Файл: users/diary/inc/edit.php
Строк: 447
<?
$ank=get_user($diary['id_user']);
$count_files=mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'"),0);
if(isset($_GET['poll']))include_once 'inc/edit.poll'.$diary['poll'].'.php';
if(!isset($_SESSION["diary_edit_$diary[id]"]))
{
$_SESSION["diary_edit_$diary[id]"]=array();
$_SESSION["diary_edit_$diary[id]"]['id']=$diary['id'];
$_SESSION["diary_edit_$diary[id]"]['text']=$diary['text'];
$_SESSION["diary_edit_$diary[id]"]['name']=$diary['name'];
$_SESSION["diary_edit_$diary[id]"]['tags']=$diary['tags'];
$_SESSION["diary_edit_$diary[id]"]['adult']=$diary['adult'];
$_SESSION["diary_edit_$diary[id]"]['access']=$diary['access'];
$_SESSION["diary_edit_$diary[id]"]['komm']=$diary['komm'];
$_SESSION["diary_edit_$diary[id]"]['password']=$diary['password'];
}
$diary_edit=$_SESSION["diary_edit_$diary[id]"];
if(isset($_GET['access']))
{
if(isset($_POST['cfms']))
{
if($_POST['access']=='pass')
{
if(strlen2($_POST['password'])<$min_size_pass)$err[]='Введите пароль!';
if(strlen2($_POST['password'])>$max_size_pass)$err[]='Пароль слишком длинный!';
$pass=$_POST['password'];
}
else $pass=NULL;
if(!isset($err))
{
if(in_array($_POST['access'],array('all','only_me','friends','pass','auth')))
{
$_SESSION["diary_edit_$diary[id]"]['password']=$pass;
$_SESSION["diary_edit_$diary[id]"]['access']=$_POST['access'];
}
header("Location:/users/diary/$diary[id]/edit");
exit;
}
}
err();
echo "<form action='' method='post' class='d2'>n
<div>Запись доступна:</div>n
<div style='font-size:small'>n
<input type='radio' name='access' value='all'".($diary_edit['access']=='all'?" checked='checked'":null)."/>n
<label>всем</label>n
</div>n
<div style='font-size:small'>n
<input type='radio' name='access' value='only_me'".($diary_edit['access']=='only_me'?" checked='checked'":null)."/>n
<label>только мне</label>n
</div>n
<div style='font-size:small'>n
<input type='radio' name='access' value='friends'".($diary_edit['access']=='friends'?" checked='checked'":null)."/>n
<label>моим друзьям</label>n
</div>n
<div style='font-size:small;'>n
<input type='radio' name='access' value='pass'".($diary_edit['access']=='pass'?" checked='checked'":null)."/>n
<label>только по паролю:n
<input name='password' size='16' maxlength='16' type='text' value='".output_title($diary_edit['password'])."'/></label>n
</div>n
<div style='font-size:small'>n
<input type='radio' name='access' value='auth'".($diary_edit['access']=='auth'?" checked='checked'":null)."/>n
<label>только авторизированным</label>n
</div>n
<input type='submit' name='cfms' value='OK'/>n
</form>n";
echo "<div class='d1'><img src='/users/diary/users/diary/back.png'> <a href='/users/diary/$diary[id]/edit'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
elseif(isset($_GET['komm']))
{
if(isset($_POST['cfms']))
{
if(in_array($_POST['komm'],array('all','only_me','friends')))$_SESSION["diary_edit_$diary[id]"]['komm']=$_POST['komm'];
header("Location:/users/diary/$diary[id]/edit");
exit;
}
echo "<form action='' method='post' class='d2'>n
<div>Комментирование разрешено:</div>n
<div style='font-size:small'>n
<input type='radio' name='komm' value='all'".($diary_edit['komm']=='all'?" checked='checked'":null)."/><label>всем</label>n
