Файл: news.php
Строк: 153
<?php
session_start();
include ('private/mysql.php');
include ('tmp/head.php');
switch($sd){
default:
$num = 5;
$page = (int)mysql_real_escape_string(htmlspecialchars(strip_tags($_GET['page'])));
$result = mysql_query("SELECT * FROM `news`") or die(mysql_error());
$posts = mysql_num_rows($result);
$total = intval(($posts - 1) / $num) + 1;
$page = intval($page);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$q = mysql_query("SELECT * FROM `news` ORDER BY `id` DESC LIMIT $start, $num");
While($w = mysql_fetch_assoc($q)){
$last = mysql_fetch_assoc(mysql_query("SELECT * FROM `news` ORDER BY `id` DESC LIMIT 1"));
echo "</div><div class='last_news'><b>$w[title]</b> <font color='grey'><i> ($w[date])</i></font>";
if($user['access']=='3'){
echo " [<a href='azone.php?sd=delnews&id=$w[id]'>Удалить</a>]";
}
echo "<hr>$w[text]<hr>[<a href='news.php?sd=like&id=$w[id]'>Хорошо <img src='img/like.png' width='10'></a></a> <font color=lightgreen>$w[like]</font>] [<a href='news.php?sd=dlike&id=$w[id]'>Плохо <img src='img/dislike.png' width='10'></a> <font color=red>$w[dislike]</font>]<hr>";
$kolcom = mysql_num_rows(mysql_query("SELECT * FROM `news_kom` WHERE `news`='$w[id]'"));
echo "<a href='news.php?sd=comment&id=$w[id]'>Комментарии</a> <small>($kolcom)</small></div><div class='main'>";
}
if ($page != 1) $pervpage = '<a href=?page=1>««</a>
<a href=?page='. ($page - 1) .'>«</a> ';
if ($page != $total) $nextpage = ' <a href=?page='. ($page + 1) .'>»</a>
<a href=?page=' .$total. '>»»</a>';
if($page - 2 > 0) $page2left = ' <a href=?page='. ($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = '<a href=?page='. ($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 2 <= $total) $page2right = ' | <a href=?page='. ($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href=?page='. ($page + 1) .'>'. ($page + 1) .'</a>';
echo $pervpage.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$nextpage;
break;
case 'comment':
$q = mysql_query("SELECT * FROM `news` WHERE `id`='$id'");
$e = mysql_num_rows($q);
if($e=='0'){
header('Location: main.php');
exit;
}
$w = mysql_fetch_assoc($q);
echo "</div><div class='last_news'><b>$w[title]</b> <font color='grey'><i> ($w[date])</i></font>";
if($user['access']=='3'){
echo " [<a href='azone.php?sd=delnews&id=$w[id]'>Удалить</a>]";
}
echo "<hr>$w[text]<hr>[<a href='news.php?sd=like&id=$w[id]'>Хорошо <img src='img/like.png' width='10'></a></a> <font color=lightgreen>$w[like]</font>] [<a href='news.php?sd=dlike&id=$w[id]'>Плохо <img src='img/dislike.png' width='10'></a> <font color=red>$w[dislike]</font>]<hr>";
$kolcom = mysql_num_rows(mysql_query("SELECT * FROM `news_kom` WHERE `news`='$w[id]'"));
$num = 5;
$page = (int)mysql_real_escape_string(htmlspecialchars(strip_tags($_GET['page'])));
$result = mysql_query("SELECT * FROM `news_kom` WHERE `news`='$w[id]'") or die(mysql_error());
$posts = mysql_num_rows($result);
$total = intval(($posts - 1) / $num) + 1;
$page = intval($page);
if(empty($page) or $page < 0) $page = 1;
if($page > $total) $page = $total;
$start = $page * $num - $num;
$asd = mysql_query("SELECT * FROM `news_kom` WHERE `news`='$id' ORDER BY `id` ASC LIMIT $start, $num");
$e2 = mysql_num_rows($asd);
if($e2 == '0'){
echo "<font size=2 color=darkred><i>Комментариев нет.</i></font><hr>";
}else{
echo "<font color=green>Комментарии:</font><hr>";
