Файл: test.masteram.us/comm/forum/inc/set_razdel_act.php
Строк: 34
<?php
if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']==2 && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='set' && isset($_POST['name'])){
$name=esc(stripcslashes(htmlspecialchars($_POST['name'])));
if(isset($_POST['translit1']) && $_POST['translit1']==1){
$name=translit($name);
}
if(strlen2($name)<3){
$err='Слишком короткое название';
}
if(strlen2($name)>32){
$err='Слишком днинное название';
}
$name=mysql_real_escape_string($name);
if(!isset($err)){
mysql_query("UPDATE `comm_forum_r` SET `name` = '$name' WHERE `id` = '$razdel[id]' AND `id_comm` = '$id_comm' LIMIT 1");
$razdel=mysql_fetch_array(mysql_query("SELECT * FROM `comm_forum_r` WHERE `id` = '$razdel[id]' AND `id_comm` = '$id_comm' LIMIT 1"));
msg('Изменения успешно приняты');
}
}
if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']==2 && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='mesto' && isset($_POST['forum']) && is_numeric($_POST['forum']) && mysql_result(mysql_query("SELECT COUNT(*) FROM `comm_forum_f` WHERE `id` = '".intval($_POST['forum'])."' AND `id_comm` = '$id_comm'"),0)==1){
$forum_new['id']=intval($_POST['forum']);
mysql_query("UPDATE `comm_forum_p` SET `id_forum` = '$forum_new[id]' WHERE `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm'");
mysql_query("UPDATE `comm_forum_t` SET `id_forum` = '$forum_new[id]' WHERE `id_forum` = '$forum[id]' AND `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm'");
mysql_query("UPDATE `comm_forum_r` SET `id_forum` = '$forum_new[id]' WHERE `id_forum` = '$forum[id]' AND `id` = '$razdel[id]' AND `id_comm` = '$id_comm'");
$forum=mysql_fetch_array(mysql_query("SELECT * FROM `comm_forum_f` WHERE `id` = '$forum_new[id]' AND `id_comm` = '$id_comm' LIMIT 1"));
msg('Раздел успешно перенесен');
}
if(isset($user) && $admin['uid']==$user['id'] && $admin['priv']==2 && isset($_GET['act']) && isset($_GET['ok']) && $_GET['act']=='delete'){
mysql_query("DELETE FROM `comm_forum_r` WHERE `id` = '$razdel[id]' AND `id_comm` = '$id_comm'");
mysql_query("DELETE FROM `comm_forum_t` WHERE `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm'");
mysql_query("DELETE FROM `comm_forum_p` WHERE `id_razdel` = '$razdel[id]' AND `id_comm` = '$id_comm'");
msg('Раздел успешно удален');
echo ' - <a href="index.php?id_forum='.$forum['id'].'&id_comm='.$id_comm.'">В Подфорум</a><br/>';
echo ' - <a href="index.php?id_comm='.$id_comm.'">В форум</a><br/>';
}
?>