Файл: zametki.php
Строк: 506
<?php
require 'lang_inc.php';
require 'sid.php';
require 'config.php';
$link = connect_db();
list($user, $id, $ps) = check_login($link);
include 'head.php';
include 'navigator.php';
whorm(0, 'zametki');
$do = isset($_GET['do']) ? $_GET['do'] : NULL;
switch($do) {
default:
echo $div_title . ''.$lang['Заметки'].' / ' . $user['user'] . $div_end . $div_left . $div_menu . '
<a href="zametki.php?do=read&lg='.$lg.'">'.$lang['Мои заметки'].'</a> |
<b>'.$lang['Заметки'].'</b>' . $div_end;
if (isset($_GET['x'])) {
$x = my_int($_GET['x']);
$empty = mysql_query("SELECT `id` FROM `zametki` WHERE `id` = '$x' LIMIT 1");
if (mysql_num_rows($empty) != FALSE) {
mysql_query("DELETE FROM `zametki` WHERE `id` = '$x' LIMIT 1");
header('Location: zametki.php?lg='.$lg.'&' . $ref);
} else {
header('Location: zametki.php?lg='.$lg.'&' . $ref);
}
}
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `zametki` WHERE `look` = '1'"), 0);
$n = new navigator($count, $user['onp_favs'], '?lg='.$lg.'');
$view = mysql_query("SELECT * FROM `zametki` WHERE `look` = '1' ORDER BY `id` DESC {$n->limit}");
if ($count != FALSE) {
$i = 0;
while($a = mysql_fetch_assoc($view)) {
if ($user['level'] == 4 || $user['level'] == 5) {
$dl = '<a href="zametki.php?x='.$a['id'].'&lg='.$lg.'"><img src="ico/delete.gif" alt=""/></a> ';
}
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo $dl . '<a href="zametki.php?do=uslook&nk='.$a['user'].'&i='.$a['id'].'&lg='.$lg.'">' . $a['title'] . '</a> » ' . cvetnik($a['user']) . $div_end;
}
echo $n->navi();
} else {
echo ''.$lang['Заметок нет'].'!<br/>';
}
break;
/*
* Мои заметки
*/
case read:
echo $div_title . ''.$lang['Заметки'].' /
' . $user['user'] . $div_end . $div_left . $div_menu . '
<a href="zametki.php?do=new_z&lg='.$lg.'">'.$lang['Создать заметку'].'</a> |
<b>'.$lang['Мои заметки'].'</b> |
<a href="zametki.php?lg='.$lg.'&'.$ref.'">'.$lang['Заметки'].'</a>' . $div_end;
if (isset($_GET['x'])) {
$x = my_int($_GET['x']);
$empty = mysql_query("SELECT `id` FROM `zametki` WHERE `id` = '$x' AND `user` = '$user[id]' LIMIT 1");
if (mysql_num_rows($empty) == FALSE) {
err(''.$lang['Заметка не найдена'].'!');
} else {
mysql_query("DELETE FROM `zametki` WHERE `id` = '$x' AND `user` = '$user[id]' LIMIT 1");
header('Location: zametki.php?lg='.$lg.'&' . $ref);
}
}
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `zametki` WHERE `user` = '$user[id]'"), 0);
$n = new navigator($count, $user['onp_favs'], '?lg='.$lg.'');
$view = mysql_query("SELECT * FROM `zametki` WHERE `user` = '$user[id]' ORDER BY `id` DESC {$n->limit}");
if ($count != FALSE) {
$i = 0;
while($a = mysql_fetch_assoc($view)) {
$e = ' <a href="zametki.php?do=edit&z='.$a['id'].'&lg='.$lg.'"><img src="ico/edit.gif" alt=""/></a>';
$d = ' <a href="zametki.php?x='.$a['id'].'&lg='.$lg.'"><img src="ico/delete.gif" alt=""/></a>';
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="zametki.php?do=look&z='.$a['id'].'&lg='.$lg.'">' . $a['title'] . '</a>' . $e . $d . $div_end;
}
echo $n->navi();
} else {
echo ''.$lang['Заметок нет'].'!<br/>';
}
break;
/*
* Новая заметка
*/
case new_z:
echo $div_title . ''.$lang['Заметки'].' /
