Файл: modules/news/add_news.php
Строк: 37
<?php
$locate = 'in_news';
if($user['level'] < '6') { go('/'); }
if(isset($_POST['create']) && $_GET['act'] == 'create') {
$name = substr(input($_POST['name']), 0, 100);
$text = substr(input($_POST['text']), 0, 10000);
$db->query("INSERT INTO `news`(`name`, `text`, `time`, `user_id`) VALUES('".$name."', '". $text ."', '". time() ."', '". $user['id']."')");
go('/news/');
}
$title = $lang->word('add_news');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('add_news'));
echo '<form action="/news/add_news/?act=create" method="post">
<div class="menu">
<b>'. $lang->word('form_album_name') .'</b>:<br/>
<input name="name" type="text" /><br/>
<b>'. $lang->word('text') .'</b>:<br/>
<textarea name="text" rows="5" cols="26"></textarea><br/>
<input name="create" type="submit" value="'. $lang->word('create') .'" /><br/>
</div>
</form>';
$tpl->div('block', img('news.png') .'<a href="/news/">'. $lang->word('news') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
require_once(SYS.'/view/footer.php');
?>