Файл: photos/like.php
Строк: 40
<?php
require_once '../incfiles/core.php';
require_once '../incfiles/func.php';
require_once '../incfiles/auth.php';
require_once '../incfiles/user.php';
if (empty($user_id)) {go(URL.'/');}
if (!empty($_GET['id']) && is_numeric($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(`id`) FROM `photos_file` WHERE `id` = '".abs(intval($_GET['id']))."'"),0) == true)
{
$id = abs(intval($_GET['id']));
$arr = mysql_fetch_array(mysql_query("SELECT `id`, `user_id`, `ulike`, `clike` FROM `photos_file` WHERE `id` = '".$id."' LIMIT 1"));
$arr_user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '".$arr['user_id']."' LIMIT 1"));
if ($arr_user['ban'] == 1) exit;
if (!in_array($user_id, explode("||", substr($arr['ulike'], 1, -1))))
{
if ($user_id == $arr['user_id']) {exit;}
if (!empty($arr['ulike'])) $new_like = '|'.$user_id.'|'.$arr['ulike']; else $new_like = '|'.$user_id.'|';
if (mysql_query("UPDATE `photos_file` SET
`ulike` = '".$new_like."',
`clike` = '".($arr['clike']+1)."'
WHERE `id` = '".$id."' LIMIT 1") == true)
{
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr['user_id']."',
`mod` = 'photo',
`type` = 'like',
`refid` = '".$id."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true) mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr['user_id']."'");
echo '<a href="'.URL.'/photos/like.php?id='.$id.'" onclick="Like.Go(this.href,'.$id.'); return false"><img class="ico" src="'.URL.'/design/img/like_ok.png"/>'.lang('Мне нравиться','Мені подобається').' <b>'.($arr['clike']+1).'</b></a>';
}
}
else
{
$del_ulike = str_replace("|".$user_id."|", "", $arr['ulike']);
if (mysql_query("UPDATE `photos_file` SET
`ulike` = '".$del_ulike."',
`clike` = '".($arr['clike']-1)."'
WHERE `id` = '".$id."' LIMIT 1") == true)
{
echo '<a href="'.URL.'/photos/like.php?id='.$id.'" onclick="Like.Go(this.href,'.$id.'); return false"><img class="ico" src="'.URL.'/design/img/like.png"/>'.lang('Мне нравиться','Мені подобається').' <b>'.($arr['clike']-1).'</b></a>';
}
}
}
if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) or strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') {go(URL.'/photos/?fid='.$id.'');}
?>