<?
include_once "../SYSTEM/include/functions.php";
include_once "../SYSTEM/include/mysql.php";
include_once "../SYSTEM/include/param.php";
include_once "../SYSTEM/include/ban.php";
include_once "../SYSTEM/include/sess.php";
include_once "../SYSTEM/include/ban_2.php";
include_once "../SYSTEM/include/theme.php";
$title='Новая тема';
$mesto='Создает тему в форуме';
head();
if (!isset($_GET['id_razd']) || !isset($_GET['id_forum']))
{
header ("Location: index.php?".SID."&");
exit;
}
$id_forum=intval($_GET['id_forum']);
$id_razd=intval($_GET['id_razd']);
$q = mysql_query("SELECT * FROM `$mysql[pref]forum_f` WHERE `id` = '$id_forum';");
if(mysql_num_rows($q) != 0)
{
$forum = mysql_fetch_array($q);
}
else
{
header ("Location: index.php?".SID."&");
exit;
}
$q = mysql_query("SELECT * FROM `$mysql[pref]forum_r` WHERE `id_f` = '$id_forum' AND `id` = '$id_razd';");
if(mysql_num_rows($q) != 0)
{
$razd = mysql_fetch_array($q);
}
else
{
header ("Location: index.php?".SID."&id_forum=$id_forum");
exit;
}
if (!isset($user))
{
echo "Прежде чем создать тему вам сначала необходимо <a href=\"../vhod.php\">войти</a> под своим ником<br />\n";
foot();
}
if ($user['forum_t_c']>$time-600 && $user['level']==0)
{
echo "<div class=\"h\">ВНИМАНИЕ</div><br />\n";
echo "Время между созданием новых тем должно быль более 10 минут<br />\n";
echo "<br /><div class=\"lmenug\">";
echo "<a href=\"index.php?id_forum=$id_forum&id_razd=$id_razd\">В раздел</a>\n";
echo "<br /><a href=\"../index.php\">На главную</a></div>\n";
foot();
}
if (isset($_GET['act']) && $_GET['act']=='add' && isset($_POST['name']) && isset($_POST['msg']))
{
$name=mysql_escape_string($_POST['name']);
$name=stripslashes(htmlspecialchars($name));
$name=trim($name);
$name = iconv('utf-8', 'windows-1251', $name);
$name=substr($name, 0, 32);
if (strlen($name)<3){header("Location: add_t.php?err=name1&id_forum=$id_forum&id_razd=$id_razd");exit;}
$name = iconv('windows-1251', 'utf-8', $name);
//if (ereg("\{|\}|\(|\)|\^|\%|\\$|#|!|\~|'|\"|:|;|`|\?",$name)){header("Location: add_t.php?err=name&id_forum=$id_forum&id_razd=$id_razd");exit;}
$msg=$_POST['msg'];
$msg = iconv('utf-8', 'windows-1251', $msg);
$msg=substr($msg, 0, 512);
$msg = iconv('windows-1251', 'utf-8', $msg);
$msg=stripcslashes(htmlspecialchars($msg));
$msg=str_replace("\r\n","<br />",$msg);
$msg=str_replace("\r","<br />",$msg);
$msg=str_replace("\n","<br />",$msg);
if (isset($_POST['tr']))
{
$name=translit($name);
$msg=translit($msg);
}
$id=rand(1,999999999);
$admmess="<a href=\"forum/index.php?id_forum=$id_forum&id_razd=$id_razd&id_them=$id&page=end\">Мат в форуме</a>";
$msg=testmat($msg,$admmess);
$name_t=$name;
mysql_query("INSERT INTO `$mysql[pref]forum_t` (id, name, t_create, time_last, autor, id_r, id_us, id_f, crep)
values('$id', '$name_t', '$time', '$time', '$user[nickname]', '$id_razd', '$user[id]', '$id_forum', '1')");
$ua_p=$ua;
$ip_p=$ip;
$msg_t=$msg;
$user['forum_k_th']++;
mysql_query("UPDATE `$mysql[pref]users` SET `forum_t_c` = '$time', `forum_k_th` = '$user[forum_k_th]' WHERE `id` = '".$user['id']."';");
mysql_query("INSERT INTO `$mysql[pref]forum_p` (id_f, id_r, id_t, nick, time, msg, ip, ua, id_us)
values('$id_forum', '$id_razd', '$id', '$user[nickname]', '$time', '$msg_t', '$ip_p', '$ua_p', '$user[id]')");
ball_add();
header("Location: index.php?".SID."&id_forum=$id_forum&id_razd=$id_razd&id_them=$id");
exit;
}
echo "<div class=\"h\"><b>Добавить тему</b></div><hr />\n";
if ($mail_in_new>0)echo "<div class=\"privat\"><img src=\"../SYSTEM/themes/$them/img/mail0.gif\" alt=\"\" /> <a href=\"../mail.php?act=in\">Приват</a> [$mail_in_new]</div><hr />\n";
echo "<form method=\"post\" action=\"add_t.php?act=add&id_forum=$id_forum&id_razd=$id_razd\">\n";
echo "Название темы:<br />\n<input name=\"name\" class=\"form\" value=\"\" type=\"text\" /><br />\n";
echo "Сообщение:<br />\n<textarea name=\"msg\" class=\"form\" rows=\"3\"></textarea><br />\n";
echo "<input type=\"checkbox\" name=\"tr\" value=\"1\" /> Транслит<br />\n";
echo "<input value=\"Добавить\" class=\"form\" type=\"submit\" />\n";
echo "</form>\n";
echo "<br />\n";
echo "<a href=\"index.php?id_forum=$id_forum&id_razd=$id_razd\">В раздел</a>\n";
echo "<br /><a href=\"../index.php\">На главную</a>\n";
foot();
?>