Файл: reviews.php
Строк: 27
<?php
include $_SERVER['DOCUMENT_ROOT'].'/incs/system.php';
include $_SERVER['DOCUMENT_ROOT'].'/incs/classes/pagination_class.php';
$error = NULL;
$array = array();
$paging = new Paging($db);
$_SESSION['error'] = NULL;
if(isset($_POST['submit'])) {
if(empty($_POST['name'])) $_SESSION['error'] = 'Не введено имя';
if(empty($_POST['text'])) $_SESSION['error'] = 'Не введен текст отзыва';
if(!in_array($_POST['type'], array(0,1)) || empty($_POST['type'])) $_SESSION['error'] = 'Ошибка';
if(strtolower($_POST['captcha']) != strtolower($_SESSION['php_captcha'])) $_SESSION['error'] = 'Не верно введен код';
if(empty($_SESSION['error'])) {
$name = $db->real_escape_string($_POST['name']);
$text = $db->real_escape_string($_POST['text']);
$type = (int) $_POST['type'];
$db->query("INSERT INTO `reviews` SET `name` = '$name', `text` = '$text', `type` = '$type'");
unset($_SESSION['php_captcha']);
header("Location: /reviews");
exit();
}
}
$sql = $paging->get_page("SELECT *, DATE_FORMAT(date, '%d.%m %H:%i') AS datez FROM `reviews`", "ORDER BY `id` DESC");
while($row = $sql->fetch_assoc()) {
$array[] = $row;
}
if($sql->num_rows < 1) {
$empty = 'Отзывов еще нет';
}
$pages = $paging->get_page_links('/reviews');
echo $view->render('reviews.tpl', array(
'title' => 'Отзывы',
'array' => $array,
'pages' => $pages,
'empty' => $_SESSION['error']
));
unset($_SESSION['error']);