<? $page_name="Форум"; $dir='../'; include("../include/1.php"); require "../include/avto.php";
if(!isset($_SESSION['user_id']))exit("<b>CMS by SHuRiK error:</b> вы не авторизированы!");
if(!isset($_POST['text']) or $_POST['text']=='')exit("<b>CMS by SHuRiK error:</b> поле не заполнено!");
else {
$text=$_POST['text']; $text=code($text);$text=smile($text);
$tema=$_POST['tema'];
$date=date("Y.m.d - H:i");
$avtor1=mysql_fetch_array(mysql_query("select * from `shurik_users` where id=$_SESSION[user_id]")); $avtor=$avtor1['login'];
@session_start();
$time_sec=45;
if (@$_SESSION['f_post_spam']<time())
{
$_SESSION['f_post_spam']=time()+$time_sec;
$add_post=mysql_query("insert into `shurik_f_post` set text='$text', tema='$tema', date='$date', avtor='$avtor'");
}
else echo 'Разрешается добавлять собщения раз в '.$time_sec.' секунд! Не части!<br>';
if(isset($add_post) and $add_post){
echo "Сообщение успешно добавлено<br><a href=tema.php?id=$tema>В тему</a>";
$cat=$_POST['cat']; $cat2=mysql_fetch_array(mysql_query("select * from `shurik_f_cat` where id='$cat'"));
mysql_query("update `shurik_f_cat` set post=$cat2[post]+1 where id='$cat'");
$time=time(); mysql_query("update `shurik_f_tem` set time=$time where id='$tema'");
$newpost=$avtor1['forum']+1;$newball=$avtor1['ball']+1; $newsh=$me['sh']+2;
mysql_query("update `shurik_users` set ball=$newball, forum='$newpost', `sh`='$newsh' where login='$avtor'");}
else echo "Ошибка<br>".mysql_error();
}
include("../include/2.php"); ?>