Файл: foto/inc/foto.php
Строк: 377
<?
$user['ank_age']=0;
if($user['ank_d_r']!=NULL && $user['ank_m_r']!=NULL && $user['ank_g_r']!=NULL)
{
$user['ank_age']=date("Y")-$user['ank_g_r'];
if(date("n")<$user['ank_m_r'])
{
$user['ank_age']=$user['ank_age']-1;
}
elseif(date("n")==$user['ank_m_r']&& date("j")<$user['ank_d_r'])
{
$user['ank_age']=$user['ank_age']-1;
}
}
if(!isset($_SESSION['foto_adult']) && !isset($_GET['passed']) && $user['ank_age']<18 && $foto['adult']==1)
{
if(!isset($user))
{
echo "Фото с меткой <font color='red'>(+18)</font> доступны только для авторизированых пользователей. Пожалуйста, пройдите процес <a href='/aut.php'>авторизации</a> или <a href='/reg.php'>регистрации</a>";
require_once ("../core/cuctema/foot.php");
exit;
}
echo "<div class='main'>Внимание! Это содержимое только для взрослых!<br/>Нажимая ДА, Вы подтверждаете, что Вам 18 или более лет.<br/>Если Вам менее 18 лет - нажмите НЕТ.<br/><br/><a href='?passed'>Да</a> <a href='/foto/$ank[id]/'>Нет</a><br/></div>n";
require_once ("../core/cuctema/foot.php");
exit;
}
if(!isset($_SESSION['foto_adult']) && isset($_GET['passed']) && $foto['adult']==1)$_SESSION['foto_adult']=1;
if(isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id` = '".intval($_GET['edit'])."' AND `id_foto` = '$foto[id]'$skp"),0)!=0)
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `gallery_komm` WHERE `id` = '".intval($_GET['edit'])."' AND `id_foto` = '$foto[id]'$skp"));
$ank2=get_user($komm['id_user']);
if(isset($user) && ($user['id']==$ank2['id'] && $komm['time']>time()-600))
{
if(isset($_POST['msg']))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if (strlen2($msg)>1024){$err[]='Сообщение слишком длинное';}
if (strlen2($msg)<2){$err[]='Короткое сообщение';}
if(!isset($err))
{
mysql_query("UPDATE `gallery_koom` SET `msg` = '$msg' WHERE `id` = '$komm[id]'");
header("Location: ?$passgen");
}
}
echo "<form method='post' name='message' action='?$passgen'>n";
echo "Сообщение:<br /><textarea name='msg'>$komm[msg]</textarea><br />";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label>n";
echo "<input type='hidden' name='reply' value='$ank2[id]'>";
echo "<input type='hidden' name='komm_reply' value='$komm[id]'>";
echo "<br/><input value="Отправить" type="submit" /> <a href='?'>Назад</a>n";
echo "</form>n";
require_once ("../core/cuctema/foot.php");
exit;
}
}
if(isset($_GET['reply']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id` = '".intval($_GET['reply'])."' AND `id_foto` = '$foto[id]'$skp"),0)!=0)
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `gallery_komm` WHERE `id` = '".intval($_GET['reply'])."' AND `id_foto` = '$foto[id]'$skp"));
$ank2=get_user($komm['id_user']);
if($ank2['id']!=$user['id'])
{
if($foto['komm']=='all' || $foto['komm']=='only_me' && ($user['id']==$ank['id'] || $user['level']>=3) || $foto['komm']=='friends' && ($ank['id']==$user['id'] || $user['level']>=3 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0))
{
echo "$ank2[nick] написал:<div class='p_m'>".htmlspecialchars($komm['msg'])."</div>";
echo "<form method='post' name='message' action='?$passgen'>n";
echo "Сообщение:<br /><textarea name='msg'></textarea><br />";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label>n";
