View file comm/inc/guest_act.php

File size: 2.02Kb
<?php
###########################################
###       Сообщества для соц. сети      ###
###       Автор: Неизвестен             ###
###    Доделка и переделка: WapStyle    ###
###          НЕ ДЛЯ ПРОДАЖИ             ###
### НЕ ДЛЯ БЕСПЛАТНОГО РАСПРОСТРАНЕНИЯ  ###
###########################################

if(isset($_GET['del'])){

if($admin['priv']==2 || $admin['priv']==1 || $user['level']>2){
	$del = intval($_GET['del']);
	$id_del = mysql_fetch_array(mysql_query("SELECT * FROM `community_board` WHERE `id` = '$del'"));

if($id==$id_del['id_comm']){
	mysql_query("DELETE FROM `community_board` WHERE `id` = '".$del."' AND `id_comm` = '$id' LIMIT 1");
	header("Location: guest.php?id=$id&err=del");
	}else{
		header("Location: guest.php?id=$id&err=no_mess");
		}
		}else{
			header("Location: index.php");
			exit;
			}
			}


if(isset($_POST['msg']) && $_GET['act']=='add'){
	$msg=esc($_POST['msg']);
	$msg = esc(stripcslashes(htmlspecialchars($_POST['msg'])));
	$msg = eregi_replace("((https?|ftp)://[[:alnum:]_=/-]+(\\.[[:alnum:]_=/-]+)*(/[[:alnum:]+&amp;._=/~%#]*(\\?[[:alnum:]?+&amp;_=/%#]*)?)?)", ' [реклама] ', $msg);

if(isset($_POST['translit']) && $_POST['translit']==1){
	$msg=translit($msg);
	}

if(strlen2($msg)<3){
	header("Location: guest.php?id=$id&err=min_mess");
	exit;
	}

if(strlen2($msg)>512){
	header("Location: guest.php?id=$id&err=max_mess");
	exit;
	}

if(isset($_SESSION['antiflood']) && $_SESSION['antiflood']>$time-300){
	header("Location: guest.php?id=$id&err=msg_time");
	exit;
	}

mysql_query("INSERT INTO `community_board` (`id_comm`, `user`, `time`, `msg`) VALUES ('$id', '$user[id]', '$time', '$msg')");
mysql_query("UPDATE `community_user_incomm` SET `postov` = '+1' WHERE `uid` = '$user[id]' AND `cid` = '$id' LIMIT 1");
mysql_query("OPTIMIZE TABLE `community_user_incomm`");
mysql_query("OPTIMIZE TABLE `community_board`");
header("Location: guest.php?id=$id&err=no");
}
?>