Просмотр файла users/friend.php

Размер файла: 7.95Kb
<?
include('../core/core.php');
include(BASEDIR.INC.'func.php');
include(BASEDIR.INC.'session.php');
include(BASEDIR.INC.'session_user.php');
$mode = htmlspecialchars($_GET['mode']);
include(BASEDIR.INC.'head.php');
show_title('Друзья');
if(is_user()){
$users = mysql_query('SELECT * FROM users WHERE login = "'.$_COOKIE['login'].'"');
$users = mysql_fetch_assoc($users);
echo '<div class="razdel">Друзья</div>';
switch ($mode):
case 'index':
define('TOPAGE',10);
$page=(int)$_GET['page'];  
     
   $q=mysql_result(mysql_query("SELECT COUNT(*) FROM `friend` WHERE `kto`='".$_COOKIE['login']."'"),0);  
      
    $total = intval(($q - 1) / TOPAGE) + 1;  
      
    if(empty($page) or $page < 0) $page = 1;  
      
    if($page > $total) $page = $total;  
      
    $start = $page * TOPAGE -TOPAGE;  

    $g=mysql_query("SELECT * FROM `friend` WHERE `kto`='".$_COOKIE['login']."' LIMIT $start,".TOPAGE."");  
while($u=mysql_fetch_array($g)){ 
echo'<div class="menu">';
$li =mysql_query("SELECT * FROM users WHERE `login`='".$u['kogo']."';");
$li = mysql_fetch_assoc($li);
if($li['status'] == 101){$st ='Администратор';}
if($li['status'] == 102){$st ='Помощник Администратора';}
if($li['status'] == 103){$st ='Модератор';}
if($li['status'] == 104){$st ='Помощник Модератора';}
if($li['status'] == 105){$st ='Пользователь';}
if($li['avatar_mini'] == NULL){ $avatar ='/images/noavatar.gif'; } else {$avatar = ''.$li['avatar_mini'].'';}
$p = mysql_query('SELECT * FROM session_user WHERE user = "'.$u['kogo'].'"');
if(mysql_num_rows($p) != 0){ $on ='[<font color="green">On</font>]'; } else { $on ='[<font color="red">Off</font>]'; }



echo'<div style="overflow: hidden"><div style="float: left"><img src="'.$avatar.'"></div> <a href="/users/profile.php?user='.$u['kogo'].'">'.$u['kogo'].'</a> <br />
 '.$st.' '.$on.'</div><div align="right"><a href="?mode=delet&id='.$u['id'].'">Удалить</a></div>';
 
echo'</div>';
}  
if ($page != $total) $nextpage = ' <a href="?mode=index&page='. ($page + 1) .'">Далее</a>';  
if($page - 1 > 0) $pageback = '<a href="?mode=index&page='. ($page - 1) .'">Назад</a> ';  


echo''.$pageback.'  '.$nextpage.'';
echo'<div class="menu"><a href="?mode=add">Добавить</a></div>';
break;
case 'my_friends':
$login = mysql_real_escape_string(htmlspecialchars($_GET['login']));
if($login == NULL){$login =  $_COOKIE['login'];} else { $login = $login; }

define('TOPAGE',10);
$page=(int)$_GET['page'];  
     
   $q=mysql_result(mysql_query("SELECT COUNT(*) FROM `friend` WHERE `kto`='".$login."'"),0);  
      
    $total = intval(($q - 1) / TOPAGE) + 1;  
      
    if(empty($page) or $page < 0) $page = 1;  
      
    if($page > $total) $page = $total;  
      
    $start = $page * TOPAGE -TOPAGE;  

    $g=mysql_query("SELECT * FROM `friend` WHERE `kto`='".$login."' LIMIT $start,".TOPAGE."");  
while($u=mysql_fetch_array($g)){ 
echo'<div class="menu">';
$li =mysql_query("SELECT * FROM users WHERE `login`='".$u['kogo']."';");
$li = mysql_fetch_assoc($li);
if($li['status'] == 101){$st ='Администратор';}
if($li['status'] == 102){$st ='Помощник Администратора';}
if($li['status'] == 103){$st ='Модератор';}
if($li['status'] == 104){$st ='Помощник Модератора';}
if($li['status'] == 105){$st ='Пользователь';}
if($li['avatar_mini'] == NULL){ $avatar ='/images/noavatar.gif'; } else {$avatar = ''.$li['avatar_mini'].'';}
$p = mysql_query('SELECT * FROM session_user WHERE user = "'.$u['kogo'].'"');
if(mysql_num_rows($p) != 0){ $on ='[<font color="green">On</font>]'; } else { $on ='[<font color="red">Off</font>]'; }



echo'<div style="overflow: hidden"><div style="float: left"><img src="'.$avatar.'"></div> <a href="/users/profile.php?user='.$u['kogo'].'">'.$u['kogo'].'</a> <br />
 '.$st.' '.$on.'</div></div>';
 
