Файл: friends.php
Строк: 392
<?
require_once("core/core.php");
require_once("core/ava_users.php");
require_once("core/refresh_friends.php");
$location = 'В друзьях';
if (!$u['id']) {
header("Location: reg.php?err=1");
exit;
}
if (isset($u['id'])) {
refresh_friends($u['id']);
$f = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '" . $u['id'] . "'"), 0);
$fo = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '" . $u['id'] . "' and `online` > '" . (time() - $system['online_time']) . "'"), 0);
}
switch (@$_GET['act']) {
//~~~~~~~~~~~~~~~~Добавление заявки~~~~~~~~~~~~//
case 'adding':
//Проверка ид
$id = num($_GET['id']);
if ($id == 0)
$id = $u['id'];
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc($req);
} else {
require('head.php');
echo '<div class="title"><center><a href = "friends.php">Друзья</a> :: <b>Ошибка</b></center></div>';
error('Такого пользователя нет!');
require('foot.php');
exit;
}
if ($user['delete'] == 1) {
require('head.php');
error(' Пользователь заблокирован!');
require('foot.php');
exit;
}
if ($user['id'] == $u['id']) {
require('head.php');
error(' Ошибка!');
require('foot.php');
exit;
}
if ($user['zapret_friends'] == 1) {
require('head.php');
error("Пользователь " . ico($user['sex'], $user['admin'], $user['online']) . " <b><font color='#79358c'>" . $user['login'] . "</font></b> установил запрет на предложение дружбы!");
require('foot.php');
exit;
}
require('head.php');
echo '<div class="title"><center> <a href = "friends.php">Друзья</a> :: <a href = "/id' . $u['id'] . '">' . $u['login'] . '</a></center></div>';
$req = mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $u['id'] . "' and friend = '" . $user['id'] . "' LIMIT 1");
if (mysql_num_rows($req)) {
//Проверяем не друг ли
error('Пользователь <a href = "/id' . $user['id'] . '">' . $user['login'] . '</a> уже является Вашим другом!');
} else {
//Проверяем его в заявках
$req = mysql_query("SELECT * FROM `friends_adding` WHERE (`user` = '" . $u['id'] . "' and friend = '" . $user['id'] . "') OR (user = '" . $user['id'] . "' and `friend` = '" . $u['id'] . "') LIMIT 1");
if (mysql_num_rows($req)) {
$friend = mysql_fetch_assoc($req);
//Если заявка встречная направляем сразу в принятие заявки
if ($friend['friend'] == $u['id']) {
header("Location: friends.php?act=adding_list&add='" . $user['id'] . "'");
} else {
error('Вы предлогали обитателю ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> дружбу ранее!');
}
} else {
//Добавление одобрено
if (isset($_POST['submit'])) {
$message = '';//check(substr($_POST['message'], 0, 250));
mysql_query("INSERT INTO `friends_adding` SET
`user` = '" . $u['id'] . "',
`friend` = '" . $user['id'] . "',
`time` = '" . time() . "',
`message` = '$message'
");
//Обновляем счетчик
$fn = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends_adding` WHERE `friend` = '" . $user['id'] . "'"), 0);
mysql_query("UPDATE `users` SET `count_friends` = '$fn' WHERE `id` = '" . $user['id'] . "'");
//Записываем в журнал
if ($u['sex'] == 'm') {
$action[0] = 'Предложил';
$action[1] = 'его';
} else {
$action[0] = 'Предложила';
$action[1] = 'ее';
}
$text = $action[0] . ' Вам <a href = "friends.php?act=adding_list">дружбу</a>';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $user['id'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
ok('Заявка пользователю ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> отправлена !');
} else {
echo '<div class="div">';
echo 'Вы действительно желаете добавить обитателя ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> в друзья?<br/>';
echo '<form action="friends.php?act=adding&id=' . $user['id'] . '" method="post">';
echo '<input type="submit" name="submit" value="Да" class="submit white"/>';
