Файл: user/wall/index.php
Строк: 364
<?php
/* DCMS Special
* Дата последнего редактирования 11.12.2015
* Модифицировал densnet
*/
if (isset($_GET['id']) && $_GET['id'] != NULL) {
$ank = get_user(intval($_GET['id']));
} elseif (isset($user)) {
$ank = get_user($user['id']);
}
if (!$ank) {
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user', 'thead') as $inc) {
require_once "../../sys/inc/{$inc}.php";
}
aut();
echo "<div class = 'alert alert-info'>";
echo "<i class='material-icons'>feedback</i> Пользователь не найден! Укажите id пользователя";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
if (isset($_GET['set']) && $ank['id'] == $user['id'] && isset($user)) {
if (isset($_POST['save']) && $_POST['mdp'] == md5($user['pass'])) {
if (in_array($_POST['access'], array('all', 'only_me', 'friends', 'pass', 'auth'))) {
$access = $_POST['access'];
} else {
$access = 'all';
}
$pass = NULL;
if ($access == 'pass') {
if (utf8_strlen($_POST['passwd']) < 1) {
$err[] = 'Введите пароль!';
}
if (utf8_strlen($_POST['passwd']) > 20) {
$err[] = 'Пароль слишком длинный! (max. 20)';
}
$pass = $_POST['passwd'];
}
if (!isset($err)) {
mysql_query("UPDATE `user` SET `wall_access` = '$access', `wall_password` = '" . mysql_real_escape_string($pass) . "' WHERE `id` = '$ank[id]'");
}
if (in_array($_POST['komm'], array('all', 'only_me', 'friends'))) {
$komm = $_POST['komm'];
} else {
$komm = 'all';
}
mysql_query("UPDATE `user` SET `wall_komm` = '$komm' WHERE `id` = '$ank[id]'");
if (!isset($err)) {
$ank['wall_password'] = $pass;
$ank['wall_access'] = $access;
$ank['wall_komm'] = $komm;
msg("Настройки успешно сохранены");
}
}
err();
echo "<form method='post' class='card-block' action=''>";
echo "<b>Кто видет записи стены?</b><br />";
echo "<input class='with-gap' name='access' type='radio' " . ($ank['wall_access'] == 'all' ? " checked='checked'" : null) . " id='all' value='all' /><label for='all'><i class='material-icons'>public</i> Все</label><br />";
echo "<input class='with-gap' name='access' type='radio' " . ($ank['wall_access'] == 'only_me' ? " checked='checked'" : null) . " id='only_me' value='only_me' /><label for='only_me'><i class='material-icons'>lock</i> Только я</label><br />";
echo "<input class='with-gap' name='access' type='radio' " . ($ank['wall_access'] == 'auth' ? " checked='checked'" : null) . " id='auth' value='auth' /><label for='auth'><i class='material-icons'>person</i> Только авторизованные</label><br />";
echo "<input class='with-gap' name='access' type='radio' " . ($ank['wall_access'] == 'friends' ? " checked='checked'" : null) . " id='friends' value='friends' /><label for='friends'><i class='material-icons'>group</i> Только друзья</label><br />";
echo "<input class='with-gap' name='access' type='radio' " . ($ank['wall_access'] == 'pass' ? " checked='checked'" : null) . " id='pass' value='pass' /><label for='pass'><i class='material-icons'>vpn_key</i> Только по паролю</label><br />";
echo "<div class='row'>";
echo "<div class='input-field col s12'>";
echo "<input id='password' name='passwd' length='16' type='text' value='" . htmlspecialchars($user['wall_password']) . "' class='validate'>";
echo "<label for='password'>Пароль</label>";
echo "</div>";
echo "</div>";
echo "<b>Кто может оставлять записи?</b><br />";
echo "<input class='with-gap' name='komm' type='radio' " . ($ank['wall_komm'] == 'all' ? " checked='checked'" : null) . " id='all' value='all' /><label for='all'><i class='material-icons'>public</i> Все</label><br />";