echo "<input type='hidden' name='reply' value='$ank2[id]'>";
echo "<input type='hidden' name='komm_reply' value='$komm[id]'>";
echo "<br/><input value="Отправить" type="submit" /> <a href='?'>Назад</a>n";
echo "</form>n";
}
else echo "<div class='err'>n
Автор ограничил круг лиц, которые могут оставлять комментарии.n
</div>n";
require_once ("../core/cuctema/foot.php");
exit;
}
}
if (isset($user) && $user['id']!=$ank['id'] && $user['balls']>=50 && $user['rating']>=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]'"), 0)==0)
{
if (isset($_GET['rating']) && $_GET['rating']=='down'){
mysql_query("UPDATE `gallery_foto` SET `rating` = '".($foto['rating']-1)."' WHERE `id` = '$foto[id]' LIMIT 1",$db);
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`) values('$user[id]', '$foto[id]')",$db);
msg ('Ваш отрицательный отзыв принят');$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));}
elseif(isset($_GET['rating']) && $_GET['rating']=='up'){
mysql_query("UPDATE `gallery_foto` SET `rating` = '".($foto['rating']+1)."' WHERE `id` = '$foto[id]' LIMIT 1",$db);
mysql_query("INSERT INTO `gallery_rating` (`id_user`, `id_foto`) values('$user[id]', '$foto[id]')",$db);
msg ('Ваш положительный отзыв принят');
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = $foto[id] LIMIT 1"));}
}
if (isset($_POST['msg']) && isset($user) && ($foto['komm']=='all' || $foto['komm']=='only_me' && ($user['id']==$ank['id'] || $user['level']>=3) || $foto['komm']=='friends' && ($ank['id']==$user['id'] || $user['level']>=3 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0)))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
$mat=antimat($msg);
if ($mat)$err[]='В тексте сообщения обнаружен мат: '.$mat;
if (strlen2($msg)>1024){$err='Сообщение слишком длинное';}
elseif (strlen2($msg)<2){$err='Короткое сообщение';}
elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$user[id]' AND `msg` = '".mysql_escape_string($msg)."' LIMIT 1"),0)!=0){$err='Ваше сообщение повторяет предыдущее';}
elseif(!isset($err)){
if(isset($_POST['reply']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($_POST['reply'])."'"),0)!=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_user` = '".intval($_POST['reply'])."' AND `id_foto` = '$foto[id]'"),0)!=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id` = '".intval($_POST['komm_reply'])."' AND `id_foto` = '$foto[id]'$skp"),0)!=0)
{
$ru=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($_POST['reply'])."'"));
if($ru['id']!=$user['id'])
{
$kr=mysql_fetch_array(mysql_query("SELECT * FROM `gallery_komm` WHERE `id_user` = '".intval($_POST['komm_reply'])."' AND `id_foto` = '$foto[id]'$skp"));
$reply=1;
}
}
$q3=NULL;$qq=mysql_query("SELECT * FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'$skp");while($ppost=mysql_fetch_array($qq)){$a=get_user($ppost['id_user']);if($a){$array=explode(";", $q3);foreach ($array as $key => $value){if($value==$a['id'])$g=1;}if(!isset($g))$q3="".($q3!=NULL?"$q3;":null)."$a[id]";if(isset($g))unset($g);}}
$array=explode(";", $q3);foreach ($array as $key => $value){
$a=get_user($value);
if($value!=NULL && $a)
{
