Файл: 3020.ru/file_3020/plugins/user.spy.php
Строк: 62
<?
if ($level == 0){
header('Location: /index.php');
exit;
}
if (isset($_GET['set'])) {
$id = (int) $_GET['set'];
$spy['goods'] = 1;
$spy['wmr'] = 1;
if ($sql -> selectCount("SELECT COUNT(*) FROM `shop_spy` WHERE `id_user` = '$user[id]' AND `id_author` = '$id' AND `id_author` != '0'") != 0) {
$spy = $sql -> fetch('SELECT * FROM `shop_spy` WHERE `id_user` = ' . $user['id'] . ' AND `id_author` = ' . $id . ' LIMIT 1');
}
if (isset($_POST['goods']) && $sql -> selectCount("SELECT COUNT(*) FROM `users` WHERE `id` = '$id'") != 0) {
$spy['goods'] = (int) $_POST['goods'];
$spy['wmr'] = (int) $_POST['wmr'];
if (isset($spy['id_user'])) {
$sql -> update("UPDATE `shop_spy` SET `wmr` = '" . $spy['wmr'] . "', `goods` = '" . $spy['goods'] . "' WHERE `id_author` = '$spy[id_author]' AND `id_user` = '$user[id]' LIMIT 1");
} else {
journal($id, 'other', login($user['id'], 0) . " подписался на вас!");
$sql -> insert("INSERT INTO `shop_spy` (`id_user`, `id_author`, `time`, `goods`, `wmr`) VALUES ('" . $user['id'] . "', '" . $id . "', '$time', '$spy[goods]', '$spy[wmr]')");
}
$_SESSION['message'] = 'Подписка на ' . login($id, 0) . ' успешно оформлена';
header('Location: ?func=' . $func);
exit;
} elseif (isset($_POST['goods'])) {
$err[] = 'Не удалось оформить подписку';
}
}
if (isset($_GET['delete'])) {
$delete = (int) $_GET['delete'];
if ($sql -> selectCount("SELECT COUNT(*) FROM `shop_spy` WHERE `id_user` = '$user[id]' AND `id_author` = '$delete'") != 0) {
$sql -> delete("DELETE FROM `shop_spy` WHERE `id_user` = '$user[id]' AND `id_author` = '$delete'");
$messages[] = 'Подписка успешно удалена';
}
}
$system['title'] = 'Мои подписки';
require SYS . 'header.php';
if (isset($_GET['set']) && $id != $user['id']) {
?>
<div class="nav2">
<form action="?func=<?= $func?>&set=<?= $id?>" method="POST">
Продавец:
<?= login($id, 1)?><br />
Подписка на новые товары:<br />
<input type="radio" name="goods" value="1" <?= ($spy['goods'] == 1 ? 'checked' : '')?> /> да
<input type="radio" name="goods" value="0" <?= ($spy['goods'] == 0 ? 'checked' : '')?> /> нет
<br />
Подписка на изменение цен:<br />
<input type="radio" name="wmr" value="1" <?= ($spy['wmr'] == 1 ? 'checked' : '')?> /> да
<input type="radio" name="wmr" value="0" <?= ($spy['wmr'] == 0 ? 'checked' : '')?> /> нет
<br />
<button type="submit" style="margin: 2px;">Готово</button>
</form>
</div>
<?
} else {
$k_post = $sql -> selectCount("SELECT COUNT(*) FROM `shop_spy` WHERE `id_user` = '$user[id]'");
if ($k_post == 0) {
?>
<div class="alert" style="margin: 2px;">Список подписок пуст</div>
<?
} else {
$k_page = k_page($k_post, $system['page_str']);
$page = page($k_page);
$start = $system['page_str'] * $page - $system['page_str'];
$array = $sql -> select("SELECT * FROM `shop_spy` WHERE `id_user` = '$user[id]' ORDER BY `time` DESC LIMIT $start, $system[page_str]");
foreach ($array AS $contact) {
$num++;
?>
<div class="<?= ($num % 2 ? "nav1" : "nav2")?>">
<a href="?func=user.spy&delete=<?= $contact['id_author']?>&page=<?= $page?>" class="close"><i class="icon-remove"></i></a>
<a href="?func=user.spy&set=<?= $contact['id_author']?>" class="close"><i class="icon-pencil"></i></a>
<?= avatar($contact['id_author'], 1)?> <?= login($contact['id_author'], 1)?><br />
<i class="icon-shopping-cart"></i> <a href="?func=shop.seller&id=<?= $contact['id_author']?>">Товары в магазине</a> (<?= $sql -> selectCount("SELECT COUNT(*) FROM `shop_goods` WHERE `id_user` = '$contact[id_author]' AND `unlink` = '0'")?>)
</div>
<?
}
if ($k_page > 1) {
str('?func=' . $func . '&', $k_page, $page);
}
}
}
?>
<div class="foot">
« <a href="?func=user.main">В кабинет</a><br />
</div>