Просмотр файла photo/index.php

<?
/*
=============================================
Движок:  SHCMS Engine
=============================================
Название файла: Фотоальбомы
=============================================
Official website: http://shcms.ru
=============================================
*/
define('SHCMS', true);
include_once'../system/inc/basic_settings.php';
 
switch($act):
default:
$shcmsengine['title'] = 'Фотоальбомы'; 
include_once'../template/head.php';
 
$boys = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`)FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '1'"), 0);
$girls = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`)FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '2'"), 0);
 
echo '<div class="maintitle mainrazd">Фотоальбомы</div>';
echo '<div class="maintext">
<div class="posts"><a href="?act=boys">Мальчики</a>&nbsp;<span class="mainforum">Всего: '. $boys.'</span></div>
<div class="posts"><a href="?act=girl">Девочки</a>&nbsp;<span class="mainforum">Всего: '. $girls.'</span></div></div>';
break;
 
 
case 'boys':
$shcmsengine['title'] = 'Фотоальбомы - Мальчики'; 
include_once'../template/head.php';
 
		    $allfield = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`) FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '1'"), 0);
        $newlist = new Navigation($allfield, 10, true); 
		
 
 
$users_boy = mysql_query("SELECT `photo_users`.*, COUNT(`photo_users`.`id`) AS `photo_count`, `users`.`id` , `users`.`login` FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE users.`pol` = '1' GROUP BY `photo_users`.`user_id` ORDER BY `users`.`login` ". $newlist->limit()."");
if(mysql_num_rows($users_boy) != 0) {
while($users_boys = mysql_fetch_array($users_boy)) {
 
echo '<div class="posts"><img src="../template/icon/users/1.png">&nbsp;
<a href="?act=from&photo_user='.$users_boys['id'].'">'.$users_boys['login'].'</a><span class="mainforum">Фотографий: '.$users_boys['photo_count'].'</span></div>';
 
}
        echo '<div class="pages">';
        echo $newlist->pagination('act=boys');
        echo '</div>';
}else {
echo '<div class="posts">';
echo SHCMS_core::img_shcms('../template/icon/empty.png');
echo 'Фотоальбомы у Парней временно отсутствуют</div>';
}
break;
 
case 'girl':
	$shcmsengine['title'] = 'Фотоальбомы - Девочки'; 
include_once'../template/head.php';
 
		    $allfield = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`) FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '2'"), 0);
        $newlist = new Navigation($allfield, 10, true); 
	$users_girl = mysql_query("SELECT `photo_users`.*, COUNT(`photo_users`.`id`) AS `photo_count`, `users`.`id` , `users`.`login` FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE users.`pol` = '2' GROUP BY `photo_users`.`user_id` ORDER BY `users`.`login`  ". $newlist->limit()."");
	if(mysql_num_rows($users_girl) != 0) {
		while($users_girls = mysql_fetch_array($users_girl)) {
			echo '<div class="posts"><img src="../template/icon/users/2.png">&nbsp;
			<a href="?act=from&photo_user='.$users_girls['id'].'">'.$users_girls['login'].'</a> <span class="mainforum">Фотографий: '.$users_girls['photo_count'].'</span></div>';
 
		}
		echo '<div class="pages">';
        echo $newlist->pagination('act=girl');
        echo '</div>';
	}
	else {
		echo '<div class="posts">';
		echo SHCMS_core::img_shcms('../template/icon/empty.png');
		echo 'Фотоальбомы у Девушек временно отсутствуют</div>';
	}
 
break;
 
	/*
	 * @var  Вывод всех папок пользоваля
	 * string  case: photos_upload
	*/		
	
case 'from':
	if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
	$users_from = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '$photo_user'"));
$shcmsengine['title'] = 'Фотоальбомы - '.$users_from['login'].''; 
	include_once'../template/head.php';
 
 
 
    echo '<div class="maintitle mainrazd">Фотоальбомы: '.$users_from['login'].' <a href="'.DIR_SHCMS.'change_view.php?id='.$users_from['id'].'"><span style="font-size:9px">[анкета]</span></a></div>';
    echo '<div class="maintext">';
	
