PageRenderTime 87ms CodeModel.GetById 8ms RepoModel.GetById 1ms app.codeStats 0ms

/Quản lý website đọc truyện online PHP/users/includes/album/show.php

https://gitlab.com/phamngsinh/baitaplon_sinhvien
PHP | 161 lines | 118 code | 6 blank | 37 comment | 43 complexity | 0748e541c5896fb394f18e1344ae8911 MD5 | raw file
  1. <?php
  2. /**
  3. * @package JohnCMS
  4. * @link http://johncms.com
  5. * @copyright Copyright (C) 2008-2011 JohnCMS Community
  6. * @license LICENSE.txt (see attached file)
  7. * @version VERSION.txt (see attached file)
  8. * @author http://johncms.com/about
  9. */
  10. defined('_IN_JOHNCMS') or die('Error: restricted access');
  11. require('../incfiles/head.php');
  12. if (!$al) {
  13. echo functions::display_error($lng['error_wrong_data']);
  14. require('../incfiles/end.php');
  15. exit;
  16. }
  17. $req = mysql_query("SELECT * FROM `cms_album_cat` where `website` = '$website' AND `id` = '$al'");
  18. if (!mysql_num_rows($req)) {
  19. echo functions::display_error($lng['error_wrong_data']);
  20. require('../incfiles/end.php');
  21. exit;
  22. }
  23. $album = mysql_fetch_assoc($req);
  24. $view = isset($_GET['view']);
  25. /*
  26. -----------------------------------------------------------------
  27. Показываем выбранный альбом с фотографиями
  28. -----------------------------------------------------------------
  29. */
  30. echo '<div class="phdr"><a href="album.php"><b>' . $lng['photo_albums'] . '</b></a> | <a href="album.php?act=list&amp;user=' . $user['id'] . '">' . $lng['personal_2'] . '</a></div>';
  31. if ($user['id'] == $user_id || $rights >= 7)
  32. echo '<div class="topmenu"><a href="album.php?act=image_upload&amp;al=' . $al . '&amp;user=' . $user['id'] . '">' . $lng_profile['image_add'] . '</a></div>';
  33. echo '<div class="user"><p>' . functions::display_user($user, array ('iphide' => 1,)) . '</p></div>' .
  34. '<div class="phdr">' . $lng_profile['album'] . ': ';
  35. echo $view ? '<a href="album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . '"><b>' . functions::checkout($album['name']) . '</b></a>' : '<b>' . functions::checkout($album['name']) . '</b>';
  36. echo '<br />' . functions::checkout($album['description'], 1) . '</div>';
  37. /*
  38. -----------------------------------------------------------------
  39. Проверяем права доступа к альбому
  40. -----------------------------------------------------------------
  41. */
  42. if ($album['access'] != 2)
  43. unset($_SESSION['ap']);
  44. if ($album['access'] == 1 && $user['id'] != $user_id && $rights < 6) {
  45. // Если доступ закрыт
  46. echo functions::display_error($lng['access_forbidden']) .
  47. '<div class="phdr"><a href="album.php?act=list&amp;user=' . $user['id'] . '">' . $lng_profile['album_list'] . '</a></div>';
  48. require('../incfiles/end.php');
  49. exit;
  50. } elseif ($album['access'] == 2 && $user['id'] != $user_id && $rights < 6) {
  51. // Если доступ через пароль
  52. if (isset($_POST['password'])) {
  53. if ($album['password'] == trim($_POST['password']))
  54. $_SESSION['ap'] = $album['password'];
  55. else
  56. echo functions::display_error($lng['error_wrong_password']);
  57. }
  58. if (!isset($_SESSION['ap']) || $_SESSION['ap'] != $album['password']) {
  59. echo '<form action="album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . '" method="post"><div class="menu"><p>';
  60. echo $lng_profile['album_password'] . '<br />';
  61. echo '<input type="text" name="password"/></p>';
  62. echo '<p><input type="submit" name="submit" value="' . $lng['login'] . '"/></p>';
  63. echo '</div></form>';
  64. echo '<div class="phdr"><a href="album.php?act=list&amp;user=' . $user['id'] . '">' . $lng_profile['album_list'] . '</a></div>';
  65. require('../incfiles/end.php');
  66. exit;
  67. }
  68. }
  69. /*
  70. -----------------------------------------------------------------
  71. Просмотр альбома и фотографий
  72. -----------------------------------------------------------------
  73. */
  74. if ($view) {
  75. $kmess = 1;
  76. $start = isset($_REQUEST['page']) ? $page - 1 : (mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_files` where `website` = '$website' AND `album_id` = '$al' AND `id` > '$img'"), 0));
  77. // Обрабатываем ссылку для возврата
  78. if (empty($_SESSION['ref']))
  79. $_SESSION['ref'] = htmlspecialchars($_SERVER['HTTP_REFERER']);
  80. } else {
  81. unset($_SESSION['ref']);
  82. }
  83. $total = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_files` where `website` = '$website' AND `album_id` = '$al'"), 0);
  84. if ($total > $kmess)