</div>n
<div style='font-size:small'>n
<input type='radio' name='komm' value='only_me'".($diary_edit['komm']=='only_me'?" checked='checked'":null)."/>n
<label>только мне</label>n
</div>n
<div style='font-size:small'>n
<input type='radio' name='komm' value='friends'".($diary_edit['komm']=='friends'?" checked='checked'":null)."/>n
<label>моим друзьям</label>n
</div>n
<input type='submit' name='cfms' value='OK'/>n
</form>n";
echo "<div class='d1'><img src='/users/diary/users/diary/back.png'> <a href='/users/diary/$diary[id]/edit'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
elseif(isset($_GET['files']) && isset($_SESSION["diary_edit_$diary[id]"]))
{
if(isset($_POST['upload']) && $count_files<$max_files)
{
if(isset($_FILES['file']))
{
$name=esc(stripcslashes(htmlspecialchars($_FILES['file']['name'])));
$name=ereg_replace('(#|?)', NULL, $name);
//$name=str_replace(' ', '_', $name);
$ras=eregi_replace('^.*.', NULL, $name);
$name=eregi_replace('.[^.]*$', NULL, $name); // имя файла без расширения
if($ras==$name || $ras==NULL || $name==NULL)$err[]='Неверное название файла';
if (!isset($_FILES['file']['tmp_name']) || filesize($_FILES['file']['tmp_name'])>$max_size_file*1048576)$err[]='Размер файла превышает установленные ограничения';
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_diary` = '$diary[id]' AND `name` = '$name', `ras` = '$ras'"),0)!=0)$err[]='Вы уже прикрепляли такой файл к этой записи';
if(!isset($err))
{
mysql_query("INSERT INTO `diary_files` SET `id_diary` = '$diary[id]', `id_user` = '$ank[id]', `name` = '".my_esc($name)."', `ras` = '".my_esc($ras)."'");
$id=mysql_insert_id();
move_uploaded_file($_FILES['file']['tmp_name'],
H."users/diary/files/$id.dat");
chmod(H."users/diary/files/$id.dat", 0777);
$count_files=mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'"),0);
}
}
else $err[]='Выберите файл';
}
err();
if(isset($_GET['dfid']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id` = '".intval($_GET['dfid'])."' AND `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'"),0)!=0 && $_GET['mdp']==md5($user['pass'])){mysql_query("DELETE FROM `diary_files` WHERE `id` = '".intval($_GET['dfid'])."' AND `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'");unlink(H."users/diary/files/".intval($_GET['dfid']).".dat");$count_files=mysql_result(mysql_query("SELECT COUNT(*) FROM `diary_files` WHERE `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'"),0);
}
$q=mysql_query("SELECT * FROM `diary_files` WHERE `id_user` = '$ank[id]' AND `id_diary` = '$diary[id]'");
if(mysql_num_rows($q)==0)echo "<div class='hide'>Нет прикреплённых файловn";else echo "<div class='d1'>n";
while($post=mysql_fetch_array($q))
{
echo "".(is_file(H."users/diary/users/diary/$post[ras].png")?"<img src='users/diary/users/diary/$post[ras].png'/>":"<img src='users/diary/files/unknown_file.png'/>")." ".output_title($post['name'].'.'.$post['ras'])." <span style='color:grey'>(".size_file(filesize(H."users/diary/files/$post[id].dat")).")</span> <a href='?files&dfid=$post[id]&mdp=".md5($user['pass'])."'><span style='float:right'>[<span style='color:red'>x</span>]</span></a><br/>n";
}
echo "</div>n";