$k=mysql_fetch_array(mysql_query("SELECT * FROM `gallery_komm` WHERE `id_foto` = '$foto[id]' AND `id_user` = '$a[id]'$skp ORDER BY `id` DESC LIMIT 1"));
if($a['id']!=$ank['id'] && $user['id']!=$a['id'])
{
//if(mysql_result(mysql_query("SELECT COUNT(*) FROM `jurnal` WHERE `msg` = '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к этому фото[/url]' AND `id_kont` = '$a[id]'"),0)==0)
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`, `id_object`, `id_object2`) values('".$user['id']."', '$a[id]', '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к этому фото[/url]', '$time', 'foto', '$ank[id]', '$foto[id]')");
//else mysql_query("UPDATE `jurnal SET `time` = '$time' WHERE `msg` = '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к этому фото[/url]' AND `id_kont` = '$a[id]'");
}
}
}
//if(mysql_result(mysql_query("SELECT COUNT(*) FROM `jurnal` WHERE `msg` = '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к вашему фото[/url]' AND `id_kont` = '$ank[id]'"),0)==0)
//if ($ank['id']!=$user['id'])
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`, `id_object`, `id_object2`) values('".$user['id']."', '$ank[id]', '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к вашему фото[/url]', '$time', 'foto', '$ank[id]', '$foto[id]')");
//else mysql_query("UPDATE `jurnal SET `time` = '$time' WHERE `msg` = '$user[nick] оставил [url=/foto/$ank[id]/$gallery[id]/$foto[id]/]комментарий к вашему фото[/url]' AND `id_kont` = '$ank[id]'");
mysql_query("INSERT INTO `gallery_komm` (`id_foto`, `id_user`, `time`, `msg`".(isset($reply)?", `reply`":null).") values('$foto[id]', '$user[id]', '$time', '".my_esc($msg)."'".(isset($reply)?", '$ru[id]'":null).")");
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: ?$passgen");
}
}
if (user_access('foto_komm_del') && isset($_GET['delete']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id`='".intval($_GET['delete'])."' AND `id_foto`='$foto[id]' LIMIT 1"),0)!=0)
{
mysql_query("DELETE FROM `gallery_komm` WHERE `id`='".intval($_GET['delete'])."' LIMIT 1");
admin_log('Фотогалерея','Фотографии', "Удаление комментария к фото [url=/info.php?id=$ank[id]]$ank[nick][/url]");
header("Location: ?$passgen");
}
if (isset($_GET['sk']) && user_access('foto_komm_del') && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id`='".intval($_GET['sk'])."' AND `id_foto`='$foto[id]' LIMIT 1"),0)!=0 && $foto['sk']==0)
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `gallery_komm` WHERE `id`='".intval($_GET['sk'])."' AND `id_foto`='$foto[id]' LIMIT 1"));
if($komm['sk']==1)$sk=0;else $sk=1;
mysql_query("UPDATE `gallery_komm` SET `sk` = '$sk', `sk_user` = '$user[id]' WHERE `id`='".intval($_GET['sk'])."' LIMIT 1");
}
if (user_access('foto_foto_edit') && $ank['level']<$user['level'] || isset($user) && $ank['id']==$user['id'])
include_once 'inc/gallery_show_foto_form.php';
?>
<link rel="stylesheet" href="/foto/ajax/style/style.css" type="text/css"/>
<script type="text/javascript" src="/foto/ajax/jquery.js"></script>
<script type="text/javascript" src="/foto/ajax/facebox.js"></script><script type="text/javascript">
jQuery(document).ready(function($) {
$('a[rel*=facebox]').facebox({
loading_image : '/foto/img/loading.gif',
close_image : '/foto/img/closelabel.png'
})
})
</script>
<?
