Файл: modules/guestbook/index.php
Строк: 48
<?php
switch ($act) {
default:
$total = DB::run()->querySingle("select count(`id`) from `guestbook`;");
if ($total)
{
require_once 'core/navsetvars.php';
$query = DB::run()->query("select * from `guestbook` ORDER BY `time` DESC LIMIT $start, $config[ipp];");
}
$config['newtitle'] = $lang['Guestbook'];
$tpl['file'] = 'guestbook';
require_once 'core/header.php';
break;
case 'add':
$message = isset($_POST['message']) ? check($_POST['message']) : FALSE;
if ($message)
{
if (mb_strlen($message, 'utf-8') <= $config['msglength'])
{
if (is_auth())
{
if ($_SESSION['wait'] < TIME)
{
DB::run()->query("insert into `guestbook` set `userid` = ?, `message` = ?, `time` = ?;", array($u['id'], $message, TIME));
unset($_SESSION['captcha_keystring']);
$_SESSION['wait'] = TIME + $config['wait_time'];
}
else
{
$_SESSION['note'] = $lang['Anti_Spam_Please_wait_before_trying_again'];
}
}
else
{
$keystring = isset($_POST['keystring']) ? check($_POST['keystring']) : FALSE;
if (isset($_SESSION['captcha_keystring']) && $_SESSION['captcha_keystring'] === $keystring)
{
DB::run()->query("insert into `guestbook` set `userid` = ?, `message` = ?, `time` = ?;", array(0, $message, TIME));
$_SESSION['wait'] = TIME + $config['wait_time'];
}
}
}
else
{
$_SESSION['note'] = $lang['Your_message_exceeds_the_maximum_number_of_characters_allowed'].' ('.$config['msglength'].')';
}
}
redirect('/guestbook');
break;
case 'editpost':
$module = 'guestbook';
require_once 'core/editpost.php';
break;
case 'delpost':
$module = 'guestbook';
require_once 'core/delpost.php';
break;
case 'reply':
$module = 'guestbook';
require_once 'core/reply.php';
break;
case 'delpost2':
if (access('guestbook_delpost'))
{
$post = DB::run()->querySingle("select count(`id`) from `guestbook` where `id` = ?;", array($id));
if ($post)
{
DB::run()->query("delete from `guestbook` where `id` = ?;", array($id));
}
}
redirect('/guestbook');
break;
}