&id=' . $message['id'] . '">' . $name . '</a></center></div>';
if (@$_GET['link'] and $message['18'] == 1) {
echo '<div class="div"> <font color="red">
Внимание! Это содержимое только для взрослых!</font></br>
Нажимая ДА, Вы подтверждаете, что Вам 18 или более лет.</br>
Если Вам менее 18 лет - нажмите НЕТ.</br>
<a href = "diary.php?act=message&id=' . $message['id'] . '">Да</a> |
<a href = "diary.php?">Нет</a>
</div>';
require('foot.php');
exit;
}
if (isset($_GET['ok'])) {
echo '<div class="div"><center><font color="green">Изминения успешно сохранены!</font></center></div>';
}
echo '<div class="item">';
echo '' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "id' . $message['user'] . '"><b><font color="#79358c">' . login($message['user']) . '</font></b></a>';
echo '<span style="float:right;color:green">(' . vremya($message['time']) . ')</span>';
if ($message['priv'] >= 1) {
echo '<br /><b>' . $name . '</b> <span style="float:right;"><img src="style/page/clock_diary.png" alt="image" /></span>';
} else {
echo '<br /><b>' . $name . '</b> ';
}
if ($message['18'] == 1)
echo ' <font color="red">18+</font>';
echo '<br/>' . smile(links(bb_code($msg))) . '';
if (($message['user'] == $u['id']) || ($u['admin'] == 1 || $u['admin'] == 2)) {
echo '<br /><small>[<a href = "diary.php?act=edit&id=' . $message['id'] . '">редактировать</a>]
[<a href = "diary.php?act=delete&id=' . $message['id'] . '">удалить</a>]</small>';
}
echo '</div>';
echo '<div class="menu">';
$req = mysql_query("SELECT * FROM `diary_like` WHERE `user` = '" . $u['id'] . "' AND `diary` = '" . $message['id'] . "' LIMIT 1");
if (!mysql_num_rows($req))
echo '<img src = "style/page/like.png"> <a href = "diary.php?act=message&id=' . $message['id'] . '&like=1">Мне нравится</a> (' . $message['rating'] . ')';
else
echo '<img src = "style/page/like.png"> Понравилось: ' . $message['rating'] . '';
echo '<br/><img src = "style/page/view.png"> Просмотров: ' . $message['view'] . '';
echo '</div>';
if (isset($_GET['del'])) {
$del = num($_GET['del']);
$req = mysql_query("SELECT * FROM `diary_comm` WHERE `id` = '$del' LIMIT 1");
if (mysql_num_rows($req)) {
$del_comm = mysql_fetch_assoc($req);
if (($u['admin'] >= 1) || $del_comm['diary'] == $u['id']) {
mysql_query("DELETE FROM `diary_comm` WHERE `id` = '$del'");
header("Location: diary.php?act=message&id=" . $message['id'] . "");
}
}
}
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_comm` WHERE `diary` = '" . $message['id'] . "'"), 0);
if ($all > 0) {
$total = num(($all - 1) / 10) + 1;
@$page = num($_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * 10 - 10;
echo '<div class="title">';
echo ' Комментарии: (' . $all . ')';
echo '</div>';
if ($all >= 11)
echo '<div class="title">';
@$sort = check($_GET['sort']);
if ($sort == 'message') {
$sortq = 'ASC';
if ($all >= 11)
echo '<a href = "diary.php?act=message&id=' . $message['id'] . '&sort=time&page=' . $page . '">Новые</a> | <b>Поcледние</b>';
}
if ($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
if ($all >= 11)
echo '<b>Новые</b> | <a href = "diary.php?act=message&id=' . $message['id'] . '&sort=message&page=' . $page . '">Поcледние</a>';
}
if ($all >= 11)
echo '</div>';
$result = mysql_query("SELECT * FROM `diary_comm` WHERE `diary` = '" . $message['id'] . "' ORDER BY `time` $sortq LIMIT $start, 10");
while ($comm = mysql_fetch_assoc($result)) {
echo '<div class="item">';
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $comm["user"] . "'"));
$msg = checkout($comm['message']);
if ($message['user'] == $user['id'])
echo '<span style="float: right; font-size: x-small; color: blue"> Автор</span>';
if ($user['delete'] == 1) {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "id' . $user['id'] . '"><del><b><font color="#79358c">' . $user['login'] . '</font></b></del></a>';
