Файл: info.php
Строк: 465
<?php
/* DCMS Special
* Дата последнего редактирования 02.02.2015
* Модифицировал densnet
*/
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
require_once "sys/inc/$inc.php";
}
if (isset($user)) {
$ank['id'] = $user['id'];
}
if (isset($_GET['id'])) {
$ank['id'] = intval($_GET['id']);
} elseif (isset($_GET['u'])) {
$array['user_url'] = $_GET['u'];
$user_url = mysql_real_escape_string($array['user_url']);
$result = mysql_query("SELECT `id` FROM `user` WHERE `user_url`='" . $user_url . "' LIMIT 1");
if (mysql_num_rows($result) > '0') {
$arr_url = mysql_fetch_assoc($result);
$ank['id'] = $arr_url['id'];
} else {
header("Location: /" . SID);
include_once 'sys/inc/tfoot.php';
exit;
}
}
only_reg('index.php');
if ($ank['id'] == 0) {
$ank = get_user($ank['id']);
$set['title'] = $ank['nick'] . ' - Профиль ';
require_once 'sys/inc/thead.php';
aut();
echo "<div class='list-group-item'>";
echo $ank['group_name'] . "<br />n";
if ($ank['ank_about_me'] != NULL) {
echo "О себе: " . $ank['ank_about_me'] . "<br />";
}
echo "</div>";
require_once 'sys/inc/tfoot.php';
exit;
}
$ank = get_user($ank['id']);
if (!$ank) {
header("Location: /index.php?" . SID);
exit;
}
$ank['rating'] = intval(@mysql_result(mysql_query("SELECT SUM(`rating`) FROM `user_voice2` WHERE `id_kont` = '" . $ank['id'] . "'"), 0));
$set['title'] = $ank['nick'] . ' - анкета '; // заголовок страницы
require_once 'sys/inc/thead.php';
if (isset($_GET['fav']) && isset($user)) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_user` WHERE `id_user` = '" . $user['id'] . "' AND `id_people` = '" . $ank['id'] . "' LIMIT 1"), 0) == 0 && $_GET['fav'] == 1) {
mysql_query("INSERT INTO `bookmark_user` (`id_people`, `id_user`, `time`) VALUES ('" . $ank['id'] . "', '" . $user['id'] . "', '$time')");
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_user` WHERE `id_user` = '" . $user['id'] . "' AND `id_people` = '" . $ank['id'] . "' LIMIT 1"), 0) == 1 && $_GET['fav'] == 0) {
mysql_query("DELETE FROM `bookmark_user` WHERE `id_user` = '" . $user['id'] . "' AND `id_people` = '" . $ank['id'] . "'");
}
header("Location: /info.php?id=" . $ank['id'] . "");
exit;
}
aut();
#Добавляем рейтинг
if (isset($_GET['rating']) && isset($user) && $user['id'] != $ank['id'] && $user['money'] >= 1 && mysql_result(mysql_query("SELECT SUM(`rating`) FROM `user_voice2` WHERE `id_kont` = '$user[id]'"), 0) >= 0) {
$my_r = intval(@mysql_result(mysql_query("SELECT `rating` FROM `user_voice2` WHERE `id_user` = '" . $user['id'] . "' AND `id_kont` = '$ank[id]'"), 0));
if ($my_r > '0') {
$_SESSION['message'] = lang("Вы уже голосовали");
header("Location: /info.php?id=" . $ank['id'] . "");
exit;
} else {
$new_r = min(max(@intval($_GET['rating']), 1), 5);
mysql_query("DELETE FROM `user_voice2` WHERE `id_user` = '" . $user['id'] . "' AND `id_kont` = '" . $ank['id'] . "' LIMIT 1");
if ($new_r) {
mysql_query("INSERT INTO `user_voice2` (`rating`, `id_user`, `id_kont`) VALUES ('$new_r','" . $user['id'] . "','" . $ank['id'] . "')");
}
$ank['rating'] = intval(mysql_result(mysql_query("SELECT SUM(`rating`) FROM `user_voice2` WHERE `id_kont` = '" . $ank['id'] . "'"), 0));
mysql_query("UPDATE `user` SET `rating` = '$ank[rating]' WHERE `id` = '$ank[id]' LIMIT 1");
if ($new_r == 1) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values ('" . $user['id'] . "', '$ank[id]', '" . ($user['sex'] ? 'проголосовал' : 'проголосовала') . " за Ваш профиль! Оценка [green]+1[/green]', '$time')");
}
if ($new_r == 2) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$ank[id]', '" . ($user['sex'] ? 'проголосовал' : 'проголосовала') . " за Ваш профиль! Оценка [green]+2[/green]', '$time')");
}
