Файл: mysite/guestbook/index.php
Строк: 539
<?
require_once ("../../core/cuctema/core.php");
if(isset($_GET['id']) && $_GET['id']!=NULL)
$ank=get_user(intval($_GET['id']));
else if(isset($user))
$ank=get_user($user['id']);
if(!$ank)
{
$set['title']="Гостевая книга - Пользователь не найден";
require_once ("../../core/cuctema/head.php");
aut();
echo "<div class='err'>Пользователь не найден!</div>";
require_once ("../../core/cuctema/foot.php");
}
$set['title']="Гостевая книга $ank[nick]"; // заголовок страницы
require_once ("../../core/cuctema/head.php");
title();
aut();
if(isset($_GET['set']) && $ank['id']==$user['id'] && isset($user))
{
if(isset($_POST['save']) && $_POST['mdp']==md5($user['pass']))
{
if(in_array($_POST['access'],array('all','only_me','friends','pass','auth')))$access=$_POST['access'];else $access='all';
$pass=NULL;
if($access=='pass')
{
if(strlen2($_POST['password'])<1)$err[]='Введите пароль!';
if(strlen2($_POST['password'])>20)$err[]='Пароль слишком длинный! (max. 20)';
$pass=$_POST['password'];
}
if(!isset($err))
{
mysql_query("UPDATE `user` SET `guestbook_access` = '$access', `guestbook_password` = '$pass' WHERE `id` = '$ank[id]'");
}
if(in_array($_POST['komm'],array('all','only_me','friends')))$komm=$_POST['komm'];else $komm='all';
mysql_query("UPDATE `user` SET `guestbook_komm` = '$komm' WHERE `id` = '$ank[id]'");
if(!isset($err))
{
$ank['guestbook_password']=$pass;
$ank['guestbook_access']=$access;
$ank['guestbook_komm']=$komm;
msg("Настройки успешно сохранены");
}
}
err();
echo "<form method='post' class='d2' action=''>";
echo "<div><span style='color:darkgreen'><b>Гостевая доступна:</b></span></div>n
<select name='access'>n
<option value='all'".($ank['guestbook_access']=='all'?" checked='checked'":null).">n
Всемn
</option>n
<option value='only_me'".($ank['guestbook_access']=='only_me'?" selected='selected'":null)."/>n
Только мнеn
</option>n
<option value='friends'".($ank['guestbook_access']=='friends'?" selected='selected'":null)."/>n
Моим друзьямn
</option>n
<option value='pass'".($ank['guestbook_access']=='pass'?" selected='selected'":null)."/>n
Только по паролю ->n
</option>n
<option value='auth'".($ank['guestbook_access']=='auth'?" selected='selected'":null)."/>n
Только авторизированнымn
</option>n";
echo "</select>n";
echo "<input name='password' size='10' maxlength='20' type='text' value='".($ank['guestbook_access']=='pass'?$ank['guestbook_password']:null)."'/><br/>n";
echo "<div><span style='color:darkgreen'><b>Комментирование разрешено:</b></span></div>n
<select name='komm'>n
<option value='all'".($ank['guestbook_komm']=='all'?" checked='checked'":null).">n
Всемn
</option>n
<option value='only_me'".($ank['guestbook_komm']=='only_me'?" selected='selected'":null)."/>n
Только мнеn
</option>n
<option value='friends'".($ank['guestbook_komm']=='friends'?" selected='selected'":null)."/>n
Моим друзьямn
</option>n";
echo "</select>n
<br/>n";
echo "<input value='Сохранить' name='save' type='submit'>";
echo "<input type='hidden' name='mdp' value='".md5($user['pass'])."'/>n
</form>n";
echo "<div class='d1'><img src='/users/diary/diary/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
if(isset($_POST['password']))
{
setcookie("passgb[$ank[id]]",$_POST['password']);
if(isset($_POST['password']) && $_POST['password']==$ank['guestbook_password'])header("Location:?id=$ank[id]&enter=ok");
}
if($ank['guestbook_access']=='only_me')
{
if($ank['id']==$user['id'] && isset($user) || $user['group_access']>=7)
{
}
else
{
echo "<div class='err'>";
echo "Доступ в гостевую открыт только автору!</div>";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
elseif($ank['guestbook_access']=='friends')
