292 lines
17 KiB
PHP
292 lines
17 KiB
PHP
<?php
|
||
ob_start("ob_gzhandler");
|
||
session_start();
|
||
if ($_SESSION['uid'] == null) header("Location: index.php");
|
||
|
||
require_once 'functions.php';
|
||
$friend = db::c()->query('SELECT * FROM `friends` WHERE `user` = ?i', $_SESSION['uid'])->fetch_assoc();
|
||
|
||
if ($_POST['sd4'] && $_POST['friendadd']) {
|
||
$_POST['friendadd'] = htmlspecialchars($_POST['friendadd'], NULL, 'cp1251');
|
||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendadd'])) $status = 'Персонаж не найден.';
|
||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendadd']}' LIMIT 1;"));
|
||
|
||
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
|
||
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||
elseif ($igogo['id'] == $user['id']) $status = 'Себя добавить нельзя.';
|
||
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
|
||
elseif ($igogo2['friend']) $status = 'Персонаж уже есть в списке.';
|
||
else {
|
||
if ($_POST['group'] == 0) $friend = $igogo['id'];
|
||
|
||
mysql_query("INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES(" . $user['id'] . ", " . $friend . ", '" . $_POST['comment'] . "');");
|
||
$status = 'Контакт добавлен.';
|
||
}
|
||
}
|
||
|
||
if ($_POST['friendremove']) {
|
||
$_POST['friendremove'] = htmlspecialchars($_POST['friendremove'], NULL, 'cp1251');
|
||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendremove'])) $status = 'Персонаж не найден.';
|
||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendremove']}' LIMIT 1;"));
|
||
|
||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||
else {
|
||
$igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
|
||
else {
|
||
$per = "`friend`='" . $igogo2['friend'] . "'";
|
||
|
||
mysql_query("DELETE FROM `friends` WHERE `user`='" . $user['id'] . "' and " . $per . ";");
|
||
$status = 'Контакт удалён.';
|
||
}
|
||
}
|
||
}
|
||
|
||
if ($_POST['friendedit']) {
|
||
$_POST['friendedit'] = htmlspecialchars($_POST['friendedit'], NULL, 'cp1251');
|
||
if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendedit'])) $status = 'Персонаж не найден.';
|
||
else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendedit']}' LIMIT 1;"));
|
||
|
||
$_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
|
||
|
||
if (!$igogo['id']) $status = 'Персонаж не найден.';
|
||
elseif ($igogo['id'] == $user['id']) $status = 'Себя отредактировать нельзя.';
|
||
elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
|
||
else {
|
||
if ($_POST['group'] == 0) $friend = $igogo['id'];
|
||
|
||
$igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
|
||
if (!$igogo2['friend']) $status = 'Персонаж не найден.';
|
||
else {
|
||
$per = "`friend`='" . $igogo2['friend'] . "'";
|
||
|
||
mysql_query("UPDATE `friends` SET `friend` = " . $friend . ",`comment` = " . $_POST['comment'] . " WHERE `user`='" . $user['id'] . "' and " . $per . "");
|
||
$status = 'Контакт изменён.';
|
||
}
|
||
}
|
||
}
|
||
|
||
$admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER BY `login` ASC', (time() - 60));
|
||
$contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE `friend` > 0 AND `user` = ?i', $_SESSION['uid']);
|
||
?>
|
||
<HTML>
|
||
<HEAD>
|
||
<meta charset="utf-8">
|
||
<link rel=stylesheet href="css/main.css">
|
||
<link rel=stylesheet href="css/friend/main.css">
|
||
<link href="css/friend/design3.css" rel="stylesheet" type="text/css">
|
||
</HEAD>
|
||
<body>
|
||
<div id=hint4 class=ahint>
|
||
<?php if (isset($status)): ?>
|
||
<span style="color: darkred;"><?= $status ?></span>
|
||
<?php endif; ?>
|
||
</div>
|
||
