Файл: core/reply.php
Строк: 32
<?php
/*
* @author mides <Mike Osendowski>
* @link http://midwm.org
* @copyright 2011-2014
*/
if (is_auth())
{
switch ($module)
{
case 'guestbook':
$table = 'guestbook';
break;
case 'forum':
$table = 'forum_posts';
break;
}
$post = DB::run()->queryFetch("select * from `".$table."` where `id` = ?;", array($id));
if ($post)
{
if ($module == 'forum')
{
$thread = DB::run()->queryFetch("select `subject`, `closed` from `forum_threads` where `id` = ?;", array($post['threadid']));
if ($thread['closed'])
{
redirect('/forum/viewthread'.$post['threadid']);
}
}
if (!isset($_SESSION[$module]['reply_refurl'][$id]) && $refurl)
{
$_SESSION[$module]['reply_refurl'][$id] = $refurl.'#'.$post['id'];
}
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
if ($message)
{
if (mb_strlen($message, 'utf-8') <= $config['msglength'])
{
if ($_SESSION['wait'] < TIME)
{
if ($module == 'forum')
{
DB::run()->query("update `forum_threads` set `lastuserid` = ?, `updtime` = ? where `id` = ?;", array($u['id'], TIME, $post['threadid']));
DB::run()->query("insert into `forum_posts` set `categid` = ?, `threadid` = ?, `userid` = ?, `message` = ?, `time` = ?;", array($post['categid'], $post['threadid'], $u['id'], $message, TIME));
}
else
{
DB::run()->query("insert into `".$module."` set `userid` = ?, `message` = ?, `time` = ?;", array($u['id'], $message, TIME));
}
$_SESSION['wait'] = TIME + $config['wait_time'];
unset($_SESSION[$module]['reply_refurl'][$id]);
$redirect = $module == 'forum' ? '/forum/threadend'.$post['threadid'] : '/'.$module;
redirect($redirect);
}
else
{
$_SESSION['note'] = $lang['Anti_Spam_Please_wait_before_trying_again'];
}
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'].' ('.$config['msglength'].')';
}
}
$config['newtitle'] = $lang['Reply'];
$tpl['file'] = 'reply';
require_once 'core/header.php';
}
else
{
redirect('/'.$module);
}
}
else
{
redirect('/'.$module);
}