Файл: vsime.com/diary/inc/act_user.php
Строк: 107
<?
if(mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `user` WHERE `id` = '".intval($_GET['id'])."'"))==0)
{
$title .= ' - Ошибка!'; //заголовок
ex_head();
$error[] = "Пользователь с указаным ID не найден! Возможно Вы ошиблись при вводе URL'а.";
show_errors();
ex_foot();
}
$ank=profile(intval($_GET['id']));
$title .= ' - Записи '.$ank['nick'].''; //заголовок
ex_head();
if(isset($_GET['rating']))$rating=1;
if($ank['diary_desc']!=NULL)echo "<div class='list'>".output_text($ank['diary_desc'], $ank['id'])."</div>n";
if(isset($user) && $user['id']==$ank['id']) {
echo "<div class='mod_grad'>n";
echo $config['code_add']." <a href='/diary/index?act=create'>Создать запись</a><br />n";
echo "</div>n";
}
echo "<div class='grand_h'>n";
echo "<table>n";
echo "<td>".(isset($rating)?"<a href='?act=user&id=$ank[id]'>":NULL)."<span class='block_l'>Новые</span>".(isset($rating)?"</a>":NULL)."</td><td>".(!isset($rating)?"<a href='?act=user&id=$ank[id]&rating'>":NULL)."<span class='block_l'>Популярные</span>".(!isset($rating)?"</a>":NULL)."</td>n";
echo "</table>n";
echo "</div>n";
$where = array();
$query=mysqli_query($dbi, "SELECT * FROM `diary` WHERE `id_user` = '$ank[id]'");
while ($post = mysqli_fetch_array($query))
{
if($post['access']=='all' || $post['access']=='friends' && is_friend($ank['id'], $user['id']) || $post['access']=='pass' || $post['access']=='auth' && isset($user))$where[] = $post['id'];
}
if (!count($where))
{
echo "<div class='list'>Нет записей.</div>n";
} else {
$where = implode("' OR `id` = '", $where);
$count_results = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' AND `sk` = '0' AND (`id` = '$where')"));
$count_pages = count_pages($count_results);
$page = page();
$start = start_pages();
$query=mysqli_query($dbi, "SELECT * FROM `diary` WHERE `id_user` = '$ank[id]' AND `sk` = '0' AND (`id` = '$where') ORDER BY `".(isset($rating)?'rating` DESC, `time':'time')."` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query))
{
$ank=profile($post['id_user']);
$count_komms = mysqli_num_rows(mysqli_query($dbi, "SELECT * FROM `diary_komm` WHERE `id_diary` = '$post[id]'"));
echo "<div class='list'>n";
echo "<div class='left'>n";
show_avatar($ank['id'], 'small');
echo "</div>n";
echo "<div class='overfl_hid'>n";
if (isset($rating))echo "<span class='right'><img src='/i/site/star.png'/> $post[rating]</span>n";
echo profile_icon($ank['id']).profile_nick($ank['id'], 1).profile_medal($ank['id'])."<br />n";
echo "<a href='/diary/?act=diary&id=$post[id]'>".($post['name']!=NULL?hsc($post['name']):hsc(str_cut($post['text'], 5, 50)))."</a>n";
echo "<span class='grey right'>".vremja($post['time'])."</span><br/>n";
echo hsc(str_cut($post['text'], 20, 200))."".(hsc(str_cut($post['text'], 20, 200))!=$post['text']?" <a href='/diary/?act=diary&id=$post[id]&'>подробнее →</a>":null)."<br/>n";
echo "<a href='/diary/?act=diary&id=$post[id]#komms'>Обсудить".($count_komms!=0?" ($count_komms)":null)."</a><br/>n";
echo "</div>n";
echo "<div class='clear'></div>n";
echo "</div>n";
}
pages_show("?act=user&id=$ank[id]&".(isset($rating)?'rating&':null)); // Вывод страниц
}
if (isset($user) && $user['id']==$ank['id'] || isset($moderate_diary)) {
echo "<div class='mod_grad'>n";
if (isset($user) && $user['id']==$ank['id']) {
echo $config['code_edit']." <a href='/diary/?act=desc'>Редактировать описание</a><br />n";
}
if (isset($moderate_diary)) {
echo "<img src='/i/site/key.png'/> <a href='/diary/?act=sk&id=$ank[id]'>Заблокированные записи</a> <span class='counter'>".mysqli_result("SELECT COUNT(*) FROM `diary` WHERE `sk` = '1' AND `id_user` = '$ank[id]'")."</span><br />n";
}
echo "</div>n";
}
echo "<div class='foot'>n";
echo image_back()." <a href='/diary'>Дневники</a>n";
echo "</div>n";
ex_foot();
?>