<?
/*
=============================================
Движок: SHCMS Engine
=============================================
Название файла: Фотоальбомы
=============================================
Official website: http://shcms.ru
=============================================
*/
define('SHCMS', true);
include_once'../system/inc/system_core.php';
switch($act):
default:
$shcmsengine['title'] = Lang::get('Фотоальбомы');
include_once'../template/head.php';
$boys = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`)FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '1'"), 0);
$girls = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`)FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '2'"), 0);
echo '<div class="maintitle mainrazd">'.Lang::get('Фотоальбомы').'</div>';
echo '<div class="maintext">
<div class="posts"><img src="../template/icon/users/1.png"> <a href="?act=boys">'.Lang::get('Мальчики').'</a> <span class="mainforum">'.Lang::get('Всего:'). $boys.'</span></div>
<div class="posts"><img src="../template/icon/users/2.png"> <a href="?act=girl">'.Lang::get('Девочки').'</a> <span class="mainforum">'.Lang::get('Всего:'). $girls.'</span></div></div>';
$niz_photo = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` ORDER BY `id` DESC"));
if($niz_photo['id_photo'] == false) {
echo '<div class="maintext">'.Lang::get('Фотографий нет!').'</div>';
}else {
echo '<div class="maintext">'.Lang::get('Последняя фотография:').' <a href="?act=prosmotr&dir='.$niz_photo['id_photo'].'&files='.$niz_photo['id'].'&photo_user='.$niz_photo['user_id'].'">'.$niz_photo['name'].'</a></div>';
}
break;
case 'picture':
header("Location: ?act=from&photo_user=$user_id");
break;
case 'boys':
$shcmsengine['title'] = Lang::get('Фотоальбомы - Мальчики');
include_once'../template/head.php';
$allfield = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`) FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '1'"), 0);
$newlist = new Navigation($allfield, 10, true);
$users_boy = mysql_query("SELECT `photo_users`.*, COUNT(`photo_users`.`id`) AS `photo_count`, `users`.`id` , `users`.`login` FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE users.`pol` = '1' GROUP BY `photo_users`.`user_id` ORDER BY `users`.`login` ". $newlist->limit()."");
if(mysql_num_rows($users_boy) != 0) {
while($users_boys = mysql_fetch_array($users_boy)) {
echo '<div class="posts"><img src="../template/icon/users/1.png">
<a href="?act=from&photo_user='.$users_boys['id'].'">'.$users_boys['login'].'</a><span class="mainforum">'.Lang::get('Фотографий:').$users_boys['photo_count'].'</span></div>';
}
echo '<div class="pages">';
echo $newlist->pagination('act=boys');
echo '</div>';
}else {
echo '<div class="posts">';
echo SHCMS_core::img_shcms('../template/icon/empty.png');
echo Lang::get('Фотоальбомы у Парней временно отсутствуют.').'</div>';
}
break;
case 'girl':
$shcmsengine['title'] = Lang::get('Фотоальбомы - Девочки');
include_once'../template/head.php';
$allfield = mysql_result(mysql_query("SELECT COUNT(DISTINCT `user_id`) FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE `users`.`pol` = '2'"), 0);
$newlist = new Navigation($allfield, 10, true);
$users_girl = mysql_query("SELECT `photo_users`.*, COUNT(`photo_users`.`id`) AS `photo_count`, `users`.`id` , `users`.`login` FROM `photo_users` LEFT JOIN `users` ON `photo_users`.`user_id` = `users`.`id` WHERE users.`pol` = '2' GROUP BY `photo_users`.`user_id` ORDER BY `users`.`login` ". $newlist->limit()."");
if(mysql_num_rows($users_girl) != 0) {
while($users_girls = mysql_fetch_array($users_girl)) {
echo '<div class="posts"><img src="../template/icon/users/2.png">
