<?
include_once ('../../system/function.php');
$title = 'Товар';
include_once ('../../system/header.php');
if(!isset($user['id'])) {
header('Location: / ');
exit;
}
$id = abs(intval($_GET['id']));
$kat = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_kat` WHERE `id` = '".$id."'"));
$good = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_good` WHERE `id` = '".$id."'"));
$di = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_dir` WHERE `id` = '".$kat['dir']."'"));
$act = isset($_GET['act']) ? $_GET['act'] : null;
switch($act) {
case 'add':
if(!$kat){
header("Location: / ");
exit;
}
if($user['wp'] == 0 and $user['qp'] == 0 ) {
echo '<div class="title"><center><b>Доступ закрыт!</b><br /></div>
<div class="podmenu"><b><font color = "red">Подтвердите WMID или QIWI</font></b></center></div>';
include_once ('../../system/footer.php');
exit();
}
if(isset($_REQUEST['ok'])){
$name = strong($_POST['name']);
$text = strong($_POST['text']);
$cost = strong($_POST['cost']);
$copis = strong($_POST['copis']);
$_SESSION['name'] = $name;
$_SESSION['text'] = $text;
$_SESSION['cost'] = $cost;
$_SESSION['copis'] = $copis;
if(empty($name) or empty($text) or empty($cost)){
$_SESSION['err'] = 'Одно из полей осталось пустым';
header('Location: ?');
exit;
}
if(!preg_match('|^[0-9\-]+$|i', $cost)){
$_SESSION['err'] = 'В цене только цифры!';
header('Location: ?');
exit;
}
if(!preg_match('|^[0-9\-]+$|i', $copis)){
$_SESSION['err'] = 'В копиях только цифры!';
header('Location: ?');
exit;
}
if(mb_strlen($name) > 200 or mb_strlen($name) < 5){
$_SESSION['err'] = 'Длина имени от 5 до 200 символов';
header('Location: ?');
exit;
}
if(mb_strlen($text) > 5000 or mb_strlen($text) < 5){
$_SESSION['err'] = 'Длина описания от 5 до 5000 символов';
header('Location: ?');
exit;
}
if($cost < 10 or $cost > 10000){
$_SESSION['err'] = 'Некорректная цена';
header('Location: ?');
exit;
}
$maxsize = 50;
$size = $_FILES['filename']['size'];
if(!@file_exists($_FILES['filename']['tmp_name'])) {
$_SESSION['err'] = 'Выбери файл';
header('Location: ?');
exit;
}
if($size > (1048576 * $maxsize)) {
$_SESSION['err'] = 'Максимальный размер файла '.$maxsize.'мб!';
header('Location: ?');
exit;
}
$filetype = array ('zip', 'rar','ZIP','RAR');
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], ".")+1);
if(!in_array($upfiletype,$filetype)) {
$_SESSION['err'] = 'Запрещенный формат';
header('Location: ?');
exit;
}
$key = strtoupper(substr(md5(time()), -10));
$files = del_f('masteru_site'.'_'.rand(12340,56780).'_'.$key.'_'.rand(12340,56780).'_'.$_FILES['filename']['name']);
$ext2 = explode(".", $files);
if(count($ext2) != 2) {
$_SESSION['err'] = 'Двойное расширение';
header('Location: ?');
exit;
}
move_uploaded_file($_FILES['filename']['tmp_name'], "../../files/shop/good/all/".$files."");
$filepath = '../../files/shop/good/all/'.$files.'';
$zip = new ZipArchive;
if ($zip->open($filepath) === TRUE){
$zip->deleteName('PROFIWM_COM.txt');
$zip->setArchiveComment('MASTERU.SITE - Все для WAP/WEB мастера!');
$zip->addFromString
('MASTERU_SITE.txt','Купленно на MASTERU.SITE - элитный клуб WAP/WEB разработчиков, программистов и дизайнеров! Заходи обезательно!');
$zip->close();
}
mysql_query("INSERT INTO `shop_good` SET
`name` = '".$name."',
`text` = '".$text."',
`cost` = '".$cost."',
`file` = '".$files."',
`cop` = '".$copis."',
`time` = '".time()."',
`kat` = '".$id."',
`saller` = '".$user['id']."',
`dir` = '".$kat['dir']."'
");
$ins = mysql_insert_id();
session_destroy();
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$ins.'");
</script>';
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Dir'.$kat['dir'].'">'.$di['name'].' </a> | '.$kat['name'].' | Добавить </div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
quickpaste('text');
quickpanel();
echo'<div class="podmenu"><form action="" enctype="multipart/form-data" method="post">';
if($user['bb_panel'] == 1) {
require_once ('../../system/bbcode.php');
}
echo '
Название:<br /><input type="text" value="'.$_SESSION['name'].'" name="name" placeholder="Название" /><br />
Цена (Мин 10, макс 10,000):<br /><input type="number" value="'.$_SESSION['cost'].'" name="cost" placeholder="Цена" /><br />
Копии (0 - не ограниченно):<br /><input type="number" value="'.$_SESSION['copis'].'" name="copis" placeholder="Копии" /><br />
Выберите файл:<br /><input type="file" name="filename"><br />
Описание:<br />
<textarea rows="'.$user['rows'].'" cols="'.$user['cols'].'" placeholder="Текст..." name="text">'.$_SESSION['text'].'</textarea><br />
<input type="submit" name="ok" value="Добавить" />
</form></div>';
break;
case 'view':
$byed = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_byed` WHERE `tov` = '".$id."'"),0);
if(!$good){
header('Location: /');
exit;
}
$checkv = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_s` WHERE `good` = '".$id."' and `us` = '".$user['id']."'"),0);
if($checkv == 0){
mysql_query("INSERT INTO `shop_s` SET `good` = '".$id."', `us` = '".$user['id']."', time = '".time()."'");
}
$views = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_s` WHERE `good` = '".$id."'"),0);
echo '<div class="title"><a href="/Shop">Магазин</a> | Товар: '.$good['name'].'</div>';
echo '<div class="podmenu">';
if($user['level'] != 0 or $user['id'] == $good['saller']) {
echo'<a href="/Shop/Screen'.$good['id'].'">[<b>Скриншоты</b></a> | ';
echo'<a href="/Shop/Edit_Info'.$good['id'].'"> [<b>Редактировать</b>] | </a>';
echo'<a href="/Shop/Update_Arcive'.$good['id'].'"> [<b>Обновить архив</b>]</a>';
echo'<a href="/Shop/Cost'.$good['id'].'"> [<b>Цена</b>]</a>';
if($good['b'] == 0){
echo'<a href="/Shop/Block'.$good['id'].'"> [<b>Остановить продажу</b>]</a>';
}
if($good['b'] == 1 and $user['level'] != 0){
echo'<a href="/Shop/unBlock'.$good['id'].'"> [<b>Вернуть к продажу</b>]</a>';
}
}
echo'</div>';
?><style>
.img{margin: 0 auto;display: block;}
.img:hover{width: 240px;}
.img{transition: 0.4s;}
.img:hover{transform: scale(1.15, 1.15);}
</style><?
