Файл: plugins/diary/inc/edit.php
Строк: 77
<?php
only_reg();
$sid = $tools->keyGlobals('sid', 'get', 0);
$sess = $tools->keyGlobals('sid', 'sess', 0);
if ($maps['diary_id'] != 0) {
$diary = mysql_fetch_assoc(mysql_query("
SELECT n.*
FROM notes AS n WHERE n.id = " . (int) $maps['diary_id']));
if ($diary['attachments'] && $sid == $sess) {
$_SESSION['diary']['attachments'] = unserialize($diary['attachments']);
$_SESSION['diary']['return'] = $_SERVER['REQUEST_URI'];
}
} else {
$diary = array(
'id' => 0,
'name' => $tools->keyGlobals('diary_name', 'sess', NULL),
'msg' => $tools->keyGlobals('diary_message', 'sess', NULL),
'private' => $tools->keyGlobals('diary_access', 'sess', 0),
'private_komm' => $tools->keyGlobals('diary_comment', 'sess', 0),
);
if ($sid == $sess) {
unset($_SESSION['diary']['attachments']);
$_SESSION['diary']['return'] = $_SERVER['REQUEST_URI'];
}
}
if (isset($diary['id_user']) && ($user['id'] != $diary['id_user'] && !user_access('notes_delete'))) {
header('Location: ?f=diary&s=u&id=' . $diary['id'] . '&u=' . $maps['u']);
exit;
}
$_SESSION['sid'] = mt_rand(111, 999);
$set['title'] = ($diary['id'] == 0 ? __('Новая запись') : __('Редактирование записи'));
require H.'sys/inc/thead.php';
title();
aut();
err();
$insert = text($diary['msg']);
?>
<ol class="breadcrumb">
<li><a href="/index.php"><i class="ic ic-home"></i></a></li>
<li><a href="?"><?= __('Дневники')?></a></li>
<li>
<a href="?f=index&s=<?= $maps['s']?>&q=<?= $maps['search']?>&r=access&u=<?= $maps['u']?>&zsort=<?= $maps['zsort']?>&id=<?= $maps['diary_id']?>">
<?= user::nick($maps['u'], 0)?>
</a>
</li>
<li><?= $set['title']?></li>
</ol>
<div class="form-create">
<form action="?f=<?= $maps['f']?>&s=<?= $maps['s']?>&r=<?= $maps['f']?>&u=<?= $maps['u']?>&id=<?= $maps['diary_id']?>" method="POST" enctype="multipart/form-data">
<div class="form-create-header">
<b><?= __('Тема')?></b> (80 знаков)
</div>
<div class="form-create-input">
<input type="text" name="name" value="<?= text($diary['name'])?>" />
</div>
<div class="form-create-block">
<div class="form-create-header">
<b><?= __('Запись')?></b> (4096 знаков)
</div>
<?
$placeholder = 'Напишите текст дневника..';
if (is_file(H.'style/themes/' . $set['set_them'] . '/altername_post_form.php')) {
include_once H.'style/themes/' . $set['set_them'] . '/altername_post_form.php';
} else {
echo $tPanel;?><textarea name="msg"><?= $insert?></textarea><br /><?
}
?>
</div>
<? if (!isset($_SESSION['diary']['attachments']) || @count($_SESSION['diary']['attachments']['photo']) < 10) { ?>
<div class="form-create-block">
<?= __('Прикрепить')?>:
<button class="button-create" type="submit" name="diary_attach">
<img src="/style/icons/attach.png" /> <?= __('Выбрать файл')?>
</button>
</div>
<?
}
$attachments = new Attachments('diary');
echo $attachments->get_list();
?>
<div class="form-create-block">
<?= __('Кто видит запись')?>: <img src="/style/icons/<?= $accessList[$diary['private']]['icon']?>.png" />
<button class="button-create" type="submit" name="diary_access">
<?= $accessList[$diary['private']]['edit_name']?>
</button>
<br />
<?= __('Комментирование доступно')?>: <img src="/style/icons/<?= $accessList[$diary['private_komm']]['icon']?>.png" />
<button class="button-create" type="submit" name="diary_comment">
<?= $accessList[$diary['private_komm']]['edit_name']?>
</button>
</div>
<div class="form-create-panel">
<button type="submit" name="diary_create">
<?= ($diary['id'] == 0 ? __('Создать запись') : __('Cохранить изменения'))?>
</button>
</div>
</form>
</div>
<? if ($diary['id'] && $user_id && (user_access('notes_delete') || $user_id == $diary['id_user'])) { ?>
<div class="list-post" id="page-up">
<div class="list-post-item">
<a href="?f=delete&s=<?= $maps['s']?>&r=index&u=<?= $maps['u']?>&type=diary&id=<?= $diary['id']?>&delete_id=<?= $diary['id']?>"><img src="/style/icons/delete.gif" /> <?= __('Удалить запись')?></a>
</div>
</div>
<? } ?>