Файл: video/video.php
Строк: 236
<?
include_once '../sys/inc/start.php';
if(!isset($_GET['download']))include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
only_reg();
if(isset($_GET['id']))$v=mysql_fetch_assoc(mysql_query("SELECT * FROM `video_user` WHERE `id` = '".intval($_GET['id'])."'"));
$video=mysql_fetch_assoc(mysql_query("SELECT * FROM `video_album` WHERE `id` = '".$v['id_album']."'"));
$set['title']='Видеоальбомы - '.output_text($v['name']);
include_once '../sys/inc/thead.php';
title();
err();
//aut();
if(!$v)header("Location: index.php");
if(isset($video['pass']) && $video['pass']!=NULL && @$_SESSION['pass']!=$video['pass'] && $video['id_user']!=$user['id'])header("Location: album.php?id=".$video['id']);
$file=H."sys/video/files/$v[id].vid";
$anks=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$v['id_user']."' LIMIT 1"));
########download######
if(isset($_GET['download'])){
include_once '../sys/inc/downloadfile.php';
DownloadFile($file, $v['name'].'.'.$v['ras'], ras_to_mime($v['ras']));
exit;
}
###########end########
######Редактирование#####
if(isset($_GET['edit'])){
if($v['id_user']!=$user['id'] || $user['level']<1)header("Location: video.php?id=".$v['id']);
if(isset($_POST['add'])){
$name=mysql_real_escape_string($_POST['name']);
$opis=mysql_real_escape_string($_POST['opis']);
if(strlen2($name)<2)$err='Название не менее 2 символов';
if(!isset($err)){
mysql_query("UPDATE `video_user` SET `name` = '".$name."',`opis` = '".$opis."' WHERE `id` = '$v[id]' LIMIT 1");
header("Location: video.php?id=".$v['id']);
}
}
echo "<form class='p_m' method='post' action='?id=$v[id]&edit'>n";
echo "Название:<br />n<input type="text" name="name" value="$v[name]" /><br />n";
echo "Описание:<br />n<textarea name="opis">$v[opis]</textarea><br />n";
echo "<input value="Изменить" name="add" type="submit" />n";
echo "</form>n";
echo "<div class='foot'>n";
echo "<img src='back.png' /> <a href='video.php?id=$v[id]'>Назад</a><br />n";
echo "<img src='back.png' /> <a href='album.php?id=$v[id_album]'>В альбом</a><br />n";
echo "<img src='back.png' /> <a href='index.php'>Видеоальбомы</a><br />n";
echo "</div>n";
include_once '../sys/inc/tfoot.php';
}
######end#######
#####del video####
if (isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `video_user` WHERE `id` = '".$v['id']."'"),0)==1)
{
if (isset($user) && ($user['level']>1 || $v['id_user']==$user['id'])){
unlink(H."sys/video/files/$v[id].vid");
unlink(H."sys/video/screens/48/$v[id].gif");
unlink(H."sys/video/screens/128/$v[id].gif");
mysql_query("DELETE FROM `video_komm` WHERE `id_album` = '$v[id_album]'");
mysql_query("DELETE FROM `video_user` WHERE `id` = '$v[id]'");
header("Location: album.php?id=".$v['id_album']);
}
}
if (isset($_GET['delv']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `video_user` WHERE `id` = '".$v['id']."'"),0)==1)
{
if (isset($user) && ($user['level']>1 || $v['id_user']==$user['id'])){
echo "<div class='err'>Вы уверены? <a href='?id=$v[id]&delete'>Да</a> | <a href='?id=$v[id]'>Нет</a></div>";
}
}
#########
echo "<div class='p_m'>";
include 'inc/128/'.$v['ras'].'.php';
echo "</div>";
echo "<div class='p_m'>";
echo "<img src='name.gif' /> ".output_text($v['name'])."<br />";
if($v['opis']!=NULL)echo "<img src='opis.gif' /> ".output_text($v['opis'])."<br />";
echo "<img src='user.gif' /> ";
echo online($anks['id'])."<a href='/info.php?id=$anks[id]'>$anks[nick]</a><br />";
echo "<img src='time.png' /> ".vremja($v['time'])."<br />";
echo "<img src='down.png' /> <a href='?id=$v[id]&download'>Скачать</a>(".size_file(filesize($file)).")<br />";
$rating=mysql_result(mysql_query("SELECT SUM(rating) FROM `video_rating` WHERE `id_video` = '$v[id]' "),0);
if($rating==NULL)$rating=0;
echo "<img src='votes.png' /> ".$rating."%<br />";
#############raiting##########
if(isset($user) && isset($_GET['up']) && $_GET['up']>0 && $_GET['up']<6 && mysql_result(mysql_query("SELECT COUNT(*) FROM `video_rating` WHERE `id_video` = '$v[id]' AND `id_user` = '$user[id]'"),0)==0){
mysql_query("INSERT INTO `video_rating` (`id_user`, `id_video`, `rating`) values('$user[id]', '$v[id]', '".intval($_GET['up'])."')");
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `video_rating` WHERE `id_video` = '$v[id]' AND `id_user` = '$user[id]'"),0)==0)echo "<a href='?id=$v[id]&up=1'><img src='rating/1.png' alt='+1'></a><a href='?id=$v[id]&up=2'><img src='rating/2.png' alt='+2'></a><a href='?id=$v[id]&up=3'><img src='rating/3.png' alt='+3'></a><a href='?id=$v[id]&up=4'><img src='rating/4.png' alt='+4'></a><a href='?id=$v[id]&up=5'><img src='rating/5.png' alt='+5'></a><br />";
?>
<script src="/uppod.js" type="text/javascript"></script>
<div class="player" id="videoplayer"></div>
<script type="text/javascript">
this.player = new Uppod(
{m:"video",
uid:"videoplayer",
file:"111.3gp",
poster:"111.3gp"
});</script>
<?
