Размер файла: 3.42Kb
<? php include 'inc/db.php' ; include 'inc/1.php' ; $time = time (); function hc ( $in ){ return htmlspecialchars ( $in ); } function me ( $in ){ return mysql_escape_string ( $in ); } $id = intval ( $_GET [ 'id' ]); if (! $_GET [ 'id' ]){ header ( "Location: /index.php" ); exit ; } if ( $user ){ if ( $user [ 'ksort' ]== '1' ) $sort = 'ASC' ; else $sort = 'DESC' ; } else $sort = 'DESC' ; if ((( $user [ 'admin' ]== 1 ) || ( $user [ 'moder' ]== 1 )) && isset ( $_GET [ 'del' ])){ $d = intval ( $_GET [ 'del' ]); mysql_query ( "DELETE FROM `news_komm` WHERE `id` = '$d'" ); echo "<div class='msg'>Удалено</div>" ; } $to = htmlspecialchars ( $_POST [ 'to' ]); if ( $_POST [ 'msg' ] && $user ){ if ( $_POST [ 'to' ] && ( mysql_num_rows ( mysql_query ( "SELECT * FROM `user` WHERE `name` = '$to'" ))== 1 )) $ank = mysql_fetch_assoc ( mysql_query ( "SELECT * FROM `user` WHERE `name` = '$to'" )); $msg = mysql_escape_string ( $_POST [ 'msg' ]); mysql_query ( "INSERT INTO `news_komm` (`id`, `msg`, `user`, `time`, `nid`) values (NULL, '$msg', '" . $user [ 'id' ]. "', '$time', '$id')" ); if (! $_POST [ 'to' ]){ $op = mysql_query ( "SELECT * FROM `news_komm` WHERE `user` <> '$user[id]' AND `nid` = '$id' ORDER BY `time` " . $sort . " LIMIT 5" ); while ( $w = mysql_fetch_assoc ( $op )){ $arr []= $w [ 'user' ]; } $new_arr = array_unique ( $arr ); $bb = 0 ; while ( $bb < count ( $new_arr )){ mysql_query ( "INSERT INTO `jurnal` (`msg`, `user`, `time`) values ('Комментарий в <a href=\'nkomm.php?id=$id\'>новости</a>!', '$new_arr[$bb]', '" . time (). "')" ); $bb ++; } } else { mysql_query ( "INSERT INTO `jurnal` (`msg`, `user`, `time`) values ('Вам ответили в <a href=\'nkomm.php?id=$id.php\'>новости</a>.', '$ank[id]', '" . time (). "')" ); } echo "<div class='msg'>Сообщение добавлено</div>" ; } $to = htmlspecialchars ( $_GET [ 'to' ]); if (! $_GET [ 'p' ]) $_GET [ 'p' ]= 1 ; $page = intval ( $_GET [ 'p' ]); $start =( $page * 15 - 15 ); $q = mysql_query ( "SELECT * FROM `news_komm` WHERE `nid` = '$id' ORDER BY `time` DESC LIMIT $start, 15" ); $qq = mt_rand ( 1111 , 9999 ); if ( $_GET [ 'to' ] && $user ) echo "<div class='input'><a href='?id=$id&q=$qq'>Обновить</a><br><form action='?id=$id' method='POST'>Сообщение:<br><textarea name='msg'>$to, </textarea><br><input type='hidden' name='to' value='$to'><input type='submit' name='OK' value='Добавить'></form></div>" ; elseif (! $_GET [ 'to' ] && $user ) echo "<div class='input'><a href='?id=$id&q=$qq'>Обновить</a><br><form action='?id=$id' method='POST'>Сообщение:<br><textarea name='msg'></textarea><br><input type='submit' name='OK' value='Добавить'></form></div>" ; $a = 1 ; while ( $f = mysql_fetch_assoc ( $q )){ $ank = gus ( $f [ 'user' ]); $ololo = out ( $f [ 'msg' ]); echo "<div class='p" .( $a % 2 ). "'>" . im ( $ank [ 'id' ]). " <a href='ank.php?id=$ank[id]'>" . hc ( $ank [ 'name' ]). "</a>" . on ( $ank [ 'id' ]). " (" . vremja ( $f [ 'time' ]). ") <a href='nkomm.php?id=$id&to=" . hc ( $ank [ 'name' ]). "'>[отв]</a><br>$ololo" ; if (( $user [ 'admin' ]== 1 ) || ( $user [ 'moder' ]== 1 )) echo "<br><a href='?id=$id&del=$f[id]'>[<font color='red'>x</font> Удалить]</a>" ; echo "</div>" ; $a ++; } /*if ($page>1)echo "<a href='guestbook.php?p=".($page-1)."'>Назад</a> "; if (mysql_num_rows(mysql_query("SELECT * FROM `guestbook`"))>($start+15)) echo "<a href='?p=".($page+1)."'>Далее</a>";*/ $q1 =( mysql_num_rows ( mysql_query ( "SELECT * FROM `news_komm`" ))/ 15 ); $q2 = round ( mysql_num_rows ( mysql_query ( "SELECT * FROM `news_komm`" ))/ 15 ); if ( $q1 > $q2 ) $pages =( $q2 + 1 ); else $pages = $q2 ; pages ( $pages , $page , "?id=$id&p" ); include_once 'inc/foot.php' ; ?>