Файл: region_clean/stenka.php
Строк: 763
<?
#######################################
## Mod By KoT (borispol) [76-75-072] ##
#######################################
require_once "start.php";
require_once "sid.php";
header('Cache-Control: no-store, no-cache, must-revalidate');
if ($ver == "wml") header ("Content-type:text/vnd.wap.wml; charset=utf-8");
else header("Content-Type:text/html; charset=UTF-8");
require_once "inc.php";
$link = connect_db();
list($row, $id, $ps, $fsize1, $fsize2) = check_login($link);
require_once "version.php";
if ($ver == "wml") {
echo $xml;
echo $dtd;
echo "<wml>n
<card title="Стена">n
<p align="left">n";
} else {
echo "<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><link rel="stylesheet" type="text/css" href="css/$css.css"/>
<title>Стена</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/></head><body>
<div align="left">";
}
mysql_query("SELECT `id` FROM `users` WHERE `id`='".(int)$usid."'");
if (mysql_affected_rows() == 0) {
echo 'Такого юзера не существует!<br/>';
include_once 'foot.php';
break;
}
$usr = mysql_fetch_array(mysql_query("SELECT `user` FROM `users` WHERE id='".(int)$usid."'"));
echo $fsize1;
echo "<div class='c4'>Стена ".$usr['user']."</div>";
echo $fsize2;
$mod = isset($_GET['mod']) ? $_GET['mod'] : NULL;
switch($mod) {
default:
if (empty($s)) $s = 0;
$query = mysql_query("select * from stenka WHERE usid = '".(int)$usid."'");
$num_of_rows = mysql_num_rows($query);
$total_mat_number = $num_of_rows;
$max = $row['max'];
$total_ss = ceil($total_mat_number/$max);
$i = 1 + $s;
echo $fsize1;
echo "Сообщений на стенке: <b>".$total_mat_number."</b><br/>";
echo "<a href="stenka.php?$ses&mod=add&usid=$usid">Добавить</a> |
<a href="stenka.php?$ses&usid=$usid">Обновить</a><br/><br/>";
echo $fsize2;
$s = intval($s);
$max = intval($max);
$r = mysql_query ("select * from `stenka` WHERE usid='".(int)$usid."' order by id desc limit ".$s.",".$max.";");
while($arr = mysql_fetch_assoc($r)) {
echo $fsize1;
echo '<div class="d1">';
if ($row['level'] >= 6 or $row['id'] == $usid) {
echo "<a href="stenka.php?$ses&mod=del&usid=$usid&fid=".$arr['id'].""><small>[X]</small></a> ";
}
$arr['id'] = intval($arr['id']);
$logo = mysql_fetch_array(mysql_query("SELECT `attach` FROM `stenka` WHERE `id`='".(int)$arr['id']."'"));
$who = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `user`='".mysql_real_escape_string($arr['login'])."'"));
if (empty($arr['login'])) {
echo '<b>Юзер удален</b>';
} else {
echo "<b><a href="info.php?$ses&nk=$who[id]">".col_n($arr['login'])."</a></b>
<small>[<a href="stenka.php?$ses&mod=add&usid=$usid&nick=$who[id]">отв</a>]</small>";
}
echo '('.$arr['date'].')<br/>';
if ($arr['shrift'] == 1) { $font = 'algerian'; }
if ($arr['shrift'] == 2) { $font = 'arial'; }
if ($arr['shrift'] == 3) { $font = 'broadway'; }
if ($arr['shrift'] == 4) { $font = 'castellar'; }
if ($arr['shrift'] == 5) { $font = 'centaur'; }
if ($arr['shrift'] == 6) { $font = 'century'; }
if ($arr['shrift'] == 7) { $font = 'chiller'; }
if ($arr['shrift'] == 8) { $font = 'elephant'; }
