Файл: sys/inc/classes/class.Photos.php
Строк: 101
<?php
class Photos
{
public $access = array(
0 => 'Все',
1 => 'Мои друзья',
2 => 'Только я',
3 => 'Только по паролю',
);
private $pach_icon = '/style/icons/';
public function icon($uid = 0)
{
$array = array(
0 => 'folder.gif',
1 => 'folder_user.gif',
2 => 'folder_locked.gif',
3 => 'folder_password.gif',
);
return $this->pach_icon.$array[$uid];
}
public function delete_albums($uid, $type = 'album')
{
global $user;
if ($type == 'album') {
$gallery = mysql_fetch_assoc(mysql_query("SELECT *
FROM gallery AS pg
WHERE pg.id = '$uid' LIMIT 1"));
if (user_access('foto_alb_del') || $gallery['id_user'] == $user['id']) {
$q = mysql_query("SELECT * FROM gallery_foto WHERE id_gallery = " . $uid);
while($post = mysql_fetch_assoc($q)) {
$this->delete_photos($post['id'], 'photo');
}
if ($gallery['id_user'] != $user['id']) {
admin_log('Фотогалерея', 'Фотографии', 'Удаление фотоальбома пользователя [url=/id' . $ank['id'] . ']' . $ank['nick'] . '[/url]');
}
mysql_query("DELETE FROM gallery WHERE id = " . $uid);
return true;
}
}
return false;
}
public function delete_photos($uid, $type = 'photo')
{
global $user;
if ($type == 'photo') {
$photo = mysql_fetch_assoc(mysql_query("SELECT ph.*
FROM gallery_foto AS ph
WHERE ph.id = '$uid' LIMIT 1"));
if (user_access('foto_foto_edit') || $photo['id_user'] == $user['id']) {
mysql_query("DELETE FROM gallery_rating WHERE id_foto = " . $uid);
mysql_query("DELETE FROM gallery_komm WHERE id_foto = " . $uid);
mysql_query("DELETE FROM gallery_foto WHERE id = " . $uid);
mysql_query("DELETE FROM mark_foto WHERE id_foto = " . $uid);
@unlink(H.'sys/gallery/foto/'.$uid.'.jpg');
return true;
}
}
return false;
}
public function delete_comments($uid, $type = 'comment')
{
global $user;
if ($type == 'comment') {
$comment = mysql_fetch_assoc(mysql_query("SELECT pk.id, pg.id_user AS 'author', pu.group_access
FROM gallery_komm AS pk
LEFT JOIN gallery_foto AS ph ON pk.id_foto = ph.id
LEFT JOIN gallery AS pg ON ph.id_gallery = pg.id
LEFT JOIN user AS pu ON pk.id_user = pu.id
WHERE pk.id = '$uid' LIMIT 1"));
if (user_access('foto_komm_del') || $comment['author'] == $user['id']) {
mysql_query("DELETE FROM gallery_komm WHERE id = " . $uid);
$_SESSION['message'] = 'Комментарий успешно удален';
return true;
}
}
return false;
}
/**
* Рассылка обсуждений друзьям и автору
* @param undefined $user_id
* @param undefined $author_id
* @param undefined $photo_id
*/
public function get_disc($user_id, $author_id, $photo_id, $albums_id)
{
$time = time();
// Друзьям
$q = mysql_query("SELECT f.frend AS id, f.disc_foto AS 'set_user', d.disc_foto AS 'set'
FROM frends AS f
LEFT JOIN discussions_set AS d ON d.id_user = f.frend
WHERE f.user = '$author_id' AND f.i = '1'");
while ($ank = mysql_fetch_assoc($q))
{
if ($ank['id'] == $user_id || $ank['id'] == $author_id || !$this->is_access($albums_id, $ank['id'])) {
continue;
}
if ($ank['set'] == 1 && $ank['set_user'] == 1)
{
$count = mysql_result(mysql_query("SELECT COUNT(*)
FROM `discussions`
WHERE `id_user` = '$ank[id]' AND `type` = 'foto' AND `id_sim` = '$photo_id'"), 0);
if ($count == 0)
{
mysql_query("INSERT INTO `discussions` (`id_user`, `avtor`, `type`, `time`, `id_sim`, `count`)
