Просмотр файла gallery.php

Размер файла: 17.82Kb
<?php
// by mides, 1da.su

$title = 'Фотогалерея';
require_once 'system/sys.php';
require_once 'system/header.php';

$config['onpage'] = 4;

switch ($act) {
	default:
		echo '<div class="title">Фотогалерея</div><div class="list">';
		echo '<a href="?act=my&amp;id='.$u['id'].'">Мой альбом</a> / <a href="?act=photo_add">Добавить фото</a><br /><br />';
		$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `gallery`"), 0);
		if ($total > 0) {
			$pages = ceil($total / $config['onpage']);
			if ($page > $pages or $page == 0) {
				$page = 1;
			}
			$begin = ($page - 1) * $config['onpage'];
			
			$gallery_r = mysql_query("SELECT * FROM `gallery` ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
			while ($gallery = mysql_fetch_assoc($gallery_r)) {
				if (!isset($num) ) $num = 1;  
				$num++;
				$row_class = (!($num % 2)) ? 'row1' : 'row2';
				
				if ($gallery['rating'] > 0) { 
					$rating = '<b><font color="green">+'.$gallery['rating'].'</font></b>';
				} elseif ($gallery['rating'] < 0) { 
					$rating = '<b><font color="red">'.$gallery['rating'].'</font></b>';
				} else {
					$rating = '<b>'.$gallery['rating'].'</b>';
				}
				
				//$comm = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `news_comm` WHERE `id_news` = '$news[id]'"), 0);
				echo '<div class="'.$row_class.'"><img src="inc/gallery.gif"> <a href="?act=view&amp;id='.$gallery['id'].'"><b>'.$gallery['name'].'</b></a> ('.$rating.')<br /><a href="?act=view&amp;id='.$gallery['id'].'"><img src="inc/gallery/'.$gallery['file'].'" width="150" height="100" alt="'.$gallery['name'].'" /></a><br />Добавлено: '.login($gallery['id_user']).' ('.date('d.m.y, H:i', $gallery['time']).')</div>';
			}
		} else {
			echo 'Не загружено ни одного фото.<br />';
		}
		navig($page, '?', $pages);
		//if ($u['id']) echo '<br /><br /><br /><a href="">Все альбомы</a> / <a href="?act=top">Топ фото</a>';
		nav_main();
	break;
	
	case 'my':
		echo '<div class="title"><a href="?">Фотогалерея</a></div><div class="list">';
		$total = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `gallery` WHERE `id_user` = '$id'"), 0);
		if ($total > 0) {
			$pages = ceil($total / $config['onpage']);
			if ($page > $pages or $page == 0) {
				$page = 1;
			}
			$begin = ($page - 1) * $config['onpage'];
			
			echo 'Альбом пользователя '.login($id).'<br />';
			
			$gallery_r = mysql_query("SELECT * FROM `gallery` WHERE `id_user` = '$id' ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
			while ($gallery = mysql_fetch_assoc($gallery_r)) {
				if (!isset($num) ) $num = 1;  
				$num++;
				$row_class = (!($num % 2)) ? 'row1' : 'row2';
				
				if ($gallery['rating'] > 0) { 
					$rating = '<b><font color="green">+'.$gallery['rating'].'</font></b>';
				} elseif ($gallery['rating'] < 0) { 
					$rating = '<b><font color="red">'.$gallery['rating'].'</font></b>';
				} else {
					$rating = '<b>'.$gallery['rating'].'</b>';
				}
				
				//$comm = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `news_comm` WHERE `id_news` = '$news[id]'"), 0);
				echo '<div class="'.$row_class.'"><img src="inc/gallery.gif"> <a href="?act=view&amp;id='.$gallery['id'].'"><b>'.$gallery['name'].'</b></a> ('.$rating.')<br /><a href="?act=view&amp;id='.$gallery['id'].'"><img src="inc/gallery/'.$gallery['file'].'" width="150" height="100" alt="'.$gallery['name'].'" /></a><br />Добавлено: '.login($gallery['id_user']).' ('.date('d.m.y, H:i', $gallery['time']).')<br /></div>';
				//<a href="?act=comm&amp;id='.$gallery['id'].'">Комментарии</a> ('.$comm.')
			}
		} else {
			echo 'У выбранного пользователя нет загруженных фото.<br />';
		}
		navig($page, '?act=my&amp;id='.$id.'&amp;', $pages);
		//if ($u['id']) echo '<br /><br /><a href="">Все альбомы</a> / <a href="">Топ фото</a>';
		nav_main();
	break;
						
