<?php
include 'data/bd.php';
include 'data/sys.php';
include 'data/pro.php';
include 'data/mods.php';
head();
noreg();
echo '<div class="title"> Статусы
</div>';
$id = intval($_GET['id']);
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `status` where `id` = '".mysql_real_escape_string($id)."' order by `id`"), 0);
if(!$count){
echo '<div class="err">Нет такого статуса</div>';
foot();
exit;
}else{
$result = mysql_query("select * from `status` where `id` = '".mysql_real_escape_string($id)."' order by `id` desc");
while ($user_list=mysql_fetch_assoc($result)) {
echo '<div class="vip">'.bbcode(smiles($user_list['text'])).' (<b>'.times($user_list['data']).')</b>
<br/><img src="/img/liks.png" alt="*"/> '.$user_list['plus'].' | <img src="/img/nots.png" alt="*"/> '.$user_list['minus'].'<br/>';
echo ''.usun($user_list['kto']).'';
if($user['level'] >= 1){echo ' <a href="/statuscomm.php?id='.$id.'&delst">X</a>';}
if($user['id'] == $user_list['kto']){ }else{
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `golos` where `status` = '".mysql_real_escape_string($id)."' and `kto` = '".$user['id']."' order by `id`"), 0);
if(!$count){
echo ' <br/><a href="/statuscomm.php?id='.$id.'&za">+</a>'; echo ' | <a href="/statuscomm.php?id='.$id.'&net">-</a>';
if(isset($_GET['za'])){
if($user['id'] == $user_list['kto']){
echo 'Нельзя голосовать за свой статус';
}else{
nofoto();
mysql_query("UPDATE `status` SET `plus`=`plus`+1 WHERE `id`='".mysql_real_escape_string($id)."' limit 1");
mysql_query("INSERT INTO `golos` SET
`status` = '".mysql_real_escape_string($id)."',
`kto` = '".mysql_real_escape_string($user['id'])."'
");
mysql_query("INSERT INTO `lenta_us`(
`text`,
`read`,
`user`
)VALUES(
'Пользователь [url=/id/".$user['id']."]".$user['login']."[/url] оценил ваш [url=/statuscomm.php?id=".$id."]статус[/url] оценкой +1.',
'1',
'".mysql_real_escape_string($user_list['kto'])."'
)");
header('Location: /statuscomm.php?id='.$id.''); exit;
}
}
if(isset($_GET['net'])){
if($user['id'] == $user_list['kto']){
echo 'Нельзя голосовать за свой статус';
}else{
nofoto();
mysql_query("UPDATE `status` SET `minus`=`minus`-1 WHERE `id`='".mysql_real_escape_string($id)."' limit 1");
mysql_query("INSERT INTO `golos` SET
`status` = '".mysql_real_escape_string($id)."',
`kto` = '".mysql_real_escape_string($user['id'])."'
");
mysql_query("INSERT INTO `lenta_us`(
`text`,
`read`,
`user`
)VALUES(
'Пользователь [url=/id/".$user['id']."]".$user['login']."[/url] оценил ваш [url=/statuscomm.php?id=".$id."]статус[/url] оценкой -1.',
'1',
'".mysql_real_escape_string($user_list['kto'])."'
)");
header('Location: /statuscomm.php?id='.$id.''); exit;
}
}
} else {
}
}
if(isset($_GET['delst'])){
if($user['level'] >= 1){
mysql_query("DELETE FROM `status` WHERE `id` = '".mysql_real_escape_string($id)."'");
header('Location: /statuscomm.php?id='.$id.''); exit;
}else{
echo 'Хера з два';
}
}
echo '</div>';
$count_dev = mysql_result(mysql_query("SELECT COUNT(*) FROM `status_comm` where `num` = '".$user_list['id']."' order by `id`"), 0);
echo '<div class="vip">Комментарии - '.$count_dev.'</div>';
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `status_comm` where `num` = '".$user_list['id']."' order by `id`"), 0);
if(!$count){
echo '<div class="err">Еще никто не комментировал будь первым</div>';
}else{
$cop = 5;
$ca = mysql_result(mysql_query("SELECT COUNT(*) FROM `status_comm` where `num` = '".$user_list['id']."' order by `id`"),0);
$cp = ceil($ca/$cop);
if(isset($_GET['p']) && is_numeric($_GET['p'])){
$p = intval($_GET['p']);
if($_GET['p']>$cp) $p = $cp;
if($_GET['p']<1)$p = 1;
}else{
$p = 1;
}
$start = $p*$cop-$cop;
$results = mysql_query("select * from `status_comm` where `num` = '".$user_list['id']."' order by `id` DESC limit $start,$cop");
while ($comm=mysql_fetch_assoc($results)) {
echo '<div class="vip">';
echo ''.usun($comm['kto']).'';
echo '(<b>'.times($comm['data']).')</b>';
echo '</br>'.bbcode(smiles($comm['text'])).'';
if($user['id'] != $comm['kto']){echo '<a href="/statuscomm.php?id='.$id.'&otv&otvet='.$comm['kto'].'"> [отв.]</a>';}
if($user['level'] >= 1 || $user['id'] == $user_list['kto']){echo ' <a href="/statuscomm.php?id='.$id.'&del='.$comm['id'].'&delad">X</a>';}
echo '</div>';
if(isset($_GET['delad'])){
if($user['level'] >= 1 || $user['id'] == $user_list['kto']){
$del = intval($_GET['del']);
mysql_query("DELETE FROM `status_comm` WHERE `id` = '".mysql_real_escape_string($del)."'");
header('Location: /statuscomm.php?id='.$id.''); exit;
}else{
echo 'Хера з два';
}
}
}
}
if(isset($_POST['submit'])){
$idsv = intval($_POST['idsv']);
$text = stripslashes(htmlspecialchars(trim($_POST['text'])));
if(empty($text)) {
$err = true;
echo '<div class="err">Не введено!';
