Файл: reviews.php
Строк: 107
<?php
include("includes/config.php");
ob_start();
header("Cache-Control: no-store, no-cache, must-revalidate");
echo "<?xml version="1.0" encoding="UTF-8"?>";
echo "<!DOCTYPE html PUBLIC "-//WAPFORUM//DTD XHTML Mobile 1.0//EN" "http://www.wapforum.org/DTD/xhtml-mobile10.dtd">";
echo "<html xmlns="http://www.w3.org/1999/xhtml"><head>";
echo "<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>";
echo "<meta http-equiv="Content-Style-Type" content="text/css"/>";
if($diz_id==1){
include("includes/style.php");
}
if($diz_id==2){
include("includes/style1.php");
}
else
{
include("includes/style.php");
}
echo "<title>$PAGE_NAME_TITLE</title>
<link rel="shortcut icon" type="image/ico" href="img/ico.png"/>
</head><body>
<div class="in">
<div class="block">
<img src="img/logo.png" alt="*"/>
</div>";
$dm = is_logged();
if(!$dm) {
header("Location: index.php");
exit();
}
juosta();
if($id == "") {
$k = ereg_replace("[^0-9]","",$_GET['k']);
$query = mysql_query("SELECT * FROM vartotojai WHERE id='$k'");
if(mysql_num_rows($query) == false) {
header("Location: index.php");
}
else
{
echo "<div class="meniu center">
<a href="reviews.php?id=write&k=$k">Написать отзыв</a>
</div>
<div class="line"></div>";
$nuskaitoma = mysql_query("SELECT * FROM atsiliepimai WHERE kieno='$k'");
$viso = mysql_num_rows($nuskaitoma);
if($viso == false) {
echo "<div class="meniu center">
Отзывов пока нет.
</div>";
}
else
{
$nuo = (int) ereg_replace("[^0-9]","",$_GET['nuo']);
$puslapiu_skaicius = 20;
$nuskaitymas = mysql_query("SELECT * FROM atsiliepimai WHERE kieno='$k' ORDER BY id DESC LIMIT $nuo,$puslapiu_skaicius");
while($stulpeliai = mysql_fetch_array($nuskaitymas)) {
$vafetch = mysql_fetch_array(mysql_query("SELECT * FROM vartotojai WHERE id='".$stulpeliai['kas']."'"));
$stulpeliai['atsiliepimas'] = bbcode($stulpeliai['atsiliepimas']);
$user = user($vafetch['nick'],$vafetch['statusas']);
echo "<div class="meniu">";
if($k == $dm['id']) {
echo "[<a href="reviews.php?id=delete&k=".$stulpeliai['id']."">x</a>] ";
}
echo "<a href="index.php?id=info&k=".$vafetch['id']."">$user</a>:
<br/>
<small>".$stulpeliai['atsiliepimas']."</small>
<br/>
<small>".$stulpeliai['kada']."</small>
</div>";
}
echo "<div class="line"></div>
<div class="meniu center">";
$viso_puslapiai = 0;
$starto_skaicius = 1;
$ceil = ceil($viso / $puslapiu_skaicius);
$rodomas = ceil($nuo / $puslapiu_skaicius) + 1;
while($viso_puslapiai < $viso) {
if($starto_skaicius == 1 or ($starto_skaicius >= $rodomas - 1 && $starto_skaicius < $rodomas + 3) or $starto_skaicius > $ceil - 1) {
$taskai = 0;
if($nuo == $viso_puslapiai) {
echo "[$starto_skaicius]";
}
else
{
echo "<a href="reviews.php?k=$k&nuo=$viso_puslapiai">[$starto_skaicius]</a>";
}
}
else
{
if($taskai == false) {
echo "...";
$taskai ++;
}
}
$viso_puslapiai = $viso_puslapiai + $puslapiu_skaicius;
$starto_skaicius ++;
}
echo "</div>";
}
}
echo "<div class="block">
<a href="index.php?id=info&k=$k" class="cc">Назад</a> | <a href="index.php" class="cc">Главная</a>
<br/>
$PAGE_SLOGAN
</div></div>";
}
elseif($id == "write") {
$k = ereg_replace("[^0-9]","",$_GET['k']);
$query = mysql_query("SELECT * FROM vartotojai WHERE id='$k'");
if(mysql_num_rows($query) == false) {
header("Location: index.php");
}
else
{
echo "<form action="reviews.php?id=write2&k=$k" method="post">
<div class="meniu center">
Отзыв(<a href="help.php?id=bbcode">BB CODE</a>):
<br/>
<textarea rows="10" cols="17" name="atsiliepimas"></textarea>
</div>
<div class="meniu center">
<input type="submit" value="ОК"/>
</div>
</form>
<div class="block">
<a href="reviews.php?k=$k" class="cc">Назад</a> | <a href="index.php" class="cc">Главная</a>
<br/>
$PAGE_SLOGAN
</div></div>";
}
}
elseif($id == "write2") {
$k = ereg_replace("[^0-9]","",$_GET['k']);
$query = mysql_query("SELECT * FROM vartotojai WHERE id='$k'");
if(mysql_num_rows($query) == false) {
header("Location: index.php");
}
else
{
$atsiliepimas = filter($_POST['atsiliepimas']);
$pop = mysql_fetch_array(mysql_query("SELECT SUM(gyventojai) FROM gyvenvietes WHERE kieno='$useris'"));
if($pop[0] < $WRITE * $SPEED && $useris != $ADMIN) {
$klaida = "Писать отзывы доступно со ".$WRITE * $SPEED." ПОП(число населения).";
}
elseif($atsiliepimas == false) {
$klaida = "Оставлено пустое поле.";
}
elseif(mysql_num_rows(mysql_query("SELECT * FROM atsiliepimai WHERE kieno='$k' AND atsiliepimas='$atsiliepimas'")) > 0) {
$klaida = "Такой отзыв уже существует.";
}
elseif(strlen($atsiliepimas) > 10000) {
$klaida = "Текст отзыва слишком длинный.";
}
if($klaida != false) {
echo "<div class="meniu center">
$klaida
</div>
<div class="block">
<a href="reviews.php?id=write&k=$k" class="cc">Назад</a> | <a href="index.php" class="cc">Главная</a>
<br/>
$PAGE_SLOGAN
</div></div>";
}
else
{
$atsiliepimas = str_replace("n","<br/>",$atsiliepimas);
$fetch = mysql_fetch_array($query);
mysql_query("INSERT INTO atsiliepimai(id,kieno,kas,atsiliepimas,kada) VALUES('','$k','".$dm['id']."','$atsiliepimas','".date("Y-m-d H:i:s")."')");
if($useris != $fetch['nick']) {
mysql_query("INSERT INTO gautos_pm (id,kieno,busena,nuoko,tema,zinute,kada) VALUES('','".$fetch['nick']."','+','$ADMIN','Информация','Вам написали новый отзыв.','".date("Y-m-d H:i:s")."')");
}
header("Location: reviews.php?k=$k");
}
}
}
elseif($id == "delete") {
$k = ereg_replace("[^0-9]","",$_GET['k']);
if(mysql_num_rows(mysql_query("SELECT * FROM atsiliepimai WHERE kieno='".$dm['id']."' AND id='$k'")) == false) {
header("Location: index.php");
}
else
{
mysql_query("DELETE FROM atsiliepimai WHERE kieno='".$dm['id']."' AND id='$k'");
header("Location: reviews.php?k=".$dm['id']."");
}
}
else
{
header("Location: index.php");
}
mysql_close($connect);
ob_end_flush();
?>
</body></html>