Файл: guestbook.php
Строк: 97
<?php
require_once("core/core.php");
require_once("core/bb_code.php");
if (!$u['id']) {
header("Location: reg.php?err=1");
exit;
}
$location = 'В гостевой';
switch (@$_GET['act']) {
//~~~~~~~~~~~~~~Ответ~~~~~~~~~~~~//
case 'answer':
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `wall` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$msg = mysql_fetch_assoc($req);
}
}
if ($msg) {
$wall = mysql_fetch_assoc(mysql_query("SELECT * FROM `wall` WHERE `id` = '" . $msg['wall'] . "' LIMIT 1"));
if (isset($_POST['submit']) and $_POST['message']) {
$message = check(substr($_POST['message'], 0, 10000));
mysql_query("INSERT INTO `wall` SET
`user` = '" . $u['id'] . "',
`message` = '$message',
`time` = '" . time() . "',
`wall` = '" . $wall['id'] . "'
");
//------------------------------Сообщение-----------------------------//
if ($msg['wall'] != $u['id']) { //закрываем от себя
if ($msg['wall'] != $msg['user']) {
if ($u['sex'] == 'm') {
$action[0] = 'Оставил';
} else {
$action[0] = 'Оставила';
}
$text = $action[0] . ' сообщение в <a href = "guestbook.php?id=' . $wall['id'] . '">гостевой</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $msg['wall'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
}
}
//------------------------------Ответ-----------------------------//
if ($msg['id'] != $u['id']) { //закрываем от себя
if ($u['sex'] == 'm') {
$action[0] = 'Ответил';
} else {
$action[0] = 'Ответила';
}
$text = $action[0] . ' вам в <a href = "guestbook.php?id=' . $wall['id'] . '">гостевой</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '" . $msg['user'] . "',
`outuser` = '" . $u['id'] . "',
`text` = '$text',
`time` = '" . time() . "',
`new` = '1'
");
}
//----------------------------------------------------------------//
mysql_query("UPDATE `users` SET `stat_guestbook` = `stat_guestbook`+1 WHERE `id` = '" . $u['id'] . "'");
mysql_query("UPDATE `users` SET `rating` = `rating`+1 WHERE `id` = '" . $u['id'] . "'");
header("Location: guestbook.php?id=" . $wall['id'] . "");
} else {
if ($msg['user'] == $u['id']) {
require('head.php');
error(' Ошибка !');
require('foot.php');
exit;
}
$title = $title . ' :: Гостевая';
require('head.php');
echo '<div class="title"><center>Гостевая :: Ответ для <a href="page.php?id=' . $msg['user'] . '">' . login($msg['user']) . '</a></center></div>';
echo '<div class="div">';
echo 'Ответ <a href = "page.php?id=' . $msg['user'] . '">' . login($msg['user']) . '</a>: <br/>';
echo '<form action="guestbook.php?act=answer&id=' . $id . '" method="post" name="form">';
echo '<textarea name="message">[u]' . login($msg['user']) . '[/u], </textarea><br/>';
echo '<input type="submit" name="submit" value="Ответить" class="submit white"/>';
echo '<small> <a href = "smiles.php">Смайлы</a> | <a href = "code.php">Теги</a></small>';
echo '</form>';
echo '</div>';
echo '<div class="title">';
echo '<img src="style/page/back.png" alt="Back"> <a href = "?sid=back" onclick="history.back()">Назад</a>';
echo '</div>';
require('foot.php');
}
} else {
require('head.php');
echo '<div class="title"><center>Гостевая</a> :: <b>Ошибка</b></center></div>';
error('Ошибка, сообщение не найдено, возможно оно было удалено ранее!');
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~~~~~~~~~вывод~~~~~~~~~~~~~~~~~~//
default:
if (isset($_GET['id'])) {
$id = num($_GET['id']);
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc($req);
}
}
if (empty($user['id'])) {
if ($u['id']) {
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '" . $u['id'] . "' LIMIT 1");
$user = mysql_fetch_assoc($req);
} else {
header("Location: index.php");
exit;
}
}
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc($req);
} else {
require('head.php');
echo '<div class="title"><center>Гостевая</a> :: <b>Ошибка</b></center></div>';
error(' Ошибка!');
require('foot.php');
exit;
}
if ($user['delete'] == 1) {
require('head.php');
error('Пользователь заблокирован !');
require('foot.php');
exit;
}
require('head.php');
$title = $title . ' :: Гостевая';
echo '<div class="title"><center><a href = "page.php?id=' . $user['id'] . '">' . login($user['id']) . '</a> :: Гостевая</center></div>';
$count = mysql_result
(mysql_query("SELECT COUNT(`id`)
FROM `wall` WHERE `wall` = '".
