<?php
// by mides, 1da.su
require_once 'system/sys.php';
require_once 'system/auth_u.php';
require_once 'system/header.php';
switch ($_GET['act']) {
default:
if ($u['access'] > 0) {
tp('Мое меню (<a href="panel">+</a>)');
} else {
tp('Мое меню');
}
$private = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `private` WHERE `id_user` = '$u[id]' or `id_sender` = $u[id]"), 0);
echo '<a href="profile.php?id='.$u['id'].'">Мой профиль</a> [<a href="?act=edit">ред</a>]<br />
<a href="?act=my_topics">Мои темы</a>/<a href="?act=my_msg">сообщения</a><br />
<a href="?act=private">Приватные сообщения</a> ('.$private.')<br />
<a href="?act=send">Отправить письмо</a><br />
<a href="?act=contact">Контакт-лист</a><br />
<a href="?act=ignor">Игнор-лист</a><br />
<a href="?act=set">Настройки</a><br />
<a href="?act=exit">Завершить сенс</a><br />';
nav_main();
break;
case 'edit':
if ($_REQUEST['ok']) {
if ($_POST['email']) {
$email = check($_POST['email']);
$icq = intval($_POST['icq']);
$name = check($_POST['name']);
$sex = intval($_POST['sex']);
$from = check($_POST['from']);
$birthday = check($_POST['birthday']);
$site = check($_POST['site']);
$about = check($_POST['about']);
if (preg_match('/[0-9a-z_\-]+@[0-9a-z_\-^\.]+\.[a-z]{2,6}/i', $email)) {
mysql_query("UPDATE `users` SET `email` = '$email', `icq` = '$icq', `name` = '$name', `sex` = '$sex', `from` = '$from', `birthday` = '$birthday', `site` = '$site', `about` = '$about' WHERE `id` = '$u[id]'");
header('location: ?act=edit');
} else {
error('Неверный формат e-mail. Пример: [email protected]');
nav('?act=edit');
}
} else {
error('Поле "E-mail" обязательное для заполнения.');
nav('?act=edit');
}
} else {
tp('Ред-ть профиль');
echo '<form action="?act=edit&ok=1" method="post">
E-mail(max50)*:<br /><input name="email" type="text" maxlength="50" value="'.$u['email'].'" /><br />
ICQ(max9):<br /><input name="icq" type="text" maxlength="9" value="'.$u['icq'].'" /><br />
Имя(max20):<br /><input name="name" type="text" maxlength="20" value="'.$u['name'].'" /><br />
Пол: ';
switch ($u['sex']) {
case '1': echo 'муж<input name="sex" type="radio" value="1" checked /> <input name="sex" type="radio" value="2" />жен'; break;
case '2': echo 'муж<input name="sex" type="radio" value="1" /> <input name="sex" type="radio" value="2" checked />жен'; break;
default: echo 'муж<input name="sex" type="radio" value="1" /> <input name="sex" type="radio" value="2" />жен'; break;
}
echo '<br />
Откуда(max25):<br /><input name="from" type="text" maxlength="25" value="'.$u['from'].'" /><br />
Дата рождения (дд.мм.гггг):<br /><input name="birthday" type="text" maxlength="25" value="'.$u['birthday'].'" /><br />
Wap-сайт(<del>http://</del>, max20):<br /><input name="site" type="text" maxlength="20" value="'.$u['site'].'" /><br />
О себе(max250):<br /><textarea name="about" cols="" rows="3">'.$u['about'].'</textarea>
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?');
}
break;
case 'my_topics':
$all_topics = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_topics` WHERE `id_user` = '$u[id]'"), 0);
if ($all_topics > 0) {
tp('Мои темы');
$pages = ceil($all_topics / $config['onpage']);