' . $user['user'] . $div_end . $div_left . $div_menu . '
<b>'.$lang['Создать заметку'].'</b> |
<a href="zametki.php?do=read&lg='.$lg.'">'.$lang['Мои заметки'].'</a> |
<a href="zametki.php?lg='.$lg.'&'.$ref.'">'.$lang['Заметки'].'</a>' . $div_end;
if (isset($_POST['add'])) {
$title = trim(mysql_real_escape_string(check($_POST['title'])));
$content = trim(mysql_real_escape_string(check($_POST['content'])));
$comm = my_int($_POST['comm']);
$look = my_int($_POST['look']);
if (empty($title)) {
err(''.$lang['Пустое название заметки'].'!');
} elseif (empty($content)) {
err(''.$lang['Пустое содержание заметки'].'!');
} else {
// транслит
if ($user['translit'] == 1) {
$content = trun_to_rus($content);
}
// антимат
$ant = mysql_fetch_array(mysql_query("SELECT `antimat` FROM `setting` WHERE `ids` = '1'"));
$title = ($ant[0] == 1) ? mat($title) : $title;
$content = ($ant[0] == 1) ? mat($content) : $content;
// Антиреклама
$_ant = mysql_fetch_assoc(mysql_query("SELECT `on_rekl`, `text_rekl` FROM `setting` WHERE `ids` = '1'"));
if ($_ant['on_rekl'] == 1) {
$ex = explode(',', file_get_contents('domains.dat'));
foreach($ex as $value) {
if ($user['level'] != 4 && $user['level'] != 5 && !preg_match('/[url=http://(.*)[/url]/si', $content)) {
$title = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $title);
$content = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $content);
} elseif ($user['level'] != 4 && $user['level'] != 5) {
$title = preg_replace("/(.*)(s|,|.|*|_|-|+)+$value/si", $_ant['text_rekl'], $title);
}
}
}
mysql_query("INSERT INTO `zametki` SET
`title` = '$title',
`content` = '$content',
`user` = '$user[id]',
`comm` = '$comm',
`look` = '$look',
`date` = '" . time() . "'");
$last = mysql_fetch_array(mysql_query("SELECT `id`, `content` FROM `zametki` ORDER BY `id` DESC LIMIT 1"));
/*--------------------рассылка в ленту---------------------*/
$frnd = mysql_query("SELECT * FROM `friends` WHERE `user` = '$user[id]' AND `zajavka` = '1'");
while($send = mysql_fetch_assoc($frnd)) {
if (user_inf($send['who'], 'my_lenta_favs') == 1 && $user['fr_lenta_favs'] == 1) {
$last[1] = (mb_strlen($last[1], 'UTF8') > 30) ? mb_substr($last[1], 0, 30) : $last[1];
$message = us($user['id']) . ' '.$lang['создал новую заметку'].' <a href="zametki.php?do=uslook&nk='.$user['id'].'&i='.$last[0].'&lg='.$lg.'">' . $last[1] . '</a>!';
mysql_query("INSERT INTO `lenta` SET
`user` = '$send[who]',
`text` = '$message',
`type` = 'friends',
`date` = '" . time() . "',
`read` = '1'");
}
}
/*--------------------рассылка в ленту---------------------*/
header('Location: zametki.php?do=uslook&nk='.$user['id'].'&i='.$last[0] .'&'.$lg );
}
}
echo '<fieldset>
<FORM method="POST" action="zametki.php?do=new_z&lg='.$lg.'">
<label>'.$lang['Название'].':</label>
<br/>
<input type="text" name="title"/>
<br/>
<label>'.$lang['Текст'].':</label>
<br/>
<label>'.$lang['Вставить'].': <a href="faq.php?do=smile&lg='.$lg.'">['.$lang['смайлы'].']</a></label>
<br/>
<textarea name="content" cols="50" rows="5" style="width: 99%;"></textarea>
<br/>
<label>'.$lang['Могут смотреть'].':</label>
<br/>
<input type="radio" name="look" checked="checked" value="1"/> '.$lang['Все'].'
