Файл: vk.com_vhllam/guest.php
Строк: 363
<?
//////Автор OPPS (Kasell)////
/////Скрипт бесплатный //////
////Плтную версию можно купить vk.com/vhllam///
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/start.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/compress.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/sess.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/home.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/settings.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/db_connect.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/ipua.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/fnc.php';
require_once$_SERVER['DOCUMENT_ROOT'] . '/sys/inc/user.php';
$act = (isset($_GET['act'])) ? htmlspecialchars($_GET['act']) : null;
switch($act){
default:
if (isset($_GET['id']))$ank['id']=intval($_GET['id']);
else $ank['id']=$user['id'];
$ank=get_user($ank['id']);
if (!isset($ank['id']) || $ank['id']==0) {header("Location: /?".SID);exit;}
$set['title']='Гостевая - '.$ank['nick'];
require_once 'sys/inc/thead.php';
title();
if (isset($_POST['msg']) && isset($user))
{
$msg=$_POST['msg'];
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if (strlen2($msg)>1024){$err[]='Сообщение слишком длинное.';}
elseif (strlen2($msg)<2){$err[]='Короткое сообщение.';}
elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `l_guest` WHERE `id_user` = '$ank[id]' AND `msg` = '".my_esc($msg)."' LIMIT 1"),0)!=0){$err='Ваше сообщение повторяет предыдущее.';}
elseif(!isset($err)){
$settings=mysql_fetch_assoc(mysql_query("SELECT * FROM `set_guest` WHERE `id_user` = '$ank[id]' LIMIT 1"));
$d1sql = mysql_query("SELECT COUNT(*) FROM `frends_new` WHERE (`user` = '$user[id]' AND `to` = '$ank[id]') OR (`user` = '$ank[id]' AND `to` = '$user[id]') LIMIT 1");
$d2sql = mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$ank[id]' AND `frend` = '$user[id]') OR (`user` = '$user[id]' AND `frend` = '$ank[id]') LIMIT 1");
if (isset($user) && $settings['link']==2 && $user['id']!=$ank['id']){
if (preg_match("/bhttp://b/i", "$msg") or preg_match("/b.rub/i", "$msg") or preg_match("/b.sub/i", "$msg") or preg_match("/b.netb/i", "$msg") or preg_match("/b.comb/i", "$msg") or preg_match("/b.bizb/i", "$msg") or preg_match("/b.uab/i", "$msg") or preg_match("/b.kzb/i", "$msg") or preg_match("/b.tkb/i", "$msg") or preg_match("/b.mobib/i", "$msg") or preg_match("/b.nameb/i", "$msg") or preg_match("/b.orgb/i", "$msg") or preg_match("/b.infob/i", "$msg"))
echo "<div class='mess'>$ank[nick] запретил оставлять ссылки в гостевой.</div>";
else mysql_query("INSERT INTO `l_guest` (`id_user`, `id_guest`, `time`, `msg`, `cit`) values ('$ank[id]', '$user[id]', '$time', '".my_esc($msg)."', '$c')");
}elseif (isset($user) && mysql_result($d1sql, 0)==0 && mysql_result($d2sql, 0)==0 && $settings['link']==1 && $user['id']!=$ank['id']){
if (preg_match("/bhttp://b/i", "$msg") or preg_match("/b.rub/i", "$msg") or preg_match("/b.sub/i", "$msg") or preg_match("/b.netb/i", "$msg") or preg_match("/b.comb/i", "$msg") or preg_match("/b.bizb/i", "$msg") or preg_match("/b.uab/i", "$msg") or preg_match("/b.kzb/i", "$msg") or preg_match("/b.tkb/i", "$msg") or preg_match("/b.mobib/i", "$msg") or preg_match("/b.nameb/i", "$msg") or preg_match("/b.orgb/i", "$msg") or preg_match("/b.infob/i", "$msg"))
echo "<div class='mess'>Ссылки могут оставлять только друзья.</div>";
else mysql_query("INSERT INTO `l_guest` (`id_user`, `id_guest`, `time`, `msg`, `cit`) values ('$ank[id]', '$user[id]', '$time', '".my_esc($msg)."', '$c')");
}
else{
$ank_answer=get_user(@$_GET['answer']);
$ank_guest=get_user($_GET['id']);
if(isset($_GET['c']) && is_numeric($_GET['c']))$c=$_GET['c']; else $c=0;
mysql_query("INSERT INTO `l_guest` (`id_user`, `id_guest`, `time`, `msg`, `cit`) values ('$ank[id]', '$user[id]', '$time', '".my_esc($msg)."', '$c')");