$page = intval($_GET['p']) ? abs($_GET['p']) : 1;
$begin = ($page - 1) * $config['onpage'];
$topics_r = mysql_query("SELECT * FROM `forum_topics` WHERE `id_user` = '$u[id]' ORDER BY `last_time` DESC LIMIT $begin, $config[onpage]");
while ($topic = mysql_fetch_assoc($topics_r)) {
if ($topic['stuck']) echo '!';
if ($topic['closed'] == 1 and empty($topic['stuck'])) echo '#';
$t_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_topic` = '$topic[id]'"), 0);
// getting last user id from forum_msg
$last_user_r = mysql_query("SELECT `id_user` FROM `forum_msg` WHERE `id_topic` = '$topic[id]' ORDER BY `time` DESC LIMIT 1");
$last_user = mysql_fetch_assoc($last_user_r);
// getting last page
$last_page = ceil($t_msg / $config['onpage']);
// output
echo '<a href="forum.php?act=topic&id='.$topic['id'].'">'.$topic['title'].'</a> ('.$t_msg.') '.login($last_user['id_user']).'<a href="forum.php?act=topic&id='.$topic['id'].'&p='.$last_page.'">»</a><br />';
}
navig($page, '?act=my_topics&', $pages);
} else {
error('Вы не создали ни одной темы на форуме :(');
}
nav('?');
break;
case 'my_msg':
$all_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `forum_msg` WHERE `id_user` = '$u[id]'"), 0);
if ($all_msg > 0) {
echo '<div class="title">Мои сообщения</div><div class="list">';
$pages = ceil($all_msg / $config['onpage']);
$page = intval($_GET['p']) ? abs($_GET['p']) : 1;
$begin = ($page - 1) * $config['onpage'];
$msg_r = mysql_query("SELECT * FROM `forum_msg` WHERE `id_user` = '$u[id]' ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
while ($msg = mysql_fetch_assoc($msg_r)) {
if (!isset($num) ) $num = 1;
$num++;
$row_class = (!($num % 2)) ? 'row1' : 'row2';
echo '<div class="'.$row_class.'">'.bb($msg['text']).'<a href="forum.php?act=topic&id='.$msg['id_topic'].'">»</a> </div>';
}
navig($page, '?act=my_msg&', $pages);
} else {
error('Вы не создали ни одной темы на форуме :(');
}
nav('?');
break;
case 'private':
tp('Приват');
$all_private = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `private` WHERE `id_user` = '$u[id]' or `id_sender` = $u[id]"), 0);
if ($all_private > 0) {
$pages = ceil($all_private / $config['onpage']);
$page = intval($_GET['p']) ? abs($_GET['p']) : 1;
$begin = ($page - 1) * $config['onpage'];
$private_r = mysql_query("SELECT * FROM `private` WHERE `id_user` = '$u[id]' or `id_sender` = $u[id] ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
while ($priv = mysql_fetch_assoc($private_r)) {
$private_msg = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `private_msg` WHERE `id_private` = '$priv[id]'"), 0);
$priv['id_sender'] == $u['id'] ? $id_partner = $priv['id_user'] : $id_partner = $priv['id_sender'];
echo '<a href="?act=private_view&id='.$priv['id'].'">'.login($id_partner).'</a> ('.$private_msg.')<br />';
}
navig($page, '?act=private&', $pages);
} else {
echo 'Приват пуст.<br />';
}
nav('?');
break;
case 'private_view':
$id = intval($_REQUEST['id']);
$priv_r = mysql_query("SELECT * FROM `private` WHERE `id` = '$id'");
$priv = mysql_fetch_assoc($priv_r);
if ($priv['id']) {
if ($priv['id_sender'] == $u['id']) {
$id_user = $priv['id_user'];
} else {
$id_user = $priv['id_sender'];
}
