Файл: photos/handler/comm.php
Строк: 54
<?php
if (!empty($_POST['comm']))
{
// Антифлуд
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `photos_comm` WHERE `user_id` = '".$user_id."' AND `time` > '".(time()-5)."'"),0) == true) $flood = true;
$comm = check($_POST['comm']);
$comm = substr($comm, 0, 1000);
if (empty($comm)) $err = true;
if ($flood == false && $err == false && mysql_query("INSERT INTO `photos_comm` SET
`fid` = '".$arr_photo['id']."',
`user_id` = '".$user_id."',
`text` = '".$comm."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `photos_file` SET comm=comm+1 WHERE `id` = '".$arr_photo['id']."'");
if ($user_id != $arr_photo['user_id'])
{
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `notifications` WHERE `refid` = '".$arr_photo['id']."' AND `mod` = 'photo' AND `type` = 'comm' AND `for_id` = '".$arr_photo['user_id']."' LIMIT 1"),0) == true)
{
mysql_query("UPDATE `notifications` SET `from_id` = '".$user_id."', count=count+1, `time` = '".time()."', `new` = 1 WHERE `refid` = '".$arr_photo['id']."' AND `mod` = 'photo' AND `type` = 'comm' AND `for_id` = '".$arr_photo['user_id']."' LIMIT 1");
}
else
{
mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_photo['user_id']."',
`mod` = 'photo',
`type` = 'comm',
`refid` = '".$arr_photo['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
");
}
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_photo['user_id']."'");
}
}
}
else if (!empty($_POST['re_comm']) && !empty($_POST['re_id']) && is_numeric($_POST['re_id']))
{
// Антифлуд
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `photos_comm` WHERE `user_id` = '".$user_id."' AND `time` > '".(time()-5)."'"),0) == true) $flood = true;
$re_id = abs(intval($_POST['re_id']));
$comm = check($_POST['re_comm']);
$comm = substr($comm, 0, 1000);
if (empty($comm)) $err = true;
$res_arr_comm = mysql_query("SELECT * FROM `photos_comm` WHERE `id` = '".$re_id."' AND `fid` = '".$arr_photo['id']."' AND `user_id` != '".$user_id."' LIMIT 1");
if (mysql_num_rows($res_arr_comm) == true) $arr_comm = mysql_fetch_array(mysql_query("SELECT * FROM `photos_comm` WHERE `id` = '".$re_id."' LIMIT 1"));
else $err = true;
$quote = cut($arr_comm['text'],500);
if ($flood == false && $err == false && mysql_query("INSERT INTO `photos_comm` SET
`fid` = '".$arr_comm['fid']."',
`user_id` = '".$user_id."',
`text` = '".$comm."',
`quote` = '".$arr_comm['text']."',
`quote_id` = '".$arr_comm['user_id']."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `photos_file` SET comm=comm+1 WHERE `id` = '".$arr_photo['id']."'");
if ($user_id != $arr_photo['user_id'] && $arr_comm['user_id'] != $arr_photo['user_id'])
{
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `notifications` WHERE `refid` = '".$arr_photo['id']."' AND `mod` = 'photo' AND `type` = 'comm' AND `for_id` = '".$arr_photo['user_id']."' LIMIT 1"),0) == true)
{
mysql_query("UPDATE `notifications` SET `user_id` = '".$user_id."', count=count+1, `time` = '".time()."', `new` = 1 WHERE `refid` = '".$arr_photo['id']."' AND `mod` = 'photo' AND `type` = 'comm' AND `for_id` = '".$arr_photo['user_id']."' LIMIT 1");
}
else
{
mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_photo['user_id']."',
`mod` = 'photo',
`type` = 'comm',
`refid` = '".$arr_photo['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
");
}
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_photo['user_id']."'");
}
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_comm['user_id']."',
`mod` = 'photo',
`type` = 're_comm',
`refid` = '".$arr_photo['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true)
{
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_comm['user_id']."'");
}
}
}
?>