File size: 6.27Kb
<?php
/*\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\//
// Sitchi CMS - Mobile Content Management System //
// The author: Nikoloz Sitchinava [sitchi] //
// Link: http://sitchicms.num.ge //
// Skype: SitchiCMS //
// License: LICENSE.txt (see attached file) //
// Version: VERSION.txt (see attached file) //
//\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\*/
define('_SITCHICMS', 1);
$root_path='../../';
require $root_path.'includes/db_connect.php';
require $root_path.'includes/start.php';
require $root_path.'includes/header.php';
require $root_path.'includes/functions.php';
require $root_path.'includes/head.php'; // თავი
$lng_forum = load_lng('forum');
if (!isset($_GET['act']))
{
if (isset($_SERVER['HTTP_REFERER']) && $_SERVER['HTTP_REFERER']!=NULL)
header("Location: ".$_SERVER['HTTP_REFERER']);
else
header("Location: index.php?".SID);
}else{
$act=htmlspecialchars(trim($_GET['act']));
}
switch ($act)
{
/**პოსტის რედაქტირება**/
case 'update_topic_post':
if (isset($_GET['id_post']) && is_numeric($_GET['id_post']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_topic2_view` WHERE `id` = '".intval($_GET['id_post'])."' LIMIT 1",$dblink), 0)==1)
{
$id_post=intval(abs($_GET['id_post']));
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topic2_view` WHERE `id` = '".$id_post."' LIMIT 1"));
$them = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topic1_view` WHERE `id` = '".$post['id_them']."' LIMIT 1"));
$section = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_section_view` WHERE `id` = '".$post['id_section']."' LIMIT 1"));
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_section` WHERE `id` = '".$post['id_forum']."' LIMIT 1"));
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$post['id_user']."' LIMIT 1"));
}else{
header("Location: index.php?".SID);
}
if ($user['level']>=2 && $user['level']>$ank['level'] || isset($user) && $user['id']==$ank['id'] && $post['time']>$time-$set['forum_edit_time'] || $user['id']==$ank['id'] && $user['level']>=2)
{
if(isset($_POST['msg']))
{
$msg = stripslashes(htmlspecialchars(trim($_POST['msg'])));
if(mb_strlen($msg)<2)
{
$err[] = '<div class="errmenu">'.$lng_forum['1_30'].'.(min 2)</div>';
}
if(mb_strlen($msg)>1280)
{
$err[] = '<div class="errmenu">'.$lng_forum['1_31'].'.(max 1280)</div>';
}
if(!isset($err))
{
mysql_query("UPDATE `forum_topic2_view` SET `msg`= '".mres($msg)."' WHERE `id`= '".$post['id']."' LIMIT 1");
header("Location: index.php?act=view_topic&id_them=$post[id_them]&".SID);
}
}
head(''.$lng_forum['1_1'].' | '.$lng_forum['1_32'].'');
echo'<div class="hdr"><b>'.$lng_forum['1_1'].' | '.$lng_forum['1_32'].'</b></div>';
err();
if($post['time']>$time-$set['forum_edit_time'] || isset($user) && $user['level']>=2 && $user['level']>$ank['level'] || $user['id']==$ank['id'] && $user['level']>=2)
{
echo'<div class="egmenu"><form method="POST" action="update.php?act=update_topic_post&id_post='.$post['id'].'">';
echo''.$lng_forum['1_18'].'(max 1280):<br/><textarea name="msg" cols="35" rows="3">'.post($post['msg']).'</textarea><br/>';
echo'<input type="submit" name="save" value="'.$lng_forum['1_33'].'" />';
echo'</form></div>';
}
else
{
echo''.$lng_forum['1_34'].'';
}
echo'<a href="/modules/forum/index.php?act=view_topic&id_them='.$them['id'].'">'.$them['name'].'</a><br/>
<a href="/modules/forum/index.php?act=view_under_section&id_section='.$section['id'].'">'.$section['name'].'</a><br/>
<a href="/modules/forum/index.php?act=view_section&id_forum='.$forum['id'].'">'.$forum['name'].'</a><br/>
<a href="/modules/forum/">'.$lng_forum['1_1'].'</a>';
require $root_path.'includes/end.php'; // დასასრული
}else{
header("Location: index.php?".SID);
}
break;
/**თემის რედაქტირება**/
case 'update_topic':
if (isset($_GET['id_them']) && is_numeric($_GET['id_them']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_topic1_view` WHERE `id` = '".intval($_GET['id_them'])."' LIMIT 1",$dblink), 0)==1)
{
$id_them=intval(abs($_GET['id_them']));
$them = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_topic1_view` WHERE `id` = '".$id_them."' LIMIT 1"));
$section = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_section_view` WHERE `id` = '".$them['id_section']."' LIMIT 1"));
$forum = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_section` WHERE `id` = '".$them['id_forum']."' LIMIT 1"));
$ank = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '".$them['id_user']."' LIMIT 1"));
}else{
header("Location: index.php?".SID);
}
if ($user['level']>=2 && $user['level']>$ank['level'] || $user['id']==$ank['id'] && $user['level']>=2)
{
if(isset($_POST['theme']))
{
$theme = stripslashes(htmlspecialchars(trim($_POST['theme'])));
if(mb_strlen($theme)>128)
{
$err[] = '<div class="errmenu">'.$lng_forum['1_35'].'(max 128)</div>';
}
if(mb_strlen($theme)<3)
{
$err[] = '<div class="errmenu">'.$lng_forum['1_36'].'(min 3)</div>';
}
if(!isset($err))
{
mysql_query("UPDATE `forum_topic1_view` SET `name`= '".mres($theme)."' WHERE `id`= '".$them['id']."' LIMIT 1");
header("Location: index.php?act=view_topic&id_them=$them[id]&".SID);
}
}
head(''.$lng_forum['1_1'].' | '.$lng_forum['1_37'].'');
echo'<div class="hdr"><b>'.$lng_forum['1_1'].' | '.$lng_forum['1_37'].'</b></div>';
err();
echo'<div class="egmenu"><form method="POST" action="update.php?act=update_topic&id_them='.$them['id'].'">';
echo''.$lng_forum['1_38'].'(max 128):<br/><input type="text" name="theme" maxlength="128" value="'.$them['name'].'" /><br/>';
echo'<input type="submit" name="save" value="'.$lng_forum['1_33'].'" />';
echo'</form></div>';
echo'<a href="/modules/forum/index.php?act=view_topic&id_them='.$them['id'].'">'.$them['name'].'</a><br/>
<a href="/modules/forum/index.php?act=view_under_section&id_section='.$section['id'].'">'.$section['name'].'</a><br/>
<a href="/modules/forum/index.php?act=view_section&id_forum='.$forum['id'].'">'.$forum['name'].'</a><br/>
<a href="/modules/forum/">'.$lng_forum['1_1'].'</a>';
require $root_path.'includes/end.php'; // დასასრული
}else{
header("Location: index.php?".SID);
}
break;
}
?>