<br/>
<input type="radio" name="look" value="0"/> '.$lang['Только друзья'].'
' . $block . '
<label>'.$lang['Могут комментировать'].':</label>
<br/>
<input type="radio" name="comm" checked="checked" value="1"/> '.$lang['Все'].'
<br/>
<input type="radio" name="comm" value="0"/> '.$lang['Только друзья'].'
' . $block . '
<input type="submit" name="add" value="'.$lang['Создать'].'"/>
</FORM>
</fieldset>';
echo $div_end;
break;
/*
* Изменение заметки
*/
case edit:
echo $div_title . ''.$lang['Заметки'].' /
' . $user['user'] . $div_end . $div_left . $div_menu . '
<b>'.$lang['Изменить заметку'].'</b> |
<a href="zametki.php?do=read&lg='.$lg.'">'.$lang['Мои заметки'].'</a> |
<a href="zametki.php?lg='.$lg.'&'.$ref.'">'.$lang['Заметки'].'</a>' . $div_end;
$z = my_int($_REQUEST['z']);
$empty = mysql_query("SELECT * FROM `zametki` WHERE `id` = '$z' AND `user` = '$user[id]' LIMIT 1");
if (isset($_POST['save'])) {
$title = trim(mysql_real_escape_string(check($_POST['title'])));
$content = trim(mysql_real_escape_string(check($_POST['content'])));
$comm = my_int($_POST['comm']);
$look = my_int($_POST['look']);
if (empty($title)) {
err(''.$lang['Пустое название заметки'].'!');
} elseif (empty($content)) {
err(''.$lang['Пустое содержание заметки'].'!');
} else {
mysql_query("UPDATE `zametki` SET
`title` = '$title',
`content` = '$content',
`comm` = '$comm',
`look` = '$look'
WHERE
`id` = '$z' AND `user` = '$user[id]' LIMIT 1");
header('Location: zametki.php?do=look&z=' . $z .'&'. $lg );
}
}
if (mysql_num_rows($empty) == FALSE) {
err(''.$lang['Заметка не найдена'].'!');
} else {
$inf = mysql_fetch_assoc($empty);
if ($inf['look'] == 1) $ch_1 = 'checked="checked"';
elseif ($inf['look'] == 0) $ch_2 = 'checked="checked"';
if ($inf['comm'] == 1) $ch_3 = 'checked="checked"';
elseif ($inf['comm'] == 0) $ch_4 = 'checked="checked"';
echo '<fieldset>
<FORM method="POST" action="zametki.php?do=edit&lg='.$lg.'">
<label>'.$lang['Название'].':</label>
<br/>
<input type="text" name="title" value="' . $inf['title'] . '"/>
<br/>
<label>'.$lang['Текст'].':</label>
<br/>
<label>'.$lang['Вставить'].': <a href="faq.php?do=smile&lg='.$lg.'">['.$lang['смайлы'].']</a></label>
<br/>
<textarea name="content" cols="50" rows="5" style="width: 99%;">' . back_bb($inf['content']) . '</textarea>
<br/>
<label>'.$lang['Могут смотреть'].':</label>
<br/>
<input type="radio" name="look" ' . $ch_1 . ' value="1"/> '.$lang['Все'].'
<br/>
<input type="radio" name="look" ' . $ch_2 . ' value="0"/> '.$lang['Только друзья'].'
' . $block . '
<label>'.$lang['Могут комментировать'].':</label>
<br/>
<input type="radio" name="comm" ' . $ch_3 . ' value="1"/> '.$lang['Все'].'
