Файл: 4mast/profmas.ru/pages/blogs/show_stat.php
Строк: 82
<?php
require_once('../../includes/Headers.php');
require_once('../../includes/PDO_func.php');
include '../../codes/pagination.php';
H ('WM Библиотека', 'WM Библиотека');
$db=DB::$dbs;
$id = isset($_GET['id']) ? intval($_GET['id']) : 1;
$phq = 'SELECT * FROM `blogs` WHERE `id` = '.$id;
$query = $db -> query($phq);
if ($query -> rowCount() == 0)
{
echo '<div class="error">Статей нет!</div>';
require_once('../../includes/Footers.php');
exit();
}
else
{
$row = $query -> fetch(PDO::FETCH_LAZY);
if (isset($_POST['submit']))
{
$error=array();
if (empty($_POST['msg'])) $error[]='Вы не ввели сообщение';
if (empty($error))
{
if (!isset($_GET['send']))
{
$phq = 'INSERT INTO `blogs_comm` SET `id` = "NULL", `user` = "'.$us['id'].'", `msg` = ?, `ref` = '.$id.', `time` = "'.time().'", `send` = ""';
}
else
{
$phq = 'INSERT INTO `blogs_comm` SET `id` = "NULL", `user` = "'.$us['id'].'", `msg` = ?, `ref` = '.$id.', `time` = "'.time().'", `send` = "'.intval($_GET['send']).'"';
}
$db -> query($phq, array($_POST['msg']));
if ($row->user != $us['id'])
{
$msg='us{'.$us['id'].'} оставил комментарий к [url=/pages/blogs/show_stat.php?id='.intval($_GET['id']).']статье[/url]!';
$phq = '
INSERT INTO `action`(`id`, `value`, `t`, `us`, `see`,`razd`)
VALUES ("NULL","'.$msg.'","'.time().'","'.$row->user.'","1","comm")';
$db->query($phq);
}
if (isset($_GET['send']) AND $db->query('SELECT * FROM `us` WHERE `id` = "'.intval($_GET['send']).'"')->rowCount() > 0)
{
$msg='us{'.$us['id'].'} ответил вам в комментариях к [url=/pages/blogs/show_stat.php?id='.intval($_GET['id']).']статье[/url]!';
$phq = '
INSERT INTO `action`(`id`, `value`, `t`, `us`, `see`,`razd`)
VALUES ("NULL","'.$msg.'","'.time().'","'.intval($_GET['send']).'","1","comm")';
$db->query($phq);
}
echo '<div class="access">Сообщение добавлено!</div>';
}
else
{
foreach ($error as $err)
{
echo '<div class="error">'.$err.'</div>';
}
}
}
if (isset($_GET['del']) AND $us['level'] >= 3)
{
$id = (int) $_GET['id'];
$db->query('DELETE FROM `codes` WHERE `id` = '.$db->quote($id));
echo '<div class="access">Удалено!</div>';
}
if (isset($_GET['vote']))
{
$val = $_GET['vote'] == 'n' ? 0 : 1;
if ($db->query('SELECT `id` FROM `blogs_vote` WHERE `ref` = '.$db->quote($_GET['id']).' AND `user` = "'.$us['id'].'"')->rowCount() == 0)
{
$db->query('INSERT INTO `blogs_vote` SET `id` ="NULL", `user` = "'.$us['id'].'", `ref` = '.$db->quote($_GET['id']).', `type` = "'.$val.'"');
}
}
if ($row->check == 0) {echo '<div class="error">Статья на модерации</div>';
require_once('../../includes/Footers.php');
exit;}
?>
<div class="list1">Название: <b><?=htmlspecialchars($row->name);?></b></div>
<div class="lst"><b>Содержание:</b><br><span style="word-wrap:break-word;"><?=tag(htmlspecialchars($row['sub']));?></span></div>
<div class="block">Добавил: <?=Nick($row->user);?> (<?=datef($row->time);?>)</div>
<div class="block">
<?php
$count_y = $db->query('SELECT `id` FROM `blogs_vote` WHERE `type` = "1" AND `ref` = '.$db->quote($_GET['id']))->rowCount();
$count_n = $db->query('SELECT `id` FROM `blogs_vote` WHERE `type` = "0" AND `ref` = '.$db->quote($_GET['id']))->rowCount();
$count = $count_y - $count_n;
echo 'Рейтинг: '; if ($count < 0) echo '<b><font color="red">'.$count.'</font></b>'; echo '<b><font color="green">'.$count.'</font></b>';
if ($db->query('SELECT `id` FROM `blogs_vote` WHERE `user` = "'.$us['id'].'" AND `ref` = '.$db->quote($_GET['id']))->rowCount() == 0)
{
?>
<a href="?id=<?=(int) $_GET['id'];?>&vote=y">+1</a>/<a href="?id=<?=(int) $_GET['id'];?>&vote=n">-1</a>
<?php
}
?>
</div>
<?php if ($us['level'] >= 3) { ?>
<div class="block"><a href="?del&id=<?=intval($_GET['id'])?>" style="color: red;">[Удалить статью]</a></div>
<?php } ?>
<div class="menu2">Комментарии</div>
<?php if ($db->query('SELECT `id` FROM `blogs_comm` WHERE `ref` = '.$id)->rowCount() == 0) { ?>
<div class="error">Комментариев нет!</div>
<?php } else { $pg = new pagination();
$pg -> init(array('num'=>8, 'page' => isset($_GET['page']) ? $_GET['page'] : 1,
'posts' => $db->query('SELECT `id` FROM `blogs_comm` WHERE `ref` = '.$id)->rowCount()));
$query=$db->query('SELECT * FROM `blogs_comm` WHERE `ref` = '.$id.' ORDER BY `id` DESC LIMIT '.$pg->start.', '.$pg->num.'');
while ($row = $query -> fetch(PDO::FETCH_LAZY)) {
?>
<div class="lst">
<?=Nick($row->user);?> (<?=datef($row->time);?>)
<?=($row->send != 0 ? ' ответил '.Nick($row->send) : '')?>
<?=($row->user != $us['id'] ? '<a href="?id='.intval($_GET['id']).'&send='.$row->user.'">[отв]</a>' : '');?><br>
<?=tag(htmlspecialchars($row['msg']));?></div>
<?php $pg->display('?id='.intval($_GET['id']).'&page='); }} ?>
<div class="lst">
<?=(isset($_GET['send']) ? 'Ответ: '.Nick($_GET['send']) : '');?>
<?
if($us == true) { echo 'Написать <form method="POST">
<textarea name="msg"></textarea><br>
<input type="submit" name="submit" value="Написать">
</form>';
} else { echo '<div class="news">Чтобы оставить сообщение вам необходимо пройти <a href="/login/auth">Авторизацию</a> илли <a href="/login/reg">Регистрацию</a>!</div>';
} ?>
</div>
<?php
}
require_once('../../includes/Footers.php');
?>