$priv_seen_r = mysql_query("SELECT `id` FROM `private_msg` WHERE `id_private` = '$id' and `id_user` = '$u[id]' and `seen` = 0 ORDER BY `time`");
while ($priv_s = mysql_fetch_assoc($priv_seen_r)) {
mysql_query("UPDATE `private_msg` SET `seen` = 1 WHERE `id` = '$priv_s[id]'");
}
echo '<div class="title">Переписка с '.login($id_user).'</div>
<div class="main">Сообщение(max250):<br />
<form action="?act=send&id_user='.$id_user.'&ok=1" method="post">
<input name="login" type="hidden" value="'.login_simple($id_user).'" />
<textarea name="text" cols="" rows="3"></textarea>';
echo '<input name="" type="submit" value="Добавить">
</form>
</div>';
$pages = ceil($all_private / $config['onpage']);
$page = intval($_GET['p']) ? abs($_GET['p']) : 1;
$begin = ($page - 1) * $config['onpage'];
navig($page, '?act=private_view&id='.$id.'&', $pages);
echo '</div><div class="list">';
$msg_r = mysql_query("SELECT * FROM `private_msg` WHERE `id_private` = '$priv[id]' ORDER BY `time` DESC LIMIT $begin, $config[onpage]");
while ($msg = mysql_fetch_assoc($msg_r)) {
if (!isset($num) ) $num = 1;
$num++;
$row_class = (!($num % 2)) ? 'row1' : 'row2';
echo '<div class="'.$row_class.'">'.login($msg['id_sender']).' ('.date('d.m.y, H:i', $msg['time']).')<br />'.bb($msg['text']).'</div>';
}
navig($page, '?act=private_view&id='.$id.'&', $pages);
nav('?act=private');
} else {
header('location: ?');
exit;
}
break;
case 'send':
$id = intval($_REQUEST['id']);
if ($_REQUEST['ok']) {
if ($_POST['login'] and $_POST['text']) {
$login = check($_POST['login']);
$text = check($_POST['text']);
if ($login) {
$id_user = get_id($login);
} else {
$id_user = abs(intval($_GET['id_user']));
}
if ($id_user > 0) {
$priv_r = mysql_query("SELECT `id` FROM `private` WHERE `id_user` = '$id_user' or `id_user` = '$u[id]' and `id_sender` = '$u[id]' or `id_sender` = '$id_user'");
$priv = mysql_fetch_assoc($priv_r);
if ($priv['id']) {
$id_private = $priv['id'];
mysql_query("UPDATE `private` SET `time` = '".time()."' WHERE `id` = '$id_private'");
} else {
mysql_query("INSERT INTO `private` SET `id_user` = '$id_user', `id_sender` = '$u[id]', `time` = '".time()."'");
$id_private = mysql_insert_id();
}
mysql_query("INSERT INTO `private_msg` SET `id_private` = '$id_private', `id_user` = '$id_user', `id_sender` = '$u[id]', `text` = '$text', `time` = '".time()."'");
header('location: ?act=private_view&id='.$id_private);
exit;
} else {
error('Пользователь, которому вы хотите отправить письмо, не существует.');
}
} else {
error('Вы не заполнили поля.');
}
} else {
$id = intval($_REQUEST['id']);
if ($id) $login = login_simple($id);
tp('Отправить письмо');
echo '<form action="?act=send&ok=1" method="post" name="form">
Кому(max12):<br /><input name="login" type="text" value="'.$login.'" maxlength="12" /><br />
Сообщение(max250):<br /><textarea name="text" cols="" rows="4"></textarea><br />
<input name="submit" type="submit" value="Ok" />
</form>';
}
nav('?');
break;
case 'contact':
tp('Мои контакты');
$all_contacts = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `contacts` WHERE `is_contact_for` = '$u[id]'"), 0);
if ($all_contacts > 0) {
$pages = ceil($all_contacts / $config['onpage']);