<br/>
<input type="radio" name="comm" ' . $ch_4 . ' value="0"/> '.$lang['Только друзья'].'
' . $block . '
<input type="hidden" name="z" value="' . $z . '"/>
<input type="submit" name="save" value="'.$lang['Изменить'].'"/>
</FORM>
</fieldset>';
}
echo $div_end;
break;
/*
* Просмотр самой заметки
*/
case look:
$z = my_int($_REQUEST['z']);
$empty = mysql_query("SELECT * FROM `zametki` WHERE `id` = '$z' AND `user` = '$user[id]' LIMIT 1");
if (mysql_num_rows($empty) == FALSE) {
err(''.$lang['Заметка не найдена'].'!');
} else {
$inf = mysql_fetch_assoc($empty);
$_num_z = mysql_result(mysql_query("SELECT COUNT(*) FROM `fav` WHERE `sec` = '6' AND `uid` = '$z'"), 0);
echo $div_title . us($inf['user']) . ' / ' . $inf['title']
. $div_end . $div_left . date('d.m.Y H:i', $inf['date'])
. $block . $div_tworazdel . smiles(bb_code($inf['content'])) . $div_end
. $div_razdel . '
<img src="ico/fav.gif" alt=""/>
<a href="fav.php?do=add&cat=6&z='.$z.'&lg='.$lg.'">'.$lang['Добавить в закладки'].'</a>
<br/>
'.$lang['В закладках у'].': <a href="fav.php?do=view_favs&u='.$z.'&lg='.$lg.'">(' . $_num_z . ')</a> '.$lang['чел'].'.' . $div_end;
if (isset($_GET['x'])) {
$x = my_int($_GET['x']);
$em = mysql_query("SELECT `id` FROM `koms_note` WHERE `id` = '$x' AND `komu` = '$user[id]' LIMIT 1");
if (mysql_num_rows($em) != FALSE) {
mysql_query("DELETE FROM `koms_note` WHERE `id` = '$x' AND `komu` = '$user[id]' LIMIT 1");
header('Location: zametki.php?do=look&z=' . $z .'&'. $lg );
} else {
header('Location: zametki.php?do=look&z=' . $z .'&'. $lg );
}
}
if (isset($_GET['order']) && $_GET['order'] == 2) {
$sort = '<b>'.$lang['вверху'].'</b> | <a href="zametki.php?do=look&z='.$z.'&order=1&lg='.$lg.'">'.$lang['внизу'].'</a>';
$ord = 'DESC';
} elseif (isset($_GET['order']) && $_GET['order'] == 1) {
$sort = '<a href="zametki.php?do=look&z='.$z.'&order=2&lg='.$lg.'">'.$lang['вверху'].'</a> | <b>'.$lang['внизу'].'</b>';
$ord = 'ASC';
} else {
$sort = '<a href="zametki.php?do=look&z='.$z.'&order=2&lg='.$lg.'">'.$lang['вверху'].'</a> | <b>'.$lang['внизу'].'</b>';
$ord = 'ASC';
}
echo $div_menu . ''.$lang['Новые'].': ' . $sort . $div_end;
$num = mysql_result(mysql_query("SELECT COUNT(*) FROM `koms_note` WHERE `uid` = '$z'"), 0);
if ($num != FALSE) {
echo ''.$lang['Комментарии'].':<br/>';
$n = new navigator($num, $user['onp_comments'], '?do=look&z='.$z.'&lg='.$lg.'&');
$view = mysql_query("SELECT * FROM `koms_note` WHERE `uid` = '$z' ORDER BY `id` $ord {$n->limit}");
$ii = 0;
while($a = mysql_fetch_assoc($view)) {
$otv = ' <a href="zametki.php?do=look&z='.$z.'&k='.$a['user'].'&#down&lg='.$lg.'">[*]</a>';
$d = '<a href="zametki.php?do=look&z='.$z.'&x='.$a['id'].'&lg='.$lg.'"><img src="ico/delete.gif" alt=""/></a> ';
echo ($ii ++ % 2) ? $div_tworazdel : $div_razdel;
echo $d . us($a['user']) . $otv . '<br/>' . $a['date'] . '<br/>' . smiles(bb_code($a['msg'])) . $div_end;
}
} else {
