Файл: public_html/modules/library/add_comment.php
Строк: 34
<?php
/**********************************
* @package: PerfCMS *
* @year: 2012 *
* @author: Artas *
* @link: http://perfcms.net *
* ------------------------------- *
* @package: PerfCMS Ultra *
* @year: 2013 *
* @author: wanya26ua & Tesla *
* @link: http://perfclub.ru *
**********************************/
if(!isset($user)) { go('/'); }
if(!empty($_GET['id'])) {
if(isset($_POST['create']) && $_GET['act'] == 'create') {
$text = input($_POST['text']);
if(!empty($_POST['text'])) {
$s = $db->query("SELECT * FROM `library_comms` WHERE `id_user` = '". $user['id'] ."' AND `time` > '". (time()-$system['spam']) ."'")->rowCount();
if ($s>0) {
header("Location: /library/".abs(intval($_GET['id']))."/comments?act=spam");
} else {
$db->query("INSERT INTO `library_comms` SET `text` = '$text', `time` = '". time() ."', `id_user` = '$user[id]', `id_note` = '". abs(intval($_GET['id'])) ."'");
header('location: /library/'.abs(intval($_GET['id'])).'/comments/');
exit;
}
}
}
$title = $lang->word('add_comment');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('add_comment'));
echo '<form action="/library/add_comm/?act=create&id='.abs(intval($_GET['id'])) .'" method="post">
<div class="menu">
<b>'. $lang->word('message') .'</b>:<br/>
<textarea name="text" rows="5" cols="26">'.(isset($_GET['reply_to']) ? '[b]'.$_GET['reply_to'].'[/b], ' : NULL).'</textarea><br/>
<input name="create" type="submit" value="'. $lang->word('create') .'" /><br/>
</div>
</form>';
$tpl->div('block', NAV. ' <a href="/library/'.abs(intval($_GET['id'])).'/comments/">'.$lang->word('back').'</a><br/>'. NAV .' <a href="/library/">'.$lang->word('library').'</a><br/>' . HICO .' <a href="/">'.$lang->word('home').'</a>');
require_once(SYS.'/view/footer.php');
} else { go('/'); }
?>