Файл: world-faces.ru/world-faces.ru/incl/status.php
Строк: 35
<?
if(($user['id'])==$al['id']){
echo'<div class="guser_aut">';
echo "<form method="post" name='message' action="?">n";
echo '<textarea name="msg" maxlength="500" type="text" rows="1" cols="20"></textarea><input value="+" type="submit" />';
echo "</form>";
echo'</div>';
}
$q=DB::$dbs->query("SELECT * FROM `status_user` WHERE `id_user` = ? ORDER BY time DESC LIMIT 1",array($al['id']));
while ($post = $q ->Fetch()){
$al=DB::$dbs->queryFetch("SELECT * FROM `user` WHERE `id` = ? LIMIT 1",array($post['id_user']));
echo '<div class="menu">';
if(($al['id'])==$user['id']){
echo "<b><a href='user_status/'><span style="color:$al[color]">";}else{
echo '<b><a href="/user_status/alls.php?id='.$al['id'].'"><span style="color:'.$al['color'].'">';}
echo output_text($post['msg'])."</a></b><small> (".vremja($post['time']).")</small> <a href='/user_status/komm.php?id=$post[id]'>[".mysql_result(mysql_query("SELECT COUNT(*) FROM `status_komm1` WHERE `id_status` = '$post[id]'"),0)."]<img src='/sys/inc/komm.png' alt''></a> <a href='/user_status/index.php?id=$post[id]&vote'>[".mysql_result(mysql_query("SELECT COUNT(*) FROM `status_vote` WHERE `id_status` = '$post[id]'"),0)."]<img src='/user_status/bbl3.png' alt''></a> n";
if (($us['level'])==4){echo'<a href="user_status/index.php?id='.$post['id'].'&delete">[x]</a>';}
echo "</span></div>n";
}
if (isset($_POST['msg']) && isset($user)){
$msg=$_POST['msg'];
if (isset($_POST['translit']) && $_POST['translit']==1)$msg=translit($msg);
if (strlen2($msg)>500){$err='Сообщение слишком длинное'; header ('location: main.php?id='.$user['id'].'');}
elseif (strlen2($msg)<2){$err='Короткое сообщение'; header ('location: main.php?id='.$user['id'].'');}else{
$msg=mysql_real_escape_string(htmlspecialchars($msg));
mysql_query("INSERT INTO `status_user` (id_user, time, msg) values('$user[id]', '$time', '$msg')");
mysql_query("UPDATE `user` SET `balls` = '".($user['balls']+10)."' WHERE `id` = '$user[id]' LIMIT 1");
mysql_query("UPDATE `user` SET `status_user` = `status_user`+1 WHERE `id` = '$user[id]' LIMIT 1");
$lol=rand(1,10000000);
$ot=$user[id];
$to=$ank[id];
if($user['pol']==0){$emsg='Написала новый статус!';}else{$emsg='Написал новый статус!';}
$lool=status;
mysql_query("INSERT INTO `lenta_saita` (`id`, `user`, `action`, `time`,`type`,`forum_t`,`status`) values('$lol', '$user[nick]', '$emsg', '$time','$lool','$title','$msg')");
header ('location: main.php?id='.$user['id'].'');
}
}
?>