Просмотр архива War Thunder II Онлайн Игра


<?php

// by Mike O. (mides), coolcms.org



$title = 'Блоги';

require_once '../includes/sys.php';

require_once '../includes/header.php';



$type = 'blogs';



switch ($act) {

    default:

        if ($u['id']) {

            $cats_r = mysql_query("SELECT * FROM `blogs_cats` ORDER BY `name`");

            if (mysql_num_rows($cats_r)) {

                if ($ok) {

                    $cat = abs(intval($_POST['cat']));

                    $name = check($_POST['name']);

                    $text = check($_POST['text']);

                    $code = abs(intval($_POST['code']));

                    if ($cat and $name and $text and $code) {

                        if ($_SESSION['code'] == $code) {

                            mysql_query("INSERT INTO `blogs` SET `id_cat` = '$cat', `id_user` = '$u[id]', `name` = '$name', `text` = '$text', `time` = '".TIME."'");

                            $last_id = mysql_insert_id();

                            redirect('index.php?act=view&id='.$last_id);

                        } else {

                            error('Неверный код.');

                            nav('?act=note_add');

                        }

                    } else {

                        redirect('?act=note_add');

                    }

                } else {

                    tp('<a href="index.php">Блоги</a>&raquo; '.$lang['compose']);

                    echo '<div class="body"><form name="form" action="?ok=1" method="post">

                    '.$lang['choose_a_category'].':<br /><select name="cat">';

                    $cat_r = mysql_query("SELECT * FROM `blogs_cats` ORDER BY `name`");

                    while ($cat = mysql_fetch_assoc($cat_r)) {

                        echo '<option value="'.$cat['id'].'">'.$cat['name'].'</option>';

                    }

                    echo '</select><br />

                    '.$lang['name'].'(max50):<br /><input name="name" type="text" maxlength="50" /><br />

                    '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="5"></textarea><br />

                    Провер. код:<br />

                    <img src="../images/code.php" alt="" /><br />

                    <input name="code" maxlength="5" /><br />

                    <input name="submit" type="submit" value="Ok" />

                    </form><br />

                    <a href="index.php?">Блоги</a>&raquo; Написать

                    </div>';

                }

            } else {

                redirect('index.php');

            }

        } else {

            redirect('index.php');

        }

    break;



    case 'note_edit':

        if (access(2)) {

            $blog = mysql_fetch_assoc(mysql_query("SELECT * FROM `blogs` WHERE `id` = '$id'"));

            if ($blog['id']) {

                if ($ok) {

                    $name = check($_POST['name']);

                    $text = check($_POST['text']);

                    if ($name and $text) {

                        mysql_query("UPDATE `blogs` SET `name` = '$name', `text` = '$text' WHERE `id` = '$id'");

                        redirect('index.php?act=view&id='.$id);

                    } else {

                        redirect('?act=note_edit&id='.$id);

                    }

                } else {

                    tp('<a href="index.php?act=view&amp;id='.$id.'">Просмотр</a>&raquo; Ред-ть');

                    echo '<div class="body">

                    <form name="form" action="?act=note_edit&amp;id='.$id.'&amp;ok=1" method="post">

                    '.$lang['name'].'(max50):<br /><input name="name" type="text" maxlength="50" value="'.$blog['name'].'" /><br />

                    '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="5">'.$blog['text'].'</textarea><br />

                    <input name="submit" type="submit" value="Ok" />

                    </form><br />

                    <a href="index.php?act=view&amp;id='.$id.'">Просмотр</a>&raquo; Ред-ть

                    </div>';

                }

            } else {

                redirect('?');

            }

        } else {

            redirect('?');

        }

    break;



    case 'note_del':

        if (access(3)) {

            $blog = mysql_fetch_assoc(mysql_query("SELECT * FROM `blogs` WHERE `id` = '$id'"));

            if ($blog['id']) {

                if ($ok) {

                    mysql_query("DELETE FROM `blogs` WHERE `id` = '$blog[id]'");

                    redirect('index.php?act=cat&id='.$blog['id_cat']);

                } else {

                    tp('Подтвердите');

                    echo '<div class="body">'.$lang['are_you_sure_del'].' "'.$blog['name'].'"?<br />

                    <form name="form" action="?act=note_del&amp;id='.$id.'&amp;ok=1" method="post">

                    <input name="submit" type="submit" value="Yeah" />

                    </form>

                    </div>

                    ';

                }

            } else {

                redirect('?');

            }

        } else {

            redirect('?');

        }

    break;    

    

    

    

    

    

    

    

    

    

    

    

}



require_once '../includes/tail.php';

?>