Файл: system/guestbook.php
Строк: 119
<?
include 'connect.php';
include 'core/bb_code.php';
if(!$u['id']){
header ("Location: registration.php?err=1");
exit;
}
$location = 'guestbook';
switch($_GET['act'])
{
//~~~~~~~~~~~~~~Ответ~~~~~~~~~~~~//
case 'answer':
if(isset($_GET['id'])){
$id=num($_GET['id']);
$req = mysql_query("SELECT * FROM `wall` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$msg = mysql_fetch_assoc($req);
}
}
if ($msg){
$wall = mysql_fetch_assoc(mysql_query("SELECT * FROM `wall` WHERE `id` = '".$msg['wall']."' LIMIT 1"));
if (isset($_POST['submit']) and $_POST['message']) {
$message = check(substr($_POST['message'], 0, 10000));
mysql_query("INSERT INTO `wall` SET
`user` = '".$u['id']."',
`message` = '$message',
`time` = '".time()."',
`wall` = '".$wall['id']."'
");
if($msg['wall'] != $msg['user']){
if($u['sex'] == 'm'){
$action[0] = 'Оставил';
} else {
$action[0] = 'Оставила';
}
$text = $action[0].' сообщение в <a href = "guestbook.php?id='.$wall['id'].'">гостевой</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '".$msg['wall']."',
`outuser` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`new` = '1'
");
}
if($msg['id'] != $u['id']){
if($u['sex'] == 'm'){
$action[0] = 'Ответил';
} else {
$action[0] = 'Ответила';
}
$text = $action[0].' вам в <a href = "guestbook.php?id='.$wall['id'].'">гостевой</a>.';
mysql_query("INSERT INTO `jurnal` SET
`user` = '".$msg['user']."',
`outuser` = '".$u['id']."',
`text` = '$text',
`time` = '".time()."',
`new` = '1'
");
}
mysql_query("UPDATE `users` SET `stat_guestbook` = `stat_guestbook`+1 WHERE `id` = '".$u['id']."'");
mysql_query("UPDATE `users` SET `rating` = `rating`+1 WHERE `id` = '".$u['id']."'");
header ("Location: guestbook.php?id=".$wall['id']."");
} else {
if($msg['user'] == $u['id']) {
require('head.php');
error(' Ошибка !');
require('foot.php');
exit;
}
$title = $title.' | Гостевая';
require('head.php');
echo '<div class="title"><img src="ico/guest.png" alt="!"/> Гостевая</a> <b>Ответ</b></div>';
echo '<div class="div">';
echo 'Ответ <a href = "/'.$msg['user'].'">'.login($msg['user']).'</a><br/>';
echo '<form action="guestbook.php?act=answer&id='.$id.'" method="post" name="form">';
echo '<textarea cols="20" rows="3" name="message" style="width: 97%">[u]'.login($msg['user']).'[/u] , </textarea><br/>';
echo '<input type="submit" name="submit" value="Сохранить" class="submit white"/>';
echo '<small> 10000 <a href = "smiles.php">Смайлы</a> | <a href = "code.php">BB-коды</a></small>';
echo '</form>';
echo '</div>';
require('foot.php');
}
} else {
require('head.php');
echo '<div class="title"><img src="ico/guest.png" alt="!"/> Гостевая</a> <b>Ошибка</b></div>';
error(' Ошибка , такого сообщения нет !');
require('foot.php');
}
break;
//~~~~~~~~~~~~~~~~~~~~~~~вывод~~~~~~~~~~~~~~~~~~//
default:
if(isset($_GET['id'])){
$id=num($_GET['id']);
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)) {
$user = mysql_fetch_assoc($req);
}
}
if(empty($user['id'])){
if($u['id']){
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '".$u['id']."' LIMIT 1");
$user = mysql_fetch_assoc($req);
} else {
header ("Location: index.php");
exit;
}
}
$req = mysql_query("SELECT * FROM `users` WHERE `id` = '$id' LIMIT 1");
if (mysql_num_rows($req)){$user = mysql_fetch_assoc($req); }else {
require('head.php');
echo '<div class="title"><img src="ico/guest.png" alt="!"/> Гостевая</a> <b>Ошибка</b></div>';
error(' Ошибка !');
require('foot.php');
exit;
}
if(ban($user['id']) || ($user['delete'] == 1)){
require('head.php');
error('Пользователь заблокирован !');
require('foot.php');
exit;
}
require('head.php');
echo '<div class="title"><img src="ico/guest.png" alt="!"/> <a href = "/'.$user['id'].'">Гостевая</a> <b>'.login($user['id']).'</b> <b>Просмотр</b></div>';
echo '</div>';
echo '<div class="app">';
echo '<form action="wall.php?act=add&id='.$user['id'].'" method="post" name="form">';
echo '<textarea cols="20" rows="3" name="message" style="width: 97%">';
echo '</textarea><br/>';
echo '<input type="submit" title="Нажмите для отправки" name="submit" value="Написать" class="submit"><small> 10000
