Файл: microblog/blog.php
Строк: 566
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
if (!isset($_GET[id])) {
header("Location: /index.php?".SID);
exit;
}
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog` WHERE `id` = '".intval($_GET[id])."'"),0)==0) {
header("Location: /index.php?".SID);
exit;
}
$dnev=mysql_fetch_assoc(mysql_query("SELECT * FROM `microblog` WHERE `id` = '".intval($_GET[id])."'"));
$dnev_avt=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$dnev[id_user]'"));
$k_kom=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]'"),0);
mysql_query("UPDATE `microblog` SET `komm` = '$k_kom' WHERE `id`= '$dnev[id]'");
$all_see=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_look` WHERE `id_dnev` = '$dnev[id]'"),0);
mysql_query("UPDATE `microblog` SET `look` = '$all_see' WHERE `id`= '$dnev[id]'");
if ($dnev[read]==1 && $user[level]!=10) {
if ($dnev[read]==1 && $user[id]!=$dnev_avt[id]) {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE `user` = '$user[id]' AND `frend` = '$dnev_avt[id]'"),0)==0) {
header("Location: /index.php?".SID);
exit;
}
}
}
if ($dnev[read]==2 && $user[level]!=10) {
if ($dnev[read]==2 && $dnev_avt[id]!=$user[id]) {
header("Location: /index.php?".SID);
exit;
}
}
if (isset($_GET[foto_add])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {}
else {
header("Location: dnev.php?id=$dnev[id]".SID);
exit;
}
$set[title]=$dnev[name]."n|n Фото";
include_once '../sys/inc/thead.php';
title();
err();
if (isset($_GET[ok])) {
if (isset($_FILES['file1']))
{
if (eregi('.jpe?g$',$_FILES['file1']['name']) && $imgc=@imagecreatefromjpeg($_FILES['file1']['tmp_name']))
{
if (imagesx($imgc)>128 || imagesy($imgc)>128)
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
if ($img_x==$img_y)
{
$dstW=128; // ширина
$dstH=128; // высота
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$dstW=128;
$dstH=ceil($dstW/$prop);
}
else
{
$prop=$img_y/$img_x;
$dstH=128;
$dstW=ceil($dstH/$prop);
}
$screen=imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
imagejpeg($screen,H."sys/dnev/$dnev[id]_$user[id]_1.jpg",100);
@chmod(H."sys/dnev/$dnev[id]_$user[id]_1.jpg",0777);
imagedestroy($screen);
}
else
{
copy($_FILES['file1']['tmp_name'], H."sys/dnev/$dnev[id]_$user[id]_1.jpg");
}
}
}
if (isset($_FILES['file2']))
{
if (eregi('.jpe?g$',$_FILES['file2']['name']) && $imgc=@imagecreatefromjpeg($_FILES['file2']['tmp_name']))
{
if (imagesx($imgc)>128 || imagesy($imgc)>128)
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
if ($img_x==$img_y)
{
$dstW=128; // ширина
$dstH=128; // высота
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$dstW=128;
$dstH=ceil($dstW/$prop);
}
else
{
$prop=$img_y/$img_x;
$dstH=128;
$dstW=ceil($dstH/$prop);
}
$screen=imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
imagejpeg($screen,H."sys/dnev/$dnev[id]_$user[id]_2.jpg",100);
@chmod(H."sys/dnev/$dnev[id]_$user[id]_2.jpg",0777);
imagedestroy($screen);
}
else
{
copy($_FILES['file2']['tmp_name'], H."sys/dnev/$dnev[id]_$user[id]_2.jpg");
}
}
}
if (isset($_FILES['file3']))
{
if (eregi('.jpe?g$',$_FILES['file3']['name']) && $imgc=@imagecreatefromjpeg($_FILES['file3']['tmp_name']))
{
if (imagesx($imgc)>128 || imagesy($imgc)>128)
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
if ($img_x==$img_y)
{
$dstW=128; // ширина
$dstH=128; // высота
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$dstW=128;
