Файл: my/stena.php
Строк: 201
<?
define('ROOT','../');
define('GCMS',true);
require_once (ROOT.'system/power.php');
if($func->ignor($ya['id'],$id)==false and $nastr['stena']==1){
switch($mode){
case 'del_zp':
$func->aut();
if ($id != false) {
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$sid."' and `where`='stena' LIMIT 1");
if ($sql -> num_rows > 0) {
if(!isset($_GET['true'])){
$diz -> head('Удаление записи');
$diz -> title('Удаление записи');
echo '<div class="fon">Вы действительно желаете удалить эту запись и все комментарии?</div>';
echo '<div class="dialog">
<a class="dialog_m" href="?mode=del_zp&id='.$id.'&sid='.$sid.'&true">Да</a>
<a class="dialog_m" href="/post'.$sid.'">Нет</a>
</div>';
}else{
$ass = $sql -> fetch_assoc();
if ($ya['level']>4 or $ass['user']==$ya['id'] or $user['user']==$ya['id']) {
$db -> query("DELETE FROM `comes` WHERE `idwh` = '".$sid."' and `where`='comes_stena' LIMIT 1");
$db -> query("DELETE FROM `comes` WHERE `id` = '".$sid."' and `where`='stena' LIMIT 1");
header('location: /id'.$id);
} else header('location: /id'.$id);
}
} else header('location: /id'.$id);
} else header('location: /id'.$id);
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
case 'write_us':
$diz -> head('Новая запись');
$diz -> title('Новая запись');
$func->aut();
$text = shit($_POST['text']);
$te = $db -> query("SELECT * FROM `users` WHERE `id` = '".$id."' LIMIT 1");
if($te->num_rows>0){
$user=$te->fetch_assoc();
if(($user['stenazap']==0)or($user['stenazap']==1 and $func->friends($user['id'],$ya['id'])==true)or($user['id']==$ya['id'])){
if (mb_strlen($func->delprobel($text)) < 1) {
header('location: /id'.$id.'');
}else{
$mtime = $db -> query("SELECT * FROM `comes` WHERE `user` = '".$ya['id']."' order by `time` DESC")->fetch_assoc();
if($mtime['time']+$nastr['floodkom']<=time()){
$db -> query("UPDATE `users` SET `balls` = balls+$nastr[bcoms] WHERE `id` = '".$ya['id']."'");
$db -> query("INSERT INTO `comes` SET `where`='stena', `user` = '".$ya['id']."', `idwh` = '".$id."',`text` = '".$text."',`time` = '".time()."'");
$fid = $db -> insert_id;
if($id==$ya['id']){
$func->lenta($ya['id'],$text,2,'frends');
$func->lenta($ya['id'],$text,2,'user');
}else{
$func->lenta($id,$func->famname($ya['id']).' '.$func->ifsex($ya['id'],'оставил','оставила').' [gomy=post'.$fid.']новую запись[/gomy] на вашей стене',2,'user');
}
header('location: /id'.$id);
}else{
echo '<div class="fon">Следующий комментарий можно оставить через '.$nastr['floodkom'].' сек.</div>';
header('refresh: 3; url=/id'.$id.'');
}
}
}else header('Location: /id'.$id);
}else header('Location: /id'.$id);
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
////Комментарий
case 'write':
$diz -> head('Новая запись');
$diz -> title('Новая запись');
$func->aut();
if ($ya['balls']>=$nastr['obcom']) {
$text = shit($_POST['text']);
$te = $db -> query("SELECT * FROM `comes` WHERE `where`='stena' and `id` = '".$id."' LIMIT 1");
if($te->num_rows>0){
$zap=$te->fetch_assoc();
if(($zap['stenacom']==0)or($zap['stenacom']==1 and $func->friends($zap['id'],$ya['id'])==true)or($zap['id']==$ya['id'])){
if (mb_strlen($text) < 3) {
echo '<div class="fon">Короткий комментарий!</div>';
header('refresh: 3; url=/post'.$id.'');
}else{
$mtime = $db -> query("SELECT * FROM `comes` WHERE `user` = '".$ya['id']."' order by `time` DESC")->fetch_assoc();
if($mtime['time']+$nastr['floodkom']<=time()){
$db -> query("INSERT INTO `comes` SET `where`='comes_stena', `user` = '".$ya['id']."', `idwh` = '".$id."',`text` = '".$text."',`time` = '".time()."'");
if($ya['id']!=$zap['user']){
$db -> query("UPDATE `users` SET `balls` = balls+$nastr[bcoms] WHERE `id` = '".$ya['id']."'");
$func->lenta($zap['user'],$func->famname($ya['id']).' '.$func->ifsex($ya['id'],'оставил','оставила').' [gomy=post'.$id.'/]комментарий к вашей записи[/gomy].',2,'user');
}
header('location: ?id='.(int)$id.'&page='.(int)$page);
}else{
echo '<div class="fon">Следующий комментарий можно оставить через '.$nastr['floodkom'].' сек.</div>';
header('refresh: 3; url=/post'.$id.'');
}
}
}else header('Location: /post'.$id);
}else header('Location: /post'.$id);
}else{
echo '<div class="fon">Вам не доступна данная функция!</div>';
header('refresh: 3; url=/post'.$id.'');
}
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
case 'del':
$func->aut();
if ($id != false) {
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$sid."' and `where`='comes_stena' LIMIT 1");
if ($sql -> num_rows > 0) {
$ass = $sql -> fetch_assoc();
if ($ya['level']>4 or $ass['user']==$ya['id'] or $foto['user']==$ya['id']) {
$db -> query("DELETE FROM `comes` WHERE `id` = '".$sid."' and `where`='comes_stena' LIMIT 1");