<TABLE width="100%">
|
||
<TR>
|
||
<TD style="vertical-align: top;">
|
||
<TABLE cellspacing=0 cellpadding=2 width="100%">
|
||
<?php
|
||
while ($row = $contacts_list->fetch_assoc()):
|
||
$us = db::c()->query('SELECT `id`,`login`,`klan`,`level`,`align`,`room`, `invis`, (select `id` from `online` WHERE `date` >= ?i AND `id` = `users`.`id`) as `online` FROM `users` WHERE `id` = ?i', (time() - 60), $row['friend'])->fetch_assoc();
|
||
?>
|
||
<TR valign="top">
|
||
<TD>
|
||
<h3>Контакты</h3>
|
||
<?php
|
||
if ($us['online'] > 0 && !$us["invis"]) echo nick::id($us['id'])->full() . " - <i>" . $rooms[$us['room']] . "</i><br>";
|
||
else echo "<span style='color: grey'>" . nick::id($us['id'])->full() . "</span> - Нет в клубе<br>";
|
||
?>
|
||
</TD>
|
||
<TD bgcolor=efeded width="40%">
|
||
<small><span class=dsc><i><?= $row['comment'] ?></i></span></small>
|
||
<TD>
|
||
<TD width="1%">
|
||
<INPUT type=image SRC=i/friend/b__ok.gif WIDTH=25 HEIGHT=18 ALT="Редактировать"
|
||
style="float: right"
|
||
onclick='editcontact("Редактирование контакта", "contacts.php", "friendedit", "<?= $us['login'] ?>", "<SCRIPT>drwfl(\"<?= $us['login'] ?>\",<?= $row['notinlist'] ?>,\"<?= $us['level'] ?>\",<?= $us['align'] ?>,\"<?= $us['klan'] ?>\")</SCRIPT>", "2", "Друзья", "", [], "<?= $row['comment'] ?>");'>
|
||
</TD>
|
||
</TR>
|
||
<? endwhile; ?>
|
||
<TR>
|
||
<TD colspan="4">
|
||
<INPUT type='button' style='width: 100px' value='Добавить'
|
||
onclick='findlogin2("Добавить в список", "contacts.php", "friendadd", "Друзья", [])'>
|
||
|
||
<INPUT type='button' style='width: 100px' value='Удалить'
|
||
onclick='findlogin("Удалить из списка", "contacts.php", "friendremove", "", 0)'>
|
||
</TD>
|
||
</TR>
|
||
</TABLE>
|
||
</TD>
|
||
<TD style="width: 30%; vertical-align: top; ">
|
||
<TABLE cellspacing=0 cellpadding=2>
|
||
<TR>
|
||
<TD style="width: 200px; vertical-align: top; text-align: right; ">
|
||
<INPUT type='button'
|
||
value='Обновить'
|
||
style='width: 75px'
|
||
onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
|
||
<INPUT TYPE=button value="Вернуться" style='width: 75px'
|
||
onclick="location.href='main.php';">
|
||
</TD>
|
||
</TR>
|
||
<TR>
|
||
<TD style="color: whitesmoke;">
|
||
<h3>Администраторы</h3>
|
||
<?php while ($row = $admins_list->fetch_assoc()) echo nick::id($row['id'])->full() . "<br>"; ?>
|
||
</TD>
|
||
</TR>
|
||
</TABLE>
|
||
</TD>
|
||
</TR>
|
||
</TABLE>
|
||
|
||
<script src="js/sl2.21.js"></script>
|
||
<script>
|
||
var nlevel = 0;
|
||
var from = Array('+', ' ', '#');
|
||
var to = Array('%2B', '+', '%23');
|
||
|
||
function editcontact(title, script, name, login, flogin, group, groups, subgroup, subgroups, comment) {
|
||
var s = '<table width=250 cellspacing=1 cellpadding=0 bgcolor=CCC3AA><tr><td align=center><B>' + title + '</td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint3();"><BIG><B>x</td></tr><tr><td colspan=2>';
|
||
s += '<table width=250 cellspacing=0 cellpadding=4 bgcolor=FFF6DD><tr><form action="' + script + '" method=POST><td align=center>';
|
||
s += '<table width=1% border=0 cellspacing=0 cellpadding=2 align=center><tr><td align=right>';
|
||
flogin = flogin.replace(/^<SCRIPT>drwfl\((.*)\)<\/SCRIPT>$/i, 'drw($1)');
|
||
s += '<small><b>Контакт:</b></small></td><td><INPUT TYPE=hidden NAME="' + name + '" VALUE="' + login + '">' + (flogin.match(/^drw\(/) ? eval(flogin) : flogin) + '</td></tr>';
|
||
if (groups && groups.length > 0) {
|
||
s += '<tr><td align=right><small><b>Группа:</b></small></td><td align><SELECT NAME=group style="width: 140px">';
|
||
for (i = 0; i < groups.length; i++) {
