View file photo_album.php

File size: 31.81Kb
<?php
include 'sys/db.php';
include 'sys/conf.php';
include 'sys/start.php';
include 'sys/functions.php';
$config_title_name = "Фотоальбомы";
include 'style/head.php';

if(isset($user['login'])){
$act = isset($_GET['act']) ? $_GET['act'] : '';
switch($act){
default:
echo "<div class=title>Фотоальбомы</div>\n";
echo "<div class=content>\n";
echo "<img src='img/man.gif' alt=''>  <a href='?act=man'>Парни</a> [".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums` WHERE `pol` = '1'"),0)." / ".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `user_pol` = '1'"),0)."]<br>\n";
echo "<img src='img/woman.gif' alt=''>  <a href='?act=woman'>Девушки</a> [".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums` WHERE `pol` = '2'"),0)." / ".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `user_pol` = '2'"),0)."]<br>\n";
echo "</div>\n";
echo "<div class=stat>\n";
echo "<a href='?act=myalbum'>Мои альбомы</a></div>\n";
if ($user['photo_albums'] < $config_photo_albums) {
echo "<div class=stat>\n";
echo "<a href='?act=create'>Создать альбом</a></div>\n";}
echo "<div class=stat>\n";
echo "\n<a href='index.php'>Прихожая</a>\n";
echo "</div>\n";
break;

case('create'):
if ($user['photo_albums'] < $config_photo_albums) {
echo "<div class=title>Создать новый альбом</div>\n";
echo "<div class=content>\n";
echo "<form action='?act=add_album' method='post'>\n";
echo "Имя альбома: <br>\n";
echo "<input name='name' type='text' maxlength='32'><br>\n";
echo "Описание: <br>\n";
echo "<input name='description' type='text' maxlength='500'><br>\n";
echo "<input type='submit' value='Создать'></form>\n";
}else{ echo "<br> У вас больше чем $config_photo_albums альбов!\n<br><br>\n";}
echo "</div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>Назад</a>\n</div>";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a>\n</div>";
break;

case('add_album'):
if (preg_match('|^[0-9a-zA-Zа-яА-ЯЁё_\.\-\s]+$|u', $_POST['name'])){
if (strlen($_POST['name']) < '3') {header ("Location: ?act=create&isset=smallname");  exit;}
if (strlen($_POST['name']) > '32') {header ("Location: ?act=create&isset=greatname");  exit;}
if (strlen($_POST['description']) < '5') {header ("Location: ?act=create&isset=smalldescription");  exit;}
if (strlen($_POST['description']) > '500') {header ("Location: ?act=create&isset=greatdescription");  exit;}
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$description = htmlspecialchars(stripslashes(trim($_POST['description'])));
$translite_name = transliter($name);
$time = time();
if(!file_exists("files/photo_albums/$user[id]/$translite_name")){
$add_albums = mysql_query ("INSERT INTO `photo_albums` (name,description,user_id,user_login,pol,time) VALUES ('$name','$description','$user[id]','$user[login]','$user[gender]','$time')");
if ($add_albums == 'true'){
if ($user['photo_albums'] < '1') {
mkdir("files/photo_albums/$user[id]", 0777);}
mkdir("files/photo_albums/$user[id]/$translite_name", 0777);
$htaccess = "php_flag engine off";
$fp = fopen ("files/photo_albums/$user[id]/$translite_name/.htaccess", "w");
fwrite($fp,$htaccess);
fclose($fp);
mysql_query("UPDATE `users` SET `photo_albums`=photo_albums+1 WHERE `id` = '$user[id]'");
header ("Location: ?isset=addyes"); exit;
}else{header ("Location: ?isset=addno"); exit;}
}else{header ("Location: ?act=create&isset=dirno");  exit;}
}else{header ("Location: ?act=create&isset=characters");  exit;}
break;

