Файл: modules/foto/inc/user_show_foto.php
Строк: 255
<?php
/* DCMS Special
* Дата последнего редактирования 19.12.2015
* Модифицировал densnet
*/
if (!isset($user) && !isset($_GET['id_user'])) {
header("Location: " . DIR_FOTO . "?" . SID);
exit;
}
if (isset($user)) {
$ank['id'] = $user['id'];
}
if (isset($_GET['id_user'])) {
$ank['id'] = $_GET['id_user'];
}
$ank = get_user($ank['id']);
if (!$ank) {
header("Location: " . DIR_FOTO . "?" . SID);
exit;
}
$gallery['id'] = intval($_GET['id_gallery']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"), 0) == 0) {
header("Location: " . DIR_FOTO . "$ank[id]/?" . SID);
exit;
}
$gallery = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"));
$foto['id'] = intval($_GET['id_foto']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"), 0) == 0) {
header("Location: " . DIR_FOTO . "$ank[id]/$gallery[id]/?" . SID);
exit;
}
$foto = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"));
if (isset($_GET['fav']) && $_GET['fav'] == 1) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_foto` WHERE `id_user` = '" . $user['id'] . "' AND `id_foto` = '" . $foto['id'] . "' LIMIT 1"), 0) == 0) {
mysql_query("INSERT INTO `bookmark_foto` (`id_foto`, `id_user`, `time`) VALUES ('$foto[id]', '$user[id]', '$time')");
msg('Фото добавлено в закладки');
header("Location: " . DIR_FOTO . "$ank[id]/$gallery[id]/$foto[id]/?page=" . intval($_GET['page']));
exit;
}
}
if (isset($_GET['fav']) && $_GET['fav'] == 0) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_foto` WHERE `id_user` = '" . $user['id'] . "' AND `id_foto` = '" . $foto['id'] . "' LIMIT 1"), 0) == 1) {
mysql_query("DELETE FROM `bookmark_foto` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]' ");
$_SESSION['message'] = 'Фото удалено из закладок';
header("Location: " . DIR_FOTO . "$ank[id]/$gallery[id]/$foto[id]/?page=" . intval($_GET['page']));
exit;
}
}
$set['title'] = $ank['nick'] . ' - ' . $gallery['name'] . ' - ' . $foto['name']; // заголовок страницы
require_once H . 'sys/inc/thead.php';
aut();
err();
if (access('foto_foto_edit') && $ank['level'] > $user['level'] || isset($user) && $ank['id'] == $user['id']) {
include 'inc/gallery_show_foto_act.php';
}
if (isset($user)) {
if (isset($_GET['rating']) && $_GET['rating'] == 'down') {
mysql_query("UPDATE `gallery_foto` SET `rating` = '" . ($foto['rating'] - 1) . "' WHERE `id` = '$foto[id]' LIMIT 1", $db);
mysql_query("DELETE FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]' LIMIT 1");
header("Location: ?");
$foto = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
} elseif (isset($_GET['rating']) && $_GET['rating'] == 'up') {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$user[id]' LIMIT 1"), 0) != 0) {
} else {
mysql_query("UPDATE `gallery_foto` SET `rating` = '" . ($foto['rating'] + 1) . "' WHERE `id` = '$foto[id]' LIMIT 1", $db);
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`) values('$user[id]', '$foto[id]')", $db);
}
header("Location: ?");
}
}
#Навигация
echo "<nav class='navbar navbar-light' style='background-color: #607D8B; color: #fff;'>";
echo "<ul class='nav navbar-nav'>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link' href='/'><i class='material-icons'>home</i></a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link'><i class='material-icons'>keyboard_arrow_right</i></a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link' href='" . DIR_FOTO . "'>Фотоальбомы</a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link'><i class='material-icons'>keyboard_arrow_right</i></a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link' href='" . DIR_FOTO . "$ank[id]/'>Альбомы $ank[nick]</a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link'><i class='material-icons'>keyboard_arrow_right</i></a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link' href='" . DIR_FOTO . "$ank[id]/$gallery[id]/'>$gallery[name]</a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link'><i class='material-icons'>keyboard_arrow_right</i></a></li>";
echo "<li class='nav-item' style='margin-left: 1px;'><a class='nav-link'>$foto[name]</a></li>";
echo "</ul>";
echo "</nav>";
if (isset($_POST['password'])) {
setcookie("passfoto[$gallery[id]]", $_POST['password']);
if (isset($_POST['password']) && $_POST['password'] == $gallery['password']) {
header("Location:?enter=ok");
}
}
if ($gallery['access'] == 'only_me') {
if ($ank['id'] == $user['id'] && isset($user) || isset($umodd)) {
