Файл: forumm/edit_them_ok.php
Строк: 58
<?
if(mysql_result(mysql_query("SELECT COUNT(*) FROM `forum` WHERE `id` = '$forum[id]' AND `type` = 'tema' LIMIT 1"),0)!=0)
{
if($forum['opros']==1)
{
$result1=$_POST[result1];
if(strlen2($result1)<1)
{
$err='';
echo "<div class='err'>1 вариант обязателен для заполнения</div>n";
}
$result1=my_esc($result1);
$result2=$_POST[result2];
if(strlen2($result2)<1)
{
$err='';
echo "<div class='err'>2 вариант обязателен для заполнения</div>n";
}
$result2=my_esc($result2);
$result3=$_POST[result3];
$result3=my_esc($result3);
$result4=$_POST[result4];
$result4=my_esc($result4);
$result5=$_POST[result5];
$result5=my_esc($result5);
$result6=$_POST[result6];
$result6=my_esc($result6);
$result7=$_POST[result7];
$result7=my_esc($result7);
$result8=$_POST[result8];
$result8=my_esc($result8);
$result9=$_POST[result9];
$result9=my_esc($result9);
$result10=$_POST[result10];
$result10=my_esc($result10);
}
$name=$_POST[name];
$name=esc(stripcslashes(htmlspecialchars($_POST['name'])));
if (isset($_POST['translit_name']) && $_POST['translit_name']==1)$name=translit($name);
if(strlen2($name)<1)
{
$err='';
echo "<div class='err'>Введите название</div>n";
}
if(strlen2($name)>60)
{
$err='';
echo "<div class='err'>Название слишком длинное</div>n";
}
$name=my_esc($name);
$text=$_POST[text];
$text=esc(stripcslashes(htmlspecialchars($_POST['text'])));
if (isset($_POST['translit_text']) && $_POST['translit_text']==1)$text=translit($text);
if(strlen2($text)<1)
{
$err='';
echo "<div class='err'>Введите текст</div>n";
}
if(strlen2($text)>100000)
{
$err='';
echo "<div class='err'>Текст слишком длинный</div>n";
}
$text=my_esc($text);
$up=$_POST[up];
$up=my_esc($up);
if(!isset($err))
{
if($up==0 || $up==1 || $up==2 || $up==3 || $up==4 || $up==5 || $up==6 || $up==7 || $up==8 || $up==9 || $up==10)
{
mysql_query("UPDATE `forum` SET `name` = '$name', `text` = '$text', `last_id_user` = '$user[id]', `last_time` = '$time', `up` = '$up' WHERE `id` = '$forum[id]' LIMIT 1");
if($forum['opros']==1)
{
mysql_query("UPDATE `forum_opros` SET `var` = '$result1' WHERE `id_them` = '$forum[id]' and `num` = '1' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result1' WHERE `id_them` = '$forum[id]' and `num` = '1' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result2' WHERE `id_them` = '$forum[id]' and `num` = '2' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result3' WHERE `id_them` = '$forum[id]' and `num` = '3' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result4' WHERE `id_them` = '$forum[id]' and `num` = '4' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result5' WHERE `id_them` = '$forum[id]' and `num` = '5' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result6' WHERE `id_them` = '$forum[id]' and `num` = '6' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result7' WHERE `id_them` = '$forum[id]' and `num` = '7' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result8' WHERE `id_them` = '$forum[id]' and `num` = '8' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result9' WHERE `id_them` = '$forum[id]' and `num` = '9' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result10' WHERE `id_them` = '$forum[id]' and `num` = '10' LIMIT 1");
}
header("Location:/forumm/?id=$forum[id]");
}
else echo "<div class='err'>Уровень от 1 до 10!</div>n";
}
}
else header("Location:/forumm");
?>