View file forum/post.php

File size: 3.68Kb
<?php 
	 include ("../head.php");
     include ("../tools.php"); 
	$add=$_GET["add"];
	$tr=hacker($_POST["tr"]);
	$forum=hacker($_GET["forum"]);
	$forum=htmlspecialchars(stripslashes(trim($forum)));
    $tema=hacker($_GET["tema"]);
    $tema=htmlspecialchars(stripslashes(trim($tema)));
    $add=htmlspecialchars(stripslashes(trim($add)));
     $mesg=$_POST["mesg"];
     $mesg=strtr($mesg,array("`"=>" ","#"=>" "));
     $mesg=htmlspecialchars(stripslashes(trim($mesg)));
     $act=hacker($act);

$kolimages=$kmess;

  $news = mysql_query("select * from `forum` where `type`='tema' and `idtema`='".$tema."' and `idforum`='".$forum."';");
  $massivnews = mysql_fetch_array($news);
  $nme = mysql_num_rows($news);
    if ($nme!=1){
    $forum="0";
    $tema="0";    }
    else 
    {


function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
 return $str;
}

if (empty($add))
{
	 if (empty($_SESSION['login']))
	 {} else 
	 	 {
echo "<div class='contur_rek'>
<div class='header_rek'><div style='text-align:center'><b>Ваш ответ!</b></div></div></div><div><form action='post.php?add=1&amp;forum=$forum&amp;tema=$tema' method='post'>
	Сообщение:<br/>
		<textarea rows='5' name='mesg'></textarea>
<br/>
        <input type='checkbox' name='tr' value='1' /> Транслит сообщения
        <input type='hidden' name='session_id' value='".session_id()."'/> 
	<br/><input type='submit' value='Добавить'/>
</form>
</div>
";
		 }
}

if ($add==1)
{ if (empty($mesg) or empty($_SESSION['login']))
	{echo "<div>Не введено сообщение<br/><a href='post.php?forum=".$forum."&amp;tema=".$tema."'>Назад</a></div>";
		} else
	{	 $user=$_SESSION['login'];
	 	 
 if ($_POST['tr']==1)
          {
         $mesg = tr_to_win($mesg);
		  }
		  $realtime=time()+$sdvigclock*3600;
		  $prov=mysql_query("select * from `forum` where `type`='mess' and `idtema`='".$tema."' and `idforum`='".$forum."' and `text`='".$mesg."' and `time`>'".intval(time()-10)."'");
		  if (mysql_affected_rows()=="0")
		  {
		  if(mysql_query("insert into `forum` values(0,'".$forum."','".$tema."','0','mess','','".$mesg."','".getenv(REMOTE_ADDR)."','".$user."','".$realtime."','');"))
		  	  {
		  		$user = mysql_query("select * from `users` where name='".$_SESSION['login']."';");
		$arr = mysql_fetch_array($user);
		$mess = $arr['postforum']+1;
		mysql_query("update `users` set postforum='".$mess."' where name='".$_SESSION['login']."';");
echo "Ваше сообщение успешно добавлено в тему!<br/>";
    	$q = mysql_query("select * from `forum` where type='mess' and idforum='".intval($forum)."' and idtema='".intval($tema)."';");
    	$count = mysql_num_rows($q);
    		header ("Location: tema.php?forum=$forum&tema=$tema&page=".ceil($count/$kolimages)."");
    		  }
    		}
		     }

}
	}
echo "<div>&#8594; <a href='tema.php?forum=".$forum."&amp;tema=".$tema."&amp;page=".intval($_GET['page'])."'>Назад</a></div>
";
require ("../foot.php");
	?>