Файл: my/stena.php
Строк: 299
<?
define('ROOT','../');
define('GCMS',true);
require_once (ROOT.'system/power.php');
if($func->ignor($ya['id'],$id)==false and $nastr['stena']==1){
switch($mode){
case 'del_zp':
$func->aut();
if ($id != false) {
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$sid."' and `where`='stena' LIMIT 1");
if ($sql -> num_rows > 0) {
if(!isset($_GET['true'])){
$diz -> head('Удаление записи');
$diz -> title('Удаление записи');
echo '<div class="fon">Вы действительно желаете удалить эту запись и все комментарии?</div>';
echo '<div class="dialog">
<a class="dialog_m" href="?mode=del_zp&id='.$id.'&sid='.$sid.'&true">Да</a>
<a class="dialog_m" href="/post'.$sid.'">Нет</a>
</div>';
}else{
$ass = $sql -> fetch_assoc();
if ($ya['level']>4 or $ass['user']==$ya['id'] or $user['user']==$ya['id']) {
////
$count = $db -> dbcount('COUNT(`id`)','files',"`what`='dinamyc_stena".$sid."'");
if($count>0){
$file = $db -> query("SELECT `id`,`url` FROM `files` WHERE `what`='dinamyc_stena".$sid."'");
while ($f = $file -> fetch_assoc()) {
if(file_exists(ROOT.'downloads/other/'.$f['url']))unlink(ROOT.'downloads/other/'.$f['url']);
$db -> query("DELETE FROM `files` WHERE `id` = '".$f['id']."'");
}
}
///
$db -> query("DELETE FROM `comes` WHERE `idwh` = '".$sid."' and `where`='comes_stena' LIMIT 1");
$db -> query("DELETE FROM `comes` WHERE `id` = '".$sid."' and `where`='stena' LIMIT 1");
header('location: /id'.$id);
} else header('location: /id'.$id);
}
} else header('location: /id'.$id);
} else header('location: /id'.$id);
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
case 'write_us':
$diz -> head('Новая запись');
$diz -> title('Новая запись');
$func->aut();
$text = shit(emoji_to_text($_POST['text']));
$te = $db -> query("SELECT * FROM `users` WHERE `id` = '".$id."' LIMIT 1");
if($te->num_rows>0){
$user=$te->fetch_assoc();
if(($user['stenazap']==0)or($user['stenazap']==1 and $func->friends($user['id'],$ya['id'])==true)or($user['id']==$ya['id'])){
if (mb_strlen($func->delprobel($text)) < 1) {
header('location: /id'.$id.'');
}else{
$mtime = $db -> query("SELECT * FROM `comes` WHERE `user` = '".$ya['id']."' order by `time` DESC")->fetch_assoc();
if($mtime['time']+$nastr['floodkom']<=time()){
$db -> query("UPDATE `users` SET `balls` = balls+$nastr[bcoms] WHERE `id` = '".$ya['id']."'");
$db -> query("INSERT INTO `comes` SET `where`='stena', `user` = '".$ya['id']."', `idwh` = '".$id."',`text` = '".$text."',`time` = '".time()."'");
$fid = $db -> insert_id;
$_SESSION['textrea_text']=null;
///добавляем вложения,если есть
if($nastr['dinamyc_files']==1)$db -> query("Update `files` SET `what`='dinamyc_stena".$fid."' where `user`='".$ya['id']."' and `what`='dinamyc'");
///////////////////
if($id==$ya['id']){
$func->lenta($ya['id'],$text,2,'friends',1,"post$fid",$fid);
$func->lenta($ya['id'],$text,2,'user',0,null,$fid);
}else{
$func->lenta($id,$func->avatar($ya['id'],24,24).$func->ifsex($ya['id'],'оставил','оставила').' [gomy=post'.$fid.']новую запись[/gomy] на вашей стене',2,'user');
}
header('location: /id'.$id);
}else{
echo '<div class="fon">Следующий комментарий можно оставить через '.$nastr['floodkom'].' сек.</div>';
header('refresh: 3; url=/id'.$id.'');
}
}
}else header('Location: /id'.$id);
}else header('Location: /id'.$id);
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
////Комментарий
case 'write':
$diz -> head('Комментарий');