$count = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `shop_src` WHERE `good` = '".$id."'"),0);
$src = mysql_query("SELECT * FROM `shop_src` WHERE `good`='".$id."'");
if($count > 0){
echo '<div class="podmenu"><center>';
while($a = mysql_fetch_array($src)){
echo '<a href="../../files/shop/src/'.$a['file'].'"><img src="../../files/shop/src/'.$a['file'].'" class="img" width="120" hight="120"/></a>';
}
echo '</center></div>';
}
echo '<div class="podmenu"><center>';
$in_cart = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_cart` WHERE `good` = '".$good['id']."' and `us` = '".$user['id']."'"),0);
$in_vants = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_vants` WHERE `good` = '".$good['id']."' and `us` = '".$user['id']."'"),0);
if(isset($_GET['cart'])){
if($good['saller'] == $user['id']){
header('Location: ?');
exit;
}
if(!$good){
header('Location: ?');
exit;
}
if($good['block'] == 1 and $good['cop'] != 0 or $good['cop'] == $byed){
header('Location: ?');
exit;
}
if($in_cart == 0){
mysql_query("INSERT INTO `shop_cart` SET `us` = '".$user['id']."',`good` = '".$good['id']."', `time` = '".time()."'");
header('Location: ?');
exit;
}
if($in_cart > 0){
mysql_query("DELETE FROM `shop_cart` WHERE `us` = '".$user['id']."' and `good` = '".$good['id']."'");
header('Location: ?');
exit;
}}
if(isset($_GET['vants'])){
if($good['saller'] == $user['id']){
header('Location: ?');
exit;
}
if(!$good){
header('Location: ?');
exit;
}
if($good['block'] == 1 and $good['cop'] != 0 or $good['cop'] == $byed){
header('Location: ?');
exit;
}
if($in_vants == 0){
mysql_query("INSERT INTO `shop_vants` SET `us` = '".$user['id']."',`good` = '".$good['id']."', `time` = '".time()."'");
header('Location: ?');
exit;
}
if($in_vants > 0){
mysql_query("DELETE FROM `shop_vants` WHERE `us` = '".$user['id']."' and `good` = '".$good['id']."'");
header('Location: ?');
exit;
}}
if($good['block'] == 0 and $good['cop'] == 0 or $good['cop'] != $byed and $user['id'] != $good['saller']){
if($in_cart == 0){
echo'<a href="?cart"><input type="submit" value=" В корзину "></a>';
}else{
echo'<a href="?cart"><input type="submit" value=" Из корзины "></a>';
}
if($in_vants == 0){
echo'<a href="?vants"><input type="submit" value=" В желания "></a>';
}else{
echo'<a href="?vants"><input type="submit" value=" Из желаний "></a>';
}
$byes = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_byed` WHERE `tov` = '".$id."' and `us` = '".$user['id']."'"),0);
if($byes == 0){
echo'<a href="/Shop/Bye'.$good['id'].'"><input type="submit" value=" Купить "></a>';
}else{
echo'<a href="/Shop/Load'.$good['id'].'"><input type="submit" value=" Скачать "></a>';
}
}elseif($good['b'] == 1){
echo '<b>Товар заблокирован по причине:</b> '.$good['b_com'].'';
}elseif($good['cop'] != 0 and $good['cop'] == $byed){
echo '<b>Все копии проданы!</b>';
}
echo'</center></div>';
echo '<div class="title">О товаре</div>';
echo '<div class="podmenu"><b>Описание:</b> '.nl2br(bb(smile($good['text']))).' </div>';
if($good['discont'] == 0){
echo '<div class="podmenu"><b>Цена: </b>[<font color="green"> <b>'.$good['cost'].'</b></font> ] рублей</div>';
}else{
echo '<div class="podmenu"><b>Цена: </b>[<s><font color="green"> <b>'.$good['cost'].'</b></s></font>] - Новая [<font color="red"><b>'.$good['discont'].'</b></font>] рублей</div>';
}
if($good['cop'] == 0 ){
echo '<div class="podmenu"><b>Кол-во копий:</b> Не ограниченно';
}else{
echo '<div class="podmenu"><b>Кол-во копий:</b> [ '.$good['cop'].' ]';
}
echo ' | Продано ['.$byed.']</div>';
echo '<div class="podmenu"><b>Дата добавления:</b> ['.vremja($good['time']).']</div>';
if($good['updated'] != 0){
echo '<div class="podmenu"><b>Архив обновлен:</b> [<font color="red"><b>'.vremja($good['updated']).'</font></b>]</div>';
}
$icart = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_cart` WHERE `good` = '".$good['id']."'"),0);
$ivants = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_vants` WHERE `good` = '".$good['id']."'"),0);
echo '<div class="podmenu"><b>Продавец:</b> ['.nick($good['saller']).']</div>';
echo '<div class="podmenu"><b>Размер файла:</b> ['.fsize('../../files/shop/good/all/'.$good['file']).']</div>';
echo '<div class="title">Интерес </div>';
echo '<div class="podmenu"><b>Просмотрен:</b> '.$views.' раз</div>';
echo '<div class="podmenu"><b>В корзине у :</b> '.$icart.' чел</div>';
echo '<div class="podmenu"><b>В желаниях у:</b> '.$ivants.' чел</div>';
echo '<div class="title">О продавце: </div>';
$saller = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$good['saller']."'"));
if($saller['wmid'] == 0 or $saller['wmr'] == 0 ){
echo'<div class="podmenu">Данные WebMoney не заполнены!</div>';
}else{
echo'<div class="podmenu"><img src="/images/wmid.png"alt="*">WMID: <a href="http://passport.webmoney.ru/asp/certview.asp?wmid='.$saller['wmid'].'">'.$saller['wmid'].'</a></div>
<div class="podmenu"><img src="/images/rr.png" height="20 "alt="*">BL: <img src="https://bl.wmtransfer.com/img/bl/'.$saller['wmid'].'?w=45&h=18&bg=0XDBE2E9"> </div></a>
