Размер файла: 4.49Kb
<?php
$act=$HTTP_POST_VARS['act'];
$pstopic=$HTTP_POST_VARS['pstopic'];
$psmsg=$HTTP_POST_VARS['psmsg'];
require "inc.php";
$myid=$_COOKIE["usid"];
$mypass=$_COOKIE["pass"];
$db=mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname,$db);
if (!isset($myid)) $myid=0;
$sqlc="select * from users where usid=$myid";
$c=mysql_query($sqlc);
$resc=mysql_fetch_array($c);
if ($resc[pass]==$mypass)
{
if ((!isset($act))||($pstopic=="")||($psmsg==""))
{
echo "
<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\">
<html>
<head>
<title></title>
<meta name=\"description\" content=\"\">
<meta name=\"keywords\" content=\"\">
</head>
<body bgcolor=\"#FFFFFF\" text=\"#000000\" link=\"#006699\" vlink=\"#006699\" alink=\"#006699\">
<STYLE type=\"text/css\">
A {text-decoration: none;}
body
{
margin-left: 1%;
margin-right: 1%;
font-family: Arial, Helvetica, sans-serif;
font-size: 10pt;
background-color: #F0F0F0;
}
</STYLE>";
include "top.php";
echo"
<form method=\"post\" action=\"newtop.php\">
<FONT size=2 color=\"#000000\" face=\"Arial\"><FONT size=2 color=\"#000000\" face=\"Arial\">
<TABLE width=100% border=1 cellpadding=1 bordercolor=\"#222288\" cellspacing=0>
<TR valign=top>
<TD> <FONT size=2 color=\"#000000\" face=\"Arial\">
<DIV>
<TABLE width=100% bgcolor=\"#FFFFFF\" border=0 cellpadding=5 bordercolor=\"#000000\" cellspacing=0>
<TR valign=top>
<TD colspan=\"4\" bgcolor=\"#8B93A0\">
<FONT size=2 color=\"#000000\" face=\"Arial\">
<DIV align=\"center\"><strong>New Topic </strong></DIV>
</FONT></TD>
</TR>
<TR valign=top>
<TD height=16 bgcolor=\"#D5DAEA\"> </TD>
<TD height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\"><strong>Topic:</strong></FONT></TD>
<TD height=16 bgcolor=\"#D5DAEA\"><div align=\"justify\">
<input name=\"pstopic\" type=\"text\" size=\"70\" maxlength=\"50\" value=\"$pstopic\">
</div></TD>
<TD height=16 bgcolor=\"#D5DAEA\"> </TD>
</TR>
<TR valign=top>
<TD height=16 bgcolor=\"#D5DAEA\"> </TD>
<TD height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\"><strong>Content:</strong></FONT></TD>
<TD height=16 bgcolor=\"#D5DAEA\">
<div align=\"justify\">
<p>
<textarea name=\"psmsg\" cols=\"60\" rows=\"10\">$psmsg</textarea>
</p>
</div></TD>
<TD height=16 bgcolor=\"#D5DAEA\"> </TD>
</TR>
<TR valign=top>
<TD width=\"10%\" height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">
<DIV align=\"center\"></DIV>
</FONT></TD>
<TD width=\"15%\" height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">
<DIV align=\"center\"></DIV>
</FONT> </TD>
<TD width=\"65%\" height=16 bgcolor=\"#D5DAEA\">
<div align=\"justify\"><font color=\"#000000\" size=\"2\" face=\"Arial\">
<input type=\"submit\" name=\"Submit\" value=\" OK \">
<input type=\"hidden\" name=\"act\" value=\"post\">
<a href=\"index.php\"><input type=\"button\" name=\"cancel\" value=\"Cancel\"></a>
</font></div></TD>
<TD width=\"10%\" height=16 bgcolor=\"#D5DAEA\"><FONT size=2 color=\"#000000\" face=\"Arial\">
<DIV align=\"center\"></DIV>
</FONT></TD>
</TR>
</table>
</div>
</font>
</TABLE>
</FONT></FONT></form>";
include "bottom.php";
echo"
</body>
</html>";
}else
if ($act=="post")
{
$date = date("Y-m-d");
$time = date("H-i");
$psmsg=htmlspecialchars($psmsg, ENT_QUOTES);
$pstopic=htmlspecialchars($pstopic, ENT_QUOTES);
$sql="insert into forum values(Null, '$psmsg', '$pstopic', '$myid', '$date', '$time', '$REMOTE_ADDR', '0')";
$a=mysql_query($sql);
$sql="select * from users where usid='$myid'";
$a=mysql_query($sql);
$res=mysql_fetch_array($a);
$ppp=$res[posts]+1;
$sql="update users set posts='$ppp' where usid='$myid'";
$a=mysql_query($sql);
Header("Location: index.php");
}
}else
{
Header("Location: login.php");
}
?>