|
||
s += '<option value="' + i + '"' + (group == i ? ' selected' : '') + '>' + groups[i];
|
||
}
|
||
s += '</SELECT></td></tr>';
|
||
}
|
||
s += '<tr><td align=right><small><b>Комментарий:</b></small></td><td width="1%"><INPUT TYPE=text NAME="comment" VALUE="' + comment + '" style="width: 105px"> ';
|
||
s += '<INPUT type=image SRC=i/friend/b__ok.gif WIDTH=25 HEIGHT=18 ALT="Сохранить" style="border:0; vertical-align: middle"></TD></TR></TABLE><INPUT TYPE=hidden name=sd4 value=""></TD></FORM></TR></TABLE></td></tr></table>';
|
||
document.all("hint4").innerHTML = s;
|
||
document.all("hint4").style.visibility = "visible";
|
||
document.all("hint4").style.left = 100;
|
||
document.all("hint4").style.top = document.body.scrollTop + 50;
|
||
document.all("comment").focus();
|
||
Hint3Name = '';
|
||
}
|
||
|
||
function findlogin2(title, script, name, groups, subgroups) {
|
||
var s = '<form action="' + script + '" method=POST><table width=270 cellspacing=1 cellpadding=0 bgcolor=CCC3AA><tr><td align=center><B>' + title + '</td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint3();"><BIG><B>x</td></tr><tr><td colspan=2>';
|
||
s += '<table width=100% cellspacing=0 cellpadding=2 bgcolor=FFF6DD><tr><td align=center>';
|
||
s += '<table width=90% cellspacing=0 cellpadding=2 align=center><tr><td align=left colspan="2">';
|
||
s += 'Укажите логин персонажа:<br><small>(можно щелкнуть по логину в чате)</small></td></tr>';
|
||
s += '<tr><td align=right><small><b>Логин:</b></small></td><td><INPUT TYPE=text NAME="' + name + '" style="width:140px"></td></tr>';
|
||
if (groups && groups.length > 0) {
|
||
s += '<tr><td align=right><small><b>Группа:</b></small></td><td width=140><SELECT NAME=group style="width:140px">';
|
||
for (i = 0; i < groups.length; i++) {
|
||
s += '<option value="' + i + '">' + groups[i];
|
||
}
|
||
s += '</SELECT></td></tr>';
|
||
}
|
||
s += '<tr><td align=right><small><b>Комментарий:</b></small></td><td><INPUT TYPE=text NAME="comment" VALUE="" style="width:105px"> ';
|
||
s += '<INPUT type=image SRC=i/friend/b__ok.gif WIDTH=25 HEIGHT=18 ALT="Добавить контакт" style="border:0; vertical-align: middle"></TD></TR></TABLE><INPUT TYPE=hidden name=sd4 value="1"></TD></TR></TABLE></td></tr></table></FORM>';
|
||
document.all("hint4").innerHTML = s;
|
||
document.all("hint4").style.visibility = "visible";
|
||
document.all("hint4").style.left = 100;
|
||
document.all("hint4").style.top = document.body.scrollTop + 50;
|
||
document.all(name).focus();
|
||
Hint3Name = name;
|
||
}
|
||
|
||
function w(login, id, align, klan, level, online, city, battle) {
|
||
var s = '';
|
||
if (online != '') {
|
||
if (city != '') {
|
||
s += '<img style="filter:gray()" src=i/friend/lock.gif width=20 height=15 alt="В другом городе" />';
|
||
} else {
|
||
s += '<a href="javascript:top.AddToPrivate(\'' + login + '\',true)"><img src=i/friend/lock.gif width=20 height=15 alt="Приватно"' + (battle != 0 ? ' style="filter: invert()"' : '') + ' /></a>';
|
||
}
|
||
if (city != '') {
|
||
s += '<img src="i/misc/fo' + city + '.gif" width=17 height=15 />';
|
||
}
|
||
s += ' <img src=i/align' + align + '.gif width=12 height=15>';
|
||
if (klan != '') {
|
||
s += '<img src="i/klan/' + klan + '.gif" width=24 height=15 />';
|
||
}
|
||
s += '<a href="javascript:top.AddTo(\'' + login + '\')">' + login + '</a>[' + level + ']<a href=/inf.pl?' + id + ' target=_blank><img src=i/inf.gif width=12 height=11 /></a>';
|
||
s += '</td><td bgcolor=efeded nowrap>';
|
||
if (city != "") {
|
||
s += "нет в этом городе";
|
||
} else {
|
||
s += online;
|
||
}
|
||
} else {
|