<div class="podmenu"><img src="/images/rr.png" height="20 "alt="*">Претензии/Отзывы/Иски: <img src="http://arbitrage.webmoney.ru/xml/AL2.aspx?wmid='.$saller['wmid'].'"alt="П/О/И"/></div>
<div class="podmenu"><img src="'.$HOME.'/images/kosh.png"> Кошелек: R'.$saller['wmr'].'';
if($saller['wp'] == 0 ){
echo' | <font color=red><b>Не подтвержден!</font></b></div>';
}else{
echo' | <font color=green><b>Подтвержден!</font></b></div>'; }}
echo '<div class="podmenu">' ;
echo '<img src="/images/qiwi_icon.png" alt="*" /> Qiwi: ' ;
if ($saller['qiwi'] != 0 && $saller['qc'] == 0 ){
echo '+'.bb($saller['qiwi']). '';}
if ($saller['qc'] != 0 && $saller['qiwi'] != 0){
echo '+'.substr ($saller['qiwi'], 0 , 5 ) . '***'. substr ($saller['qiwi'],- 5 , 5 ) . '';}
if ($saller['qiwi'] == 0 && $saller['qc'] == 0 ){
echo 'Не заполнено!' ;}
if ($saller['qiwi'] != 0 && $saller['qp'] == 0 ){
echo ' | <b><font color = red> Не Подтвержден!</b></font>' ;}
if ($saller['qiwi'] != 0 && $saller['qp'] == 1 ){
echo ' | <b><font color = green> Подтвержден!</b></font>' ;}
echo '</div>' ;
echo '<div class="podmenu"><img src="/images/omg/arb.png"alt="*"><a href = "'.$HOME.'/arb'.$saller['id'].'"> Арбитраж [<font color="green">'.mysql_result(mysql_query('select count(`id`) from `arb` where `komy` = "'.$saller['id'].'" and `otzv` = "1" and `prinyat`="1"'),0) .'</font> | <font color="red">'.mysql_result(mysql_query('select count(`id`) from `arb` where `komy` = "'.$saller['id'].'" and `otzv` = "2" and `prinyat`="1"'),0).'</font>]</a></div>';
echo '<div class="title">Меню товара </div>';
$coms = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_com` WHERE `good` = '".$id."'"),0);
echo '<div class="podmenu"><a href="/Shop/Comments'.$id.'">Коментарии ['.$coms.']</a></div>';
if($user['id'] != $good['saller']){
echo '<div class="podmenu"><a href="/modules/shop/good.php?act=compl&id='.$id.'">Подать жалобу</a></div>';
}
$pl = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_r` WHERE `type` = '1' and `good` = '".$id."'"),0);
$mns = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_r` WHERE `type` = '2' and `good` = '".$id."'"),0);
$voted = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_r` WHERE `us` = '".$user['id']."' and `good` = '".$id."'"),0);
echo '<div class="podmenu"><a href="/Shop/Votes'.$id.'">Оценки <b>[<font color="green">'.$pl.'</font>]</b> / <b>[<font color="red">'.$mns.'</a></font>]</b>';
if($user != $good['saller']){
if($voted == 0){
echo '<a href="/modules/shop/good.php?act=plus&id='.$id.'"><b>[<font color="green"> + 1</font>]</b></a>';
echo '<a href="/modules/shop/good.php?act=minus&id='.$id.'"><b>[<font color="red"> - 1</font>]</b></a>';
}}
echo'</div>';
break;
case 'screen':
if(!$good){
header('Location: /');
exit;
}
$count = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `shop_src` WHERE `good` = '".$id."'"),0);
if($user['level'] < 1 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Скрины</div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
if(isset($_REQUEST['submit'])){
if($count >= 5) {
$_SESSION['err'] = 'Максимум 5 скринов';
header('Location: ?');
exit;
}
$maxsize = 25;
$size = $_FILES['filename']['size'];
if(!@file_exists($_FILES['filename']['tmp_name'])) {
$_SESSION['err'] = 'Выбери файл';
header('Location: ?');
exit;
}
if($size > (1048576 * $maxsize)) {
$_SESSION['err'] = 'Максимальный размер файла '.$maxsize.'мб!';
header('Location: ?');
exit;
}
$filetype = array ( 'jpg', 'gif', 'png', 'jpeg' );
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], ".")+1);
if(!in_array($upfiletype,$filetype)) {
$_SESSION['err'] = 'Запрещенный формат';
header('Location: ?');
exit;
}
$files = del_f('devdb_pro'.'_'.rand(1234,5678).'_'.rand(1234,5678).'_'.$_FILES['filename']['name']);
$ext2 = explode(".", $files);
if (count($ext2) != 2) {
$_SESSION['err'] = 'Двойное расширение';
header('Location: ?');
exit;
}
move_uploaded_file($_FILES['filename']['tmp_name'], "../../files/shop/src/".$files."");
mysql_query("INSERT INTO `shop_src` SET `file` = '".$files."', `good` = '".$id."'");
header('Location: /Shop/Screen'.$id.'');
exit;
}
echo '<div class="podmenu"><form action="/Shop/Screen'.$id.'" method="post" enctype="multipart/form-data">
Выберите скрин:<br><input type="file" name="filename"/><br />
<input type="submit" value="Загрузить" name="submit"/>
</form></div>';
echo '<div class="title">Скриншоты ['.$count.']</div>';
if($count < 1) {
echo '<div class="podmenu"><b><center>Скриншотов нет!</center></b></div>';
} else {
$load_s = mysql_query("SELECT * FROM `shop_src` WHERE `good`='".$id."'");
while($a = mysql_fetch_array($load_s)){
echo '
<div class="podmenu">
<a href="../../files/shop/src/'.$a['file'].'">
<img src="../../files/shop/src/'.$a['file'].'" width="60" hight="60"/></a>
<a href="/modules/shop/good.php?act=del_scr&id='.$a['id'].'">Удалить</a></div>';
}
}
break;
case 'del_scr':
$scrins = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_src` WHERE `id` = '".$id."'"),0);
$scr1 = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_src` WHERE `id` = '".$id."'"));