echo ''.$lang['Комментарии отсутствуют'].'.<br/>';
}
if (isset($_POST['addkom'])) {
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (empty($mes)) {
err(''.$lang['Пустой комментарий'].'!');
} else {
// Оповещание последнему постеру
$lst = mysql_fetch_assoc(mysql_query("SELECT `user` FROM `koms_note` WHERE
`uid` = '$z'
ORDER BY `id` DESC LIMIT 1"));
if ($user['id'] != $lst['user']) {
$message = ''.$lang['Оставлено сообщение к заметке'].' <a href="zametki.php?do=uslook&nk='.$user['id'].'&z='.$z.'&lg='.$lg.'">'.$inf['title'].'</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '$lst[user]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
mysql_query("INSERT INTO `koms_note` SET
`uid` = '$z',
`user` = '$user[id]',
`msg` = '$mes',
`date` = '" . date('d.m.y H:i') . "',
`komu` = '$user[id]'");
header('Location: zametki.php?do=look&z=' . $z .'&'. $lg );
}
}
$Komu = (isset($_GET['k'])) ? user_inf(my_int($_GET['k']), 'user') . ', ' : '';
echo '<a name="down"></a>
<FORM method="POST" action="zametki.php?do=look&z='.$z.'&lg='.$lg.'">
<label><b>'.$lang['Комментарий'].':</b></label><br/>
<label>'.$lang['Вставить'].' <a href="faq.php?do=smile&lg='.$lg.'">['.$lang['смайлы'].']</a></label>
<a href="faq.php?do=bb&lg='.$lg.'">['.$lang['бб-коды'].']</a>
<br/>
<fieldset>
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . $Komu . '</textarea>
<br/>
<input type="hidden" name="z" value="' . $z . '"/>
<input type="submit" name="addkom" value="'.$lang['Добавить'].'"/>
</fieldset>
</FORM>';
}
echo $div_end;
break;
/*
* Просмотр чужих заметок
*/
case view:
$nk = my_int($_GET['nk']);
if ($user['id'] == $nk) {
header('Location: zametki.php?do=read&lg='.$lg.'');
die();
}
echo $div_title . ''.$lang['Заметки'].' /
' . us($nk) . $div_end . $div_left . $div_menu . '
<a href="zametki.php?do=read&lg='.$lg.'">'.$lang['Мои заметки'].'</a> |
<a href="zametki.php?lg='.$lg.'&'.$ref.'">'.$lang['Заметки'].'</a>' . $div_end;
if (!user_inf($nk)) {
err(''.$lang['Пользователь не наден'].'!');
} else {
if ($user['id'] != $nk) {
// запись всевидящего ока
$vok = mysql_query("SELECT `id` FROM `oko` WHERE `user` = '$nk' AND `who` = '$user[id]'");
if (mysql_num_rows($vok) == FALSE && $user['p_oko'] == 1) {
$r_n_d = mt_rand(1000000, 9999999);
mysql_query("INSERT INTO `oko` SET `id` = '$r_n_d', `user` = '$nk', `who` = '$user[id]', `where` = 'zametki', `time` = '" . time() . "'");
} elseif (mysql_num_rows($vok) != FALSE && $user['p_oko'] == 1) {
mysql_query("UPDATE `oko` SET `where` = 'zametki', `time` = '" . time() . "' WHERE `user` = '$nk' AND `who` = '$user[id]' LIMIT 1");
}
}
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `zametki` WHERE `user` = '$nk'"), 0);
$n = new navigator($count, $user['onp_favs'], '?lg='.$lg.'');
$view = mysql_query("SELECT * FROM `zametki` WHERE `user` = '$nk' ORDER BY `id` DESC {$n->limit}");
if ($count != FALSE) {
$i = 0;
while($a = mysql_fetch_assoc($view)) {
