Файл: soc-set/moduls/loads/comm.php
Строк: 33
<?php
require_once('../../core/start.php');
require_once('func.php');
require_once('../../core/class/id.php');
check_auth();
$folder = DB::$dbs->queryFetch("SELECT * FROM ".LOADS." WHERE `id` = ? ", array(abs(num($_GET['folder']))));
if (empty($folder)) {
head('Каталог не найден');
echo DIV_TITLE . 'Каталог не найден' . CLOSE_DIV;
echo DIV_ERROR . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Главная</a> / <a href="'.HOME.'/loads/">Загрузки</a> / <b>Каталог не найден</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$folderc = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_CAT." WHERE `id` = ? ", array(abs(num($_GET['folderc']))));
if (empty($folderc)) {
head('Подкаталог не найден');
echo DIV_TITLE . 'Подкаталог не найден' . CLOSE_DIV;
echo DIV_ERROR . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Главная</a> / <a href="'.HOME.'/loads/">Загрузки</a> / <b>Подкаталог не найден</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$file = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_FILE." WHERE `id` = ? ", array(abs(num($_GET['file']))));
if (empty($file)) {
head('Файл не найден');
echo DIV_TITLE . 'Файл не найден' . CLOSE_DIV;
echo DIV_ERROR . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Главная</a> / <a href="'.HOME.'/loads/">Загрузки</a> / <b>Файл не найден</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
/* **** */
head('Комментарии к файлу: ' . $file['name']);
panel();
echo DIV_BLOCK . 'Комментарии к файлу: ' . $file['name'] . CLOSE_DIV;
if ($_POST) {
$comm = html($_POST['comm']);
if (empty($comm)) {
$err = 'Комментарий пуст';
}
if (!empty($err)) {
echo DIV_ERROR . $err . CLOSE_DIV;
} else {
DB::$dbs->query("INSERT INTO ".LOADS_COMM." (`file_id`, `user_id`, `comm`, `time`) VALUES (?, ?, ?, ?)", array($file['id'], $user['user_id'], $comm, time()));
balls_operation(2);
echo DIV_MSG . 'Комментарий добавлен' . CLOSE_DIV;
}
}
$comm = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".LOADS_COMM." WHERE `file_id` = ?", array($file['id']));
echo DIV_LI . '<b>Комментарии к файлу:</b>' . CLOSE_DIV;
if (!empty($_GET['del_comm'])) {
DB::$dbs->query("DELETE FROM ".LOADS_COMM." WHERE `id` = ? ", array(num($_GET['del_comm'])));
header("Location: ".HOME."/moduls/loads/comm.php?folder=".$folder['id']."&folderc=".$folderc['id']."&file=".$file['id']."&".(int)$_GET['p']);
}
if (empty($comm)) {
echo DIV_BLOCK . 'Комментарий нет' . CLOSE_DIV;
} else {
$n = new Navigator($comm,$config['write']['loads_comm'],'folder='.$folder['id'].'&folderc='.$folderc['id'].'&file='.$file['id']);
$sql = DB::$dbs->query("SELECT * FROM ".LOADS_COMM." WHERE `file_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, ".$config['write']['loads_comm']."", array($file['id']));
while($comm = $sql -> fetch()) {
echo DIV_LI . userLink($comm['user_id']) . ' [' . vrem($comm['time']) . ']' . (privilegy('zc_moder') ? ' <a href="'.HOME.'/moduls/loads/comm.php?folder='.$folder['id'].'&folderc='.$folderc['id'].'&file='.$file['id'].'&del_comm='.$comm['id'].'&p='.(int)$_GET['p'].'">[Удал.]</a>' : NULL) . CLOSE_DIV;
echo DIV_BLOCK . text($comm['comm']) . CLOSE_DIV;
}
echo $n->navi();
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo 'Комментарий:<br /><textarea name="comm"></textarea><br />';
echo '<input type="submit" value="Добавить" /></form>';
echo CLOSE_DIV;
bbsmile();
echo DIV_LI . '<a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/">Вернуться назад</a>' . CLOSE_DIV;
$array = array('Загрузки');
nav($array);
require_once('../../core/stop.php');
?>