} else {
echo "<div class='alert alert-danger'>";
echo "<i class='material-icons'>lock</i> Вам запрещено просматривать это фото.";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($gallery['access'] == 'friends') {
if ($ank['id'] == $user['id'] && isset($user) || isset($umodd) || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '$user[id]' AND `friends` = '$ank[id]') OR (`user` = '$ank[id]' AND `friends` = '$user[id]')"), 0) != 0) {
} else {
echo "<div class='alert alert-danger'>";
echo "<i class='material-icons'>lock</i> Фото доступно только друзьям автора.";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($gallery['access'] == 'pass') {
if (isset($_COOKIE['passfoto'][$gallery['id']]) && $_COOKIE['passfoto'][$gallery['id']] == $gallery['password'] || $ank['id'] == $user['id'] && isset($user) || isset($umodd)) {
} else {
if (isset($_POST['password']) && $_POST['password'] != $gallery['password']) {
$err[] = "Пароль неправильный";
}
err();
echo "<form class='list-group-item' method='post'>";
echo "<div class='row'>";
echo "Чтобы просмотреть фотоальбом, введите пароль:<br />n";
echo "<div class='input-field col s12'>";
echo "<input id='password' name='password' length='100' type='text' value='' class='validate'>";
echo "<label for='password'>Пароль</label>";
echo "</div>";
echo "</div>";
echo "<button class='waves-effect waves-light btn'>Далее</button>";
echo "</form>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($gallery['access'] == 'auth') {
if (isset($user)) {
} else {
echo "<div class='alert alert-danger'><i class='material-icons'>person</i> Фотоальбом доступен только авторизованным пользователям!</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
}
$user['ank_age'] = 0;
if ($user['ank_d_r'] != NULL && $user['ank_m_r'] != NULL && $user['ank_g_r'] != NULL) {
$user['ank_age'] = date("Y") - $user['ank_g_r'];
if (date("n") < $user['ank_m_r']) {
$user['ank_age'] = $user['ank_age'] - 1;
} elseif (date("n") == $user['ank_m_r'] && date("j") < $user['ank_d_r']) {
$user['ank_age'] = $user['ank_age'] - 1;
}
}
if (!isset($_SESSION['foto_adult']) && !isset($_GET['passed']) && $user['ank_age'] < 18 && $foto['adult'] == 1) {
if (!isset($user)) {
echo "<div class='list-group-item'>";
echo "Фото с меткой <font color='red'>(+18)</font> доступны только для авторизованных пользователей. Пожалуйста, пройдите процесс <a href='/aut.php'>авторизации</a> или <a href='/reg.php'>регистрации</a>";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
echo "<div class='list-group-item'>";
echo "Внимание! Это содержимое только для взрослых!<br/>После нажатия, Ваш выбор будет отправлен администрации<br/>";
echo "Нажимая ДА, Вы подтверждаете, что Вам 18 или более лет.<br/>Если Вам менее 18 лет - нажмите НЕТ.<br /><br />";
echo "<a class='btn btn-success' href='?passed'>Подтверждаю</a> <a class='btn btn-secondary' href='" . DIR_FOTO . "$ank[id]/'>Нет</a>";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
if (!isset($_SESSION['foto_adult']) && isset($_GET['passed']) && $foto['adult'] == 1) {
$_SESSION['foto_adult'] = 1;
}
echo "<div style='font-size: 18px;font-weight: bold;' class = 'list-group-item'>Фотография <a style = 'float:right;' href = '" . DIR_FOTO . "foto0/$foto[id].$foto[ras]'><small>Смотреть</small></a></div>";
echo "<div class='list-group-item' style='text-align: center;'>n";
if (IS_WEB) {
echo "<img class='show_foto' src='" . DIR_FOTO . "foto640/$foto[id].$foto[ras]' style = '-moz-box-shadow: 0 0 10px rgba(0,0,0,0.5);-webkit-box-shadow: 0 0 10px rgba(0,0,0,0.5);box-shadow: 0 0 10px rgba(0,0,0,0.5);border: 1px solid #CCDDED; padding: 2px; border-radius: 5px; max-width: 450px; max-height: 450px; ' alt='$foto[name]' /><br />n";
} else {
echo "<img class='show_foto' src='" . DIR_FOTO . "foto640/$foto[id].$foto[ras]' style = '-moz-box-shadow: 0 0 10px rgba(0,0,0,0.5);-webkit-box-shadow: 0 0 10px rgba(0,0,0,0.5);box-shadow: 0 0 10px rgba(0,0,0,0.5);border: 1px solid #CCDDED; padding: 2px; border-radius: 5px; max-width: 200px; max-height: 200px;' alt='$foto[name]' /><br />n";
}
if ($foto['opis'] != null) {
echo toOutput($foto['opis']) . "<br />n";
}
echo "</div>";
if (isset($user)) {
echo "<div class='list-group-item'>";
echo "<i class='material-icons'>favorite</i> <b>$foto[rating]</b> ";
echo "<i class='material-icons'>bookmark</i> <b>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_foto` WHERE `id_foto` = '$foto[id]' LIMIT 1"), 0) . "</b>";
