Файл: avatars/handler/comm.php
Строк: 40
<?php
if (!empty($_POST['comm']))
{
$comm = check($_POST['comm']);
$comm = substr($comm, 0, 1000);
if (empty($comm)) $err = true;
if ($err == false && mysql_query("INSERT INTO `avatars_comm` SET
`fid` = '".$arr_ava['id']."',
`user_id` = '".$user_id."',
`text` = '".$comm."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `avatars` SET comm=comm+1 WHERE `id` = '".$arr_ava['id']."'");
if ($user_id != $arr_ava['user_id'])
{
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_ava['user_id']."',
`mod` = 'avatar',
`type` = 'comm',
`refid` = '".$arr_ava['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true) mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_ava['user_id']."'");
}
}
}
else if (!empty($_POST['re_comm']) && !empty($_POST['re_id']) && is_numeric($_POST['re_id']))
{
$re_id = abs(intval($_POST['re_id']));
$comm = check($_POST['re_comm']);
$comm = substr($comm, 0, 1000);
if (empty($comm)) $err = true;
$res_arr_comm = mysql_query("SELECT * FROM `avatars_comm` WHERE `id` = '".$re_id."' AND `fid` = '".$arr_ava['id']."' AND `user_id` != '".$user_id."' LIMIT 1");
if (mysql_num_rows($res_arr_comm) == true) $arr_comm = mysql_fetch_array(mysql_query("SELECT * FROM `avatars_comm` WHERE `id` = '".$re_id."' LIMIT 1"));
else $err = true;
$quote = cut($arr_comm['text'],500);
if ($err == false && mysql_query("INSERT INTO `avatars_comm` SET
`fid` = '".$arr_comm['fid']."',
`user_id` = '".$user_id."',
`text` = '".$comm."',
`quote` = '".$arr_comm['text']."',
`quote_id` = '".$arr_comm['user_id']."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `avatars` SET comm=comm+1 WHERE `id` = '".$arr_ava['id']."'");
if ($user_id != $arr_ava['user_id'] && $arr_comm['user_id'] != $arr_ava['user_id'])
{
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_ava['user_id']."',
`mod` = 'avatar',
`type` = 'comm',
`refid` = '".$arr_ava['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true) mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_ava['user_id']."'");
}
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_comm['user_id']."',
`mod` = 'avatar',
`type` = 're_comm',
`refid` = '".$arr_ava['id']."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true)
{
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_comm['user_id']."'");
}
}
}
?>