<a href = "smiles.php">Смайлы</a> | <a href = "code.php">BB-коды</a></small>
</form></div>';
$all = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `wall` WHERE `wall` = '".$user['id']."'"), 0);
if($all > 0){
$total = num(($all - 1) / 10) + 1;
$page = num($_GET['page']);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * 10 - 10;
echo '<div class="nav">';
echo ' Комментарии: ('.$all.')';
echo '</div>';
if ($all >= 11)echo '<div class="title">';
if ($page != $total) {
echo '<a name="page-up" style="float: right; text-decoration: none;" href="#page-down"><img src = "ico/page_down.png"></a>';
}
$sort = check($_GET['sort']);
if($sort == 'wall') {
$sortq = 'ASC';
if ($all >= 11)echo '<a href = "guestbook.php?id='.$user['id'].'&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
if ($all >= 11)echo '<b>Новые</b> | <a href = "guestbook.php?id='.$user['id'].'&sort=wall&page='.$page.'">Поcледние</a>';
}
if ($all >= 11)echo '</div>';
if($_GET['flud']) {error('Ошибка! Можно отправлять сообщения только раз в '.$system['wall_antiflud'].' сек.');}
$result = mysql_query("SELECT * FROM `wall` WHERE `wall` = '".$user['id']."' ORDER BY `time` $sortq LIMIT $start, 10");
while($wall = mysql_fetch_assoc($result)){
echo $i % 2 ? '<div class="div">' : '<div class="div">';
$userw = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$wall["user"]."'"));
$message = checkout($wall['message']);
if($u['admin'] == 1 || $u['admin'] == 2 || $wall['wall'] == $u['id'] || $wall['user'] == $u['id']) $access = true; else $access = false;
if(isset($_GET['del']) && $access == true && num($_GET['del']) == $wall['id']){
mysql_query("DELETE FROM `wall` WHERE `id` = '".$wall['id']."' LIMIT 1");
header ("Location: guestbook.php?id=".$user['id']."&");
} else {
if(ban($userw['id']) || ($userw['delete'] == 1)){
echo ''.ico($userw['sex'],$userw['admin']).' <a href = "/'.$userw['id'].'"><del>'.$userw['login'].'</del></a> '.online($userw['online']).' ';
} else {
echo ''.ico($userw['sex'],$userw['admin']).' <a href = "/'.$userw['id'].'">'.$userw['login'].'</a> '.online($userw['online']).' ';
}
if($userw['rating']>=1000 && $userw['rating']<=1999)echo "<img src='ico/b.png' alt='' class='icon'</a>n";
if($userw['rating']>=2000 && $userw['rating']<=2999)echo "<img src='ico/s.png' alt='' class='icon'</a>n";
if($userw['rating']>=3000)echo "<img src='ico/z.png' alt='' class='icon'</a>n";
if($userw['vip'] == 1)echo "<img src='ico/vip.gif' alt='' class='icon'</a>n";
echo '<small> '.vremya($wall['time']).'</small></br>';
echo ''.smile(bb_code(links(censored($message)))).'';
echo '<br/>';
echo '<small>';
if($access == true){
echo '[<a href = "?id='.$user['id'].'&page='.$page.'&del='.$wall['id'].'"><b><font color="red">x</font></b>Удал</a>]';
}
if($userw['id'] != $u['id']) echo ' [<a href = "guestbook.php?act=answer&id='.$wall['id'].'">Отв</a>]';
if($u['admin'] == 1 || $u['admin'] == 2 || $u['admin'] == 3) {
if(ban($userw['id'])){
if($userw['id'] != $u['id'])echo ' [<a href = "adminka.php?act=delban_users&id='.$userw['id'].'"><font color="red">Разбанить</font></a>]';
} else {
if($userw['id'] != $u['id'])echo ' [<a href = "adminka.php?act=ban_users&id='.$userw['id'].'"><font color="red">Бан</font></a>]';
}
}
echo '</small>';
echo '</div>';
$i++;
}
}
if ($all >= 11)echo '<div class="title">';
if ($page != $total) {
echo '<a name="page-down" style="float: right; text-decoration: none;" href="#page-up"><img src = "ico/page_up.png"></a>';
}
if($sort == 'wall') {
$sortq = 'ASC';
if ($all >= 11)echo '<a href = "guestbook.php?id='.$user['id'].'&sort=time&page='.$page.'">Новые</a> | <b>Поcледние</b>';
}
if($sort == 'time' || empty($sortq)) {
$sort = 'time';
$sortq = 'DESC';
if ($all >= 11)echo '<b>Новые</b> | <a href = "guestbook.php?id='.$user['id'].'&sort=wall&page='.$page.'">Поcледние</a>';
}
if ($all >= 11)echo '</div>';
echo '</div>';
navigation($page, $total,'guestbook.php?id='.$user['id'].'&sort='.$sort.'&');
} else {
error(' Сообщений еще нет. Будь первым !');
}
echo '</div>';
include 'foot.php';
break;
}
?>