<?php
include ("../head.php");
include ("../tools.php");
$forum=hacker($_GET["forum"]);
$add=hacker($_GET["add"]);
$zag=hacker($_POST["zag"]);
$mesg=hacker($_POST["mesg"]);
$tr=hacker($_POST["tr"]);
$tr=htmlspecialchars(stripslashes(trim($tr)));
$zag=htmlspecialchars(stripslashes(trim($zag)));
$forum=htmlspecialchars(stripslashes(trim($forum)));
$user=htmlspecialchars(stripslashes(trim($user)));
$mesg=htmlspecialchars(stripslashes(trim($mesg)));
$pass=htmlspecialchars(stripslashes(trim($pass)));
$tr=htmlspecialchars(stripslashes(trim($tr)));
function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
return $str;
}
$news = mysql_query("select * from `forum` where type='forum' and idforum='".$forum."';");
$massivnews = mysql_fetch_array($news);
$nme = mysql_num_rows($news);
if ($nme!=1){
$forum="0";
$tema="0"; }
else
{
if (empty($add))
{ if (empty($_SESSION['login']))
{ }
else
{ echo "<div class='contur_rek'>
<div class='header_rek'><div style='text-align:center'><big><b>Новая тема!</b></big></div></div></div>";
echo "<div style='text-align:center'><form action='newtem.php?add=1&forum=$forum' method='post'>Название:<br/>
<input name='zag' type='text' title='Название' value='' maxlength='64'/><br/>Содержание:<br/>
<textarea rows='5' name='mesg'></textarea><br/>
<input type='checkbox' name='tr' value='1' /> Транслит сообщения
<input type='hidden' name='session_id' value='".session_id()."'/>
<br/><input type='submit' value='Добавить'/>
</form></div>
";
}
}
if ($add==1)
{if (empty($mesg) or empty($zag) or empty($_SESSION['login']))
{echo "<div style='text-align:center'>Не введено сообщение или заголовок<br/><a href='newtem.php?forum=1'>Назад</a></div>";
} else
{
if ($_POST[tr]==1)
{
$mesg = tr_to_win($mesg);
$zag = tr_to_win($zag);
}
$flud = mysql_query("select * from `forum` where type='tema' order by time desc;");
$flud1 = mysql_fetch_array($flud);
if (trim($flud1['text'])==trim($zag))
{
echo "<div style='text-align:center'>Повтор темы!</div>";
}
else
{
$countforum = mysql_query("select * from `forum` where type='tema';");
$id = mysql_num_rows($countforum);
$zav = mysql_query("select * from `forum` where type='forum' and idforum='$forum';");
$realtime=time()+$sdvigclock*3600;
$massiv = mysql_fetch_array($zav);
mysql_query("insert into `forum` values(0,'$forum','$id','0','tema','$massiv[zavis]','$zag','".getenv(REMOTE_ADDR)."','".$_SESSION['login']."','".time()."', '');");
mysql_query("insert into `forum` values(0,'$forum','$id','0','mess','$massiv[zavis]','$mesg','".getenv(REMOTE_ADDR)."','".$_SESSION['login']."','".time()."', '');");
$user = mysql_query("select * from `users` where name='".$_SESSION['login']."';");
$arr = mysql_fetch_array($user);
$mess = $arr['postforum']+1;
mysql_query("update `users` set postforum='".$mess."' where name='".$_SESSION['login']."';");
echo "<div style='text-align:center'>Тема добавлена. <br/>
</div>
";
}
}
}
}
echo "<div style='text-align:center'>
<a href='forum.php?forum=".$forum."'>Разделы</a></div>
";
require ("../foot.php");
?>