||
s += '<img src="i/friend/offline.gif" width=20 height=15 border=0 />';
|
||
if (city != '') {
|
||
s += '<img src="i/misc/forum/fo' + city + '.gif" width=17 height=15 />';
|
||
}
|
||
if (align == "") align = "0";
|
||
s += ' <IMG SRC=i/align' + align + '.gif WIDTH=12 HEIGHT=15>';
|
||
if (klan != '') {
|
||
s += '<IMG SRC="i/klan/' + klan + '.gif" WIDTH=24 HEIGHT=15 ALT="">'
|
||
}
|
||
if (level) {
|
||
if (nlevel == 0) {
|
||
nlevel = 1; //s="<BR>"+s;
|
||
}
|
||
s += '<FONT color=gray><b>' + login + '</b>[' + level + ']<a href=/inf.pl?' + id + ' target=_blank><IMG SRC=i/inf.gif WIDTH=12 HEIGHT=11 ALT="Информация о персонаже"></a></td><td bgcolor=efeded nowrap>Нет в клубе';
|
||
} else {
|
||
if (nlevel == 1) {
|
||
nlevel = 2; //s="<BR>"+s;
|
||
}
|
||
mlogin = login;
|
||
for (var i = 0; i < from.length; ++i) while (mlogin.indexOf(from[i]) >= 0) mlogin = mlogin.replace(from[i], to[i]);
|
||
s += '<FONT color=gray><i>' + login + '</i> <a href=/inf.pl?login=' + mlogin + ' target=_blank><IMG SRC=i/friend/inf_dis.gif WIDTH=12 HEIGHT=11 ALT="Информация о персонаже"></a></td><td bgcolor=efeded nowrap>нет в этом городе';
|
||
}
|
||
s += '</FONT>';
|
||
}
|
||
document.write(s + '<BR>');
|
||
}
|
||
|
||
function m(login, id, align, klan, level) {
|
||
var s = '';
|
||
s += '<a href="javascript:top.AddToPrivate(\'' + login + '\',true)"><IMG SRC=i/friend/lock.gif WIDTH=20 HEIGHT=15 ALT="Приватно"></a>';
|
||
s += ' <IMG SRC=i/align' + align + '.gif WIDTH=12 HEIGHT=15>';
|
||
if (klan != '') {
|
||
s += '<IMG SRC="i/klan/' + klan + '.gif" WIDTH=24 HEIGHT=15 ALT="">'
|
||
}
|
||
s += '<a href="javascript:top.AddTo(\'' + login + '\')">' + login + '</a>[' + level + ']<a href=/inf.pl?' + id + ' target=_blank><IMG SRC=i/inf.gif WIDTH=12 HEIGHT=11 ALT="Информация о персонаже"></a>';
|
||
document.write(s + '<BR>');
|
||
}
|
||
|
||
function drw(name, id, level, align, klan, img, sex) {
|
||
var s = "";
|
||
if (align != "0") s += "<A HREF='" + getalignurl(align) + "' target=_blank><IMG SRC='i/align_" + align + ".gif' WIDTH=12 HEIGHT=15 ALT=\"" + getalign(align) + "\"></A>";
|
||
if (klan) s += "<A HREF='claninf.php?" + klan + "' target=_blank><IMG SRC='i/klan/" + klan + ".gif' WIDTH=24 HEIGHT=15 ALT=''></A>";
|
||
s += "<B>" + name + "</B>";
|
||
if (level != -1) s += " [" + level + "]";
|
||
if (id != -1 && !img) s += "<A HREF='/inf.php?" + id + "' target='_blank'><IMG SRC=i/inf.gif WIDTH=12 HEIGHT=11 ALT='Инф. о " + name + "'></A>";
|
||
if (img) s += "<A HREF='http://capitalcity.combats.com/encicl/obraz_" + (sex ? "w" : "m") + "1.html?l=" + img + "' target='_blank'><IMG SRC=i/inf.gif WIDTH=12 HEIGHT=11 ALT='Образ " + name + "'></A>";
|
||
return s;
|
||
}
|
||
|
||
function getalign(al) {
|
||
al += "";
|
||
if (al.substring(0, 1) == "3") return ("Темное братство");
|
||
if (al.substring(0, 1) == "2") return ("Хаос");
|
||
if (al.substring(0, 1) == "1") return ("Белое братство");
|
||
if (al == "0.5" || al.substring(0, 1) == "7") return ("Нейтрал");
|
||
return ("");
|
||
}
|
||
|
||
function drwfl(name, id, level, align, klan) {
|
||
var s = "";
|
||
|
||
if (align != "0") s += "<IMG SRC='i/align_" + align + ".gif' WIDTH=12 HEIGHT=15 ALT=\"" + getalign(align) + "\">";
|
||
if (klan) s += "<IMG SRC='i/klan/" + klan + ".gif' WIDTH=24 HEIGHT=15 ALT=''>";
|
||
s += "<B>" + name + "</B> ";
|
||
if (level != -1) s += "[" + level + "]";
|
||
if (id != -1) s += "<A HREF=" + id + "'../inf.php?' target='_blank'><IMG SRC=i/inf.gif WIDTH=12 HEIGHT=11 ALT='Инф. о " + name + "'></A>";
|
||
|
||
document.write(s);
|
||
}
|
||
</script>
|
||
</body>
|
||
</HTML>
|