$dstH=ceil($dstW/$prop);
}
else
{
$prop=$img_y/$img_x;
$dstH=128;
$dstW=ceil($dstH/$prop);
}
$screen=imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
imagejpeg($screen,H."sys/dnev/$dnev[id]_$user[id]_3.jpg",100);
@chmod(H."sys/dnev/$dnev[id]_$user[id]_3.jpg",0777);
imagedestroy($screen);
}
else
{
copy($_FILES['file3']['tmp_name'], H."sys/dnev/$dnev[id]_$user[id]_3.jpg");
}
}
}
}
if (isset($_GET[del])) {
unlink(H.'/sys/dnev/'.$_GET[del].'.jpg');
}
echo "Внимание!Можно загружать картинки только формата <font color='red'>JPG</font><br />n";
echo "<form method='post' enctype='multipart/form-data' action='?id=$dnev[id]&foto_add&ok'>n";
if (is_file(H.'/sys/dnev/'.$dnev[id].'_'.$user[id].'_1.jpg')) {
echo "<img src='/sys/dnev/$dnev[id]_$user[id]_1.jpg'/><br/>n";
echo "[<a href='?id=$dnev[id]&foto_add&del=$dnev[id]_$user[id]_1'>Удалить</a>]<br/>n";
}
echo "<input type='file' name='file1' accept='image/jpeg' /><br/>n";
if (is_file(H.'/sys/dnev/'.$dnev[id].'_'.$user[id].'_2.jpg')) {
echo "<img src='/sys/dnev/$dnev[id]_$user[id]_2.jpg'/><br/>n";
echo "[<a href='?id=$dnev[id]&foto_add&del=$dnev[id]_$user[id]_2'>Удалить</a>]<br/>n";
}
echo "<input type='file' name='file2' accept='image/jpeg' /><br/>n";
if (is_file(H.'/sys/dnev/'.$dnev[id].'_'.$user[id].'_3.jpg')) {
echo "<img src='/sys/dnev/$dnev[id]_$user[id]_3.jpg'/><br/>n";
echo "[<a href='?id=$dnev[id]&foto_add&del=$dnev[id]_$user[id]_3'>Удалить</a>]<br/>n";
}
echo "<input type='file' name='file3' accept='image/jpeg' /><br/>n";
echo "<input value='Загрузить изображения' type='submit' /><br />n";
echo "</form>n";
echo "<div class='rekl'>";
echo "<img src='/style/back.gif' alt='' class='icon'/>n";
echo "<a href='?id=$dnev[id]'>$dnev[name]</a>";
echo "</div>";
include_once '../sys/inc/tfoot.php';
}
if (isset($_GET[edit])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {}
else {
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
if (isset($_GET[edit]) && isset($_GET[ok])) {
$name=esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['translit1']) && $_POST['translit1']==1)$name=translit($name);
if (strlen2($name)<3)$err='Короткое название для темы';
if (strlen2($name)>32)$err='Название темы не должно быть длиннее 32-х символов';
$name=mysql_real_escape_string($name);
$msg=esc(stripcslashes(htmlspecialchars($_POST['msg'])));
if (isset($_POST['translit2']) && $_POST['translit2']==1)$msg=translit($msg);
if (strlen2($msg)<15)$err='Короткое сообщение';
if (strlen2($msg)>100000)$err='Длина сообщения превышает предел в 5000 символа';
$msg=mysql_real_escape_string($msg);
if (!isset($err)) {
mysql_query("UPDATE `microblog` SET `name` = '$name' WHERE `id`= '$dnev[id]'");
mysql_query("UPDATE `microblog` SET `msg` = '$msg' WHERE `id`= '$dnev[id]'");
mysql_query("UPDATE `microblog` SET `read` = '".intval($_POST[read])."' WHERE `id`= '$dnev[id]'");
mysql_query("UPDATE `microblog` SET `write` = '".intval($_POST[write])."' WHERE `id`= '$dnev[id]'");
header("Location: dnev.php?id=$dnev[id]".SID);
exit;
}
}
$set[title]=$dnev[name]."n|n редактирование";
include_once '../sys/inc/thead.php';
title();
err();
include_once '../sys/inc/tfoot.php';
}
if (isset($_GET[otv])) {
$dnev=mysql_fetch_assoc(mysql_query("SELECT * FROM `microblog` WHERE `id` = '".intval($_GET[id])."'"));
$dnev_avt=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$dnev[id_user]'"));