echo "<br /><br />";
$like = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_foto` = '$foto[id]'"), 0);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
echo "<a href='?id=$foto[id]&rating=up' title='Мне нравится'><i class='material-icons'>favorite_border</i> Нравится</a> ";
} else {
echo "<a href='?id=$foto[id]&rating=down' title='Не нравится'><i class='material-icons'>favorite</i> Нравится</a> ";
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_foto` WHERE `id_user` = '" . $user['id'] . "' AND `id_foto` = '" . $foto['id'] . "' LIMIT 1"), 0) == 0) {
echo "<a href='?fav=1' title='Добавить в закладки'><i class='material-icons'>bookmark_border</i> В закладки</a>";
} else {
echo "<a href='?fav=0' title='Удалить из закладок'><i class='material-icons'>bookmark</i> Из закладок</a>";
}
echo "</div>";
}
if (access('foto_foto_edit') && $ank['level'] > $user['level'] || isset($user) && $ank['id'] == $user['id']) {
include 'inc/gallery_show_foto_form.php';
}
echo "<div class='list-group-item'>";
echo "<a href='" . DIR_FOTO . "$ank[id]/$gallery[id]/komm/$foto[id]/'>";
echo "<i class='material-icons'>forum</i> Показать все комментарии <span class='label label-info'>" . mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'"), 0) . "</span>";
echo "</a></div>";
if (isset($_POST['msg']) && isset($user)) {
$msg = $_POST['msg'];
$mat = antimat($msg);
if ($mat) {
$err[] = 'В тексте сообщения обнаружен мат: ' . $mat;
}
if (utf8_strlen($msg) > 10024) {
$err = 'Сообщение слишком длинное';
} elseif (utf8_strlen($msg) < 2) {
$err = 'Короткое сообщение';
} elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$user[id]' AND `msg` = '" . mysql_real_escape_string($msg) . "' LIMIT 1"), 0) != 0) {
$err = 'Ваше сообщение повторяет предыдущее';
} elseif (!isset($err)) {
if ($ank['id'] != $user['id']) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '$SexOst [url=/modules/foto/$ank[id]/$gallery[id]/komm/$foto[id]/]комментарий к Вашему фото[/url]', '$time')");
}
mysql_query("INSERT INTO `gallery_komm` (`id_foto`, `id_user`, `time`, `msg`) values('$foto[id]', '$user[id]', '$time', '" . mysql_real_escape_string($msg) . "')");
mysql_query("UPDATE `user` SET `money` = '" . ($user['money'] + 3) . "', `activity` = '" . ($user['activity'] + 2) . "' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: ?");
}
}
err();
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'"), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class='list-group-item' style='margin-top: 5px;margin-bottom: 5px;'>n";
echo "<i class='material-icons'>feedback</i> Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `gallery_komm` WHERE `id_foto` = '$foto[id]' ORDER BY `id` ASC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)) {
$ank2 = mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo "<div class='list-group-item' style='margin-top: 5px;margin-bottom: 5px;'>n";
echo "<table><tr><td class='icon14'>";
avatar($ank2['id'], '40', 'border-radius: 2px;');
echo " </td><td class='null'>n";
echo "<div style='float:right;' id='hides' title='" . date::time($post['time']) . "'><small>" . date::timek($post['time']) . "</small></div>";
user($ank2['id']);
echo "<br />";
echo toOutput($post['msg']);
echo "</td></tr></table></div>n";
}
if ($k_page > 1) {
echo "<div class='list-group-item'>";
str('?', $k_page, $page);
echo "</div>";
}
if (isset($user)) {
if ($foto['komm'] == 'all' || $foto['komm'] == 'only_me' && ($user['id'] == $ank['id'] || $user['level'] >= 3) || $foto['komm'] == 'friends' && ($ank['id'] == $user['id'] || $user['level'] >= 3 || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '$user[id]' AND `friends` = '$ank[id]') OR (`user` = '$ank[id]' AND `friends` = '$user[id]')"), 0) != 0)) {
echo "<form method='post' class='list-group-item' name='message' action='?$passgen'>n";
echo "<div class='row'>";
echo "<div class='input-field col s12'>";
echo "<textarea name='msg' id='msg' length='256' class='materialize-textarea'></textarea>";
echo "<label for='msg'>Сообщение</label>";
echo "</div>";
echo "</div>";
echo "<button class='waves-effect waves-light btn'><i class='material-icons'>done</i> Опубликовать</button>";
echo "</form>";
} else {
echo "<div class='alert alert-info'>";
echo "Автор ограничил круг лиц, которые могут оставлять комментарии.";
echo "</div>";
}
}
require_once H . 'sys/inc/tfoot.php';
exit;