Файл: spuff.ru/includes/comm_reply.php
Строк: 19
<?php
if ($u['id']) {
$comm_r = mysql_query("SELECT `id`, `id_".$type."`, `id_user` FROM `".$type."_comm` WHERE `id` = '$id'");
$comm = mysql_fetch_assoc($comm_r);
if ($comm['id_user']) {
if ($ok) {
if (TIME > $_SESSION['antispam']) {
$text = check($_POST['text']);
if ($text) {
mysql_query("INSERT INTO `".$type."_comm` SET `id_".$type."` = '".$comm['id_'.$type]."', `id_user` = '$u[id]', `text` = '$text', `time` = '".TIME."'");
$_SESSION['antispam'] = TIME + $config['antispam'];
redirect('?act=comm&id='.$comm['id_'.$type]);
} else {
redirect('?act=comm_reply&id='.$id);
}
} else {
error($lang['antispam'].' '.$config['antispam'].' sec.');
nav('?act=comm&id='.$comm['id_'.$type]);
}
} else {
tp($lang['reply']);
echo '<div class="body"><form name="form" action="?act=comm_reply&id='.$id.'&ok=1" method="post">
<b>Сообщение:</b><br/>'.bbpanel('form', 'text').'<br/><textarea name="text" cols="" rows="3">[b]'.username($comm['id_user'], 0).'[/b], </textarea><br />';
echo '<input name="submit" type="submit" value="Ответить" />
</form>
</div>';
}
} else {
redirect('?');
}
} else {
redirect('login.php');
}
?>