Просмотр файла modules/forum/add_topic.php

Конкурс дизайнеров на 15000 рублей
СЕРВИС ИНТЕРНЕТ РЕКЛАМЫ
Размер файла: 3.02Kb 
  1. <?php
  2. /**********************************
  3. *	@package: PerfCMS			  *
  4. *	@year: 2012					  *
  5. *	@author: Artas				  *
  6. *	@link: http://perfcms.pp.ua	  *
  7. **********************************/
  8. $locate = 'in_forum';
  9. $cat_id = abs(intval($_GET['cat_id']));
  10. if(!isset($user) || !isset($cat_id)) { header('Location:/'); }
  11. if($db->query("SELECT * FROM `forum_c` WHERE `id` = '". $cat_id ."'")->rowCount() == 0) {
  12. header('Location:/forum/');
  13. }
  14. if(isset($_POST['create']) && $_GET['act'] == 'create') {
  15. if(!empty($_POST['name'])) { $name = substr(input($_POST['name']), 0, 100); } else { $err = 'Name is empty'; }
  16. if(!empty($_POST['text'])) { $text = substr(input($_POST['text']), 0, 6000); } else { $err = 'Message is empty'; }
  17. if(!isset($err)) {
  18. $db->query("INSERT INTO `forum_t`(`name`, `cat_id`, `time_last_post`, `user_last_post`, `attach`, `closed`) VALUES('".$name."','". abs(intval($cat_id)) ."', '". time() ."', '". $user['id'] ."', '0', '0')");
  19. // print_r($db->errorInfo());
  20. $last_id = $db->lastInsertId();
  21. $db->query("INSERT INTO `forum_pt`(`name`, `text`, `time`, `user_id`, `cat_id`, `topic_id`) VALUES('".$name."', '". $text ."', '". time() ."', '". $user['id'] ."', '". abs(intval($cat_id))."', '". $last_id ."')");
  22. $lastPostId = $db->lastInsertId();
  23. $file_dir = ROOT .'/files/forum/';
  24. 		if ($_FILES['file']['tmp_name']) {
  25. 			$patch = pathinfo($_FILES['file']['name']);
  26. 			if (!in_array($patch['extension'], explode(';', $system['files_types']))) { $err = 'File extention not allowed.<br />'; }
  27. 			$name_start = cyrlat($patch['filename']);
  28. 			$name_short = trim($name_start).time();
  29. 			$name_end = mb_convert_encoding($name_short, "UTF-8");
  30. 			$name = $name_end.'.'. $patch['extension'];
  31. 			if (file_exists($file_dir . $name)) { $err = 'This file exists<br />'; }
  32. 			
  33. 			if(!isset($err)) {
  34.         	move_uploaded_file($_FILES['file']['tmp_name'], $file_dir . $name);
  35.         	$db->query("UPDATE `forum_pt` SET `file` = '". input($name) ."', `file_size` = '". $_FILES['file']['size'] ."' WHERE `id` = '".$lastPostId."'");
  36. 			// print_r($db->errorInfo());
  37. 			} else { echo $err; }
  38.  		}
  39. header('Location:/forum/topic'. $last_id);
  40. // print_r($db->errorInfo());
  41. } else { header('Location:/forum/add_topic/'. $cat_id .'/'); }
  42.  
  43. }
  44. $title = $lang->word('create_topic');
  45. require_once(SYS.'/view/header.php');
  46. $tpl->div('title', $lang->word('create_topic'));
  47. echo '<form action="/forum/add_topic/'. $cat_id .'/?act=create" method="post" enctype="multipart/form-data">
  48. 		<div class="menu">
  49. 			<b>'. $lang->word('name') .'</b>:<br/>
  50. 			<input name="name" type="text" /><br/>
  51. 			<b>'. $lang->word('message') .'</b>:<br/>
  52. 			<textarea name="text" rows="5" cols="26"></textarea><br/>
  53. 			<b>'.$lang->word('add_file').'</b><br/>
  54. 			<input type="file" name="file"><br/>
  55. 			<input name="create" type="submit" value="'. $lang->word('create') .'" /><br/>
  56. 		</div>
  57. 		</form>';
  58. 		
  59. $tpl->div('block', NAV .'<a href="/forum/">'. $lang->word('forum') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
  60. require_once(SYS.'/view/footer.php');
  61. ?>