Файл: tankon.mobi/tanks/presents.php
Строк: 209
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
include_once '../sys/inc/thead.php';
title();
err();
aut();
echo '<link rel="stylesheet" href="style.css" type="text/css" />';
include_once 'function.php';
$ank=mysql_fetch_array(mysql_query("SELECT * FROM `tanks` WHERE `id` = '".intval($_GET['id'])."'"));
$ankar=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '".$ank['id']."'"));
$anku=$ank;
if($ank['id']==0){header ("Location: /presents?id=".$tanks_code['id']."");}
if(isset($_GET['do']) && $ankar['id']!=$tanks_code['id'])
{
if(isset($_GET['cat']) && intval($_GET['cat'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gift_cat` WHERE `id` = '".intval($_GET['cat'])."'"),0)!=0)
{
$cat=mysql_fetch_array(mysql_query("SELECT * FROM `kolhoz_gift_cat` WHERE `id` = '".intval($_GET['cat'])."'"));
if(isset($_GET['gift']) && intval($_GET['gift'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gift` WHERE `id` = '".intval($_GET['gift'])."' AND `id_cat` = '$cat[id]'"),0)!=0)
{
$gift=mysql_fetch_array(mysql_query("SELECT * FROM `kolhoz_gift` WHERE `id` = '".intval($_GET['gift'])."' AND `id_cat` = '$cat[id]'"));
if(isset($_GET['ok']))
{
if($tanks_code['zolota']>=$gift['cena'])
{
$msg=$_POST['msg'];
if(strlen2($msg)>100)
{
$err=1;
echo "Сообщение длиннее 100 символов";
}
if($tanks_code['level']<2)
{
$err=1;
err_game("Дарить подарки можно с 2 уровня.");
}
if(!isset($err))
{
if(isset($_POST['anonim']) && $_POST['anonim']==1){
mysql_query("INSERT INTO `kolhoz_gifts` SET `id_user` = '$ank[id]', `id_kont` = '$tanks_code[id]', `msg` = '".htmlspecialchars(my_esc($msg))."', `time` = '$time', `id_gift` = '$gift[id]', `anonim` = '1' ");
}else{
mysql_query("INSERT INTO `kolhoz_gifts` SET `id_user` = '$ank[id]', `id_kont` = '$tanks_code[id]', `msg` = '".htmlspecialchars(my_esc($msg))."', `time` = '$time', `id_gift` = '$gift[id]' ");
}
mysql_query("UPDATE `tanks` SET `zolota` = '".($tanks_code['zolota']-$gift['cena'])."' WHERE `id` = '$tanks_code[id]'");
$ku[rubies] = $ku['zolota']-$gift['cena'];
header("Location:/profile?id=$ank[id]");
}
}
else
{
$_SESSION['no_zolota']=$gift['cena']-$tanks_code['zolota'];
header("Location: /presents?id=".$ank['id']."&do&cat=".$cat['id']."&gift=".$gift['id']."");
}
}
err_sms('Подарок для '.$ankar['nick'].' - '.$gift['name'].'');
echo'<div class="trnt-block p5" style="margin-bottom:3px;">';
echo "<img src='/images/gifts/".$gift['id'].".png' alt='o' width='96' height='96'>";
echo "<br>Сообщение к подарку (необязательно):<form action='/presents?id=$ank[id]&do&cat=$cat[id]&gift=$gift[id]&ok' method='post'><textarea class='w50' style='height:100px;max-width:230px;' name='msg'></textarea>
<br><input type='checkbox' class='gray1' name='anonim' value='1'> Анонимный текст";
echo' </div>';
echo'<div class="bot">
<span class="input-but border"><span>';
echo "<input type='submit' class='w100' value='Отправить' name='ok'></span></span>
</div></form>";
echo'<a class="simple-but gray" href="/presents?id='.$ank['id'].'&do&cat='.$cat['id'].'"><span><span>Выбрать другой подарок</span></span></a></div>';
}
else
{
err_sms('<a href="/presents?id='.$ank['id'].'&do">Виды подарков</a> / Подарок для '.$ankar['nick'].'');
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gift` WHERE `id_cat` = '$cat[id]'"),0);
if ($k_post==0)
{
echo "Список пуст...";
}
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `kolhoz_gift` WHERE `id_cat` = '$cat[id]' ORDER BY `id` DESC LIMIT $start, $set[p_str]");
