PageRenderTime 52ms CodeModel.GetById 27ms RepoModel.GetById 1ms app.codeStats 0ms

/complaint.php

https://bitbucket.org/DESURE/dcms
PHP | 94 lines | 69 code | 25 blank | 0 comment | 12 complexity | 2143cb4dc50a3f76405b3b869f600c7b MD5 | raw file
  1. <?php
  2. include_once 'sys/inc/start.php';
  3. $doc = new document(1);
  4. $doc->title = __('?????? ?? ????????????');
  5. $can_write = true;
  6. if (!$user->is_writeable) {
  7. $doc->msg(__('?? ?? ?????? ???????? ??????'), 'write_denied');
  8. if (!empty($_GET['return'])) {
  9. $doc->ret(__('?????????'), for_value($_GET['return']));
  10. }
  11. exit;
  12. }
  13. $ank = new user(@$_GET['id']);
  14. if (!$ank->group || $ank->group > $user->group) {
  15. if (isset($_GET['return'])) {
  16. header('Refresh: 1; url=' . $_GET['return']);
  17. } else {
  18. header('Refresh: 1; url=/');
  19. }
  20. $doc->err(__('???????????? ?? ??????'));
  21. exit;
  22. }
  23. $menu = new menu_code('code'); // ????????? ???? ???????
  24. $doc->title = __('?????? ?? "%s"', $ank->login);
  25. if (isset($_POST['complaint'])) {
  26. $link = !empty($_POST['link']) ? (string) $_POST['link'] : false;
  27. $code = !empty($_POST['code']) ? (string) $_POST['code'] : false;
  28. $comm = text::input_text(@$_POST['comment']);
  29. if (!$link) {
  30. $doc->err(__('?? ??????? ?????? ?? ?????????'));
  31. } elseif (!isset($menu->menu_arr[$code])) {
  32. $doc->err(__('?? ??????? ?????????'));
  33. } elseif (!$comm) {
  34. $doc->err(__('?????????? ????????????????? ??????'));
  35. } elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `complaints` WHERE `id_user` = '$user->id' AND `id_ank` = '$ank->id' AND `link` = '" . my_esc($link) . "' AND `time` > '" . NEW_TIME . "'"), 0))
  36. $doc->err(__('?? ??? ?????????? ??????? ?? ????? ????????????'));
  37. else {
  38. if (isset($_GET['return'])) {
  39. header('Refresh: 1; url=' . $_GET['return']);
  40. }
  41. mysql_query("INSERT INTO `complaints` (`time`, `id_user`, `id_ank`, `link`, `code`, `comment`)
  42. VALUES ('" . TIME . "', '$user->id', '$ank->id', '" . my_esc($link) . "', '" . my_esc($code) . "', '" . my_esc($comm) . "')");
  43. $doc->msg(__('?????? ????? ??????????? ???????????'));
  44. $mess = "????????? [url=/dpanel/user.complaints.php]??????[/url] ?? ???????????? [user]$ank->id[/user] ?? [user]$user->id[/user]";
  45. $admins = groups::getAdmins(2);
  46. foreach ($admins AS $admin) {
  47. $admin->mess($mess);
  48. }
  49. if (!empty($_GET['return'])) {
  50. $doc->ret(__('?????????'), for_value($_GET['return']));
  51. }
  52. exit;
  53. }
  54. }
  55. $link = !empty($_GET['link']) ? $_GET['link'] : (!empty($_POST['link']) ? $_POST['link'] : false);
  56. $smarty = new design();
  57. $smarty->assign('method', 'post');
  58. $smarty->assign('action', '?' . passgen() . '&amp;id=' . $ank->id . (!empty($_GET['return']) ? '&amp;return=' . for_value($_GET['return']) : null));
  59. $elements = array();
  60. $elements[] = array('type' => 'input_text', 'title' => __('??????'), 'br' => 1, 'info' => array('name' => 'link', 'value' => $link));
  61. $elements[] = array('type' => 'select', 'br' => 1, 'title' => __('?????????'), 'info' => array('name' => 'code', 'options' => $menu->options()));
  62. $elements[] = array('type' => 'textarea', 'title' => __('???????????'), 'br' => 1, 'info' => array('name' => 'comment'));
  63. $elements[] = array('type' => 'submit', 'br' => 0, 'info' => array('value' => __('????????????'), 'name' => 'complaint')); // ??????
  64. $smarty->assign('el', $elements);
  65. $smarty->display('input.form.tpl');
  66. if (!empty($_GET['return'])) {
  67. $doc->ret(__('?????????'), for_value($_GET['return']));
  68. }
  69. ?>