#########################
echo "</div>";
############################
if (isset($user) && (isset($_POST['msg']) || isset($_GET['otvet']))){
if(isset($_GET['otvet']))$otvet=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET['otvet'])."' LIMIT 1"));
$msg=mysql_real_escape_string($_POST['msg']);
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>512){$err='Сообщение слишком длинное';}
elseif (strlen2($msg)<2){$err='Короткое сообщение';}
elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `video_komm` WHERE `id_album` = '$v[id]' AND `id_user` = '$user[id]' AND `msg` = '".$msg."' LIMIT 1"),0)!=0){$err='Ваше сообщение повторяет предыдущее';}
elseif(!isset($err)){
mysql_query("INSERT INTO `video_komm` (`id_user`, `time`, `msg`, `id_album`) values('$user[id]', '$time', '".$msg."', '$v[id]')");
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
if($v['id_user']!=$user['id'])mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$v[id_user]', 'К вашему [url=/video/video.php?id=$v[id]]Видео[/url] оставили комментарий', '$time')");
if(isset($_GET['otvet']) && $otvet['id']!=$user['id'])mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$otvet[id]', 'Вам ответили в комментариях к [url=/video/video.php?id=$v[id]]Видео[/url]', '$time')");
msg('Ваш комментарий успешно принят');
}
}
if (isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `video_komm` WHERE `id` = '".intval($_GET['del'])."'"),0)==1)
{
$post=mysql_fetch_assoc(mysql_query("SELECT * FROM `video_komm` WHERE `id` = '".intval($_GET['del'])."' LIMIT 1"));
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".$post['id_user']."' LIMIT 1"));
if (isset($user) && ($user['level']>1 || $v['id_user']==$user['id'])){
mysql_query("DELETE FROM `video_komm` WHERE `id` = '$post[id]'");
msg('Комментарий успешно удален');
}
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `video_komm` WHERE `id_album` = '$v[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if (isset($user))
{
echo "<form method="post" name='message' action="">n";
if(isset($_GET['otvet'])){$otvet=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET['otvet'])."' LIMIT 1"));
echo "Сообщение:<br />n<textarea name="msg">$otvet[nick], </textarea><br />n";
}else{
echo "Сообщение:<br />n<textarea name="msg"></textarea><br />n";
}
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
echo "<input value="Отправить" type="submit" />n";
echo "</form>n";
}
echo "<table class='post'>n";
echo "<div class='menu_razd'><center>Комментарии</center></div>";
if ($k_post==0)
{
echo " <tr>n";
echo " <td class='p_t'>n";
echo "Нет комментариевn";
echo " </td>n";
echo " </tr>n";
}
$q=mysql_query("SELECT * FROM `video_komm` WHERE `id_album` = '$v[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q))
{
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
echo " <tr>n";
if ($set['set_show_icon']==2){
echo " <td class='icon48' rowspan='2'>n";
avatar($ank['id']);
echo " </td>n";
}
elseif ($set['set_show_icon']==1)
{
echo " <td class='icon14'>n";
echo "<img src='/style/themes/$set[set_them]/user/$ank[pol].png' alt='' />";
echo " </td>n";
}
echo " <td class='p_t'>n";
echo "<a href='/info.php?id=$ank[id]'>$ank[nick]</a>".online($ank['id'])."n";
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($set['set_show_icon']==1)echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
echo output_text($post['msg'])."<br />n";
echo "<div style='text-align: right;'>";
echo "<img src='time.png' /> ".vremja($post['time'])." ";
if (isset($user) && ($v['id_user']==$user['id'] || $user['level']>1))
echo "<a href='?id=$v[id]&del=$post[id]'><img src='del.png' /></a>n";
if (isset($user) && $ank['id']!=$user['id'])
echo "<a href='?id=$v[id]&otvet=$ank[id]'><img src='otvet.png' /></a>n";
echo "</div>";
echo " </td>n";
echo " </tr>n";
}
echo "</table>n";
if ($k_page>1)str('?id='.$v['id'].'&',$k_page,$page); // Вывод страниц
echo "<div class='foot'>n";
if($v['id_user']==$user['id'] || $user['level']>1){
echo "<img src='set.png' /> <a href='video.php?id=$v[id]&edit'>Редактировать</a><br />n";
echo "<img src='del.png' /> <a href='video.php?id=$v[id]&delv'>Удалить</a><br />n";
}
echo "<img src='back.png' /> <a href='album.php?id=$v[id_album]'>В альбом</a><br />n";
echo "<img src='back.png' /> <a href='index.php'>Видеоальбомы</a><br />n";
echo "</div>n";
include_once '../sys/inc/tfoot.php';
?>