	case 'photo_add':
		if (!$u['id']) header('location: ?');
		if (isset($_GET['ok'])) {
			if ($_FILES['file']['name'] and $_POST['name']) {
				if (ext($_FILES['file']['name']) == 'jpg' or ext($_FILES['file']['name']) == 'gif') {
					$file = check(basename($_FILES['file']['name']));
					$file_loaded = $u['id'].'_'.$file;
					if (!mysql_num_rows(mysql_query("SELECT `id` FROM `gallery` WHERE `file` = '$file_loaded'"))) {
						$name = check($_POST['name']);
						$desc = check($_POST['desc']);
						copy($_FILES['file']['tmp_name'], 'inc/gallery/'.$file_loaded);
						mysql_query("INSERT INTO `gallery` SET `id_user` = '$u[id]', `name` = '$name', `desc` = '$desc', `time` = '".time()."', `file` = '$file_loaded'");
						$last_id = mysql_insert_id();
						header('location: ?act=view&id='.$last_id);
					} else {
						error('Файл уже существует.');
						nav('?act=photo_add');
					}
				} else {
					error('Неверный формат файла. Можно только .jpg и .gif');
					nav('?act=photo_add');
				}
			} else {
				error('Вы не указали название или не прикрепили фото.');
				nav('?act=photo_add');
			}
		} else {
			tp('<a href="?">Фотогалерея</a>');
			echo '<form action="?act=photo_add&amp;ok=1" method="post" enctype="multipart/form-data">
			Прикрепить фото*:<br /><input name="file" type="file" size="file" /><br />
			Название(max50)*:<br /><input name="name" type="text" maxlength="50" /><br />
			Описание:<br /><textarea name="desc" cols="" rows="4"></textarea><br />
			<input name="submit" type="submit" value="Ok" />
			</form>';
			nav('?');
		}
	break;
	
	case 'view':
		$gallery = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$id'"));
		if ($gallery['id']) {
			tp('<a href="?">Фотогалерея</a> &gt; '.$gallery['name']);
			echo '<a href="inc/gallery/'.$gallery['file'].'"><img src="inc/gallery/'.$gallery['file'].'" width="150" alt="'.$gallery['name'].'" /></a><br />';
			if ($gallery['desc']) echo bb($gallery['desc']).'<br />';
			if ($gallery['rating'] > 0) { 
				$rating = '<b><font color="green">+'.$gallery['rating'].'</font></b>';
			} elseif ($gallery['rating'] < 0) { 
				$rating = '<b><font color="red">'.$gallery['rating'].'</font></b>';
			} else {
				$rating = '<b>'.$gallery['rating'].'</b>';
			}
			echo 'Рейтинг: '.$rating;
			$query_r = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'gallery' and `id_who` = '$u[id]' and `id_for` = '$id'");
			$query = mysql_num_rows($query_r);
			if ($u['id'] and $u['id'] != $gallery['id_user'] and !$query) {
				echo ' <a href="?act=vote&amp;id='.$gallery['id'].'&amp;type=1"><img src="inc/minus.png"></a> <a href="?act=vote&amp;id='.$gallery['id'].'&amp;type=2"><img src="inc/plus.png"></a>';
			} else {
				echo ' <img src="inc/minus.png"> <img src="inc/plus.png">';
			}
			echo '<br />Добавлено: <a href="profile.php?id='.$gallery['id_user'].'">'.login($gallery['id_user']).'</a> ('.date('d.m.y, H:i', $gallery['time']).')<br />';
			
