Файл: api_forum/reply.php
Строк: 38
<?
////////////////////////////////////////
///// Основа ApiCMS //////
///// Автор биллинга - IvanDanilov /////
///// Автор биллинга - IvanDanilov /////
///// ICQ 936545, mail: KyberID@ya.ru //
////////////////////////////////////////
$title = 'Ответ';
require_once '../api_core/apicms_system.php';
require_once '../api_core/head.php';
/////////////////////////////////////////
if (isset($_GET['user']) && $user && mysql_result(mysql_query("SELECT COUNT(*) FROM `users` WHERE `id` = '".intval($_GET['user'])."'"),0)==1){
$ank = intval($_GET['user']);
$theme_id = intval($_GET['id']);
$subuser = mysql_fetch_array(mysql_query("SELECT * FROM `users` WHERE `id` = '$ank' LIMIT 1"));
if (isset($_POST['txt'])){
$text = mysql_real_escape_string($_POST['txt']);
if (strlen($text)>1024)$err = '<div class="content"><center>Очень длинное сообщение</center></div>';
if (strlen($text)<3)$err = '<div class="content"><center>Короткое сообщение</center></div>';
if (!isset($err)){
mysql_query("INSERT INTO `api_forum_post` (`text`, `id_user`, `theme`, `time`) VALUES ('$text', '$user[id]', '$theme_id', '$time')");
$plus_fishka = $user['fishka'] + $api_settings['fishka_forum'];///начисляем фишек
mysql_query("UPDATE `users` SET `fishka` = '$plus_fishka' WHERE `id` = '$user[id]' LIMIT 1");
header("Location: theme.php?id=".$theme_id."&page=end");
}else{
apicms_error($err);
}
}
echo "<form action="reply.php?id=".$theme_id."&user=".$subuser['id']."&ok" method="post">n";
echo "<div class='content'><center><textarea name="txt">".$subuser['login'].", </textarea><br />n";
echo "<input type='submit' value='Ответить'/></form></center></div>n";
////////////////////////////////////////
}else{
echo "<div class='erors'>Ошибка выбора адресатов</div>n";
}
/////////////////////////////////////////
apicms_foot();
?>