Файл: vsime.com/polls/inc/act_new.php
Строк: 22
<?
switch(@$_GET['case']):
case 'diary':
include('../diary/inc/configs.php');
include('inc/poll_diary_create.php');
break;
case 'topic':
if (!isset($moderate_forum))access_denied();
$cat = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `forum` WHERE `id` = '".intval(@$_GET['cat_id'])."' AND `type` = 'cat'"));
if (!@$cat['id']) {
$title .= ' - Ошибка!';
ex_head();
show_errors("Категория не найдена");
ex_foot();
}
if (!isset($moderate_forum))access_denied();
include('inc/poll_topic_create.php');
break;
case 'comm_topic':
$comm = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `comm` WHERE `id` = '".intval($_GET['comm_id'])."'"));
if (!$comm['id']) {
$title .= ' - Ошибка!';
ex_head();
show_errors("Сообщество не найдено!");
ex_foot();
}
$comm_cat = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `forum` WHERE `id` = '".intval(@$_GET['cat_id'])."' AND `type` = 'cat' AND `id_comm` = '$comm[id]'"));
if (!@$comm_cat['id']) {
$title .= ' - Ошибка!';
ex_head();
show_errors("Обьект не найден!");
ex_foot();
}
@$uinc = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `comm_users` WHERE `id_user` = '$user[id]' AND `id_comm` = '$comm[id]'"));
$ank = profile($comm['id_user']);
if ($ank['id']!=$user['id'] && $uinc['access']=='user')access_denied();
include('inc/poll_comm_topic_create.php');
break;
default:
header("Location: /");
break;
endswitch;
?>