			//$comm = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `loads_comm` WHERE `id_load` = '$load[id]'"), 0);
			//echo '<a href="?act=comm&amp;id='.$load['id'].'">Комментарии</a> ('.$comm.')<br /><br />';
			
			echo '<br />Скопировать адрес:<br /><input name="file" type="text" value="http://'.$config['copy'].'/gallery.php?act=view&amp;id='.$gallery['id'].'" /><br />';
			echo 'BB-код для форума:<br /><input name="bb_code" type="text" value="[url=http://'.$config['copy'].'/gallery.php?act=view&amp;id='.$gallery['id'].']'.$gallery['name'].'[/url]" /><br />';
			
			//if ($u['access'] > 1) echo '<br />- <a href="?act=photo_edit&amp;id='.$gallery['id'].'">Редактировать</a><br />';
			if ($u['access'] == 3) echo '- <a href="?act=photo_del&amp;id='.$gallery['id'].'">Удалить</a><br />';
			nav('?');
		} else {
			error('Выбранное фото не существует.');
			nav('?');
		}
	break;
	
	case 'vote':
		$photo_r = mysql_query("SELECT `id_user` FROM `gallery` WHERE `id` = '$id'");
		$photo = mysql_fetch_assoc($photo_r);
		if ($photo['id_user'] and $photo['id_user'] != $u['id']) {
			$query = mysql_query("SELECT `id` FROM `voting` WHERE `type` = 'gallery' and `id_who` = '$u[id]' and `id_for` = '$id'");
			if (!mysql_num_rows($query)) {
				$type = abs(intval($_GET['type']));
				switch ($type) {
					case '1': $value = -1; break;
					default: $value = 1; break;
				}
				mysql_query("UPDATE `gallery` SET `rating` = (`rating`+$value) WHERE `id` = '$id'");
				mysql_query("UPDATE `users` SET `karma` = (`karma`+$value) WHERE `id` = '$photo[id_user]'");
				mysql_query("INSERT INTO `voting` SET `type` = 'gallery', `id_who` = '$u[id]', `id_for` = '$id'");
			}
		}
		header('location: ?act=view&id='.$id);
		exit;
	break;
	
	case 'article_edit':
		if ($u['access'] > 1) {
			$blog = mysql_fetch_assoc(mysql_query("SELECT * FROM `blogs` WHERE `id` = '$id'"));
			if ($blog['id']) {
				if (isset($_GET['ok'])) {
					if ($_POST['name'] and $_POST['text']) {
						$name = check($_POST['name']);
						$text = check($_POST['text']);
						mysql_query("UPDATE `blogs` SET `name` = '$name', `text` = '$text' WHERE `id` = '$id'");
						header('location: ?act=view&id='.$id);
						exit;
					} else {
						header('location: ?act=artiсle_edit&id='.$id);
						exit;
					}
				} else {
					tp('Редактирование статью');
					echo '<form action="?act=article_edit&amp;id='.$id.'&amp;ok=1" method="post">
					Название(max50):<br /><input name="name" type="text" maxlength="50" value="'.$blog['name'].'" /><br />
					Текст:<br /><textarea name="text" cols="" rows="3">'.$blog['text'].'</textarea><br />
					<input name="submit" type="submit" value="Ok" />
					</form>';
					nav('?act=view&amp;id='.$id);
				}
			} else {
				error('Статья не существует.');
				nav('?');
			}
		} else {
			header('location: ?');
			exit;
		}
	break;
	
	case 'photo_del':
		if ($u['access'] == 3) {
			$photo = mysql_fetch_assoc(mysql_query("SELECT * FROM `gallery` WHERE `id` = '$id'"));
			if ($photo['id']) {
				if (isset($_GET['ok'])) {
					unlink('inc/gallery/'.$photo['file']);
					mysql_query("DELETE FROM `gallery` WHERE `id` = '$photo[id]'");
					header('location: ?');
					exit;
				} else {
					tp('Подтверждение');
					echo 'Вы действительно хотите удалить фото "'.$photo['name'].'"?<br />
					<form action="?act=photo_del&amp;id='.$id.'&amp;ok=1" method="post">
					<input name="submit" type="submit" value="Yeah" />
					</form>';
					nav2('?act=view&amp;id='.$photo['id'], 'К фото');
				}
			} else {
				error('Фото не существует.');
				nav('?');
			}
		} else {
			header('location: ?');
			exit;
		}
	break;

