View file ä󿪫¬/modules/videos/komm.php

World Fastest and Cheapest Hosting
Buy Cheapest Web Domains
File size: 5.21Kb 
<?php

/* DCMS Special
 * Дата последнего редактирования 16.01.2016
 * Модифицировал densnet
 */

foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
    require_once "../../sys/inc/$inc.php";
}

if (isset($_GET['id']) && is_numeric($_GET['id']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `videos` WHERE `id` = '" . intval($_GET['id']) . "' LIMIT 1"), 0) != 0) {
    $videos = mysql_fetch_array(mysql_query("SELECT * FROM `videos` WHERE `id`='" . intval($_GET['id']) . "'"));
    $us = get_user($videos['id_user']);

    $set['title'] = '' . $videos['name'] . ' - ' . lang('Комментарии');

    require_once H . 'sys/inc/thead.php';

    $id = intval($_GET['id']);

    if (isset($_POST['msg']) && isset($user)) {
        $msg = esc(stripcslashes(htmlspecialchars($_POST['msg'])));

        if (utf8_strlen($msg) > 1024) {
            $err = lang('Сообщение слишком длинное');
        } elseif (utf8_strlen($msg) < 2) {
            $err = lang('Короткое сообщение');
        } elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_komm` WHERE `id_videos` = '$id' AND `id_user` = '$user[id]' AND `msg` = '" . mysql_real_escape_string($msg) . "' LIMIT 1"), 0) != 0) {
            $err = lang('Ваше сообщение повторяет предыдущее');
        } else {
            mysql_query("INSERT INTO `videos_komm` (`id_videos`, `id_user`, `time`, `msg`) values('$id', '$user[id]', '$time', '" . mysql_real_escape_string($msg) . "')");
            mysql_query("UPDATE `user` SET `money` = '" . ($user['money'] + 3) . "' AND `activity` = '" . ($user['activity'] + 3) . "' WHERE `id` = '$user[id]' LIMIT 1");

            if ($user['id'] != $us['id']) {
                if ($user['sex'] == 1) {
                    $sex = lang('оставил');
                } else {
                    $sex = lang('оставила');
                }
                mysql_query("INSERT INTO `notification` (`id_user`, `id_kont`, `msg`, `time`) values('$user[id]', '$us[id]', '$sex " . lang('комментарий к видео') . " [url=/modules/videos/komm.php?id=" . $id . "]" . $videos['name'] . "[/url]', '$time')");
            }
            $_SESSION['message'] = lang('Комментарий успешно добавлен');

            header("Location: komm.php?id=" . $id . "");
            exit;
        }
    } elseif (isset($_GET['del']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_komm` WHERE `id` = '" . intval($_GET['del']) . "' AND `id_videos` = '$videos[id]'"), 0)) {
        if (isset($user) && ($user['level'] >= 3 || $user['id'] = $videos['id_user'])) {
            mysql_query("DELETE FROM `videos_komm` WHERE `id` = '" . intval($_GET['del']) . "' LIMIT 1");
            $_SESSION['message'] = lang('Комментарий успешно удален');

            header("Location: komm.php?id=" . $id . "");
            exit;
        }
    }

    err();
    aut();

    $k_post = mysql_result(mysql_query("SELECT COUNT(*) FROM `videos_komm` WHERE `id_videos` = '$id'"), 0);
    $k_page = k_page($k_post, $set['p_str']);
    $page = page($k_page);
    $start = $set['p_str'] * $page - $set['p_str'];
    $q = mysql_query("SELECT * FROM `videos_komm` WHERE `id_videos` = '" . intval($_GET['id']) . "' ORDER BY `id` DESC LIMIT $start, $set[p_str]");

    if (!isset($_POST['msg']) && isset($user)) {

        echo "<form method='post' class='list-group-item' name='message' action='?id=$videos[id]'>";

        echo auto_bb("message", "msg");
        echo "<textarea placeholder='" . lang('Введите сообщение') . "...' name='msg' class='form-control'></textarea><br />";

        $doc->Button('btn btn-success btn-sm', null, 'pencil', 'Опубликовать');

        echo '</form>';
    }

    if ($k_post == 0) {
        $doc->NoResult();
    }

    while ($post = mysql_fetch_assoc($q)) {
        $ank = get_user($post['id_user']);

        echo "<table class='list-group-item-komm'><tr><td class = 'icon14'>";
        avatar($ank['id'], '48', 'border-radius: 2px;');
        echo "</td><td class='null'>";
        echo "<span style='float:right;color: grey;'><small>" . date::timek($post['time']) . "</small></span>";
        echo user($ank['id']) . " ";

        echo "<br />\n";
        if (isset($user) && ($user['level'] >= 3 || $user['id'] == $videos['id_user'])) {
            echo "<span style='float: right;' id='hides'>";
            echo "<a href='?id=$videos[id]&amp;del=$post[id]'><i class='fa fa-trash-o fa-fw'></i></a>";
            echo "</span>";
        }
        echo toOutput($post['msg']) . "\n";

        echo "</td></tr></table>";
    }

    if ($k_page > 1) {
        echo "<div class='list-group-item'>";
        str("komm.php?id=$videos[id]&", $k_page, $page);
        echo "</div>";
    }

    $doc->Link('list-group-item', "video.php?id=$id", 'arrow-left', 'К видео');
    $doc->Link('list-group-item', "index.php", 'arrow-left', 'К разделам');
} else {
    header("Location: index.php?" . SID);
    exit;
}
require_once H . 'sys/inc/tfoot.php';