Файл: modules/albums/album.php
Строк: 63
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
if($db->query("SELECT * FROM `albums` WHERE `id` = '".abs(intval($_GET['id']))."'")->rowCount() == 0 or !isset($_GET['id']))
{
redirect('/albums');
}
$locate = 'in_photo_albums';
$album = $db->query("SELECT * FROM `albums` WHERE `id` = '".abs(intval($_GET['id']))."'")->fetch();
$title = $album['name'].' - '._t('photo_albums');
$id = num($_GET['id']);
if(isset($_GET['send']) && $album['type'] == 3)
{
$pass = input($_POST['pass']);
if ($pass == $album['password'])
{
$_SESSION['alb_'.$album['id']] = $pass;
redirect('/albums/album/'.$album['id']);
}
else
{
$err = _t('album_no_pass');
}
}
include_header($title);
Template::div('title', $title);
if (isset($err)) echo '<div class="error">'. $err .'</div>';
if (User::level() >= 6 or $album['user_id'] == User::Id() or $album['type'] == 0 or $album['type'] == 2 && $db->query("SELECT * FROM `friends` WHERE (`friend_id` = '". User::Id() ."' AND `user_id` = '". $album['user_id'] ."' OR `friend_id` = '". $album['user_id'] ."' AND `user_id` = '". User::Id() ."') AND `active` = '1'")->rowCount() > 0 or $album['type'] == 3 && $_SESSION['alb_'.$album['id']] == $album['password'])
{
Template::div('top', '<b>'._t('author').'</b>: '.nick($album['user_id'], '', true));
$album_r = $db->query("SELECT * FROM `albums_photo` WHERE `album_id` = '$id'")->rowCount();
$pages = new Paginator($album_r, $ames);
if($album_r == 0)
{
Template::div('post', _t('no_images'));
}
else
{
$photoss = $db->query("SELECT * FROM `albums_photo` WHERE `album_id` = '$id' ORDER BY id DESC LIMIT $start, $ames");
foreach($photoss as $photo)
{
echo '<div class="post">
<a href="/albums/photo/'.$photo['id'].'"><img src="/cache/albums/thumbs/'.$photo['server_name'].'.jpg" alt="" /></a><br />
('.rtime($photo['time']).')<br/>
<a href="/albums/comments/'.$photo['id'].'">'._t('comments').'</a> ['.$db->query("SELECT * FROM `albums_comms` WHERE `albums_id` = '".$photo['id']."'")->rowCount().']
</div>';
}
$pages->view();
}
}
else
{
if ($album['type'] == 1) Template::div('menu', _t('album_stop1'));
if ($album['type'] == 2) Template::div('menu', _t('album_stop2'));
if ($album['type'] == 3)
{
echo '<div class="menu">
<form action="/albums/album/'.abs(intval($_GET['id'])).'/?send" method="post">
'._t('album_stop3').':<br />
<input type="text" name="pass" maxlength="15" /><br/>
<input type="submit" name="send" value="'. _t('send') .'" />
</form></div>';
}
}
echo '<div class="block">
'.(User::logged() && User::Id() == $album['user_id'] ? NAV.' <a href="/albums/add_photo/'.$id.'">'._t('add_photo').'</a><br/>' : null)
. NAV.' <a href="/albums/user/'.$album['user_id'].'">'. _t('back').'</a><br/>'
. NAV.' <a href="/albums">'. _t('photo_albums').'</a><br/>'
.HICO.' <a href="/">'._t('home').'</a>
</div>';
include_footer();