/complaint.php
PHP | 94 lines | 69 code | 25 blank | 0 comment | 12 complexity | 2143cb4dc50a3f76405b3b869f600c7b MD5 | raw file
- <?php
- include_once 'sys/inc/start.php';
- $doc = new document(1);
- $doc->title = __('?????? ?? ????????????');
- $can_write = true;
- if (!$user->is_writeable) {
- $doc->msg(__('?? ?? ?????? ???????? ??????'), 'write_denied');
- if (!empty($_GET['return'])) {
- $doc->ret(__('?????????'), for_value($_GET['return']));
- }
- exit;
- }
- $ank = new user(@$_GET['id']);
- if (!$ank->group || $ank->group > $user->group) {
- if (isset($_GET['return'])) {
- header('Refresh: 1; url=' . $_GET['return']);
- } else {
- header('Refresh: 1; url=/');
- }
- $doc->err(__('???????????? ?? ??????'));
- exit;
- }
- $menu = new menu_code('code'); // ????????? ???? ???????
- $doc->title = __('?????? ?? "%s"', $ank->login);
- if (isset($_POST['complaint'])) {
- $link = !empty($_POST['link']) ? (string) $_POST['link'] : false;
- $code = !empty($_POST['code']) ? (string) $_POST['code'] : false;
- $comm = text::input_text(@$_POST['comment']);
- if (!$link) {
- $doc->err(__('?? ??????? ?????? ?? ?????????'));
- } elseif (!isset($menu->menu_arr[$code])) {
- $doc->err(__('?? ??????? ?????????'));
- } elseif (!$comm) {
- $doc->err(__('?????????? ????????????????? ??????'));
- } elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `complaints` WHERE `id_user` = '$user->id' AND `id_ank` = '$ank->id' AND `link` = '" . my_esc($link) . "' AND `time` > '" . NEW_TIME . "'"), 0))
- $doc->err(__('?? ??? ?????????? ??????? ?? ????? ????????????'));
- else {
- if (isset($_GET['return'])) {
- header('Refresh: 1; url=' . $_GET['return']);
- }
- mysql_query("INSERT INTO `complaints` (`time`, `id_user`, `id_ank`, `link`, `code`, `comment`)
- VALUES ('" . TIME . "', '$user->id', '$ank->id', '" . my_esc($link) . "', '" . my_esc($code) . "', '" . my_esc($comm) . "')");
- $doc->msg(__('?????? ????? ??????????? ???????????'));
- $mess = "????????? [url=/dpanel/user.complaints.php]??????[/url] ?? ???????????? [user]$ank->id[/user] ?? [user]$user->id[/user]";
- $admins = groups::getAdmins(2);
- foreach ($admins AS $admin) {
- $admin->mess($mess);
- }
- if (!empty($_GET['return'])) {
- $doc->ret(__('?????????'), for_value($_GET['return']));
- }
- exit;
- }
- }
- $link = !empty($_GET['link']) ? $_GET['link'] : (!empty($_POST['link']) ? $_POST['link'] : false);
- $smarty = new design();
- $smarty->assign('method', 'post');
- $smarty->assign('action', '?' . passgen() . '&id=' . $ank->id . (!empty($_GET['return']) ? '&return=' . for_value($_GET['return']) : null));
- $elements = array();
- $elements[] = array('type' => 'input_text', 'title' => __('??????'), 'br' => 1, 'info' => array('name' => 'link', 'value' => $link));
- $elements[] = array('type' => 'select', 'br' => 1, 'title' => __('?????????'), 'info' => array('name' => 'code', 'options' => $menu->options()));
- $elements[] = array('type' => 'textarea', 'title' => __('???????????'), 'br' => 1, 'info' => array('name' => 'comment'));
- $elements[] = array('type' => 'submit', 'br' => 0, 'info' => array('value' => __('????????????'), 'name' => 'complaint')); // ??????
- $smarty->assign('el', $elements);
- $smarty->display('input.form.tpl');
- if (!empty($_GET['return'])) {
- $doc->ret(__('?????????'), for_value($_GET['return']));
- }
- ?>