if ($arr['shrift'] == 9) { $font = 'forte'; }
if ($arr['shrift'] == 10) { $font = 'garamond'; }
if ($arr['shrift'] == 11) { $font = 'georgia'; }
if ($arr['shrift'] == 12) { $font = 'gigi'; }
if ($arr['shrift'] == 13) { $font = 'harrington'; }
if ($arr['shrift'] == 14) { $font = 'impact'; }
if ($arr['shrift'] == 15) { $font = 'jokerman'; }
if ($arr['shrift'] == 16) { $font = 'mistral'; }
if ($arr['shrift'] == 17) { $font = 'modern'; }
if ($arr['shrift'] == 18) { $font = 'onyx'; }
if ($arr['shrift'] == 19) { $font = 'papyrus'; }
if ($arr['shrift'] == 20) { $font = 'perpetua'; }
if ($arr['shrift'] == 21) { $font = 'pristina'; }
if ($arr['shrift'] == 22) { $font = 'raavi'; }
if ($arr['shrift'] == 23) { $font = 'ravie'; }
if ($arr['shrift'] == 24) { $font = 'rockwell'; }
if ($arr['shrift'] == 25) { $font = 'roman'; }
if ($arr['shrift'] == 26) { $font = 'script'; }
if ($arr['shrift'] == 27) { $font = 'shruti'; }
if ($arr['shrift'] == 28) { $font = 'stencil'; }
if ($arr['shrift'] == 29) { $font = 'symbol'; }
if (!empty($arr['shrift'])) {
echo '<font color="#FF0000"><font face="'.$font.'">'.$arr['content'].'</font></font>';
} else {
echo $arr['content'];
}
if (!empty($logo['attach']))
{
if (file_exists("stena/$logo[attach]"))
{
echo ' <img src="stena/'.$logo['attach'].'" width="75" height="75" alt="."/>';
}
}
$pol = mysql_fetch_array(mysql_query("SELECT `id`,`sex` FROM `users` WHERE `id`='".intval($who['id'])."'"));
$sex = $pol['sex'];
if ($sex == 'М') {
$who_s = 'Его';
} elseif ($sex == 'Ж') {
$who_s = 'Её';
}
if ($usid != $who['id']) {
echo "<br/><small>[<a href="stenka.php?$ses&usid=$who[id]">$who_s стена</a>]</small>";
}
echo '</div>';
echo $fsize2;
}
echo $fsize1;
echo '<br/><dl><dt></dt></dl>';
for ($num = 0; $num < $total_ss; $num++) {
$s_number = $num * $max;
if ($s_number != $s) {
echo "<a href="stenka.php?$ses&usid=$usid&s=$s_number">".($num+1)."</a>|";
} else {
echo ($num+1).'|';
}
}
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
echo '<dl><dt></dt></dl>';
echo $fsize2;
if ($usid == $id) {
echo '<a href="stenka.php?'.$ses.'&usid='.$usid.'&mod=clean">Очистить всю стену</a><br/>';
}
echo $fsize1;
echo 'Сообщение:<br/>';
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo '<textarea cols="20" rows="2" name="content" maxlength="200"></textarea><br/>';
echo "<anchor>Добавить<go href="stenka.php?$ses&mod=add&usid=$usid" method="post">
<postfield name="action" value="add"/>
<postfield name="content" value="$(content)"/>
<postfield name="date" value="$date"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="stenka.php?$ses&mod=add&usid=$usid" name="auth">
<input name="content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type='radio' value='1' name='adds'/> Добавить граффити<br/>
<input type='radio' value='2' name='adds'/> Добавить файл<br/>
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>";
}
echo '<br/>';
break;
case 'clean':
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
if ($usid != $id)
{
echo 'Это не твоя стена!<br/>';
break;
}
if (mysql_query("DELETE FROM `stenka` WHERE `usid`='".(int)$usid."'"))