  85. echo '<div class="topmenu">' . functions::display_pagination('album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . '&amp;' . ($view ? 'view&amp;' : ''), $start, $total, $kmess) . '</div>';
  86. if ($total) {
  87. $req = mysql_query("SELECT * FROM `cms_album_files` where `website` = '$website' AND `user_id` = '" . $user['id'] . "' AND `album_id` = '$al' ORDER BY `id` DESC LIMIT $start, $kmess");
  88. $i = 0;
  89. while (($res = mysql_fetch_assoc($req)) !== false) {
  90. echo ($i % 2 ? '<div class="list2">' : '<div class="list1">');
  91. if ($view) {
  92. /*
  93. -----------------------------------------------------------------
  94. Предпросмотр отдельного изображения
  95. -----------------------------------------------------------------
  96. */
  97. if($user['id'] == $user_id && isset($_GET['profile'])) {
  98. copy(
  99. '../files/users/album/' . $user['id'] . '/' . $res['tmb_name'],
  100. '../files/users/photo/' . $user_id . '_small.jpg'
  101. );
  102. copy(
  103. '../files/users/album/' . $user['id'] . '/' . $res['img_name'],
  104. '../files/users/photo/' . $user_id . '.jpg'
  105. );
  106. echo '<span class="green"><b>' . $lng_profile['photo_profile_ok'] . '</b></span><br />';
  107. }
  108. echo '<a href="' . $_SESSION['ref'] . '"><img src="image.php?u=' . $user['id'] . '&amp;f=' . $res['img_name'] . '" /></a>';
  109. // Счетчик просмотров
  110. if (!mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_views` where `website` = '$website' AND `user_id` = '$user_id' AND `file_id` = '" . $res['id'] . "'"), 0)) {
  111. mysql_query("INSERT INTO `cms_album_views` SET `user_id` = '$user_id', `file_id` = '" . $res['id'] . "', `time` = '" . time() . "', `website` = '$website'");
  112. $views = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_album_views` where `website` = '$website' AND `file_id` = '" . $res['id'] . "'"), 0);
  113. mysql_query("UPDATE `cms_album_files` SET `views` = '$views' where `website` = '$website' AND `id` = '" . $res['id'] . "'");
  114. }
  115. } else {
  116. /*
  117. -----------------------------------------------------------------
  118. Предпросмотр изображения в списке
  119. -----------------------------------------------------------------
  120. */
  121. echo '<a href="album.php?act=show&amp;al=' . $al . '&amp;img=' . $res['id'] . '&amp;user=' . $user['id'] . '&amp;view"><img src="../files/users/album/' . $user['id'] . '/' . $res['tmb_name'] . '" /></a>';
  122. }
  123. if (!empty($res['description']))
  124. echo '<div class="gray">' . functions::smileys(functions::checkout($res['description'], 1)) . '</div>';
  125. echo '<div class="sub">';
  126. if ($user['id'] == $user_id || core::$user_rights >= 6) {
  127. echo functions::display_menu(array (
  128. '<a href="album.php?act=image_edit&amp;img=' . $res['id'] . '&amp;user=' . $user['id'] . '">' . $lng['edit'] . '</a>',
  129. '<a href="album.php?act=image_move&amp;img=' . $res['id'] . '&amp;user=' . $user['id'] . '">' . $lng['move'] . '</a>',
  130. '<a href="album.php?act=image_delete&amp;img=' . $res['id'] . '&amp;user=' . $user['id'] . '">' . $lng['delete'] . '</a>'
  131. ));
  132. if($user['id'] == $user_id && $view)
  133. echo ' | <a href="album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . '&amp;view&amp;img=' . $res['id'] . '&amp;profile">' . $lng_profile['photo_profile'] . '</a>';
  134. }
  135. echo vote_photo($res) .
  136. '<div class="gray">' . $lng['count_views'] . ': ' . $res['views'] . ', ' . $lng['count_downloads'] . ': ' . $res['downloads'] . '</div>' .
  137. '<div class="gray">' . $lng['date'] . ': ' . functions::display_date($res['time']) . '</div>' .
  138. '<a href="album.php?act=comments&amp;img=' . $res['id'] . '">' . $lng['comments'] . '</a> (' . $res['comm_count'] . ')<br />' .
  139. '<a href="album.php?act=image_download&amp;img=' . $res['id'] . '">' . $lng['download'] . '</a>' .
  140. '</div></div>';
  141. ++$i;
  142. }
  143. } else {
  144. echo '<div class="menu"><p>' . $lng['list_empty'] . '</p></div>';
  145. }
  146. echo '<div class="phdr">' . $lng['total'] . ': ' . $total . '</div>';
  147. if ($total > $kmess) {
  148. echo '<div class="topmenu">' . functions::display_pagination('album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . '&amp;' . ($view ? 'view&amp;' : ''), $start, $total, $kmess) . '</div>' .
  149. '<p><form action="album.php?act=show&amp;al=' . $al . '&amp;user=' . $user['id'] . ($view ? '&amp;view' : '') . '" method="post">' .
  150. '<input type="text" name="page" size="2"/>' .
  151. '<input type="submit" value="' . $lng['to_page'] . ' &gt;&gt;"/>' .
  152. '</form></p>';
  153. }
  154. echo '<p><a href="album.php?act=list&amp;user=' . $user['id'] . '">' . $lng_profile['album_list'] . '</a></p>';
  155. ?>