VALUES('$ank[id]', '$author_id', 'foto', '$time', '$photo_id', '1')");
} else {
mysql_query("UPDATE discussions
SET `count` = `count` + '1', `time` = '$time'
WHERE `id_user` = '$ank[id]' AND `type` = 'foto' AND `id_sim` = '$photo_id' LIMIT 1");
}
}
}
if ($user_id == $author_id) {
return true;
}
$author = mysql_fetch_assoc(mysql_query("
SELECT d.count, d.id
FROM discussions AS d
WHERE d.id_user = '$author_id' AND d.type = 'foto' AND d.id_sim = '$photo_id'"));
if (!$author['id'])
{
mysql_query("INSERT INTO `discussions` (`id_user`, `avtor`, `type`, `time`, `id_sim`, `count`)
VALUES('$author_id', '$author_id', 'foto', '$time', '$photo_id', '1')");
} else {
mysql_query("UPDATE `discussions`
SET `count` = `count` + '1', `time` = '$time'
WHERE `id_user` = '$author_id' AND `type` = 'foto' AND `id_sim` = '$photo_id'
LIMIT 1");
}
}
/**
* Рассылка в ленту друзьям
* @param $user_id
* @param $photo_id
*/
public function get_tape($user_id, $object_id, $type = 'album')
{
$time = time();
$q = mysql_query("SELECT f.frend AS id, f.lenta_foto AS set_user, t.lenta_foto AS 'set'
FROM frends AS f
LEFT JOIN tape_set AS t ON t.id_user = f.frend
WHERE f.user = '$user_id' AND f.i = '1'");
mysql_query("UPDATE `tape` SET `count` = '0' WHERE `type` = '$type' AND `read` = '1' AND `id_file` = '$object_id'");
while ($ank = mysql_fetch_array($q))
{
if ($ank['set'] != 1 || $ank['set_user'] != 1 || !$this->is_access($object_id, $ank['id'])) {
continue;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `tape`
WHERE `id_user` = '$ank[id]' AND `type` = '$type' AND `id_file` = '$object_id' LIMIT 1"), 0) == 0)
{
mysql_query("INSERT INTO `tape` (`id_user`, `avtor`, `type`, `time`, `id_file`, `count`) values('$ank[id]', '$user_id', '$type', '$time', '$object_id', '1')");
} else {
$tape = mysql_fetch_array(mysql_query("SELECT * FROM `tape` WHERE `type` = '$type' AND `id_file` = '$object_id'"));
mysql_query("UPDATE `tape` SET `count` = `count` + '1', `read` = '0', `time` = '$time'
WHERE `id_user` = '$ank[id]' AND `type` = '$type' AND `id_file` = '$object_id' LIMIT 1");
}
}
}
public function is_access($a = 0, $u = 0)
{
$cache = new Cache(600);
$cacheLv = 'albums_access.'.$u.'.'.$a;
if ($cache->read($cacheLv) == 1) {
return true;
}
$albums = mysql_fetch_assoc(mysql_query("
SELECT pg.*, pu.group_access, pu.level, ps.privat_str,
IF (pf.user, 1, 0) AS frends
FROM gallery AS pg
LEFT JOIN user AS pu ON pu.id = pg.id_user
LEFT JOIN user_set AS ps ON ps.id_user = pg.id_user
LEFT JOIN frends AS pf ON (pf.user = '$u' AND pf.frend = pg.id_user) OR (pf.user = pg.id_user AND pf.frend = '$u')
WHERE pg.id = '$a'
"));
$access = true;
$pwd = (isset($_SESSION['pass']) ? $_SESSION['pass'] : 0);
if ($u != $albums['id_user']) {
if ($albums['privat_str'] == 0 || (($albums['privat_str'] == 2 || $albums['privat'] == 1) && !$albums['frends']) || $albums['privat'] == 2) {
$access = false;
}
if ($albums['privat'] == 3) {
if ($pwd != $albums['pass']) {
$access = false;
}
}
if ($u && $access == false) {
$user = mysql_fetch_assoc(mysql_query("SELECT * FROM user WHERE id = '$u' LIMIT 1"));
if ($user['group_access'] > $albums['group_access']) {
$access = true;
}
}
}
if ($access)
$access = $cache->write($cacheLv, 1);
return $access;
}
}