echo "<input class='with-gap' name='komm' type='radio' " . ($ank['wall_komm'] == 'only_me' ? " checked='checked'" : null) . " id='only_me' value='only_me' /><label for='only_me'><i class='material-icons'>lock</i> Только я</label><br />";
echo "<input class='with-gap' name='komm' type='radio' " . ($ank['wall_komm'] == 'friends' ? " checked='checked'" : null) . " id='friends' value='friends' /><label for='friends'><i class='material-icons'>group</i> Только друзья</label><br />";
echo "<button name='save' class='waves-effect waves-light btn'><i class='material-icons'>save</i> Сохранить</button>";
echo "<input type='hidden' name='mdp' value='" . md5($user['pass']) . "'/></form>";
echo "<div class='card-block'><a href='?id=$ank[id]&act=wall'><i class='material-icons'>keyboard_backspace</i> Назад</a></div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
if (isset($_POST['password'])) {
$set_cook = $_POST['password'];
setcookie("passgb[$ank[id]]", $set_cook);
if (isset($_POST['password']) && $_POST['password'] == $ank['wall_password']) {
header("Location:?id=$ank[id]&act=wall&enter=ok");
}
}
if ($ank['wall_access'] == 'only_me') {
if ($ank['id'] == $user['id'] && isset($user) || $user['group_access'] >= 7) {
} else {
echo "<div class = 'alert alert-info'>Доступ к записям на стене закрыт!</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($ank['wall_access'] == 'friends') {
if ($ank['id'] == $user['id'] && isset($user) || $user['group_access'] >= 7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '$user[id]' AND `friends` = '$ank[id]') OR (`user` = '$ank[id]' AND `friends` = '$user[id]')"), 0) != 0) {
} else {
echo "<div class = 'alert alert-info'>Доступ к записям на стене открыт только друзьям автора!</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($ank['wall_access'] == 'pass') {
if (isset($_COOKIE['passgb'][$ank['id']]) && $_COOKIE['passgb'][$ank['id']] == $ank['wall_password'] || $ank['id'] == $user['id'] && isset($user) || $user['group_access'] >= 7) {
} else {
echo "<div class = 'alert alert-info'>";
if (isset($_POST['password']) && $_POST['password'] != $ank['wall_password']) {
echo "<b>Попробуйте еще раз!</b><br/>";
}
echo "Доступ открыт только по паролю!<br /> Чтобы просматривать записи стены, введите пароль:";
echo "</div>";
echo "<form action = '' class = 'card-block' method = "post">";
echo "Пароль<br />";
echo "<input type = "text" name = "password" /><br />";
echo "<button name = 'go' class = 'waves-effect waves-light btn'>Войти</button>";
echo "</form>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} elseif ($ank['wall_access'] == 'auth') {
if (isset($user)) {
} else {
echo "<div class = 'alert alert-info'>";
echo "Доступ к стене открыт только авторизированным пользователям!</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
}
if (isset($_GET['clean']) && isset($user) && ($user['group_access'] >= 7 || $user['id'] == $ank['id'])) {
if (isset($_GET['all'])) {
if (isset($_GET['ok'])) {
mysql_query("DELETE FROM `wall` WHERE `id_wall` = '$ank[id]'");
msg("Стена успешно очищена");
} else {
echo "<div class='card-block'>Очистить стену от записей?<br />";
echo "<a class='waves-effect waves-light btn' href='?id=$ank[id]&act=wall&clean&all&ok'>Да</a> <a class='waves-effect waves-light btn btn-secondary' href='?id=$ank[id]&act=wall'>Нет</a>";
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
} else {
if (isset($_GET['ok'])) {
$ch = intval($_POST['ch']);
$mn = intval($_POST['mn']);
$nt = $ch * $mn * 3600;
$nt = $time - $nt;
mysql_query("DELETE FROM `wall` WHERE `time` < '$nt'");
msg("Записи успешно очищены");
} else {