$files = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_good` WHERE `id` = '".$scr1['good']."'"));
if($scrins == 0){
header('Location: /');
exit;
}
if($user['level'] < 1 && $user['id'] != $files['saller']) {
header('Location: /');
exit;
}
if($user['level'] < 1 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])){
unlink('../../files/shop/src/'.$scr1['file'].'');
mysql_query("DELETE FROM `shop_src` WHERE `id` = '".$id."' LIMIT 1");
header('Location: /Shop/Screen'.$files['id'].'');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$files['id'].'">'.$files['name'].'</a> | Удаление скрина</div>';
echo '<div class="podmenu"><form method="post">
<input type="submit" name="ok" value="Удалить">
</form></div>';
break;
case 'edit_info':
if(!$good){
header('Location: / ');
exit;
}
if($user['level'] < 2 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])){
$name = strong($_POST['name']);
$text = strong($_POST['text']);
$copis = strong($_POST['copis']);
if(empty($name) or empty($text)){
$_SESSION['err'] = 'Одно из полей осталось пустым';
header('Location: ?');
exit;
}
if(!preg_match('|^[0-9\-]+$|i', $copis)){
$_SESSION['err'] = 'В копиях только цифры!';
header('Location: ?');
exit;
}
if(mb_strlen($name) > 200 or mb_strlen($name) < 5){
$_SESSION['err'] = 'Длина имени от 5 до 200 символов';
header('Location: ?');
exit;
}
if(mb_strlen($text) > 5000 or mb_strlen($text) < 5){
$_SESSION['err'] = 'Длина описания от 5 до 5000 символов';
header('Location: ?');
exit;
}
mysql_query("UPDATE `shop_good` SET
`name` = '".$name."',
`text` = '".$text."',
`cop` = '".$copis."'
WHERE `id` = '".$id."'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$id.'");
</script>';
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$good['id'].'">'.$good['name'].' </a> Редактировать </div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
quickpaste('text');
quickpanel();
echo'<div class="podmenu"><form action="" enctype="multipart/form-data" method="post">';
{
}
echo '
Название:<br /><input type="text" value="'.$good['name'].'" name="name" placeholder="Название" /><br />
Копии (0 - не ограниченно):<br /><input type="number" value="'.$good['cop'].'" name="copis" placeholder="Копии" /><br />
Выберите файл:<br /><input type="file" name="filename"><br />
Описание:<br />
<textarea rows="'.$user['rows'].'" cols="'.$user['cols'].'" placeholder="Текст..." name="text">'.$good['text'].'</textarea><br />
<input type="submit" name="ok" value="Изменить" />
</form></div>';
break;
case 'comments':
echo '<div class="title"><a href="/Shop">Магазин</a> | Товар: '.$good['name'].' | Коментарии </div>';
if(!$good) {
header('Location: ?');
exit;
}
if(isset($_REQUEST['add'])) {
$msg = strong($_POST['msg']);
$comm = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_com` WHERE `good` = '".$id."'"));
if(empty($msg)) {
$_SESSION['err'] = 'Поле осталось пустым!';
header('Location: ?');
exit;
}
if(mb_strlen($msg) < 3) {
$_SESSION['err'] = 'Сообщение содержит меньше 3-х символов!';
header('Location: ?');
exit;
}
$ttte = mysql_fetch_array(mysql_query('SELECT * from `shop_com` where `us` = "'.$user['id'].'" and `text` = "'.$msg.'"'));
if($ttte != 0) {
$_SESSION['err'] = 'Такое вы писали!';
header('Location: ?');
exit;
}
$tim = mysql_query("SELECT * FROM `shop_com` WHERE `us`='".$user['id']."' ORDER BY `time` DESC");
while($ncm2 = mysql_fetch_assoc($tim)) {
$down_antispam = mysql_fetch_assoc(mysql_query("SELECT * FROM `antispam` WHERE `down` "));
$ncm_timeout = $ncm2['time'];
if((time()-$ncm_timeout) < $down_antispam['down']) {
$_SESSION['err'] = 'Не пишите так часто';
header('Location: ?');
exit;
}}
mysql_query("INSERT INTO `shop_com` SET `text` = '".$msg."', `avtorlogin` = '".$user['login']."', `us` = '".$user['id']."', `time` = '".time()."', `good` = '".$id."'");
if($user['id'] != $good['saller']) {
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$good['saller']."', `kto` = '".$user['id']."', `text` = 'оставил комментарий к вашему [url=".$HOME."/Shop/Good".$id."]товару[/url]'");
}
header('Location: '.$HOME.'/Shop/Comments'.$id.'');
exit;
}
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
echo '<div class="podmenu"><form method="POST" action="">
*Сообщение:<br /><textarea name="msg"></textarea><br />
<input type="submit" name="add" value="Написать">
</div></form>';
if (empty($user['max'])) $user['max']=10;
$max = $user['max'];
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_com` WHERE `good` = '".$id."'"),0);
$k_page = k_page($k_post,$max);
$page = page($k_page);
$start = $max*$page-$max;
$com = mysql_query("SELECT * FROM `shop_com` WHERE `good` = '".$id."' ORDER BY `id` DESC LIMIT $start, $max");
while($c = mysql_fetch_assoc($com)){
if($user['level'] >= 1)
$ddel = '[<a href="/modules/shop/good.php?act=delcom&id='.$c['id'].'"><b>Удалить</b></a>]';
echo '<div class="podmenu">'.nick($c['us']).' ['.vremja($c['time']).'] '.$ddel.'';
if($user['id'] != $c['us'])
echo '[<a href="/modules/shop/good.php?act=reply&id='.$c['id'].'"><b>Ответить</b></a>]';