{
echo 'Стена успешно очищена!<br/>';
} else {
echo 'Произошла ошибка...<br/>';
}
break;
case 'addfile':
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
$selusers = mysql_fetch_array(mysql_query("SELECT `id`,`stenka` FROM `users` WHERE `id`='".(int)$usid."'"));
$stenka = $selusers['stenka'];
if ($stenka != 1) {
} else {
echo col_n($usr['user']).' запретил писать на его стене!<br/>';
break;
}
$date = date("d.m,H:i");
$content = mysql_real_escape_string(check($content));
mysql_query("SELECT `content` FROM `stenka` WHERE `content`='".$content."' AND `usid`='".(int)$usid."'");
if (mysql_affected_rows() != 0) {
echo 'Ошибка! такое сообщение уже имеется на стене!<br/>';
break;
}
$fname = $_FILES['fail']['name'];
$fsize = $_FILES['fail']['size'];
if ($fail == '') { echo 'Не выбран файл!<br/>'; break; }
$kim = mysql_query("SELECT `attach` FROM `stenka` WHERE `attach`='".mysql_real_escape_string($fname)."'");
if (mysql_num_rows($kim) != 0)
{
echo 'Файл с таким именем уже есть! Тебе необходимо переименовать файл!<br />';
break;
}
function format($name)
{
$f1 = strrpos($name, ".");
$f2 = substr($name, $f1 + 1, 999);
$fname = strtolower($f2);
return $fname;
}
$fname = $_FILES['fail']['name'];
$fsize = $_FILES['fail']['size'];
if ($fname != '')
{
$tfl = strtolower(format($fname));
$df = array("vbs", "asp", "aspx", "shtml", "htd", "php", "php3", "php4", "php5", "phtml", "htt", "cfm", "tpl", "dtd", "hta", "pl", "js", "jsp");
if (in_array($tfl, $df))
{
echo 'Попытка отправить файл запрещенного типа!<br/>';
break;
}
if ($fsize >= 51000)
{
echo 'Вес файла превышает 50 Kb!<br/>';
break;
}
if ((preg_match("/php/i", $fname)) or (preg_match("/.pl/i", $fname)) or ($fname == ".htaccess"))
{
echo 'Попытка отправить файл запрещенного типа!<br/>';
break;
}
if (file_exists("stena/$fname"))
{
$fname = "$realtime.$fname";
}
if ((move_uploaded_file($_FILES["fail"]["tmp_name"], "./stena/$fname")) == true)
{
$ch = $fname;
@chmod("$ch", 0777);
@chmod("stena/$ch", 0777);
echo 'Файл '.$ch.' успешно прикреплен!<br/>';
}
else
{
echo 'Ошибка при прикреплении файла!<br/>';
}
}
if (!empty($_POST['fail1']))
{
$uploaddir = "./stena";
$uploadedfile = $_POST['fail1'];
if (strlen($uploadedfile) > 0)
{
$array = explode('file=', $uploadedfile);
$tmp_name = $array[0];
$filebase64 = $array[1];
}
$tfl = strtolower(format($tmp_name));
$df = array("asp", "aspx", "shtml", "htd", "php", "php3", "php4", "php5", "phtml", "htt", "cfm", "tpl", "dtd", "hta", "pl", "js", "jsp");
if (in_array($tfl, $df))
{
echo 'Попытка отправить файл запрещенного типа!<br/>';
break;
}
if (strlen(base64_decode($filebase64)) >= 51000)
{
echo 'Вес файла превышает 50 Kb!<br/>';
break;
}
if ((preg_match("/php/i", $tmp_name)) or (preg_match("/.pl/i", $tmp_name)) or ($tmp_name == ".htaccess"))
{
echo 'Попытка отправить файл запрещенного типа!<br/>';
break;
}
if (strlen($filebase64) > 0)
{
$fname = $tmp_name;
if (file_exists("stena/$fname"))
{
$fname = "$realtime.$fname";
}
$FileName = "$uploaddir/$fname";
$filedata = base64_decode($filebase64);
$fid = @fopen($FileName, "wb");
if ($fid)
{
if (flock($fid, LOCK_EX))
{
fwrite($fid, $filedata);
flock($fid, LOCK_UN);
}
fclose($fid);
}
if (file_exists($FileName) and filesize($FileName) == strlen($filedata))
{
echo 'Файл ' .$tmp_name. ' успешно прикреплён!<br/>';
$ch = $fname;
} else
{
echo 'Ошибка при прикреплении файла ' .$tmp_name. '!<br/>';
}
}
}
$ch = check($ch);
$shrift = intval($shrift);
$row['user'] = mysql_real_escape_string(check($row['user']));
mysql_query("insert into stenka values(0,'".$usid."','".$row['user']."','".$content."','".$date."','".$ch."','".$shrift."');");
//======================================================//
$fromid = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `id` = '".(int)$id."'"));
$fromus = $fromid['user'];
$adm = mysql_query("Select * from users where user='".(int)$usid."'");
$z = mysql_fetch_array ($adm);