echo "<div class='card-block'><a href='?id=$ank[id]&act=wall&clean&all'><i class='material-icons'>delete</i> Очистить стену полностью?</a></div>";
echo "<form method='post' class='card-block' action='?id=$ank[id]&act=wall&clean&ok'>";
echo "Будут удалены записи, написанные ... тому назад:<br />";
echo "<div class='row'>";
echo "<div class='input-field col s4'>";
echo "<input id='ch' name='ch' type='text' value='1' class='validate'>";
echo "<label for='ch'>Количество</label>";
echo "</div>";
echo "<div class='input-field col s5'>";
echo "<select class='form-control' name='mn'>";
echo '<option value="1" selected="selected">Часов</option>';
echo '<option value="24">Дней</option>';
echo '<option value="168">Недель</option>';
echo '<option value="744">Месяцев</option>';
echo '</select>';
echo "</div></div>";
echo "<button class='waves-effect waves-light btn'><i class='material-icons'>delete</i> Очистить</button>";
echo "</form>";
echo "<div class='card-block'><a href='?id=$ank[id]&act=wall'><i class='material-icons'>keyboard_backspace</i> Назад</a></div>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
}
}
if (isset($_GET['like']) && isset($user)) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_like` WHERE `id_komm` = '" . intval($_GET['like']) . "' AND `id_user` = '$user[id]' LIMIT 1"), 0) != 0) {
} else {
mysql_query("INSERT INTO `wall_like` (`id_user`, `id_komm`) values('$user[id]', '" . intval($_GET['like']) . "')");
}
if (isset($user) && $user['id'] != $ank['id']) {
$msgok = "$SexOcen Вашу [url=/user/wall/comments.php?id=" . intval($_GET['id']) . "]запись[/url].";
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$ank[id]', '$msgok', '$time')");
}
}
if (isset($_GET['unlike']) && isset($user)) {
mysql_query("DELETE FROM `wall_like` WHERE `id_user` = '$user[id]' AND `id_komm` = '" . intval($_GET['unlike']) . "' LIMIT 1");
}
if (isset($_POST['msg']) && isset($user) && ($ank['wall_komm'] == 'all' || $ank['wall_komm'] == 'only_me' && ($user['id'] == $ank['id'] || $user['group_access'] >= 7) || $ank['wall_komm'] == 'friends' && ($ank['id'] == $user['id'] || $user['group_access'] >= 7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '$user[id]' AND `friends` = '$ank[id]') OR (`user` = '$ank[id]' AND `friends` = '$user[id]')"), 0) != 0))) {
$msg = $_POST['msg'];
if (utf8_strlen($msg) > 10024) {
$err = 'Сообщение слишком длинное';
}
if (utf8_strlen($msg) < 1) {
$err = 'Короткое сообщение';
}
if (isset($_POST['privat_komm'])) {
if ($_POST['privat_komm'] == 1) {
$privat_komm = '1';
} else {
$privat_komm = '0';
}
} else {
$privat_komm = '0';
}
if (!isset($err)) {
$not = "$SexOst запись на Вашей [url=/info.php?id=" . $ank['id'] . "&act=wall]стене[/url]";
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$ank[id]', '$not', '$time')");
$msg = mysql_real_escape_string($msg);
mysql_query("INSERT INTO `wall` (id_user,id_wall, time, msg, privat_komm) values('$user[id]', '$ank[id]', '$time', '$msg', '$privat_komm')");
mysql_query("UPDATE `user` SET `money` = '" . ($user['money'] + 3) . "', `activity` = '" . ($user['activity'] + 3) . "' WHERE `id` = '$user[id]' LIMIT 1");
$q3 = NULL;
$qq = mysql_query("SELECT * FROM `wall` WHERE `id_wall` = '$ank[id]'");
while ($ppost = mysql_fetch_array($qq)) {
$a = get_user($ppost['id_user']);
if ($a) {
$array = explode(";", $q3);
foreach ($array as $key => $value) {
if ($value == $a['id']) {
$g = 1;
}
}
if (!isset($g)) {
$q3 = "" . ($q3 != NULL ? "$q3;" : null) . "$a[id]";
}
if (isset($g)) {
unset($g);
}
}
}
$array = explode(";", $q3);
foreach ($array as $key => $value) {
$a = get_user($value);
if ($value != NULL && $a) {
if ($a['id'] != $ank['id'] && $a['id'] != $user['id']) {