echo "<div class='main123 line_175'>n";
echo "<img src='/mysite/files/file_icons/jpg.png'/> <b>".htmlspecialchars($foto['name'])."</b><span style='color:grey;'>.$foto[ras]</span><br />";
echo "<center>";
if ($set['web'])
{
echo "<a href='/foto/foto640/$foto[id].jpg' rel='facebox'><img class='show_foto' src='/foto/foto640/$foto[id].jpg' alt='$foto[name]' /></a><br />n";
}
else
{
echo "<a href='/foto/foto640/$foto[id].jpg' rel='facebox'><img class='show_foto' src='/foto/foto128/$foto[id].jpg' alt='$foto[name]' /></a><br />n";
}
echo "</center>";
if ($foto['opis']!=null)
echo esc(trim(br(bbcode(smiles(links(stripcslashes(htmlspecialchars($foto['opis']))))))))."<br />n";
echo "</div>n";
#----------------------листинг----------------------#
$listr = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id_user` = '$ank[id]' AND `id_gallery` = '$gallery[id]' AND `id` < '$foto[id]' ORDER BY `id` DESC LIMIT 1"));
$list = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id_user` = '$ank[id]' AND `id_gallery` = '$gallery[id]' AND `id` > '$foto[id]' ORDER BY `id` ASC LIMIT 1"));
echo '<div class="main123 list_Item center">';
echo "".($list['id']?"<a href='/foto/$ank[id]/$gallery[id]/$list[id]/'>← Пред.</a>":"← Пред.")."";
$k_1=mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` > '$foto[id]' AND `id_gallery` = '$gallery[id]'"),0)+1;
$k_2=mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id_gallery` = '$gallery[id]'"),0);
echo ' <small><span style="color:gray;">('.$k_1.' из '.$k_2.')</span></small> ';
echo "".($listr['id']?"<a href='/foto/$ank[id]/$gallery[id]/$listr[id]/'>След. →</a>":"След. →")."";
echo "</div>n";
#----------------------листинг----------------------#
echo "<div class='main123_new line_175' style='background-color: #FFF8C4;'>n";
echo "<img src='/foto/img/download.png' /> <a href='/foto/foto0/$foto[id].jpg' title='Скачать оригинал'>";
echo "Скачать";
echo " (".size_file(filesize(H.'foto/gallery/foto/'.$foto['id'].'.jpg')).")";
echo "</a><br /></div>n";
echo "<div class='main123 line_175' style='color: gray;'>n";
echo "Фото добавлено: ";
echo " <a href='/mysite/?name=$ank[nick]'><b>$ank[nick]</b></a> ".online($ank['id'])." <br />";
echo "В альбом: <a href='/foto/$ank[id]/$gallery[id]/'><img src='/foto/img/folder.png' /> ".$gallery['name']."</a><br />";
echo "Рейтинг: ";
if (isset($user) && $user['id']!=$ank['id'] && $user['balls']>=50 && $user['rating']>=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]'"), 0)==0)
echo "[<a href="?id=$foto[id]&rating=down" title="Отдать отрицательный голос">-</a>] ";
echo "<span class="ank_d">$foto[rating]</span>";
if (isset($user) && $user['id']!=$ank['id'] && $user['balls']>=50 && $user['rating']>=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_rating` WHERE `id_user` = '$user[id]' AND `id_foto` = '$foto[id]'"), 0)==0)
echo " [<a href="?id=$foto[id]&rating=up" title="Отдать положительный голос">+</a>]";
echo "</div>n";
echo "<div class="back123 line_175">n";
if (user_access('foto_foto_edit') && $ank['level']<$user['level'] || isset($user) && $ank['id']==$user['id']) {
echo "<img src='/foto/img/edit.png' /> <a href='?act=edit'>Редактировать</a><br />n";
echo "<img src='/foto/img/cancel.png' /> <a href='?act=delete'>Удалить</a><br />n";
}
if ($webbrowser == true)
{
?>
<div id="sharing_buttons">
<div class='pluso pluso-theme-color pluso-small' style="padding-left:0;"><a class='pluso-vkontakte' style='margin-right:6px;'></a><a class='pluso-odnoklassniki' style='margin-right:6px;'></a><a class='pluso-facebook' style='margin-right:6px;'></a><a class='pluso-twitter' style='margin-right:6px;'></a><a class='pluso-moimir' style='margin-right:6px;'></a><a class='pluso-livejournal' style='margin-right:6px;'></a><a class='pluso-google' style='margin-right:6px;'></a><a class='pluso-email' style='margin-right:6px;'></a></div>
<script type='text/javascript'>if(!window.pluso){pluso={version:'0.9.1',url:'http://share.pluso.ru/'};h=document.getElementsByTagName('head')[0];l=document.createElement('link');l.href=pluso.url+'pluso.css';l.type='text/css';l.rel='stylesheet';s=document.createElement('script');s.src=pluso.url+'pluso.js';s.charset='UTF-8';h.appendChild(l);h.appendChild(s)}</script>
</div><!-- #sharing_buttons -->
<?