} else {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a>';
}
echo '' . medal($user['rating']) . '';
echo '<span style="float:right;color:green;">(' . vremya($comm['time']) . ')</span>';
echo '<br/>' . smile(links(bb_code($msg))) . '<br/>';
echo '<small>';
if ($message['comm_priv'] == 0 and $user['id'] != $u['id']) {
echo '[<a href = "diary.php?act=answer&id=' . $comm['id'] . '">ответить</a>] ';
}
if ($u['admin'] == 1 || $u['admin'] == 2 || $message['user'] == $u['id'])
echo '[<a href = "diary.php?act=message&id=' . $message['id'] . '&del=' . $comm['id'] . '">удалить</a>]';
if ($u['admin'] >= 1) {
if (ban($user['id'])) {
if ($comm['user'] != $u['id'])
echo ' [<a href = "adminka.php?act=delban_users&id=' . $user['id'] . '"><font color="red">разбанить</font></a>]';
} else {
if ($comm['user'] != $u['id'])
echo ' [<a href = "adminka.php?act=ban_users&id=' . $user['id'] . '"><font color="red">бан</font></a>]';
}
}
echo '</small>';
echo '</div>';
}
navigation($page, $total, 'diary.php?act=message&id=' . $message['id'] . '&sort=' . $sort . '&');
}
echo '</div>';
if ($u['id']) {
if ($message['comm_priv'] == 1) {
error('Автор ограничил комментирование этой записи!');
} else {
echo '<div class="div">';
echo '<form action="diary.php?act=message&id=' . $message['id'] . '" method="post" name="form">';
echo '<textarea name="message">';
echo '</textarea><br/>';
echo '<input type="submit" title="Нажмите для отправки" name="submit" value="Написать">
<small><a href = "smiles.php">Смайлы</a>
| <a href = "code.php">Теги</a></small>
</form></div>';
}
} else {
echo '<div class="title">Извините, добавление комментариев доступно только зарегистрированным пользователям.</div>';
}
require('foot.php');
break;
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Поиск~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
case 'search':
$title = $title . ' :: Поиск';
require('head.php');
echo '<div class="title"><center><a href = "diary.php">Дневники</a> :: <b>Поиск</b></center></div>';
if (isset($_POST['ok'])) {
$s = check($_POST['s']);
if (empty($s)) {
header('Location: diary.php?act=search');
} else {
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_messages` WHERE `name` LIKE '%$s%'"), 0);
if ($all > 0) {
$total = intval(($all - 1) / $count) + 1;
$page = num($_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * $count - $count;
echo '<div class="title"><center>По запросу: <b>' . $s . '</b> найдено <font color="green">' . $all . '</font> записей</center></div>';
$result = mysql_query("SELECT * FROM `diary_messages` WHERE `name` LIKE '%$s%' ORDER BY `id` DESC LIMIT $start, 10");
while ($diary = mysql_fetch_assoc($result)) {
echo '<div class="item">';
$name = $diary['name'];
$who = $diary['login'];
$msg = $diary['message'];
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $diary['user'] . "' LIMIT 1"));
if (iconv_strlen($msg, 'UTF-8') > 11) {
$msg = iconv_substr($msg, 0, 10, 'UTF-8');
$msg = '' . $msg . '...';
}
$ccomm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_comm` WHERE `diary` = '" . $diary['id'] . "'"), 0);
if ($user['delete'] == 1) {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "page.php?id=' . $user['id'] . '"><del><b><font color="#79358c">' . $user['login'] . '</font></b></del></a> ';
} else {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "page.php?id=' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> ';
}
echo '' . medal($user['rating']) . '';
echo '<span style="float:right;color:grey">(' . vremya($diary['time']) . ')</span>';
echo '<br /><a href = "diary.php?act=message&id=' . $diary['id'] . '&link=1">' . $name . '</a>';
if ($diary['18'] == 1)
echo ' <font color="red">18+</font>';