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Оставлен коммент.";
$message = "Пользователь <b>" . $fromus . "</b> оставил комментарий к твоей анкете.";
mysql_query("Insert into zapiski set klu4='".$kol."', idwho ='1', message = '".$message."', towhom = '".(int)$id."', idtowhom = '".(int)$usid."', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
break;
case 'grf':
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
$selusers = mysql_fetch_array(mysql_query("SELECT `stenka` FROM `users` WHERE `id`='".(int)$usid."'"));
$stenka = $selusers['stenka'];
if ($stenka != 1) {
} else {
echo 'Пользователь '.col_n($usr['user']).' запретил писать на его стене!<br/>';
break;
}
$date = date("d.m,H:i");
mysql_query("SELECT `content` FROM `stenka` WHERE `content`='".mysql_real_escape_string($content)."' AND `usid`='".(int)$usid."'");
if (mysql_affected_rows() != 0) {
echo 'Ошибка! такое сообщение уже имеется на стене!<br/>';
break;
}
if (empty($shrift)) {
echo 'Ошибка! Не выбран шрифт граффити.<br/>';
break;
}
$shrift = intval($shrift);
$ch = check($ch);
$content = mysql_real_escape_string(check($content));
$row['user'] = mysql_real_escape_string(check($row['user']));
$query = mysql_query("insert into stenka values(0,'".$usid."','".$row['user']."','".$content."','".$date."','".$ch."','".$shrift."');") && mysql_query("UPDATE `stenka` SET `shrift`='".$shrift."' WHERE `id`='".intval($fid)."' AND `content`='".$content."'");
if ($query)
{
echo 'Успешно добавлено!<br/>';
}
else
{
echo 'Произошла ошибка...<br/>';
}
$fromid = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `id` = '".(int)$id."'"));
$fromus = $fromid['user'];
$adm = mysql_query ("Select * from users where user='".(int)$usid."'");
$z = mysql_fetch_array ($adm);
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Оставлен коммент.";
$message = "Пользователь <b>" . $fromus . "</b> оставил комментарий к твоей анкете.";
mysql_query("Insert into zapiski set klu4='".$kol."', idwho ='1', message = '".$message."', towhom = '".(int)$id."', idtowhom = '".(int)$usid."', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
echo "<br/><div class='d1'><a href="stenka.php?$ses&usid=$usid">Стена ".$usr['user']."</a></div>";
break;
case 'add':
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
$addfiles = intval($_POST[addfiles]);
$content = htmlspecialchars($content);
$nick = htmlspecialchars($nick);
if (empty($s)) $s = 0;
$query = mysql_query("select * from stenka WHERE usid='".(int)$usid."'");
$num_of_rows = mysql_num_rows($query);
$total_mat_number = $num_of_rows;
$max = $row['max'];
$total_ss = ceil($total_mat_number/$max);
$i = 1 + $s;
$s = intval($s);
$max = intval($max);
$re = mysql_fetch_array(mysql_query("select * from `stenka` WHERE usid='".(int)$usid."' order by id desc limit ".$s.",".$max.""));
if ($_POST['adds'] == 1) {
if (empty($shrift))
{
if (mb_strlen($content) > 10) {
$content = mb_substr($content, 0, 10, 'UTF8');
$viewfont = $content.'...';
} else {
$viewfont = $content;
}
echo '<br/>
<form action="stenka.php?'.$ses.'&mod=grf&usid='.$usid.'&fid='.$re['id'].'" method="post">
<input type="radio" value="1" name="shrift"/><font face="algerian">'.$viewfont.'</font><br/>
<input type="radio" value="2" name="shrift"/><font face="arial">'.$viewfont.'</font><br/>
<input type="radio" value="3" name="shrift"/><font face="broadway">'.$viewfont.'</font><br/>
<input type="radio" value="4" name="shrift"/><font face="castellar">'.$viewfont.'</font><br/>
<input type="radio" value="5" name="shrift"/><font face="centaur">'.$viewfont.'</font><br/>
<input type="radio" value="6" name="shrift"/><font face="century">'.$viewfont.'</font><br/>
<input type="radio" value="7" name="shrift"/><font face="chiller">'.$viewfont.'</font><br/>
<input type="radio" value="8" name="shrift"/><font face="elephant">'.$viewfont.'</font><br/>
<input type="radio" value="9" name="shrift"/><font face="forte">'.$viewfont.'</font><br/>