{
if($ank['id']==$user['id'] && isset($user) || $user['group_access']>=7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0)
{
}
else
{
echo "<div class='err'>";
echo "Доступ в гостевую открыт только друзьям автора!";
echo "</div>";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
elseif($ank['guestbook_access']=='pass')
{
if(isset($_COOKIE['passgb'][$ank['id']]) && $_COOKIE['passgb'][$ank['id']]==$ank['guestbook_password'] || $ank['id']==$user['id'] && isset($user) || $user['group_access']>=7)
{
}
else
{
echo "<div class='err'>";
if(isset($_POST['password']) && $_POST['password']!=$ank['guestbook_password'])echo "Пароль неправильный<br/>";
echo "Доступ в гостевую открыт только по паролю!<br> Чтобы пройти в гостевую, введите пароль:n";
echo "<br><form action='' method="post"> <input type="text" name="password"><br><input type="submit" name="go"></div>";
include_once '../sys/inc/tfoot.php';
exit;
}
}
elseif($ank['guestbook_access']=='auth')
{
if(isset($user))
{
}
else
{
echo "<div class='err'>";
echo "Доступ в гостевую открыт только авторизированным пользователям!</div>";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
if(isset($_GET['spam']) && isset($user))
{
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id`='".abs(intval($_GET['spam']))."' AND `id_user_adm` = '$ank[id]' AND `id_user` != '$user[id]'"),0)!=0)
{
if(isset($_GET['ok']))
{
$prich=$_POST['prich'];
if(strlen2($prich)<5)$err[]='Укажите причину';
if(strlen2($prich)>500)$err[]='Причина слишком длинная';
if(!isset($err))
{
$message=mysql_result(mysql_query("SELECT `id_user` FROM `guestbook` WHERE `id`='".abs(intval($_GET['spam']))."'"),0);
$msg="Пользователь ".$user['nick']." подал жалобу на пользователя ".mysql_result(mysql_query("SELECT `nick` FROM `user` WHERE `id`='".$message."'"),0)." (".mysql_result(mysql_query("SELECT `msg` FROM `guestbook` WHERE `id`='".abs(intval($_GET['spam']))."'"),0).")
Причина жалобы: $prich";
$q = mysql_query("SELECT * FROM `user` WHERE `level` = '2' OR `level` = '3' OR `level` = '4' ORDER BY `date_last` DESC");
while ($cmpl = mysql_fetch_array($q))
{
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$cmpl[id]', '".my_esc($msg)."', '".time()."')");
}
msg('Сообщение отправлено на расмотрение Администраци');
}
}
else
{
echo "<form method='post' action='?id=$ank[id]&spam=".intval($_GET['spam'])."&ok'>n";
echo "<span style='font-size:small;color:grey'><b>Причина жалобы</b> (от 5 до 500 знаков)</span><br/><textarea name='prich'></textarea><br/>n";
echo "Вы действительно хотите отослать жалобу Адинистрации?<br/><input type='submit' value='Отправить'></form><br/>n";
echo "<div class='foot'><img src='/style/icons/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
}
if(isset($_GET['reply']) && isset($user) && mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id` = '".intval($_GET['reply'])."' AND `id_user_adm` = '$ank[id]' AND `id_user` != '$user[id]' LIMIT 1"),0)!=0)
{
if($ank['guest_nokomm']==1 && $user['group_access']<7 && $ank['id']!=$user['id'])
{
echo "<div class='err'>Пользователь поставил запрет на добавление комментариев</div>";
echo "<div class='foot'><img src='/style/icons/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id` = '".intval($_GET['reply'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"));
$komm_avtor=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$komm[id_user]' LIMIT 1"));
if(isset($_POST['msg_otvet']) && ($ank['guestbook_komm']=='all' || $ank['guestbook_komm']=='only_me' && ($user['id']==$ank['id'] || $user['group_access']>=7) || $ank['guestbook_komm']=='friends' && ($ank['id']==$user['id'] || $user['group_access']>=7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0)))