            $allfield = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_dir`  WHERE `user_id` = $users_from[id]"),0);
        $newlist = new Navigation($allfield, 10, true); 
		
	    $photo_cat = mysql_query("SELECT * FROM `photo_dir` WHERE `user_id` = $users_from[id] ORDER BY `id` DESC  ". $newlist->limit()." ");
    if(mysql_num_rows($photo_cat) != 0) {
        while($photo_dir = mysql_fetch_array($photo_cat)) {
            $count_photo = mysql_result(mysql_query("SELECT * FROM `photo_users` WHERE `id_photo` = '$photo_dir[id]'"),0);
            echo '<div class="posts"><img src="../download/icons/image.png">&nbsp;
            <a href="?act=dirname&dir='.$photo_dir['id'].'&photo_user='.$photo_dir['user_id'].'"><strong>'.$photo_dir['title'].'</strong></a>&nbsp;';
 
            if($count_photo) { 
				echo '('.$count_photo.')'; 
			}else { 
				echo '(пусто)'; 
			}
                echo '<span class="maintime">'.$timedate->times($photo_dir['time']).'</span><br/><span style="font-size:11px;">'.processing($photo_dir['opis']).'</span></div>';
			        
        }
				echo '<div class="pages">';
        echo $newlist->pagination("act=from&photo_user=$photo_user");
        echo '</div>';
    }else {
        echo '<div class="posts"><img src="../template/icon/empty.png">&nbsp; Ничего не найдено!</div>';
    }
	if($user_id == $photo_user) {
	    echo '<div class="posts"><a href="?act=new_photo&photo_user='.$photo_user.'">Создать новый альбом</div>';
	}
echo '</div>';
 
 
break;
	/*
	 * @var  Создании новой папки
	 * string  case: new_photo
	*/		
case 'new_photo':
	if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
	$shcmsengine['title'] = 'Фотоальбомы - Создать новый альбом'; 
include_once'../template/head.php';
 
if($user_id != $photo_user) {
	errors('Вы не можете создать папку для другого пользователя');
	header("Refresh: 1; url=?");
	include_once'../template/foot.php';
	exit;
}
if(isset($_POST['submit'])) {
    $submit = $_POST['submit']; 
}
 
if(isset($submit)) { 
 
if(isset($_POST['photo'])) {
    $photo = $_POST['photo']; 
}
if(isset($_POST['opis'])) {
    $opis = $_POST['opis']; 
}
 
$photo = htmlspecialchars($photo);
$opis = htmlspecialchars($photo);
 
if(empty($photo)) {
	errors('Названия альбома отсутствует');
	header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
	include_once'../template/foot.php';
	exit;
}
 
if(strlen($photo) < 2 and strlen($photo) > 50) {
	errors('Названия не должно превышать 50символов');
	header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
	include_once'../template/foot.php';
	exit;
 
}
 
                $newdir = mysql_query("SELECT * FROM `photo_dir` WHERE `title`='" . my_esc($photo) . "' AND `user_id` = '$photo_user'");
		
        if (mysql_fetch_array($newdir) != 0) 
	    {
            errors('Название которую вы ввели уже существует');
            header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
            include_once'../template/foot.php';
            exit();      
	    }
		
		$insert_photo = mysql_query("INSERT INTO `photo_dir` SET `user_id` = '".my_esc($photo_user)."',`title` = '".my_esc($photo)."', `opis` = '".my_esc($opis)."',`time` = '".time()."'");
            if($insert_photo == true) {
	            messag('Папка успешно создана');
                header("Refresh: 1; url=?act=from&photo_user=$photo_user");		
			}else {
				errors('Ошибка при создании папки');
				header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
				include_once'../template/foot.php';
				exit;
			}
 
	}
 
	$form = new form("?act=new_photo&photo_user=$photo_user");
	$form->input('<strong>Названия альбомa:</strong>','photo','text',false,true);
	$form->textarea('<strong>Описания альбомa:</strong>','opis',false,true);
	$form->submit('Создать альбом','submit');
	$form->finish();
break;
 