} elseif (!preg_match("#^([А-Яа-яЁёa-zA-Z0-9,\.\!\?\@\%\$\(\)\*\+\-\:\;\,\=\[\]\/\№\#\_\s])+$#ui", $text)) {
$err = true;
echo '<div class="err">В поле присутствуют запрещенные символы!</div>';
} elseif (strlen($text) < 1) {
$err = true;
echo 'Поле не менее 1 символа</div>';
} elseif (strlen($text) > 200) {
$err = true;
echo '<div class="err">Поле больше 200 символов</div>';
}
if(!$err){
nofoto();
if($user['level'] < 1){
$ignor = mysql_result(mysql_query("SELECT COUNT(*) FROM `black`WHERE `user`='".mysql_real_escape_string($user_list['kto'])."' and `kogo`='".$user['id']."' and `ignor`='1' order by `id`"), 0);
if($ignor){
echo '<div class="err">Пользователь добавил вас в игнор лист. </div>';
foot();
exit;
}
$stop = mysql_result(mysql_query("SELECT COUNT(*) FROM `users`WHERE `id`='".mysql_real_escape_string($user_list['kto'])."' and `sms_comm`='2' order by `id`"), 0);
if($stop){
echo '<div class="err">Пользователь запретил комментировать . </div>';
foot();
exit;
}
$stop_f = mysql_result(mysql_query("SELECT COUNT(*) FROM `users`WHERE `id`='".mysql_real_escape_string($user_list['kto'])."' and `sms_comm`='1' order by `id`"), 0);
if($stop_f){
$stop_freend = mysql_fetch_array(mysql_query('select * from `freend` where `komy_id` = "'.mysql_real_escape_string($user['id']).'" and `user_id` = "'.mysql_real_escape_string($user_list['kto']).'" and `ok` = "2" or `user_id` = "'.mysql_real_escape_string($user['id']).'" and `komy_id` = "'.mysql_real_escape_string($user_list['kto']).'" and `ok` = "2" limit 1'));
if(!$stop_freend){
echo '<div class="err">Комментировать могут только друзья.</div>';
foot();
exit;
}
}
}
mysql_query("INSERT INTO `status_comm` SET
`num` = '".mysql_real_escape_string($id)."',
`kto` = '".mysql_real_escape_string($user['id'])."',
`data` = '".mysql_real_escape_string(time())."',
`text` = '".mysql_real_escape_string($text)."'
");
if($user['id'] != $user_list['kto']){
mysql_query("INSERT INTO `lenta_us`(
`text`,
`read`,
`user`
)VALUES(
'Пользователь [url=/id/".$user['id']."]".$user['login']."[/url] оставил комментарий к вашему [url=/statuscomm.php?id=".$id."]статусу[/url].',
'1',
'".mysql_real_escape_string($user_list['kto'])."'
)");
}
if (isset($_GET['send'])){
mysql_query("INSERT INTO `lenta_us`(
`text`,
`read`,
`user`
)VALUES(
'Пользователь [url=/id/".$user['id']."]".$user['login']."[/url] оставил ответил вам к [url=/statuscomm.php?id=".$id."]статусу[/url].',
'1',
'".mysql_real_escape_string($idsv)."'
)");
}
echo '<div class="err">Сообщение добавлено</div>';
echo '<META HTTP-EQUIV="REFRESH" CONTENT="0;URL='.$_SERVER['HTTP_REFERER'].'">';
}
}
if (isset($_GET['otv'])){
$otvet = intval($_GET['otvet']);
echo '<div class="form"><form action="/statuscomm.php?id='.$id.'&send" name="message" method="POST">
Коммент :<br />';
echo ' <textarea name="text" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);" style="width:98%;" rows="3">'.$msg2.'[b]'.uname($otvet).',[/b]</textarea>
<input type="hidden" name="idsv" value="'.$otvet.'">
<br />';
}else{
echo '<div class="form"><form action="/statuscomm.php?id='.$id.'" name="message" method="POST">
Коммент :<br />';
echo ' <textarea name="text" onselect="storeCaret(this);" onclick="storeCaret(this);" onkeyup="storeCaret(this);" style="width:98%;" rows="3">'.$msg2.'</textarea><br>
';
}
echo '<input type="submit" name="submit" value="Оставить">';
include './data/smiles.php';
echo '</form></div>
';
}
}
$count = mysql_result(mysql_query("SELECT COUNT(*) FROM `status_comm` where `num` = '".$user_list['id']."' order by `id`"), 0);
if(!$count){
}else{
echo '<div class="iblock"><center>';
if($p-2>0) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p=1"><span><<</span></a> ';
if($p-1>0) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p-1).'"><span><</a> ';
if($p-3>0) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p-3).'"><span>'.($p-3).'</span></a> ';
if($p-2>0) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p-2).'"><span>'.($p-2).'</span></a> ';
if($p-1>0) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p-1).'"><span>'.($p-1).'</span></a> ';
echo ' <span class="currentpage"><span>'.$p.'</span></span> ';
if($p+1<=$cp) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p+1).'"><span>'.($p+1).'</span></a> ';
if($p+2<=$cp) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p+2).'"><span>'.($p+2).'</span></a> ';
if($p+3<=$cp) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p+3).'"><span>'.($p+3).'</span></a> ';
if($p+1<=$cp) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.($p+1).'"><span>></span></a> ';
if($p+2<=$cp) echo ' <a class="dlist" href="/statuscomm.php?id='.$id.'&p='.ceil($ca/$cop).'"><span>>></span></a> ';
echo '</center></div>';
}
foot();
?>