Файл: test.masteram.us/comm/inc/razd_act.php
Строк: 44
<?php
if(isset($_POST['name']) && isset($_POST['opis']) && isset($_GET['act']) && $_GET['act']=='add'){
$name=esc(stripcslashes(htmlspecialchars($_POST['name'],1)));
$opis=esc(stripcslashes(htmlspecialchars($_POST['opis'])));
$sort=esc($_POST['sort']);
if(strlen2($name)<3){
$err[]='Короткое название раздела';
}
if(strlen2($name)>64){
$err[]='Длинное название раздела';
}
if(!isset($err)){
mysql_query("INSERT INTO `community_razd` (`name`, `opis`, `sort`) VALUES ('".mysql_real_escape_string($name)."','".mysql_real_escape_string($opis)."','".mysql_real_escape_string($sort)."')");
mysql_query("OPTIMIZE TABLE `community_razd`");
msg("Раздел успешно создан");
}
}
if(isset($_POST['name']) && isset($_POST['opis']) && isset($_GET['razd']) && $_GET['razd']=='edit' && isset($_GET['id_razd'])){
$id_razd = intval($_GET['id_razd']);
$name=esc(stripcslashes(htmlspecialchars($_POST['name'],1)));
$opis=esc(stripcslashes(htmlspecialchars($_POST['opis'])));
$sort=esc($_POST['sort']);
if(strlen2($name)<3){
$err[]='Короткое название раздела';
}
if(strlen2($name)>64){
$err[]='Длинное название раздела';
}
if(!isset($err)){
mysql_query("UPDATE `community_razd` SET `name` = '".mysql_real_escape_string($name)."', `opis` = '".mysql_real_escape_string($opis)."', `sort` ='".mysql_real_escape_string($sort)."' WHERE `id` = '".$id_razd."'");
mysql_query("OPTIMIZE TABLE `community_razd`");
msg("Раздел успешно отредактирован");
}
}
if(isset($_GET['razd']) && $_GET['razd']=='delete' && isset($_GET['id_razd'])){
$id_razd = intval($_GET['id_razd']);
$id_comm = mysql_fetch_array(mysql_query("SELECT * FROM `community_comm` WHERE `id_razd` = '$id_razd'"));
mysql_query("DELETE FROM `community_board` WHERE `id_comm` = '".$id_comm['id']."'"); //мини чат
mysql_query("DELETE FROM `community_comm` WHERE `id_comm` = '".$id_comm['id']."' AND `id_razd` = '".$id_razd."'"); //сообщества
mysql_query("DELETE FROM `community_razd` WHERE `id` = '".$id_razd."'"); //раздел
mysql_query("DELETE FROM `community_user_incomm` WHERE `cid` = '".$id_comm['id']."'"); //пользователи
mysql_query("DELETE FROM `comm_ban` WHERE `id_comm` = '".$id_comm['id']."'"); //баны
mysql_query("DELETE FROM `comm_forum_f` WHERE `id_comm` = '".$id_comm['id']."'"); //форум
mysql_query("DELETE FROM `comm_forum_p` WHERE `id_comm` = '".$id_comm['id']."'");
mysql_query("DELETE FROM `comm_forum_r` WHERE `id_comm` = '".$id_comm['id']."'");
mysql_query("DELETE FROM `comm_forum_t` WHERE `id_comm` = '".$id_comm['id']."'");
mysql_query("DELETE FROM `comm_forum_zakl` WHERE `id_comm` = '".$id_comm['id']."'");
mysql_query("OPTIMIZE TABLE `community_board` , `community_comm` , `community_razd` , `community_user_incomm` , `comm_ban` , `comm_forum_f` , `comm_forum_p` , `comm_forum_r` , `comm_forum_t` , `comm_forum_zakl`");
msg("Раздел успешно удалён");
}
?>