$user['id']."'"), 0);
$o = abs(intval($_GET['o']));
$user_otv =
mysql_fetch_assoc(mysql_query
("SELECT `login` FROM `users`
WHERE `id` = '".$o."'"));
if($_GET['o']){ $otv =
$user_otv['login'].', ';}
if(!$_GET['o'])
{
$to = abs(intval(@$_GET
['to']));
$users_otv =
mysql_fetch_assoc(mysql_query("SELECT `link` FROM `users`
WHERE `id` ='".$to."'"));
if($users_otv['link']) $otv =$users_otv['link'].',';
}
echo '<div class=div>';
echo '<form
action="wall.php?act=add&id='.$user['id'].'" method="post">';
echo '<textarea cols="20"rows="3" name="message"style="width: 97%">';
echo @$otv;
echo '</textarea><br/>';
echo '<input type="submit"title="Нажмите для отправки"name="submit"value="Написать"
class="submit"> <a href ="smiles.php">Смайлы</a> | <a href = "code.php">BB-коды</a></form></div>';
$all = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `wall` WHERE `wall` = '" . $user['id'] . "'"), 0);
if ($all > 0) {
$total = num(($all - 1) / 10) + 1;
@$page = num($_GET['page']);
if (empty($page) or $page < 0)
$page = 1;
if ($page > $total)
$page = $total;
$start = $page * 10 - 10;
echo '<div class="title">';
echo ' Комментарии: (' . $all . ')';
echo '</div>';
if ($all >= 11)
echo '<div class="title">';
@$sort = check($_GET['sort']);
if ($sort == 'wall') {
$sortq = 'ASC';
if ($all >= 11)
echo '<a href = "guestbook.php?id=' . $user['id'] . '&sort=time&page=' . $page . '">Новые</a> | <b>Поcледние</b>';
}
if ($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
if ($all >= 11)
echo '<b>Новые</b> | <a href = "guestbook.php?id=' . $user['id'] . '&sort=wall&page=' . $page . '">Поcледние</a>';
}
if ($all >= 11)
echo '</div>';
if (@$_GET['flud']) {
error('Ошибка! Можно отправлять сообщения только раз в ' . $system['wall_antiflud'] . ' сек.');
}
$result = mysql_query("SELECT * FROM `wall` WHERE `wall` = '" . $user['id'] . "' ORDER BY `time` $sortq LIMIT $start, 10");
while ($wall = mysql_fetch_assoc($result)) {
echo '<div class="div">';
$userw = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $wall["user"] . "'"));
$message = checkout($wall['message']);
if ($u['admin'] == 1 || $u['admin'] == 2 || $wall['wall'] == $u['id'] || $wall['user'] == $u['id'])
$access = true; else
$access = false;
if (isset($_GET['del']) && $access == true && num($_GET['del']) == $wall['id']) {
mysql_query("DELETE FROM `wall` WHERE `id` = '" . $wall['id'] . "' LIMIT 1");
header("Location: guestbook.php?id=" . $user['id'] . "&");
} else {
if ($userw['delete'] == 1) {
echo '' . ico($userw['sex'], $userw['admin'], $userw['online']) . ' <a href = "page.php?id=' . $userw['id'] . '"><del><b><font color="#79358c">' . $userw['login'] . '</font></b></del></a>';
} else {
echo '' . ico($userw['sex'], $userw['admin'], $userw['online']) . ' <a href = "page.php?id=' . $userw['id'] . '"><b><font color="#79358c">' . $userw['login'] . '</font></b></a>';
}
echo '' . medal($userw['rating']) . '';
echo '<span style="float:right;color:grey;">(' . vremya($wall['time']) . ')</span>';
echo '<br />';
echo '' . smile(bb_code(links($message))) . '';
echo '<br/>';
echo '<small>';
if ($userw['id'] != $u['id'])
if($userw['id'] != $u['id']) echo ' [<a href = "guestbook.php?id='.$user['id'].'&o='.$userw['id'].'">Ответить</a>]';
if ($access == true) {
echo '[<a href = "?id=' . $user['id'] . '&page=' . $page . '&del=' . $wall['id'] . '">удалить</a>]';
}
if ($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 3) {
if (ban($userw['id'])) {
if ($userw['id'] != $u['id'])
echo ' [<a href = "adminka.php?act=delban_users&id=' . $userw['id'] . '"><font color="red">Разбанить</font></a>]';
} else {
if ($userw['id'] != $u['id'])
echo ' [<a href = "adminka.php?act=ban_users&id=' . $userw['id'] . '"><font color="red">Бан</font></a>]';
}
}
echo '</small>';
echo '</div>';
}
}
echo '</div>';
navigation($page, $total, 'guestbook.php?id=' . $user['id'] . '&sort=' . $sort . '&');
}
echo '</div>';
include 'foot.php';
break;
}
?>