echo '</div><div class="podmenu">'.smile(bb($c['text'])).'</div>';
}
if($k_post<1) echo '<div class="podmenu"><center><b><big>Сообщений пока еще нет!</big></b></center></div>';
if($k_page>1) echo str('/Shop/Comments'.$id.'?',$k_page,$page); // Вывод страниц
echo '<div class="menudiv"><a href="'.$HOME.'/Shop/Good'.$id.'" class="k_menu">Вернуться к товару</div></a>';
break;
case 'delcom':
if($user['level'] == 0){
header('Location: /');
exit;
}
$comm = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_com` WHERE `id` = '".$id."'"));
if(!$comm) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])) {
mysql_query("DELETE FROM `shop_com` WHERE `id` = '".$id."'");
header('Location: '.$HOME.'/Shop/Comments'.$comm['good'].'');
exit;
}
echo '<div class="title"><a href="'.$HOME.'/Shop">Магазин</a> | Удалить комментарий</div>
<form method="post">
<div class="podmenu">Вы действительно хотите удалить этот комментарий?<br />
<input type="submit" name="ok" value="Удалить">
</form></div>';
break;
case 'reply':
$comm = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_com` WHERE `id` = '".$id."'"));
if(!$comm) {
header('Location: /');
exit;
}
if($user['id'] == $comm['us']) {
header('Location: /Shop/Comments'.$comm['good'].'');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | Товар: '.$good['name'].' | Ответ на коментарий </div>';
if(isset($_REQUEST['submit'])) {
$msg = strong($_POST['msg']);
if(empty($msg)) {
$_SESSION['err'] = 'Поле осталось пустым!';
header('Location: ?');
exit;
}
if(mb_strlen($msg) < 3) {
$_SESSION['err'] = 'Сообщение содержит меньше 3-х символов!';
header('Location: ?');
exit;
}
$tim = mysql_query("SELECT * FROM `shop_com` WHERE `us`='".$user['id']."' ORDER BY `time` DESC");
while($ncm2 = mysql_fetch_assoc($tim)) {
$down_antispam = mysql_fetch_assoc(mysql_query("SELECT * FROM `antispam` WHERE `down` "));
$ncm_timeout = $ncm2['time'];
if((time()-$ncm_timeout) < $down_antispam['down']) {
$_SESSION['err'] = 'Не пишите так часто';
header('Location: ?');
exit;
}
}
mysql_query("INSERT INTO `shop_com` SET `text` = '[b]".$comm['avtorlogin'].",[/b]".$msg."', `avtorlogin` = '".$user['login']."', `us` = '".$user['id']."', `time` = '".time()."', `good` = '".$comm['good']."'");
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$comm['us']."', `kto` = '".$user['id']."', `text` = 'ответил на Ваш комментарий к [url=".$HOME."/Shop/Good".$comm['good']."]товару[/url]'");
header('Location: /Shop/Comments'.$comm['good'].'');
exit;
}
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
echo '<div class="podmenu">Ответ: '.nick($comm['us']).'</div><div class="podmenu"><form action="" method="POST">
*Сообщение:<br /><textarea name="msg" ></textarea><br />
<input type="submit" name="submit" value="Ответить" />
</form></div>
<div class="menudiv"><a href="'.$HOME.'/Shop/Good'.$comm['good'].'" class="k_menu">Назад к товару</div></a>';
break;
case 'vote_h':
if(!$good) {
header('Location: ?');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | Товар: '.$good['name'].' | История голосования </div>';
$max = '10';
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_r` WHERE `good` = '".$id."'"),0);
$k_page = k_page($k_post,$max);
$page = page($k_page);
$start = $max*$page-$max;
$tema = mysql_query("SELECT * FROM `shop_r` WHERE `good` = '".$id."' ORDER BY `id` DESC LIMIT $start, $max");
while($a = mysql_fetch_assoc($tema)){
$AD = [
'1' => '[<font color="green"<b>положительно</b></font>]',
'2' => '[<font color="red"><b>отрицательно</b></font>]'];
echo '<div class="podmenu"> Пользователь: '.nick($a['us']).' Оценка: '.$AD[$a['type']].'</a></div>';}
if($k_post<1) echo '<div class="podmenu"><center><b>Пусто!</b></center></div>';
if($k_page>1) echo str(''.$HOME.'/Shop/Votes'.$id.'?',$k_page,$page);
break;
case 'plus':
if(!$good) {
header('Location: ?');
exit;
}
if($good['saller'] == $user['id']){
header('Location: ?');
exit;
}
$vote_r = mysql_fetch_array(mysql_query('SELECT * from `shop_r` where `good` = '.$id.' and `us` = "'.$user['id'].'"'));
if($user['id'] != $vote_r['us'] && $vote_r == 0) {
mysql_query("INSERT INTO `shop_r` SET `good` = '".$id."', `us` = '".$user['id']."', `type` = '1' ");
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$good['saller']."', `kto` = '".$user['id']."', `text` = 'Положительно оценил Ваш товар [url=".$HOME."/Shop/Good".$id."]".$good['name']."[/url]'");
mysql_query("UPDATE `users` SET `rating` = `rating` + '0.01' WHERE `id` = '".$good['saller']."'");
header('Location: '.$HOME.'/Shop/Good'.$id.'');
exit;
} else {
header('Location: '.$HOME.'/Shop/Good'.$id.'');
exit;
}
break;
case 'minus':
if(!$good) {
header('Location: ?');
exit;
}
if($good['saller'] == $user['id']){
header('Location: ?');
exit;
}
$vote_r = mysql_fetch_array(mysql_query('SELECT * from `shop_r` where `good` = '.$id.' and `us` = "'.$user['id'].'"'));
if($user['id'] != $vote_r['us'] && $vote_r == 0) {
mysql_query("INSERT INTO `shop_r` SET `good` = '".$id."', `us` = '".$user['id']."', `type` = '2' ");
