Просмотр файла rf.php

Размер файла: 2.39Kb 
<?php
include 'inc/db.php';
include 'inc/1.php';
if (!$_GET['id'])header("Location: /forum.php");
$id=intval($_GET['id']);
$a=mysql_query("SELECT * FROM `forum` WHERE `razdel` = '$id' ORDER BY `id` DESC");
$qqq=mysql_query("SELECT `id` FROM `forum_t` WHERE `id` = '$id' ORDER BY `id` DESC");
if (mysql_num_rows($qqq)==0){
header("Location: /forum.php");
exit;
}
if ($_GET['edit'] && ($user['admin']==1)){
if (!$_POST['eok']){
$n=mysql_query("SELECT * FROM `forum_t` WHERE `id` = '$id'");
$e=mysql_fetch_assoc($n);
echo "<form action='?edit=1&id=$id' method='POST'>Имя:<br><input type='text' name='ename' value='".htmlspecialchars($e['name'])."'><br>Описание:<br><textarea name='emsg'>".htmlspecialchars($e['opis'])."</textarea><br><input type='submit' name='eok' value='Изменить'></form>";
include_once 'inc/foot.php';
exit;
}
elseif ($_POST['eok'] && $_POST['ename'])
{
$name=mysql_escape_string($_POST['ename']);
$msg=mysql_escape_string($_POST['emsg']);
mysql_query("UPDATE `forum_t` SET `name` = '$name', `opis` = '$msg' WHERE `id` = '$id'");
echo "<div class='msg'>Изменено</div>";
}
}
if ($user)echo "<div class='input'><img src='icon/new_theme.gif'> <a href='newf.php?id=$id'>Новая тема</a></div>";
if ($user['admin']==1)msg("<a href='?id=$id&edit=1'>Изменить раздел</a>");
if (mysql_num_rows($a)==0)msg("Тем нет!");
$a=mysql_query("SELECT * FROM `forum` WHERE `razdel` = '$id' AND `up` = '1' ORDER BY `id` DESC");
$b=1;
while ($f=mysql_fetch_assoc($a)){
$o=($b%2);
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[user]'"));
echo "<div class='p$o'><img src='icon/razdel.gif'> <a href='theme.php?id=$f[id]'><b>".htmlspecialchars($f['name'])."</b></a><br>$ank[name] (".vremja($f['time']).")</div>";
$b++;
}
$a=mysql_query("SELECT * FROM `forum` WHERE `razdel` = '$id' AND `up` <> '1' ORDER BY `id` DESC");
$b=1;
while ($f=mysql_fetch_assoc($a)){
$o=($b%2);
$ank=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$f[user]'"));
echo "<div class='p$o'># <a href='theme.php?id=$f[id]'>".htmlspecialchars($f['name'])."</a><br>$ank[name] (".vremja($f['time']).")</div>";
$b++;
}
$rf=mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_t` WHERE `id` = '$id'"));
echo "<div class='input'><img src='icon/back.gif'> <a href='razdel.php?id=$rf[razdel]'>Назад</a></div>";
include_once 'inc/foot.php';
?>