<a href="?act=from&photo_user='.$users_girls['id'].'">'.$users_girls['login'].'</a> <span class="mainforum">'.Lang::get('Фотографий:').$users_girls['photo_count'].'</span></div>';
}
echo '<div class="pages">';
echo $newlist->pagination('act=girl');
echo '</div>';
}
else {
echo '<div class="posts">';
echo SHCMS_core::img_shcms('../template/icon/empty.png');
echo Lang::get('Фотоальбомы у Девушек временно отсутствуют.').'</div>';
}
break;
/*
* @var Вывод всех папок пользоваля
* string case: photos_upload
*/
case 'from':
if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
$users_from = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '$photo_user'"));
$shcmsengine['title'] = Lang::get('Фотоальбомы - %s',$users_from['login']);
include_once'../template/head.php';
echo '<div class="maintitle mainrazd">'.Lang::get('Фотоальбомы:').$users_from['login'].' <a href="'.DIR_SHCMS.'change_view.php?id='.$users_from['id'].'"><span style="font-size:9px">'.Lang::get('[анкета]').'</span></a></div>';
echo '<div class="maintext">';
$allfield = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_dir` WHERE `user_id` = $users_from[id]"),0);
$newlist = new Navigation($allfield, 10, true);
$photo_cat = mysql_query("SELECT * FROM `photo_dir` WHERE `user_id` = $users_from[id] ORDER BY `id` DESC ". $newlist->limit()." ");
if(mysql_num_rows($photo_cat) != 0) {
while($photo_dir = mysql_fetch_array($photo_cat)) {
$count_photo = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_users` WHERE `id_photo` = '$photo_dir[id]'"),0);
echo '<div class="posts"><img src="../download/icons/image.png">
<a href="?act=dirname&dir='.$photo_dir['id'].'&photo_user='.$photo_dir['user_id'].'"><strong>'.$photo_dir['title'].'</strong></a> ';
echo '<div class="mainforum">'.$count_photo.'</div>';
echo '<br/><span style="font-size:11px;">'.processing($photo_dir['opis']).'</span></div>';
}
echo '<div class="pages">';
echo $newlist->pagination("act=from&photo_user=$photo_user");
echo '</div>';
}else {
echo '<div class="posts"><img src="../template/icon/empty.png"> '.Lang::get('Ничего не найдено!').'</div>';
}
if($user_id == $photo_user) {
echo '<div class="posts"><a href="?act=new_photo&photo_user='.$photo_user.'">'.Lang::get('Создать новый альбом').'</a></div>';
}
echo '</div>';
break;
/*
* @var Создании новоого альбома
* string case: new_photo
*/
case 'new_photo':
if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
$shcmsengine['title'] = Lang::get('Фотоальбомы - Создать новый альбом');
include_once'../template/head.php';
if($user_id != $photo_user) {
engine::errors(Lang::get('Вы не можете создать альбом для другого пользователя'));
header("Refresh: 1; url=?");
include_once'../template/foot.php';
exit;
}
if(isset($_POST['submit'])) {
$submit = $_POST['submit'];
}
if(isset($submit)) {
if(isset($_POST['photo'])) {
$photo = $_POST['photo'];
}
if(isset($_POST['opis'])) {
$opis = $_POST['opis'];
}
$photo = htmlspecialchars($photo);
$opis = htmlspecialchars($photo);
if(empty($photo)) {
engine::errors(Lang::get('Названия альбома отсутствует'));
header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
include_once'../template/foot.php';
exit;
}
if(strlen($photo) < 2 and strlen($photo) > 50) {
engine::errors(Lang::get('Названия не должно превышать 50символов'));
header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
include_once'../template/foot.php';
exit;
}
$newdir = mysql_query("SELECT * FROM `photo_dir` WHERE `title`='" . engine::my_esc($photo) . "' AND `user_id` = '$photo_user'");
if (mysql_fetch_array($newdir) != 0)
{
engine::errors(Lang::get('Название которую вы ввели уже существует'));
header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}