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$good['saller']."', `kto` = '".$user['id']."', `text` = 'отрицательно оценил Ваш товар [url=".$HOME."/Shop/Good".$id."]".$good['name']."[/url]'");
mysql_query("UPDATE `users` SET `rating` = `rating` - '0.01' WHERE `id` = '".$good['saller']."'");
header('Location: '.$HOME.'/Shop/Good'.$id.'');
exit;
} else {
header('Location: '.$HOME.'/Shop/Good'.$id.'');
exit;
}
break;
case 'upd_a':
if(!$good){
header('Location: ?');
exit;
}
if($user['level'] < 4 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Обновить товар</div>';
if(isset($_REQUEST['ok'])){
$maxsize = 50;
$size = $_FILES['filename']['size'];
if(!@file_exists($_FILES['filename']['tmp_name'])) {
$_SESSION['err'] = 'Выбери файл';
header('Location: ?');
exit;
}
if($size > (1048576 * $maxsize)) {
$_SESSION['err'] = 'Максимальный размер файла '.$maxsize.'мб!';
header('Location: ?');
exit;
}
$filetype = array ('zip', 'rar','ZIP','RAR');
$upfiletype = substr($_FILES['filename']['name'], strrpos( $_FILES['filename']['name'], ".")+1);
if(!in_array($upfiletype,$filetype)) {
$_SESSION['err'] = 'Запрещенный формат';
header('Location: ?');
exit;
}
$key = strtoupper(substr(md5(time()), -10));
$files = del_f('masteru_site'.'_'.rand(12340,56780).'_'.$key.'_'.rand(12340,56780).'_'.$_FILES['filename']['name']);
$ext2 = explode(".", $files);
if(count($ext2) != 2) {
$_SESSION['err'] = 'Двойное расширение';
header('Location: ?');
exit;
}
move_uploaded_file($_FILES['filename']['tmp_name'], "../../files/shop/good/all/".$files."");
$filepath = '../../files/shop/good/all/'.$files.'';
$zip = new ZipArchive;
if ($zip->open($filepath) === TRUE){
$zip->deleteName('PROFIWM_COM.txt');
$zip->setArchiveComment('MASTERU.SITE - Все для WAP/WEB мастера!');
$zip->addFromString
('MASTERU_SITE.txt','Купленно на MASTERU.SITE - элитный клуб WAP/WEB разработчиков, программистов и дизайнеров! Заходи обезательно!');
$zip->close();
}
unlink('../../files/shop/good/all/'.$good['file'].'');
mysql_query("UPDATE `shop_good` SET
`file` = '".$files."',
`updated` = '".time()."'
WHERE `id` = '".$good['id']."'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$good['id'].'");
</script>';
}
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
echo'<div class="podmenu"><form action="" enctype="multipart/form-data" method="post">
Выберите файл:<br /><input type="file" name="filename"><br />
<input type="submit" name="ok" value="Обновить" />
</form></div>';
break;
case 'block':
if(!$good or $good['b'] == 1){
header('Location: /');
exit;
}
if($user['level'] < 2 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])){
$text = strong($_POST['text']);
if(mb_strlen($text) > 255 or mb_strlen($text) < 3){
$_SESSION['err'] = 'Длина от 3 до 200 символов';
header('Location: ?');
exit;
}
mysql_query("UPDATE `shop_good` SET `b` = '1', `b_com` = '".$text."' WHERE `id` = '".$good['id']."'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$good['id'].'");
</script>';
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Оcтановка продажи</div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
if($user['level'] == 0){
echo '<div class="podmenu"><b>Если вы захотите вернуть товар на продажу, обратитесь к админам!</b></div>';
}
echo '<div class="podmenu"><form method="POST">
Причина:<br />
<textarea rows="'.$user['rows'].'" cols="'.$user['cols'].'" placeholder="Текст..." name="text"></textarea><br />
<input type="submit" name="ok" value="Блок" />
</form></div>';
break;
case 'un_block':
if(!$good or $good['b'] == 0){
header('Location: /');
exit;
}
if($user['level'] == 0) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])){
mysql_query("UPDATE `shop_good` SET `b` = '0', `b_com` = '' WHERE `id` = '".$good['id']."'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$good['id'].'");
</script>';
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Возврат к продаже</div>';
echo '<div class="podmenu"><form method="POST">
<input type="submit" name="ok" value="Вернуть" />
</form></div>';
break;
case 'cost':
if(!$good or $good['b'] == 1){
header('Location: /');
exit;
}
if($user['level'] < 4 && $user['id'] != $good['saller']) {
header('Location: /');
exit;
}
if(isset($_REQUEST['ok'])){
$cost = strong($_POST['cost']);
if(!preg_match('|^[0-9\-]+$|i', $cost)){
$_SESSION['err'] = 'В цене только цифры!';
header('Location: ?');
exit;
}
if($cost < 10 or $cost > 10000){
$_SESSION['err'] = 'Некорректная цена';
header('Location: ?');
exit;
}
if($cost == $good['cost'] or $cost == $good['discont']){
$_SESSION['err'] = 'Цена осталсь прежней';
header('Location: ?');
exit;
}
$vants = mysql_query("SELECT * FROM `shop_vants`");
while($a = mysql_fetch_array($vants)){
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$a['us']."', `kto` = '".$user['id']."', `text` = 'Цена на товар [url=".$HOME."/Shop/Good".$id."]".$good['name']."[/url], из желаний изменилась было
[green]".$good['cost']."[/green] стало [red]".$cost."[/red]
'");
}
mysql_query("UPDATE `shop_good` SET `discont` = '".$cost."' WHERE `id` = '".$good['id']."'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$good['id'].'");