case('man'):
echo "<div class=title>Фотоальбомы / <b>Парни</b></div>\n";
echo "<div class=content>\n";
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="'.$page.'?act=man&start='.($start - $onpage).'">&lt;-Назад</a> ';
else echo '&lt;-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$page.'?act=man&start='.($start + $onpage).'">Далее-&gt;</a>';
else echo 'Далее-&gt;';
if($total>0){
$ba = ceil($total/$onpage);
$ba2 = $ba*$onpage-$onpage;
echo '<br/>Страницы:';
$asd = $start-($onpage*3);
$asd2 = $start+($onpage*4);
if($asd<$total && $asd>0) echo ' <a href="'.$page.'?act=man&start=0">1</a> ... ';
for($i=$asd; $i<$asd2;){
if($i<$total && $i>=0){
$ii = floor(1+$i/$onpage);
if ($start==$i) echo ' <b>['.$ii.']</b>';
else echo ' <a href="'.$page.'?act=man&start='.$i.'">'.$ii.'</a>';}
$i=$i+$onpage;}
if($asd2<$total) echo ' ... <a href="'.$page.'?act=man&start='.$ba2.'">'.$ba.'</a>';}}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums` WHERE `pol` = '1'"),0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;
$photo_albums_mans = mysql_query("SELECT * FROM `photo_albums` WHERE `pol` = '1' ORDER BY `time` DESC LIMIT $start, 10");
if(mysql_num_rows($photo_albums_mans) != 0){
while($photo_albums_man = mysql_fetch_array($photo_albums_mans)){
$timedat = date("d.m.Y", time($photo_albums_man[time]));
echo "<div class=content>\n<img src='img/dir.gif' alt=''> <a href='?act=albom&id=".$photo_albums_man['id']."'>".$photo_albums_man['name']."</a>
<b>[".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `album_id` = '$photo_albums_man[id]'"),0)."]</b><br>
Создал: ".$photo_albums_man['user_login']." | $timedat
</div>\n";}
}else{echo"<br> <img src='img/error.gif' alt=''> Фотоальбомы еще не созданны!\n<br><br>";}
echo "</div>\n<div class=stat>\n";
pages($start, $total, 'photo_album.php', 10);
echo "</div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('woman'):
echo "<div class=title>Фотоальбомы / <b>Девушки</b></div>\n";
echo "<div class=content>\n";
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="'.$page.'?act=woman&start='.($start - $onpage).'">&lt;-Назад</a> ';
else echo '&lt;-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$page.'?act=woman&start='.($start + $onpage).'">Далее-&gt;</a>';
else echo 'Далее-&gt;';
if($total>0){
$ba = ceil($total/$onpage);
$ba2 = $ba*$onpage-$onpage;
echo '<br/>Страницы:';
$asd = $start-($onpage*3);
$asd2 = $start+($onpage*4);
if($asd<$total && $asd>0) echo ' <a href="'.$page.'?act=woman&start=0">1</a> ... ';
for($i=$asd; $i<$asd2;){
if($i<$total && $i>=0){
$ii = floor(1+$i/$onpage);
if ($start==$i) echo ' <b>['.$ii.']</b>';
else echo ' <a href="'.$page.'?act=woman&start='.$i.'">'.$ii.'</a>';}
$i=$i+$onpage;}
if($asd2<$total) echo ' ... <a href="'.$page.'?act=woman&start='.$ba2.'">'.$ba.'</a>';}}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums` WHERE `pol` = '2'"),0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;
$photo_albums_womans = mysql_query("SELECT * FROM `photo_albums` WHERE `pol` = '2' ORDER BY `time` DESC LIMIT $start, 10");
if(mysql_num_rows($photo_albums_womans) != 0){
while($photo_albums_woman = mysql_fetch_array($photo_albums_womans)){
$timedat = date("d.m.Y", time($photo_albums_woman[time]));
echo " <div class=content>\n<img src='img/dir.gif' alt=''> <a href='?act=albom&id=".$photo_albums_woman['id']."'>".$photo_albums_woman['name']."</a>
<b>[".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `album_id` = '$photo_albums_woman[id]'"),0)."]</b><br>
Создал: ".$photo_albums_woman['user_login']." | $timedat
</div>\n";}
}else{echo"<br> <img src='img/error.gif' alt=''> Фотоальбомы еще не созданны!\n<br><br>";}
echo "</div>\n<div class=stat>\n";
pages($start, $total, 'photo_album.php', 10);
echo "</div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('albom'):
$id = intval($_GET['id']);
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="'.$page.'?act=albom&id='.$_GET['id'].'&start='.($start - $onpage).'">&lt;-Назад</a> ';
else echo '&lt;-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$page.'?act=albom&id='.$_GET['id'].'&start='.($start + $onpage).'">Далее-&gt;</a>';
else echo 'Далее-&gt;';
if($total>0){
$ba = ceil($total/$onpage);
$ba2 = $ba*$onpage-$onpage;
echo '<br/>Страницы:';
$asd = $start-($onpage*3);
$asd2 = $start+($onpage*4);
if($asd<$total && $asd>0) echo ' <a href="'.$page.'?act=albom&id='.$_GET['id'].'&start=0">1</a> ... ';
for($i=$asd; $i<$asd2;){
if($i<$total && $i>=0){
$ii = floor(1+$i/$onpage);
if ($start==$i) echo ' <b>['.$ii.']</b>';
else echo ' <a href="'.$page.'?act=albom&id='.$_GET['id'].'&start='.$i.'">'.$ii.'</a>';}
$i=$i+$onpage;}
if($asd2<$total) echo ' ... <a href="'.$page.'?act=albom&id='.$_GET['id'].'&start='.$ba2.'">'.$ba.'</a>';}}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `album_id` = '$id'"),0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;