echo "<div class='d2'>";
echo "<form enctype='multipart/form-data' action='' method='post'>n";
echo "<span style='color:grey'>Файл (<".size_file($max_size_file*1048576)."):</span><br />n";
echo "<input name='file' type='file'".($count_files>=$max_files?" disabled='disabled'":null)."/><br />n";
echo "<input type='submit' name='upload' value='Загрузить!'".($count_files>=$max_files?" disabled='disabled'":null)."/>".($count_files>=$max_files?"</div><div class='hide'>Вы уже прикрепили максимальное к-тво файлов к записе!</b>":null)."n";
echo "</div>";
echo "<div class='d1'><img src='/users/diary/users/diary/back.png'> <a href='/users/diary/$diary[id]/edit'>Назад</a></div>n";
require_once ("../../core/cuctema/foot.php");
exit;
}
//-------SAVE DIARY-------\
if(isset($_POST['cfms']) && isset($_POST['text']) && isset($_POST['name']) && isset($_POST['tags']))
{
$name=$_POST['name'];
$text=$_POST['text'];
$tags=$_POST['tags'];
if(strlen2($name)>$max_size_name){$err_name_long=1;$err_diary=1;}
if(strlen2($text)<$min_size_text){$err_text_short=1;$err_diary=1;}
if(strlen2($text)>$max_size_text){$err_text_long=1;$err_diary=1;}
$count_tags=0;
$array_tags=explode(",", $tags);
foreach ($array_tags as $key => $tag)
{
if($tag!=NULL)$count_tags++;
}
if($count_tags>$max_size_tags){$err_tags_long=1;$err_diary=1;}
$count_t=0;
$array_tags=explode(",", $tags);
$tags=NULL;
foreach ($array_tags as $key => $tag)
{
if($tag!=NULL)
{
$count_t++;
if($tags==NULL)$tags=$tag;else $tags="$tags,$tag";
}
}
if(isset($_POST['adult']) && $_POST['adult']==1)$adult=1;else $adult=0;
if(!isset($err_diary))
{
mysql_query("UPDATE `diary` SET `name` = '".my_esc($name)."', `text` = '".my_esc($text)."', `tags` = '".my_esc($tags)."', `adult` = '$adult' WHERE `id` = '$diary[id]'");
mysql_query("UPDATE `diary` SET `access` = '$diary_edit[access]', `password` = '$diary_edit[password]' WHERE `id` = '$diary[id]'");
mysql_query("UPDATE `diary` SET `komm` = '$diary_edit[komm]' WHERE `id` = '$diary[id]'");
unset($_SESSION["diary_edit_$diary[id]"]);
header("Location:/users/diary/$diary[id]/read");
exit;
}
}
if(isset($_POST['files']))
{
if(isset($_POST['adult']) && $_POST['adult']==1)$_SESSION["diary_edit_$diary[id]"]['adult']=1;else $_SESSION["diary_edit_$diary[id]"]['adult']=0;
$_SESSION["diary_edit_$diary[id]"]['name']=$_POST['name'];
$_SESSION["diary_edit_$diary[id]"]['text']=$_POST['text'];
$_SESSION["diary_edit_$diary[id]"]['tags']=$_POST['tags'];
header("Location:?files");
exit;
} // Redirect to add Files
if(isset($_POST['access']))
{
if(isset($_POST['adult']) && $_POST['adult']==1)$_SESSION["diary_edit_$diary[id]"]['adult']=1;else $_SESSION["diary_edit_$diary[id]"]['adult']=0;
$_SESSION["diary_edit_$diary[id]"]['name']=$_POST['name'];
$_SESSION["diary_edit_$diary[id]"]['text']=$_POST['text'];
$_SESSION["diary_edit_$diary[id]"]['tags']=$_POST['tags'];
header("Location:?access");
exit;
} // Redirect to edit Access
if(isset($_POST['komm']))
{
if(isset($_POST['adult']) && $_POST['adult']==1)$_SESSION["diary_edit_$diary[id]"]['adult']=1;else $_SESSION["diary_edit_$diary[id]"]['adult']=0;
$_SESSION["diary_edit_$diary[id]"]['name']=$_POST['name'];
$_SESSION["diary_edit_$diary[id]"]['text']=$_POST['text'];
