Файл: icq/feedback.php
Строк: 63
<?
include_once 'inc/fnc.php';
include_once 'inc/sys.php';
head('Отзывы');
echo R(3).'<div class="head">Отзывы</div>'.P();
switch ($_GET['act']) {
default:
if (isset($_GET['ok'])) echo '<span class="err">Сообщение добавлено))</span>';
elseif (isset($_GET['err'])) echo '<span class="err">Ошибка((</span>';
elseif (isset($_GET['okd'])) echo '<span class="err">Удалено))</span>';
elseif (isset($_GET['okr'])) echo '<span class="err">Изменено))</span>';
$k = mysql_result(mysql_query("SELECT COUNT(*) FROM `fb`"),0);
if ($k == 0 ) echo 'Пока пусто((<br />';
$k_page = ceil($k / $SET['k_p_s']);
$page = page();
$s = $page * $SET['k_p_s'] - $SET['k_p_s'];
$q = mysql_query("SELECT * FROM `fb` ORDER BY `time` DESC LIMIT $s, $SET[k_p_s]");
while ($p = mysql_fetch_assoc($q)) {
$u = mysql_fetch_assoc(mysql_query("SELECT nick, pol, time, sess FROM `users` WHERE `id` = '$p[autor]'"));
echo '<div class="cont">';
if ($U['adm'] == 1) echo '<a href="?act=set&p='.$p['id'].'">';
if ($u['pol'] == 1) echo '<img src="/inc/img/man.gif" alt="" />';
elseif ($u['pol'] == 2) echo '<img src="/inc/img/woman.gif" alt="" />';
else echo '<img src="/inc/img/g.gif" alt="" />';
if ($U['adm'] == 1) echo '</a>';
echo ' <a href="anketa.php?id='.$p['autor'].'">'.$u['nick'].'</a> ';
if ($u['time'] > $time-600 AND $u['sess'] != '' ) echo '<span class="on">on</span>';
else echo '<span class="off">off</span>';
if ($U['adm'] == 1) echo ' <a href="?act=ans&p='.$p['id'].'">Отв</a><br />';
echo ' ('.data($p['time']).')<br />'.out($p['msg'], true, true);
if (!empty($p['otv'])) echo '<br /><u>Ответ админа:</u> <i>'.out($p['otv'], true, true).'</i>';
echo'</div>';
}
if ($k_page > 1) str('?', $k_page, $page);
$k = mysql_result(mysql_query("SELECT COUNT(*) FROM `logs` WHERE `user` = '$U[id]'"),0);
if (isset($U) AND $k > 0) {
echo '<form action="?act=add" method="post">
Отзыв (3-1000):<br /><textarea name="msg" cols="20" rows="3"></textarea><br />
<input type="submit" value="Написать" /></form>';
} else echo 'Отзывы могут оставлять пользователи которые совершили хотябы одну покупку))<br />';
echo '<a href="/">Главная</a>';
break;
case 'add':
$msg = trim($_POST['msg']);
if (isset($U) AND isset($_POST['msg']) AND mb_strlen($msg) >= 3 AND mb_strlen($msg) <=1000) {
mysql_query("INSERT INTO `fb` (autor, time, msg) VALUES ('$U[id]', '$time', '".in($msg)."')");
header('Location: ?ok');
} else header('Location: ?err');
break;
case 'set':
$pid = intval($_GET['p']);
$q = mysql_query("SELECT msg FROM `fb` WHERE `id` = '$pid' ");
if (mysql_num_rows($q) == 0) header('Location: ?');
$p = mysql_fetch_assoc($q);
if (isset($_GET['go']) AND mysql_query("UPDATE `fb` SET `msg` = '".in($_POST['msg'])."' WHERE `id` = '$pid'")) header('location: ?okr');
echo '<form action="?act=set&p='.$pid.'&go" method="post">
<textarea name="msg" rows="5" cols="20">'.out($p['msg']).'</textarea><br />
[<a href="?act=del&p='.$pid.'">Удалить</a>]<br />
<input type="submit" value="Изменить" />
</form>
<a href="mini-chat.php">Назад</a><br />
<a href="/">Главная</a>';
break;
case 'ans':
$pid = intval($_GET['p']);
$q = mysql_query("SELECT * FROM `fb` WHERE `id` = '$pid' ");
if (mysql_num_rows($q) == 0) header('Location: ?');
$p = mysql_fetch_assoc($q);
if (isset($_GET['go']) AND mysql_query("UPDATE `fb` SET `otv` = '".in($_POST['otv'])."' WHERE `id` = '$pid'")) header('location: ?okv');
echo '<form action="?act=ans&p='.$pid.'&go" method="post">
Ответ на сообщение:<br />
<div class="cont">'.out($p['msg']).'</div><br />
<textarea name="otv" rows="5" cols="20">'.out($p['otv']).'</textarea><br />
<input type="submit" value="Ответить" /></form>
<a href="mini-chat.php">Назад</a><br />
<a href="/">Главная</a>';
break;
case 'del':
if (mysql_query("DELETE FROM `fb` WHERE `id` = '".intval($_GET['p'])."' ")) header('Location: ?okd');
else echo'Ошибка<br />';
break;
}
foot();
?>