if ($ank['id']!=$user['id']){
$msgrat1="Вам написали в [url=/guest.php?page=end]личной гостевой[/url].";
mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$ank[id]', '$msgrat1', '$time')");
}
elseif ($ank_guest['id']!=$ank_answer['id'] && $user['id']!=$ank_answer['id']){
$msgrat1="Вам ответили в [url=/guest.php?id=$ank_guest[id]&page=end] личной гостевой $ank_guest[nick][/url].";
mysql_query("INSERT INTO `jurnal` (`id_kont`, `msg`, `time`) values('$ank_answer[id]', '$msgrat1', '$time')");
}
if(isset($_GET['c'])){
msg('Сообщение успешно добавлено.');
header ( "Refresh: 1; url=/guest.php?id=$ank[id]");
}
elseif(isset($_GET['answer'])){
msg('Сообщение успешно добавлено.');
header ( "Refresh: 1; url=/guest.php?id=$ank[id]");
}
else
{
msg('Сообщение успешно добавлено.');
header ( "Refresh: 1; url=/guest.php?id=$ank[id]");
}
}
}
}
if (isset($_GET['ban'])){
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `l_guest` where `id_user` = '$ank[id]' ORDER BY id DESC "));
$ank_guest=get_user($post['id_guest']);
mysql_query("INSERT INTO `ban_guest` (`id_user`, `id_guest`) values ('$user[id]', '$ank_guest[id]')");
msg("$ank_guest[nick] добавлен в Ваш бан-лист гостевой.");
}
if (isset($_GET['delete']) && ($user['id']==$ank['id'] || $user['level']>$ank['level'])) {
mysql_query("Delete FROM `l_guest` WHERE `id_user` = '$ank[id]' AND `id` = $_GET[delete]");
header("Location: ?id=$_GET[id]&page=end".SID);
}
if (isset($_GET['delete_all']) && $user['id']==$ank['id']){
mysql_query("delete FROM `l_guest` WHERE `id_user` = '$user[id]'");
msg('Очистка прошла успешно.');
}
err();
aut();
$d1sql = mysql_query("SELECT COUNT(*) FROM `frends_new` WHERE (`user` = '$user[id]' AND `to` = '$ank[id]') OR (`user` = '$ank[id]' AND `to` = '$user[id]') LIMIT 1");
$d2sql = mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$ank[id]' AND `frend` = '$user[id]') OR (`user` = '$user[id]' AND `frend` = '$ank[id]') LIMIT 1");
$settings=mysql_fetch_assoc(mysql_query("SELECT * FROM `set_guest` WHERE `id_user` = '$ank[id]' LIMIT 1"));
$ban=mysql_fetch_assoc(mysql_query("SELECT * FROM `ban_guest` WHERE `id_user` = '$ank[id]' LIMIT 1"));
if (isset($user) && $user['id']!=$ank['id'] && $ban['id_guest']==$user['id']){
echo "<div class='mess'>Вы находитесь в бан-листе гоcтевой $ank[nick].</div>";
echo "<div class='cont'><a href='/info.php?id=$ank[id]'>В анкету $ank[nick]</a></div>";
require_once 'sys/inc/tfoot.php';
exit;
}
elseif (isset($user) && $settings['reader']==2 && $user['id']!=$ank['id'] && $user['level']<4)
{
echo "<div class='mess'>$ank[nick] закрыл свою гостевую от всех.</div>";
echo "<div class='cont'><a href='/info.php?id=$ank[id]'>В анкету $ank[nick]</a></div>";
require_once 'sys/inc/tfoot.php';
exit;
}
elseif (isset($user) && mysql_result($d1sql, 0)==0 && mysql_result($d2sql, 0)==0 && $settings['reader']==1 && $user['id']!=$ank['id'] && $user['level']<4){
echo "<div class='mess'>Гостевая $ank[nick] открыта только для друзей.</div>";
echo "<div class='cont'><a href='/info.php?id=$ank[id]'>В анкету $ank[nick]</a></div>";
require_once 'sys/inc/tfoot.php';
exit;
}
else
{
echo "<div class='aut'>[<a href='/plugins/smiles/'>Смайлы</a> | <a href='/guest.php?id=$ank[id]'>Обновить</a>]</div>";
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `l_guest` WHERE `id_user` = '$ank[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0)echo "<div class='ot'>Нет сообщений.</div>";
if (isset($user) && $settings['writer']==2 && $user['id']!=$ank['id'] && $user['level']<4)
{
echo "<div class='mess'>$ank[nick] запретил оставлять сообщения в гостевой.</div>";
}
elseif (isset($user) && mysql_result($d1sql, 0)==0 && mysql_result($d2sql, 0)==0 && $settings['writer']==1 && $user['id']!=$ank['id'] && $user['level']<4){
echo "<div class='mess'>Оставлять сообщения могут только друзья.</div>";
}
else{
if (isset($user))