	case 'comm':
		$load = mysql_fetch_assoc(mysql_query("SELECT `name` FROM `loads_files` WHERE `id` = '$id'"));
		if ($load['name']) {
			echo '<div class="title">'.$load['name'].'</div><div class="list">';
			$count_comm = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `loads_comm` WHERE `id_load` = '$id'"), 0);
			if ($count_comm > 0) {
				$pages = ceil($count_comm/$config['onpage']);
				if (intval($_REQUEST['p'])) {
					$page = intval($_REQUEST['p']);
				} else {
					$page = 1;
				}
				$from = ($page-1)*$config['onpage'];
		
				$comm_r = mysql_query("SELECT * FROM `loads_comm` WHERE `id_load` = '$id' ORDER BY `time` DESC LIMIT $from, $config[onpage]");
				while ($comm = mysql_fetch_assoc($comm_r)) {
					if (!isset($num) ) $num = 1;  
					$num++;
					$row_class = (!($num % 2)) ? 'row1' : 'row2';	
					echo '<div class="'.$row_class.'">';
				
					echo '<a href="profile.php?id='.$comm['id_user'].'">'.login($comm['id_user']).'</a> '.online(date('d.m.y, H:i', $comm['time']), $comm['id_user']).' <a href="?act=comm_reply&amp;id='.$comm['id'].'">Отв</a>';
					if ($u['access'] > 0 or $u['id'] and $u['id'] == $comm['id_user'] and time() - $comm['time'] < $config['edit_time']) echo '|<a href="?act=comm_edit&amp;id='.$comm['id'].'">Ред</a>';
					if ($u['access'] > 0) echo '|<a href="?act=comm_del&amp;id='.$comm['id'].'">Уд</a>';
					echo '<br />'.bb($comm['msg']);
					if ($comm['edit_by']) echo '<br />_______<br /><span style="font-size: 10px;">отредактировано: '.login_simple($comm['edit_by']).' ('.date('d.m.y, H:i', $comm['edit_time']).' )</span>';
					echo '</div>';
				}
				navig($page, '?act=comm&amp;id='.$id.'&amp;', $pages);
			} else {
				echo 'Комментарий к этой новости еще нет.';
			}
			echo '</div>';
			if ($u['id']) {
				echo '<div class="main">Добавить (max250):<br />
				<form action="?act=comm_add&amp;id='.$id.'" method="post">
				<textarea name="msg" cols="" rows="3"></textarea>';
				echo '<input name="" type="submit" value="Ok">
				</form>
				</div>';
			}
		} else {
			error('Новость не существует или она была удалена.');
		}
		nav2('?act=view&amp;id='.$id, 'К файлу');
	break;
	
	case 'comm_add':
		$id = intval($_REQUEST['id']);
		$load = mysql_fetch_assoc(mysql_query("SELECT `id` FROM `loads_files` WHERE `id` = '$id'"));
		if ($load['id']) {
			if ($_POST['msg']) {
				if (time() > $_SESSION['antispam']) {
					$msg = check($_POST['msg']);
					mysql_query("INSERT INTO `loads_comm` SET `id_load` = '$id', `id_user` = '$u[id]', `msg` = '$msg', `time` = '".time()."'");
					mysql_query("UPDATE `users` SET `karma` = (karma+1) WHERE `id` = '$u[id]'");
					$_SESSION['antispam'] = time() + $config['antispam'];
					header('location: ?act=comm&id='.$id);
				} else {
					error('Антиспам. Разрешено писать раз в '.$config['antispam'].' сек.');
					nav('?act=comm&amp;id='.$id);
				}
			} else {
				error('Вы не заполнили поле.');
				nav('?act=comm&amp;id='.$id);
			}
		} else {
			error('Новость не существует или она была удалена.');
			nav2('?', 'В загруз-центр');
		}
	break;
	