echo ($i ++ % 2) ? $div_tworazdel : $div_razdel;
echo '<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$a['id'].'&lg='.$lg.'">' . $a['title'] . '</a>' . $div_end;
}
echo $n->navi();
} else {
echo ''.$lang['Заметок нет'].'!<br/>';
}
}
break;
/*
* Просмотр подробно чужой заметки
*/
case uslook:
$nk = my_int($_REQUEST['nk']);
$i = my_int($_REQUEST['i']);
$empty = mysql_query("SELECT * FROM `zametki` WHERE `id` = '$i' AND `user` = '$nk' LIMIT 1");
if (!user_inf($nk)) {
err(''.$lang['Пользователь не наден'].'!');
} else {
if (mysql_num_rows($empty) == FALSE) {
err(''.$lang['Заметка не найдена'].'!');
} else {
$inf = mysql_fetch_assoc($empty);
$fr = mysql_query("SELECT COUNT(*) FROM `friends` WHERE
`user` = '$user[id]'
AND
`who` = '$nk'
AND
`zajavka` = '1'
OR
`user` = '$nk'
AND
`who` = '$user[id]'
AND
`zajavka` = '1'");
if ($inf['look'] == 0 && mysql_result($fr, 0) == FALSE) {
echo $div_title . ''.$lang['Стоп'].'!' . $div_end;
err(''.$lang['Заметка доступна только для друзей автора'].'!');
include 'foot.php';
exit();
}
if (isset($_GET['x'])) {
$x = my_int($_GET['x']);
$em = mysql_query("SELECT `id` FROM `koms_note` WHERE `id` = '$x' LIMIT 1");
if (mysql_num_rows($em) != FALSE) {
mysql_query("DELETE FROM `koms_note` WHERE `id` = '$x' LIMIT 1");
header('Location: zametki.php?do=uslook&nk='.$nk.'&i=' . $i .'&'. $lg );
} else {
header('Location: zametki.php?do=uslook&nk='.$nk.'&i=' . $i .'&'. $lg );
}
}
$_num_z = mysql_result(mysql_query("SELECT COUNT(*) FROM `fav` WHERE `sec` = '6' AND `uid` = '$i'"), 0);
if (mb_strlen($inf['content'], 'UTF8') > 250 && !isset($_GET['read'])) {
$inf['content'] = mb_substr($inf['content'], 0, 250, 'UTF8') . '...<br/>
<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&read&lg='.$lg.'"><span class="next">'.$lang['Далее'].'»</span></a>';
} elseif (mb_strlen($inf['content'], 'UTF8') > 250 && isset($_GET['read'])) {
$inf['content'] = $inf['content'] . '<br/>
<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&lg='.$lg.'"><span class="next">«'.$lang['Скрыть'].'</span></a>';
} else {
$inf['content'] = $inf['content'];
}
echo $div_title . us($nk) . ' / ' . $inf['title']
. $div_end . $div_left . date('d.m.Y H:i', $inf['date'])
. $block . $div_tworazdel . smiles(bb_code($inf['content'])) . $div_end
. $div_razdel . '
<img src="ico/fav.gif" alt=""/>
<a href="fav.php?do=add&cat=6&z='.$i.'&lg='.$lg.'">'.$lang['Добавить в закладки'].'</a>
<br/>
'.$lang['В закладках у'].': <a href="fav.php?do=view_favs&u='.$i.'&lg='.$lg.'">(' . $_num_z . ')</a> '.$lang['чел'].'.' . $div_end;
if (isset($_GET['order']) && $_GET['order'] == 2) {
$sort = '<b>'.$lang['вверху'].'</b> | <a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&order=1&lg='.$lg.'">'.$lang['внизу'].'</a>';
$ord = 'DESC';
} elseif (isset($_GET['order']) && $_GET['order'] == 1) {
$sort = '<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&order=2&lg='.$lg.'">'.$lang['вверху'].'</a> | <b>'.$lang['внизу'].'</b>';