$not = "$SexOst запись на [url=/info.php?id=" . $ank['id'] . "&act=wall]стене[/url]";
mysql_query("INSERT INTO `notifications` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$a[id]', '$not', '$time')");
}
}
}
}
header("Location:?id=$ank[id]&act=wall");
} elseif (isset($_GET['hide']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `wall` WHERE `id` = '" . intval($_GET['hide']) . "' AND `hide_user` = '0' AND `id_wall` = '$ank[id]' LIMIT 1"), 0) != 0 && isset($user)) {
$komm = mysql_fetch_array(mysql_query("SELECT * FROM `wall` WHERE `id` = '" . intval($_GET['hide']) . "' AND `id_wall` = '$ank[id]' LIMIT 1"));
$ank2 = get_user($komm['id_user']);
if ($user['group_access'] >= 7) {
mysql_query("UPDATE `wall` SET `hide_user` = '1', `hide_user` = '$user[id]' WHERE `id` = '" . intval($_GET['hide']) . "' AND `id_wall` = '$ank[id]' LIMIT 1");
}
} elseif (isset($_GET['show']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `wall` WHERE `id` = '" . intval($_GET['show']) . "' AND `hide_user` = '1' AND `id_wall` = '$ank[id]' LIMIT 1"), 0) != 0 && isset($user)) {
$komm = mysql_fetch_array(mysql_query("SELECT * FROM `wall` WHERE `id` = '" . intval($_GET['show']) . "' AND `id_wall` = '$ank[id]' LIMIT 1"));
$ank2 = get_user($komm['id_user']);
if ($user['group_access'] >= 7) {
mysql_query("UPDATE `wall` SET `hide_user` = '0' WHERE `id` = '" . intval($_GET['show']) . "' AND `id_wall` = '$ank[id]' LIMIT 1");
}
}
err();
if ($ank['wall_komm'] == 'all' || $ank['wall_komm'] == 'only_me' && ($user['id'] == $ank['id'] || $user['group_access'] >= 7) || $ank['wall_komm'] == 'friends' && ($ank['id'] == $user['id'] || $user['group_access'] >= 7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '$user[id]' AND `friends` = '$ank[id]') OR (`user` = '$ank[id]' AND `friends` = '$user[id]')"), 0) != 0)) {
echo "<form method='post' class='card-block' action='?id=$ank[id]&act=wall' name='message' style='border-bottom: 1px solid #dcdee3;'>";
if (isset($user) && $user['id'] != $ank['id']) {
echo "<div class='row'>";
echo "<div class='input-field col s12'>";
echo "<textarea name='msg' id='msg' length='10024' class='materialize-textarea'></textarea>";
echo "<label for='msg'>Напишите что-нибудь...</label>";
echo "</div>";
echo "</div>";
} else {
echo "<div class='row'>";
echo "<div class='input-field col s12'>";
echo "<textarea name='msg' id='msg' length='10024' class='materialize-textarea'></textarea>";
echo "<label for='msg'>О чем Вы думаете?</label>";
echo "</div>";
echo "</div>";
}
echo "<div class='switch'>";
echo "<label><input type='checkbox' name='privat_komm' value='1'><span class='lever'></span>Запретить комментировать</label>";
echo "</div><br />";
echo "<button class='waves-effect waves-light btn'>Опубликовать</button>";
echo "</form>";
} else {
echo "<div class='alert alert-danger'>Пользователь запретил оставлять записи на стене!</div>n";
}
if ($ank['id'] == $user['id'] && isset($user)) {
mysql_query("UPDATE `notification` SET `read` = '1' WHERE `id_kont` = '" . $user['id'] . "' AND `read` = '0'");
}
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `wall` WHERE `id_wall` = '$ank[id]'" . ($user['group_access'] < 7 ? " AND `hide_user` = '0'" : null) . ""), 0);
$k_page = k_page($k_post, $set['p_str']);
$page = page($k_page);
$start = $set['p_str'] * $page - $set['p_str'];
if ($k_post == 0) {
echo "<div class='card-block'>";
echo "<i class='material-icons'>feedback</i> Нет результатов";
echo "</div>";
}
$q = mysql_query("SELECT * FROM `wall` WHERE `id_wall` = '$ank[id]'" . ($user['group_access'] < 7 ? " AND `hide_user` = '0'" : null) . " ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q)) {
