Просмотр файла adm/addbook.php

Размер файла: 1.49Kb
  1. <?php
  2. include_once "../config.php";
  3. include_once "../inc/inc.php";
  4. include_once "../inc/func.php";
  5. include_once "../inc/user.php";
  6. if ($dostup != '1') {
  7. echo "ПАШШШШШШШОЛНАХУЙ";
  8. include_once "../themes/$theme/foot.php";
  9. exit;
  10. } else {
  11. if ($kto == 'user') {
  12. $login = htmlspecialchars(stripslashes($login));
  13. $msg = htmlspecialchars(stripslashes($msg));
  14. if (strlen($msg) <= 2) {
  15. header("Location: book.php");
  16. exit;
  17. }
  18. if (strlen($msg) >= 1025) {
  19. header("Location: book.php");
  20. exit;
  21. }
  22. $vsego = mysql_num_rows(mysql_query("SELECT * FROM " . $pref . "book"));
  23. $zapros2 = 'INSERT INTO ' . $pref . 'book (id_user, data, vrem, dataunix, login, msg, otvet, brow, ip) VALUES (' . (int)$usdata['id'] . ', "' . data() . '", "' . vrem() . '", ' . time() . ', "' . $login . '", "' . $msg . '", " ", "' . brow() . '", "' . ip() . '");';
  24. mysql_query($zapros2);
  25.  
  26. $query = "SELECT * FROM " . $pref . "book ORDER BY id DESC";
  27. $result = mysql_query($query);
  28. $i = 1;
  29. while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
  30. if ($i > $maxbook) {
  31. $zapros = 'DELETE FROM ' . $pref . 'book WHERE id=\'' . $line['id'] . '\'';
  32. mysql_query($zaoros);
  33. }
  34. $i++;
  35. }
  36. header("Location: book.php");
  37. } else {
  38. header("Location: book.php");
  39. }
  40. }
  41.  
  42. ?>