Файл: modules/downloads/add_comment.php
Строк: 81
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_downloads';
if(!User::logged()) { go('/'); exit;}
if(empty($_GET['downloads_id']) || !isset($_GET['downloads_id']))
{
go('/');
}
if(isset($_POST['create']) && $_GET['act'] == 'create')
{
if(isset($_GET['reply_to']))
{
$_user_id = num($_GET['reply_to']);
if($_user_id !== User::Id())
{
$db->query("INSERT INTO `notify` SET `user_id` = '". $_user_id ."', `from_id` = '". User::Id() ."', `request_id` = '/downloads/comments/".abs(intval($_GET['downloads_id']))."', `type` = 'notify_comments_reply', `read` = '0', `time` = '". time() ."'");
// print_r($db->errorInfo());
}
}
$file = $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". num($_GET['downloads_id']) ."'")->fetch();
if($file['user_id'] !== User::Id() && !isset($_GET['reply_to']))
{
$db->query("INSERT INTO `notify` SET `user_id` = '{$file['user_id']}', `from_id` = '". User::Id() ."', `request_id` = '/downloads/comments/{$file['id']}', `type` = 'notify_file_reply', `read` = '0', `time` = '". time() ."'");
}
$comments = new Comments('downloads', num($_GET['downloads_id']), '', '', 'downloads_files');
$comments->add($_POST['text']);
redirect('/downloads/comments/'.num($_GET['downloads_id']));
}
$title = _t('add_comment');
include_header($title);
$tpl->div('title', _t('add_comment'));
echo '<form action="/downloads/add_comment?act=create&downloads_id='. abs(intval($_GET['downloads_id'])) .(isset($_GET['reply_to']) ? '&reply_to='.num($_GET['reply_to']) : null).'" method="post">
<div class="menu">
<b>'. _t('message') .'</b>:<br/>
<textarea name="text" rows="5" cols="26">'.(isset($_GET['reply_to']) ? '[b]'.tnick($_GET['reply_to']).'[/b], ' : NULL).'</textarea><br/>
<input name="create" type="submit" value="'. _t('create') .'" /><br/>
</div>
</form>';
$tpl->div('block', NAV .'<a href="/downloads/comments/'. abs(intval($_GET['downloads_id'])) .'">'. _t('back') .'</a><br/>' .
NAV .'<a href="/downloads/">'. _t('downloads') .'</a><br/>' .
HICO .'<a href="/">'. _t('home').'</a>');
include_footer();
?>