$photos = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id' ORDER BY `id` DESC LIMIT $start, 10");
$namealbum = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($namedir = mysql_fetch_array($namealbum)){
echo "<div class=title>Фотоальбомы / <b>".$namedir['name']."</b></div>\n";}
echo "<div class=content>\n";
if(mysql_num_rows($photos) != 0){
while($albom = mysql_fetch_array($photos)){
echo "<div class=content><img src='img/gallery.gif' alt=''> <a href='?act=photo&id=".$albom['id']."'>".$albom['name']."</a><br>Скачан: ".$albom['rating']." раз | Создан: ";
$timedat = date("d.m.Y", time($albom[time]));
echo "$timedat</div>\n";}
}else{echo"<br> <img src='img/error.gif' alt=''> Фотографий нет!\n<br><br>";}
echo "</div>\n<div class=stat>\n";
pages($start, $total, 'photo_album.php', 10);
echo "</div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>В альбомы</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('myalbum'):
echo "<div class=title>Мои альбомы</div>\n";
echo "<div class=content>\n";
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="'.$page.'?act=myalbum&start='.($start - $onpage).'">&lt;-Назад</a> ';
else echo '&lt;-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$page.'?act=myalbum&start='.($start + $onpage).'">Далее-&gt;</a>';
else echo 'Далее-&gt;';
if($total>0){
$ba = ceil($total/$onpage);
$ba2 = $ba*$onpage-$onpage;
echo '<br/>Страницы:';
$asd = $start-($onpage*3);
$asd2 = $start+($onpage*4);
if($asd<$total && $asd>0) echo ' <a href="'.$page.'?act=myalbum&start=0">1</a> ... ';
for($i=$asd; $i<$asd2;){
if($i<$total && $i>=0){
$ii = floor(1+$i/$onpage);
if ($start==$i) echo ' <b>['.$ii.']</b>';
else echo ' <a href="'.$page.'?act=myalbum&start='.$i.'">'.$ii.'</a>';}
$i=$i+$onpage;}
if($asd2<$total) echo ' ... <a href="'.$page.'?act=myalbum&start='.$ba2.'">'.$ba.'</a>';}}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums` WHERE `user_id` = '$user[id]'"),0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;
$my_albums = mysql_query("SELECT * FROM `photo_albums` WHERE `user_id` = '$user[id]' ORDER BY `time` DESC LIMIT $start, 10");
if(mysql_num_rows($my_albums) != 0){
while($albums = mysql_fetch_array($my_albums)){
$timedat = date("d.m.Y", time($albums[time]));
echo "<div class=content> <a href='?act=myalbom&id=".$albums['id']."'>".$albums['name']."</a>
<b>[".mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `album_id` = '$albums[id]'"),0)."]</b><br>
Создал: ".$albums['user_login']." | $timedat<br>
<a href='?act=editor&id=".$albums['id']."'>Редактировать</a> |
<a href='?act=del&id=".$albums['id']."'>Удалить</a>
</div>\n";}
}else{echo"<br> <img src='img/error.gif' alt=''> Фотоальбомы еще не созданны!\n<br><br>";}
echo "</div>\n<div class=stat>\n";
pages($start, $total, 'photo_album.php', 10);
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=addphoto'>Загрузить фото</a></div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('editor'):
$id = intval($_GET['id']);
if ($_GET['isset']==characters) {echo "В названии присутствуют символы!<hr>\n";}
if ($_GET['isset']==smallname) {echo "Слишком маленькое название!<hr>\n";}
if ($_GET['isset']==greatname) {echo "Слишком большое название!<hr>\n";}
if ($_GET['isset']==smalldescription) {echo "Слишком маленькое описание!<hr>\n";}
if ($_GET['isset']==greatdescription) {echo "Слишком большое описание!<hr>\n";}
echo "<div class=title>Редактировать альбом</div>\n";
echo "<div class=content>\n";
if ($id == '') { echo "<img src='img/error.gif' alt=''>  Не бран ID!<br><br>";}
$author = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
echo "<form action='?act=edit&id=$id' method='post'>\n";
echo "Имя альбома: <br>\n";

