Файл: public_html/modules/forum/addtheme.php
Строк: 45
<?php
$root = $_SERVER['DOCUMENT_ROOT'];
include_once ($root.'/core/base.php');
falseauth(1);
$header = "Форум";
include_once ($root.'/core/head.php');
$section = fl($_GET['section']);
$sect = $db->query("SELECT * FROM `forum_sections` WHERE `id` = '".$section."'")->fetch_object();
if($u['admin'] < $sect->access)
{
header("Location: /forum");
exit;
}
if(isset($_GET['addtheme']))
{
$name = fl($_POST['name']);
$text = fl($_POST['text']);
if($ban->num_rows > 0) redirect('/', 'Вы заткнуты!');
if($u['admin'] >= $sect->access)
{
$db->query("INSERT INTO `forum_themes` (`section_id`,`name`,`text`,`author`,`time`) VALUES ('".$section."', '".$name."', '".$text."', '".$u['id']."', '".time()."')");
$news = $db->insert_id;
if($sect->news == 1) $db->query("UPDATE `users` SET `read_news` = '".$news."'");
header("Location: /forum/".$section."/theme".$news);
exit;
}
else
{
header("Location: /forum");
exit;
}
}
echo '<a class = "link"><font color="white"><center><form action="/forum/'.$section.'/addTheme/confirm" method="post">
Название темы:<br>
<input type="text" name="name" required><br>
Текст:<br>
<textarea name="text" required></textarea><br>
<input type="submit" name="addtheme" value="Добавить">
</form></center></font></a>';
include_once ($root.'/core/foot.php');