echo ' <a href="' . $user['id'] . '"><font color="darkred">нет</font></a>';
echo '</form></div>';
echo '<div class="title">';
echo '<img src="style/page/back.png" alt="Back"> <a href = "?sid=back" onclick="history.back()">Назад</a>';
echo '</div>';
}
}
}
require('foot.php');
break;
//~~~~~~~~~~~~~~~Заявки, обработка~~~~~~~~~~~~~~//
case 'adding_list':
require('head.php');
echo '<div class="title"><center><a href = "friends.php">Мои друзья</a> :: Заявки в друзья</center></div>';
echo '<div class="nav">';
echo '<a href = "friends.php">Все</a> (<font color="green">' . $f . '</font>) | <a href = "friends.php?id=' . @$user['id'] . '&online=1">Онлайн</a> (<font color="green">' . $fo . '</font>)';
echo '</div>';
//Прийнять
if (@$_GET['add']) {
$add = num($_GET['add']);
$req = mysql_query("SELECT * FROM `friends_adding` WHERE `user` = '$add' and `friend` = '" . $u['id'] . "' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$add' LIMIT 1"));
mysql_query("INSERT INTO `friends` SET
`user` = '" . $u['id'] . "',
`friend` = '" . $user['id'] . "',
`time` = '" . time() . "'
");
mysql_query("INSERT INTO `friends` SET
`user` = '" . $user['id'] . "',
`friend` = '" . $u['id'] . "',
`time` = '" . time() . "'
");
mysql_query("DELETE FROM `friends_adding` WHERE user = '" . $user['id'] . "' and `friend` = '" . $u['id'] . "'");
//Обновляем счетчик
$fn = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends_adding` WHERE `friend` = '" . $u['id'] . "'"), 0);
mysql_query("UPDATE `users` SET `count_friends` = '$fn' WHERE `id` = '" . $u['id'] . "'");
//Записываем в журнал
if ($u['sex'] == 'm') {
$action[0] = 'Принял';
} else {
$action[0] = 'Приняла';
}
$text = $action[0] . ' Вашу заявку в друзья';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $user['id'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
ok('Поздравляем! Пользователь ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> стал Вашим новым другом!');
} else {
}
}
//Отклонить
if (@$_GET['notadd']) {
$notadd = num($_GET['notadd']);
$req = mysql_query("SELECT * FROM `friends_adding` WHERE `user` = '$notadd' and `friend` = '" . $u['id'] . "' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$notadd' LIMIT 1"));
mysql_query("DELETE FROM friends_adding WHERE user = '" . $user['id'] . "' and `friend` = '" . $u['id'] . "'");
//Обновляем счетчик
$fn = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends_adding` WHERE `friend` = '" . $u['id'] . "'"), 0);
mysql_query("UPDATE `users` SET `count_friends` = '$fn' WHERE `id` = '" . $u['id'] . "'");
error('Вы отклонили дружбу пользователя ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a>');
} else {
}
}
//Пользователей на страницу
if ($u['setting_users_list'])
$count = $u['setting_users_list']; else
$count = 10;
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends_adding` WHERE `friend` = '" . $u['id'] . "'"), 0);
if ($all > 0) {
$total = num(($all - 1) / $count) + 1;
$page = num(@$_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * $count - $count;
$result = mysql_query("SELECT * FROM `friends_adding` WHERE `friend` = '" . $u['id'] . "' ORDER BY `time` DESC LIMIT $start, $count");
while ($friend = mysql_fetch_assoc($result)) {
echo '<div class="div">';
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $friend["user"] . "'"));
$message = checkout($friend['message']);
if ($user['delete'] == 1) {
echo '' . ico($user['sex'], $user['admin'], $user['online']) . '';
echo ' <a href="/id' . $user['id'] . '"><b><font color="#79358c"><del>' . $user['login'] . '</del></font></b></a>';
echo '' . medal($user['rating']) . '';
} else {
echo '' . ico($user['sex'], $user['admin'], $user['online']) . '';