	/*
	 * @var  Вывод всех фотографий
	 * string  case: dirname
	*/		
	case 'dirname':
		if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
		if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
		$dirname = mysql_fetch_array(mysql_query("SELECT * FROM `photo_dir` WHERE `id` = '$dir'"));
			$shcmsengine['title'] = 'Фотоальбомы - '.$dirname['title'].''; 
	include_once'../template/head.php';
 
 
		echo '<div class="maintitle mainrazd">Альбом : '.$dirname['title'].'</div>';
		echo '<div class="maintext">'.processing($dirname['opis']).' <span class="mainforum">'.$timedate->times($dirname['time']).'</span></div>';
		echo '<div class="maintext">';
		            $allfield = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_users`  WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir'"),0);
        $newlist = new Navigation($allfield, 10, true); 
	$photo_list = mysql_query("SELECT * FROM `photo_users` WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir' ". $newlist->limit()." ");
	if(mysql_num_rows($photo_list) != 0) {
		while($photo_dirname = mysql_fetch_array($photo_list)) {
			echo '<div class="posts">';
			echo '<img width="70px" src="../photo/files/'.$photo_dirname['name'].'"><span class="mainforum">'.$timedate->times($photo_dirname['time']).'</span><br/>';
			echo processing($photo_dirname['opis']);
			echo '<div style="text-align:right;"><a href="?act=prosmotr&dir='.$dir.'&files='.$photo_dirname['id'].'&photo_user='.$photo_user.'">Подробнее...</div></div>';
		
 
		}
				echo '<div class="pages">';
        echo $newlist->pagination("act=dirname&dir=$photo_dir[id].'&photo_user=$photo_dir[user_id]");
        echo '</div>';
		}else {
        echo '<div class="posts"><img src="../template/icon/empty.png">&nbsp; Ничего не найдено!</div>';
    }
			echo '</div>';
			if($user_id == $photo_user) {
			    echo '<div class="posts"><a href="?act=photos_upload&dir='.$dir.'&photo_user='.$photo_user.'">Добавить фотографию</a></div>';
			}
			
	break;
 
	/*
	 * @var  Функция загрузки фотографии
	 * string  case: photos_upload
	*/		
case 'photos_upload':
 
	if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
	if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
	
$shcmsengine['title'] = 'Фотоальбомы - Добавить фотографию'; 
	include_once'../template/head.php';
 
 
if($user_id != $photo_user) {
	errors('Вы не можете загружать файлы для другого пользователя');
	header("Refresh: 1; url=?");
	include_once'../template/foot.php';
	exit;
}
	
if(isset($_POST['submit'])) {
    $submit = $_POST['submit']; 
}
 
if(isset($submit)) { 
 
if(isset($_POST['files'])) {
    $files = $_POST['files']; 
}
if(isset($_POST['files_opis'])) {
    $files_opis = $_POST['files_opis']; 
}
 
			if(isset($_FILES['files']))
			{
			    $files_image = $_FILES['files']['name'];
            }
			$files_image = utf8_win(SHCMS_core::Upload_end($files_image));
        if(!empty($_FILES['files']))
        {
            $files_opis = htmlspecialchars($files_opis);
		if(! $files_img = @imagecreatefromjpeg($_FILES ['files'] ['tmp_name']) and ! $files_img = @imagecreatefrompng($_FILES ['files'] ['tmp_name']) and ! $files_img = imagecreatefromgif($_FILES['files']['tmp_name']))
    	{
    		 echo '<div class="errors">Файл не является изображением JPEG, PNG или GIF</div>';
    		 header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
    		 include_once'../template/foot.php';
    		 exit();
   		}
	    if(!preg_match('#\.jpe?g$#ui', $_FILES ['files']['name']) and !preg_match('#\.gif$#ui',$_FILES['files']['name'])and !preg_match('#\.png$#ui',$_FILES['files']['name']))
    	{
    		 echo '<div class="errors">Неверное содержание файла</div>';
     		header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
     		include_once'../template/foot.php';
   			  exit();
    	}
	
