Файл: public_html/modules/alliance/forum/addtheme.php
Строк: 59
<?php
$root = $_SERVER['DOCUMENT_ROOT'];
include_once ($root.'/core/base.php');
falseauth(1);
$header = "Форум альянса";
include_once ($root.'/core/head.php');
$allianceId = fl($_GET['alliance']);
if(empty($allianceId)) redirect('/alliance');
if(allianceInfo($allianceId, 'id') == 'error') redirect('/alliance');
$section = fl($_GET['section']);
$sect = $db->query("SELECT * FROM `alliance_forum_sections` WHERE `id` = '".$section."'")->fetch_object();
if($sect->access != 'all' && $u['alliance_id'] != $allianceId) redirect('/alliance/forum/'.$allianceId);
if(isset($_GET['addtheme']))
{
$name = fl($_POST['name']);
$text = fl($_POST['text']);
if($ban->num_rows > 0) redirect('/', 'Вы заткнуты!');
if($sect->access == 'all' || $u['alliance_id'] == $allianceId)
{
$db->query("INSERT INTO `alliance_forum_themes` (`section_id`,`name`,`text`,`author`,`time`) VALUES ('".$section."', '".$name."', '".$text."', '".$u['id']."', '".time()."')");
header("Location: /alliance/forum/".$allianceId."/".$section."/theme".$db->insert_id);
exit;
}
else
{
header("Location: /alliance/forum/".$allianceId);
exit;
}
}
echo '<a class = "link"><font color="white"><center><form action="/alliance/forum/'.$allianceId.'/'.$section.'/addTheme/confirm"
method="post">
Название темы:<br>
<input type="text" name="name" required><br>
Текст:<br>
<textarea name="text" required></textarea><br>
<input type="submit" name="addtheme" value="Добавить">
</form></center></font></a>';
include_once ($root.'/core/foot.php');