Просмотр файла modules/friends/add.php

Конкурс дизайнеров на 15000 рублей
Реклама ваших сайтов
Размер файла: 1.48Kb 
  1. <?php
  2. if(!isset($user) || !isset($_GET['id']) || $_GET['id'] == 0 || $_GET['id'] == $user['id'] || $db->query("SELECT * FROM `friends` WHERE `friend_id` = '". abs(intval($_GET['id'])) ."' AND `user_id` = '". $user['id'] ."'")->rowCount() !=0 || $db->query("SELECT * FROM `friends` WHERE `user_id` = '". abs(intval($_GET['id'])) ."' AND `friend_id` = '". $user['id'] ."'")->rowCount() !=0) 
  3. 	{
  4. 		header('location: /');
  5. 		exit;
  6. 	}
  7. if(isset($_GET['id']) && isset($_POST['no']))
  8. 	{
  9. 	header('location: /user/'. abs(intval($_GET['id'])));
  10. 	exit;
  11. 	}
  12. elseif(isset($_GET['id']) && isset($_POST['yes']))
  13. 	{
  14. 	$db->query("INSERT INTO `friends` SET `user_id` = '" .$user['id'] ."', `friend_id` = '". abs(intval($_GET['id'])) ."', `active` = '0'");
  15. 	header('location: /user/'. abs(intval($_GET['id'])));
  16. 	exit;
  17. 	}
  18. $title = $lang->word('friends_add');
  19. require_once(SYS.'/view/header.php');
  20. $tpl->div('title', $lang->word('friends_add'));
  21. echo '<div class="menu">
  22. 		<form action="/friends/add/'.abs(intval($_GET['id'])) .'?act=last" method="post">
  23. 		'. $lang->word('friends_verify_add').' <b>'.tnick(abs(intval($_GET['id']))).'</b>?<br/>
  24. 		<input type="submit" name="yes" value="'.$lang->word('yyes').'" /> <input type="submit" name="no" value="'. $lang->word('yno').'" />
  25. 		</form>
  26. 	</div>';
  27. $tpl->div('block', NAV .'<a href="/user/'. abs(intval($_GET['id'])) .'">'. $lang->word('back') .'</a><br/>'
  28. 				. HICO .'<a href="/">'. $lang->word('home') .'</a>');
  29. require_once(SYS .'/view/footer.php');
  30. ?>