Файл: ajax/newModal/foto/komm_act.php
Строк: 67
<?
if(!(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')) die;
include_once $_SERVER['DOCUMENT_ROOT'] . '/sys/inc/home.php';
include_once H.'sys/inc/start.php';
include_once H.'sys/inc/compress.php';
include_once H.'sys/inc/sess.php';
include_once H.'sys/inc/settings.php';
include_once H.'sys/inc/db_connect.php';
include_once H.'sys/inc/ipua.php';
include_once H.'sys/inc/fnc.php';
// include_once H.'sys/inc/user.php';
$user = get_user($_SESSION['id_user']);
if (!isset($user['id']))
$err = 'Вы не авторизованы';
// Определяем фото
$foto = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = '" . intval($_GET['id_photo']) . "' LIMIT 1"));
// Альбом
$gallery = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$foto[id_gallery]' LIMIT 1"));
// Автор фото
$ank = get_user($gallery['id_user']);
if (!$ank['id'] || !$foto['id'] || !$gallery['id'])
{
die('Ошибка данных о фотографии');
exit;
}
if (isset($_POST['msg']))
{
$msg = $_POST['msg'];
if (strlen2($msg) > 1024){$err = 'Сообщение слишком длинное';}
elseif (strlen2($msg) < 2){$err = 'Короткое сообщение';}
elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$user[id]' AND `msg` = '" . my_esc($msg) . "' LIMIT 1"),0) != 0){$err = 'Ваше сообщение повторяет предыдущее';}
elseif(!isset($err))
{
/*
==========================
Уведомления об ответах
==========================
*/
if (isset($_POST['reply']) && $_POST['reply'] != '0')
{
$ank_otv = get_user(intval($_POST['reply']));
$notifiacation = mysql_fetch_assoc(mysql_query("SELECT * FROM `notification_set` WHERE `id_user` = '" . $ank_otv['id'] . "' LIMIT 1"));
if ($notifiacation['komm'] == 1 && $ank_otv['id'] != $user['id'])
mysql_query("INSERT INTO `notification` (`avtor`, `id_user`, `id_object`, `type`, `time`) VALUES ('$user[id]', '$ank_otv[id]', '$foto[id]', 'foto_komm', '$time')");
}
/*
====================================
Обсуждения
====================================
*/
// Друзьям автора
$q = mysql_query("SELECT * FROM `frends` WHERE `user` = '" . $gallery['id_user'] . "' AND `i` = '1'");
while ($f = mysql_fetch_array($q))
{
$a = get_user($f['frend']);
$discSet = mysql_fetch_array(mysql_query("SELECT * FROM `discussions_set` WHERE `id_user` = '".$a['id']."' LIMIT 1"));
if ($f['disc_foto'] == 1 && $discSet['disc_foto'] == 1)
{
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `discussions` WHERE `id_user` = '$a[id]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1"),0) == 0)
{
if ($a['id'] != $user['id'] || $a['id'] != $foto['id_user'])
mysql_query("INSERT INTO `discussions` (`id_user`, `avtor`, `type`, `time`, `id_sim`, `count`) values('$a[id]', '$gallery[id_user]', 'foto', '$time', '$foto[id]', '1')");
}
else
{
$disc = mysql_fetch_array(mysql_query("SELECT * FROM `discussions` WHERE `id_user` = '$a[id]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1"));
if ($gallery['id_user'] != $user['id'] || $a['id'] != $foto['id_user'])
mysql_query("UPDATE `discussions` SET `count` = '" . ($disc['count'] + 1) . "', `time` = '$time' WHERE `id_user` = '$a[id]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1");
}
}
}
// Автору
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `discussions` WHERE `id_user` = '$gallery[id_user]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1"),0)==0)
{
if ($gallery['id_user'] != $user['id'])
mysql_query("INSERT INTO `discussions` (`id_user`, `avtor`, `type`, `time`, `id_sim`, `count`) values('$gallery[id_user]', '$gallery[id_user]', 'foto', '$time', '$foto[id]', '1')");
}
else
{
$disc2 = mysql_fetch_array(mysql_query("SELECT * FROM `discussions` WHERE `id_user` = '$gallery[id_user]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1"));
if ($gallery['id_user'] != $user['id'])
mysql_query("UPDATE `discussions` SET `count` = '".($disc2['count']+1)."', `time` = '$time' WHERE `id_user` = '$gallery[id_user]' AND `type` = 'foto' AND `id_sim` = '$foto[id]' LIMIT 1");
}
mysql_query("INSERT INTO `gallery_komm` (`id_foto`, `id_user`, `time`, `msg`) values('$foto[id]', '$user[id]', '$time', '" . my_esc($msg) . "')");
}
else
{
echo $err;
}
}