{
$msg=esc(stripcslashes(htmlspecialchars($_POST['msg_otvet'])));
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>1024)
{
$err='Сообщение слишком длинное';
}
if (strlen2($msg)<1)
{
$err='Короткое сообщение';
}
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id_user` = '$user[id]' AND `id_user_adm` = '$ank[id]' AND `msg` = '".mysql_real_escape_string($msg)."' LIMIT 1"),0)!=0)
{
$err='Ваше сообщение повторяет предыдущее';
}
if(!isset($err))
{
if (!empty($_POST['color']))
{
$msg = '[color='.$_POST['color'].']'.$msg.'[/color]';
}
$hide=intval($_POST['hide']);
if($hide==1)$hide=1;else $hide=0;
$msg=mysql_escape_string($msg);
if($user['pol']==1)$pol='оставил'; else $pol='оставила';
$jmsg="[url=/info.php?id=".$user['id']."]".$user['nick']."[/url] ".$pol." комментарий в вашей [url=/mysite/guestbook/?id=".$ank['id']."]гостевой книге[/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`, `id_object`) values('".$user['id']."', '$ank[id]', '$jmsg', '$time', 'guestbook2', '$ank[id]')");
mysql_query("INSERT INTO `guestbook` (`id_user`, `id_user_adm`, `time`, `msg`, `reply`, `hide`, `hide_user`) values('$user[id]', '$ank[id]', '$time', '$msg', '$komm_avtor[id]', '$hide', '$user[id]')");
//mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
$q3=NULL;$qq=mysql_query("SELECT * FROM `guestbook` WHERE `id_user_adm` = '$ank[id]'");while($ppost=mysql_fetch_array($qq)){$a=get_user($ppost['id_user']);if($a){$array=explode(";", $q3);foreach ($array as $key => $value){if($value==$a['id'])$g=1;}if(!isset($g))$q3="".($q3!=NULL?"$q3;":null)."$a[id]";if(isset($g))unset($g);}}
$array=explode(";", $q3);foreach ($array as $key => $value){
$a=get_user($value);
if($value!=NULL && $a)
{
$k=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id_user_adm` = '$ank[id]' AND `id_user` = '$a[id]' ORDER BY `id` DESC LIMIT 1"));
if($a['id']!=$ank['id'] && $a['id']!=$user['id'])
{
if($user['pol']==1)$pol='оставил'; else $pol='оставила';
$jmsg="[url=/info.php?id=".$user['id']."]".$user['nick']."[/url] ".$pol." комментарий в [url=/mysite/guestbook/?id=".$ank['id']."]этой гостевой книге[/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`, `id_object`) values('".$user['id']."', '$a[id]', '$jmsg', '$time', 'guestbook2', '$ank[id]')");
}
}
}
header("Location:?id=$ank[id]");
}
}
$ank2=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$komm[id_user]'"));
echo " <tr>n";
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
echo "<div class='d1'>";
echo "<table><tr><td>";
avatar($ank2['id'],0,0,1);
echo "</td>n";
echo "<td>";
echo "$komm_avtor[nick] написал:<br/>
".output_text($komm['msg'])."n";
echo "</td></tr></table></div>";
echo " </td>n";
echo " </tr></div>n";
if($ank['guestbook_komm']=='all' || $ank['guestbook_komm']=='only_me' && ($user['id']==$ank['id'] || $user['group_access']>=7) || $ank['guestbook_komm']=='friends' && ($ank['id']==$user['id'] || $user['group_access']>=7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0))
{
echo "<div class='d2'>";
echo "<form method='post' name='message' action='?id=$ank[id]&reply=$komm[id]' >n";
echo "<span style='font-size:small;color:grey'><b>Сообщение</b> (1024 знаков)</span><br /><textarea name='msg_otvet' style='width: 518px !important; height: 70px !important;'></textarea>n";
///////
///////////////////
if ($user['set_translit']==1)echo "<label><input type='checkbox' name='translit' value='1' /> Транслит</label><br />n";
///echo "<label><input type='checkbox' name='hide' value='1' /> Скрыть</label><br />n";
echo "<input value='Отправить' type='submit' />n";
echo "</form></div>n";
}
else echo "<div class='err'>n
