File size: 4.09Kb
<?php
include_once '../../sys/inc/start.php';
include_once '../../sys/inc/compress.php';
include_once '../../sys/inc/sess.php';
include_once '../../sys/inc/home.php';
include_once '../../sys/inc/settings.php';
include_once '../../sys/inc/db_connect.php';
include_once '../../sys/inc/ipua.php';
include_once '../../sys/inc/fnc.php';
include_once '../../sys/inc/user.php';
/* Бан пользователя */
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `razdel` = 'notes' AND `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0' OR `navsegda` = '1')"), 0)!=0)
{
header('Location: /ban.php?'.SID);exit;
}
only_reg();
$set['title']='Дневники';
include_once '../../sys/inc/thead.php';
title();
aut();
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `notes` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1",$db), 0)==0){
header("Location: index.php?".SID);
exit;
}
$notes=mysql_fetch_array(mysql_query("select * from `notes` where `id` = '".intval($_GET['id'])."'"));
if (user_access('notes_edit') || $user['id'] == $notes['id_user'])
{
$avtor = get_user($notes['id_user']);
if (isset($_GET['edit']) && isset($_POST['name']) && $_POST['name']!=NULL && isset($_POST['msg']))
{
$msg=my_esc($_POST['msg']);
$id_dir=intval($_POST['id_dir']);
$privat=intval($_POST['private']);
$privat_komm=intval($_POST['private_komm']);
$type=0;
if($_POST['name']==null)$name=substr(esc(stripslashes(htmlspecialchars($_POST['msg']))),0,24);
else
$name=$_POST['name'];
if (strlen2($name)>50)$err='Длина названия превышает предел в 50 символов';
if (strlen2($msg)<3)$err='Короткий Текст';
if (strlen2($msg)>10000)$err='Длина текста превышает предел в 10000 символа';
if (!isset($err))
{
mysql_query("UPDATE `notes` SET `name` = '".my_esc($name)."', `type` = '$type', `id_dir` = '$id_dir', `msg` = '$msg', `private` = '$privat', `private_komm` = '$privat_komm' WHERE `id`='".intval($_GET['id'])."'");
$_SESSION['message'] = 'Изменения успешно приняты';
header("Location: list.php?id=".intval($_GET['id'])."".SID);
exit;
}
}
err();
$notes=mysql_fetch_array(mysql_query("select * from `notes` where `id`='".intval($_GET['id'])."';"));
echo '<div class="pmenu">';
echo "<form method='post' name='message' action='?id=".intval($_GET['id'])."&edit'>\n";
echo "<input type=\"text\" name=\"name\" value=\"" . text($notes['name']) . "\" /><br />\n";
$msg2 = text($notes['msg']);
if ($set['web'] && is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php')){include_once H.'style/themes/'.$set['set_them'].'/altername_post_form.php';}else{echo "<textarea style='border-radius: 0px 0px 4px 4px; border-top: 0;' rows='5' name=\"msg\">" . text($notes['msg']) . "</textarea><br />\n";}
echo "<select name='id_dir'>\n";
$q=mysql_query("SELECT * FROM `notes_dir` ORDER BY `id` DESC");
while ($post = mysql_fetch_assoc($q))
{
echo "<option value='$post[id]'".($notes['id_dir'] == $post['id'] ?" selected='selected'":null).">" . text($post['name']) . "</option>\n";
}
echo "</select>";
echo '</div>';
echo "<div class='mess'>Могут смотреть:<br /><input name='private' type='radio' ".($notes['private']==0?' checked="checked"':null)." value='0' />Все ";
echo "<input name='private' type='radio' ".($notes['private']==1?' checked="checked"':null)." value='1' />Друзья ";
echo "<input name='private' type='radio' ".($notes['private']==2?' checked="checked"':null)." value='2' />Только я</div>";
echo "<div class='mess'>Могут комментировать:<br /><input name='private_komm' type='radio' ".($notes['private_komm']==0?' checked="checked"':null)." value='0' />Все ";
echo "<input name='private_komm' type='radio' ".($notes['private_komm']==1?' checked="checked"':null)." value='1' />Друзья ";
echo "<input name='private_komm' type='radio' ".($notes['private_komm']==2?' checked="checked"':null)." value='2' />Только я</div>";
echo '<div class="mess">';
echo "<input value=\"Сохранить\" type=\"submit\" />\n";
echo "</form>\n";
echo '</div>';
}
include_once '../../sys/inc/tfoot.php';
?>