lopar/battles
lopar/battles
0
0
Fork 0
Code Issues 21 Pull Requests Releases Wiki Activity

Убираем старый код. Упрощаем логику. Централизованные статусы задач.

Browse Source
This commit is contained in:
lopar 2018-12-14 00:06:34 +02:00
parent 7773593ebb
commit db47d3bd9b
1 changed files with 56 additions and 109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

165
contacts.php
View File

@ -6,123 +6,69 @@ if ($_SESSION['uid'] == null) header("Location: index.php");
require_once 'functions.php';
$friend = db::c()->query('SELECT * FROM `friends` WHERE `user` = ?i', $_SESSION['uid'])->fetch_assoc();
if ($_POST['sd4'] && $_POST['friendadd']) {
$_POST['friendadd'] = htmlspecialchars($_POST['friendadd'], NULL, 'cp1251');
if (preg_match("/__/", $_POST['friendadd']) || preg_match("/--/", $_POST['friendadd'])) {
echo "<font color=red>Персонаж не найден.</font>";
} else {
$igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendadd']}' LIMIT 1;"));
}
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendadd'])) $status = 'Персонаж не найден.';
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendadd']}' LIMIT 1;"));
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and (`friend`=" . $igogo['id'] . " or `enemy`=" . $igogo['id'] . " or `notinlist`=" . $igogo['id'] . ") LIMIT 1;"));
if (!$igogo['id']) {
echo "<font color=red>Персонаж не найден.</font>";
} elseif ($igogo['id'] == $user['id']) {
echo "<font color=red>Себя добавить нельзя.</font>";
} elseif (preg_match("/__/", $_POST['comment']) || preg_match("/--/", $_POST['comment'])) {
echo "<font color=red>Введен неверный текст.</font>";
} elseif ($igogo2['enemy'] or $igogo2['friend'] or $igogo2['notinlist']) {
echo "<font color=red>Персонаж уже есть в вашем списке.</font>";
} else {
if ($_POST['group'] == 0) {
$notinlist = 0;
$friend = $igogo['id'];
$enemy = 0;
} elseif ($_POST['group'] == 1) {
$notinlist = 0;
$friend = 0;
$enemy = $igogo['id'];
} else {
$notinlist = $igogo['id'];
$friend = 0;
$enemy = 0;
}
mysql_query("INSERT INTO `friends` (`user`, `friend`, `enemy`, `notinlist`, `comment`) VALUES(" . $user['id'] . ", " . $friend . ", " . $enemy . ", " . $notinlist . ", '" . $_POST['comment'] . "');");
echo "<font color=red>Персонаж <b>" . $_POST['friendadd'] . "</b> добавлен.</font>";
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
if (!$igogo['id']) $status = 'Персонаж не найден.';
elseif ($igogo['id'] == $user['id']) $status = 'Себя добавить нельзя.';
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
elseif ($igogo2['friend']) $status = 'Персонаж уже есть в списке.';
else {
if ($_POST['group'] == 0) $friend = $igogo['id'];
mysql_query("INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES(" . $user['id'] . ", " . $friend . ", '" . $_POST['comment'] . "');");
$status = 'Контакт добавлен.';
}
}
if ($_POST['friendremove']) {
$_POST['friendremove'] = htmlspecialchars($_POST['friendremove'], NULL, 'cp1251');
if (preg_match("/__/", $_POST['friendremove']) || preg_match("/--/", $_POST['friendremove'])) {
echo "<font color=red>Персонаж не найден.</font>";
} else {
$igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendremove']}' LIMIT 1;"));
}
if (!$igogo['id']) {
echo "<font color=red>Персонаж не найден.</font>";
} else {
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and (`friend`=" . $igogo['id'] . " or `enemy`=" . $igogo['id'] . " or `notinlist`=" . $igogo['id'] . ") LIMIT 1;"));