Автор ограничил круг лиц, которые могут оставлять комментарии.n
</div>n";
echo "<div class='d1'><img src='/style/icons/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
elseif(isset($_GET['edit']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id` = '".intval($_GET['edit'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"),0)!=0 && isset($user))
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id` = '".intval($_GET['edit'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"));
if($user['id']==$komm['id_user'] && $komm['time']>time()-600 || $user['group_access']>=7)
{
if(isset($_GET['ok']))
{
$msg_edit=$_POST['msg_edit'];
if (isset($_POST['translit_msg_edit']) && $_POST['translit_msg_edit']==1)$msg_edit=translit($msg_edit);
if(strlen2($msg_edit)<1)
{
$err[]='Введите coбщение';
}
if(strlen2($msg_edit)>1024)
{
$err[]='Сообщение слишком длинное';
}
$msg_edit=my_esc($msg_edit);
if(!isset($err))
{
mysql_query("UPDATE `guestbook` SET `msg` = '$msg_edit' WHERE `id` = '$komm[id]' LIMIT 1");
header("Location: ?id=$ank[id]");
}
}
echo "<form method='post' action='?id=$ank[id]&edit=$komm[id]&ok'>";
echo "<span style='font-size:small;color:grey'><b>Сообщение</b> (1024 знаков)</span><br/>";
echo "<textarea name='msg_edit' rows='3' cols='23' style='width: 518px !important; height: 70px !important;'>".$komm['msg']."</textarea><br />";
if ($user['set_translit']==1)echo "<label><input type='checkbox' name='translit_msg_edit' value='1' /> Транслит</label><br />n";
echo "<input value="Сохранить" type="submit" />n";
echo "</form>n";
echo "<div class='foot'><img src='/style/icons/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
if(isset($_GET['clean']) && isset($user) && ($user['group_access']>=7 || $user['id']==$ank['id']))
{
if(isset($_GET['all']))
{
if(isset($_GET['ok']))
{
mysql_query("DELETE FROM `guestbook` WHERE `id_user_adm` = '$ank[id]'");
msg("Гостевая успешно очищена");
}
else
{
echo "<div class='err'>Очистить гостевую от сообщений?<br/><a href='?id=$ank[id]&clean&all&ok'>Да</a> | <a href='?id=$ank[id]'>Нет</a></div>";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
else
{
if(isset($_GET['ok']))
{
$ch=intval($_POST['ch']);
$mn=intval($_POST['mn']);
$nt=$ch*$mn*3600;
$nt=$time-$nt;
mysql_query("DELETE FROM `guestbook` WHERE `time` < '$nt'");
msg("Гостевая успешно очищена");
}
else
{
echo "<div class='hide'><img src='/core/themes/".$set['set_them']."/graphic/clear.png' alt='del' /> <a href='?id=$ank[id]&clean&all'>Очистить гостевую полностью</a></div>";
echo "<div class='d2'>Будут удалены посты, написанные ... тому назад:</div>";
echo "<div class='d1'><img src='/style/icons/back.png' alt='' class='icon'/> <a href='?id=$ank[id]'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
}
}
if (isset($_POST['msg']) && isset($user) && ($ank['guestbook_komm']=='all' || $ank['guestbook_komm']=='only_me' && ($user['id']==$ank['id'] || $user['group_access']>=7) || $ank['guestbook_komm']=='friends' && ($ank['id']==$user['id'] || $user['group_access']>=7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0)))
{
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>1024){$err='Сообщение слишком длинное';}
if (strlen2($msg)<1){$err='Короткое сообщение';}
if(!isset($err))
{
if($user['pol']==1)$pol='оставил'; else $pol='оставила';
$jmsg="[url=/info.php?id=".$user['id']."]".$user['nick']."[/url] ".$pol." комментарий в вашей [url=/mysite/guestbook/?id=".$ank['id']."]гостевой книге[/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `type`, `id_object`) values('".$user['id']."', '$ank[id]', '$jmsg', '$time', 'guestbook', '".$ank['id']."')");
$msg=mysql_escape_string($msg);