	case 'comm_reply':
		if ($u['id']) {
			$id = intval($_REQUEST['id']);
			$comm_r = mysql_query("SELECT `id_load`, `id_user` FROM `loads_comm` WHERE `id` = '$id'");
			$comm = mysql_fetch_assoc($comm_r);
			if ($comm['id_load']) {
				if ($_REQUEST['ok']) {
					if (time() > $_SESSION['antispam']) {
						if ($_POST['msg']) {
							$msg = check($_POST['msg']);
							mysql_query("INSERT INTO `loads_comm` SET `id_load` = '$comm[id_load]', `id_user` = '$u[id]', `msg` = '$msg', `time` = '".time()."'");
							mysql_query("UPDATE `users` SET `karma` = (karma+1) WHERE `id` = '$u[id]'");
							$_SESSION['antispam'] = time() + $config['antispam'];
							header('location: ?act=comm&id='.$comm['id_load']);
						} else {
							error('Вы не заполнили поле.');
							nav('?act=comm_reply&amp;id='.$id);
						}
					} else {
						error('Антиспам. Разрешено писать раз в '.$config['antispam'].' сек.');
						nav('?act=comm&amp;id='.$comm['id_load']);
					}
				} else {
					tp('Ответ на сообщение');
					echo '<form action="?act=comm_reply&amp;id='.$id.'&amp;ok=1" method="post">
					Сообщение(max250):<br /><textarea name="msg" cols="" rows="3">[b]'.login_simple($comm['id_user']).'[/b], </textarea><br />';
					echo '<input name="submit" type="submit" value="Ok" />
					</form>';
					nav('?act=comm&amp;id='.$comm['id_load']);
				}
			} else {
				error('Комментарий, на которое вы хотите ответить, не существует.');
				nav2('?', 'в загруз-центр');
			}
		} else {
			header('location: login.php');
		}
	break;
	
	case 'comm_edit':
		if ($u['id']) {
			$id = intval($_REQUEST['id']);
			$comm_r = mysql_query("SELECT * FROM `loads_comm` WHERE `id` = '$id'");
			$comm = mysql_fetch_assoc($comm_r);
			if ($comm['id']) {
				if ($u['access'] > 0 or $u['id'] == $comm['id_user'] and time() - $comm['time'] < $config['edit_time']) {
					tp('Редактирование комментария');
					if (empty($_REQUEST['ok'])) {
						echo '<form action="?act=comm_edit&amp;id='.$id.'&amp;ok=1" method="post">
						Сообщение(max250):<br /><textarea name="msg" cols="" rows="3">'.$comm['msg'].'</textarea>
						<input name="submit" type="submit" value="Ok" />
						</form>';
						nav('?act=comm&amp;id='.$comm['id_load']);
					} else {
						if ($_POST['msg']) {
							$msg = check($_POST['msg']);
							mysql_query("UPDATE `loads_comm` SET `msg` = '$msg', `edit_by` = '$u[id]', `edit_time` = '".time()."' WHERE `id` = '$id'");
							header('location: ?act=comm&id='.$comm['id_load']);
						} else {
							error('Вы не заполнили поле.');
							nav('?act=comm_edit&amp;id='.$id);
						}
					}
				} else {
					error('Нельзя отредактировать этот комментарий.');
					nav('?act=comm_edit&amp;id='.$comm['id_load']);
				}
			} else {
				error('Комментарий не существует.');
				nav2('?', 'К загрузкам');
			}
		} else {
			header('location: login.php');
		}
	break;
	
	case 'comm_del':
		if ($u['access'] > 0) {
			$id = intval($_REQUEST['id']);
			$comm_r = mysql_query("SELECT `id_load` FROM `loads_comm` WHERE `id` = '$id'");
			$comm = mysql_fetch_assoc($comm_r);
			if ($comm['id_load']) {
				mysql_query("DELETE FROM `loads_comm` WHERE `id` = '$id'");
				header('location: ?act=comm&id='.$comm['id_load']);
			} else {
				header('location: ?');
			}
		} else {
			header('location: ?');
		}
	break;	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
	
}

require_once 'system/tail.php';
?>