Файл: modules/videos/video.php
Строк: 81
<?php
/* DCMS Special
* Дата последнего редактирования 16.01.2016
* Модифицировал densnet
*/
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user', 'thead') as $inc) {
require_once "../../sys/inc/$inc.php";
}
$doc->Title('Онлайн видео');
$d = (isset($_GET['d'])) ? htmlspecialchars($_GET['d']) : null;
aut();
$id = @intval($_GET['id']);
$q = mysql_query("SELECT * FROM `videos` WHERE `id` = '" . $id . "'");
while ($res = mysql_fetch_assoc($q)) {
#Навигация
echo "<div class='card-header'>";
echo "<a href='/' data-toggle='tooltip' data-placement='right' title='" . lang('На главную') . "'><i class='fa fa-home fa-lg'></i></a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/modules/videos/'>" . lang('Видео') . "</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo cutStr($res['name'], 30);
echo "</div>";
}
switch ($d) {
case 'del':
if ($user['level'] > 4) {
echo "<div class='list-group-item'>";
echo lang('Вы уверены, что хотите удалить видео') . "?<br />";
$doc->Link('btn btn-success btn-sm', "video.php?id=$id&d=del_ok", null, 'Да');
$doc->Link('btn btn-secondary btn-sm', "video.php?id=$id", null, 'Нет');
echo "</div>";
require_once H . 'sys/inc/tfoot.php';
exit;
} else {
$_SESSION['err'] = lang('Вы не имеета права удалить видео');
header('Location: video.php?id=' . $id . '');
exit;
}
break;
case 'del_ok':
if ($user['level'] > 4) {
mysql_query("DELETE FROM `videos` WHERE `id` = '" . $id . "'");
$_SESSION['message'] = lang('Видео успешно удалено');
header('Location: index.php');
exit;
}
break;
case 'ren':
$q = mysql_query("SELECT * FROM `videos` WHERE `id` = '" . $id . "'");
while ($res = mysql_fetch_assoc($q)) {
if ($user['level'] > 4) {
echo "<form action='video.php?id=$res[id]&d=ren_ok' class='list-group-item' method='POST'>";
$doc->Input('name', 'Название видео', 256, "$res[name]");
echo "<br />";
$doc->Button('btn btn-success btn-sm', null, 'save', 'Сохранить');
echo "</form>";
require_once H . 'sys/inc/tfoot.php';
exit;
}
}
break;
case 'like':
$pokaz = mysql_result(mysql_query("SELECT * FROM `videos_like` WHERE `id_user` = '$user[id]' AND `id_videos` = '" . $id . "' "), 0);
if ($pokaz == 0) {
mysql_query("INSERT INTO `videos_like` (`id_videos`, `id_user`) values ('" . $id . "', '$user[id]')");
}
if ($pokaz != 0) {
mysql_query("DELETE FROM `videos_like` WHERE `id_user` = '$user[id]' AND `id_videos` = '" . $id . "'");
} {
header("Location: video.php?id=" . $id . "" . SID);
exit;
}
break;
case 'ren_ok':
if ($user['level'] > 4) {
$name = mysql_real_escape_string($_POST['name']);
mysql_query("UPDATE `videos` SET `name` = '" . $name . "' WHERE `id`= '" . $id . "'");
$_SESSION['message'] = lang('Изменения сохранены');
header('Location: video.php?id=' . $id . '');
exit;
}
break;
default:
$q = mysql_query("SELECT * FROM `videos` WHERE `id` = '" . $id . "' ");
while ($res = mysql_fetch_assoc($q)) {
echo "<div class='list-group-item'>";
if ($user['level'] > 4) {
echo "<span style='float: right;'><a href='video.php?id=$res[id]&d=ren'><i class='fa fa-edit fa-fw'></i></a> <a href='video.php?id=$res[id]&d=del'><i class='fa fa-trash-o fa-fw'></i></a></span>";
}
echo "<i class='fa fa-youtube-play fa-fw'></i> <b>$res[name]</b>";
echo '</div>';
echo "<div class='list-group-item'>";
echo "<iframe width='100%' height='340' style='max-width:100%;' src='http://www.youtube.com/embed/$res[kod]' frameborder='1' allowfullscreen></iframe>";
echo "<small><font color='grey'>" . lang('Добавлено') . ": " . date::times($res['time']) . "</b></font></small>";
echo '</div>';
$pokaz = @mysql_result(mysql_query("SELECT * FROM `videos_views` WHERE `id_user` = '$user[id]' AND `id_videos` = '" . $id . "' "), 0);
if ($pokaz == 0) {
mysql_query("INSERT INTO `videos_views` (`id_videos`, `id_user`) values ('" . $id . "', '$user[id]')");
}
$like = mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_like` WHERE `id_videos` = '" . $id . "' LIMIT 1"), 0);
$pokz = mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_views` WHERE `id_videos` = '" . $id . "' LIMIT 1"), 0);
$comm = mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_komm` WHERE `id_videos` = '" . $id . "' LIMIT 1"), 0);
echo "<div class='list-group-item'>";
echo "<a href='video.php?id=$id&d=like'><i class='fa fa-heart fa-fw'></i> " . lang('Мне нравится') . " </a> <a href='like.php?id=$id'> <b>$like</b></a><br /> ";
echo "<a href='kto.php?id=$id'><i class='fa fa-eye fa-fw'></i> " . lang('Просмотров') . ": <b>$pokz</b></a><br />";
echo "<a href='komm.php?id=$id'><i class='fa fa-comments fa-fw'></i> " . lang('Комментарии') . ": <b>$comm</b></a> ";
echo '</div>';
echo "<div class='list-group-item'>";
$ank = get_user($res['id_user']);
echo user($ank['id']);
echo '</div>';
echo "<div class='list-group-item'>";
echo '<center><img src="http://i.ytimg.com/vi/' . $res['kod'] . '/1.jpg" width="100" alt="screen" /> <img src="http://i.ytimg.com/vi/' . $res['kod'] . '/2.jpg" width="100" alt="screen" /> <img src="http://i.ytimg.com/vi/' . $res['kod'] . '/3.jpg" width="100" alt="screen" /></center>';
echo '</div>';
}
}
err();
require_once H . 'sys/inc/tfoot.php';