Файл: groups/avatars/preview.php
Строк: 91
<?php
require_once '../../incfiles/core.php';
require_once '../../incfiles/func.php';
require_once '../../incfiles/auth.php';
require_once '../../incfiles/user.php';
// Переход по fid
if (!empty($_GET['fid']) && is_numeric($_GET['fid']) && mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_avatars` WHERE `id` = '".abs(intval($_GET['fid']))."'"),0) == true)
{
$fid = abs(intval($_GET['fid']));
$arr_fid = mysql_fetch_array(mysql_query("SELECT `id`, `group_id`, `name`, `time` FROM `groups_avatars` WHERE `id` = '".$fid."'"));
// Оновлення аватарки
if (!empty($user_id) && !empty($_GET['update']) && is_numeric($_GET['update']))
{
$arr_group = mysql_fetch_array(mysql_query("SELECT * FROM `groups` WHERE `id` = '".$arr_fid['group_id']."' LIMIT 1"));
if (in_array($user_id, explode("||", substr($arr_group['admins'], 1, -1)))) mysql_query("UPDATE `groups` SET `avatar` = '".$arr_fid['name']."' WHERE `id` = '".$arr_group['id']."'");
}
$n = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_avatars` WHERE `group_id` = '".$arr_fid['group_id']."' AND `time` > '".$arr_fid['time']."' ORDER by `time` DESC"),0);
$n = $n+1;
go(URL.'//groups/avatars/preview.php?id='.$arr_fid['group_id'].'&n='.$n);
}
// Переход по fname
if (!empty($_GET['fname']) && mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_avatars` WHERE `name` = '".check($_GET['fname'])."'"),0) == true)
{
$fname = check($_GET['fname']);
$arr_fname = mysql_fetch_array(mysql_query("SELECT * FROM `groups_avatars` WHERE `name` = '".$fname."'"));
$n = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_avatars` WHERE `group_id` = '".$arr_fname['group_id']."' AND `time` > '".$arr_fname['time']."' ORDER by `time` DESC"),0);
$n = $n+1;
go(URL.'/groups/avatars/preview.php?id='.$arr_fname['group_id'].'&n='.$n);
}
if (!empty($_GET['id']) && is_numeric($_GET['id']))
{
$id = abs(intval($_GET['id']));
$result = mysql_query("SELECT * FROM `groups` WHERE `id` = '".$id."' LIMIT 1");
if (mysql_num_rows($result) == true) $arr_group = mysql_fetch_array($result);
else go(URL);
}
else go(URL.'/');
if (in_array($user_id, explode("||", substr($arr_group['blacklist'], 1, -1)))) go(URL.'/groups/?id='.$id);
$title = checkout($arr_group['name']).' :: '.lang('Просмотр','Перегляд').' аватарки';
require_once '../../incfiles/head.php';
echo group_access($arr_group);
echo '<div class="title">'.lang('Просмотр','Перегляд').' аватарки</div>';
$count_photos = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_avatars` WHERE `group_id` = '".$id."'"),0);
$n = (isset($_GET['n']) and is_numeric($_GET['n']) and $_GET['n']>1 and $_GET['n']<=$count_photos) ? $_GET['n'] : 1;
$start = $n*1-1;
$query = mysql_query("SELECT * FROM `groups_avatars` WHERE `group_id` = '".$arr_group['id']."' ORDER by `time` DESC LIMIT $start,1");
while ($arr_ava = mysql_fetch_array($query))
{
echo '<div class="block">
<center><a href="'.URL.'/files/groups/avatars/'.$id.'/'.$arr_ava['name'].'"><img class="preview" src="'.URL.'/files/groups/avatars/'.$id.'/preview/'.$arr_ava['name'].'"/></a></center>';
echo '<p><center>';
p($n,$count_photos,URL.'/groups/avatars/preview.php?id='.$id.'&');
echo ' | <b>'.$n.' '.lang('из','з').' '.$count_photos.'</b> |';
n($n,$count_photos,URL.'/groups/avatars/preview.php?id='.$id.'&');
echo'</center></p>';
echo '<div class="post_panel">';
echo group_like('avatars',$arr_ava['id'],$arr_ava['ulike'],$arr_ava['clike']);
echo '</div>';
echo '</div>
<div class="block">Фотоальбом: <a href="'.URL.'/groups/avatars/?id='.$id.'" onclick="Page.Go(this.href); return false;">Аватарки</a><br/>'.lang('Добавлено','Додана').': '.vtime($arr_ava['time']).'</div>';
if (!empty($user_id) && in_array($user_id, explode("||", substr($arr_group['admins'], 1, -1))))
{
echo '<div class="title">';
if ($arr_group['avatar'] != $arr_ava['name']) echo '<a href="'.URL.'/groups/avatars/preview.php?fid='.$arr_ava['id'].'&update='.$arr_ava['id'].'" onclick="Page.Go(this.href); return false">'.lang('Установить','Встановити').' на аватарку</a> ';
echo '<a href="'.URL.'/groups/avatars/?id='.$id.'&del_avatar='.$arr_ava['id'].'" onclick="Page.Go(this.href); return false">'.lang('Удалить','Видалити').'</a></div>';
}
}
require_once '../../incfiles/foot.php';
?>