echo'</div>';
}  
if ($page != $total) $nextpage = ' <a href="?mode=my_friends&login='.$login.'&page='. ($page + 1) .'">Далее</a>';  
if($page - 1 > 0) $pageback = '<a href="?mode=my_friends&login='.$login.'&page='. ($page - 1) .'">Назад</a> ';  


echo''.$pageback.'  '.$nextpage.'';


break;
case 'add':
echo'<div class="menu">';
include(BASEDIR.MODUL.'privat/privat.php');
$o= mysql_query("SELECT count(*) FROM `friend` WHERE kto = '".$_COOKIE['login']."'");
$r = mysql_fetch_row($o);
$t = $r[0];
if($t >= $max_friend ){echo'Ваш контакт лист переполнен!';} else {
$login = htmlspecialchars($_GET['login']);
echo'
<form action="?mode=add_ok" method="post">
Логин:<br />
<input name="log" type="text" value="'.$login.'" maxlength="30" /><br />
<input name="" type="submit" value="Добавить" />
</form>
';
}
echo'</div>';
break;
case 'add_ok':
$log = htmlspecialchars($_POST['log']);
$t = mysql_query('SELECT * FROM friend WHERE kto = "'.$_COOKIE['login'].'" AND kogo = "'.$log.'"');
$t = mysql_fetch_assoc($t);
echo'<div class="menu">';
if($log == !NULL && empty($t['kogo'])){

$tz = mysql_query('SELECT * FROM drug WHERE my_login = "'.$_COOKIE['login'].'" AND send_login = "'.$log.'"');
$tz = mysql_fetch_assoc($tz);
if($log == !NULL && empty($tz['send_login'])){
echo'Предложение о дружбе отправлено!';
$i = $_COOKIE['login'];
mysql_query("INSERT INTO `drug`(`my_login`,`send_login`) VALUES ('$i','$log')");
$data = date("d.m.Y H:i:s");
$msg = 'Пользователь <strong>'.$i.'</strong> хочет добавить вас в <a href="/users/friend.php?mode=new">друзья!</a>';
mysql_query("INSERT INTO `send_mail`(`my_login`, `send_login`, `msg`, `data`) VALUES ('System','$log','$msg','$data')");
mysql_query("UPDATE `users` SET `my_mail`=`my_mail` + 1 WHERE login = '".$log."'");
}else {echo'Заявка уже отправлена!'; }
} else { echo'Логин не указан или друг уже добавлен! Ошибка!'; }
echo'</div>';
break;
case 'delet':
echo'<div class="menu">';
$id = abs(htmlspecialchars($_GET['id']));
if($id == !NULL){
echo'Все прошло отлично!';
mysql_query("DELETE FROM `friend` WHERE `id` = '".$id."'");
} else { echo'Логин не указан! Ошибка!'; }
echo'</div>';
break;
case 'new':
$g=mysql_query("SELECT * FROM `drug` WHERE `send_login`='".$_COOKIE['login']."'");  
while($u=mysql_fetch_array($g)){ 
echo'<div class="menu">';
echo'<a href="/users/profile.php?user='.$u['my_login'].'">'.$u['my_login'].'</a> [<a href="?mode=new_ok&id='.$u['id'].'">Принять</a>][<a href=?mode=new_no&id='.$u['id'].'>Отклонить</a>]';
echo'</div>';
}
break;
case 'new_ok':
$id = abs(htmlspecialchars($_GET['id']));
$g=mysql_query("SELECT * FROM `drug` WHERE `id`='".$id."'");  
$g = mysql_fetch_assoc($g);
$i = $_COOKIE['login'];
$log = $g['my_login'];
if($g['my_login'] == $_COOKIE['login'] || $g['send_login'] == $_COOKIE['login']){
mysql_query("INSERT INTO `friend`(`kto`,`kogo`) VALUES ('$i','$log')");
mysql_query("INSERT INTO `friend`(`kto`,`kogo`) VALUES ('$log','$i')");
mysql_query("DELETE FROM `drug` WHERE `send_login` = '".$i."'");

echo'<div class="menu">';
echo'Заявка принята!';
echo'</div>';
}
break;
case 'new_no':
$id = abs(htmlspecialchars($_GET['id']));
$g=mysql_query("SELECT * FROM `drug` WHERE `id`='".$id."'");  
$g = mysql_fetch_assoc($g);
if($g['my_login'] == $_COOKIE['login'] || $g['send_login'] == $_COOKIE['login']){
mysql_query("DELETE FROM `drug` WHERE `id` = '".$id."'");
echo'<div class="menu">';
echo'Заявка откланена!';
echo'</div>';
}
break;
default: 
header ('location: ?mode=index'); 
endswitch;
} else {echo '<div class="razdel">Доступ закрыт!</div>';
echo'<div class="menu">Доступ разрешен только зарегистированым!</div>';
}
echo'<div class="menu"><a href="/">На главную</a></div>';
include(BASEDIR.INC.'foot.php');
?>