85 lines
2.4 KiB
PHP
85 lines
2.4 KiB
PHP
<?
|
|
header("Content-type: text/html; charset=windows-1251");
|
|
?>
|
|
<html>
|
|
<head>
|
|
<title></title>
|
|
</head>
|
|
<body>
|
|
<?
|
|
$user="rusty_angel";
|
|
$secret="u873hkT";
|
|
if($_POST['user']!=$user || $_POST['secret']!=$secret) {
|
|
?>
|
|
<form method="post" action="/addpub.php?id=<?=$_GET['id']?>">
|
|
<input type="input" name="user">
|
|
<input type="password" name="secret">
|
|
<input type="submit">
|
|
<?
|
|
die();
|
|
}
|
|
|
|
if(!isset($_GET['id'])) die;
|
|
|
|
$forum_version = 'SMF 1.0.6';
|
|
|
|
// Get everything started up...
|
|
define('SMF', 1);
|
|
@set_magic_quotes_runtime(0);
|
|
error_reporting(E_ALL);
|
|
$time_start = microtime();
|
|
|
|
// Load the settings...
|
|
require_once('forum/Settings.php');
|
|
|
|
// Just in case something happens to Settings.php, let's try to at least load an error screen.
|
|
//if (!isset($sourcedir))
|
|
$sourcedir = 'forum/Sources';
|
|
|
|
require_once($sourcedir . '/Subs.php');
|
|
|
|
// Connect to the MySQL database.
|
|
if (empty($db_persist))
|
|
$db_connection = @mysql_connect($db_server, $db_user, $db_passwd);
|
|
else
|
|
$db_connection = @mysql_pconnect($db_server, $db_user, $db_passwd);
|
|
db_query("SET NAMES CP1251", __FILE__,__LINE__);
|
|
// Show an error if the connection couldn't be made.
|
|
if (!$db_connection || !@mysql_select_db($db_name, $db_connection))
|
|
db_fatal_error();
|
|
|
|
$id=intval($_GET['id']);
|
|
$post=mysql_fetch_assoc(db_query("SELECT * FROM smf_messages WHERE ID_MSG=$id", __FILE__, __LINE__));
|
|
if(!isset($_GET['do'])) {
|
|
$r=db_query("SELECT id, name FROM categories", __FILE__, __LINE__);
|
|
|
|
while($cats[]=mysql_fetch_assoc($r));
|
|
?>
|
|
<form action="/addpub.php?id=<?=$id?>&do" method="post">
|
|
<input type="text" name="title" value="<?=$post['subject']?>">
|
|
<select name="cat">
|
|
<?
|
|
foreach($cats as $cat) {
|
|
?>
|
|
<option value="<?=$cat['id']?>"><?=$cat['name']?></option>
|
|
<? } ?>
|
|
</select><br>
|
|
<textarea name="brief" rows="15" cols="65">
|
|
<?=$post['body']?>
|
|
</textarea>
|
|
<input type="hidden" name="user" value="<?=$user?>">
|
|
<input type="hidden" name="secret" value="<?=$secret?>">
|
|
<input type="submit">
|
|
</form>
|
|
<?
|
|
} else {
|
|
$_POST['title'] = mysql_real_escape_string($_POST['title']);
|
|
$_POST['brief'] = mysql_real_escape_string($_POST['brief']);
|
|
$ts = date('U');
|
|
mysql_query("INSERT INTO publications(id_post, id_category, timestamp, title, brief) VALUES($id, {$_POST['cat']}, '{$ts}', '{$_POST['title']}', '{$_POST['brief']}')") or die(mysql_error());
|
|
echo '<a href="/forum/">OK</a>';
|
|
}
|
|
?>
|
|
</body>
|
|
</html>
|