Убрал Deprecated. Рабочая версия.
This commit is contained in:
parent
0d3fb8f0b1
commit
81415acba4
78
contacts.php
78
contacts.php
@ -2,69 +2,42 @@
|
||||
ob_start("ob_gzhandler");
|
||||
session_start();
|
||||
if ($_SESSION['uid'] == null) header("Location: index.php");
|
||||
require_once 'config.php';
|
||||
|
||||
require_once 'functions.php';
|
||||
$friend = db::c()->query('SELECT * FROM `friends` WHERE `user` = ?i', $_SESSION['uid'])->fetch_assoc();
|
||||
if (input::post('friendadd')) {
|
||||
$q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendadd'))->fetch_assoc();
|
||||
$q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
|
||||
|
||||
if ($_POST['sd4'] && $_POST['friendadd']) {
|
||||
$_POST['friendadd'] = htmlspecialchars($_POST['friendadd'], NULL, 'cp1251');
|
||||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendadd'])) $status = 'Персонаж не найден.';
|
||||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendadd']}' LIMIT 1;"));
|
||||
|
||||
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
|
||||
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||||
elseif ($igogo['id'] == $user['id']) $status = 'Себя добавить нельзя.';
|
||||
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
|
||||
elseif ($igogo2['friend']) $status = 'Персонаж уже есть в списке.';
|
||||
if (!$q['id']) $status = 'Персонаж не найден.';
|
||||
elseif ($q['id'] == $_SESSION['uid']) $status = 'Себя добавить нельзя.';
|
||||
elseif ($q2->getNumRows()) $status = 'Персонаж уже есть в списке.';
|
||||
else {
|
||||
if ($_POST['group'] == 0) $friend = $igogo['id'];
|
||||
|
||||
mysql_query("INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES(" . $user['id'] . ", " . $friend . ", '" . $_POST['comment'] . "');");
|
||||
db::c()->query('INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES (?i,?i,"?s")', $_SESSION['uid'], $q['id'], input::post('comment'));
|
||||
$status = 'Контакт добавлен.';
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST['friendremove']) {
|
||||
$_POST['friendremove'] = htmlspecialchars($_POST['friendremove'], NULL, 'cp1251');
|
||||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendremove'])) $status = 'Персонаж не найден.';
|
||||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendremove']}' LIMIT 1;"));
|
||||
if (input::post('friendremove')) {
|
||||
$q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendremove'))->fetch_assoc();
|
||||
$q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
|
||||
|
||||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||||
if (!$q['id'] OR !$q2->getNumRows()) $status = 'Персонаж не найден.';
|
||||
else {
|
||||
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||||
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
|
||||
else {
|
||||
$per = "`friend`='" . $igogo2['friend'] . "'";
|
||||
|
||||
mysql_query("DELETE FROM `friends` WHERE `user`='" . $user['id'] . "' and " . $per . ";");
|
||||
db::c()->query('DELETE FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
|
||||
$status = 'Контакт удалён.';
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST['friendedit']) {
|
||||
$_POST['friendedit'] = htmlspecialchars($_POST['friendedit'], NULL, 'cp1251');
|
||||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendedit'])) $status = 'Персонаж не найден.';
|
||||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendedit']}' LIMIT 1;"));
|
||||
if (input::post('friendedit')) {
|
||||
$q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendedit'))->fetch_assoc();
|
||||
$q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
|
||||
|
||||
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
|
||||
|
||||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||||
elseif ($igogo['id'] == $user['id']) $status = 'Себя отредактировать нельзя.';
|
||||
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
|
||||
if (!$q2['friend']) $status = 'Персонаж не найден.';
|
||||
else {
|
||||
if ($_POST['group'] == 0) $friend = $igogo['id'];
|
||||
|
||||
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||||
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
|
||||
else {
|
||||
$per = "`friend`='" . $igogo2['friend'] . "'";
|
||||
|
||||
mysql_query("UPDATE `friends` SET `friend` = " . $friend . ",`comment` = " . $_POST['comment'] . " WHERE `user`='" . $user['id'] . "' and " . $per . "");
|
||||
db::c()->query('UPDATE `friends` SET `comment` = "?s" WHERE `user` = ?i AND `friend` = ?i', input::post('comment'), $_SESSION['uid'], $q['id']);
|
||||
$status = 'Контакт изменён.';
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
$admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER BY `login` ASC', (time() - 60));
|
||||
@ -81,7 +54,8 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
|
||||
<div style="text-align: right">
|
||||
<input type='button' style='width: 100px' value='Добавить контакт' onclick='addcontact()'>
|
||||
<input type='button' style='width: 100px' value='Удалить контакт' onclick='removecontact()'>
|
||||
<input type='button' value='Обновить' style='width: 75px' onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
|
||||
<input type='button' value='Обновить' style='width: 75px'
|
||||
onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
|
||||
<input TYPE='button' value='Вернуться' style='width: 75px' onclick='location="main.php"'>
|
||||
</div>
|
||||
<div id=hint4 class=ahint>
|
||||
@ -128,7 +102,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
|
||||
function editcontact(login, comment) {
|
||||
var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Редактировать контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
|
||||
s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
|
||||
s += '<tr><td><input type="hidden" name="friendedit" value="' + login + '"><input type="hidden" name="sd4">';
|
||||
s += '<tr><td><input type="hidden" name="friendedit" value="' + login + '">';
|
||||
s += '<input name="comment" value="' + comment + '" placeholder="Комментарий" style="width: 105px"> ';
|
||||
s += '<input type="submit" value="Сохранить"></td></tr></form></table>';
|
||||
s += '</td></tr></table>';
|
||||
@ -145,7 +119,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
|
||||
s += '<table width=100% bgcolor=FFF6DD align=center><form method=POST>';
|
||||
s += '<tr><td><input name="friendadd" placeholder="Логин" style="width:105px"> ';
|
||||
s += '<input name="comment" placeholder="Комментарий" style="width:105px"></td></tr>';
|
||||
s += '<tr><td><input type="submit" value="Добавить запись"><input type="hidden" name="sd4"></td></tr></form></table>';
|
||||
s += '<tr><td><input type="submit" value="Добавить запись"></td></tr></form></table>';
|
||||
s += '</td></tr></table>';
|
||||
document.getElementById("hint4").innerHTML = s;
|
||||
document.getElementById("hint4").style.visibility = "visible";
|
||||
@ -158,8 +132,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
|
||||
function removecontact() {
|
||||
var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Удалить контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
|
||||
s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
|
||||
s += '<tr><td><input type="hidden" name="sd4">';
|
||||
s += '<input name="friendremove" placeholder="Логин" style="width: 105px"> ';
|
||||
s += '<tr><td><input name="friendremove" placeholder="Логин" style="width: 105px"> ';
|
||||
s += '<input type="submit" value="Удалить"></td></tr></form></table>';
|
||||
s += '</td></tr></table>';
|
||||
document.getElementById("hint4").innerHTML = s;
|
||||
@ -170,8 +143,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
|
||||
Hint3Name = name;
|
||||
}
|
||||
|
||||
function closehint()
|
||||
{
|
||||
function closehint() {
|
||||
document.getElementById("hint4").style.visibility = "hidden";
|
||||
Hint3Name = '';
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user