Просмотр файла otp.php

Размер файла: 8.39Kb
<?
	// Mod by DaNaN
	
include_once 'sys/inc/start.php';
include_once 'sys/inc/compress.php';
include_once 'sys/inc/sess.php';
include_once 'sys/inc/home.php';
include_once 'sys/inc/settings.php';
include_once 'sys/inc/db_connect.php';
include_once 'sys/inc/ipua.php';
include_once 'sys/inc/fnc.php';
include_once 'sys/inc/user.php';

only_reg();

if (isset($_GET['id']))$ank['id']=intval($_GET['id']);
$ank=get_user($ank['id']);
$set['title']='Отпечаток для '.$ank['nick'];
include_once 'sys/inc/thead.php';
title();
if (is_file(H."sys/avatar/$ank[id].gif"))
$img = 'sys/avatar/'.$ank['id'].'.gif';
elseif (is_file(H."sys/avatar/$ank[id].jpg"))
$img = 'sys/avatar/'.$ank['id'].'.jpg';
elseif (is_file(H."sys/avatar/$ank[id].png"))
$img = 'sys/avatar/'.$ank['id'].'.png';
elseif ($_SERVER['PHP_SELF']!='')
$img = 'style/themes/$set[set_them]/user.png';


  list($width, $height) = getimagesize($img); 
if ($user['balls']>=50){
if (isset($_POST['save'])){
$left = rand(0, $width-20);
$top = rand(0, $height-25);
$time2 = $time+60*60*24*2;
if (isset($_POST['ava'])){
if (isset($_POST['ava']) && $_POST['ava']==1)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 1, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}
if (isset($_POST['ava']) && $_POST['ava']==2)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 2, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==3)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 3, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==4)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 4, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==5)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 5, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}
if (isset($_POST['ava']) && $_POST['ava']==6)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 6, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==7)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 7, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==8)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 8, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==9)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 9, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==10)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 10, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==11)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 11, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==12)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 12, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==13)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 13, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==14)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 14, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==15)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 15, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==16)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 16, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==17)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 17, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}

if (isset($_POST['ava']) && $_POST['ava']==18)
{
mysql_query('INSERT INTO `ava` (`id_ank`, `otp`, `id_user`, `left`, `top`, `time`) VALUES('.$ank['id'].', 18, '.$user['id'].', '.$left.', '.$top.', '.$time2.')');

}
$aval = mysql_insert_id();


mysql_query('UPDATE `user` SET `balls` = `balls` - 50  WHERE `id` = ' . $user['id'] . ' LIMIT 1');
mysql_query("INSERT INTO `mail` (`id_user`, `id_kont`, `msg`, `time`) values('0', '$ank[id]', '$user[nick] оставил отпечаток на вашей аве', '$time')");

if (isset($_POST['komm']) && strlen2($_POST['komm'])<=512)
{

if (preg_match('#[^A-zА-я0-9 _\-\=\+\(\)\*\?\.,]#ui',$_POST['komm']))$err[]='В поле "Комментарий" используются запрещенные символы';
else {

mysql_query("UPDATE `ava` SET `komm` = '".my_esc($_POST['komm'])."' WHERE `id` = '".$aval."' LIMIT 1");
}
}
else $err[]='Комментарий привышает 512 символов';

msg('Успешно!');
} 
else {$err = 'не выбран ляп';}
}
} else{$err = 'У вас недостаточно баллов';}

err();
aut();


echo "<div style='position:relative;'>";
avatar($ank['id']);
$ava_q=mysql_query("SELECT * FROM `ava` WHERE `id_ank` = $ank[id]");
while ($ava = mysql_fetch_assoc($ava_q))
{
if ($ava['time']>=$time)
echo '<img style="position:absolute;top:'.$ava['top'].'px;left:'.$ava['left'].'px;" src="/otp/'.$ava['otp'].'.png"/>';
}
echo "</div>";
echo '<br />';
echo 'Цена отпечатка <strong>50</strong> баллов';
echo '<br />';
echo 'Отпечаток сотрется через <strong>2</strong> дня!';
echo '<br />';
echo "<form method='post' action='?id=$ank[id]&amp;$passgen'>";
echo "<strong>Отпечаток</strong>:<br /> 
    <img src='/otp/1.png' alt='1' /><input name='ava' type='radio' value='1' />
	<img src='/otp/2.png' alt='2' /><input name='ava' type='radio'  value='2' />
	<img src='/otp/3.png' alt='3' /><input name='ava' type='radio'  value='3' />
	<img src='/otp/4.png' alt='4' /><input name='ava' type='radio'  value='4' />
	<img src='/otp/5.png' alt='5' /><input name='ava' type='radio'  value='5' />
	<img src='/otp/6.png' alt='6' /><input name='ava' type='radio'  value='6' /><br />
    <img src='/otp/7.png' alt='7' /><input name='ava' type='radio' value='7' />
	<img src='/otp/8.png' alt='8' /><input name='ava' type='radio'  value='8' />
	<img src='/otp/9.png' alt='9' /><input name='ava' type='radio'  value='9' />
	<img src='/otp/10.png' alt='10' /><input name='ava' type='radio'  value='10' />
	<img src='/otp/11.png' alt='11' /><input name='ava' type='radio'  value='11' />
	<img src='/otp/12.png' alt='12' /><input name='ava' type='radio'  value='12' /><br />
	<img src='/otp/13.png' alt='13' /><input name='ava' type='radio' value='13' />
	<img src='/otp/14.png' alt='14' /><input name='ava' type='radio'  value='14' />
	<img src='/otp/15.png' alt='15' /><input name='ava' type='radio'  value='15' />
	<img src='/otp/16.png' alt='16' /><input name='ava' type='radio'  value='16' />
	<img src='/otp/17.png' alt='17' /><input name='ava' type='radio'  value='17' />
	<img src='/otp/18.png' alt='18' /><input name='ava' type='radio'  value='18' /><br />
	<br />
	Комментарий:<br />
		<input type='text' name='komm' maxlength='512' /><br />";
	
echo "<input type='submit' name='save' value='Заляпать!' />
	</form>";
if(isset($_SESSION['refer']) && $_SESSION['refer']!=NULL && otkuda($_SESSION['refer']))
echo "<a href='$_SESSION[refer]'>".otkuda($_SESSION['refer'])."</a><br />\n";
echo "<a href='umenu.php'>Мое меню</a><br />\n";

include_once 'sys/inc/tfoot.php';
?>