$insert_photo = mysql_query("INSERT INTO `photo_dir` SET `user_id` = '".engine::my_esc($photo_user)."',`title` = '".engine::my_esc($photo)."', `opis` = '".engine::my_esc($opis)."',`time` = '".time()."'");
if($insert_photo == true) {
engine::correct(Lang::get('Альбом %s успешно создан',$photo));
header("Refresh: 1; url=?act=from&photo_user=$photo_user");
}else {
engine::errors(Lang::get('Ошибка при создании альбома'));
header("Refresh: 1; url=?act=new_photo&photo_user=$photo_user");
include_once'../template/foot.php';
exit;
}
}
$form = new form("?act=new_photo&photo_user=$photo_user");
$form->input(Lang::get('<strong>Названия альбомa:</strong>'),'photo','text',false,true);
$form->textarea(Lang::get('<strong>Описания альбомa:</strong>'),'opis',false,true);
$form->submit(Lang::get('Создать альбом'),'submit');
$form->finish();
break;
/*
* @var Вывод всех фотографий
* string case: dirname
*/
case 'dirname':
if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
$dirname = mysql_fetch_array(mysql_query("SELECT * FROM `photo_dir` WHERE `id` = '$dir'"));
$shcmsengine['title'] = Lang::get('Фотоальбомы - %s',$dirname['title']);
include_once'../template/head.php';
echo '<div class="maintitle mainrazd">'.Lang::get('Альбом:').$dirname['title'].'</div>';
echo '<div class="maintext ">'.processing($dirname['opis']).' <span class="mainforum">'.$timedate->times($dirname['time']).'</span></div>';
echo '<div class="maintitle mainrazd">'.Lang::get('Фотоальбомы - %s',$dirname['title']).'</div><div class="maintext">';
$allfield = mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_users` WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir'"),0);
$newlist = new Navigation($allfield, 10, true);
$photo_list = mysql_query("SELECT * FROM `photo_users` WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir' ". $newlist->limit()." ");
if(mysql_num_rows($photo_list) != 0) {
while($photo_dirname = mysql_fetch_array($photo_list)) {
echo '<div class="posts">';
echo '<img style="border-radius:12px;" width="70px" src="../photo/files/'.$photo_dirname['name'].'">
<span class="mainforum">'.$timedate->times($photo_dirname['time']).'</span>';
//echo processing($photo_dirname['opis']);
echo '<div style="text-align:right;"><a href="?act=prosmotr&dir='.$dir.'&files='.$photo_dirname['id'].'&photo_user='.$photo_user.'">'.Lang::get('Подробнее...').'</a></div>
</div>';
}
echo '<div class="pages">';
echo $newlist->pagination("act=dirname&dir=$photo_dir[id].'&photo_user=$photo_dir[user_id]");
echo '</div>';
}else {
echo '<div class="posts"><img src="../template/icon/empty.png"> '.Lang::get('Ничего не найдено!').'</div>';
}
echo '</div>';
if($user_id == $photo_user) {
echo '<div class="maintitle mainrazd">'.Lang::get('Действие').'</div><div class="maintext"><img src="../template/icon/photo.png"> <a href="?act=photos_upload&dir='.$dir.'&photo_user='.$photo_user.'"><b>'.Lang::get('Добавить фотографию').'</b></a></div>';
}
break;
/*
* @var Функция загрузки фотографии
* string case: photos_upload
*/
case 'photos_upload':
if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
$shcmsengine['title'] = Lang::get('Фотоальбомы - Добавить фотографию');
include_once'../template/head.php';
if($user_id != $photo_user) {
engine::errors(Lang::get('Вы не можете загружать файлы для другого пользователя'));
header("Refresh: 1; url=?");
include_once'../template/foot.php';
exit;
}
if(isset($_POST['submit'])) {
$submit = $_POST['submit'];
}
if(isset($submit)) {
if(isset($_POST['files'])) {
$files = $_POST['files'];
}
if(isset($_POST['files_opis'])) {
$files_opis = $_POST['files_opis'];
}
if(isset($_FILES['files']))
