Файл: modules/forum/edit_post.php
Строк: 84
<?php
/****
* @package LiveCMS
* @link livecms.org
* @author MyZik
* @version See attached file VERSION.txt
* @license See attached file LICENSE.txt
* @copyright Copyright (C) LiveCMS Development Team
****/
ob_start();
$lang_forum = load_lng('forum'); // Подключаем файл языка
$title = $lang_forum['forum']; // Заголовок страницы
$module = 'forum'; // Модуль
/**
* Проверка наличия авторизации
**/
if (!isset($user)) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang['only_users'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
/**
* Проверяем, задан ли параметр
**/
if (!isset($_GET['id']) || empty($_GET['id']) || !is_numeric($_GET['id'])) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang['error_parameter'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
/**
* Проверяем наличие сообщения
**/
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_messages` WHERE `id` = '" . num($_GET['id']) . "'"), 0) == 0) {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang_forum['message_not_exists'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
$ID = num($_GET['id']);
$post = mysql_fetch_assoc(mysql_query("SELECT * FROM `cms_forum_messages` WHERE `id` = '$ID' LIMIT 1"));
$user_post = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id` = '" . $post['user_id'] . "' LIMIT 1"));
$category = mysql_fetch_assoc(mysql_query("SELECT * FROM `cms_forum_categories` WHERE `id` = '" . $post['category_id'] . "' LIMIT 1"));
$section = mysql_fetch_assoc(mysql_query("SELECT * FROM `cms_forum_sections` WHERE `id` = '" . $post['section_id'] . "' LIMIT 1"));
$pagesMess = mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_messages` WHERE `topic_id` = '" . $post['topic_id'] . "'"), 0);
$ceil = ceil($pagesMess / $countMess);
$end_page = ($ceil > 1 ? '&page=' . $ceil : '');
/**
* Проверяем права доступа
**/
if (($user['rights'] == 3 || $user['rights'] >= 7) && ($user_post['rights'] <= $user['rights']) || ($post['user_id'] == $user['id'])) {
require_once(HOME .'/incfiles/header.php'); // подключаем шапку
/**
* Небольшая панель навигации
**/
echo '<div class="title"><a href="/forum/">' . $lang['forum'] . '</a> | <a href="category.php?id=' . $category['id'] . '">' . txt($category['name']) . '</a> | <a href="section.php?id=' . $ID . '">' . txt($section['name']) . '</a></div>';
echo '<div class="main"><b>' . $lang_forum['message_edit'] . '</b> ID #' . $post['id'] . '</div>';
if (isset($_POST['save'])) {
$text = input(mb_substr($_POST['text'], 0, 10000));
/**
* Проверяем, пустое ли сообщение
**/
if (empty($text))
$err[] = $lang_forum['empty_text_message'];
/**
* Проверяем, было ли такое сообщение в теме
**/
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `cms_forum_messages` WHERE `text` = '$text' AND `user_id` = '" . $post['user_id'] . "' AND `topic_id` = '" . $post['topic_id'] . "'"), 0) != 0)
$err[] = $lang_forum['topic_message_exists'];
/**
* Если не было ошибок, заносим данные
**/
if (!isset($err)) {
mysql_query("UPDATE `cms_forum_messages` SET `text` = '$text', `edit_count` = '" . ($post['edit_count'] + 1) . "', `edit_by` = '" . $user['login'] . "' WHERE `id` = '$ID' LIMIT 1");
header("Location: topic.php?id=$post[topic_id]" . $end_page);
} else {
echo error($err); // показываем ошибки, если они имеются
}
}
/**
* Форма
**/
echo '<div class="main"><form method="post" action="edit_post.php?id=' . $ID . '">' .
$lang['enter_message'] . '<br />' .
'<textarea name="text">' . $post['text'] . '</textarea><br />' .
$lang_forum['message_text_info'] . '<br />' .
'<input type="submit" name="save" value="' . $lang['edit'] . '" />' .
'</form></div>';
require_once(HOME .'/incfiles/footer.php'); // подключаем ноги
} else {
require_once(HOME .'/incfiles/header.php');
echo '<div class="error">' . $lang['error_rights'] . '</div>';
echo '<div class="home">' .
'<img src="/design/themes/' . $set_user['theme'] . '/images/back.png" alt="" /> <a href="/index.php">' . $lang['back'] . '</a>' .
'</div>';
require_once(HOME .'/incfiles/footer.php');
}
ob_end_flush();
?>