</script>';
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Цена</div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
echo '<div class="podmenu"><form method="POST">Цена: </br>
<input type="number" name="cost" value="'.$good['cost'].'" placeholde="Новая цена"></br>
<input type="submit" name="ok" value="Изменить" />
</form></div>';
break;
case 'bye':
$byed = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_byed` WHERE `tov` = '".$id."'"),0);
if(!$good or $good['b'] == 1){
header('Location: /');
exit;
}
if($good['cop'] != 0 and $good['cop'] == $byed){
header('Location: /');
exit;
}
if($user['id'] == $good['saller']) {
header('Location: /');
exit;
}
echo '<div class="title"><a href="/Shop">Магазин</a> | <a href="/Shop/Good'.$id.'">'.$good['name'].'</a> | Покупка</div>';
if(isset($_REQUEST['ok'])){
if($good['discont'] == 0){
if($user['money'] < $good['cost']){
$_SESSION['err'] = 'Недостаточно средств';
header('Location: ?');
exit;
}
mysql_query("UPDATE `users` SET `money` = `money` + '".$good['cost']."' WHERE `id` = '".$good['saller']."'");
mysql_query("UPDATE `users` SET `money` = `money` - '".$good['cost']."' WHERE `id` = '".$user['id']."'");
mysql_query("INSERT INTO `bill_hist` SET `summ` = '".$good['cost']."', `chto` = 'Купили товар в магазине', `us` = '".$user['id']."', `type` = '1',`time` = '".time()."'");
mysql_query("INSERT INTO `bill_hist` SET `summ` = '".$good['cost']."', `chto` = 'Поступление из магазина', `us` = '".$good['saller']."', `type` = '2',`time` = '".time()."'");
mysql_query("INSERT INTO `shop_byed` SET `tov` = '".$id."', `us` = '".$user['id']."', `time` = '".time()."', `sum` = '".$good['cost']."'");
}
if($good['discont'] != 0){
if($user['money'] < $good['discont']){
$_SESSION['err'] = 'Недостаточно средств';
header('Location: ?');
exit;
}
mysql_query("UPDATE `users` SET `money` = `money` + '".$good['discont']."' WHERE `id` = '".$good['saller']."'");
mysql_query("UPDATE `users` SET `money` = `money` - '".$good['discont']."' WHERE `id` = '".$user['id']."'");
mysql_query("INSERT INTO `bill_hist` SET `summ` = '".$good['discont']."', `chto` = 'Купили товар в магазине', `us` = '".$user['id']."', `type` = '1',`time` = '".time()."'");
mysql_query("INSERT INTO `bill_hist` SET `summ` = '".$good['discont']."', `chto` = 'Поступление из магазина', `us` = '".$good['saller']."', `type` = '2',`time` = '".time()."'");
mysql_query("INSERT INTO `shop_byed` SET `tov` = '".$id."', `us` = '".$user['id']."', `time` = '".time()."', `sum` = '".$good['cost']."'");
}
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$good['saller']."', `kto` = '".$user['id']."', `text` = 'Купил ваш [url=".$HOME."/Shop/Good".$id."]товар[/url]'");
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$good['id'].'");
</script>';
}
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
if($good['discont'] == 0){
echo '<div class="podmenu"><b>К оплате: '.$good['cost'].'</b></div>';
}else{
echo '<div class="podmenu"><b>К оплате: '.$good['discont'].'</b> R</div>';
}
echo '<div class="podmenu"><form method="POST">
<input type="submit" name="ok" value="Купить" />
</form></div>';
break;
case 'load':
if(!$good){
header('Location: / ');
exit;
}
$byes = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_byed` WHERE `tov` = '".$id."' and `us` = '".$user['id']."'"),0);
if($byes == 0){
header('Location: / ');
exit;
}
header('Location: '.$HOME.'/files/shop/good/all/'.$good['file']);
break;
case 'cart':
echo '<div class="title"><a href="/Shop">Магазин</a> | Корзина </div>';
if (empty($user['max'])) $user['max'] = 10;
$max = $user['max'];
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_cart` Where `us` = '".$user['id']."' "),0);
$k_page = k_page($k_post, $max);
$page = page($k_page);
$start = $max * $page - $max;
$good = mysql_query("SELECT * FROM `shop_cart` WHERE `us` = '".$user['id']."' ");
while($a = mysql_fetch_assoc($good)){
$t = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_good` Where `id` = '".$a['good']."' ORDER BY `time` DESC LIMIT $start, $max"));
echo '<div class="podmenu"><img src="/images/icons/template.png" height="20" alt="*">
<a href="/Shop/Good'.$t['id'].'">'.$t['name'].' | ';
if($t['discont'] == 0){
echo'Цена: [<font color="green">'.$t['cost'].'</font>]';
}else{
echo'Цена: Старая [<font color="green"><s>'.$t['cost'].'</s></font>]
Новая [<font color="green">'.$t['discont'].'</font>] R ';
}
echo'</br>Продавец: '.nick($t['saller']).'</br>
Описание: '.bb(smile($t['text'])).'</div>';
}
if ($k_post < 1) echo '<div class="podmenu"><b><center>Пусто!</center></b></div>';
if ($k_page > 1) echo str('' . $HOME . '/Shop/Cart?', $k_page, $page); // Вывод страниц
break;
case 'vants':
echo '<div class="title"><a href="/Shop">Магазин</a> | Желания </div>';
if (empty($user['max'])) $user['max'] = 10;
$max = $user['max'];
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_vants` Where `us` = '".$user['id']."' "),0);
$k_page = k_page($k_post, $max);
$page = page($k_page);
$start = $max * $page - $max;