echo ' <a href="/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a>';
echo '' . medal($user['rating']) . '';
}
echo '<br/>';
echo '<a href = "friends.php?act=adding_list&add=' . $user['id'] . '"><font color="green">Принять</font></a> - <a href = "friends.php?act=adding_list¬add=' . $user['id'] . '"><font color="darkred">Отклонить</font></a>';
echo '</div>';
}
echo '</div>';
navigation($page, $total, 'friends.php?act=adding_list&');
} else {
echo '<div class="div"> У Вас нет заявок в друзья! </div>';
}
echo '</div>';
require('foot.php');
break;
//~~~~~~~~~~~~~~Удаление из друзей~~~~~~~~~~~//
case 'delete':
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $u['id'] . "' and friend = '" . $id . "' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1"));
require('head.php');
echo '<div class="title"><center><a href = "friends.php">Мои друзья</a> :: Уаление</center></div>';
if (isset($_POST['submit'])) {
//Обновляем счетчик
$fn = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends_adding` WHERE `friend` = '" . $user['id'] . "'"), 0);
mysql_query("UPDATE `users` SET `count_friends` = '$fn' WHERE `id` = '" . $user['id'] . "'");
//Записываем в журнал
if ($u['sex'] == 'm') {
$action[0] = 'Удалил';
$action[1] = 'его';
} else {
$action[0] = 'Удалила';
$action[1] = 'ее';
}
$text = $action[0] . ' Вас из друзей';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $user['id'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
mysql_query("DELETE FROM `friends` WHERE user = '" . $u['id'] . "' and `friend` = '" . $user['id'] . "'");
mysql_query("DELETE FROM `friends` WHERE user = '" . $user['id'] . "' and `friend` = '" . $u['id'] . "'");
ok('Пользователь <a href = "/id' . $user['id'] . '">' . $user['login'] . '</a> удален из списка Ваших друзей !');
} else {
echo '<div class="div">';
echo 'Вы действительно хотите удалить пользователя ' . ico($user['sex'], $user['admin'], $user['online']) . ' <a href = "/id' . $user['id'] . '"><b><font color="#79358c">' . $user['login'] . '</font></b></a> из списка Ваших друзей?<br/>';
echo '<form action="friends.php?act=delete&id=' . $user['id'] . '" method="post">';
echo '<input type="submit" name="submit" value="Да!" class="submit white"/>';
echo '</form></div>';
echo '<div class="title">';
echo '<img src="style/page/back.png" alt="Back"> <a href = "?sid=back" onclick="history.back()">Назад</a>';
echo '</div>';
}
require('foot.php');
} else {
require('head.php');
echo '<div class="title"><a href = "friends.php">Друзья</a> :: <b>Ошибка</b></div>';
error(' Ошибка!');
require('foot.php');
}
} else {
require('head.php');
echo '<div class="title"><a href = "friends.php">Друзья</a> :: <b>Ошибка</b></div>';
error(' Ошибка!');
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~Список друзей~~~~~~~~~~~~~~~//
default:
$id = num(@$_GET['id']);
if ($id == 0)
$id = $u['id'];
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc($req);
} else {
require('head.php');
echo '<div class="title"><a href = "friends.php">Друзья</a> :: <b>Ошибка</b></div>';
error(' Такого пользователя нет!');
require('foot.php');
exit;
}
if ($user['delete'] == 1) {
require('head.php');
error('Пользователь заблокирован!');
require('foot.php');
exit;
}
if ($user['id'] != $u['id']) {
refresh_friends($user['id']);
$f = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '" . $user['id'] . "'"), 0);
$fo = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '" . $user['id'] . "' and `online` > '" . (time() - 600) . "'"), 0);
}
$online = num(@$_GET['online']);
if ($online) {
$onlineq = "AND `online` > '" . (time() - $system['online_time']) . "'";
} else {
$onlineq = '';
}
if ($user['id'] == $u['id'])
$zag = '<a href = "friends.php">Мои друзья</a>';
else
