Файл: top.php
Строк: 63
<?
define('PROTECTOR', 1);
include('files/db.php');
include($path.'files/auth.php');
if ($user_id==0){
header('location: index.php');exit;
}
$textl='Создание топа';
include($path.'files/core.php');
if(isset($_GET['posting']))
{
$bans = mysql_query("SELECT * FROM `ban` WHERE `usr` = '".$udata['id']."' and `place`='2'");
$banq=mysql_num_rows($bans);
if($banq!=0)
{
}
else
{
if($udata['lvl']<5)
{
header('location: '.$_SERVER['HTTP_REFERER'].'');exit;
}
else
{
$cha=mysql_query("SELECT * FROM `forum_cat` WHERE `id`='".$_GET['cat']."'");
$aa=mysql_fetch_array($cha);
if($aa['close']==1)
{
if($udata['admin']!=6)
{
header('location: forum.php');exit;
}
}
$name=$_POST['name'];
$cat=$_POST['cat'];
$test=nl2br($_POST['text']);
if($udata['admin']>=6)
{
$test=html_entity_decode($test);
}
$time=time();
$data=date('d.m.Y H:i:s');
if($cat==1)
{
$pri=1;
}
else
{
$pri=0;
}
mysql_query("INSERT INTO `forum_top` SET
`id`='',
`usr`='".$udata['id']."',
`name`='".$name."',
`text`='".$test."',
`data`='".$data."',
`close`='0',
`time`='".$time."',
`cat`='".$cat."',
`pri`='".$pri."'
");
$chaz=mysql_query("SELECT * FROM `forum_top` WHERE `name`='".$name."' and `usr`='".$udata['id']."' and `data`='".$data."'");
$aaz=mysql_fetch_array($chaz);
header('location: forum_top.php?top='.$aaz['id'].'');exit;
}}}
include($path.'files/head.php');
include($path.'files/zag.php');
echo '<table width=100%>
<tr>
<td width=35%>
<a href=game.php><div style="background: #882222; border-radius: 7px 0 0 7px" class="m p bts bbs brs bls" align=center>Главная</div></a>
</td><td>';
echo '<a href=forum.php><div class="line bts brs bls bbs p m" style="border-radius: 0 7px 7px 0">
<font color=#ffffff>Форум
</font>
</div></a></td></tr></table>';
echo '<div class="bat bts brs bls bbs p">';
if($udata['lvl']<5)
{
echo '<font color=#ff0000>Создание топа, доступно с 5 уровня!</font>';
}
else
{
$bans = mysql_query("SELECT * FROM `ban` WHERE `usr` = '".$udata['id']."' and `place`='2'");
$banq=mysql_num_rows($bans);
if($banq!=0)
{
echo '<div align=center><font color=#ff0000>У вас бан форума! Вы не можете создать топ!</font></div>';
}
else
{
echo '
<form action=?posting method=POST >
Название:<br>
<input type=text name=name><br>
<input type=hidden name=cat value='.$_GET['cat'].'>
Текст:<br>
<textarea name=text rows="3" cols="25px"></textarea><br>
<input type=submit value=Создать>
</form>
';
}
}
echo '</div>';
include('files/down.php');
?>