echo "<input name='name' type='text' value='".$by['name']."' maxlength='32'><br>\n";
echo "Описание: <br>\n";
echo "<input name='description' type='text' value='".$by['description']."' maxlength='500'><br>\n";
echo "<input type='submit' value='Редактировать'></form>\n";
}else{ echo "<br> <img src='img/error.gif' alt=''>  Вы не автор данного фотоальбома!<br><br>";}}
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=myalbum'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('edit'):
$id = intval($_GET['id']);
$author = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
if (strlen($_POST['name']) < '3') {header ("Location: ?act=editor&id=$id&isset=smallname");  exit;}
if (strlen($_POST['name']) > '32') {header ("Location: ?act=editor&id=$id&isset=greatname");  exit;}
if (strlen($_POST['description']) < '5') {header ("Location: ?act=editor&id=$id&isset=smalldescription");  exit;}
if (strlen($_POST['description']) > '500') {header ("Location: ?act=editor&id=$id&isset=greatdescription");  exit;}
if ($id == '') { echo "<img src='img/error.gif' alt=''>  Не бран ID!<br><br>";}
if (preg_match('|^[0-9a-zA-Zа-яА-ЯЁё_\.\-\s]+$|u', $_POST['name'])){
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$description = htmlspecialchars(stripslashes(trim($_POST['description'])));
$renames = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
$renm = mysql_fetch_array($renames);
$dirren = transliter($renm['name']);
$nedirren = transliter($name);
rename("files/photo_albums/$user[id]/$dirren", "files/photo_albums/$user[id]/$nedirren");
mysql_query("UPDATE `photo_albums_photos` SET `dir` = '$nedirren' WHERE `dir` = '$dirren'");
mysql_query("UPDATE `photo_albums` SET `name` = '$name' WHERE `id` = '$id'");
mysql_query("UPDATE `photo_albums` SET `description` = '$description' WHERE `id` = '$id'");
header ("Location: ?act=myalbum");  exit;
}else {header ("Location: ?act=editor&id=$id&isset=characters");  exit;}
}else{ echo "<img src='img/error.gif' alt=''>  Вы не автор данного фотоальбома!<br><br>";}}
echo "<a href='?act=myalbum'>Назад</a>\n";
echo "<br>\n<a href='index.php'>Прихожая</a>\n";
echo "</div>\n";
break;

case('del'):
$id = intval($_GET['id']);
$author = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
echo "<div class=content>\n";
echo "Удалить альбом<br><br>\n";
echo "<img src='img/lock.gif' alt=''>  Вы точно хотите удалить альбом?!<br><br>";
echo "<div align=center><a href='?act=yesdel&id=$id'>ДА</a> | <a href='?act=myalbum'>НЕТ</a></div><br><br>\n";
}else{ echo "<img src='img/error.gif' alt=''>  Вы не автор данного фотоальбома!<br><br>";}}
echo "</div>\n";
break;