$page = intval($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$begin = ($page - 1) * $config['onpage'];
$contact_r = mysql_query("SELECT * FROM `contacts` WHERE `is_contact_for` = '$u[id]' ORDER BY `id` DESC LIMIT $begin, $config[onpage]");
while ($contact = mysql_fetch_assoc($contact_r)) {
echo '<a href="profile.php?id='.$contact['id_user'].'">'.login($contact['id_user']).'</a> (<a href="?act=send&id='.$contact['id_user'].'">приват</a>, <a href="?act=contact&del='.$contact['id'].'">уд</a>)<br />';
}
navig($page, '?act=contact&', $pages);
if ($_REQUEST['del']) {
$id_contact = intval($_REQUEST['del']);
$contact_r = mysql_query("SELECT `id` FROM `contacts` WHERE `id` = '$id_contact' and `is_contact_for` = '$u[id]'");
if (mysql_num_rows($contact_r)) {
mysql_query("DELETE FROM `contacts` WHERE `id` = '$id_contact'");
}
header('location: ?act=contact');
}
} else {
echo 'Пусто.<br />';
}
nav('?');
break;
case 'ignor':
tp('Игнор-лист');
$all_ignores = mysql_result(mysql_query("SELECT COUNT(`id`) FROM `ignores` WHERE `is_ignored_for` = '$u[id]'"), 0);
if ($all_ignores > 0) {
$pages = ceil($all_ignores / $config['onpage']);
$page = intval($_GET['p']) ? abs(intval($_GET['p'])) : 1;
$begin = ($page - 1) * $config['onpage'];
$ignor_r = mysql_query("SELECT * FROM `ignores` WHERE `is_ignored_for` = '$u[id]' ORDER BY `id` DESC LIMIT $begin, $config[onpage]");
while ($ignor = mysql_fetch_assoc($ignor_r)) {
echo '<a href="profile.php?id='.$ignor['id_user'].'">'.login($ignor['id_user']).'</a> (<a href="?act=send&id='.$ignor['id_user'].'">приват</a>, <a href="?act=ignor&del='.$ignor['id'].'">уд</a>)<br />';
}
navig($page, '?act=contact&', $pages);
if ($_REQUEST['del']) {
$id_ignored = intval($_REQUEST['del']);
$ignor_r = mysql_query("SELECT `id` FROM `ignores` WHERE `id` = '$id_ignored' and `is_ignored_for` = '$u[id]'");
if (mysql_num_rows($ignor_r)) {
mysql_query("DELETE FROM `ignores` WHERE `id` = '$id_ignored'");
}
header('location: ?act=ignor');
}
} else {
echo 'Пусто.<br />';
}
nav('?');
break;
case 'set':
if ($_REQUEST['ok']) {
if ($_POST['onpage']) {
$style = check($_POST['style']);
$onpage = abs(intval($_POST['onpage']));
mysql_query("UPDATE `users` SET `style` = '$style', `onpage` = '$onpage' WHERE `id` = '$u[id]'");
header('location: ?act=set');
} else {
error('Вы не заполнили поле.');
nav('?act=set');
}
} else {
tp('Настройки');
echo '<form action="?act=set&ok=1" method="post">
Стиль по умочанию:<br /><select name="style">';
$styles = glob('inc/styles/*', GLOB_ONLYDIR);
foreach ($styles as $style) {
$selected = ($u['style'] == basename($style)) ? ' selected="selected"' : '';
echo '<option value="'.basename($style).'"'.$selected.'>'.basename($style).'</option>';
}
echo '</select><br />
Элементов на страницу(1-99):<br /><input name="onpage" type="text" maxlength="2" value="'.$u['onpage'].'" /><br />
<input name="submit" type="submit" value="Ok" />
</form>';
nav('?');
}
break;
case 'exit':
mysql_query("DELETE FROM `online` WHERE `id_user` = '$u[id]'");
setcookie('ulogin', '', time() - 86400*31);
setcookie('upassword', '', time() - 86400*31);
header('location: ./');
break;
}
require_once 'system/tail.php';
?>