Файл: 4mast/profmas.ru/pages/shop/incfiles/file.php
Строк: 89
<?php
define('ROOT', $_SERVER['DOCUMENT_ROOT'].'/');
require_once(ROOT.'includes/Headers.php');
require_once(ROOT.'includes/PDO_func.php');
$id = isset($_GET['id']) ? abs((int)$_GET['id']) : false;
if (empty($id) || $us == false) {
header ('location: /');
exit;
}
$query = DB :: $dbs -> query ("SELECT * FROM `magazin_file` WHERE `id`= ?", [$id]);
if ($query -> rowCount () == 0) {
header ('location: /');
exit;
}
$file = $query -> fetch ();
H('Товар ' . $file['name'], '<a href="/pages/shop/dir/'.$file['id_pr'].'" style="color:white;">Магазин</a> | Товар ' . $file['name']);
if (isset($_GET['corz'])) {
if (DB::$dbs->querySingle("SELECT count(id) FROM magazin_korz WHERE file = ? AND user_id = ?", [$id,$us['id']]) == 0) {
DB::$dbs->query("INSERT INTO magazin_korz SET file = ?, user_id = ?, time = ?", [$id,$us['id'],time()]);
echo '<div class="access"><b>Товар добавлен в вашу корзину!</b></div>';
}
}
$array = DB::$dbs->query("SELECT * FROM magazin_screen WHERE file = ? ORDER BY id DESC", [$id]);
if ($array->rowCount()>0) {
echo '<div class="lst"><center>';
while($arr = $array->fetch()){
echo '<a href="/files/mag_screen/'.$arr['screen'].'"><img src="/files/mag_screen/'.$arr['screen'].'" alt="*" width="80"/></a> ';
}
echo '<center></div>';
}
echo '<div class="block"><b><img src="/images/name.png" hight="18" width="18"/> Название</b>: '.tag($file['name']).'</div>';
echo '<div class="block"><b><img src="/images/user.png" hight="18" width="18"/> Добавил: '.Nick($file['user_id']).' </b> ('.datef($file['time']).')</div>';
echo '<div class="ass"><div class="news">Описание: '.tag($file['opis']).'</div></div>';
echo '<div class="block"><b><img src="/images/zips.png" hight="18" width="18"/> Вес файла:</b> '.sizef(filesize(ROOT.'files/mag_file/'.$file['file'])).'</div>';
echo '<div class="block"><img src="/images/buys.png" hight="18" width="18"/> Стоимость: <b>'.$file['price'].' р.</b> / продает '.($file['kopii'] !=0 ? $file['kopii'] : 'Неограниченно').' ('.$file['prodano'].' купили)</div>';
echo '<div class="block"><img src="/images/cog.png" hight="18" width="18"/> <b>'.($file['prava'] == 1 ? 'С правами на перепродажу':'Без прав на перепродажу').'</b></div>';
echo '<div class="block"> <img src="/images/001_46.png" hight="18" width="18"/> Добавили в корзину: '.DB::$dbs->querySingle("SELECT COUNT(id) FROM magazin_korz WHERE file = ?", [$id]).'';
if (DB::$dbs->querySingle("SELECT count(id) FROM magazin_korz WHERE file = ? AND user_id = ?", [$id,$us['id']]) == 0) {
echo '<a href="/pages/shop/file/'.$id.'?corz"> [Добавить]</a>';
}
echo '</div>';
if ($file['user_id'] != $us['id']) {
echo'<div class="news"><center> ';
if(DB::$dbs->querySingle("SELECT count(id) FROM `magazin_mybuy` WHERE `user_id` = ? AND `file` = ?", [$us['id'],$id]) >0) {
echo '<a href="/pages/shop/buy/load/'.$id.'"class="headbut"><b>[Скачать '.tag($file['name']).']</b></a></div>';
} else {
if ($file['kopii']==0) {
echo '<a href="/pages/shop/buy/'.$file['id'].'"class="headbut">Купить '.tag($file['name']).'</a><br/>';
} elseif($file['kopii']>$file['prodano']) {
echo '<a href="/pages/shop/buy/'.$file['id'].'"class="headbut">Купить '.tag($file['name']).'</a><br/>';
}
echo'</center></div>';
}
if ($file['kopii'] != 0 && $file['kopii']<=$file['prodano']) {
echo '<div class="error">Все копии данного товара проданы!</div>';
}
}
if ($us['level']>3){ echo '<a href="/pages/shop/zip/'.$file['id'].'" class="block"><img src="/images/support.png" hight="18" width="18"/> Просмотр архива</a></div>';}