case('yesdel'):
$id = intval($_GET['id']);
echo "<div class=content>\n";
$author = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
$albom = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($del = mysql_fetch_array($albom)){
$translname =  transliter($del['name']);
$albomdels = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id'");
while($del = mysql_fetch_array($albomdels)){
unlink("files/photo_albums/$user[id]/$translname/$del[file]");}
unlink("files/photo_albums/$user[id]/$translname/.htaccess");
rmdir('files/photo_albums/'.$user['id'].'/'.$translname.'');}
mysql_query("DELETE FROM `photo_albums_photos` WHERE `album_id`='$id'");
mysql_query("DELETE FROM `photo_albums` WHERE `id`='$id'");
header ("Location: ?act=myalbum");  exit;
}else{ 	echo "Hacking attempt!";}}
echo "<a href='photo_album.php'>Назад</a>\n";
echo "</div>\n";
break;

case('yesdels'):
$id = intval($_GET['id']);
$eba = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id'");
if($sel = mysql_fetch_array($eba)){
$author = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
$albomdels = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id'");
while($del = mysql_fetch_array($albomdels)){
unlink("files/photo_albums/$user[id]/$del[dir]/$del[file]");}
$albomdel = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id'");
if($deletes = mysql_fetch_array($albomdel)){
unlink("files/photo_albums/$user[id]/$deletes[dir]/.htaccess");
rmdir('files/photo_albums/'.$user['id'].'/'.$deletes['dir']);
mysql_query("UPDATE `users` SET `photo_albums`=photo_albums-1 WHERE `id` = '$user[id]'");
mysql_query("DELETE FROM `photo_albums_photos` WHERE `album_id`='$id'");
mysql_query("DELETE FROM `photo_albums` WHERE `id`='$id'");
}
}else{ echo "<img src='img/error.gif' alt=''>  Вы не автор данного фотоальбома!<br><br>";}}
echo "</div>\n";
}
break;

case('addphoto'):
echo "<div class=content>\n";
echo "Загрузка фото: <br>\n";
echo "<form action='photo_album.php?act=addimage' method='POST' enctype='multipart/form-data'><br>\n";
echo "Файл (JPG, PNG, GIF)*:<br> <input type='file' name='t_item'> <br>\n";
echo "Фотоальбом*: <br><select name='album_id'>\n";
echo "<option value='0' selected='selected'>[Выберите альбом]</option>\n";
$photos = mysql_query("SELECT * FROM `photo_albums` WHERE `user_id` = '$user[id]' ORDER BY `time`");
while($albom = mysql_fetch_array($photos)){
echo "<option value='".$albom['id']."'>".$albom['name']."</option>\n";}
echo "</select><br>\n";
echo "Название:<br>\n";
echo "<input type='text' name='namephoto'><br>\n";
echo "Описание (опционально):<br>\n";
echo "<input type='text' name='description'><br>\n";
echo "<input type='submit' name='ok' value='Добавить'></form>\n";
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=myalbum'>Назад</a><br></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a><br></div>\n";
break;

case('addimage'):
if (empty($_POST[album_id])){ header ("Location: ?act=addphoto&isset=noalbom");  exit;}
if (strlen($_POST[namephoto]) < '5') { header ("Location: ?act=addphoto&isset=smallname");  exit;}
if ($_POST[ok]) {
$photos = mysql_query("SELECT name FROM `photo_albums` WHERE `id` = '$_POST[album_id]' ");
if($albom = mysql_fetch_array($photos)){
$rand_foto = rand(1000,99999999);
if($_FILES["t_item"]["size"] > 1024*1*1024){ header ("Location: ?act=addphoto&isset=size");  exit;}
$translite_name = transliter($albom['name']);
$foto_format = $_FILES[t_item][name];
$ext = strtolower(substr($foto_format, 1 + strrpos($foto_format, ".")));
if($ext=="jpg" || $ext=="gif" || $ext=="png"){
$foto_light_name = "$config_foto_title-$rand_foto.$ext";
$upfiledir = $_SERVER[DOCUMENT_ROOT]."/files/photo_albums/".$user[id]."/$translite_name/";
$upfile = $upfiledir . basename($foto_light_name);
if (move_uploaded_file($_FILES[t_item][tmp_name], $upfile ) ) {
$uplink = "/files/photo_albums/".$user[id]."/$translite_name/".$_FILES[t_item][name];
$description=htmlspecialchars(stripslashes(trim($_POST['description'])));
$name=htmlspecialchars(stripslashes(trim($_POST['namephoto'])));
$album_id = intval($_POST['album_id']);
$time = time();
$add_albums = mysql_query ("INSERT INTO `photo_albums_photos` (time,name,user_id,user_pol,description,dir,file,album_id) VALUES ('$time','$name','$user[id]','$user[gender]','$description','$translite_name','$foto_light_name','$album_id')");
if ($add_albums == 'true'){
header ("Location: photo_album.php"); exit;
}else{header ("Location: ?act=addphoto&isset=error");  exit;}}
}else{header ("Location: photo.php?act=add&isset=format"); exit;}}}
break;