$user_temp=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_GET[otv])."'"));
if (isset($user) && isset($_POST[msg])) {
$msg=htmlentities($_POST['msg']);
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)<4)$err='Короткое сообщение';
if (strlen2($msg)>10000)$err='Длина сообщения превышает предел в 1000 символов';
$msg=mysql_real_escape_string($msg);
if (!isset($err)) {
mysql_query("INSERT INTO `microblog_kom` (`id_dnev`, `id_user`, `msg`, `otv`, `time`) values('$dnev[id]', '$user[id]', '$msg', '$user_temp[id]', '$time')");
if ($user[id]!=$dnev_avt[id]) {
$msg1="В вашем микроблоге [red][url=/microblog/blog.php?id=$dnev[id]]$dnev[name][/url][/red] оставили комментарий ";
mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$dnev_avt[id]', '$msg1', '$time')");
}
if ($user[id]!=$user_temp[id] && $user_temp[id]!=$dnev_avt[id]) {
$msg1="Вам ответили в микроблоге [url=/microblog/blog.php?id=$dnev[id]]$dnev[name][/url]";
mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$user_temp[id]', '$msg1', '$time')");
}
unset($_POST[msg]);
unset($msg);
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
}
$set[title]=$dnev[name]."n|n ответ $user_temp[nick]";
include_once '../sys/inc/thead.php';
title();
err();
if (isset($user) && ($dnev[write]==0 || ($dnev[write]==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE `user` = '$user[id]' AND `frend` = '$dnev_avt[id]'"),0)!=0 || $dnev_avt[id]==$user[id] || $user[level]==10) || ($dnev[write]==2 && $dnev_avt[id]==$user[id]) || $user[level]==10)) {
echo "<form method='post' name='message' action='?id=$dnev[id]&otv=$user_temp[id]'>n";
echo "Сообщение (4-1000 символов):<br />n<textarea name="msg">$_POST[msg]</textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
echo "<input name='post' value='Ответить' type='submit' /><br />n";
echo "<a href="/smiles/index.php">Смайлы</a>";echo "</form>n";
echo "<div class='tmn'>";
echo "<img src='/style/back.gif' alt='' class='icon'/>n";
echo "<a href='?id=$dnev[id]'>$dnev[name]</a>";
echo "</div>";
include_once '../sys/inc/tfoot.php';
}
else {
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
}
if (isset($user) && isset($_POST[msg])) {
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)<4)$err='Короткое сообщение';
if (strlen2($msg)>10000)$err='Длина сообщения превышает предел в 1000 символов';
$msg=mysql_real_escape_string($msg);
if (!isset($err)) {
mysql_query("INSERT INTO `microblog_kom` (`id_dnev`, `id_user`, `msg`, `time`) values('$dnev[id]', '$user[id]', '$msg', '$time')");
if ($user[id]!=$dnev_avt[id]) {
////
$q = mysql_query("SELECT * FROM `frends` WHERE `user` = '$user[id]' AND `lenta_forum` = '1' AND `i` = '1'");
while ($f = mysql_fetch_array($q))
{
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[frend]' LIMIT 1"));
$msg_obsuzh="Добавил(а) комментарий к микроблогу [url=/microblog/blog.php?id=$dnev[id]]$dnev[name][/url] у обитателя [b]$dnev_avt[nick][/b]";
mysql_query("INSERT INTO `obsuzh` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msg_obsuzh', '$time')");
}
///
$msg1="В вашем Микроблоге [red][url=/microblog/blog.php?id=$dnev[id]]$dnev[name][/url][/red] появился новый комментарий";
mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$dnev_avt[id]', '$msg1', '$time')");
}
unset($_POST[msg]);
unset($msg);
