Файл: forum/forum/inc3/editp.php
Строк: 151
<?
$m = @$db->sql_query("select * from `forum_msg` where `id`='".$fid."';" );
$mess = @$db->sql_fetchrow($m);
if (mysql_affected_rows() == 0){
echo '<b>Такого сообщения не существует!</b>';
echo '<br />';
echo gb.'<a href="./">Форум</a>'.div;
foot();
}
if (($user['id']!=$mess['user_id'])&&($user['level']<5)&&(user_inf($user['level']<$mess[user_id],'level'))){
echo '<b>Вы не можете изменять это сообщение!</b>';
echo '<br />';
echo gb.'<a href="./">Форум</a>'.div;
foot();
}
$tid = $mess[t_id];
$tem = @$db->sql_fetchrow($q1 = @$db->sql_query("select * from `forum_t` where `id`='".$tid."' ;" ));
if (mysql_affected_rows() == 0){
echo '<b>Такой темы не существует! Возможно она была удалена модератором.</b>';
echo '<br />';
echo gb.'<a href="./">Форум</a>'.div;
foot();
}
$page = check($_GET['page']);
$t_name = $tem ['name'];
$f = $tem ['f_id'];
$r = $tem ['r_id'];
$for = @$db->sql_fetchrow($db->sql_query( "select * from `forum_f` where id='$f';" ));
$raz = @$db->sql_fetchrow($db->sql_query( "select * from `forum_r` where id='$r';" ));
echo '<a href="./">Форумы</a>|<a href="razdel_'.$f.'">'.$for[name].'</a>';
echo '|<a href="temes_'.$r.'">'.$raz[name].'</a>|<a href="tema_'.$tid.'_'.$page.'">'.$tem['name'].'</a><br /><dl><dt></dt></dl>';
if ($tem['close']==1)
{echo 'Тема <b>'.$tem['name'].'</b> закрыта!'; exit;}
$act = check($_POST['act']);
if (empty($act)){
if ($ver!='wml')echo '<form action="?act=add&tid='.$tid.'&'.SID.'" method="post">';
if ($ver=='wml')echo 'Сообщение:<br /><input name="msg'.$ref.'" value="'.text($mess['msg'],false,true,false,false,false).'" title="Сообщение"/><br/>';
else echo 'Сообщение:<br /><textarea cols="'.$user['pole2'].'" rows="'.$user['pole1'].'" name="msg">'.text($mess['msg'],false,true,false,false,false).'</textarea><br />';
//$post = @$db -> sql_fetchrow(@$db->sql_query(@"SELECT `id` from `forum_msg` WHERE `t_id` = '".$fid."' order by time limit 1" ));
$post = mysql_fetch_array(mysql_query("SELECT `id` FROM `forum_msg` WHERE `t_id` = '".$mess['t_id']."' ORDER BY `time` LIMIT 1"));
if ($post['id'] == $mess['id']) {
$g = @$db -> sql_fetchrow(@$db -> sql_query(@"SELECT * FROM `forum_golos` WHERE `tid`='".$mess['t_id']."' LIMIT 1"));
if (@mysql_affected_rows() > 0) {
$question = $g['question'];
$answer1 = $g['answer1'];
$answer2 = $g['answer2'];
$answer3 = $g['answer3'];
$answer4 = $g['answer4'];
$answer5 = $g['answer5'];
$answer6 = $g['answer6'];
?>
Изменить опрос:<br />
Вопрос:<br />
<small>[5-200 символов]</small><br />
<input name="question" maxlength="200" value="<?php if ($question) echo $question; ?>" /><br />
Варианты ответа (Макс. 6):<br />
<small>[10-200 символов]</small><br />
<?php
if ($answer1 || $answer2 || $answer3 ||
$answer4 || $answer5 || $answer6) {
if ($answer1) { echo '<input name="answer1" maxlength="200" value="'.$answer1.'" /><br />'; }
if ($answer2) { echo '<input name="answer2" maxlength="200" value="'.$answer2.'" /><br />'; }
