include_once '../../sys/inc/start.php'; include_once '../../sys/inc/compress.php'; include_once '../../sys/inc/sess.php'; include_once '../../sys/inc/home.php'; include_once '../../sys/inc/settings.php'; include_once '../../sys/inc/db_connect.php'; include_once '../../sys/inc/ipua.php'; include_once '../../sys/inc/fnc.php'; include_once '../../sys/inc/user.php'; include_once '../../sys/inc/thead.php'; $post=mysql_fetch_assoc(mysql_query("SELECT * FROM `rules` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1")); $set['title'] = htmlspecialchars($post['title']); title(); aut(); // форма авторизации $k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `rules`"),0); if (!isset($_GET['id']) && !is_numeric($_GET['id'])); if ($user['level'] > 2){ if (isset($_POST['msg']) && isset($user)) { $msg=$_POST['msg']; if (strlen2($msg)>99999){$err='Сообщение слишком длинное';} elseif (strlen2($msg)<2){$err='Короткое сообщение';} elseif (mysql_result(mysql_query("SELECT COUNT(*) FROM `rules_p` WHERE `id_news` = '".intval($_GET['id'])."' AND `id_user` = '$user[id]' AND `msg` = '".my_esc($msg)."' LIMIT 1"),0)!=0){$err='Ваше сообщение повторяет предыдущее';} elseif(!isset($err)){ $pos=mysql_result(mysql_query("SELECT MAX(`pos`) FROM `rules_p` WHERE `id_news` = '".intval($_GET['id'])."'"), 0)+1; mysql_query("INSERT INTO `rules_p` (`pos`, `id_user`, `time`, `msg`, `id_news`) values('$pos', '$user[id]', '$time', '".my_esc($msg)."', '".intval($_GET['id'])."')"); $_SESSION['message'] = 'Ваш пост успешно принят'; header("Location: ?id=$post[id]"); exit; } } if (isset($_GET['ids']))$menu=mysql_fetch_assoc(mysql_query("SELECT * FROM `rules_p` WHERE `id` = '".intval($_GET['ids'])."' LIMIT 1")); if (isset($_GET['ids']) && isset($_GET['act']) && $_GET['act']=='up') { mysql_query("UPDATE `rules_p` SET `pos` = '".($menu['pos'])."' WHERE `pos` = '".($menu['pos']-1)."' LIMIT 1"); mysql_query("UPDATE `rules_p` SET `pos` = '".($menu['pos']-1)."' WHERE `id` = '".intval($_GET['ids'])."' LIMIT 1"); $_SESSION['message'] = 'Пункт меню сдвинут на позицию вверх'; header("Location: ?id=$post[id]"); exit; } if (isset($_GET['ids']) && isset($_GET['act']) && $_GET['act']=='down') { mysql_query("UPDATE `rules_p` SET `pos` = '".($menu['pos'])."' WHERE `pos` = '".($menu['pos']+1)."' LIMIT 1"); mysql_query("UPDATE `rules_p` SET `pos` = '".($menu['pos']+1)."' WHERE `id` = '".intval($_GET['ids'])."' LIMIT 1"); $_SESSION['message'] = 'Пункт меню сдвинут на позицию вниз'; header("Location: ?id=$post[id]"); exit; } } $k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `rules_p` WHERE `id_news` = '".intval($_GET['id'])."'"),0); $q=mysql_query("SELECT * FROM `rules_p` WHERE `id_news` = '".intval($_GET['id'])."' ORDER BY `pos` ASC"); echo "