echo '<br/>';
if ($diary['priv'] == 2 || $diary['priv'] == 1 || $diary['18'] == 1) {
echo 'Просмотр недоступен!';
if ($diary['priv'] == 2 || $diary['priv'] == 1)
echo ' <img src="style/page/clock_diary.png" alt="image" /> ';
} else {
echo '' . $msg . '';
}
echo '</br><img src="style/page/view_comm.gif" alt="!" /> <a href = "diary.php?act=message&id=' . $diary['id'] . '&link=1">Обсудить</a> <font color="darkred">(' . $ccomm . ')</font></br>';
echo '</div>';
}
navigation($page, $total, 'diary.php?act=search&');
} else {
error(' По запросу <b>' . $s . '</b> ничего не найдено!');
}
}
} else {
error('Вы не ввели текст для поиска!');
}
require('foot.php');
break;
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~Все записи ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
default:
$title = $title . ' :: Дневники';
require('head.php');
echo '<div class="title"><center>Дневники</center></div>';
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_messages`"), 0);
if ($all > 0) {
$total = intval(($all - 1) / 10) + 1;
$page = num($_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * 10 - 10;
if ($all >= 11)
echo '<div class="nav">';
$sort = check($_GET['sort']);
if ($sort == 'message') {
$sortq = 'ASC';
if ($all >= 11)
echo '<a href = "diary.php?&sort=time&page=' . $page . '">Новые</a> | <b>Поcледние</b>';
}
if ($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
if ($all >= 11)
echo '<b>Новые</b> | <a href = "diary.php?&sort=message&page=' . $page . '">Поcледние</a>';
}
if ($all >= 11)
echo '</div>';
echo '<div class="div">
Поиск в дневниках:
<FORM method="POST" action="diary.php?act=search&ok=1">
<input type="text" name="s" value="" placeholder="Введите пару слов для поиска..." style="width: 60%" />
<input type="submit" name="ok" value="Найти"/>
</form>
</div>';
$result = mysql_query("SELECT * FROM `diary_messages` ORDER BY `time` $sortq LIMIT $start, 10");
while ($message = mysql_fetch_assoc($result)) {
echo $i % 2 ? '<div class="item">' : '<div class="item">';
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $message['user'] . "' LIMIT 1"));
$name = checkout($message['name']);
$msg = checkout($message['message']);
if (iconv_strlen($msg, 'UTF-8') > 50) {
$msg = iconv_substr($msg, 0, 47, 'UTF-8');
$msg = '' . $msg . '...';
}
$ccomm = mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_comm` WHERE `diary` = '" . $message['id'] . "'"), 0);
if ($user['delete'] == 1) {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "id' . $user['id'] . '"><del><b><font color="#79358c">' . $user['login'] . '</font></b></del></a> ';
} else {
echo ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> ';
}
echo '' . medal($user['rating']) . '';
if ($message['priv'] == 2 || $message['priv'] == 1)
echo '<span style="float:right;"> <img src="style/page/clock_diary.png" alt="image" /></span>';
else {
echo '<span style="float:right;"> <img src="style/page/all_diary.png" alt="image" /></span>';
}
echo '<span style="float:right;font-size: small; color:green">(' . vremya($message['time']) . ')</span>';
echo '<br /><a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">' . $name . '</a>';
if ($message['18'] == 1)
echo ' <font color="red">18+</font>';
echo '<br/>';
if ($message['priv'] == 2 || $message['priv'] == 1 || $message['18'] == 1) {
echo 'Просмотр недоступен!';
} else {
echo '' . $msg . '';
}
echo '</br><img src="style/page/view_comm.gif" alt="!" /> <a href = "diary.php?act=message&id=' . $message['id'] . '&link=1">Обсудить</a> <font color="darkred">(' . $ccomm . ')</font></br>';
echo '</div>';
$i++;
}
echo '</div>';
navigation($page, $total, 'diary.php?&sort=' . $sort . '&');
} else {
error('На данный момент нет ни одного топика!');
}
require('foot.php');
break;
}
?>