$ank2 = get_user($post['id_user']);
$wall_like = mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_like` WHERE `id_komm` = '$post[id]'"), 0);
$cmn = mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_comments` WHERE `id_wall` = '$post[id]'"), 0);
echo "<ul class='media-list media-list-conversation' style='border-bottom: 1px solid #dcdee3;'>";
echo "<li class='media card-block'>";
echo "<a class='media-left' href='/info.php?id=$ank2[id]'>";
avatars($ank2['id'], '40');
echo "</a>";
echo "<div class='media-body'><div class='media-body-text'>";
echo toOutput($post['msg']);
include H . '/user/wall/file.php';
echo "</div><div class='media-footer'>";
echo "<span class='text-muted'>";
if ($wall_like == 0) {
$wall_like = null;
} else {
$wall_like = mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_like` WHERE `id_komm` = '$post[id]'"), 0);
}
echo "<span style = 'float:right;'>";
#Мне нравится
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_like` WHERE `id_komm` = '$post[id]' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
echo "<a href = '/info.php?id=$ank[id]&act=wall&like=$post[id]' data-toggle='tooltip' data-placement='left' title='Мне нравится'>$wall_like <i class='material-icons'>favorite_border</i></a>";
} else {
echo "<a href = '/info.php?id=$ank[id]&act=wall&unlike=$post[id]' data-toggle='tooltip' data-placement='left' title='Не нравится'>$wall_like <i class='material-icons'>favorite</i></a>";
}
echo "</span>";
echo user($ank2['id']) . " <span data-toggle='tooltip' data-placement='right' title='" . date::time($post['time']) . "' style='color:grey;'>" . date::times($post['time']) . "</span> ";
if ($cmn == 0) {
$cmn = null;
} else {
$cmn = mysql_result(mysql_query("SELECT COUNT(*) FROM `wall_comments` WHERE `id_wall` = '$post[id]'"), 0);
}
echo "<a href = '/user/wall/comments.php?id=$post[id]' style='color:grey;' data-toggle='tooltip' data-placement='bottom' title='Комментировать'><i class='material-icons'>forum</i> $cmn</a><br />";
$kum = @mysql_result(mysql_query("SELECT id_user FROM `wall_like` WHERE `id_komm` = '$post[id]'"), 0);
$kem = $wall_like - 1;
#Выводит тех, кому понравилась новость
if ($user['id'] == $kum) {
if ($wall_like == 1) {
$vam = "Вам это нравится";
} elseif ($wall_like >= 2) {
$vam = "Вам и еще <a href='/user/wall/comments.php?id=$post[id]&like_all'>" . sklon_text($kem, array('пользователю', 'пользователям', 'пользователям')) . "</a> это нравится";
}
} else {
$vam = "<a href='/user/wall/comments.php?id=$post[id]&like_all'>" . sklon_text($wall_like, array('пользователю', 'пользователям', 'пользователям')) . "</a> это нравится";
}
if ($wall_like == 1) {
echo "<div class='hr'></div>";
echo "<font color='#B2B2B2'><i class='material-icons'>favorite</i> $vam</font>";
} elseif ($wall_like >= 2) {
echo "<div class='hr'></div>";
echo "<font color='#B2B2B2'><i class='material-icons'>favorite</i> $vam</font>";
}
########
include 'mini_form.php';
echo "</small>";
echo "</div></div>";
echo "</li>";
echo "</ul>";
}
if ($k_page > 1) {
echo '<div class="card-block">';
str("/info.php?id=" . $ank['id'] . "&act=wall&", $k_page, $page);
echo "</div>";
}
if ($user['group_access'] >= 7) {
echo '<div class="card-block">';
echo "<a href='?id=$ank[id]&act=wall&clean'><i class='material-icons'>delete</i> Очистить</a>";
echo "</div>";
}
if ($ank['id'] == $user['id'] && isset($user)) {
echo '<div class="card-block">';
echo "<a href = '?id=$ank[id]&act=wall&set'><i class='material-icons'>settings</i> Настройки</a>";
echo "</div>";
}