Файл: mylaf.ru/group/inc/group.news.php
Строк: 49
<?
if (isset($user) && isset($_GET['share'])){
$post=mysql_fetch_assoc(mysql_query("SELECT * FROM `group_news` WHERE `id` = '".intval($_GET['share'])."' LIMIT 1"));
if ($post['id']==0)$err[]="";
if (!isset($err)){
mysql_query("INSERT INTO `usnews` (`name`, `id_user`, `text`, `time`) values('".my_esc($group[name])."', '$user[id]', '".my_esc($post['text'])." [b]Новость группы:[/b] [url=/group/group.php?id=$group[id]]".my_esc($group['name'])."[/url]', '$time')");
$idshare=mysql_insert_id();
mysql_query("UPDATE `group_news` SET `share` = '".($post['share']+1)."' WHERE `id` = '$post[id]' LIMIT 1");
$c = mysql_query("SELECT * FROM `frends` WHERE `user` = '$user[id]' AND `i` = '1'");
while ($f = mysql_fetch_array($c)){
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[frend]' LIMIT 1"));
if ($user['pol']==1)$pol="Поделился";
else $pol="Поделилась";
$msglenta="$pol новостью группы [url=/notice/fakt.php?id=$idshare]".my_esc($group['name'])."[/url] в своих событиях";
mysql_query("INSERT INTO `lenta` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msglenta', '$time')");
}
header("location:/club$group[id]");
}
}
if (isset($_POST['save'])){
$msg=my_esc($_POST['text']);
if (strlen2($msg)<3)$err[]="Короткая новость";
if (strlen2($msg)>1000)$err[]="Длинная новость";
if (!isset($err)){
mysql_query("INSERT INTO `group_news` (`id_user`, `id_group`, `text`, `time`) values('$user[id]', '$group[id]', '".my_esc($_POST['text'])."', '$time')");
$id=mysql_insert_id();
$u=mysql_query("SELECT * FROM `group_user` WHERE `id_group` = '$group[id]'");
while ($us = mysql_fetch_array($u)){
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$us[id_user]' LIMIT 1"));
$msg_lenta="Новость в группе [b]$group[name][/b] : [url=/group/komm.php?id=$id]Читать >>>[/url]";
mysql_query("INSERT INTO `lenta` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$msg_lenta', '$time')");
}
}
}
err();
if ($group['themes']==0){
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `group_user` WHERE `id_group` = '$group[id]' AND `id_user`='$user[id]' LIMIT 1"),0)==1){
echo "<form style='padding:0px;border:0px;' method='post' action='/club$group[id]'>";
echo "Текст новости:<br/><textarea name='text' style='width:95%;height:30px'></textarea>";
echo "<br/><input type='submit' name='save' value='Добавить запись' /></form>";
}
} else {
if ($user['id']==$admin['id']){
echo "<form style='padding:0px;border:0px;' method='post' action='?id=$group[id]'>";
echo "Текст новости:<br/><textarea name='text' style='width:95%;height:30px'></textarea>";
echo "<br/><input type='submit' name='save' value='Добавить запись' /></form>";
}
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `group_news` WHERE `id_group` = '$group[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0){
msg("Нет новостей в группе");
}
$q=mysql_query("SELECT * FROM `group_news` WHERE `id_group` = '$group[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q)){
echo "<div class='forum'><table><td class='w'>";
ava50($group['id']);
echo "</td><td>";
if ($group['news']==0) echo "<a href='group.php?id=$group[id]'>".htmlspecialchars($group['name'])."</a>"; else echo "".us($post['id_user'])."";
echo "<br/><b>Создана: </b>".vremja($post['time'])."</td></table>";
echo output_text($post['text']);
$news_komm=mysql_result(mysql_query("SELECT COUNT(*) FROM `group_post` WHERE `id_news` = '$post[id]'"),0);
echo "<table>";
echo "<td class='w'><a href='/group/komm.php?id=$post[id]'><img src='/forums/img/pen.png' alt='komm'> $news_komm</a></td>";
if (isset($user))echo "<td class='w'><a href='/group/group.php?id=$group[id]&share=$post[id]'><img src='/style/icons/eshe.png' alt='share'> $post[share]</a></td>";
echo "</table>";
echo "</div>";
}
if ($k_page>1)str('?id='.$id.'&',$k_page,$page);
?>