Файл: public_html/blog/ublog.php
Строк: 96
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
$set['title']='Дневники';
include_once '../sys/inc/thead.php';
title();
aut(); // форма авторизации
if(!isset($_GET['id']))
{
echo "<div class='err'>Не верное обращение к файлу!</div>";
echo "« <a href='index.php'> Блоги</a></div>n";
include_once '../sys/inc/tfoot.php';
exit;
}
if (!preg_match("|^[d]+$|", $_GET['id'])) {
echo "<div class='err'>Неверный формат запроса! Проверьте URL!";
echo "« <a href='index.php'> Блоги</a></div>n";
include_once '../sys/inc/tfoot.php';
exit;
}
$_GET['id']=intval($_GET['id']);
$_GET['id']=htmlspecialchars(stripslashes(trim($_GET['id'])));
$_GET['id']=mysql_real_escape_string($_GET['id']);
$id1=intval($_GET['id']);
$notisnot=mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id`='$id1'"),0);
if ($notisnot == 0)
{
echo "<div class='err'>Такого юзера не существует</div>";
include_once '../sys/inc/tfoot.php';
exit;
}
$num = 5;
if(isset($_GET['page']) and is_numeric($_GET['page'])) {
$page = intval($_GET['page']);
} else { $page = 1; }
$result = mysql_query("SELECT COUNT(*) FROM `blog_s` WHERE `avtor`='".$_GET['id']."' ORDER BY `id` DESC ");
echo '<hr/>';
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".$_GET['id']."' LIMIT 1"));
echo "<table width="100%" border="0" cellspacing="1" cellpadding="1">n";
$posts = mysql_result($result,0);
if ($posts==0) { echo ' У юзера '.$ank['nick'].' Блогов нет! <br/>';
}
$total = intval(($posts - 1) / $num) + 1;
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$result = mysql_query("SELECT * FROM `blog_s` WHERE `avtor`='".$_GET['id']."' ORDER BY id DESC LIMIT $start, $num");
while ($myrow = mysql_fetch_array($result)){
$comms=@mysql_query("SELECT * FROM `blog_comm` WHERE `blog` = '".$myrow['id']."' ");
$comm=@mysql_num_rows($comms);
echo " <tr>n";
echo " <td class='p_t'>n";
echo "<a href='blog.php?id=".$myrow['id']."'> <b>$myrow[name]</b></a> (".vremja($myrow['data']).")n";
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($set['set_show_icon']==1)echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
echo "Автор:<a href='/info.php?id=$ank[id]'> <b>$ank[nick]</b></a><br/>";
echo "Рейтинг: <b>$myrow[rating]</b><br/>";
echo "Комментариев: <b>$comm</b><br/>";
echo "Просмотров: <b>$myrow[prosm]</b><br/>";
echo " </td>n";
echo " </tr>n";
}
echo "</table>n";
if ($page != 1) $pervpage = '<a href="ublog.php?id='.$_GET['id'].'&page=1"><<</a>
<a href="ublog.php?id='.$_GET['id'].'&page='. ($page - 1) .'"><</a> ';
if ($page != $total) $nextpage = ' <a href="ublog.php?id='.$_GET['id'].'&page='. ($page + 1) .'">></a>
<a href="ublog.php?id='.$_GET['id'].'&page=' .$total. '">>></a>';
if($page - 2 > 0) $page2left = ' <a href="ublog.php?id='.$_GET['id'].'&page='. ($page - 2) .'">'. ($page - 2) .'</a> ';
if($page - 1 > 0) $page1left = ' <a href="ublog.php?id='.$_GET['id'].'&page='. ($page - 1) .'">'. ($page - 1) .'</a> ';
if($page + 2 <= $total) $page2right = ' <a href="ublog.php?id='.$_GET['id'].'&page='. ($page + 2) .'">'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' <a href="ublog.php?id='.$_GET['id'].'&page='. ($page + 1) .'">'. ($page + 1) .'</a>';
@$xxx = '<small>'.$pervpage.$page2left.$page1left.'</small>'.$page.'<small>'.$page1right.$page2right.$nextpage.'</small>';
echo str_replace("<small></small>1<small></small>","",$xxx);
echo "<br/><div class='foot'>«<a href='index.php'>В начало</a></div>";
include_once '../sys/inc/tfoot.php';
?>