Файл: foto/inc/user_show_foto.php
Строк: 79
<?
if (!isset($user) && !isset($_GET['id_user'])){header("Location: /foto/?".SID);exit;}
if (isset($user))$ank['id']=$user['id'];
if (isset($_GET['id_user']))$ank['id']=$_GET['id_user'];
$ank=get_user($ank['id']);
if (!$ank){header("Location: /foto/?".SID);exit;}
$gallery['id']=intval($_GET['id_gallery']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"),0)==0){header("Location: /foto/$ank[id]/?".SID);exit;}
$gallery=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$gallery[id]' AND `id_user` = '$ank[id]' LIMIT 1"));
$foto['id']=intval($_GET['id_foto']);
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"),0)==0){header("Location: /foto/$ank[id]/$gallery[id]/?".SID);exit;}
$foto=mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery_foto` WHERE `id` = '$foto[id]' LIMIT 1"));
$set['title']=$ank['nick'].' - '.$gallery['name'].' - '.$foto['name']; // заголовок страницы
require_once ("../core/cuctema/head.php");
title();
aut();
err();
if($ank['level']<$user['level'] || isset($user) && $ank['id']==$user['id'])$umodd=1;
if($foto['sk']==1 && !isset($umodd))
{
$sank=get_user($foto['sk_user']);
echo "<div class='err'>n";
echo "Фото заблокировал n";
echo "<a href='/info.php?id=$sank[id]'>$sank[nick]</a>".online($sank['id'])."n";
echo " <span style='color:grey'>(".vremja($foto['sk_time']).")</span>n<br/>n</div>n";
require_once ("../core/cuctema/foot.php");
exit;
}
if(isset($_POST['password']))
{
setcookie("passfoto[$gallery[id]]",$_POST['password']);
if(isset($_POST['password']) && $_POST['password']==$gallery['password'])header("Location:?enter=ok");
}
if($gallery['access']=='only_me')
{
if($ank['id']==$user['id'] && isset($user) || isset($umodd))
{
include_once 'inc/foto.php';
}
else
{
echo "<div class='err'>";
echo "Фото доступно только автору!</div>";
require_once ("../core/cuctema/foot.php");
exit;
}
}
elseif($gallery['access']=='friends')
{
if($ank['id']==$user['id'] && isset($user) || isset($umodd) || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0)
{
include_once 'inc/foto.php';
}
else
{
echo "<div class='err'>";
echo "Фото доступно только друзьям автора!";
echo "</div>";
require_once ("../core/cuctema/foot.php");
exit;
}
}
elseif($gallery['access']=='pass')
{
if(isset($_COOKIE['passfoto'][$gallery['id']]) && $_COOKIE['passfoto'][$gallery['id']]==$gallery['password'] || $ank['id']==$user['id'] && isset($user) || isset($umodd))
{
include_once 'inc/foto.php';
}
else
{
if(isset($_POST['password']) && $_POST['password']!=$gallery['password'])$err[]="Пароль неправильный";
err();
echo "<form method='post'>n";
echo "Чтобы просмотреть фото, введите пароль:<br />n";
echo "<input type='text' name='password'><br />n";
echo "<input type='submit' name='Далее'>n";
echo "</form>";
require_once ("../core/cuctema/foot.php");
exit;
}
}
elseif($gallery['access']=='auth')
{
if(isset($user))
{
include_once 'inc/foto.php';
}
else
{
echo "<div class='err'>";
echo "Фото доступно только авторизированым пользователям!</div>";
require_once ("../core/cuctema/foot.php");
exit;
}
}
include_once 'inc/foto.php';
?>