mysql_query("INSERT INTO `guestbook` (id_user,id_user_adm, time, msg) values('$user[id]', '$ank[id]', '$time', '$msg')");
//mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+1)."' WHERE `id` = '$user[id]' LIMIT 1");
//msg('Сообщение добавлено');
$q3=NULL;$qq=mysql_query("SELECT * FROM `guestbook` WHERE `id_user_adm` = '$ank[id]'");while($ppost=mysql_fetch_array($qq)){$a=get_user($ppost['id_user']);if($a){$array=explode(";", $q3);foreach ($array as $key => $value){if($value==$a['id'])$g=1;}if(!isset($g))$q3="".($q3!=NULL?"$q3;":null)."$a[id]";if(isset($g))unset($g);}}
$array=explode(";", $q3);foreach ($array as $key => $value){
$a=get_user($value);
if($value!=NULL && $a)
{
if($a['id']!=$ank['id'] && $a['id']!=$user['id'])
{
if($user['pol']==1)$pol='оставил'; else $pol='оставила';
$jmsg="[url=/info.php?id=".$user['id']."]".$user['nick']."[/url] ".$pol." комментарий в [url=/mysite/guestbook/?id=".$ank['id']."]этой гостевой книге[/url]";
mysql_query("INSERT INTO `jurnal` (`id_user`, `id_kont`, `msg`, `time`, `id_object`, `type`) values('".$user['id']."', '$a[id]', '$jmsg', '$time', '".$ank['id']."', 'guestbook2')");
}
}
}
}
header("Location:?id=$ank[id]");
}
elseif(isset($_GET['hide']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id` = '".intval($_GET['hide'])."' AND `hide` = '0' AND `id_user_adm` = '$ank[id]' LIMIT 1"),0)!=0 && isset($user))
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id` = '".intval($_GET['hide'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"));
$ank2=get_user($komm['id_user']);
if($user['group_access']>=7)
{
mysql_query("UPDATE `guestbook` SET `hide` = '1', `hide_user` = '$user[id]' WHERE `id` = '".intval($_GET['hide'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1");
}
}
elseif(isset($_GET['show']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id` = '".intval($_GET['show'])."' AND `hide` = '1' AND `id_user_adm` = '$ank[id]' LIMIT 1"),0)!=0 && isset($user))
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id` = '".intval($_GET['show'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"));
$ank2=get_user($komm['id_user']);
if($user['group_access']>=7)
{
mysql_query("UPDATE `guestbook` SET `hide` = '0' WHERE `id` = '".intval($_GET['show'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1");
}
}
elseif(isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id` = '".intval($_GET['del'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"),0)!=0 && isset($user))
{
$komm=mysql_fetch_array(mysql_query("SELECT * FROM `guestbook` WHERE `id` = '".intval($_GET['del'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1"));
$ank2=get_user($komm['id_user']);
if($user['group_access']>=7 || $user['id']==$ank['id'])
{
mysql_query("DELETE FROM `guestbook` WHERE `id` = '".intval($_GET['del'])."' AND `id_user_adm` = '$ank[id]' LIMIT 1");
}
}
err();
if (isset($user))
{
if($ank['guestbook_komm']=='all' || $ank['guestbook_komm']=='only_me' && ($user['id']==$ank['id'] || $user['group_access']>=7) || $ank['guestbook_komm']=='friends' && ($ank['id']==$user['id'] || $user['group_access']>=7 || mysql_result(mysql_query("SELECT COUNT(*) FROM `frends` WHERE (`user` = '$user[id]' AND `frend` = '$ank[id]') OR (`user` = '$ank[id]' AND `frend` = '$user[id]')"),0)!=0))
{
echo "<div class='menu123'>";
echo '<form method="post" action="?id='.$ank['id'].'" name="message">';
echo "<span style='font-size:small;color:grey'><b>Сообщение</b> (1024 знаков)</span><br /><textarea name="msg" style='width: 518px !important; height: 70px !important;'></textarea><br />n";
if ($user['set_translit']==1)echo "<label><input type="checkbox" name="translit" value="1" /> Транслит</label><br />n";
echo "<input value="Отправить" type="submit" />n";