if ($new_r == 3) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$ank[id]', '" . ($user['sex'] ? 'проголосовал' : 'проголосовала') . " за Ваш профиль! Оценка [green]+3[/green]', '$time')");
}
if ($new_r == 4) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$ank[id]', '" . ($user['sex'] ? 'проголосовал' : 'проголосовала') . " за Ваш профиль! Оценка [green]+4[/green]', '$time')");
}
if ($new_r == 5) {
mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('" . $user['id'] . "', '$ank[id]', '" . ($user['sex'] ? 'проголосовал' : 'проголосовала') . " за Ваш профиль! Оценка [green]+5[/green]', '$time')");
}
$_SESSION['message'] = lang("Вы успешно проголосовали");
header("Location: /info.php?id=" . $ank['id'] . "");
exit;
}
}
$sql = mysql_query("SELECT * FROM `user_blacklist` WHERE `id_user` = '" . mysql_real_escape_string($ank['id']) . "' AND `id_ank` = '" . mysql_real_escape_string($user['id']) . "';");
if (mysql_num_rows($sql) != 0 AND $user['level'] < 3) {
echo "<div class='list-group-item list-group-item-info'>$ank[nick] $SexOgr " . lang('доступ к своей странице') . ".</div>";
require_once 'sys/inc/tfoot.php';
exit;
}
if (isset($_POST['password'])) {
$set_cook = $_POST['password'];
setcookie("passprofile" . $ank['id'] . "", $set_cook);
if (isset($_POST['password']) && $_POST['password'] == $ank['profile_password']) {
header("Location: ?id=" . $ank['id'] . "");
}
}
if ($ank['profile_access'] == 'only_me') {
if ($ank['id'] == $user['id'] && isset($user) || $user['level'] >= 3) {
} else {
echo "<table class='list-group-item'><tr><td class='icon14'>";
avatar($ank['id'], '60', 'border-radius: 2px;');
echo "</td><td class='null'>";
echo lang("Доступ к анкете") . " <b>$ank[nick]</b> " . lang('закрыт') . ".<br />";
$doc->Link('btn btn-primary btn-sm', "/user/mail/messageList.php?contact=$ank[id]", 'envelope', 'Сообщение');
if (isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '$user[id]' AND `friends` = '$ank[id]'"), 0) == 0) {
$doc->Link('btn btn-primary btn-sm', "/user/friends/add.php?id=$ank[id]", 'user-plus', 'Добавить в друзья');
} else {
$doc->Link('btn btn-primary btn-sm', "/user/friends/new.php?del=$ank[id]", 'user', 'Удалить из друзей');
}
echo "</td></tr></table>";
require_once H . 'sys/inc/tfoot.php';
exit();
}
} elseif ($ank['profile_access'] == 'friends') {
if ($ank['id'] == $user['id'] && isset($user) || $user['level'] >= 3 || $ank['id'] == $user['id'] && isset($user) || isset($umodd) || mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE (`user` = '" . $user['id'] . "' AND `friends` = '" . $ank['id'] . "') OR (`user` = '" . $ank['id'] . "' AND `friends` = '" . $user['id'] . "')"), 0) != 0) {
} else {
echo "<table class='list-group-item'><tr><td class='icon14'>";
avatar($ank['id'], '60', 'border-radius: 2px;');
echo "</td><td class='null'>";
echo lang("Доступ к анкете") . " <b>$ank[nick]</b> " . lang('открыт только для друзей пользователя') . ".<br />";
$doc->Link('btn btn-primary btn-sm', "/user/mail/messageList.php?contact=$ank[id]", 'envelope', 'Сообщение');
if (isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '$user[id]' AND `friends` = '$ank[id]'"), 0) == 0) {
$doc->Link('btn btn-primary btn-sm', "/user/friends/add.php?id=$ank[id]", 'user-plus', 'Добавить в друзья');
} else {
$doc->Link('btn btn-primary btn-sm', "/user/friends/new.php?del=$ank[id]", 'user', 'Удалить из друзей');
}
echo "</td></tr></table>";
require_once H . 'sys/inc/tfoot.php';
exit();
}
} elseif ($ank['profile_access'] == 'pass') {
if (isset($_COOKIE["passprofile$ank[id]"]) && $_COOKIE["passprofile$ank[id]"] == $ank['profile_password'] || $ank['id'] == $user['id'] && isset($user) || $user['level'] >= 3) {
} else {
if (isset($_POST['password']) && $_POST['password'] != $ank['profile_password']) {
$_SESSION['err'] = lang('Неверный пароль');
}
echo "<table class='list-group-item'><tr><td class='icon14'>";