While($w2 = mysql_fetch_assoc($asd)){
$author = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='$w2[author]'"));
echo "$author[login] (<font size=1 color=grey><i>$w2[date]</i></font>):<br>$w2[text]<hr>";
}
if ($page != 1) $pervpage = '<a href=?sd=comment&id='.$id.'&page=1>««</a>
<a href=?sd=comment&id='.$id.'&page='. ($page - 1) .'>«</a> ';
if ($page != $total) $nextpage = ' <a href=?sd=comment&id='.$id.'&page='. ($page + 1) .'>»</a>
<a href=?sd=comment&id='.$id.'&page=' .$total. '>»»</a>';
if($page - 2 > 0) $page2left = ' <a href=?sd=comment&id='.$id.'&page='. ($page - 2) .'>'. ($page - 2) .'</a> | ';
if($page - 1 > 0) $page1left = '<a href=?sd=comment&id='.$id.'&page='. ($page - 1) .'>'. ($page - 1) .'</a> | ';
if($page + 2 <= $total) $page2right = ' | <a href=?sd=comment&id='.$id.'&page='. ($page + 2) .'>'. ($page + 2) .'</a>';
if($page + 1 <= $total) $page1right = ' | <a href=?sd=comment&id='.$id.'&page='. ($page + 1) .'>'. ($page + 1) .'</a>';
if($e2>='5' or $page!='1'){
echo $pervpage.$page2left.$page1left.'<b>'.$page.'</b>'.$page1right.$page2right.$nextpage.'<hr>';
}
}
echo "<form action='news.php?sd=add_komm&id=$w[id]&page=$page' method='post'>
<textarea name='text' class='enter' style='width:98%' rows='5'></textarea><br>
<input type='submit' value='Написать' class='enter'></form>";
if($user['access'] == '3'){
echo "<hr><a href='news.php?sd=clear_kom&id=$w[id]'>Удалить все комментарии</a><br>";
}
echo "<hr><a href='news.php?'>Назад</a>";
break;
case 'dlike':
$q = mysql_query("SELECT * FROM `news` WHERE `id`='$id'");
$e = mysql_num_rows($q);
if($e=='0'){
header('Location: news.php');
exit;
}
$t = mysql_num_rows(mysql_query("SELECT * FROM `likes` WHERE `user`='$uid' and `news`='$id'"));
if($t>='1'){
header("Location: news.php?sd=comment&id=$id");
exit;
}
mysql_query("UPDATE `news` SET `dislike`=`dislike`+'1' WHERE `id`='$id'");
mysql_query("INSERT INTO `likes` SET `user`='$uid',`news`='$id'");
header("Location: news.php?sd=comment&id=$id");
exit;
break;
case 'like':
$q = mysql_query("SELECT * FROM `news` WHERE `id`='$id'");
$e = mysql_num_rows($q);
if($e=='0'){
header('Location: news.php');
exit;
}
$t = mysql_num_rows(mysql_query("SELECT * FROM `likes` WHERE `user`='$uid' and `news`='$id'"));
if($t>='1'){
header("Location: news.php?sd=comment&id=$id");
exit;
}
mysql_query("UPDATE `news` SET `like`=`like`+'1' WHERE `id`='$id'");
mysql_query("INSERT INTO `likes` SET `user`='$uid',`news`='$id'");
header("Location: news.php?sd=comment&id=$id");
exit;
break;
case 'clear_kom':
mysql_query("DELETE FROM `news_kom` WHERE `news`='$id'");
header('Location: news.php?sd=comment&id='.$id.'');
exit;
break;
case 'add_komm':
$text = htmlspecialchars($_POST['text']);
$text = mysql_escape_string($text);
$page = (int)mysql_real_escape_string(htmlspecialchars(strip_tags($_GET['page'])));
if($text == ''){
echo "Комментарий пуст.<br><a href='news.php?sd=comment&id=$id'>Назад</a>";
include ('tmp/foot.php');
exit;
}
$chek = mysql_num_rows(mysql_query("SELECT * FROM `news` WHERE `id`='$id'"));
if($chek == '0'){
echo "Ошибка.<br><a href='news.php?'>Назад</a>";
include ('tmp/foot.php');
exit;
}
mysql_query("INSERT INTO `news_kom` SET
`news`='$id',
`author`='$user[id]',
`text`='$text'");
header('Location: news.php?sd=comment&id='.$id.'&page='.$page.'');
exit;
break;
}
include ('tmp/foot.php');
?>