Файл: mylaf.ru/status/inc.status.php
Строк: 28
<?
if (isset($user) && isset($_POST['msg'])){
$msge=my_esc($_POST['msg']);
if (strlen2($msge)<3)$err[]="Короткий статус";
if (!isset($err)){
mysql_query("INSERT INTO `status` (`id_user`, `time`, `msg`) values('$ank[id]', '$time', '".$msge."')");
$c = mysql_query("SELECT * FROM `frends` WHERE `user` = '$user[id]' AND `i` = '1'");
while ($f = mysql_fetch_array($c)){
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[frend]' LIMIT 1"));
$len="Обновил(а) статус на своей [url=/id$user[id]]странице[/url]";
mysql_query("INSERT INTO `lenta` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$a[id]', '$len', '$time')");
}
}
}
err();
if (isset($user) && $user['id']==$ank['id'])echo "<form method='post' action='/id$ank[id]'><input type='text' name='msg' value='' style='width:85%' /><input type='submit' value='+' /></form>";
$q = mysql_query("SELECT * FROM `status` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT 1");
while($status=mysql_fetch_assoc($q)){
if ($status['block']==0){
$komm=mysql_result(mysql_query("SELECT COUNT(*) FROM `status_komm` WHERE `id_status` = '$status[id]'"), 0);
if (isset($_GET['klass']) && isset($user) && $user['id']!=$ank['id'] && mysql_result(mysql_query("SELECT SUM(`klass`) FROM `status_klass` WHERE `id_user` = '$user[id]' AND `id_status` = '$status[id]'"),0)!=1){
mysql_query("INSERT INTO `status_klass` (`klass`, `id_status`, `id_user`) VALUES ('1','$status[id]','$user[id]')");
mysql_query("UPDATE `status` SET `klass` = '".($status['klass']+1)."' WHERE `id` = '$status[id]' LIMIT 1");
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`) values('0', '$ank[id]', 'Пользователю $user[nick] понравился ваш [url=/status/page.komm.php?id=$status[id]]статус[/url]', '$time')");
}
echo "<div class='forum'><a style='color:skyblue;display:block;' href='/status/page.status.php?us=$ank[id]'>".output_text($status['msg'])."</a> <b>(".vremja($status['time']).")</b><table>";
if (isset($user) && $user['id']!=$ank['id'] && mysql_result(mysql_query("SELECT SUM(`klass`) FROM `status_klass` WHERE `id_user` = '$user[id]' AND `id_status` = '$status[id]'"),0)!=1) echo "<td class='w'><a href='/info.php?id=$ank[id]&klass'>Нравится</a></td>";
echo "<td class='w'><a href='/status/page.komm.php?id=$status[id]'><img src='/status/img/komm.png' alt='' /> $komm</a></td>";
echo "<td class='w'><a href='/status/page.klass.php?id=$status[id]'> <img src='/style/icons/like.png' alt='' /> $status[klass]</a></td>";
echo "</table></div>";
}
else echo "<div class='err'>Этот статус заблокирован за нарушения <a href='/pravila/'>правил сайта</a></div>";
}
?>