$diz -> title('Комментарий');
$func->aut();
if ($ya['balls']>=$nastr['obcom']) {
$text = shit(emoji_to_text($_POST['text']));
$te = $db -> query("SELECT * FROM `comes` WHERE `where`='stena' and `id` = '".$id."' LIMIT 1");
if($te->num_rows>0){
$zap=$te->fetch_assoc();
if(($zap['stenacom']==0)or($zap['stenacom']==1 and $func->friends($zap['id'],$ya['id'])==true)or($zap['id']==$ya['id'])){
if (mb_strlen($text) < 3) {
echo '<div class="fon">Короткий комментарий!</div>';
header('refresh: 3; url=/post'.$id.'');
}else{
$mtime = $db -> query("SELECT * FROM `comes` WHERE `user` = '".$ya['id']."' order by `time` DESC")->fetch_assoc();
if($mtime['time']+$nastr['floodkom']<=time()){
$db -> query("INSERT INTO `comes` SET `where`='comes_stena', `user` = '".$ya['id']."', `idwh` = '".$id."',`text` = '".$text."',`time` = '".time()."'");
if($ya['id']!=$zap['user']){
$db -> query("UPDATE `users` SET `balls` = balls+$nastr[bcoms] WHERE `id` = '".$ya['id']."'");
$func->lenta($zap['user'],''.$func->avatar($ya['id'],24,24).' '.$func->famname($ya['id']).' '.$func->ifsex($ya['id'],'прокоментировал','прокоментировала').' вашу запись.',1,'user',1,"post$id",$id);
}
header('location: '.ROOT.'post'.$id);
}else{
echo '<div class="fon">Следующий комментарий можно оставить через '.$nastr['floodkom'].' сек.</div>';
header('refresh: 3; url='.ROOT.'post'.$id.'');
}
}
}else header('Location: '.ROOT.'post'.$id);
}else header('Location: '.ROOT.'post'.$id);
}else{
echo '<div class="fon">Вам не доступна данная функция!</div>';
header('refresh: 3; url='.ROOT.'post'.$id.'');
}
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
case 'del':
$func->aut();
if ($id != false) {
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$sid."' and `where`='comes_stena' LIMIT 1");
if ($sql -> num_rows > 0) {
$ass = $sql -> fetch_assoc();
if ($ya['level']>4 or $ass['user']==$ya['id'] or $foto['user']==$ya['id']) {
$db -> query("DELETE FROM `comes` WHERE `id` = '".$sid."' and `where`='comes_stena' LIMIT 1");
header('location: /post'.$otv);
} else header('location: /post'.$otv);
} else header('location: ./');
} else header('location: ../');
break;
case 'users':
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$id."' and `where`='stena'");
if ($sql -> num_rows > 0) {
$z = $sql -> fetch_assoc();
$diz -> head($func->famname($z['user'],0));
$diz -> title('Запись '.$func->famname($z['user'],0));
$count = $db -> dbcount('COUNT(`id`)','nuts',"`idwh` = '".$id."' and `where`='comes'");
if($count>0){
////------------------/////
$num = isset($ya['num']) ? $ya['num'] : 10;
$total = intval(($count - 1) / $num) + 1;
if (!isset($_GET['page']) || !is_numeric($_GET['page']) || $_GET['page'] < 1 )
{
$page = 1;
} elseif($_GET['page'] > $total)
{ $page = $total;
} else $page = intval(abs($_GET['page']));
$start = $page * $num - $num;
////------------------/////
$for = $db -> query("SELECT * FROM `comes` where `idwh` = '".$id."' and `where`='comes_stena' order by `time` DESC LIMIT ".$start.",".$num);
while ($assoc = $for -> fetch_assoc()) {
$dop = null;
if ($ya['level'] > 1 or $assoc['user']==$ya['id']) {
$dop = '<a href="/my/stena.php?id='.$assoc['user'].'&sid='.$assoc['id'].'&otv='.$z['id'].'&mode=del&page='.$page.'">[Удалить]</a>';
}
echo '<div class="fon">
<table><tr valign="top"><td>'.$func->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($assoc['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$assoc['time'])).'</span></br>
