Просмотр файла waplend/forum/editmessage.php

Размер файла: 2.99Kb
<?php 
include ("../head.php");
include ("../tools.php");
	$add=$_GET["add"];
	$forum=hacker($_GET["forum"]);
	$forum=htmlspecialchars(stripslashes(trim($forum)));
    $tema=hacker($_GET["tema"]);
    $tema=htmlspecialchars(stripslashes(trim($tema)));
	$tr=hacker($_POST["tr"]);
    $mesg=$_POST["mesg"];
     $mesg=strtr($mesg,array("`"=>" ","#"=>" "));
    $mesg=htmlspecialchars(stripslashes(trim($mesg)));
    
    $act=hacker($_GET['act']);
    $id=hacker($_GET['id']);
        $page=hacker($_GET['page']);
      
      if ($page<=0)
      {$page=1;}
$realtime=time()+$sdvigclock*3600;
function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
 return $str;
}

if (empty($add))
{ $user = mysql_query("select * from `forum` where author='".$_SESSION['login']."' and id=".intval($id)." and type='mess';");
$arr = mysql_fetch_array($user);

	 if (!empty($_SESSION['login']))
	 {
	 	 if (intval($arr['time']+300)>time())
	{
	 	 echo "<div class='contur_rek'>
<div class='header_rek'><div style='text-align:center'><b>Редактирование сообщения!</b></div></div></div>";
echo "<div><form action='editmessage.php?add=1&amp;id=".$id."&amp;forum=".$forum."&amp;tema=".$tema."&amp;page=".$page."' method='post'>
	Сообщение:<br/>
		<textarea rows='3' name='mesg'>$arr[text]</textarea>
<br/>
        <input type='checkbox' name='tr' value='1' /> Транслит сообщения
        <input type='hidden' name='session_id' value='".session_id()."'/> 
	<br/><input type='submit' value='Редактировать'/>
</form>
</div>
";
		 }
	 }
}

if ($add==1)
{ if (empty($mesg))
	{echo "<div>Не введено сообщение. Удалять нельзя!<br/><a href='post.php?forum=".$forum."&amp;tema=".$tema."&amp;page=".$page."'>Назад</a></div>";
		} else
	{	 
 if ($_POST['tr']==1)
          {
         $mesg = tr_to_win($mesg);
		  }
		mysql_query("update `forum` set `text`='".$mesg."', `timered`='".time()."' where `author`='".$_SESSION['login']."' and `id`='".$id."';");
echo "<div>Ваше сообщение успешно обновлено!</div>";
		     }

}
echo "<div>
<a href='tema.php?forum=".$forum."&amp;tema=".$tema."&amp;page=".$page."'>В тему</a>
	<br/>	<a href='forum.php?forum=".$forum."'>Форумы</a></div>
";
require ("../foot.php");
	?>