avatar($ank['id'], '60', 'border-radius: 2px;');
echo "</td><td class='null'>";
echo "<form action='' method='post'>";
echo lang("Доступ к анкете") . " <b>$ank[nick]</b> " . lang('доступен только по паролю') . ":<br/>";
$doc->Input('password', 'Пароль', 100);
$doc->Button('btn btn-primary btn-sm', 'submited', null, 'Войти');
echo "</form><br />";
$doc->Link('btn btn-primary btn-sm', "/user/mail/messageList.php?contact=$ank[id]", 'envelope', 'Сообщение');
if (isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '$user[id]' AND `friends` = '$ank[id]'"), 0) == 0) {
$doc->Link('btn btn-primary btn-sm', "/user/friends/add.php?id=$ank[id]", 'user-plus', 'Добавить в друзья');
} else {
$doc->Link('btn btn-primary btn-sm', "/user/friends/new.php?del=$ank[id]", 'user', 'Удалить из друзей');
}
echo "</td></tr></table>";
require_once H . 'sys/inc/tfoot.php';
exit();
}
}
#Определение гостей
if (isset($user) && $user['id'] != $ank['id']) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `myguests` WHERE `id_ank` = '$ank[id]' AND `id_user`='$user[id]' LIMIT 5"), 0) == 0) {
mysql_query("INSERT INTO `myguests` (`id_ank`, `id_user`, `time`) VALUES ('$ank[id]', '$user[id]', '$time')");
} else {
$guest = mysql_fetch_array(mysql_query("SELECT * FROM `myguests` WHERE `id_ank` = '$ank[id]' AND `id_user`='$user[id]' LIMIT 5"));
mysql_query("UPDATE `myguests` SET `count` = '" . ($guest['count'] + 1) . "', `time`='$time' WHERE `id` = '$guest[id]' LIMIT 5");
}
}
echo "<div class='card-header'>";
echo "<span style='float:right;'>$ank[group_name]</span>";
echo user($ank['id']);
echo "</div>";
include_once(H . 'user/cover/inc/profileCover' . (IS_WEB ? 'Pc' : 'Mobile') . '.php');
echo "<div class='list-group-item'>";
echo "<div class='user__status user__status-message'>";
if (isset($user) && $user['id'] == $ank['id']) {
if (isset($_POST['save_status'])) {
if (isset($_POST['welcome']) && utf8_strlen($_POST['welcome']) <= 512) {
$name = mysql_real_escape_string(trim($_POST['welcome']));
$user['welcome'] = $_POST['welcome'];
mysql_query("UPDATE `user` SET `welcome` = '" . $name . "' WHERE `id` = '$user[id]' LIMIT 1");
} else {
$err[] = lang('Ошибка в статусе');
}
$_SESSION['message'] = lang('Изменения сохранены');
header("Location: ?" . SID);
}
echo "<div id='accordion' role='tablist' aria-multiselectable='true'>";
echo "<div role='tab' id='headingTwo'>";
echo "<span style='float: right;'><a class='collapsed' data-toggle='collapse' data-parent='#accordion' href='#status' aria-expanded='false' aria-controls='collapseTwo'><i class='fa fa-plus'></i></a></span>";
echo "</div>";
echo "<div id='status' class='panel-collapse collapse' role='tabpanel' aria-labelledby='status'>";
echo "<form method='post' action=''>n";
echo "<input name='welcome' length='150' type='text' value='$user[welcome]' class='form-control'><br />";
echo "<button name='save_status' class='btn btn-success btn-sm'><i class='fa fa-save fa-fw'></i> Сохранить</button>";
echo "</form><br />";
echo "</div>";
echo "</div>";
}
if ($ank['welcome'] != NULL) {
echo toOutput($ank['welcome']);
} else {
echo lang('Статус не заполнен');
}
echo "</div>";
echo "</div>";
if (isset($user) && $user['id'] != $ank['id'] && $user['money'] >= 1 && mysql_result(mysql_query("SELECT SUM(`rating`) FROM `user_voice2` WHERE `id_kont` != '" . $user['id'] . "'"), 0) >= 0) {
$my_r = intval(@mysql_result(mysql_query("SELECT `rating` FROM `user_voice2` WHERE `id_user` = '" . $user['id'] . "' AND `id_kont` = '" . $ank['id'] . "'"), 0));
echo "n";
if ($my_r > '0') {
echo "<div class='list-group-item'><center>";
if ($my_r == 1) {
echo "<a class='btn btn-secondary btn-sm'><i class='fa fa-star fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i></a>";
}
if ($my_r == 2) {
