Файл: foto/index.php
Строк: 76
<?php
include_once $_SERVER['DOCUMENT_ROOT'].'/sys/inc/home.php';
include_once H.'sys/inc/start.php';
include_once H.'sys/inc/compress.php';
include_once H.'sys/inc/sess.php';
include_once H.'sys/inc/settings.php';
include_once H.'sys/inc/db_connect.php';
include_once H.'sys/inc/ipua.php';
include_once H.'sys/inc/fnc.php';
include_once H.'sys/inc/user.php';
$ph = new Photos();
$user_id = (isset($user) ? $user['id'] : -1);
$func = 'albums.all';
if (isset($_GET['func']) && is_file('func/' . $_GET['func'] . '.php')) {
$func = $_GET['func'];
}
if (isset($_GET['id_user'])) {
$ank_id = (int) $_GET['id_user'];
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM user WHERE id = '$ank_id' LIMIT 1"));
if (!isset($ank['id'])) {
$func = 'access.denied';
$msg[] = 'Пользователь с ID ' . $ank_id . ' не существует';
}
}
if (isset($_GET['id_gallery'])) {
$gallery_id = (int) $_GET['id_gallery'];
$gallery = mysql_fetch_assoc(mysql_query("
SELECT pg.*, pu.group_access, pu.nick, pu.level, ps.privat_str, IF (pf.user, 1, 0) AS frends
FROM gallery AS pg
JOIN user AS pu ON pu.id = pg.id_user
LEFT JOIN user_set AS ps ON ps.id_user = pg.id_user
LEFT JOIN frends AS pf ON (pf.user = '$user_id' AND pf.frend = pg.id_user) OR (pf.user = pg.id_user AND pf.frend = '$user_id')
WHERE pg.id = '$gallery_id'
"));
if ($ph->is_access($gallery_id, $user_id) == false) {
$func = 'access.denied';
}
if (!$gallery) {
$func = 'access.denied';
$msg[] = 'Фотоальбом под номером #' . $gallery_id . ' не существует';
}
}
if (isset($_GET['id_photo'])) {
$photo_id = (int) $_GET['id_photo'];
$photo = mysql_fetch_assoc(mysql_query("
SELECT ph.*, pg.privat, pg.pass, pg.id_user, pu.group_access, pu.level, pu.nick, ps.privat_str, IF (pf.user, 1, 0) AS frends
FROM gallery_foto AS ph
JOIN gallery AS pg ON ph.id_gallery = pg.id
JOIN user AS pu ON pu.id = pg.id_user
LEFT JOIN user_set AS ps ON ps.id_user = pg.id_user
LEFT JOIN frends AS pf ON (pf.user = '$user_id' AND pf.frend = pg.id_user) OR (pf.user = pg.id_user AND pf.frend = '$user_id')
WHERE ph.id = '$photo_id'
"));
if (!$photo) {
$func = 'access.denied';
$msg[] = 'Фотография под номером #' . $photo_id . ' не существует';
}
elseif ($photo['metka'] == 1 && ((isset($user) && $user['abuld'] == 1 && $user['group_access'] <= 1 && $ank['id'] != $user['id']) || !isset($user))) {
$func = 'access.denied';
$msg[] = '<img src="/style/icons/small_adult.gif" alt="*"><br />
Данный файл содержит изображения эротического характера.' .
(isset($user) ? 'Если Вас это не смущает и Вам 18 или более лет, то можете
<a href="?sess_abuld=1">продолжить просмотр</a>.
Или Вы можете отключить предупреждения в
<a href="/user/info/settings.php">настройках</a>.' :
'Только зарегистрированные пользователи старше 18 лет могут просматривать такие файлы.
<br /><a href="/aut.php">Вход</a> | <a href="/reg.php">Регистрация</a>');
}
}
require 'func/' . $func . '.php';
include_once H.'sys/inc/tfoot.php';