 
	}
		$pol_users = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '$photo_user'"));
		$upload_image = mysql_query("INSERT INTO `photo_users` SET `user_id` = '$photo_user',`id_photo` = '$dir', `opis` = '$files_opis', `name` = '$files_image',`time` = '".time()."',`pol` = '$pol_users[pol]', `size` = '".$_FILES['files']['size']."'");
	    $uploaddir = $_SERVER['DOCUMENT_ROOT']."/photo/files/$files_image";
    if(move_uploaded_file($_FILES["files"]["tmp_name"], $uploaddir) == true)
    {
        messag("Фотография загружена");
		header("Refresh: 1; url=?act=dirname&dir=$dir&photo_user=$photo_user");
        include_once'../template/foot.php';
        exit();
			
    }else {
		errors('Фотография не загружена');
        header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
        include_once'../template/foot.php';
        exit();
		}
}
 
 
	$form = new form("?act=photos_upload&dir=$dir&photo_user=$photo_user",false,false,'enctype="multipart/form-data"');
	$form->input('<strong>Фотография:</strong>','files','file',false,true,false,false,false,'accept=\'image/*,image/gif,image/jpeg,image/png\'');
	$form->textarea('<strong>Описания фотографии:</strong>','files_opis',false,true);
	$form->submit('Загрузить','submit');
	$form->finish();
	
echo '<div class="posts">* Разрешено выгружать только файлы (PNG, GIF, JPEG)</div>';
break;
 
 
case'prosmotr':
	
$shcmsengine['title'] = 'Фотоальбомы - Фотографии'; 
	include_once'../template/head.php';
 
	if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
	if(isset($_GET['files'])) {$files = $_GET['files'];}
	if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
	
	if(!dir and !$files and !$photo_user) {
		errors('Фотография не найдено');
        header("Refresh: 1; url=?act=dirname&dir=$dir&photo_user=$photo_user");
        include_once'../template/foot.php';
        exit();	
	}
 
	$prosmotr = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir'"));
	$files_user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`= '$photo_user'"));
	echo '<div class="maintitle mainrazd">Фотография: №: '.$prosmotr['id'].'</div>';
	echo '<div class="maintext">';
	echo '<center><img src="files/'.$prosmotr['name'].'"></center></div>';
	echo '<div class="maintext">';	
	echo 'Названия: '.$translits->translit_rus(SHCMS_core::format2($prosmotr['name']));
	echo '<br/>Добавил: <a href="'.DIR_SHCMS.'change_view.php?id='.$files_user['id'].'">'.$files_user['login'].'</a><span class="mainforum">'.$timedate->times($prosmotr['time']).'</span>';
		echo '<br/>Размер: '.size($prosmotr['size']);
	if ($prosmotr['opis'] == false) {
		echo '<br/>Описания: Описания не добавлено!';
	}else {
	echo '<br/>Описания: '.processing($prosmotr['opis']);
	}
	echo '<hr/>';
	echo '<a href="?act=download&id_down='.$prosmotr['id'].'">Скачать</a> <span style="font-size:10px;">(Загрузок: '.$prosmotr['count'].')</span><br/>';
	echo '<a href="comment.php?id='.$prosmotr['id'].'">Комментарии</a> ('.mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_comm` WHERE `id_comm` = '$prosmotr[id]'"),0).')';
	echo '</div>';
break;
 
case 'download':
 
	include_once'../template/head.php';
 
	if(isset($_GET['id_down'])) {$id_down = $_GET['id_down'];}
	$photo_file = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `id` = '$id_down'"));
$filename = '../photo/files/'.$photo_file['name'].'';
 
 
        if (file_exists($filename)) { 
		mysql_query("UPDATE `photo_users` SET `count` = '".($photo_file['count'] + 1)."' WHERE `id` = '$id_down'");
            $list = $filename;
            $name = explode("/",$list);
            $name = $name[count($name)-1];
            header('Content-type: text/plain');
            header("Content-disposition: attachment; filename=$name");
            header('Content-Description: File Transfer');
            header('Content-Transfer-Encoding: binary');
            header('Expires: 0');
            header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
            header('Pragma: public');
            header('Content-Length: ' . filesize($list));
            ob_clean();
            flush();
            readfile($list);
        } else { 
		    errors('Файла не существует!');
		}
 
 
break;
endswitch;
 
 
echo '<div class="link_str"><a href="index.php">Назад</div>';
include_once'../template/foot.php';
?>