if ($answer3) { echo '<input name="answer3" maxlength="200" value="'.$answer3.'" /><br />'; }
if ($answer4) { echo '<input name="answer4" maxlength="200" value="'.$answer4.'" /><br />'; }
if ($answer5) { echo '<input name="answer5" maxlength="200" value="'.$answer5.'" /><br />'; }
if ($answer6) { echo '<input name="answer6" maxlength="200" value="'.$answer6.'" /><br />'; }
?>
Опрос должен ити:<br />
<input name="end" size="3" maxlength="2" value="<?php if ($g['end']) {echo (int)(($g['end']-$g['start'])/3600/24);} ?>" /> Дней<br />
<?php
}
}
}
if ($ver=='wml'){
echo '<br /><anchor title="go">Изменить<go href="?act=add'.$nk1.'&tid='.$tid.'&'.SID.'" method="post">';
echo '<postfield name="msg" value="$msg'.$ref.'"/>
<postfield name="act" value="act"/>
</go></anchor>';
echo '<br/>';
}else{
echo '<input name="act" type="hidden" value="act"/>';
echo '<br /><input type="submit" class="ibutton" value="Изменить"/></form><br /><br />';
}
echo '<br /><a href="tema_'.$tid.'_'.$page.'"><b>В тему</b></a><br />';
}else{
$msg = check($_POST['msg']);
if ($user['translit']==1)$msg = translit($msg);
$msg=substr($msg, 0, $set['size_vvod_for']);
$er = NULL;
if (strlen2($msg)<3)$er .= 'Короткое сообщение!<br />';
if ($_POST['question']) {
$question = check($_POST['question']);
if (strlen2($question) < 5) $err .= 'Вопрос слишком короткий!<br />';
if (empty($_POST['answer1']) || empty($_POST['answer2']) && ($_POST['answer3'] || $_POST['answer4'] || $_POST['answer5'] || $_POST['answer6'])) {
$er .= 'Чтобы добавить опрос. нужно добавить варианты ответов на опрос!<br />';
}
elseif ($_POST['answer1'] && $_POST['answer2']) {
$ans1 = check($_POST['answer1']);
$ans2 = check($_POST['answer2']);
$opros = true;
$ans3 = isset ($_POST['answer3']) ? check($_POST['answer3']) : '';
$ans4 = isset ($_POST['answer4']) ? check($_POST['answer4']) : '';
$ans5 = isset ($_POST['answer5']) ? check($_POST['answer5']) : '';
$ans6 = isset ($_POST['answer6']) ? check($_POST['answer6']) : '';
$end = isset ($_POST['end']) ? abs((int)$_POST['end']) : 0;
if ($end) {
$end = (3600 * 24 * $end) + $_SERVER['REQUEST_TIME'] ;
}
}
}
if (empty($er)){
$mess['izmk']++;
$izm = "<br /><font color="#800080"><i>Изменил: ".$user['user']." ".date("(d.m в H:i", time()).") [".$mess['izmk']."]</i></font>";
if ($db->sql_query("UPDATE `forum_msg` SET `msg` = '$msg', `izm` = '$izm', `izmk` = '".$mess['izmk']."' WHERE `id` = '".$fid."'")){
//if ($fid == 5)require("tupica.php");
if ($opros) {
$db->sql_query ("UPDATE `forum_golos` SET
`question`='".$question."',
`answer1`='".$ans1."', `answer2`='".$ans2."',
`answer3`='".$ans3."', `answer4`='".$ans4."',
`answer5`='".$ans5."', `answer6`='".$ans6."',
`end`='".$end."' WHERE `tid`='".$mess['t_id']."'");
}
header("Location: tema_".$tid."_".$page."?".SID);
}else echo "Oшибка!";
}else{echo $er; header("Location: ./tema_".$tid."_end?er=".$er."&".SID); }
}
//$db->sql_query("UPDATE `forum_message` SET `msg` = '$msg', `izm` = '$izm' where `id`='".$m."' LIMIT 1");
?>