<?php
include ("../head.php");
include ("../tools.php");
$add=$_GET["add"];
$tr=hacker($_POST["tr"]);
$forum=hacker($_GET["forum"]);
$forum=htmlspecialchars(stripslashes(trim($forum)));
$tema=hacker($_GET["tema"]);
$tema=htmlspecialchars(stripslashes(trim($tema)));
$add=htmlspecialchars(stripslashes(trim($add)));
$mesg=$_POST["mesg"];
$mesg=strtr($mesg,array("`"=>" ","#"=>" "));
$mesg=htmlspecialchars(stripslashes(trim($mesg)));
$act=hacker($act);
$kolimages=$kmess;
$news = mysql_query("select * from `forum` where `type`='tema' and `idtema`='".$tema."' and `idforum`='".$forum."';");
$massivnews = mysql_fetch_array($news);
$nme = mysql_num_rows($news);
if ($nme!=1){
$forum="0";
$tema="0"; }
else
{
function tr_to_win($str)
{
$str=strtr($str,array("__"=>" ","_"=>"","a"=>"а","b"=>"б","v"=>"в","g"=>"г","d"=>"д","e"=>"е","yo"=>"ё","zh"=>"ж","z"=>"з","i"=>"и","j"=>"й","k"=>"к","l"=>"л","m"=>"м","n"=>"н","o"=>"о","p"=>"п","r"=>"р","s"=>"с","t"=>"т","u"=>"у","f"=>"ф","h"=>"х","c"=>"ц","ch"=>"ч","sh"=>"ш","sch"=>"щ","q"=>"ъ","x"=>"ы","%"=>"ь","ye"=>"э","yu"=>"ю","ya"=>"я",
"A"=>"А","B"=>"Б","V"=>"В","G"=>"Г","D"=>"Д","E"=>"Е","YO"=>"Ё","ZH"=>"Ж","Z"=>"З","I"=>"И","J"=>"Й","K"=>"К","L"=>"Л","M"=>"М","N"=>"Н","O"=>"О","P"=>"П","R"=>"Р","S"=>"С","T"=>"Т","U"=>"У","F"=>"Ф","H"=>"Х","C"=>"Ц","CH"=>"Ч","SH"=>"Ш","SCH"=>"Щ","Q"=>"Ъ","X"=>"Ы","YE"=>"Э","YU"=>"Ю","YA"=>"Я"));
return $str;
}
if (empty($add))
{
if (empty($_SESSION['login']))
{} else
{
echo "<div class='contur_rek'>
<div class='header_rek'><div style='text-align:center'><b>Ваш ответ!</b></div></div></div><div><form action='post.php?add=1&forum=$forum&tema=$tema' method='post'>
Сообщение:<br/>
<textarea rows='5' name='mesg'></textarea>
<br/>
<input type='checkbox' name='tr' value='1' /> Транслит сообщения
<input type='hidden' name='session_id' value='".session_id()."'/>
<br/><input type='submit' value='Добавить'/>
</form>
</div>
";
}
}
if ($add==1)
{ if (empty($mesg) or empty($_SESSION['login']))
{echo "<div>Не введено сообщение<br/><a href='post.php?forum=".$forum."&tema=".$tema."'>Назад</a></div>";
} else
{ $user=$_SESSION['login'];
if ($_POST['tr']==1)
{
$mesg = tr_to_win($mesg);
}
$realtime=time()+$sdvigclock*3600;
$prov=mysql_query("select * from `forum` where `type`='mess' and `idtema`='".$tema."' and `idforum`='".$forum."' and `text`='".$mesg."' and `time`>'".intval(time()-10)."'");
if (mysql_affected_rows()=="0")
{
if(mysql_query("insert into `forum` values(0,'".$forum."','".$tema."','0','mess','','".$mesg."','".getenv(REMOTE_ADDR)."','".$user."','".$realtime."','');"))
{
$user = mysql_query("select * from `users` where name='".$_SESSION['login']."';");
$arr = mysql_fetch_array($user);
$mess = $arr['postforum']+1;
mysql_query("update `users` set postforum='".$mess."' where name='".$_SESSION['login']."';");
echo "Ваше сообщение успешно добавлено в тему!<br/>";
$q = mysql_query("select * from `forum` where type='mess' and idforum='".intval($forum)."' and idtema='".intval($tema)."';");
$count = mysql_num_rows($q);
header ("Location: tema.php?forum=$forum&tema=$tema&page=".ceil($count/$kolimages)."");
}
}
}
}
}
echo "<div>→ <a href='tema.php?forum=".$forum."&tema=".$tema."&page=".intval($_GET['page'])."'>Назад</a></div>
";
require ("../foot.php");
?>