Файл: users/forum/edit_them_ok.php
Строк: 52
<?
$msgg=$forum['text'];
if($forum['opros']==1)
{
$result1=$_POST['result1'];
if(strlen2($result1)<1)
{
$err[]="1 вариант обязателен для заполненин";
}
$result1=my_esc($result1);
$result2=$_POST['result2'];
if(strlen2($result2)<1)
{
$err[]="2 вариант обязателен для заполнения";
}
$result2=my_esc($result2);
$result3=$_POST['result3'];
$result3=my_esc($result3);
$result4=$_POST['result4'];
$result4=my_esc($result4);
$result5=$_POST['result5'];
$result5=my_esc($result5);
$result6=$_POST['result6'];
$result6=my_esc($result6);
$result7=$_POST['result7'];
$result7=my_esc($result7);
$result8=$_POST['result8'];
$result8=my_esc($result8);
$result9=$_POST['result9'];
$result9=my_esc($result9);
$result10=$_POST['result10'];
$result10=my_esc($result10);
}
$name=$_POST['name'];
$name=filter_var(htmlspecialchars($_POST['name']));
if (isset($_POST['translit_name']) && $_POST['translit_name']==1)$name=translit($name);
if(strlen2($name)<1)
{
$err[]="Введите название";
}
if(strlen2($name)>60)
{
$err[]="Название слишком длинное";
}
$name=my_esc($name);
$text=$_POST['text'];
$text=filter_var(htmlspecialchars($_POST['text']));
if (isset($_POST['translit_text']) && $_POST['translit_text']==1)$text=translit($text);
if(strlen2($text)<1)
{
$err[]="Введите текст";
}
if(strlen2($text)>100000)
{
$err[]="Текст слишком длинный</div>n";
}
$text=my_esc($text);
$up=$_POST['up'];
if(!isset($err))
{
if($up==0 || $up==1 || $up==2 || $up==3 || $up==4 || $up==5 || $up==6 || $up==7 || $up==8 || $up==9 || $up==10)
{
mysql_query("UPDATE `forum` SET `name` = '$name', `text` = '$text', `last_id_user` = '$user[id]', `last_time` = '$time', `up` = '$up' WHERE `id` = '$forum[id]' LIMIT 1");
if($forum['opros']==1)
{
mysql_query("UPDATE `forum_opros` SET `var` = '$result1' WHERE `id_them` = '$forum[id]' and `num` = '1' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result1' WHERE `id_them` = '$forum[id]' and `num` = '1' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result2' WHERE `id_them` = '$forum[id]' and `num` = '2' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result3' WHERE `id_them` = '$forum[id]' and `num` = '3' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result4' WHERE `id_them` = '$forum[id]' and `num` = '4' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result5' WHERE `id_them` = '$forum[id]' and `num` = '5' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result6' WHERE `id_them` = '$forum[id]' and `num` = '6' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result7' WHERE `id_them` = '$forum[id]' and `num` = '7' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result8' WHERE `id_them` = '$forum[id]' and `num` = '8' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result9' WHERE `id_them` = '$forum[id]' and `num` = '9' LIMIT 1");
mysql_query("UPDATE `forum_opros` SET `var` = '$result10' WHERE `id_them` = '$forum[id]' and `num` = '10' LIMIT 1");
}
mysql_query("INSERT INTO `forum_history` (`id_them`, `id_user`, `time`, `type`, `msg`) values('$forum[id]', '$user[id]', '$time', 'edit', '$msgg')");
header("Location:/users/forum/?id=$forum[id]");
}
else echo "<div class='err'>Уровень от 1 до 10!</div>n";
}
err();
?>