$zag = '<a href="friends.php?id=' . $user['id'] . '">Друзья</a> :: <a href = "id' . $user['id'] . '">' . $user['login'] . '</a>';
require('head.php');
echo '<div class="title"><center>' . $zag . '</center></div>';
echo '<div class="nav">';
if ($online) {
echo '<a href = "friends.php?id=' . $user['id'] . '">Все</a> (<font color="green">' . $f . '</font>) | <b>Онлайн (<font color="green">' . $fo . '</font>)</b>';
} else {
echo '<b>Все (<font color="green">' . $f . '</font>)</b> | <a href = "friends.php?id=' . $user['id'] . '&online=1">Онлайн</a> (<font color="green">' . $fo . '</font>)';
}
if ($u['id'] == $user['id'])
echo ' | <a href = "friends.php?act=adding_list">Заявки</a> (<font color="red">' . $u['count_friends'] . '</font>)';
echo '</div>';
if ($user['id'] != $u['id'] and $user['priv_friends']) {
//Друзьям
if ($user['priv_friends'] == 1) {
$myfriend = mysql_num_rows(mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $u['id'] . "' and friend = '" . $user['id'] . "' LIMIT 1"));
if ($myfriend)
$access = true; else
$access = false;
}
//Только себе
if ($user['priv_friends'] == 2) {
$access = false;
}
} else {
$access = true;
}
if ($access == true) {
if ($u['setting_users_list'])
$count = $u['setting_users_list']; else
$count = 10;
$all = mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '" . $user['id'] . "' $onlineq"), 0);
if ($all > 0) {
$total = intval(($all - 1) / $count) + 1;
$page = num(@$_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * $count - $count;
$result = mysql_query("SELECT * FROM `friends` WHERE `user` = '" . $user['id'] . "' $onlineq ORDER BY `rating` DESC LIMIT $start, $count");
while ($friend = mysql_fetch_assoc($result)) {
echo '<div class="div">';
$users = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $friend["friend"] . "'"));
if (@$_GET['act'] == 'del_friends') {
if ($user['id'] == $u['id']) {
echo '<span style="float: right; text-decoration: none;"><a href = "friends.php?act=delete&id=' . $users['id'] . '"><img src="style/page/delete.gif" title="Удалить"></a></span>';
}
}
echo '<table><tr><td VALIGN=top>';
ava($users['id'], 50);
echo '</td><td VALIGN=top>';
if ($user['delete'] == 1) {
echo '' . ico($users['sex'], $users['admin'], $users['online']) . '';
echo ' <a href="/id' . $users['id'] . '"><b><font color="#79358c"><del>' . $users['login'] . '</del></font></b></a>';
echo '' . medal($users['rating']) . '';
} else {
echo '' . ico($users['sex'], $users['admin'], $users['online']) . '';
echo ' <a href="/id' . $users['id'] . '"><b><font color="#79358c">' . $users['login'] . '</font></b></a>';
echo '' . medal($users['rating']) . '';
}
if ($users['online'] > (time() - $system['online_time'])) {
echo '<font color="grey">';
echo ' ' . $users['location'] . '';
echo '</font>';
}
echo '<br/>';
if ($users['id'] != $u['id']) {
echo '<img src="style/page/go_mail.gif"> <a href = "mail.php?act=view&id=' . $users['id'] . '"><u>Сообщение</u></a><br/>';
}
echo '</table></div>';
}
echo '</div>';
if (@$_GET['act'] == 'del_friends') {
navigation($page, $total, 'friends.php?act=del_friends&online=' . $online . '&');
} else {
navigation($page, $total, 'friends.php?id=' . $user['id'] . '&online=' . $online . '&');
}
} else {
error(' Друзей пока нет!');
}
} else {
error(' Пользователь ограничивает круг лиц, которые могут просматривать эту информацию. ');
}
if ($user['id'] == $u['id'] && @$_GET['act'] != 'del_friends')
echo "<div class='title'><img src='style/page/delete.gif'> <a href='?act=del_friends'>Режим удаления</a>";
if (@$_GET['act'] == 'del_friends')
echo "<div class='title'><img src='style/page/delete.gif'> <a href='?act=" . $user['id'] . "'>Выйти из режима удаления</a>";
echo '</div>';
require('foot.php');
break;
}
?>