{
if(isset($_GET['c'])){
$c=(int)@$_GET['c'];
echo "<form method='post' name='message' action='guest.php?id=$ank[id]&c=$c&$passgen'>";
}
elseif(isset($_GET['answer'])){
$answer=(int)$_GET['answer'];
$us=get_user($answer);
echo "<form method='post' name='message' action='guest.php?id=$ank[id]&answer=$answer&$passgen'>";
echo "<div class='ot'>Сообщение:<br /><textarea name='msg'>$us[nick], </textarea><br />";
}
else{
echo "<div class='ot'><form method='post' name='message' action='guest.php?id=$ank[id]&$passgen'>";
echo "Сообщение:<br /><textarea name='msg'></textarea><br />";
}
$c=(int)@$_GET['c'];
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `l_guest` WHERE `id_user` = '$ank[id]' and `id` = '$c' LIMIT 1"));
if(isset($_GET['c']) && isset($_GET['answer'])){echo 'Будет процитировано сообщение: <div class="cit">'.$cit['msg'].'</div>';
echo "<div class='ot'>Сообщение:<br /><textarea name='msg'></textarea><br />";}
if (isset($user) && $user['set_translit']==1)echo "<label><input type='checkbox' name='translit' value='1' /> Транслит</label><br />";
echo "<input value='Отправить' type='submit' />";
echo "</form></div></div></div>";
}
}
$q=mysql_query("SELECT * FROM `l_guest` where `id_user` = '$ank[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q))
{
$ank_guest=get_user($post['id_guest']);
echo "<table class='post'>";
echo " <tr>";
if ($set['set_show_icon']==2){
echo " <td class='icon48' rowspan='2'>";
if ($ank_guest['id']==0)
echo "<img src='/sys/avatar/guest.png' alt='Гость' />";
else
avatar($ank_guest['id']);
echo " </td>";
}
elseif ($set['set_show_icon']==1)
{
}
echo " <div class='mails'>";
echo " <a href='/info.php?id=$ank_guest[id]'>$ank_guest[nick]</a> ".group($ank_guest['id'])." [".vremja($post['time'])."]</br>";
if ($post['cit']!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `l_guest` WHERE `id_user` = '$ank[id]' and `id` = '$post[cit]'"),0)==1)
{
$cit=mysql_fetch_assoc(mysql_query("SELECT * FROM `l_guest` WHERE `id_user` = '$ank[id]' and `id` = '$post[cit]' LIMIT 1"));
$ank_c=get_user($cit['id_guest']);
echo "<b>$ank_c[nick] [".vremja($cit['time'])."]:</b>";
echo output_text($cit['msg'])."<br />";
echo "</div>";
}
echo "<span style="color:#$ank[mcolor]">";
echo output_text($post['msg'])."<br />n";
echo "</span>";
$ban=mysql_fetch_assoc(mysql_query("SELECT * FROM `ban_guest` WHERE `id_user` = '$user[id]' LIMIT 1"));
if ($user['id']!=$ank_guest['id']){echo '[<a href="?id='.$ank['id'].'&answer='.$ank_guest['id'].'&'.$passgen.'"/>Отв</a> | <a href="?id='.$ank['id'].'&c='.$post['id'].'&answer='.$ank['id'].'&'.$passgen.'"/>Цит</a>';
if ($user['id']==$ank['id'] && $ank_guest['id']!=$ban['id_guest'])echo '| <a href="?id='.$ank['id'].'&ban='.$ank_guest['id'].'">Бан</a> ';
if ($user['id']==$ank['id'] || $user['level']>$ank['level'])echo '| <a href="?id='.$ank['id'].'&delete='.$post['id'].'">Уда</a>';
echo " ]<br /></td>";
}else{
if ($user['id']==$ank['id'] || $user['level']>$ank['level'])echo '[<a href="?id='.$ank['id'].'&delete='.$post['id'].'">Удал</a>]';
}
echo "</div>";
}
echo "</div>";
if ($user['id']==$ank['id']){
echo "<div class='aut'>";
echo "<img src='/style/icons/del.png' /> <a href='?act=ban'>Бан-лист</a>";
echo "</div>";
echo "<div class='aut'>";
echo "<img src='/style/icons/seting.png' /> <a href='?id=$ank[id]&delete_all'>Очистить гостевую</a> | <a href='?act=setting'>Настройки</a>";
echo "</div>";
}
if ($k_page>1)str("?id=$ank[id]&",$k_page,$page);
}
break;
case 'setting':
$set['title']='Настройки гостевой';
require_once 'sys/inc/thead.php';
title();
if (isset($_POST['save'])){
$settings=mysql_fetch_assoc(mysql_query("SELECT * FROM `set_guest` WHERE `id_user` = '$user[id]' LIMIT 1"));
if ($settings['reader']==Null or $settings['writer']==Null or $settings['link']==Null)mysql_query("INSERT INTO `set_guest` (`id_user`, `reader`, `writer`, `link`) values ('$user[id]', '0', '0', '0')");