if (!$igogo2['enemy'] && !$igogo2['friend'] && !$igogo2['notinlist']) {
echo "<font color=red>Персонаж не найден в вашем списке.</font>";
} else {
if ($igogo2['friend'] > 0) {
$per = "`friend`='" . $igogo2['friend'] . "'";
}
if ($igogo2['enemy'] > 0) {
$per = "`enemy`='" . $igogo2['enemy'] . "'";
}
if ($igogo2['notinlist'] > 0) {
$per = "`notinlist`='" . $igogo2['notinlist'] . "'";
}
if (mysql_query("DELETE FROM `friends` WHERE `user`='" . $user['id'] . "' and " . $per . ";")) {
echo "<font color=red>Данные контакта <b>" . $_POST['friendremove'] . "</b> успешно удалены.</font>";
}
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendremove'])) $status = 'Персонаж не найден.';
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendremove']}' LIMIT 1;"));
if (!$igogo['id']) $status = 'Персонаж не найден.';
else {
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
else {
$per = "`friend`='" . $igogo2['friend'] . "'";
mysql_query("DELETE FROM `friends` WHERE `user`='" . $user['id'] . "' and " . $per . ";");
$status = 'Контакт удалён.';
}
}
}
if ($_POST['friendedit']) {
$_POST['friendedit'] = htmlspecialchars($_POST['friendedit'], NULL, 'cp1251');
if (preg_match("/__/", $_POST['friendedit']) || preg_match("/--/", $_POST['friendedit'])) {
echo "<font color=red>Персонаж не найден.</font>";
} else {
$igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendedit']}' LIMIT 1;"));
}
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
if (!$igogo['id']) {
echo "<font color=red>Персонаж не найден.</font>";
} elseif ($igogo['id'] == $user['id']) {
echo "<font color=red>Себя отредактировать нельзя.</font>";
} elseif (preg_match("/__/", $_POST['comment']) || preg_match("/--/", $_POST['comment'])) {
echo "<font color=red>Введен неверный текст.</font>";
} else {
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendedit'])) $status = 'Персонаж не найден.';
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendedit']}' LIMIT 1;"));
if ($_POST['group'] == 0) {
$notinlist = 0;
$friend = $igogo['id'];
$enemy = 0;
} elseif ($_POST['group'] == 1) {
$notinlist = 0;
$friend = 0;
$enemy = $igogo['id'];
} else {
$notinlist = $igogo['id'];
$friend = 0;
$enemy = 0;
}
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and (`friend`=" . $igogo['id'] . " or `enemy`=" . $igogo['id'] . " or `notinlist`=" . $igogo['id'] . ") LIMIT 1;"));
if (!$igogo2['enemy'] && !$igogo2['friend'] && !$igogo2['notinlist']) {
echo "<font color=red>Персонаж не найден в вашем списке.</font>";
} else {
if ($igogo2['friend'] > 0) {
$per = "`friend`='" . $igogo2['friend'] . "'";
}
if ($igogo2['enemy'] > 0) {
$per = "`enemy`='" . $igogo2['enemy'] . "'";
}
if ($igogo2['notinlist'] > 0) {
$per = "`notinlist`='" . $igogo2['notinlist'] . "'";
}
mysql_query("UPDATE `friends` SET `friend` = " . $friend . ",`enemy` = " . $enemy . ",`notinlist` = " . $notinlist . ",`comment` = " . $_POST['comment'] . " WHERE `user`='" . $user['id'] . "' and " . $per . "");
echo "<font color=red>Данные контакта <b>" . $_POST['friendedit'] . "</b> успешно изменены.</font>";
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
if (!$igogo['id']) $status = 'Персонаж не найден.';
elseif ($igogo['id'] == $user['id']) $status = 'Себя отредактировать нельзя.';
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
else {
if ($_POST['group'] == 0) $friend = $igogo['id'];
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
