File size: 1.4Kb
<?php
include 'includes/config.php';
include 'includes/connect.php';
include 'includes/admin.valid.php';
include 'themes/head.php';
if (!empty($_USER['login'])) {
$id = intval($_GET['id']);
$ans = mysql_escape_string(trim($_POST['ans']));
if (empty($ans)) {
$sql = mysql_query("SELECT * FROM `".$db_pref."comment` WHERE `id` = '$id'");
$row = mysql_fetch_assoc($sql);
$text = nl2br($row['text']);
$ansr = $row['ans'];
echo <<<HTML
<div class="t">Ответ</div>
<div class="m">
<div class="menu2">
<b> ID: </b> $row[id] <br />
<b> Текст: </b> <br />
$text
</div>
<b> Ответ: </b> <br />
<div class="menu2">
<form action="" method="POST">
<textarea name="ans" class="form" rows="5">$ansr</textarea>
<br /><br />
<input type="submit" value="Добавить" class="form" />
</form>
</div>
</div>
HTML;
} else {
$sql = mysql_query("UPDATE `".$db_pref."comment` SET `ans` = '$ans' WHERE `id` = '$id'");
if ($sql) {
echo <<<HTML
<div class="t">Ответ</div>
<div class="m">
<div class="menu2">
Ответ успешно добавлен!
</div></div>
HTML;
} else {
echo <<<HTML
<div class="t">Ошибка</div>
<div class="m">
<div class="menu2">
Произошла ошибка!
</div></div>
HTML;
}
}
} else {
echo <<<HTML
<div class="t">Ошибка</div>
<div class="m">
<div class="menu2">
Доступ запрещен!
</div></div>
HTML;
}
include 'themes/foot.php';
?>