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
}
if (isset($_GET[del])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
mysql_query("DELETE FROM `microblog_kom` WHERE `id` = '".intval($_GET[del])."' AND `id_dnev` = '$dnev[id]'");
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
else {
header("Location: /".SID);
exit;
}
}
if (isset($_GET[del_all_com])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
mysql_query("DELETE FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]'");
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
else {
header("Location: /".SID);
exit;
}
}
if (isset($_GET[del_full])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
mysql_query("DELETE FROM `microblog` WHERE `id` = '$dnev[id]'");
mysql_query("DELETE FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]'");
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
else {
header("Location: /".SID);
exit;
}
}
if (isset($_GET[hide])) {
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
mysql_query("UPDATE `dnev_kom` SET `hide` = '".intval($_GET[set])."' WHERE `id`= '".intval($_GET[hide])."'");
header("Location: blog.php?id=$dnev[id]".SID);
exit;
}
else {
header("Location: /".SID);
exit;
}
}
if (isset($user) && $user[id]!=$dnev_avt[id]) {
$user_see=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_look` WHERE `id_dnev` = '$dnev[id]' AND `id_user` = '$user[id]'"),0);
if ($user_see==0) {
mysql_query("INSERT INTO `microblog_look` (`id_dnev`, `id_user`, `time`) values('$dnev[id]', '$user[id]', '$time')");
}
if ($user_see!=0) {
mysql_query("UPDATE `microblog_look` SET `time` = '$time' WHERE `id_user`= '$user[id]' AND `id_dnev` = '$dnev[id]'");
}
}
include_once '../sys/inc/thead.php';
echo "<div class='title'>";
echo "<center>Микроблоги</center>";
echo "</div>";
//title();
err();
echo "<div class='mytitle'>";
echo "".online($dnev_avt['id'])." <a href='/info.php?id=$dnev_avt[id]'><span style="color:$dnev_avt[ncolor]">$dnev_avt[nick]</span></a>n";
if($dnev_avt['rating']>=0 && $dnev_avt['rating']<=99)echo " ";
if($dnev_avt['rating']>=100 && $dnev_avt['rating']<=199)echo " <img src='/style/rating/bronze.gif'></img> ";
if($dnev_avt['rating']>=200 && $dnev_avt['rating']<=299)echo " <img src='/style/rating/silver.gif'></img> ";
if($dnev_avt['rating']>=300 && $dnev_avt['rating']<=399)echo " <img src='/style/rating/gold.gif'></img> ";
if($dnev_avt['rating']>=400 && $dnev_avt['rating']<=1000)echo " <img src='/style/rating/lafes_user.gif'></img> ";
if($dnev_avt['rating']>=1001 && $dnev_avt['rating']<=10000)echo " <img src='/rating/konkurs.png'></img> ";
if ($dnev_avt['brak']!=NULL)echo "<img src='/style/icons/rings.gif' alt='' class='icon'/> n";
if ($dnev_avt['braks']!=NULL)echo "<img src='/style/icons/rings.gif' alt='' class='icon'/> n";
if ($dnev_avt['stran']==0)echo "n";
if ($dnev_avt['stran']==1)echo "<img src='/style/strana/ru.png'>n";
if ($dnev_avt['stran']==2)echo "<img src='/style/strana/ua.png'>n";
if ($dnev_avt['stran']==3)echo "<img src='/style/strana/by.png'>n";
if ($dnev_avt['stran']==4)echo "<img src='/style/strana/az.png'>n";
if ($dnev_avt['stran']==5)echo "<img src='/style/strana/kz.png'>n";
if ($dnev_avt['stran']==6)echo "<img src='/style/strana/uz.png'>n";
if ($dnev_avt['stran']==7)echo "<img src='/style/strana/england.png'>n";
if ($dnev_avt['stran']==8)echo "<img src='/style/strana/de.png'>n";