else {
$per = "`friend`='" . $igogo2['friend'] . "'";
mysql_query("UPDATE `friends` SET `friend` = " . $friend . ",`comment` = " . $_POST['comment'] . " WHERE `user`='" . $user['id'] . "' and " . $per . "");
$status = 'Контакт изменён.';
}
}
}
$admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER BY `login` ASC', (time() - 60));
$contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE `friend` > 0 AND `user` = ?i', $_SESSION['uid']);
?>
<HTML>
<HEAD>
@ -132,16 +78,19 @@ $admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER
<link href="css/friend/design3.css" rel="stylesheet" type="text/css">
</HEAD>
<body>
<div id=hint4 class=ahint></div>
<div id=hint4 class=ahint>
<?php if (isset($status)): ?>
<span style="color: darkred;"><?= $status ?></span>
<?php endif; ?>
</div>
<TABLE width="100%">
<TR>
<TD style="vertical-align: top;">
<TABLE cellspacing=0 cellpadding=2 width="100%">
<?php
$data = mysql_query("SELECT `friend`,`comment` FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`>0;");
while ($row = mysql_fetch_array($data)) {
$us = mysql_fetch_array(mysql_query("SELECT `id`,`login`,`klan`,`level`,`align`,`room`, `invis`, (select `id` from `online` WHERE `date` >= " . (time() - 60) . " AND `id` = users.`id`) as `online` FROM `users` WHERE `id` = '" . $row['notinlist'] . "';")); ?>
while ($row = $contacts_list->fetch_assoc()):
$us = db::c()->query('SELECT `id`,`login`,`klan`,`level`,`align`,`room`, `invis`, (select `id` from `online` WHERE `date` >= ?i AND `id` = `users`.`id`) as `online` FROM `users` WHERE `id` = ?i', (time() - 60), $row['friend'])->fetch_assoc();
?>
<TR valign="top">
<TD>
<h3>Контакты</h3>
@ -156,12 +105,10 @@ $admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER
<TD width="1%">
<INPUT type=image SRC=i/friend/b__ok.gif WIDTH=25 HEIGHT=18 ALT="Редактировать"
style="float: right"
onclick='editcontact("Редактирование контакта", "contactscontacts.php", "friendedit", "<?= $us['login'] ?>", "<SCRIPT>drwfl(\"<?= $us['login'] ?>\",<?= $row['notinlist'] ?>,\"<?= $us['level'] ?>\",<?= $us['align'] ?>,\"<?= $us['klan'] ?>\")</SCRIPT>", "2", ["Друзья","Враги","Не в группе"], "", [], "<?= $row['comment'] ?>");'>
onclick='editcontact("Редактирование контакта", "contacts.php", "friendedit", "<?= $us['login'] ?>", "<SCRIPT>drwfl(\"<?= $us['login'] ?>\",<?= $row['notinlist'] ?>,\"<?= $us['level'] ?>\",<?= $us['align'] ?>,\"<?= $us['klan'] ?>\")</SCRIPT>", "2", "Друзья", "", [], "<?= $row['comment'] ?>");'>
</TD>
</TR>
<?
}
?>
<? endwhile; ?>
<TR>
<TD colspan="4">
<INPUT type='button' style='width: 100px' value='Добавить'
@ -176,17 +123,17 @@ $admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER
<TD style="width: 30%; vertical-align: top; ">
<TABLE cellspacing=0 cellpadding=2>
<TR>
<TD style="width: 25%; vertical-align: top; text-align: right; ">
<TD style="width: 200px; vertical-align: top; text-align: right; ">
<INPUT type='button'
value='Обновить'
style='width: 75px'
onclick='location="/contacts.php?friends=0.834468433941264"'>
onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
<INPUT TYPE=button value="Вернуться" style='width: 75px'
onclick="location.href='main.php';">
</TD>
</TR>
<TR>
<TD bgcolor=efeded nowrap style="text-align: center; ">
<TD style="color: whitesmoke;">
<h3>Администраторы</h3>
<?php while ($row = $admins_list->fetch_assoc()) echo nick::id($row['id'])->full() . "<br>"; ?>
</TD>