Просмотр файла forum/add_t.php

Размер файла: 4.61Kb
<?
include_once "../SYSTEM/include/functions.php";
include_once "../SYSTEM/include/mysql.php";
include_once "../SYSTEM/include/param.php";
include_once "../SYSTEM/include/ban.php";
include_once "../SYSTEM/include/sess.php";
include_once "../SYSTEM/include/ban_2.php";
include_once "../SYSTEM/include/theme.php";
$title='Новая тема';
$mesto='Создает тему в форуме';
head();


if (!isset($_GET['id_razd']) || !isset($_GET['id_forum']))
{
header ("Location: index.php?".SID."&");

exit;
}

$id_forum=intval($_GET['id_forum']);
$id_razd=intval($_GET['id_razd']);


$q = mysql_query("SELECT * FROM `$mysql[pref]forum_f` WHERE `id` = '$id_forum';");
if(mysql_num_rows($q) != 0)
{
$forum = mysql_fetch_array($q);
}
else
{
header ("Location: index.php?".SID."&");

exit;
}


$q = mysql_query("SELECT * FROM `$mysql[pref]forum_r` WHERE `id_f` = '$id_forum' AND `id` = '$id_razd';");
if(mysql_num_rows($q) != 0)
{
$razd = mysql_fetch_array($q);
}
else
{
header ("Location: index.php?".SID."&id_forum=$id_forum");

exit;
}

if (!isset($user))
{
echo "Прежде чем создать тему вам сначала необходимо <a href=\"../vhod.php\">войти</a> под своим ником<br />\n";
foot();
}

if ($user['forum_t_c']>$time-600 && $user['level']==0)
{

echo "<div class=\"h\">ВНИМАНИЕ</div><br />\n";

echo "Время между созданием новых тем должно быль более 10 минут<br />\n";
echo "<br /><div class=\"lmenug\">";
echo "<a href=\"index.php?id_forum=$id_forum&amp;id_razd=$id_razd\">В раздел</a>\n";
echo "<br /><a href=\"../index.php\">На главную</a></div>\n";


foot();
}



if (isset($_GET['act']) && $_GET['act']=='add' && isset($_POST['name']) && isset($_POST['msg']))
{
$name=mysql_escape_string($_POST['name']);
$name=stripslashes(htmlspecialchars($name));
$name=trim($name);
$name = iconv('utf-8', 'windows-1251', $name);
$name=substr($name, 0, 32);
if (strlen($name)<3){header("Location: add_t.php?err=name1&id_forum=$id_forum&id_razd=$id_razd");exit;}
$name = iconv('windows-1251', 'utf-8', $name);
//if (ereg("\{|\}|\(|\)|\^|\%|\\$|#|!|\~|'|\"|:|;|`|\?",$name)){header("Location: add_t.php?err=name&id_forum=$id_forum&id_razd=$id_razd");exit;}


$msg=$_POST['msg'];
$msg = iconv('utf-8', 'windows-1251', $msg);
$msg=substr($msg, 0, 512);
$msg = iconv('windows-1251', 'utf-8', $msg);

$msg=stripcslashes(htmlspecialchars($msg));
$msg=str_replace("\r\n","<br />",$msg);
$msg=str_replace("\r","<br />",$msg);
$msg=str_replace("\n","<br />",$msg);





if (isset($_POST['tr']))
{
$name=translit($name);

$msg=translit($msg);

}



$id=rand(1,999999999);

$admmess="<a href=\"forum/index.php?id_forum=$id_forum&amp;id_razd=$id_razd&amp;id_them=$id&amp;page=end\">Мат в форуме</a>";

$msg=testmat($msg,$admmess);

$name_t=$name;

mysql_query("INSERT INTO `$mysql[pref]forum_t` (id, name, t_create, time_last, autor, id_r, id_us, id_f, crep)

values('$id', '$name_t', '$time', '$time', '$user[nickname]', '$id_razd', '$user[id]', '$id_forum', '1')");


$ua_p=$ua;

$ip_p=$ip;


$msg_t=$msg;


$user['forum_k_th']++;


mysql_query("UPDATE `$mysql[pref]users` SET `forum_t_c` = '$time', `forum_k_th` = '$user[forum_k_th]' WHERE `id` = '".$user['id']."';");

mysql_query("INSERT INTO `$mysql[pref]forum_p` (id_f, id_r, id_t, nick, time, msg, ip, ua, id_us)

values('$id_forum', '$id_razd', '$id', '$user[nickname]', '$time', '$msg_t', '$ip_p', '$ua_p', '$user[id]')");

ball_add();

header("Location: index.php?".SID."&id_forum=$id_forum&id_razd=$id_razd&id_them=$id");

exit;

}


echo "<div class=\"h\"><b>Добавить тему</b></div><hr />\n";


if ($mail_in_new>0)echo "<div class=\"privat\"><img src=\"../SYSTEM/themes/$them/img/mail0.gif\" alt=\"\" /> <a href=\"../mail.php?act=in\">Приват</a> [$mail_in_new]</div><hr />\n";


echo "<form method=\"post\" action=\"add_t.php?act=add&amp;id_forum=$id_forum&amp;id_razd=$id_razd\">\n";

echo "Название темы:<br />\n<input name=\"name\" class=\"form\" value=\"\" type=\"text\" /><br />\n";

echo "Сообщение:<br />\n<textarea name=\"msg\" class=\"form\" rows=\"3\"></textarea><br />\n";

echo "<input type=\"checkbox\" name=\"tr\" value=\"1\" /> Транслит<br />\n";

echo "<input value=\"Добавить\" class=\"form\" type=\"submit\" />\n";

echo "</form>\n";

echo "<br />\n";


echo "<a href=\"index.php?id_forum=$id_forum&amp;id_razd=$id_razd\">В раздел</a>\n";

echo "<br /><a href=\"../index.php\">На главную</a>\n";


foot();

?>