Файл: vxas.ru/anketa/ava/laik.php
Строк: 94
<?php
include_once '../../sys/inc/start.php';
include_once '../../sys/inc/compress.php';
include_once '../../sys/inc/sess.php';
include_once '../../sys/inc/home.php';
include_once '../../sys/inc/settings.php';
include_once '../../sys/inc/db_connect.php';
include_once '../../sys/inc/ipua.php';
include_once '../../sys/inc/fnc.php';
include_once '../../sys/inc/user.php';
################################################################################
if (isset($user))$ank['id']=mysql_real_escape_string($user['id']);
if (isset($_GET['id']))$ank['id']=intval($_GET['id']);
################################################################################
$ank=get_user($ank['id']);
if(!$ank){header("Location: /index.php?".SID);exit;}
################################################################################
$set['title']="Лайк $ank[nick]"; // заголовок страницы
include_once '../../sys/inc/thead.php';
title();
aut();
################################################################################
if (isset($_GET['laik']) && isset($user) && $user['id']!=$ank['id'] && $user['balls']>=0 && mysql_result(mysql_query("SELECT SUM(`laik`) FROM `ava_laik` WHERE `id_kont` = '".mysql_real_escape_string($user[id])."'"),0)>=0)
{
$my_r=intval(@mysql_result(mysql_query("SELECT `plys` FROM `ava_laik` WHERE `id_user` = '".mysql_real_escape_string($user[id])."' AND `id_kont` = '".mysql_real_escape_string($ank[id])."'"),0));
if ($my_r>'0'){
msg('Вы уже голосовали');
}else{
$new_r=max(@intval($_GET['laik']),1);
mysql_query("DELETE FROM `ava_laik` WHERE `id_user` = '".mysql_real_escape_string($user[id])."' AND `id_kont` = '".mysql_real_escape_string($ank[id])."' LIMIT 1");
if ($new_r)
mysql_query("INSERT INTO `ava_laik` (`laik`, `id_user`, `id_kont`, `time`) VALUES ('".mysql_real_escape_string($new_r)."','".mysql_real_escape_string($user[id])."','".mysql_real_escape_string($ank[id])."','".mysql_real_escape_string($time)."')");
$ank['plys']=intval(mysql_result(mysql_query("SELECT SUM(`laik`) FROM `ava_laik` WHERE `id_kont` = '".mysql_real_escape_string($ank[id])."'"),0));
mysql_query("UPDATE `user` SET `laik` = '".mysql_real_escape_string($ank[plys])."' WHERE `id` = '".mysql_real_escape_string($ank[id])."' LIMIT 1");
if (isset($user) && $user['id']!=$ank['id']){
$msg2="[url=info.php?id=$user[id]]$user[nick][/url] Лайкнул вашу [url=/anketa/ava/kto.php?id=$ank[id]]Аватарку[/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`) values('0', '".mysql_real_escape_string($ank[id])."', '".mysql_real_escape_string($msg2)."', '".mysql_real_escape_string($time)."')");
}
###########################
header('Location: /info.php?id='.htmlspecialchars($ank['id']).'');
###########################
}}
################################################################################
include_once '../../sys/inc/tfoot.php';
?>