case('myalbom'):
$id = intval($_GET['id']);
function pages($start, $total, $page, $onpage){
if ($start != 0) echo '<a href="'.$page.'?act=myalbom&id='.$_GET['id'].'&start='.($start - $onpage).'">&lt;-Назад</a> ';
else echo '&lt;-Назад';
echo ' | ';
if ($total > $start + $onpage)
echo ' <a href="'.$page.'?act=myalbom&id='.$_GET['id'].'&start='.($start + $onpage).'">Далее-&gt;</a>';
else echo 'Далее-&gt;';
if($total>0){
$ba = ceil($total/$onpage);
$ba2 = $ba*$onpage-$onpage;
echo '<br/>Страницы:';
$asd = $start-($onpage*3);
$asd2 = $start+($onpage*4);
if($asd<$total && $asd>0) echo ' <a href="'.$page.'?act=myalbom&id='.$_GET['id'].'&start=0">1</a> ... ';
for($i=$asd; $i<$asd2;){
if($i<$total && $i>=0){
$ii = floor(1+$i/$onpage);
if ($start==$i) echo ' <b>['.$ii.']</b>';
else echo ' <a href="'.$page.'?act=myalbom&id='.$_GET['id'].'&start='.$i.'">'.$ii.'</a>';}
$i=$i+$onpage;}
if($asd2<$total) echo ' ... <a href="'.$page.'?act=myalbom&id='.$_GET['id'].'&start='.$ba2.'">'.$ba.'</a>';}}
$total = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_albums_photos` WHERE `album_id` = '$id'"),0);
$start = isset($_GET['start']) ? abs((int)$_GET['start']) : 0;
if($start > $total) $start = 0;
if ($total < $start + 10) $end = $total;
else $end = $start + 10;

$photos = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `album_id` = '$id' ORDER BY `id` DESC LIMIT $start, 10");
$namealbum = mysql_query("SELECT * FROM `photo_albums` WHERE `id` = '$id'");
if($namedir = mysql_fetch_array($namealbum)){
echo "<div class=title>Фотоальбомы / <b>".$namedir['name']."</b></div>\n";}
echo "<div class=content>\n";
if(mysql_num_rows($photos) != 0){
while($albom = mysql_fetch_array($photos)){
echo "<div class=content><a href='?act=myphoto&id=".$albom['id']."'>".$albom['name']."</a><br>Скачан: ".$albom['rating']."раз | Загружен: ";
$timedat = date("d.m.Y", time($albom[time]));
echo "$timedat</div>\n";}
}else{echo"<br> <img src='img/error.gif' alt=''> Фотографий нет!\n<br><br>";}
echo "</div>\n<div class=stat>\n";
pages($start, $total, 'photo_album.php', 10);
echo "</div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>В альбомы</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('photo'):
$id = intval($_GET['id']);
$photo = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if(mysql_num_rows($photo) != 0){
if($ankphoto = mysql_fetch_array($photo)){
echo "<div class=title>\n";
echo "Название: ".$ankphoto['name']."\n</div>";
echo "<div class=content>\n";
echo "<div align=center><img src='photo_album_photos.php?user=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&W=80&H=60' alt='' border='1'></div>\n";
$size = getimagesize ("files/photo_albums/".$ankphoto['user_id']."/".$ankphoto['dir']."/".$ankphoto['file']."");
$ufile = "files/photo_albums/".$ankphoto['user_id']."/".$ankphoto['dir']."/".$ankphoto['file']."";
$ufilez = round(filesize($ufile)/1024,1);
$timedat = date("d.m.Y", time($ankphoto[time]));
if ($ankphoto['description']!=NULL){
echo "Описание: ".$ankphoto['description']."<br>\n";
}else{echo "Описание: НЕТ :(<br>\n";}
echo "Загружен: $timedat <br>\n";
echo "Скачан: ".$ankphoto['rating']." раз<br>\n";
$arr = array ("128x128","120x160","132x176","176x220","240x320");