<input type="radio" value="10" name="shrift"/><font face="garamond">'.$viewfont.'</font><br/>
<input type="radio" value="11" name="shrift"/><font face="georgia">'.$viewfont.'</font><br/>
<input type="radio" value="12" name="shrift"/><font face="gigi">'.$viewfont.'</font><br/>
<input type="radio" value="13" name="shrift"/><font face="harrington">'.$viewfont.'</font><br/>
<input type="radio" value="14" name="shrift"/><font face="impact">'.$viewfont.'</font><br/>
<input type="radio" value="15" name="shrift"/><font face="jokerman">'.$viewfont.'</font><br/>
<input type="radio" value="16" name="shrift"/><font face="mistral">'.$viewfont.'</font><br/>
<input type="radio" value="17" name="shrift"/><font face="modern">'.$viewfont.'</font><br/>
<input type="radio" value="18" name="shrift"/><font face="onyx">'.$viewfont.'</font><br/>
<input type="radio" value="19" name="shrift"/><font face="papyrus">'.$viewfont.'</font><br/>
<input type="radio" value="20" name="shrift"/><font face="perpetua">'.$viewfont.'</font><br/>
<input type="radio" value="21" name="shrift"/><font face="pristina">'.$viewfont.'</font><br/>
<input type="radio" value="22" name="shrift"/><font face="raavi">'.$viewfont.'</font><br/>
<input type="radio" value="23" name="shrift"/><font face="ravie">'.$viewfont.'</font><br/>
<input type="radio" value="24" name="shrift"/><font face="rockwell">'.$viewfont.'</font><br/>
<input type="radio" value="25" name="shrift"/><font face="roman">'.$viewfont.'</font><br/>
<input type="radio" value="26" name="shrift"/><font face="script">'.$viewfont.'</font><br/>
<input type="radio" value="27" name="shrift"/><font face="shruti">'.$viewfont.'</font><br/>
<input type="radio" value="28" name="shrift"/><font face="stencil">'.$viewfont.'</font><br/>
<input type="radio" value="29" name="shrift"/><font face="symbol">'.$viewfont.'</font><br/>';
echo "<input type="hidden" name="content" value="$content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="hidden" name="nick" value="$nick"/>
<input type='submit' name='submit' class='ibutton' value='Нарисовать'/><br/><br/></form>";
}
break;
}
if ($_POST['adds'] == 2)
{
echo "Изображение<br/>
<form action='stenka.php?$ses&mod=addfile&usid=$usid&fid=$re[id]' method='post' enctype='multipart/form-data'>";
if (!eregi("Opera/8.01", $agent))
{
echo "<input type='file' name='fail'/><br/>";
}
else
{
echo "<input name='fail1' value =''/> <br/><a href='op:fileselect'>Выбрать</a><br/>";
}
$content = htmlspecialchars($content);
$nick = htmlspecialchars($nick);
echo "<input type="hidden" name="content" value="$content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="hidden" name="nick" value="$nick"/>
<input type='submit' title='Нажми для отправки' name='submit' class='ibutton' value='Прикрепить'/><br/><br/></form>";
break;
}
$komu = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `id`='".mysql_real_escape_string(check($nick))."'"));
$date = date("d.m,H:i");
if (empty($content)) $error = $error."<u>Пустое содержание коммента!</u><br/>";
if (empty($action)) {
echo $fsize1;
echo "Сообщение:<br/>";
echo $fsize2;
if ($ver == "wml") {
echo $fsize1;
echo '<textarea cols="20" rows="2" name="content" maxlength="200" ></textarea><br/>';
echo "<anchor>Добавить<go href="stenka.php?$ses&mod=add&usid=$usid" method="post">
<postfield name="action" value="add"/>
<postfield name="content" value="$(content)"/>
<postfield name="date" value="$date"/>
<postfield name="nick" value="$nick"/>
</go></anchor>";
echo $fsize2;
echo '<br/>';
} else {
echo "<form method="POST" action="stenka.php?$ses&mod=add&usid=$usid" name="auth">
<input name="content"/><br/>
<input type="hidden" name="action" value="add"/>
<input type="hidden" name="date" value="$date"/>
<input type="hidden" name="nick" value="$nick"/>
<input type="submit" class="ibutton" value="Добавить" name="enter"><br/>";
}
} else {
if (empty($error)) {
if ($content != $last_news['content']) {
$content = mysql_real_escape_string(check($content));
