Файл: mylaf.ru/mods/forum/deikom.php
Строк: 59
<?php
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
$post=intval($_GET['id']);
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `forum_kom` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"));
if ($post['id']==0)header("location:index.php?");
if(isset($_GET['vidno']) && isset($user) && $user['level']>2){
$post['vid']=1;
mysql_query("UPDATE `forum_kom` SET `vid` = '1' WHERE `id` = '$post[id]' LIMIT 1");
header("Location:them.php?id=$post[id_them]");
}
if(isset($_GET['vidyes']) && isset($user) && $user['level']>2){
$post['vid']=0;
mysql_query("UPDATE `forum_kom` SET `vid` = '0' WHERE `id` = '$post[id]' LIMIT 1");
header("location:them.php?id=$post[id_them]");
}
if(isset($_GET['blockyes']) && isset($user) && $user['level']>2){
$post['block']=1;
mysql_query("UPDATE `forum_kom` SET `block` = '1' WHERE `id` = '$post[id]' LIMIT 1");
header("location:them.php?id=$post[id_them]");
}
if(isset($_GET['blockno']) && isset($user) && $user['level']>2){
$post['block']=0;
mysql_query("UPDATE `forum_kom` SET `block` = '0' WHERE `id` = '$post[id]' LIMIT 1");
header("location:them.php?id=$post[id_them]");
}
if(isset($_GET['del']) && isset($user) && $user['level']>2){
mysql_query("DELETE FROM `forum_kom` WHERE `id` = '$post[id]'");
header("location:them.php?id=$post[id_them]");
}
$set['title']="Изменение комментария";
include_once '../sys/inc/thead.php';
title();
aut();
if (isset($user) && $user['level']>2 || $user['id']==$post['id_user'] && $post['time']>time()-600){
if (isset($_GET['ok']) && isset($_POST['msg'])){
$msg=my_esc($_POST['msg']);
if (strlen2($msg)<2)$err="Слишком короткое сообщение.";
if (strlen2($msg)>1024)$err="Слишком длинное сообщение.";
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `forum_kom` WHERE `id_them` = '".intval($_GET['id'])."' AND `id_user` = '$user[id]' AND `msg` = '$msg' LIMIT 1"),0)!=0)$err='Ваше сообщение повторяет предыдущее';
if (!isset($err)){
mysql_query("UPDATE `forum_kom` SET `msg` = '$msg' WHERE `id` = '$post[id]'");
header("location:them.php?id=$post[id_them]");
}
}
err();
echo "<form method='post' action='deikom.php?id=$post[id]&ok'>";
echo "Сообщение:<br/>";
echo "<textarea name='msg'>".htmlspecialchars($post['msg'])."</textarea><br/>";
echo "<input type='submit' name='ok' value='Сохранить изменения'><br/>";
echo "</form>";
echo "<a href='them.php?id
=$post[id_them]'><div class='foot'><img src='/style/icons/str2.gif' alt='!'>Вернутся к статье</div></a>";
} else
header("location:stat.php?id=$post[id_stat]");
include_once '../sys/inc/tfoot.php';
?>