Файл: guest.php
Строк: 116
<?php
require('sistema/header.php');
require('sistema/utilition.php');
require('sistema/databaza.php');
require('sistema/config.php');
$max_pages = 5;
?>
<?php
if(isset($_POST['name']) && $_POST['name'] != '' && isset($_POST['text']) && $_POST['text'])
{
$users = mysql_query('SELECT id FROM users WHERE login = "' . addslashes($_GET['login']) . '"');
list($id) = mysql_fetch_array($users);
mysql_query('INSERT INTO guest_book(name, text, email, date, user_id) VALUES ("' . addslashes($_POST['name']) . '", "' . addslashes($_POST['text']) . '", "' . addslashes($_POST['email']) . '", CURRENT_TIMESTAMP, "' . (int)$id . '")');
}
if(isset($_GET['go']) && $_GET['go'] == 'say')
{
?>
<wml>
<card id="guest" title="Гостевая">
<p>
Имя:*<br/>
<input name="name" maxlength="15" title="Name"/><br/>
Текст:*<br/>
<input name="text" maxlength="150" title="Text"/><br/>
Mail:<br/>
<input name="email" maxlength="30" title="Email" format="*x"/><br/>
<anchor title="Sign">Добавить<go href="guest.php?login=<?php echo htmlspecialchars($_GET['login']); ?>" method="post">
<postfield name="name" value="$(name)"/>
<postfield name="text" value="$(text)"/>
<postfield name="email" value="$(email)"/>
</go></anchor>
<br/>
<a href="guest.php?login=<?php echo htmlspecialchars($_GET['login']); ?>">В гостевую</a><br/>
</p>
</card>
</wml>
<?php
exit;
}
$links_list = '';
if(isset($_GET['from']))
$from = $_GET['from'];
else
$from = 0;
$login = addslashes($_GET['login']);
$links = mysql_query('SELECT count(*) FROM guest_book l, users u WHERE u.login = "' . $login . '" AND u.id = l.user_id ORDER by date DESC ');
list($total_links) = mysql_fetch_array($links);
$total_pages = ceil($total_links / $max_pages);
$links = mysql_query('SELECT l.id as id, l.name as name, l.text as text, l.email as email, l.date as date FROM guest_book l, users u WHERE u.login = "' . $login . '" AND u.id = l.user_id ORDER by date DESC LIMIT ' . $from * $max_pages . ', ' . $max_pages);
$months = array('января', 'февраля', 'марта', 'апреля', 'мая', 'июня', 'июля', 'августа', 'сентября', 'октября', 'ноября', 'декабря');
if(($n = mysql_num_rows($links)) > 0)
{
while($link = mysql_fetch_array($links, MYSQL_ASSOC))
{
$raw_date = $link['date'];
$month = (int)substr($raw_date, 5, 2);
$month = $months[$month-1];
$day = (int)substr($raw_date, 8, 2);
$hour = (int)substr($raw_date, 11, 2);
$minute = (int)substr($raw_date, 14, 2);
$minute = sprintf("%02d", $minute);
//$links_list .= "$link[text] [$day $month, $hour:$minute]n<br/>n";
$links_list .= "$day $month, $hour:$minute<br/>
<b>$link[name]:</b><br/>
$link[text]<br/>
E-mail:$link[email]<br/>
-------<br/>";
}
}
$banners = mysql_query('SELECT banner FROM users WHERE login = "' . $login . '"');
list($banner) = mysql_fetch_array($banners);
?>
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="links" title="Менеджер файлов">
<do type="options" name="main" label="Меню"><go href="<?php echo htmlspecialchars($_GET['login']); ?>/index.wml"/></do>
<p>
<?php
if($banner == 'top')
echo get_random_link();
?>
<a href="guest.php?go=say&login=<?php echo htmlspecialchars($_GET['login']); ?>">Написать</a><br/>
<?php echo $links_list; ?>
<?php
if($banner == 'bottom')
echo get_random_link();
?>
<br/>
<?php
if(($from+1) != $total_pages && $total_pages != 0)
{
echo "<a href="guest.php?login=$login&from=" . ($from+1) . "">Далее</a>";
echo "<br/>";
}
if($from != 0 && $total_pages != 0)
{
echo "<a href="guest.php?login=$login&from=" . ($from-1) . "">Назад</a>";
echo "<br/>";
}
?>
-------<br/>
<a href="http://<?php echo $login . '.' . $server_name; ?>">На главную</a>
</p>
</card>
</wml>