Файл: vxas.ru/microblog/microblog.php
Строк: 169
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
only_reg();
$set['title']='Mикроблог';
include_once '../sys/inc/thead.php';
title();
aut();
err();
if (!isset($_GET['id']) || !is_numeric($_GET['id']))
{
header("Location: /index.php");
}
if (isset($_GET['id']) && is_numeric($_GET['id']))
{
$id=intval($_GET['id']);
$check=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog` WHERE `id` = '".mysql_real_escape_string($id)."'"),0);
if ($check==0)
{
echo "<div class='err'>Tакого микроблога не существует</div>";
}
if ($check!=0)
{
$mcrbl=mysql_fetch_array(mysql_query("SELECT * FROM `microblog` WHERE `id` = '".mysql_real_escape_string($id)."' LIMIT 1"));
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($mcrbl[uid])."' LIMIT 1"));
if(isset($user))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_see` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."' AND `uid`='".mysql_real_escape_string($user[id])."' LIMIT 1"),0)==0)
{
mysql_query("INSERT INTO `microblog_see` (`id_blog`, `uid`, `time_last`) VALUES ('".mysql_real_escape_string($mcrbl[id])."', '".mysql_real_escape_string($user[id])."', '".mysql_real_escape_string($time)."')");
}
else
{
$guest=mysql_fetch_array(mysql_query("SELECT * FROM `microblog_see` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."' AND `uid`='".mysql_real_escape_string($user[id])."' LIMIT 1"));
mysql_query("UPDATE `microblog_see` SET `times` = '".mysql_real_escape_string($guest['times']+1)."', `time_last`='".mysql_real_escape_string($time)."' WHERE `id` = '".mysql_real_escape_string($guest[id])."' LIMIT 1");
}
}
echo "<div class='p_t'><center>";
echo "".online($ank['id'])." ";
echo "$ank[nick]";
$komall=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_komm` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."'"),0);
echo "<center>Комментарии $komall</center></div>";
echo "<div class='triangle2'></div><div class='trianglerect2'>";
echo"".esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($mcrbl['text']))))))))."</div>";
$komms=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_komm` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."'"),0);
$superall=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_klass` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."'"),0);
$superyou=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_klass` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."' AND `uid` = '".mysql_real_escape_string($user[id])."'"),0);
$see=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_see` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."'"),0);
$superother=$superall-$superyou;
echo "<img src='/img/bubl.png' alt='' /> $komms • ";
if ($superyou!=0)
{
echo "<img src='/img/cls.png' alt='' /> Вы <span style='text-decoration:underline'>и ещё <a href='klasslist.php?id=$mcrbl[id]'>$superother чел.</a></span>";
}
if ($superyou==0)
{
echo "<img src='/img/cls.png' alt='' /> <a href='klass.php?id=$mcrbl[id]'>Kласс!</a> <span style='text-decoration:underline'><a href='klasslist.php?id=$mcrbl[id]'>$superother чел.</a></span>";
}
echo " • <span style='color:red'>".vremja($mcrbl['time'])."</span>";
echo " • <img src='/img/eye.png' alt='' /> <a href='see.php?id=$mcrbl[id]'>$see</a>";
echo "</div>";
}
if (isset($_POST['msg']) && isset($user))
{
$msg=mysql_real_escape_string(htmlspecialchars($_POST['msg']));
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>1024){$err='Сообщение превышает лимит в 1024 символa';}
elseif (strlen2($msg)<1){$err='Сообщение слишком мало';}
else{
$msg=mysql_real_escape_string($msg);
mysql_query("INSERT INTO `microblog_komm` (uid,id_blog, time, msg) values('".mysql_real_escape_string($user[id])."', '".mysql_real_escape_string($mcrbl[id])."', '".mysql_real_escape_string($time)."', '".mysql_real_escape_string($msg)."')");
mysql_query("UPDATE `user` SET `balls` = '".mysql_real_escape_string($user['balls']+1)."' WHERE `id` = '".mysql_real_escape_string($user[id])."' LIMIT 1");
$q = mysql_query("SELECT * FROM `frends` WHERE `user` = '".mysql_real_escape_string($user[id])."'");
while ($f = mysql_fetch_array($q))
{
$a = mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($f[frend])."' LIMIT 1"));
$msg_lenta="Ваш(а) друг [b]$user[nick][/b] прокомментировал [url=http://delove.ru/microblog/microblog.php?id=$mcrbl[id]] микроблог [/url]";
mysql_query("INSERT INTO `lenta` (`id_user`, `id_kont`, `msg`, `time`) values('".mysql_real_escape_string($user[id])."', '".mysql_real_escape_string($a[id])."', '".mysql_real_escape_string($msg_lenta)."', '".mysql_real_escape_string($time)."')");
}
msg('Комментарий успешно добавлен');
if (isset($user) && $user['id']!=$mcrbl['uid']){
$msg2="[b]$user[nick][/b] прокомментировал(а) Ваш [url=http://delove.ru/microblog/microblog.php?id=$mcrbl[id]] микроблог [/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`) values('0', '".mysql_real_escape_string($mcrbl[uid])."', '".mysql_real_escape_string($msg2)."', '".mysql_real_escape_string($time)."')");
}
}
}
//форма отправки сообщения
if (isset($user) && $check!=0)
{
echo '<div class="forma"><form method="post" action="microblog.php?id='.htmlspecialchars($mcrbl['id']).'">';
echo "Сообщение: | <a href='/smiles/'>Смайлы</a><br />n<textarea name="msg"></textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
echo "<input value="Отправить сообщение" type="submit" />n";
echo "</form>n";
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `microblog_komm` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."'"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0)
{
echo "<div class='err'>Нет сообщений</div>n";
}
$q=mysql_query("SELECT * FROM `microblog_komm` WHERE `id_blog` = '".mysql_real_escape_string($mcrbl[id])."' ORDER BY id DESC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_array($q))
{
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($post[uid])."' LIMIT 1"));
if($num==1){ echo "<div class='rowdown'>";
$num=0;}
else
{echo "<div class='rowup'>";
$num=1;}
echo "".online($ank['id'])."";
echo " <a href='/info.php?id=$ank[id]'>";
echo "$ank[nick]";
echo "</a>n";
echo esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['msg']))))))))."</span>n";
echo "<br />n";
if ($post['reply']!=NULL){
$urepl=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".mysql_real_escape_string($post[who_reply])."' LIMIT 1"));
echo '<span style="color: red;text-decoration:underline">Ответ ';
echo "$urepl[nick]";
echo '</span> '.esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($post['reply'])))))))).'<br />';
}
echo "<span style='float:right'>";
if (isset($user) && $ank['id']!=$user['id']){
echo '<a href="reply.php?id='.htmlspecialchars($post['id']).'"><img src="/img/mailbest.gif" alt="" /></a>';
if (isset($user) && $user['level']==4)
{
echo " <a href='delete_komm.php?id=$post[id]'><img src='/img/deletemail.gif' alt='' /></a>n";
}
}
echo "</span><br /></div>n";
}
if ($k_page>1)str('?id='.htmlspecialchars($mcrbl['id']).'&',$k_page,$page); // Вывод страниц
echo "<div class='p_m'>- <a href='all.php?id=$mcrbl[uid]'>Все микроблоги</a></div>";
}
include_once '../sys/inc/tfoot.php';
?>