echo "</div>\n<div class=content>\n";
echo "Скачать:<br>";
foreach($arr as $v){
list ($H,$W) = explode ("x",$v);
echo"[<a href='?act=downphoto&id=".$ankphoto['id']."&user_id=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&H=$H&W=$W'>$v</a>] ";
}}
echo "<br><a href='?act=downphoto&id=".$ankphoto['id']."&user_id=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&amp;H=$size[1]&amp;W=$size[0]
'>Скачать в оригинале</a> [$size[0]x$size[1], $ufilez Kb]<br>";
}else{ echo "<div class=content><br><img src='img/error.gif' alt=''> Данной фотографии нет!<br><br></div>\n";}
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=albom&id=".$ankphoto['album_id']."'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>В альбомы</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;


case('myphoto'):
$id = intval($_GET['id']);
$photo = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if(mysql_num_rows($photo) != 0){
if($ankphoto = mysql_fetch_array($photo)){
echo "<div class=title>\n";
echo "Название: ".$ankphoto['name']."\n</div>";
echo "<div class=content>\n";
echo "<div align=center><img src='photo_album_photos.php?user=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&W=80&H=60' alt='' border='1'></div>\n";
$size = getimagesize ("files/photo_albums/".$ankphoto['user_id']."/".$ankphoto['dir']."/".$ankphoto['file']."");
$ufile = "files/photo_albums/".$ankphoto['user_id']."/".$ankphoto['dir']."/".$ankphoto['file']."";
$ufilez = round(filesize($ufile)/1024,1);
$timedat = date("d.m.Y", time($ankphoto[time]));
if ($ankphoto['description']!=NULL){
echo "Описание: ".$ankphoto['description']."<br>\n";
}else{echo "Описание: НЕТ :(<br>\n";}
echo "Загружен: $timedat <br>\n";
echo "Скачан: ".$ankphoto['rating']." раз<br>\n";
if($ankphoto[user_id] == $user[id]){
echo "</div>\n<div class=content>\n";
echo "[<a href='?act=editphoto&id=".$ankphoto['id']."'>Редактировать</a>] \n";
echo "[<a href='?act=delphoto&id=".$ankphoto['id']."'>Удалить</a>]\n";}
$arr = array ("128x128","120x160","132x176","176x220","240x320");
echo "</div>\n<div class=content>\nСкачать:<br>";
foreach($arr as $v){
list ($H,$W) = explode ("x",$v);
echo"[<a href='?act=downphoto&id=".$ankphoto['id']."&user_id=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&H=$H&W=$W'>$v</a>] ";}}
echo "<br><a href='?act=downphoto&id=".$ankphoto['id']."&user_id=".$ankphoto['user_id']."&dir=".$ankphoto['dir']."&pic=".$ankphoto['file']."&amp;H=$size[1]&amp;W=$size[0]
'>Скачать в оригинале</a> [$size[0]x$size[1], $ufilez Kb]<br>";
}else{ echo "<div class=content>\n<br><img src='img/error.gif' alt=''> Данной фотографии нет!<br><br>\n";}
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=albom&id=".$ankphoto['album_id']."'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='photo_album.php'>В альбомы</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('delphoto'):
$delphotos = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '".$_GET['id']."'");
$del = mysql_fetch_array($delphotos);
unlink("files/photo_albums/$user[id]/$del[dir]/$del[file]");
mysql_query("DELETE FROM `photo_albums_photos` WHERE `id`='".$_GET['id']."'");
header ("Location: ?act=myalbom&id=".$del['album_id']."");  exit;
break;