$good = mysql_query("SELECT * FROM `shop_vants` WHERE `us` = '".$user['id']."' ");
while($a = mysql_fetch_assoc($good)){
$t = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_good` Where `id` = '".$a['good']."' ORDER BY `time` DESC LIMIT $start, $max"));
echo '<div class="podmenu"><img src="/images/icons/template.png" height="20" alt="*">
<a href="/Shop/Good'.$t['id'].'">'.$t['name'].' | ';
if($t['discont'] == 0){
echo'Цена: Старая [<font color="green">'.$t['cost'].'</font>]';
}else{
echo'</br>Цена: Старая [<font color="green"><s>'.$t['cost'].'</s></font>]
Новая [<font color="green">'.$t['discont'].'</font>] R ';
}
echo'Продавец: '.nick($t['saller']).'</br>
Описание: '.bb(smile($t['text'])).'</div>';
}
if ($k_post < 1) echo '<div class="podmenu"><b><center>Пусто!</center></b></div>';
if ($k_page > 1) echo str('' . $HOME . '/Shop/Vants?', $k_page, $page); // Вывод страниц
break;
case 'byeds':
echo '<div class="title"><a href="/Shop">Магазин</a> | Купленные </div>';
if (empty($user['max'])) $user['max'] = 10;
$max = $user['max'];
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_byed` Where `us` = '".$user['id']."' "),0);
$k_page = k_page($k_post, $max);
$page = page($k_page);
$start = $max * $page - $max;
$good = mysql_query("SELECT * FROM `shop_byed` WHERE `us` = '".$user['id']."' ");
while($a = mysql_fetch_assoc($good)){
$t = mysql_fetch_assoc(mysql_query("SELECT * FROM `shop_good` Where `id` = '".$a['tov']."' ORDER BY `time` DESC LIMIT $start, $max"));
echo '<div class="podmenu"><img src="/images/icons/template.png" height="20" alt="*">
<a href="/Shop/Good'.$t['id'].'">'.$t['name'].' | ';
if($t['discont'] == 0){
echo'Цена: [<font color="green">'.$t['cost'].'</font>]';
}else{
echo'Цена: Старая [<font color="green"><s>'.$t['cost'].'</s></font>]
Новая [<font color="green">'.$t['discont'].'</font>] рублей ';
}
echo'</br>Продавец: '.nick($t['saller']).'</br>
Описание: '.bb(smile($t['text'])).'</br>
<a href="/Shop/Load'.$t['id'].'"><input type="submit" value=" Скачать "></a>
</div>';
}
if ($k_post < 1) echo '<div class="podmenu"><b><center>Пусто!</center></b></div>';
if ($k_page > 1) echo str('' . $HOME . '/modules/shop/good.php?act=byeds', $k_page, $page); // Вывод страниц
break;
case 'my':
echo '<div class="title"><a href="/Shop">Магазин</a> | Мои </div>';
if (empty($user['max'])) $user['max'] = 10;
$max = $user['max'];
$k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `shop_good` WHERE `saller` = '".$user['id']."'"),0);
$k_page = k_page($k_post, $max);
$page = page($k_page);
$start = $max * $page - $max;
$good = mysql_query("SELECT * FROM `shop_good` WHERE `saller` = '".$user['id']."' ORDER BY `time` DESC LIMIT $start, $max");
while($a = mysql_fetch_assoc($good)){
echo '<div class="podmenu"><img src="/images/icons/template.png" height="20" alt="*">
<a href="/Shop/Good'.$a['id'].'">'.$a['name'].' | ';
if($a['discont'] == 0){
echo'Цена: [<font color="green">'.$a['cost'].'</font>]';
}else{
echo'Цена: Старая [<font color="green"><s>'.$a['cost'].'</s></font>]
Новая [<font color="green">'.$a['discont'].'</font>] рублей';
}
echo' </br>Продавец: '.nick($a['saller']).'</br>
Описание: '.bb(smile($a['text'])).'</br>';
echo'<a href="/Shop/Screen'.$a['id'].'">[<b>Скриншоты</b></a> | ';
echo'<a href="/Shop/Edit_Info'.$a['id'].'"> [<b>Редактировать</b>] | </a>';
echo'<a href="/Shop/Update_Arcive'.$a['id'].'"> [<b>Обновить архив</b>]</a>';
echo'<a href="/Shop/Cost'.$a['id'].'"> [<b>Цена</b>]</a>';
echo'<a href="/Shop/Block'.$a['id'].'"> [<b>Остановить продажу</b>]</a>';
echo'</div>';
}
if ($k_post < 1) echo '<div class="podmenu"><b><center>Пусто!</center></b></div>';
if ($k_page > 1) echo str('' . $HOME . '/Shop/My?', $k_page, $page); // Вывод страниц
break;
case 'compl':
if(!$good){
header('Location: /');
exit;
}
if($good['block'] == 1 or $good['saller'] == $user['id']){
header('Location: ?');
exit;
}
if(isset($_REQUEST['submit'])) {
$msg = strong($_POST['msg']);
if(empty($msg)) {
$_SESSION['err'] = 'Заполните поле';
header('Location: ?');
exit;
}
if(mb_strlen($msg) > 100 or mb_strlen($msg) < 3) {
$_SESSION['err'] = 'Длина от 3 до 100 символов';
header('Location: ?');
exit;
}
$adms = mysql_query("SELECT * FROM `users` WHERE `level` != '0'");
while($a = mysql_fetch_array($adms))
{
mysql_query("INSERT INTO `lenta` SET `readlen` = '0', `time` = '".time()."', `komy` = '".$a['id']."', `kto` = '".$user['id']."', `text` = 'Жалуется на [url=".$HOME."/Shop/Good".$id."]товар[/url], по причине ".$msg."'");
}
echo'<script>
alert("Сохранено!");
window.location.replace("/Shop/Good'.$id.'");
</script>';
}
echo '<div class="title">Жалоба на товар '.$good['name'].'</div>';
if(isset($_SESSION['err'])){
echo '<div class="podmenu"><font color="red"><b><i>'.$_SESSION['err'].'</i></b></font></div>';
}
unset($_SESSION['err']);
echo '<div class="podmenu"><form action="" method="POST">
Текст жалобы:<br /><textarea name="msg" ></textarea><br />
<input type="submit" name="submit" value="Написать" />
</form></div>';
break;
}
include_once ('../../system/footer.php');