Файл: soc-set/moduls/presents/index.php
Строк: 111
<?php
require_once('../../core/start.php');
check_auth();
switch ($select) {
default:
$id = abs(intval($_GET['id']));
$ank = DB::$dbs->queryFetch("SELECT * FROM ".USERS." WHERE `user_id` = ? ", array($id));
if ($user['user_id'] == $ank['user_id'] || empty($ank)) {
header("Location: ".HOME."");
}
head('Подарок для: ' . $ank['nick']);
panel();
echo DIV_BLOCK . 'Подарок для: ' . userLink($id) . CLOSE_DIV;
$all = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".PRESENTS."");
$n = new Navigator($all,10,'id='.$id);
$sql = DB::$dbs->query("SELECT * FROM ".PRESENTS." LIMIT {$n->start()}, 10");
while($present = $sql -> fetch()){
echo DIV_BLOCK;
echo '<img src="'.HOME.'/files/presents/'.$present['url'].'" width=64 height=64><br />';
echo 'Цена: '.$config['write']['pay_present'].' баллов<br />';
echo '<a href="'.HOME.'/present/'.$id.'/send/'.$present['id'].'/">Подарить</a><br />';
echo CLOSE_DIV;
}
echo $n->navi();
echo DIV_LI . '<a href="'.HOME.'/id'.$ank['user_id'].'">Вернуться на страницу</a>' . CLOSE_DIV;
$array = array();
nav($array);
break;
case 'send':
$id = abs(intval($_GET['id']));
$ank = DB::$dbs->queryFetch("SELECT * FROM ".USERS." WHERE `user_id` = ? ", array($id));
if ($user['user_id'] == $ank['user_id'] || empty($ank)) {
header("Location: ".HOME."");
}
head('Подарок для: ' . $ank['nick']);
panel();
echo DIV_BLOCK . 'Подарок для: ' . userLink($id) . CLOSE_DIV;
if ($user['balls'] < $config['write']['pay_present']) {
echo DIV_BLOCK . 'У вас не достаточно баллов' . CLOSE_DIV;
} else {
$pr = abs(intval($_GET['present']));
$pr = DB::$dbs->queryFetch("SELECT * FROM ".PRESENTS." WHERE `id` = ? LIMIT 1",array($pr));
if (empty($pr['id'])) {
header("Location: ".HOME."/present/" . abs(num($_GET['id'])) . "/");
}
if (!empty($_POST['send'])) {
$_POST['coment'] = html($_POST['coment']);
$_POST['anonim'] = abs(intval($_POST['anonim']));
$lenta = '<a href="'.HOME.'/id'.$user['user_id'].'"><b>' . $user['nick'] . '</b></a> прислал'.(empty($user['gender']) ? 'a' : NULL).' Вам <a href="'.HOME.'/present/list/'.$id.'/"><b>подарок</b></a>';
lenta($lenta, $ank['user_id']);
DB::$dbs->query("INSERT INTO ".PRESENTS_LIST." SET `present_id` = ?, `user_id` = ?, `friend_id` = ?, `anonim` = ?, `comm` = ?, `time` = ? ", array($pr['id'], $user['user_id'], $id, $_POST['anonim'], $_POST['coment'], time()));
DB::$dbs->query("UPDATE ".USERS." SET `balls` = ? WHERE `user_id` = ?",array(($user['balls'] - $config['write']['pay_present']), $user['user_id']));
echo DIV_BLOCK;
echo 'Подарок успешно отслан.<br />';
echo '<a href="'.HOME.'/id'.$ank['user_id'].'">Вернуться на страницу '.$ank['nick'].'</a>';
echo CLOSE_DIV;
#header("Location: ".HOME."/id".$id);
}
echo DIV_AUT;
echo '<img src="'.HOME.'/files/presents/'.$pr['url'].'" width=64 height=64><br />';
echo '<form action="#" method="post">
Коментарий:<br /><textarea name="coment"></textarea><br />
Анонимно: <input name="anonim" type="checkbox" value="1" /><br />
<input type="submit" name="send" value="Отправить"></form>';
echo CLOSE_DIV;
}
echo DIV_LI . '<a href="'.HOME.'/id'.$ank['user_id'].'">Вернуться на страницу</a>' . CLOSE_DIV;
$array = array();
nav($array);
break;
case 'list':
if (empty($_GET['id'])) {
$id = abs(intval($_SESSION['id']));
} else {
$id = abs(intval($_GET['id']));
}
$ank = DB::$dbs->queryFetch("SELECT * FROM ".USERS." WHERE `user_id` = ? ", array($id));
head('Подарки: ' . $ank['nick']);
panel();
echo DIV_BLOCK . 'Подарки: ' . userLink($id) . CLOSE_DIV;
$all = DB::$dbs->querySingle("SELECT COUNT(*) FROM ".PRESENTS_LIST." WHERE `friend_id` = ?", array($id));
if (!empty($all)) {
$n = new Navigator($all,10,'select=list&id='.$id);
$sql = DB::$dbs->query("SELECT * FROM ".PRESENTS_LIST." WHERE `friend_id` = ? ORDER BY `id` DESC LIMIT {$n->start()}, 10 ", array($id));
while($list = $sql -> fetch()){
$present = DB::$dbs->queryFetch("SELECT * FROM ".PRESENTS." WHERE `id` = ? LIMIT 1",array($list['present_id']));
echo DIV_BLOCK;
echo '<img src="'.HOME.'/files/presents/'.$present['url'].'" width=64 height=64><br />';
echo 'От: '.($list['anonim'] == 1 ? 'Анонима' : userLink($list['user_id'])).'<br />';
echo ($list['comm'] ? 'Коментарий: ' . text($list['comm']) . '<br />' : null);
echo 'Получен: ' . vrem($list['time']);
echo CLOSE_DIV;
}
echo $n->navi();
} else {
echo DIV_BLOCK . 'Подарков нет' . CLOSE_DIV;
}
echo DIV_LI . '<a href="'.HOME.'/id'.$ank['user_id'].'">Вернуться на страницу</a>' . CLOSE_DIV;
$array = array();
nav($array);
break;
}
require_once('../../core/stop.php');
?>