{
$files_image = $_FILES['files']['name'];
}
$files_image = utf8_win(SHCMS_core::Upload_end($files_image));
if(!empty($_FILES['files']))
{
$files_opis = htmlspecialchars($files_opis);
if(! $files_img = @imagecreatefromjpeg($_FILES ['files'] ['tmp_name']) and ! $files_img = @imagecreatefrompng($_FILES ['files'] ['tmp_name']) and ! $files_img = imagecreatefromgif($_FILES['files']['tmp_name']))
{
engine::errors(Lang::get('Файл не является изображением JPEG, PNG или GIF'));
header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}
if(!preg_match('#\.jpe?g$#ui', $_FILES ['files']['name']) and !preg_match('#\.gif$#ui',$_FILES['files']['name'])and !preg_match('#\.png$#ui',$_FILES['files']['name']))
{
engine::errors(Lang::get('Неверное содержание файла'));
header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}
}
$pol_users = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '$photo_user'"));
$upload_image = mysql_query("INSERT INTO `photo_users` SET `user_id` = '$photo_user',`id_photo` = '$dir', `opis` = '$files_opis', `name` = '$files_image',`time` = '".time()."',`pol` = '$pol_users[pol]', `size` = '".$_FILES['files']['size']."'");
$uploaddir = $_SERVER['DOCUMENT_ROOT']."/photo/files/$files_image";
if(move_uploaded_file($_FILES["files"]["tmp_name"], $uploaddir) == true)
{
$screen = new screen_shcms($uploaddir);
$screen->autoimageresize(640, 480);
$screen->imagesave($new_image->image_type, $uploaddir);
$screen->imageout();
engine::correct(Lang::get("Фотография загружена"));
header("Refresh: 1; url=?act=dirname&dir=$dir&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}else {
engine::errors(Lang::get('Фотография не загружена'));
header("Refresh: 1; url=?act=photos_upload&dir=$dir&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}
}
echo '<div class="maintext">';
$form = new form("?act=photos_upload&dir=$dir&photo_user=$photo_user",false,false,'enctype="multipart/form-data"');
$form->input(Lang::get('<strong>Фотография:</strong>'),'files','file',false,true,false,false,false,'accept=\'image/*,image/gif,image/jpeg,image/png\'');
$form->textarea(Lang::get('<strong>Описания фотографии:</strong>'),'files_opis',false,true);
$form->submit(Lang::get('Загрузить'),'submit');
$form->finish();
echo '</div>';
echo '<div class="maintext">'.Lang::get('* Разрешено выгружать только файлы (PNG, GIF, JPEG)').'</div>';
break;
case'prosmotr':
$shcmsengine['title'] = Lang::get('Фотоальбомы - Фотографии');
include_once'../template/head.php';
if(isset($_GET['photo_user'])) {$photo_user = $_GET['photo_user'];}
if(isset($_GET['files'])) {$files = $_GET['files'];}
if(isset($_GET['dir'])) {$dir = $_GET['dir'];}
if(!dir and !$files and !$photo_user) {
engine::errors(Lang::get('Фотография не найдено'));
header("Refresh: 1; url=?act=dirname&dir=$dir&photo_user=$photo_user");
include_once'../template/foot.php';
exit();
}
$prosmotr = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `user_id` = '$photo_user' AND `id_photo` = '$dir' AND `id` = '$files'"));
$files_user = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id`= '$photo_user'"));
echo '<div class="maintitle mainrazd">'.Lang::get('Фотография: №:').$prosmotr['id'].'</div>';
echo '<div class="maintext">';
echo '<center><a class="group2" href="files/'.$prosmotr['name'].'"><img style="border-radius:5px;" src="files/'.$prosmotr['name'].'"></a></center></div>';
echo '<div class="maintext">';
// echo 'Названия: '.$translits->translit_rus(SHCMS_core::format2($prosmotr['name']));
echo '<div class="change_block">'.Lang::get('Добавил:').' <a href="'.DIR_SHCMS.'change_view.php?id='.$files_user['id'].'">'.$files_user['login'].'</a>