'.$func -> tags(text_to_emoji($assoc['text'])).'<br/>'.$dop.'</td>
</tr></table></div>';
}
}else echo '<div class="fon">Нет положительных отзывов.</div>';
}else{
$diz -> head('Ошибка');
$diz -> title('Ошибка');
echo '<div class="fon">Запись не найдена или была удалена.</div>';
}
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
case 'post':
$sql = $db -> query("SELECT * FROM `comes` WHERE `id` = '".$id."' and `where`='stena'");
if ($sql -> num_rows > 0) {
$z = $sql -> fetch_assoc();
$diz -> head($func->famname($z['user'],0));
$diz -> title('Запись '.$func->famname($z['user'],0));
echo '<div class="fon">
<table><tr valign="top"><td>'.$func->avatar($z['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($z['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$z['time'])).'</span><br/><br/>
'.$func -> tags(text_to_emoji($z['text'])).'<br/>';
///////////
$count_dinamyc = $db -> dbcount('COUNT(`id`)','files',"`user` = '".$z['user']."' and `what`='dinamyc_stena".$z['id']."'");
if($count_dinamyc>0){
$for4 = $db -> query("SELECT `id`,`name`,`url`,`format` FROM `files` where `user`='".$z['user']."' and `what`='dinamyc_stena".$z['id']."' order by `time`,`format` desc");
while ($ass = $for4 -> fetch_assoc()) {
if($ass['format']=='mp3')echo '<span class="date">'.$ass['name'].'</span>'.$func->player(ROOT.'downloads/other/'.$ass['url'],3).'<br/>';
if($ass['format']!='mp3'){
if(file_exists(ROOT.'downloads/other/'.$ass['url']))$photo_url=ROOT.'downloads/other/'.$ass['url']; else $photo_url=ROOT.'downloads/foto/'.$ass['url'];
echo '<a href="'.$photo_url.'">
<img style="padding:5px;" src="/system/resize.php?img='.$photo_url.'&width=124&height=124&i=0"/></a><br/>';
}}}
///////////////
echo '</td></tr></table></div>';
echo '<div class="zap">';
echo '<a class="zap_b" href="'.ROOT.'id'.$z['idwh'].'">'.$func->avatar($z['idwh'],18,18,1).' '.$func->famname($z['idwh'],0).'</a>';
if ($ya['level'] > 1 or $z['user']==$ya['id'])echo'<a class="zap_b" href="/my/stena.php?id='.$z['idwh'].'&sid='.$id.'&mode=del_zp&page='.$page.'">Удалить</a>';
$like = $db -> dbcount('COUNT(`id`)','reit',"`where`='comes' and `komy`='".$id."'");
if($like>0)$like=$like=$func->kol($like); else $like=null;
echo'<a class="zap_b" href="'.ROOT.'like.php?id='.$id.'&sid='.$ya['id'].'&mode=comes&do=stena">'.$diz -> img('like.png').' '.$like.'</a></div>';
$count = $db -> dbcount('COUNT(`id`)','comes',"`idwh` = '".$id."' and `where`='comes_stena'");
if($count>0){
////------------------/////
$num = isset($ya['num']) ? $ya['num'] : 10;
$total = intval(($count - 1) / $num) + 1;
if (!isset($_GET['page']) || !is_numeric($_GET['page']) || $_GET['page'] < 1 )
{
$page = 1;
} elseif($_GET['page'] > $total)
{ $page = $total;
} else $page = intval(abs($_GET['page']));
$start = $page * $num - $num;
////------------------/////
$for = $db -> query("SELECT * FROM `comes` where `idwh` = '".$id."' and `where`='comes_stena' order by `time` DESC LIMIT ".$start.",".$num);
while ($assoc = $for -> fetch_assoc()) {
$dop = null;
if ($ya['level'] > 1 or $assoc['user']==$ya['id']) {
$dop = '<a href="/my/stena.php?id='.$assoc['user'].'&sid='.$assoc['id'].'&otv='.$z['id'].'&mode=del&page='.$page.'">[Удалить]</a>';
}
echo '<div class="fon">
<table><tr valign="top"><td>'.$func->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($assoc['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$assoc['time'])).'</span></br>