}
echo "</div>n";
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'$skp"),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
echo "<table class='post'>n";
if ($k_post==0)
{
echo "<div class='main123 line_175'>";
echo "Нет комментариевn";
echo "</div>";
}
$q=mysql_query("SELECT * FROM `gallery_komm` WHERE `id_foto` = '$foto[id]'$skp ORDER BY `id` ASC LIMIT $start, $set[p_str]");
while ($post = mysql_fetch_assoc($q))
{
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
//echo " <div class='main123 line_175'>n";
echo"<div class='".($post['sk']==0?'main123':'hide')." line_175'>n";
echo " <a href='/info.php?id=$ank2[id]'>$ank2[nick]</a> ".online($ank2['id'])." ";
echo " (".vremja($post['time']).")";
echo " <br />n";
//if ($set['set_show_icon']==1)echo " <td class='p_m' colspan='2'>n"; else echo " <td class='p_m'>n";
if($post['sk']==1 && $post['sk_user']!=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$post[sk_user]'"),0))
{
$sku=get_user($post['sk_user']);
echo "<font color='red'>Скрыл".($sku['pol']==0?'a':null)." $sku[nick]</font><br/>";
}
if($post['reply']!=0 && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '$post[reply]'"),0))
{
$ru=get_user($post['reply']);
echo "$ru[nick], ";
}
echo output_text($post['msg'])."<br />n";
if(isset($user) && $ank2['id']!=$user['id'])
{
echo "<a href='?reply=$post[id]'>Ответить</a>n";
}
if(user_access('foto_komm_del'))echo " <a href='?sk=$post[id]' title='".($post['sk']==1?"Показать":"Скрыть")." комментарий'>".($post['sk']==1?"Показать":"Скрыть")."</a>";
?>
<span style='text-align:right'>
<?
if(user_access('foto_komm_del'))echo "<a href='?delete=$post[id]' style='color:#933'>Удалить</a>n";
if(isset($user) && ($user['id']==$ank2['id'] && $post['time']>time()-600))
{
echo "<a href='?edit=$post[id]' style='color:green'>Ред</a>n";
}
?>
</span>
<?
echo " </div>n";
}
echo "</table>n";
if ($k_page>1)str('?',$k_page,$page); // Вывод страниц
if (isset($user))
{
if($foto['komm']=='all' || $foto['komm']=='only_me' && ($user['id']==$ank['id'] || $user['level']>=3) || $foto['komm']=='friends' && ($ank['id']==$user['id'] || $user['level']>=3 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0))
{
echo "<form method='post' name='message' action='?$passgen'>n";
if ($set['web'] && is_file(H.'t/'.$set['set_them'].'/altername_post_form.php'))
include_once H.'t/'.$set['set_them'].'/altername_post_form.php';
else
echo "<div class='menu123'>Сообщение:<br />n<textarea name="msg"></textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
echo "<input value="Отправить" type="submit" />n";
echo "</div></form>n";
}
else echo "<div class='err'>n
Автор ограничил круг лиц, которые могут оставлять комментарии.n
</div>n";
}
echo "<div class="menu123 line_175">n";
echo "«<a href='/foto/$ank[id]/$gallery[id]/'>К фотографиям</a><br />n";
echo "«<a href='/foto/$ank[id]/'>К фотоальбомам</a><br />n";
echo "</div>n";
require_once ("../core/cuctema/foot.php");
exit;
?>