while($post=mysql_fetch_array($q))
{
echo '<a href="/presents?id='.$ank['id'].'&do&cat='.$cat['id'].'&gift='.$post['id'].'"><div class="trnt-block p5" style="margin-bottom:5px">
<div class="cntr medium white bold">'.$post['name'].', цена <img src="/tanks/images/icons/gold.png"> '.$post['cena'].'</div>
<center><img src="images/gifts/'.$post['id'].'.png" width="96" height="96"></center>
</div></a>';
}
if ($k_page>1)str("/presents?id=$ank[id]&do&cat=$cat[id]&",$k_page,$page); // Вывод страниц
echo'<a class="simple-but gray" href="/presents?id='.$ankar['id'].'&do"><span><span>К категориям</span></span></a></div>';
}
}
else
{
err_sms('Подарок для '.$ankar['nick'].'');
$q=mysql_query("SELECT * FROM `kolhoz_gift_cat` ORDER BY id DESC");
while($post=mysql_fetch_array($q))
{
echo '<a href="/presents?id='.$ank['id'].'&do&cat='.$post['id'].'"><div class="trnt-block p5" style="margin-bottom:5px">'.$post['name'].'</div></a>';
}
echo'<a class="simple-but gray" href="/profile?id='.$ankar['id'].'"><span><span>В профиль</span></span></a></div>';
}
}
elseif(isset($_GET['del']) && intval($_GET['del'])!=NULL && mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gifts` WHERE `id` = '".intval($_GET['del'])."'"),0)!=0)
{
mysql_query("DELETE FROM `kolhoz_gifts` WHERE `id` = '".intval($_GET['del'])."'");
header("Location:/presents?id=$tanks_code[id]");
}
else
{
err_sms("".($ank['id']==$tanks_code['id']?"Мои подарки":"<a href='/profile?id=$ank[id]'>$ankar[nick]</a> / Подарки")."");
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gifts` WHERE `id_user` = '$tanks_code[id]' AND `read` = '0'"),0)!=0 && $ankar['id']==$tanks_code['id'])
{
mysql_query("UPDATE `kolhoz_gifts` SET `read` = '1' WHERE `id_user` = '$tanks_code[id]' AND `read` = '0'");
header("Location:/presents?id=$tanks_code[id]");
}
echo "<ul>";
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `kolhoz_gifts` WHERE `id_user` = '$ank[id]'"),0);
if ($k_post==0)
{
err_game('Подарков нет');
}
$k_page=k_page($k_post,$set['p_str']);
$page=page($k_page);
$start=$set['p_str']*$page-$set['p_str'];
$q=mysql_query("SELECT * FROM `kolhoz_gifts` WHERE `id_user` = '$ank[id]' ORDER BY `time` DESC LIMIT $start, $set[p_str]");
while($post=mysql_fetch_array($q))
{
$ank2=mysql_fetch_array(mysql_query("SELECT * FROM `user` WHERE `id` = '$post[id_kont]'"));
$anku2=$ank2;
$gift=mysql_fetch_array(mysql_query("SELECT * FROM `kolhoz_gift` WHERE `id` = '$post[id_gift]'"));
echo '<div class="trnt-block p5" style="margin-bottom:5px">
<div class="cntr medium white bold">'.$gift['name'].', от <a href="/profile?id='.$ank2['id'].'">'.$ank2['nick'].'</a> ('.vremja($post['time']).')</div>
<table><tbody><tr><td style="width:100px"><img src="images/gifts/'.$gift['id'].'.png" width="96" height="96"></td><td valign="top">
';
if($post['anonim']!=1){
echo'<div class="small white bold">'.$post['msg'].'</div>';
}
if($post['anonim']==1 && ($post['id_kont']==$tanks_code['id'] || $post['id_user']==$tanks_code['id'])){
echo'<div class="small white bold">'.$post['msg'].'</div>';
}
echo'
</td></tr></tbody></table>
</div>';
if($tanks_code['id']==$ank['id']){echo'<a class="simple-but blue" href="/presents?id='.$ankar['id'].'&del='.$post['id'].'"><span><span>Удалить подарок</span></span></a>';}
}
if ($k_page>1)str("/presents?id=$ank[id]&",$k_page,$page); // Вывод страниц
echo'<a class="simple-but gray" href="/profile?id='.$ankar['id'].'"><span><span>В профиль</span></span></a>';
}
include_once 'foots.php';
?>