Размер файла: 3.42Kb
<?php
/**********************************
* @package: PerfCMS *
* @year: 2012 *
* @author: Artas *
* @link: http://perfcms.ru *
**********************************/
$locate = 'in_forum';
$topic_id = abs(intval($_GET['topic_id']));
if(!isset($user) || !isset($topic_id)) { header('Location:/'); }
if($db->query("SELECT * FROM `forum_t` WHERE `id` = '". $topic_id ."'")->rowCount() == 0) {
header('Location:/forum/');
}
if(isset($_POST['create']) && $_GET['act'] == 'create') {
if(!empty($_POST['text'])) { $text = substr(input($_POST['text']), 0, 3500);} else { $err = 'Message is empty'; }
if(!empty($_POST['text'])) {
$db->query("INSERT INTO `forum_pt` SET `text` = '".$text."', `time` = '". time() ."', `user_id` = '".$user['id']."', `topic_id` = '".$topic_id."'");
$lastPostId = $db->lastInsertId();
$db->query("UPDATE `forum_t` SET `time_last_post` = '". time() ."', `user_last_post` = '". $user['id'] ."' WHERE `id` = '".$topic_id."'");
$file_dir = ROOT .'/files/forum/';
if (isset($_FILES['file']) && $_FILES['file']['tmp_name']) {
$patch = pathinfo($_FILES['file']['name']);
if (!in_array($patch['extension'], explode(';', $system['files_types']))) { $err = 'File extention not allowed.<br />'; }
$name_start = cyrlat($patch['filename']);
$name_short = trim($name_start).time();
$name_end = mb_convert_encoding($name_short, "UTF-8");
$name = $name_end.'.'. $patch['extension'];
if (file_exists($file_dir . $name)) { $err = 'This file exists<br />'; }
if(!isset($err)) {
move_uploaded_file($_FILES['file']['tmp_name'], $file_dir . $name);
$db->query("UPDATE `forum_pt` SET `file` = '". input($name) ."', `file_size` = '". $_FILES['file']['size'] ."' WHERE `id` = '".$lastPostId."'");
// print_r($db->errorInfo());
} else { echo $err; }
}
// print_r($db->errorInfo());
header('Location:/forum/topic'. abs(intval($topic_id)).'/?page=end');
// print_r($db->errorInfo());
} else { header('Location:/forum/topic'. abs(intval($topic_id)).'/?page=end'); }
}
$title = $lang->word('add_message');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('add_message'));
$tpl->div('menu', '<form action="/forum/add_post/'. $topic_id .'/?act=create" method="post" enctype="multipart/form-data">
<b>'. $lang->word('message') .'</b>:<br/>
<textarea name="text" rows="5" cols="26">'.(isset($_GET['reply_to']) ? '[b]'.$_GET['reply_to'].'[/b], ' : NULL) . (isset($_GET['quote']) ? "[b]".tnick($db->query("SELECT user_id FROM `forum_pt` WHERE `topic_id` = '". $topic_id ."' AND `id` = '". $_GET['quote'] ."'")->fetchColumn())."[/b] ".date('d.m.Y, H:i', $db->query("SELECT time FROM `forum_pt` WHERE `topic_id` = '". $topic_id ."' AND `id` = '". $_GET['quote'] ."'")->fetchColumn())."\n[quote]\n".preg_replace("/\[quote\]|\[\/quote\]/i", '', $db->query("SELECT text FROM `forum_pt` WHERE `topic_id` = '". $topic_id ."' AND `id` = '". abs(intval($_GET['quote'])) ."'")->fetchColumn())."\n[/quote] " : NULL) .'</textarea><br/>
<b>'.$lang->word('add_file').'</b><br/>
<input type="file" name="file"><br/>
<input name="create" type="submit" value="'. $lang->word('create') .'" /><br/>
</form>');
$tpl->div('block', NAV .'<a href="/forum/topic'.$topic_id.'/">'. $lang->word('back') .'</a><br/>' . NAV .'<a href="/forum/">'. $lang->word('forum') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
require_once(SYS.'/view/footer.php');
?>