$wm = DB::$dbs->query("SELECT * FROM `billing_wm` WHERE `id_us`=?", array ($file['user_id']))->fetch();
if ($wm['wmid'] == NULL) {
echo '<div class="error">WMID не заполнен! Не рекомендуем проводить денежные операции! </div>';
} else {
echo '<div class="ass"><div class="news">»WMID: <a href="https://passport.webmoney.ru/asp/certView.asp?wmid='.$wm['wmid'].'">'.$wm['wmid'].' </a> [<b>'.($wm['type']==0?'<font color="red">Не подтвержден</font>':'<font color="green">Подтвержден</font>').'</b>]<br/>» BL <img src="http://stats.wmtransfer.com/Levels/pWMIDLevel.aspx?wmid='.$wm['wmid'].'&w=35&h=18&bg=0XFFFFFF" /><br/>» Претензии/Отзывы: <img src="http://arbitrage.webmoney.ru/xml/AL.aspx?wmid='.$wm['wmid'].'" /><br/>» WMR: <a href="http://search.wmtransfer.com/?w=w&q=R'.$wm['wmr'].'">'.$wm['wmr'].'</a></div></div>';
}
if ($file['user_id']==$us['id']) {
echo '<div class="menu2">Действие с товаром</div>
<a href="/pages/shop/whobuy/'.$id.'"class="block"><img src="'.$img.'" alt="*"/> Покупатели</a></div>
<a href="/pages/shop/screen/'.$id.'"class="block"><img src="'.$img.'" alt="*"/> Параметры скриншотов</a></div>
<a href="/pages/shop/refile/'.$id.'"class="block"><img src="'.$img.'" alt="*"/> Параметры файла</a></div>';
}
echo '<div class="menu2">Обсуждение товара</div>';
if (isset($_GET['delkom'])) {
if ($us['level'] < 3){
header('Location: /');
die();
}
DB::$dbs->query("DELETE FROM magazin_komm WHERE id = ?", [abs((int)$_GET['delkom'])]);
header('location: /pages/shop/file/'.$id);
die();
}
if (isset($_POST['ok'])) {
$msg = htmlspecialchars(trim($_POST['msg']));
if (DB::$dbs->querySingle("SELECT count(id) FROM `magazin_komm` WHERE `text` =? AND `user_id` = ?", [$msg,$us['id']]) > 0) {
$err = 'Вы это уже писали!!!';
} elseif (empty($msg)) {
$err = 'Введите комментарий';
}
if (empty($err)) {
DB::$dbs->query("INSERT INTO magazin_komm SET file = ?, text = ?, time = ?, user_id = ?", [$id,$msg,time(),$us['id']]);
}
else {
echo '<div class="error">'.$err.'<br/></div>';
}
}
if (isset($_GET['otv'])) {
$otv = abs(intval($_GET['otv']));
$u = DB::$dbs->queryFetch("SELECT * FROM us WHERE id = ? LIMIT 1", [$otv]);
if (empty($u['id']) && $u['id']==$us['id']){
header('location:?');
}
$st = $u['nick'].', ';
} else {
$st = '';
}
echo '<div class="lst"><form action="/pages/shop/file/'.$id.'" method="POST">Комментарий к товару:<br/><textarea name="msg">'.$st.'</textarea><br/><input type="submit" name="ok" value="Добавить"/></form></div>';
$total = DB::$dbs->querySingle("SELECT COUNT(id) FROM `magazin_komm` WHERE `file` = ?", [$id]);
if ($total==0) {
echo '<div class="error">Комментариев нет!</div>';
} else {
$items_per_page = 10;
$pages = ceil($total/$items_per_page);
$page = (int)$_GET['page'];
if ($page < 1) $page = 1;
if ($page > $pages)
$page = $pages;
$start = $page * $items_per_page - $items_per_page;
$array = DB::$dbs->query("SELECT * FROM `magazin_komm` WHERE `file` = ? ORDER BY `time` DESC LIMIT $start, $items_per_page", [$id]);
while($arr = $array -> fetch()) {
$del = ($us['level']>=3 ? '[<a href="/pages/shop/file/'.$id.'?delkom='.$arr['id'].'">X</a>] ':NULL);
echo '<div class="lst">'.$del . Nick($arr['user_id']).' ('.datef($arr['time']).']<br/>'.tag($arr['text']) . (($arr['user_id'] != $us['id']) ? '<br/>[<a href="/pages/shop/file/'.$id.'?otv='.$arr['user_id'].'">отв</a>]':NULL).' </div>';
}
echo ''.page('/pages/shop/file/'.$id.'?').'';
}
require_once(ROOT.'includes/Footers.php');
?>