echo "<a class='btn btn-secondary btn-sm'><i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i></a>";
}
if ($my_r == 3) {
echo "<a class='btn btn-secondary btn-sm'><i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star-o fa-fw'></i> <i class='fa fa-star-o fa-fw'></i></a>";
}
if ($my_r == 4) {
echo "<a class='btn btn-secondary btn-sm'><i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star-o fa-fw'></i></a>";
}
if ($my_r == 5) {
echo "<a class='btn btn-secondary btn-sm'><i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i> <i class='fa fa-star fa-fw'></i></a>";
}
echo "</center></div>";
} else {
echo "<div class='list-group-item'><center>";
echo "<a class='btn btn-secondary btn-sm' href='/info.php?id=$ank[id]&rating=1' title='+1'><i class='fa fa-star-o fa-fw'></i></a> ";
echo "<a class='btn btn-secondary btn-sm' href='/info.php?id=$ank[id]&rating=2' title='+2'><i class='fa fa-star-o fa-fw'></i></a> ";
echo "<a class='btn btn-secondary btn-sm' href='/info.php?id=$ank[id]&rating=3' title='+3'><i class='fa fa-star-o fa-fw'></i></a> ";
echo "<a class='btn btn-secondary btn-sm' href='/info.php?id=$ank[id]&rating=4' title='+4'><i class='fa fa-star-o fa-fw'></i></a> ";
echo "<a class='btn btn-secondary btn-sm' href='/info.php?id=$ank[id]&rating=5' title='+5'><i class='fa fa-star-o fa-fw'></i></a> ";
echo "</center></div>";
}
}
if (isset($user) && $user['id'] != $ank['id']) {
#Отправить сообщение
$doc->Link('list-group-item list-group-item-warning', "/user/mail/messageList.php?contact=$ank[id]", 'envelope', 'Сообщение');
#Добавить в друзья
if (isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `friends` WHERE `user` = '$user[id]' AND `friends` = '$ank[id]'"), 0) == 0) {
$doc->Link('list-group-item list-group-item-warning', "/user/friends/add.php?id=$ank[id]", 'user-plus', 'Добавить в друзья');
} else {
$doc->Link('list-group-item list-group-item-warning', "/user/friends/new.php?del=$ank[id]", 'user', 'Убрать из друзей');
}
#Добавить в закладки
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `bookmark_user` WHERE `id_user` = '" . $user['id'] . "' AND `id_people` = '" . $ank['id'] . "' LIMIT 1"), 0) == 0) {
$doc->Link('list-group-item list-group-item-warning', "?id=$ank[id]&fav=1", 'bookmark-o', 'В закладки');
} else {
$doc->Link('list-group-item list-group-item-warning', "?id=$ank[id]&fav=0", 'bookmark', 'Убрать из закладок');
}
#Добавить в черный список
if (isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user_blacklist` WHERE `id_user` = '$user[id]' AND `id_ank` = '$ank[id]'"), 0) == 0) {
$doc->Link('list-group-item list-group-item-warning', "/user/blacklist/?add=$ank[id]", 'ban', 'Заблокировать');
}
if ($ank['id'] != $user['id']) {
$doc->Link('list-group-item list-group-item-warning', "/user/transfer/?id=$ank[id]", 'money', 'Перевести рублей');
}
if ($ank['id'] != $user['id']) {
$doc->Link('list-group-item list-group-item-warning', "/modules/gifts/?id=$ank[id]&do", 'gift', 'Отправить подарок');
}
}
$razdel = (isset($_GET['act'])) ? htmlspecialchars($_GET['act']) : null;
switch ($razdel) {
case 'wall':
echo "<div class='list-group-item'>";
echo "<ul class='nav nav-pills'>";
echo "<li class='nav-item'><a class='nav-link' href='/info.php?id=$ank[id]'>Профиль</a></li>";
echo "<li class='nav-item'><a class='nav-link active'>Стена</a></li>";
echo "</ul>";
echo "</div>";
require_once 'user/wall/index.php';
break;
default:
echo "<div class='list-group-item'>";
echo "<ul class='nav nav-pills'>";
echo "<li class='nav-item'><a class='nav-link active'>Профиль</a></li>";
echo "<li class='nav-item'><a class='nav-link' href='/info.php?id=$ank[id]&act=wall'>Стена</a></li>";
echo "</ul>";
echo "</div>";
require_once 'user/menu.php';
break;
}
require_once 'sys/inc/tfoot.php';