mysql_query("UPDATE `set_guest` SET `reader` = '".intval($_POST['reader'])."', `writer` = '".intval($_POST['writer'])."', `link` = '".intval($_POST['link'])."' WHERE `id_user` = '".$user['id']."' LIMIT 1");
msg('Изменения успешно приняты.');
}
err();
aut();
$settings=mysql_fetch_assoc(mysql_query("SELECT * FROM `set_guest` WHERE `id_user` = '$user[id]' LIMIT 1"));
echo "<form class='menu' method='post' action='?act=setting&$passgen'>";
echo "Читатели:<br />";
echo "<label><input type='radio' name='reader'".($settings['reader']==0?' checked="checked"':null)." value='0' /> Все</label><br />";
echo "<label><input type='radio' name='reader'".($settings['reader']==1?' checked="checked"':null)." value='1' /> Друзья</label><br />";
echo "<label><input type='radio' name='reader'".($settings['reader']==2?' checked="checked"':null)." value='2' /> Никто</label><hr />";
echo "Писатели:<br />";
echo "<label><input type='radio' name='writer'".($settings['writer']==0?' checked="checked"':null)." value='0' /> Все</label><br />";
echo "<label><input type='radio' name='writer'".($settings['writer']==1?' checked="checked"':null)." value='1' /> Друзья</label><br />";
echo "<label><input type='radio' name='writer'".($settings['writer']==2?' checked="checked"':null)." value='2' /> Никто</label><hr />";
echo "Оставлять ссылки имеют право:<br />";
echo "<label><input type='radio' name='link'".($settings['link']==0?' checked="checked"':null)." value='0' /> Все</label><br />";
echo "<label><input type='radio' name='link'".($settings['link']==1?' checked="checked"':null)." value='1' /> Друзья</label><br />";
echo "<label><input type='radio' name='link'".($settings['link']==2?' checked="checked"':null)." value='2' /> Никто</label><hr />";
echo "<input type='submit' name='save' value='Изменить' />";
echo "</form>";
echo "<div class='aut'><img src='/style/icons/prev.png' /> <a href='guest.php'>Вернуться в гостевую</a></div>";
break;
case 'ban':
if (isset($_GET['id']))$ank['id']=intval($_GET['id']);
else $ank['id']=$user['id'];
$ank=get_user($ank['id']);
if (!isset($ank['id']) || $ank['id']==0) {header("Location: /?".SID);exit;}
$set['title']='Бан-лист гостевой';
require_once 'sys/inc/thead.php';
title();
if (isset($_GET['delete_ban']) && ($user['id']==$ank['id'])){
mysql_query("Delete FROM `ban_guest` WHERE `id_user` = '$user[id]' AND `id_guest` = '".intval($_GET[delete_ban])."'");
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `ban_guest` where `id_user` = '$user[id]'"));
$ank_guest=get_user($post['id_guest']);
msg("Пользователь удалён из Вашего Бан-листа гостевой.");
header ( "Refresh: 1; url=/guest.php?act=ban");
}
err();
aut();
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `ban_guest` WHERE `id_user` = '$user[id]'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `ban_guest` where `id_user` = '$user[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
if ($k_post==0)echo "<div class='err'>Ваш Бан-лист пустой.</div>";
while ($post = mysql_fetch_assoc($q))
{
$ank_guest=get_user($post['id_guest']);
echo "<table class='post'>";
echo "<tr>";
if ($set['set_show_icon']==2){
echo "<td class='icon48' rowspan='2'>";
if ($ank_guest['id']==0)
echo "<img src='/sys/avatar/guest.png' alt='Гость' />";
else
avatar($ank_guest['id']);
echo "</td>";
}
elseif ($set['set_show_icon']==1)
{
}
echo "<td class='p_t'>";
group($ank_guest['id']);
echo " ".medal($ank['id'])."";
echo " <a href='/info.php?id=$ank_guest[id]'>$ank_guest[nick]</a>";
if ($user['id']==$ank['id'])echo " [ <a href='?act=ban&id=$user[id]&delete_ban=$ank_guest[id]'>Удалить</a> ]";
echo "</td>";
echo "</tr>";
echo "</table>";
}
echo "<div class='aut'><img src='/style/icons/prev.png' /> <a href='guest.php'>Вернуться в гостевую</a></div>";
break;
}
require_once 'sys/inc/tfoot.php';
?>