function ad_cut($str,$to) {
$domains = array('http://','.ru','.su','.mobi','.ws','4at','.tv','.4ats','.tv','.name','.us','.biz','.info','.org','.net','.com','.wen','.in');
$replacer = array_fill(0,count($domains),$to);
$result = array_combine($domains,$replacer);
return strtr($str,$result);
}
$content = ad_cut($content);
require_once "smile.php";
$content = smiles($content);
$minpos = 500;
$nm = 500;
for ($j = 0; $j <= count($smiles)-1; $j++) {
$tmpp = strpos($content,$smiles[$j]);
if (($tmpp < $minpos) and ($tmpp !== false)) {
$minpos = $tmpp;
$nm = $j;
}
}
if ($minpos != 500) {
if ($row["translit"] != 1) {
$st1 = substr($content,0,$minpos+strlen($smiles[$nm]));
$st2 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1));
$st1_wosm = $st1;
$st1 = str_replace($smiles[$nm],$replaces[$nm],$st1);
if (strpos($replaces[$nm],"smil/") !== false) $st1_woasm = $st1_wosm;
else
$st1_woasm = $st1;
$content_woasm = $st1.$st2;
$content_wosm = $st1_wosm.$st2;
$content = $st1_woasm.$st2;
}
else
{
$st1 = substr($content,0,$minpos);
$st2 = substr($content,$minpos, strlen($smiles[$nm]));
$st3 = substr($content,$minpos+strlen($smiles[$nm]),strlen($content)-strlen($st1)-strlen($st2));
$st1 = trun_to_rus($st1);
$st2_wosm = $st2;
$st2 = $replaces[$nm];
if (strpos($replaces[$nm],"smil/") !== false) $st2_woasm = $st2_wosm;
else
$st2_woasm = $st2;
$st3 = trun_to_rus($st3);
$content = $st1.$st2_woasm.$st3;
$content_wosm = $st1.$st2_wosm.$st3;
$content_woasm = $st1.$st2.$st3;
}
}
elseif ($row['translit'] == 1) $content = trun_to_rus($content);
unset($smiles);
unset($replaces);
if (!empty($nick)) $content = '<b>'.$komu['user'].'</b>, ' . $content;
$selusers = mysql_fetch_array(mysql_query("SELECT `stenka` FROM `users` WHERE `id`='".(int)$usid."'"));
$stenka = $selusers['stenka'];
if ($stenka != 1) {
} else {
echo 'Пользователь '.col_n($usr['user']).' запретил писать на его стене!<br/>';
break;
}
mysql_query("SELECT `content` FROM `stenka` WHERE `content`='".$content."' AND `usid`='".(int)$usid."'");
if (mysql_affected_rows() != 0) {
echo 'Ошибка! такое сообщение уже имеется на стене!<br/>';
break;
}
$shrift = intval($shrift);
$ch = check($ch);
$row['user'] = mysql_real_escape_string(check($row['user']));
if (mysql_query("insert into stenka values(0,'".$usid."','".$row['user']."','".$content."','".$date."','".$ch."','".$shrift."');")) {
echo $fsize1;
echo 'Твой коммент успешно добавлен!<br/>';
$fromid = mysql_fetch_array(mysql_query("SELECT `id`,`user` FROM `users` WHERE `id`='".(int)$id."'"));
$fromus = $fromid['user'];
$adm = mysql_query ("Select * from users where user='".(int)$usid."'");
$z = mysql_fetch_array ($adm);
$data = date("d-M-Y [H:i]");
$kol = rand(0,99999999);
$time = time();
$topic = "Оставлен коммент";
$message = "Пользователь <b>" . $fromus . "</b> оставил комментарий к твоей анкете.";
mysql_query("Insert into zapiski set klu4='".$kol."', idwho ='1', message = '".$message."', towhom = '".(int)$id."', idtowhom = '".(int)$usid."', time = '".$time."', readd = '0', topic = '".$topic."', date='".$data."'");
echo $fsize2;
} else {
echo $fsize1;
echo 'Ошибка записи!<br/>';
echo $fsize2;
}
}
} else {
echo $fsize1;
echo $error;
echo $fsize2;
}
}
echo "<br/><div class='d1'><a href="stenka.php?$ses&usid=$usid">Стена ".$usr['user']."</a></div>";
break;
case 'del':
if (!is_numeric($usid)) { header('Location: index.php?isset=403'); }
if (!is_numeric($fid)) { header('Location: index.php?isset=403'); }
$fid = intval($fid);
$usid = (int)$usid;
if ($row['level'] < 6 and $row['id'] != $usid) {
echo 'Доступ закрыт!<br/>';
break;
}
else
{
if (mysql_query("delete from stenka where id='$fid' limit 1")) {
echo $fsize1;
echo 'Запись успешно удалена!<br/>';
echo $fsize2;
}
}
break;
}
echo $fsize1;
echo "<div class='d1'><a href="info.php?$ses&nk=$usid">Анкета ".$usr['user']."</a><br/>
<a href="enter.php?$ses">Прихожая</a></div>";
include_once 'foot.php';
?>