$ord = 'ASC';
} else {
$sort = '<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&order=2&lg='.$lg.'">'.$lang['вверху'].'</a> | <b>'.$lang['внизу'].'</b>';
$ord = 'ASC';
}
echo $div_menu . ''.$lang['Новые'].': ' . $sort . $div_end;
$num = mysql_result(mysql_query("SELECT COUNT(*) FROM `koms_note` WHERE `uid` = '$i'"), 0);
if ($num != FALSE) {
echo ''.$lang['Комментарии'].':<br/>';
$n = new navigator($num, $user['onp_comments'], '?do=uslook&nk='.$nk.'&i='.$i.'&lg='.$lg.'&');
$view = mysql_query("SELECT * FROM `koms_note` WHERE `uid` = '$i' ORDER BY `id` $ord {$n->limit}");
$ii = 0;
while($a = mysql_fetch_assoc($view)) {
$otv = ' <a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&k='.$a['user'].'&#down&lg='.$lg.'">[*]</a>';
if ($a['user'] == $user['id'] || $user['level'] == 4 || $user['level'] == 5) {
$d = '<a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&x='.$a['id'].'&lg='.$lg.'"><img src="ico/delete.gif" alt=""/></a> ';
}
echo ($ii ++ % 2) ? $div_tworazdel : $div_razdel;
echo $d . us($a['user']) . $otv . '<br/>' . $a['date'] . '<br/>' . smiles(bb_code($a['msg'])) . $div_end;
}
echo $n->navi();
} else {
echo $div_razdel . ''.$lang['Комментарии отсутствуют'].'.' . $div_end;
}
if (isset($_POST['addkom'])) {
$mes = trim(mysql_real_escape_string(check($_POST['mes'])));
if (empty($mes)) {
err(''.$lang['Пустой комментарий'].'!');
} else {
// Оповещание последнему постеру
$lst = mysql_fetch_assoc(mysql_query("SELECT `user` FROM `koms_note` WHERE
`uid` = '$i'
ORDER BY `id` DESC LIMIT 1"));
if ($user['id'] != $lst['user']) {
$message = ''.$lang['Оставлено сообщение к заметке'].' <a href="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&lg='.$lg.'">'.$inf['title'].'</a>.';
mysql_query("INSERT INTO `lenta` SET
`user` = '$lst[user]',
`text` = '$message',
`type` = 'comments',
`date` = '" . time() . "',
`read` = '1'");
}
mysql_query("INSERT INTO `koms_note` SET
`uid` = '$i',
`user` = '$user[id]',
`msg` = '$mes',
`date` = '" . date('d.m.y H:i') . "',
`komu` = '$nk'");
header('Location: zametki.php?do=uslook&nk='.$nk.'&i=' . $i .'&'. $lg );
}
}
$Komu = (isset($_GET['k'])) ? user_inf(my_int($_GET['k']), 'user') . ', ' : '';
echo '<a name="down"></a>
<FORM method="POST" action="zametki.php?do=uslook&nk='.$nk.'&i='.$i.'&lg='.$lg.'">
<label><b>'.$lang['Комментарий'].':</b></label><br/>
<label>'.$lang['Вставить'].' <a href="faq.php?do=smile&lg='.$lg.'">['.$lang['смайлы'].']</a></label>
<a href="faq.php?do=bb&lg='.$lg.'">['.$lang['бб-коды'].']</a>
<br/>
<fieldset>
<textarea name="mes" cols="50" rows="5" style="width: 99%;">' . $Komu . '</textarea>
<br/>
<input type="hidden" name="i" value="' . $i . '"/>
<input type="hidden" name="nk" value="' . $nk . '"/>
<input type="submit" name="addkom" value="'.$lang['Добавить'].'"/>
</fieldset>
</FORM>';
}
}
echo $div_end;
break;
}
include 'foot.php';
?>