$_SESSION["diary_edit_$diary[id]"]['tags']=$_POST['tags'];
header("Location:?komm");
exit;
} // Redirect to edit type of Komming
if(isset($_POST['name']))$dn=$_POST['name'];
else $dn=$diary_edit['name'];
echo "<form action='' method='post' class='d2'>n";
if(isset($err_name_long))echo "<div class='hide'>n";
echo "<span style='font-size: small; color:grey'>n
<b>Тема</b> (".sklon_text($max_size_name,array('знак','знака','знаков')).")n
</span>n
<input style='width: 95%' type='text' name='name' size='18' maxlength='50' value='".output_title($dn)."' /><br/>n";
if(isset($err_name_long))echo "<span style='color:red'>Тема записи слишком длинная</span></div>n";
if(isset($err_text_long) || isset($err_text_short))echo "<div class='hide'>n";
echo "<span style='font-size:small;color:grey'><b>Запись</b> (".sklon_text($max_size_text,array('знак','знака','знаков')).")</span><br/>n";
?>
<div id='toolbar'>
<noscript><input class='url-btn' type='submit' name='urlbtn' value=' ' title='Вставить ссылку'
style='width: 20px; background-image: url(http://new-i09.spaces.ru/bb/link.gif)' />
</noscript>
</div>
<script xmlns="http://www.w3.org/1999/xhtml" language="javascript" type="text/javascript">
/*<![CDATA[*/
function tag(text1, text2, text3) {
if ((document.selection)) {
document.getElementById("textarea").focus();
} else if(document.getElementById("textarea").selectionStart!=undefined) {
var element = document.getElementById("textarea");
var str = element.value;
var start = element.selectionStart;
var length = element.selectionEnd - element.selectionStart;
element.value = str.substr(0, start) + text3 + text1 + str.substr(start, length) + text2 + text3 + str.substr(start + length);
} else
document.getElementById("textarea").value += text3+text1+text2+text3;
}
function pasteLink(text) {
var element = document.getElementById("textarea");
var str = element.value;
var start = element.selectionStart;
var length = element.selectionEnd - element.selectionStart;
element.value = str.substr(0, start) + text + str.substr(start, length) + str.substr(start + length);
}
var toolbar = document.getElementById('toolbar');
toolbar.innerHTML += '<a href="#link1" onclick="tag('[b]', '[/b]', '')"><img src="http://new-i09.spaces.ru/bb/bold.gif" alt="b" title="Жирный шрифт" /></a>'
+ '<a href="#link2" onclick="tag('[i]', '[/i]', '')"><img src="http://new-i09.spaces.ru/bb/italics.gif" alt="i" title="Наклонный шрифт" /></a>'
+ '<a href="#link3" onclick="tag('[u]', '[/u]', '')"><img src="http://new-i09.spaces.ru/bb/underline.gif" alt="u" title="Подчеркнутый шрифт" /></a>'
+ '<a href="#link4" onclick="tag('[s]', '[/s]', '')"><img src="http://new-i09.spaces.ru/bb/strike.gif" alt="s" title="Зачеркнутый шрифт" /></a>'
+ '<a href="#link5" onclick="tag('[url=]', '[/url]', '')"><img src="http://new-i09.spaces.ru/bb/link.gif" alt="url" title="Ссылка" /></a>'
+ '<a href="#link7" onclick="tag('[color=]', '[/color]', '')"><img src="http://new-i09.spaces.ru/bb/color.gif" alt="color" title="Цвет шрифта" /></a>'
+ '<a href="#link8" onclick="tag('[bgcolor=]', '[/bgcolor]', '')"><img src="http://new-i09.spaces.ru/bb/color_bg.gif" alt="bgcolor" title="Цвет фона" /></a>'
;
/*]]>*/
</script>
<?