echo "</form>n";
echo "</div>";
}
else echo "<div class='err'>n
Автор ограничил круг лиц, которые могут оставлять комментарии.n
</div>n";
}
else echo "<div>n
<b><a href='/aut.php'>Добавить комментарий</a></b>n
</div>n";
if($ank['id']==$user['id'] && isset($user))
{
mysql_query("UPDATE `jurnal` SET `read` = '1' WHERE `id_kont` = '".$user['id']."' AND `type` = 'guestbook' AND `read` = '0'");
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `guestbook` WHERE `id_user_adm` = '$ank[id]'".($user['group_access']<7?" AND `hide` = '0'":null).""),0);
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
if ($k_post==0)
{
echo "<div class='main123'>Нет сообщений</div>n";
}
$q=mysql_query("SELECT * FROM `guestbook` WHERE `id_user_adm` = '$ank[id]'".($user['group_access']<7?" AND `hide` = '0'":null)." ORDER BY id DESC LIMIT $start, $set[p_str]");
//$q=mysql_query("SELECT * FROM `guestbook` WHERE `id_user_adm` = '$ank[id]' ORDER BY id DESC LIMIT $start, $set[p_str]");
$num = 0;
while ($post = mysql_fetch_array($q))
{
$ank2=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_user]' LIMIT 1"));
//echo "<div class='main123'>";
echo " <tr>n";
echo " </td>n";
echo " </tr>n";
echo " <tr>n";
if ($num==0)
{
echo"<div class='".($post['hide']==0?'main123':'hide')."'>n";
$num=1;
}
elseif ($num==1)
{
echo"<div class='".($post['hide']==0?'menu123':'hide')."'>n";
$num=0;
}
echo "<table><tr><td>";
avatar($ank2['id']);
echo "</td>n";
echo "<td>";
echo "<a href='/mysite/?name=".$ank2['nick']."'>". online($ank2['id'])." ";
echo GradientText("".$ank2['nick']."", "".$ank2['ncolor']."", "".$ank2['ncolor2']."");
echo "</a>";
//echo " <a href='/info.php?id=$ank2[id]'>$ank2[nick]</a> ".online($ank2['id'])." ";
if($post['reply']!='0' && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($post['reply'])."'"),0)!=0)
{
$ru=mysql_fetch_assoc(mysql_query("SELECT *
FROM `user` WHERE `id` = '".intval($post['reply'])."'"));
echo '<span style="color:grey;"> Ответ для ';
echo "<b>$ru[nick]</b></span> n";
}
echo "<br/>";
if($post['hide']==1 && mysql_result(mysql_query("SELECT COUNT(*) FROM `user` WHERE `id` = '".intval($post['hide_user'])."'"),0)!=0)
{
$hu=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".intval($post['hide_user'])."'"));
echo "<font color='red'>Скрыл".($hu['pol']==0?'a':null)." $hu[nick]</font><br/>";
}
echo output_text($post['msg'])."<br/>n";
if(isset($user) && $ank2['id']!=$user['id'])
{
echo "<a href='?id=$ank[id]&reply=$post[id]'>[ответить]</a>n";
}
if($user['group_access']>=7)
{
if($post['hide']==0)echo " <a href='?id=$ank[id]&hide=$post[id]&page=$page'>[скрыть]</a>n";
elseif($post['hide']==1)echo " <a href='?id=$ank[id]&show=$post[id]&page=$page'>[показать]</a>n";
}
if(($user['group_access']>=7 || $user['id']==$ank['id']) && isset($user))echo " <a href='?id=$ank[id]&del=$post[id]&page=$page'>[удалить]</a>n";
if($user['id']==$ank2['id'] && $post['time']>time()-600 || $user['group_access']>=7)
{
echo " <a href='?id=$ank[id]&edit=$post[id]'>[ред]</a>n";
}
if(isset($user))echo " <a href='?id=$ank[id]&spam=$post[id]&page=$page'>[жалоба]</a>";
echo "</div>n";
echo "</td></tr></table></div>";
echo " </td>n";
echo " </tr>n";
}
if ($k_page>1)str("?id=$ank[id]&",$k_page,$page); // Вывод страниц
if($user['group_access']>=7 || $ank['id']==$user['id'] && isset($user))
{
echo "<div class='menu123'>n";
echo "<img src='/core/themes/".$set['set_them']."/graphic/clear.png'/> <a href='?id=$ank[id]&clean'>Очистить гостевую</a>".($ank['id']==$user['id']?"<br/><img src='/mysite/images/settings.png'/> <a href='?id=$ank[id]&set'>Настройки</a>":null)."";
echo "</div>";
echo "</div>";
}
require_once ("../../core/cuctema/foot.php");
?>