Файл: soc-set/moduls/love/index.php
Строк: 85
<?php
require_once('../../core/start.php');
check_auth();
$id = abs(num($_GET['user']));
$guest = DB::$dbs->queryFetch("SELECT * FROM ".USERS." WHERE `user_id` = ? ", array($id));
if (empty($guest)) {
head('Стена любви не найдена');
echo DIV_TITLE . 'Стена любви не найдена' . CLOSE_DIV;
echo DIV_BLOCK . 'Ошибка!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <b>Стена любви не найдена</b>' . CLOSE_DIV;
exit();
}
head('Стена любви не найдена: ' . $guest['nick']);
echo DIV_TITLE . 'Стена любви: <b>' . $guest['nick'] . '</b>' . CLOSE_DIV;
function check($id) {
global $user;
$post = DB::$dbs->queryFetch("SELECT * FROM ".STENA_LOVE." WHERE `id` = ? ",array($id));
if (privilegy('stena_love')) {
return TRUE;
}
if ($post['user_id'] == $user['user_id']) {
return TRUE;
}
if ($post['autor_id'] == $user['user_id']) {
return TRUE;
}
return FALSE;
}
if (isset($_GET['del']) && check($_GET['del'])) {
DB::$dbs->query("DELETE FROM ".STENA_LOVE." WHERE `id` = ?", array(num($_GET['del'])));
header("Location: ".HOME."/love/".$guest['user_id']."/");
}
if (!empty($_POST['post_delete']) && (privilegy('stena_love') || $guest['user_id'] == $user['user_id'])) {
foreach ($_POST as $name => $value) {
DB::$dbs->query("DELETE FROM ".STENA_LOVE." WHERE `id` = ?", array($name));
}
header("Location: ".HOME."/love/" . $guest['user_id'] . "/");
}
if ( (privilegy('stena_love') || $guest['user_id'] == $user['user_id']) && !empty($_POST['clean'])) {
DB::$dbs->query("DELETE FROM ".STENA_LOVE." WHERE `user_id` = ? ", array($guest['user_id']));
header("Location: ".HOME."/love/" . $guest['user_id'] . "/");
}
if (DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".STENA_LOVE." WHERE `user_id` = ? && `autor_id` = ?", array($guest['user_id'], $user['user_id'])) == FALSE && $guest['user_id'] != $user['user_id']) {
if ($_POST['add']) {
$msg = html($_POST['msg']);
$anonim = abs(num($_POST['anonim']));
if (empty($msg)) {
$err = 'Пустое сообщение<br />';
}
if (!empty($_GET['otv']) && $_GET['otv'] != $user['user_id']) {
$ank = DB::$dbs->queryFetch("SELECT `user_id`, `nick` FROM ".USERS." WHERE `user_id` = ? ",array(abs(num($_GET['otv']))));
if (!empty($ank)) {
$msg = '[b]' . $ank['nick'] . '[/b], ' . $msg;
}
}
if (!empty($err)) {
echo DIV_ERROR . $err . CLOSE_DIV;
} else {
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> '.(empty($user['gender']) ? 'призналась' : 'признался').' Вам в <a href="'.HOME.'/love/'.$guest['user_id'].'/"><b>любви</b></a>';
lenta($lenta, $guest['user_id']);
DB::$dbs->query("INSERT INTO ".STENA_LOVE." (`user_id`, `autor_id`, `time`, `msg`, `anonim`) VALUES (?, ?, ?, ?, ?)", array($guest['user_id'], $user['user_id'], time(), $msg, $anonim));
header("Location: ".HOME."/love/".$guest['user_id']."/");
}
}
echo DIV_BLOCK . 'Признание только один раз! Вы не можете просматривать приватные признания!' . CLOSE_DIV;
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo '<b>Текст признания:</b><br /><textarea name="msg"></textarea><br />';
echo '<input type="checkbox" name="anonim" value="1" /> Приватно<br />';
echo '<input type="submit" name="add" value="Признаться"/>';
echo '</form>';
echo CLOSE_DIV;
bbsmile();
}
$all = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".STENA_LOVE." WHERE `user_id` = ? ", array($guest['user_id']));
if (empty($all)) {
echo DIV_BLOCK . 'Признаний нет' . CLOSE_DIV;
} else {
echo '<form action="#" method="POST">';
$n = new Navigator($all,$config['write']['guest'],'');
$sql = DB::$dbs->query("SELECT * FROM ".STENA_LOVE." WHERE `user_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, ".$config['write']['guest']."", array($guest['user_id']));
while($post = $sql -> fetch()) {
$ank = DB::$dbs->queryFetch("SELECT `nick` FROM ".USERS." WHERE `user_id` = ?",array($post['autor_id']));
echo DIV_LI;
$autor = userLink($post['autor_id']);
if (!empty($post['anonim'])) {
if ($guest['user_id'] == $user['user_id'] || $post['autor_id'] == $user['user_id']) {
echo (privilegy('stena_love') ? '<input type="checkbox" name="'.$post['id'].'" /> ' : NULL);
echo '[' . vrem($post['time']) . '] ' . $autor . (check($post['id']) ? ' <a href="?del='.$post['id'].'">[Удал]</a>' : null) . ': ' . CLOSE_DIV . DIV_BLOCK . text($post['msg']) . '<br />';
} else {
echo (privilegy('stena_love') ? '<input type="checkbox" name="'.$post['id'].'" /> ' : NULL);
echo '[' . vrem($post['time']) . '] ' . '<b>Аноним</b>' . (check($post['id']) ? ' <a href="?del='.$post['id'].'">[Удал]</a>' : null) . ': ' . CLOSE_DIV . DIV_BLOCK . 'Сообщение скрыто' . '<br />';
}
} else {
echo (privilegy('stena_love') ? '<input type="checkbox" name="'.$post['id'].'" /> ' : NULL);
echo '[' . vrem($post['time']) . '] ' . $autor . (check($post['id']) ? ' <a href="?del='.$post['id'].'">[Удал]</a>' : null) . ': ' . CLOSE_DIV . DIV_BLOCK . text($post['msg']) . '<br />';
}
echo CLOSE_DIV;
}
echo $n->navi();
echo (privilegy('stena_love') || $guest['user_id'] == $user['user_id'] ? DIV_LI . '<input type="submit" name="post_delete" value="Удалить выделенные посты"/> <input type="submit" name="clean" value="Очистить стену"/></form>' . CLOSE_DIV : NULL);
}
echo DIV_GO . '<a href="'.HOME.'/">На главную</a> / <a href="'.HOME.'/id'.$guest['user_id'].'">'.$guest['nick'].'</a> / <b>Стена любви</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
?>