if(isset($_POST['text']))$dt=$_POST['text'];
else $dt=$diary_edit['text'];
echo "<textarea id='textarea' name='text' rows='5' cols='17' style='width: 95%'>".output_title($dt)."</textarea><br/>".(isset($err_text_long)?"<span style='color:red'>Текст записи слишком длинный</span>":null)."".(isset($err_text_short)?"<span style='color:red'>Введите текст записи</span>":null)."n";
if(isset($err_text_long) || isset($err_text_short))echo "</div>n";
echo "<div style='padding: 5px'>n
<span>Прикрепить к записи:</span>n
<input style='cursor:pointer;text-decoration:underline;color:#069;background-color:transparent;border:0;' type='submit' name='files' value='Файлы".($count_files>0?" ($count_files/$max_files)":null)."'/>n</div>n";
if(isset($_POST['adult']) && $_POST['adult']==1 || $diary_edit['adult']==1)$adult=1;
echo "<input type='checkbox' name='adult' value='1'".(isset($adult)?" checked='checked'":null)."/>n
<label style='font-size: small'>Только для взрослых</label>n
<br/>";
if($diary_edit['access']=='all')$access='всем';
elseif($diary_edit['access']=='only_me')$access='только мне';
elseif($diary_edit['access']=='friends')$access='моим друзьям';
elseif($diary_edit['access']=='pass')$access="только по паролю ($diary_edit[password])";
elseif($diary_edit['access']=='auth')$access='только авторизированным';
echo "Запись доступна:n
<input type='submit' name='access' value='$access' style='cursor:pointer;text-decoration:underline;color:#069;background-color:transparent;border:0;color:green;font-weight:bold;'/><br/>n";
if($diary_edit['komm']=='all')$komm='всем';
elseif($diary_edit['komm']=='only_me')$komm='только мне';
elseif($diary_edit['komm']=='friends')$komm='моим друзьям';
echo "Комментирование разрешено:n
<input type='submit' name='komm' value='$komm' style='cursor:pointer;text-decoration:underline;color:#069;background-color:transparent;border:0;color:green;font-weight:bold;'/><br/>n";
if(isset($_POST['tags']))$dt=$_POST['tags'];
else $dt=$diary_edit['tags'];
if(isset($err_tags_long))echo "<div class='err'>n";
echo "<span style='font-size:small;color:grey'><b>Добавить метки</b> (через запятую):</span><br/><input name='tags' value='".output_title($dt)."' style='width:80%'/><br/>n";
echo "<span style='font-size:small".(isset($err_tags_long)?";color:red":null)."'>Всего можно добавить не более ".sklon_text($max_size_tags,array('метки','метки','меток'))."</span><br/>n";
if(isset($err_tags_long))echo "</div>n";
echo "<input type='submit' name='cfms' value='Сохранить'/>n
<input type='submit' name='previewbtn' value='Предпросмотр'/>n";
if(isset($_POST['previewbtn']) && isset($_POST['text']) && $_POST['text']!=NULL)
{
if(isset($_POST['adult']) && $_POST['adult']==1)$_SESSION["diary_edit_$diary[id]"]['adult']=1;else $_SESSION["diary_edit_$diary[id]"]['adult']=0;
$_SESSION["diary_edit_$diary[id]"]['name']=$_POST['name'];
$_SESSION["diary_edit_$diary[id]"]['text']=$_POST['text'];
$_SESSION["diary_edit_$diary[id]"]['tags']=$_POST['tags'];
echo "<div class='d1'>n
<i><b>Предпросмотр:</b></i><br/>n
<div style='border-left: 2px solid grey; padding-left: 3px'>n
".output_text($_POST['text'])."n
</div>n
</div>n";
}
echo "<input type='hidden' name='mdp' value='".md5($user['pass'])."'/>n
</form>n";
echo "<div class='d1'><img src='/users/diary/users/diary/back.png'/> <a href='/users/diary/$diary[id]/read'>Назад</a></div>";
require_once ("../../core/cuctema/foot.php");
exit;
?>