View file bolcms-3.0.1./forum/posting.php

File size: 3.13Kb
<?php 
/*
*Manag-Develop BolCmS-Suptesat
*Syte- bolcms.cf
*/
$title = 'Начать новую тему - Форум';
require("../system/core.php");

$id = intval($_REQUEST['id']);

switch($_GET['act']){

case 'add_topic':

if(!empty($_SESSION['login'])){
echo '<div class="phdr"> ' .$lng ['newt'] . ' </div><div class="bmenu">';
	echo '<form action="posting.php?act=added_topic&amp;id='.$id.'" method="post" name="form">';
echo '  ' .$lng ['names'] . '  :<br/><input name="title" type="text" maxlength="25" /><br/>';
echo '  ' .$lng ['sms'] . '  :<br/><textarea name="text" rows="4"></textarea><br/>';
echo '<input name="submit" type="submit" value="  ' .$lng ['addt'] . '  " /></form></div>';
nav2('index.php?act=cat_view&amp;id='.$id.'', '  ' .$lng ['byby'] . '  ');
}else{
error('  ' .$lng ['lgquest'] . '  !');
	nav2('index.php?act=cat_view&amp;id='.$id.'', 'назад');
}

break;

case 'added_topic':

if(!empty($_POST['title']) && !empty($_POST['text'])){
	$title = sec($_POST['title']);
	$text = sec($_POST['text']);

	mysql_query("INSERT INTO `forum_topics` SET `id_cat` = '$id', `title` = '$title', `text` = '$text', `authour` = '".$_SESSION['login']."', `time` = '".time()."'");
info('  ' .$lng ['mard'] . '  !');
	nav2('index.php?act=cat_view&amp;id='.$id.'', 'к разделу');
}else{
error('  ' .$lng ['edtd'] . '  !');
nav2('posting.php?act=add_topic&amp;id='.$id.'', '  ' .$lng ['nd'] . '  ');
}

break;

case 'add_msg':

$id_cat = intval($_REQUEST['id_cat']);
$id_topic = intval($_REQUEST['id_topic']);

if(!empty($_POST['text'])){
	$text = sec($_POST['text']);
	mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '$id_cat', `id_topic` = '$id_topic', `text` = '$text', `authour` = '".$_SESSION['login']."', `time` = '".time()."'") or die(mysql_error());
info('  ' .$lng ['mobs'] . '  !');
nav2('topic.php?id='.$id_topic.'', '  ' .$lng ['nd'] . '  ');
}else{
error('  ' .$lng ['entd'] . '  !');
nav2('topic.php?id='.$id_topic.'', '  ' .$lng ['nd'] . '  ');
}

break;

case 'answer':

$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
if(isset($row['id'])){
echo '<div class="phdr"> ' .$lng ['otv'] . '  '.$row['authour'].'</div><div class="bmenu">';
	echo '<form action="?act=answered&amp;id='.$id.'" method="post" name="form">';
	echo '<textarea name="text" rows="4">'.$row['authour'].', </textarea>';
echo '<input name="submit" type="submit" value="  ' .$lng ['admes'] . '  " /></form></div>';
nav2('topic.php?id='.$row['id_topic'].'', '  ' .$lng ['nd'] . '  ');
}else{
error('  ' .$lng ['error'] . '  !');
	nav();
}
break;

case 'answered':

$text = sec($_POST['text']);
if(!empty($_POST['text'])){
	$row = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_msg` WHERE `id` = '$id'"));
	mysql_query("INSERT INTO `forum_msg` SET `id_cat` = '".$row['id_cat']."', `id_topic` = '".$row['id_topic']."', `text` = '$text', `authour` = '".$_SESSION['login']."', `time` = '".time()."'");
info('  ' .$lng ['mobs'] . '  !');
	nav2('topic.php?id='.$row['id_topic'].'', 'назад');
}else{
error('  ' .$lng ['edtd'] . '  !');
	nav2('posting.php?act=answer&amp;id='.$id.'', 'назад');
}
break;

}
require("../system/end.php");
?>