View file adm/addbook.php

File size: 1.49Kb
<?php
include_once "../config.php";
include_once "../inc/inc.php";
include_once "../inc/func.php";
include_once "../inc/user.php";
if ($dostup != '1') {
    echo "ПАШШШШШШШОЛНАХУЙ";
    include_once "../themes/$theme/foot.php";
    exit;
} else {
    if ($kto == 'user') {
        $login = htmlspecialchars(stripslashes($login));
        $msg = htmlspecialchars(stripslashes($msg));
        if (strlen($msg) <= 2) {
            header("Location: book.php");
            exit;
        } 
        if (strlen($msg) >= 1025) {
            header("Location: book.php");
            exit;
        } 
        $vsego = mysql_num_rows(mysql_query("SELECT * FROM " . $pref . "book"));
        $zapros2 = 'INSERT INTO ' . $pref . 'book (id_user, data, vrem, dataunix, login, msg, otvet, brow, ip) VALUES (' . (int)$usdata['id'] . ', "' . data() . '", "' . vrem() . '", ' . time() . ', "' . $login . '", "' . $msg . '", " ", "' . brow() . '", "' . ip() . '");';
        mysql_query($zapros2);

        $query = "SELECT * FROM " . $pref . "book ORDER BY id DESC";
        $result = mysql_query($query);
        $i = 1;
        while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
            if ($i > $maxbook) {
                $zapros = 'DELETE FROM ' . $pref . 'book WHERE id=\'' . $line['id'] . '\'';
                mysql_query($zaoros);
            } 
            $i++;
        } 
        header("Location: book.php");
    } else {
        header("Location: book.php");
    } 
} 

?>