case('editphoto'):
$id = intval($_GET['id']);
if ($_GET['isset']==characters) {echo "В названии присутствуют символы!<hr>\n";}
if ($_GET['isset']==smallname) {echo "Слишком маленькое название!<hr>\n";}
if ($_GET['isset']==greatname) {echo "Слишком большое название!<hr>\n";}
if ($_GET['isset']==smalldescription) {echo "Слишком маленькое описание!<hr>\n";}
if ($_GET['isset']==greatdescription) {echo "Слишком большое описание!<hr>\n";}
echo "<div class=title>\n";
echo "Редактирование фото:</div>\n";
echo "<div class=content>\n";
$author = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
$photo = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if($edit = mysql_fetch_array($photo)){
echo "<form action='?act=editphotos&id=$id' method='POST' enctype='multipart/form-data'><br>\n";
echo "Название:<br>\n";
echo "<input type='text' name='name' value='".$edit['name']."'><br>\n";
echo "Описание (опционально):<br>\n";
echo "<input type='text' value='".$edit['description']."' name='description'><br>\n";
echo "<input type='submit' name='ok' value='Добавить'></form>\n";
}else{ echo "<br><img src='img/error.gif' alt=''>  Не выбранно фото!<br><br>"; }
}else{ echo "<br><img src='img/error.gif' alt=''>  Это не твоё фото! хули лезишь?<br><br>";}}
echo "</div>\n";
echo "<div class=stat>\n<a href='?act=myphoto&id=$id'>Назад</a></div>\n";
echo "<div class=stat>\n<a href='index.php'>Прихожая</a></div>\n";
break;

case('editphotos'):
$id = intval($_GET['id']);
echo "<div class=content>\n";
echo "Редактирование фото:<br>\n";
$author = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if($by = mysql_fetch_array($author)){
if($by[user_id] == $user[id]){
$photo = mysql_query("SELECT * FROM `photo_albums_photos` WHERE `id` = '$id'");
if($edit = mysql_fetch_array($photo)){
if (strlen($_POST['name']) <= 3) {header ("Location: ?act=editphoto&id=$id&isset=smallname");  exit;}
if (strlen($_POST['name']) >= 50) {header ("Location: ?act=editphoto&id=$id&isset=greatname");  exit;}
if ($id == '') { echo "<img src='img/error.gif' alt=''>  Не бран ID!<br><br>";}
if (preg_match('|^[0-9a-zA-Zа-яА-ЯЁё_\.\-\s]+$|u', $_POST['name'])){
$name = htmlspecialchars(stripslashes(trim($_POST['name'])));
$description = htmlspecialchars(stripslashes(trim($_POST['description'])));
mysql_query("UPDATE `photo_albums_photos` SET `name` = '$name' WHERE `id` = '$id'");
mysql_query("UPDATE `photo_albums_photos` SET `description` = '$description' WHERE `id` = '$id'");
header ("Location: ?act=myphoto&id=$id");  exit;
}else {header ("Location: ?act=editphoto&id=$id&isset=characters");  exit;}
}else{ echo "<img src='img/error.gif' alt=''>  Не выбранно фото!<br><br>"; }
}else{ echo "<img src='img/error.gif' alt=''>  Это не твоё фото! хули лезишь?<br><br>";}}
echo "<a href='?act=myphoto&id=$id'>Назад</a>\n";
echo "<br>\n<a href='index.php'>Прихожая</a>\n";
echo "</div>\n";
break;

case('downphoto'):
$id = intval($_GET['id']);
$user_id = intval($_GET['user_id']);
$dir = $_GET['dir'];
$pic = $_GET['pic'];
$H = intval($_GET['H']);
$W = intval($_GET['W']);
mysql_query("UPDATE `photo_albums_photos` SET `rating` = rating+1 WHERE `id` = '$id'");
header ("Location: photo_album_photos.php?user=$user_id&dir=$dir&pic=$pic&H=$H&W=$W");  exit;
break;}
}else{ header ("Location: index.php"); exit;}
include 'style/foot.php';
?>