'.$func -> tags(text_to_emoji($assoc['text'])).'<br/>'.$dop.'</td>
</tr></table></div>';
}
$act = ROOT.'my/stena.php?mode=post&id='.$id;
echo $func -> pagenav($act,$page,$total);
}else echo '<div class="fon">Комментариев пока нет.</div>';
if ($aut == true) {
$zap = $db -> query("SELECT * FROM `users` WHERE `id` = '".$z['idwh']."'")-> fetch_assoc();
if(($zap['stenacom']==0)or($zap['stenacom']==1 and $func->friends($zap['id'],$ya['id'])==true)or($zap['id']==$ya['id'])){
echo '<div class="fon"/><form action="'.ROOT.'my/stena.php?id='.$id.'&mode=write&page='.$page.'" method="post">
<hr>Комментарий:<br/>
<textarea name="text" rows="3" cols="15"></textarea><br/>
<input type="submit" value="Написать!"/></form></div>';
}
}
}else{
$diz -> head('Ошибка');
$diz -> title('Ошибка');
echo '<div class="fon">Запись не найдена или была удалена.</div>';
}
echo '<div class="levo"><a href="'.ROOT.'index.php" class="levo_tuch">'.$diz -> img('home.png').' На главную</a></div>';
#####Копирайт#######
$diz -> out($msg);
break;
///////
default:
$sql = $db -> query("SELECT * FROM `users` WHERE `id` = '".$id."' LIMIT 1");
if ($sql -> num_rows > 0) {
/////////
$num = isset($ya['num']) ? $ya['num'] : 10;
////------------------/////
$for = $db -> query("SELECT * FROM `comes` where `idwh` = '".$id."' and `where`='stena' order by `time` DESC LIMIT ".$sid.",".$num);
if($for->num_rows>0){
while ($assoc = $for -> fetch_assoc()) {
echo '<div class="fon"><table><tr valign="top"><td>'.$func->avatar($assoc['user']).'</td>
<td style="padding-left:5px;">'.$func->famname($assoc['user']).' <span class= "date">'.$func -> times(date('d m Y в H:i',$assoc['time'])).'</span><br/><br/>
'.$func -> tags(text_to_emoji($assoc['text'])).'<br/>';
?>
<script src="/media/settings.js"></script>
<?
///////////
$count_dinamyc = $db -> dbcount('COUNT(`id`)','files',"`user` = '".$id."' and `what`='dinamyc_stena".$assoc['id']."'");
if($count_dinamyc>0){
$for4 = $db -> query("SELECT `id`,`name`,`url`,`format` FROM `files` where `user`='".$id."' and `what`='dinamyc_stena".$assoc['id']."' order by `time`,`format` desc");
while ($ass = $for4 -> fetch_assoc()) {
if($ass['format']=='mp3')echo '<span class="date">'.$ass['name'].'</span>'.$func->player(ROOT.'downloads/other/'.$ass['url'],3).'<br/>';
if($ass['format']!='mp3'){
if(file_exists(ROOT.'downloads/other/'.$ass['url']))$photo_url=ROOT.'downloads/other/'.$ass['url']; else $photo_url=ROOT.'downloads/foto/'.$ass['url'];
echo '<a href="'.$photo_url.'">
<img style="padding:5px;" src="/system/resize.php?img='.$photo_url.'&width=124&height=124&i=0"/></a><br/>';
}}}
///////////////
echo '</td></tr></table></div>';
echo '<div class="zap">
<a class="zap_b" href="'.ROOT.'post'.$assoc['id'].'">'.$diz -> img('guest.png').'</a>';
if ($ya['level'] > 1 or $assoc['user']==$ya['id'])echo'<a class="zap_b" href="/my/stena.php?id='.$id.'&sid='.$assoc['id'].'&mode=del&page='.$page.'">Удалить</a>';
$like = $db -> dbcount('COUNT(`id`)','reit',"`where`='comes' and `komy`='".$assoc['id']."'");
if($like>0)$like=$like; else $like=null;
echo'<a onclick="like_ok(like'.$assoc['id'].');" id="like'.$assoc['id'].'" data-id="'.$assoc['id'].'" data-ya="'.$ya['id'].'" data-mode="comes" class="zap_b">'.$diz -> img('like.png').' <span class="count_like">'.$like.'</span></a></div></div>';
}
}
}
}
} else header('location: '.ROOT.'id'.$id);
?>