header('location: /post'.$otv);
} else header('location: /post'.$otv);
} else header('location: ./');
} else header('location: ../');
break;
case 'post':
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$id."'");
if ($sql -> num_rows > 0) {
$z = $sql -> fetch_assoc();
$diz -> head($func->famname($z['user'],0));
$diz -> title('Запись '.$func->famname($z['user'],0));
echo '<div class="fon">
<table><tr valign="top"><td>'.$func->avatar($z['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($z['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$z['time'])).'</span><br/><br/>
'.$func -> tags($func -> smiles($z['text'])).'</td>
</tr></table></div>';
echo '<div class="zap">';
echo '<a class="zap_b" href="'.ROOT.'id'.$z['idwh'].'">'.$func->avatar($z['idwh'],18,18,1).' '.$func->famname($z['idwh'],0).'</a>';
if ($ya['level'] > 1 or $z['user']==$ya['id'])echo'<a class="zap_b" href="/my/stena.php?id='.$z['idwh'].'&sid='.$id.'&mode=del_zp&page='.$page.'">Удалить</a>';
$like = $db -> dbcount('COUNT(`id`)','reit',"`where`='comes' and `komy`='".$id."'");
if($like>0)$like=$like=$func->kol($like); else $like=null;
echo'<a class="zap_b" href="'.ROOT.'like.php?id='.$id.'&sid='.$ya['id'].'&mode=comes&do=stena">'.$diz -> img('like.png').' '.$like.'</a>
</div>';
$count = $db -> dbcount('COUNT(`id`)','comes',"`idwh` = '".$id."' and `where`='comes_stena'");
if($count>0){
////------------------/////
$num = isset($ya['num']) ? $ya['num'] : 10;
$total = intval(($count - 1) / $num) + 1;
if (!isset($_GET['page']) || !is_numeric($_GET['page']) || $_GET['page'] < 1 )
{
$page = 1;
} elseif($_GET['page'] > $total)
{ $page = $total;
} else $page = intval(abs($_GET['page']));
$start = $page * $num - $num;
////------------------/////
$for = $db -> query("SELECT * FROM `comes` where `idwh` = '".$id."' and `where`='comes_stena' order by `time` DESC LIMIT ".$start.",".$num);
while ($assoc = $for -> fetch_assoc()) {
$dop = null;
if ($ya['level'] > 1 or $assoc['user']==$ya['id']) {
$dop = '<a href="/my/stena.php?id='.$assoc['user'].'&sid='.$assoc['id'].'&otv='.$z['id'].'&mode=del&page='.$page.'">[Удалить]</a>';
}
echo '<div class="fon">
<table><tr valign="top"><td>'.$func->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($assoc['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$assoc['time'])).'</span></br>
'.$func -> tags($func -> smiles($assoc['text'])).'<br/>'.$dop.'</td>
</tr></table></div>';
}
}else echo '<div class="fon">Комментариев пока нет.</div>';
if ($aut == true) {
$zap = $db -> query("SELECT * FROM `users` WHERE `id` = '".$z['idwh']."'")-> fetch_assoc();
if(($zap['stenacom']==0)or($zap['stenacom']==1 and $func->friends($zap['id'],$ya['id'])==true)or($zap['id']==$ya['id'])){
echo '<div class="fon"/><form action="?id='.$id.'&mode=write&page='.$page.'" method="post">
<hr>Комментарий:<br/>
<textarea name="text" rows="3" cols="15"></textarea><br/>
<input type="submit" value="Написать!"/></form></div>';
}
}
}else{
$diz -> head('Ошибка');
$diz -> title('Ошибка');
echo '<div class="fon"/>Запись не найдена или была удалена.</div>';
}
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
///////
default:
$sql = $db -> query("SELECT * FROM `users` WHERE `id` = '".$id."' LIMIT 1");
if ($sql -> num_rows > 0) {
$count = $db -> dbcount('COUNT(`id`)','comes',"`idwh` = '".$id."' and `where`='stena'");
if($count>$num){
$num2=$page*$num+$num;
////------------------/////
$for = $db -> query("SELECT * FROM `comes` where `idwh` = '".$id."' and `where`='stena' order by `time` DESC LIMIT ".$num.",".$num2);
while ($assoc = $for -> fetch_assoc()) {
echo '<div class="fon"><table><tr valign="top"><td>'.$func->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($assoc['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$assoc['time'])).'</span><br/><br/>
'.$func -> tags($func -> smiles($assoc['text'])).'</td>
</tr></table></div>';
echo '<div class="zap">
<a class="zap_b" href="'.ROOT.'post'.$assoc['id'].'">'.$diz -> img('guest.png').'</a>';
if ($ya['level'] > 1 or $assoc['user']==$ya['id'])echo'<a class="zap_b" href="/my/stena.php?id='.$id.'&sid='.$assoc['id'].'&mode=del&page='.$page.'">Удалить</a>';
$like = $db -> dbcount('COUNT(`id`)','reit',"`where`='comes' and `komy`='".$assoc['id']."'");
if($like>0)$like=$like; else $like=null;
echo'<a onclick="like_ok(like'.$assoc['id'].');" id="like'.$assoc['id'].'" data-id="'.$assoc['id'].'" data-ya="'.$ya['id'].'" data-mode="comes" class="zap_b">'.$diz -> img('like.png').' <span class="count_like">'.$like.'</span></a></div></div>';
}
}
}
}
} else header('location: '.ROOT.'id'.$id);
?>