Файл: modules/albums/add_comment.php
Строк: 78
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_photo_albums';
if(!User::logged() || !isset($_GET['albums_id'])) { go('/'); }
$albums_t = $db->query("SELECT * FROM `albums_photo` WHERE `id` = '". abs(intval($_GET['albums_id'])) ."'")->fetch();
if(isset($_POST['create']) && $_GET['act'] == 'create')
{
if(isset($_GET['reply_to']))
{
$_user_id = num($_GET['reply_to']);
if($_user_id !== User::Id())
{
$db->query("INSERT INTO `notify` SET `user_id` = '". $_user_id ."', `from_id` = '". User::Id() ."', `request_id` = '/albums/comments/".abs(intval($_GET['albums_id']))."', `type` = 'notify_comments_reply', `read` = '0', `time` = '". time() ."'");
// print_r($db->errorInfo());
}
}
$album = $db->query("SELECT * FROM `albums_photo` WHERE `id` = '". num($_GET['albums_id']) ."'")->fetch();
if($album['user_id'] !== User::Id() && !isset($_GET['reply_to']))
{
$db->query("INSERT INTO `notify` SET `user_id` = '{$album['user_id']}', `from_id` = '". User::Id() ."', `request_id` = '/albums/comments/{$album['id']}', `type` = 'notify_photo_reply', `read` = '0', `time` = '". time() ."'");
}
$comments = new Comments('albums', $_GET['albums_id'], '', '', 'albums_photo');
$comments->add($_POST['text']);
redirect("/albums/comments/".$album['id']);
}
$title = _t('add_comment');
include_header($title);
$tpl->div('title', _t('add_comment'));
$album = $db->query("SELECT * FROM `albums` WHERE `id` = '".$albums_t['album_id']."'")->fetch();
if (User::level() >= 6 or $album['user_id'] == User::Id() or $album['type'] == 0 or $album['type'] == 2 && $db->query("SELECT * FROM `friends` WHERE (`friend_id` = '". User::Id() ."' AND `user_id` = '". $album['user_id'] ."' OR `friend_id` = '". $album['user_id'] ."' AND `user_id` = '". User::Id() ."') AND `active` = '1'")->rowCount() > 0 or $album['type'] == 3 && $_SESSION['alb_'.$album['id']] == $album['password']) {
echo '<form action="/albums/add_comment?act=create&albums_id='.abs(intval($_GET['albums_id'])) .(isset($_GET['reply_to']) ? '&reply_to='.num($_GET['reply_to']) : null).'" method="post">
<div class="menu">
<b>'. _t('message') .'</b>:<br/>
<textarea name="text" rows="5" cols="26">'.(isset($_GET['reply_to']) ? '[b]'.tnick(num($_GET['reply_to'])).'[/b], ' : NULL).'</textarea><br/>
<input name="create" type="submit" value="'. _t('create') .'" /><br/>
</div>
</form>';
} else {
if ($album['type'] == 1) Template::div('menu', _t('album_stop1'));
if ($album['type'] == 2) Template::div('menu', _t('album_stop2'));
if ($album['type'] == 3) {
echo '<div class="menu">
<form action="/albums/photo/'.abs(intval($_GET['id'])).'/?send" method="post">
'._t('album_stop3').':<br />
<input type="text" name="pass" maxlength="15" /><br/>
<input type="submit" name="send" value="'. _t('send') .'" />
</form></div>';
}
}
$tpl->div('block', NAV .' <a href="/albums/comments/'.abs(intval($_GET['albums_id'])).'">'. _t('back') .'</a><br/> '. NAV .'<a href="/albums/">'. _t('photo_albums') .'</a><br/>' . HICO .'<a href="/">'. _t('home').'</a>');
include_footer();
?>