View file new-topic.php

File size: 2.07Kb
<? include("head.php");
if(!isset($_SESSION['user_id']))die("Вы не авторизированы");
if(!isset($_GET['id']))die();
$id = (int)$_GET['id'];
$podcat=mysql_fetch_array(mysql_query("SELECT * FROM `sh_podcat` WHERE id='$id'"));
if(!$podcat)die("Не найдена категория");

@session_start();
$time_sec=600;
if (@$_SESSION['spam_tem']>=time())die("Не части");
if(!isset($_POST['name']) and !isset($_POST['text'])){echo '<b>Создание темы на форуме</b><br/>
<form action="new-topic.php?id='.$id.'" method="post">Название темы:<br/><input name="name" type="text"><br/>Сообщение:<br/><textarea name="text" cols="20" rows="4"></textarea><br/><input name="" type="submit" value="Создать"></form>';}

else {
$name=$_POST['name'];$text=code($_POST['text']);$avtor=$me['id'];$date=date("Y.m.d H:i");$time=time();
$name=mysql_real_escape_string(htmlspecialchars(trim($name)));
$add_topic=mysql_query("INSERT INTO `sh_tem` SET name='$name', `time`='$time', `cat`='$id', avtor='$avtor'");

if($add_topic){$id_topic=mysql_insert_id(); $add_post=mysql_query("INSERT INTO `sh_post` SET avtor='$avtor', date='$date', text='$text', tema='$id_topic', `time`='$time'");
$plus_post_me=$me['post']+1;
$plus_post_podcat_q=mysql_fetch_array(mysql_query("SELECT * FROM `sh_podcat` WHERE `id`=$id")); $plus_post_podcat=$plus_post_podcat_q['post']+1;
$plus_post_cat_q=mysql_fetch_array(mysql_query("SELECT * FROM `sh_cat` WHERE `id`='$plus_post_podcat_q[refid]'"));$plus_post_cat=$plus_post_cat_q['post']+1;
$plus_tem_cat=$plus_post_cat_q['tem']+1;
mysql_query("UPDATE `sh_user` SET `post`='$plus_post_me' WHERE `id`='$me[id]'");
mysql_query("UPDATE `sh_podcat` SET `post`='$plus_post_podcat' WHERE id=$id");
mysql_query("UPDATE `sh_cat` SET `post`='$plus_post_cat' WHERE id=$plus_post_podcat_q[refid]");
mysql_query("UPDATE `sh_cat` SET `tem`='$plus_tem_cat' WHERE id=$plus_post_podcat_q[refid]");
if($add_post)echo "Тема создана";$_SESSION['spam_tem']=time()+$time_sec;}
else echo "Ошибка";
}

include("foot.php");?>