<span class="mainforum">'.$timedate->times($prosmotr['time']).'</span></div>';
echo '<div class="change_block">'.Lang::get('Размер:').engine::size($prosmotr['size']).'</div>';
if ($prosmotr['opis'] == false) {
echo '<div class="change_block">'.Lang::get('Описания: Описания не добавлено!').'</div>';
}else {
echo '<div class="change_block">'.Lang::get('Описания:').processing($prosmotr['opis']).'</div>';
}
echo '</div><div class="maintitle mainrazd">Действие</div>';
echo '<div class="maintext"><div class="posts">
<img src="../template/icon/save.png"> <a href="?act=download&id_down='.$prosmotr['id'].'">'.Lang::get('Скачать').'</a>
<span style="color:green;" class="mainforum">'.Lang::get('Загрузок:').' '.$prosmotr['count'].'</span></div>';
echo '<div class="posts"><img src="../template/icon/comm.png"> <a href="comment.php?id='.$prosmotr['id'].'">'.Lang::get('Комментарии').'</a>
<span style="color:green;" class="mainforum">'.mysql_result(mysql_query("SELECT COUNT(*) FROM `photo_comm` WHERE `id_comm` = '$prosmotr[id]'"),0).'</span></div>';
if($prosmotr['user_id'] == $user_id) {
echo '<div class="posts"><img src="../template/icon/delete.png"> <a href="?act=delete&id_delete='.$prosmotr['id'].'">'.Lang::get('Удалить').'</a></div>';
}
echo '</div>';
break;
case 'download':
include_once'../template/head.php';
if(isset($_GET['id_down'])) {$id_down = $_GET['id_down'];}
$photo_file = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `id` = '$id_down'"));
$filename = '../photo/files/'.$photo_file['name'].'';
mysql_query("UPDATE `photo_users` SET `count`='".($photo_file['count']+1)."' WHERE `id`='$id_down' LIMIT 1");
downloads($filename,'SHCMS_Photo_'.$photo_file['name']);
break;
case'delete':
$shcmsengine['title'] = Lang::get('Фотоальбомы - Удаление фотографии');
include_once'../template/head.php';
if(isset($_GET['id_delete'])) {$id_delete = $_GET['id_delete'];}
$delw = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `id`=`$id_delete`"));
if($_POST['delete_dir'])
{
$delete_dir = $_POST['delete_dir'];
}
if(isset($delete_dir))
{
$delete = mysql_query("DELETE FROM `photo_users` WHERE `id`='$id_delete'");
if($delete == true){
engine::correct(Lang::get('Фотография %s успешно удалено',$delw['name']));
header("Refresh:1; url=index.php");
include_once'../template/foot.php';
exit();
}
else
{
engine::errors(Lang::get('Ошибка удаление фотографии'));
header("Refresh:1; url=index.php");
include_once'../template/foot.php';
exit();
}
}
echo '<form action="?act=delete&id_delete='.$id_delete.'" method="post">';
echo '<input type="submit" name="delete_dir" value="'.Lang::get('Удалить').'">';
echo '</form>';
break;
case 'download':
include_once'../template/head.php';
if(isset($_GET['id_down'])) {$id_down = $_GET['id_down'];}
$photo_file = mysql_fetch_array(mysql_query("SELECT * FROM `photo_users` WHERE `id` = '$id_down'"));
$filename = '../photo/files/'.$photo_file['name'].'';
if (file_exists($filename)) {
mysql_query("UPDATE `photo_users` SET `count` = '".($photo_file['count'] + 1)."' WHERE `id` = '$id_down'");
$list = $filename;
$name = explode("/",$list);
$name = $name[count($name)-1];
header('Content-type: text/plain');
header("Content-disposition: attachment; filename=$name");
header('Content-Description: File Transfer');
header('Content-Transfer-Encoding: binary');
header('Expires: 0');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
header('Content-Length: ' . filesize($list));
ob_clean();
flush();
readfile($list);
} else {
engine::errors(Lang::get('Файла не существует!'));
}
break;
endswitch;
echo '<div class="link_str"><a href="index.php">'.Lang::get('Назад').'</div>';
include_once'../template/foot.php';
?>