<?php
//////////////////////////
// Автор: -=Storm=- //
// Сайт: xwap.nov.ru //
// icq: 4073300 //
//////////////////////////
include "ini.php";
$name = htmlspecialchars($_POST['name'], ENT_QUOTES);
$text = htmlspecialchars($_POST['text'], ENT_QUOTES);
$mob = htmlspecialchars($_SERVER["HTTP_USER_AGENT"], ENT_QUOTES);
$ip = $_SERVER["REMOTE_ADDR"];
$date = date("d.m.y - H.i");
$kod = $_POST['kod'];
$kod2 = $_POST['kod2'];
@$tr = $_POST['tr'];
$b = mysql_query("SELECT * FROM `ban` WHERE `ip`='$ip' LIMIT 1");
$b1 = mysql_query("SELECT * FROM `ban` WHERE `agent`='$mob' LIMIT 1");
$bip = mysql_num_rows($b);
$ba = mysql_num_rows($b1);
$ban = "$bip $ba";
if ($ban == "1 1"){
echo "Ваш браузер забанен.<br/><a href=\"index.php\">Назад</a><br/>";
exit;
}
else;
if ($tr == "1"){
$tr1 = array("a","b","v","g","d","e","yo","zh","z","i","y","k","l","m","n","o","p","r","s","t","u","f","h","c","ch","sh","'","yu","ya");
$tr2 = array("а","б","в","г","д","е","ё","ж","з","и","й","к","л","м","н","о","п","р","с","т","у","ф","х","ц","ч","ш","ь","ю","я",);
$text = str_ireplace($tr1, $tr2,$text);
}
else;
if ($kod !== $kod2){
echo 'Неверно введен проверочный код<br/><a href="index.php?page=add">Назад</a><br/>';
exit;
}
else;
if ($name == ""){
echo "Вы не ввели имя!<br/><a href=\"index.php?page=add\">Назад</a><br/>";
exit;
}
else
if ($text == ""){
echo "Вы не ввели сообщение!<br/><a href=\"index.php?page=add\">Назад</a><br/>";
exit;
}
else
$name = substr ($name, 0, 15);
$p = mysql_query("SELECT * FROM `posts` WHERE `post`='$text' LIMIT 1");
if(mysql_num_rows($p)){
echo 'Такое сообщение уже есть.<br/><a href="index.php?page=add">Назад</a><br/>';
exit;
}
else
$add = mysql_query("INSERT INTO posts (name, post, time, mob, ip) values (\"$name\", \"$text\", \"$date\", \"$mob\", \"$ip\")");
if ($add) header("Location:index.php");
else echo "Ошибка записи";
?>
</body></html>