Файл: vkollektive2014/soo/inc/set_them_act.php
Строк: 21
<?
$user_s = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `id_user`='$u[id]' LIMIT 1"));
if (isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='mesto' && isset($_POST['forum']) && is_numeric($_POST['forum'])
&& (mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forums` WHERE `id` = '".intval($_POST['forum'])."' AND `id_soo`='$soo[id]'"),0)==1 && isset($user) && $user_s['level']>'0'
|| mysql_result(mysql_query("SELECT COUNT(*) FROM `soo_forums` WHERE `id` = '".intval($_POST['forum'])."' AND `id_soo`='$soo[id]'"),0)==1))
{
$forum_new=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_forums` WHERE `id` = '".intval($_POST['forum'])."' AND `id_soo`='$soo[id]' LIMIT 1"));
mysql_query("UPDATE `soo_forum_mess` SET `id_forum` = '$forum_new[id]' WHERE `id_forum` = '$forum[id]' AND `id_soo` = '$soo[id]' AND `id_them` = '$them[id]'");
mysql_query("UPDATE `soo_forum_thems` SET `id_forum` = '$forum_new[id]' WHERE `id_forum` = '$forum[id]' AND `id_soo` = '$soo[id]' AND `id` = '$them[id]'");
$old_forum=$forum;
$forum=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_forums` WHERE `id` = '$forum_new[id]' AND `id_soo`='$soo[id]' LIMIT 1"));
$them=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_forum_thems` WHERE `id_forum` = '$forum[id]' AND `id` = '$them[id]' LIMIT 1"));
ok('Тема успешно перемещена');
}
$user_s = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `id_user`='$u[id]' LIMIT 1"));
if (isset($user) && $user_s['level']>'0' && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='delete')
{
mysql_query("DELETE FROM `soo_forum_thems` WHERE `id` = '$them[id]'");
mysql_query("DELETE FROM `soo_forum_mess` WHERE `id_them` = '$them[id]'");
ok('Тема успешно удалена');
echo "<div class='menu'>n";
echo "<a href="?s=$soo[id]&id_forum=$forum[id]">В форум</a><br />n";
echo "</div>n";
include_once '../foot.php';
}
$user_s = mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_users` WHERE `id_soo`='$soo[id]' AND `id_user`='$u[id]' LIMIT 1"));
if (isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='set' && isset($_POST['name']) && isset($_POST['text']))
{
$name=check(htmlspecialchars($_POST['name'], ENT_QUOTES));
$text=check(htmlspecialchars($_POST['text'], ENT_QUOTES));
if ($user_s['level']>'0'){
if (isset($_POST['up']) && $_POST['up']==1)
{
$up=1;
}
else $up=0;
$add_q=" `up` = '$up',";
}else $add_q=NULL;
if (isset($_POST['close']) && $_POST['close']==1 && $them['close']==0){
$close=1;
}
elseif ($them['close']==1 && (!isset($_POST['close']) || $_POST['close']==0))
{
$close=0;
}
else $close=$them['close'];
mysql_query("UPDATE `soo_forum_thems` SET `name` = '$name',$add_q `close` = '$close', `text` = '$text' WHERE `id` = '$them[id]' AND `id_soo`='$soo[id]' LIMIT 1");
$them=mysql_fetch_assoc(mysql_query("SELECT * FROM `soo_forum_thems` WHERE `id` = '$them[id]' AND `id_soo`='$soo[id]' LIMIT 1"));
$ank2=mysql_fetch_assoc(mysql_query("SELECT * FROM `user` WHERE `id` = '$them[id_user]' LIMIT 1"));
ok('Изменения успешно приняты');
}
?>