$k_kom=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]'"),0);
echo "<br/><b>Комментариев $k_kom</b>";
echo "nn";
echo "</div>";
echo " <div class='hello'>n";
echo output_text($dnev[name])."n";
echo " <font color='green'>".vremja($dnev[time])."</font>n";
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
echo "<a href='blog.php?id=$dnev[id]&del_full'><img src='/style/icons/del.gif'></a><br/>n";
}
echo "</div>";
if (isset($user) && ($dnev[write]==0 || ($dnev[write]==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE `user` = '$user[id]' AND `frend` = '$dnev_avt[id]'"),0)!=0 || $dnev_avt[id]==$user[id] || $user[level]==10) || ($dnev[write]==2 && $dnev_avt[id]==$user[id]) || $user[level]==10)) {
echo "<form method='post' name='message' action='?id=$dnev[id]'>n";
echo " <div class='textmes'>n";
echo "n<textarea name="msg">$_POST[msg]</textarea><br />n";
echo "<input name='post' value='Добавить комментарий' type='submit' /><br />n";
echo "</div>";
echo "";echo "</form>n";
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
echo "<table class='post'>n";
$lim=" LIMIT $start, $set[p_str]";
$q=mysql_query("SELECT * FROM `microblog_kom` WHERE `id_dnev` = '$dnev[id]' ORDER BY `time` DESC$lim");
if (mysql_num_rows($q)==0) {
echo " <div class='p_t'>n";
echo "Нет комментариевn";
echo "</div>";
}
$post_k=$start;
while ($post = mysql_fetch_assoc($q))
{
$ank=get_user($post['id_user']);
echo " <tr>n";
if($num==1){
echo " <td class='linechat'>n";
$num=0;
}else{
echo " <td class='linechat'>n";
$num=1;}
$post_k++;
$num_post=$post_k;
if (isset($user) && $them['close']==0)
echo "".online($ank['id'])." <a href='/info.php?id=$ank[id]' title='Анкета $ank[nick]'><span style="color:$ank[ncolor]">$ank[nick]</span></a>n";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `id_user` = '$ank[id]' AND `time` > '$time'"), 0)!=0)
echo "<font color='red'>[BAN]</font>n";
echo "<br/>n";
if ($post[hide]==1) echo "<font color='red'>[Комментарий скрыт]</font> ";
if ($post[hide]==0 || ($post[hide]==1 && ($user[id]==$dnev_avt[id] || $user[id]==$post[id_user] || $user[level]==10))) {
if ($post[otv]!=0) {
$tmp_user=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[otv]'"));
echo "Ответ <u><span style="color:$tmp_user[ncolor]">$tmp_user[nick]</span></u>: n";
}
echo "<span style="color:$ank[mcolor]">";
echo output_text($post['msg'])."n";
echo "</span>n";
}
echo "<div style='text-align: right;'><font color='#afb0a3'>".vremja($post['time'])."</font>n";
if (isset($user) && ($dnev[write]==0 || ($dnev[write]==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE `user` = '$user[id]' AND `frend` = '$dnev_avt[id]'"),0)!=0 || $dnev_avt[id]==$user[id] || $user[level]>=3) || ($dnev[write]==2 && $dnev_avt[id]==$user[id]) || $user[level]>=3)) {
echo "<a href='blog.php?id=$dnev[id]&otv=$ank[id]'><img src='/style/icons/check.gif'></img></a>n";
}
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
if ($post[hide]==1) echo "<a href='blog.php?id=$dnev[id]&hide=$post[id]&set=0'><img src='/style/icons/edit.gif'></img></a>n";
}
if ($user[id]==$dnev_avt[id] || $user[level]==10) {
echo "<a href='blog.php?id=$dnev[id]&del=$post[id]'><img src='/style/icons/delete.gif'></img></a></div>n";
}
}
echo "</table>n";
if ($k_page>1)str("?id=$dnev[id]&",$k_page,$page); // Вывод страниц
include_once '../sys/inc/tfoot.php';
?>