Файл: mylaf.ru/foto/inc/user_show_foto.php
Строк: 96
<?
if (!isset($user) && !isset($_GET['id_user'])){header("Location: /foto/?".SID);exit;}
if (isset($user))$ank['id']=$user['id'];
if (isset($_GET['id_user']))$ank['id']=$_GET['id_user'];
$ank=get_user($ank['id']);
if (!$ank){header("Location: /foto/?".SID);exit;}
$gallery['id']=intval($_GET['id_gallery']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"),0)==0){header("Location: /foto/$ank[id]/?".SID);exit;}
$gallery=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"));
$foto['id']=intval($_GET['id_foto']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"),0)==0){header("Location: /foto/$ank[id]/$gallery[id]/?".SID);exit;}
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"));
$set['title']=$ank['nick'].' - '.$gallery['name'].' - '.$foto['name']; // заголовок страницы
include_once '../sys/inc/thead.php';
title();
if (user_access('foto_foto_edit') && $ank['level']>$user['level'] || isset($user) && $ank['id']==$user['id'])
include 'inc/gallery_show_foto_act.php';
if (isset($user) && $user['id']!=$ank['id'] && $user['rating']>=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]'"), 0)==0)
{
if (isset($_GET['rating']) && $_GET['rating']=='1'){
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '1', '$time', $foto[id_user])",$db);
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
}
elseif(isset($_GET['rating']) && $_GET['rating']=='2')
{
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '2', '$time', $foto[id_user])",$db);
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
}
elseif(isset($_GET['rating']) && $_GET['rating']=='3')
{
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '3', '$time', $foto[id_user])",$db);
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
}
elseif(isset($_GET['rating']) && $_GET['rating']=='4')
{
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '4', '$time', $foto[id_user])",$db);
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
}
elseif(isset($_GET['rating']) && $_GET['rating']=='5')
{
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '5', '$time', $foto[id_user])",$db);
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
}
elseif(isset($_GET['rating']) && $_GET['rating']=='5i')
{
if ($user['balls']>=50){
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`, `like`, `time`, `avtor`) values('$user[id]', '$foto[id]', '6', '$time', $foto[id_user])",$db);
}
else
{
msg('Чтобы ставить 5+ нужно иметь не менее 50 баллов сайта');
}
}
}
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));
err();
aut();
echo "<table class="post">n";
$l=mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' AND `id` > '$foto[id]' ORDER BY `id` ASC LIMIT 1");
while ($list = mysql_fetch_assoc($l))
{
echo "<td class='block'><a href='/foto/$ank[id]/$gallery[id]/$list[id]/'>«Пред.</a></td>";
}
$r=mysql_query("SELECT * FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]' AND `id` < '$foto[id]' ORDER BY `id` DESC LIMIT 1");
while ($listr = mysql_fetch_assoc($r))
{
echo "<td class='block'><a href='/foto/$ank[id]/$gallery[id]/$listr[id]/'>След.»</a></td>";
}
echo "</table>n";
echo "<a href='/foto/$ank[id]/$gallery[id]/komm/$foto[id]/'><div class='forum'>Комментарии (".mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'"),0).")</div></a>";
echo "<div class='forum'><a href='/foto/foto0/$foto[id].$foto[ras]' title='Скачать оригинал'><img class='show_foto' src='/foto/foto640/$foto[id].$foto[ras]' alt='$foto[name]' /></a></div>n";
if ($foto['opis']!=null)
echo "<div class='forum'>";
echo esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($foto['opis']))))))))."</div>n";
if (isset($user) && $user['id']!=$ank['id'] && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]'"), 0)==0){
echo "<a href="?id=$foto[id]&rating=5i" title="5+"><img src='/style/icons/6.png' alt=''/></a>";
echo "<a href="?id=$foto[id]&rating=5" title="5"><img src='/style/icons/5.png' alt=''/></a>";
echo "<a href="?id=$foto[id]&rating=4" title="4"><img src='/style/icons/4.png' alt=''/></a>";
echo "<a href="?id=$foto[id]&rating=3" title="3"><img src='/style/icons/3.png' alt=''/></a>";
echo "<a href="?id=$foto[id]&rating=2" title="2"><img src='/style/icons/2.png' alt=''/></a>";
echo "<a href="?id=$foto[id]&rating=1" title="1"><img src='/style/icons/1.png' alt=''/></a>";
}else{
$rate=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_rating` WHERE `id_foto` = $foto[id] AND `id_user` = '$user[id]' LIMIT 1"));
if (isset($user) && $user['id']!=$ank['id'])
echo "Ваша оценка <img src='/style/icons/$rate[like].png' alt=''/></a>";
}
echo "</div>n";
if (user_access('foto_foto_edit') && $ank['level']>$user['level'] || isset($user) && $ank['id']==$user['id'])
include 'inc/gallery_show_foto_form.php';
echo "<a href='/foto/$ank[id]/$gallery[id]/'><div class='post'><img src='/style/glavnaya.gif'> В фотоальбом</div></a>n";
echo "<a href='/foto/$ank[id]/'><div class='post'><img src='/style/glavnaya.gif'> К фотоальбомам</div></a>n";
include_once '../sys/inc/tfoot.php';
exit;
?>