Файл: groups/forum/handler/post.php
Строк: 40
<?php
if (!empty($_POST['post']))
{
$post = check($_POST['post']);
$post = substr($post, 0, 5000);
if (empty($post)) $err = true;
// Антифлуд
if ($err == false && mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_forum_post` WHERE `user_id` = '".$user_id."' AND `text` = '".$post."' AND `time` > '".(time()-60)."' OR `user_id` = '".$user_id."' AND `time` > '".(time()-5)."'"),0) == true) $flood = true;
if ($flood == false && $err == false && mysql_query("INSERT INTO `groups_forum_post` SET
`tid` = '".$id."',
`user_id` = '".$user_id."',
`text` = '".$post."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `groups_forum` SET `upuser` = '".$user_id."', `uptime` = '".time()."', cpost=cpost+1 WHERE `id` = '".$id."'");
if ($user_id != $arr_theme['user_id'] && $arr_theme['from_group'] == 0)
{
mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_theme['user_id']."',
`mod` = 'group_forum',
`type` = 'post',
`refid` = '".$id."',
`time` = '".time()."',
`count` = 1,
`new` = 1
");
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_theme['user_id']."'");
}
}
}
else if (!empty($_POST['re_post']) && !empty($_POST['re_id']) && is_numeric($_POST['re_id']))
{
// Антифлуд
if (mysql_result(mysql_query("SELECT COUNT(`id`) FROM `groups_forum_post` WHERE `user_id` = '".$user_id."' AND `time` > '".(time()-5)."'"),0) == true) $flood = true;
$re_id = abs(intval($_POST['re_id']));
$post = check($_POST['re_post']);
$post = substr($post, 0, 5000);
if (empty($post)) $err = true;
$res_arr_post = mysql_query("SELECT * FROM `groups_forum_post` WHERE `id` = '".$re_id."' AND `tid` = '".$id."' AND `user_id` != '".$user_id."' LIMIT 1");
if (mysql_num_rows($res_arr_post) == true) $arr_post = mysql_fetch_array(mysql_query("SELECT * FROM `groups_forum_post` WHERE `id` = '".$re_id."' LIMIT 1"));
else $err = true;
$quote = cut($arr_post['text'],500);
if ($flood == false && $err == false && mysql_query("INSERT INTO `groups_forum_post` SET
`tid` = '".$id."',
`user_id` = '".$user_id."',
`text` = '".$post."',
`quote` = '".$arr_post['text']."',
`quote_id` = '".$arr_post['user_id']."',
`time` = '".time()."'
") == true)
{
mysql_query("UPDATE `groups_forum` SET `upuser` = '".$user_id."', `uptime` = '".time()."', cpost=cpost+1 WHERE `id` = '".$id."'");
if ($arr_theme['from_group'] == 0 && $user_id != $arr_theme['user_id'] && $arr_theme['user_id'] != $arr_post['user_id'])
{
mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_theme['user_id']."',
`mod` = 'group_forum',
`type` = 'post',
`refid` = '".$id."',
`time` = '".time()."',
`count` = 1,
`new` = 1
");
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_theme['user_id']."'");
}
if (mysql_query("INSERT INTO `notifications` SET
`from_id` = '".$user_id."',
`sex` = '".$user['sex']."',
`for_id` = '".$arr_post['user_id']."',
`mod` = 'group_forum',
`type` = 're_post',
`refid` = '".$id."',
`time` = '".time()."',
`count` = 1,
`new` = 1
") == true)
{
mysql_query("UPDATE `users` SET `notifications` = 1, notifications_journal=notifications_journal+1 WHERE `id` = '".$arr_post['user_id']."'");
}
}
}
?>