You can`t access this file..."); } global $per1, $per2, $per3, $per4, $per5, $mod,$tbl,$ncomment; if (empty($mod)) $per4=''; else $mod=key_check($mod); if(!empty($wcpsval['max_symbol_name']) && is_numeric($wcpsval['max_symbol_name'])){$max_symbol_name=$wcpsval['max_symbol_name'];} else {$max_symbol_name=555;} if(!empty($wcpsval['max_symbol_slovo']) && is_numeric($wcpsval['max_symbol_slovo'])){$max_symbol_slovo=$wcpsval['max_symbol_slovo'];} else {$max_symbol_slovo=75;} if(!empty($_SESSION['add_coment_modul_stat']))$wcpsval['add_coment_all_stat']=1; $ok=''; if (empty($_SESSION['auth']) && empty($wcpsval['add_coment_all_stat'])) $ok=__LINE__; if ($ok || empty($per4) || !is_numeric($per4)){//add_coment_all_stat=1 можно всем if($mod=='catalog' && is_numeric($per5) && is_numeric($per4)){ $url="$portal_subdir/index.php?nma=catalog&fla=stat&cat_id=$per5&nums=$per4"; } else { $url="$portal_subdir/index.php?nma=$mod&$per5"; } if (empty($wcpsval['no_refresh'])) $text = str_replace( 'url=/', "url=$url", _NOREG_ ); else $text = strip_tags(_NOREG_); print "

".strip_tags(_403_,'
')."

$text

".basename(FILE)." ^$ok

"; $_SESSION['registr_key']=''; $_SESSION['add_coment_modul_stat']=''; } else{ $per1=addslashes(strip_tags(str_uncheck(stripslashes($per1)),"
")); if ($mod=='catalog'){ $mod='catalog'; $sqls=MYSQL_QUERY("SELECT title,mini_text FROM ".$wcpref."catalog_stat WHERE id='$per4'"); if(!MYSQL_NUM_ROWS($sqls)){$ok=__LINE__;$ers_loc=1;} } if($vote_key!=$_SESSION['registr_key']){ $ok.="
". _ERROROSCHIBKA_." ^".__LINE__.""; } if(empty($per1) || strlen($per1)>$max_symbol_name || strlen($per1)<4){ $ok.="
". _ERROROSCHIBKA_." ^".__LINE__.""; } else { if(!preg_match("/^[0-9]/",$per4)){$ok.="
". _ERROROSCHIBKA_." ^".__LINE__."";} $per1 = preg_replace("/\n+/s","\n",$per1); if(!strstr($per1,'
'))$per1=str_replace("\n","
",$per1); $per1=text_link($per1); $per1=anti_mat($per1); } if (empty($per2)){$per2=($_SESSION['auth'])?$_SESSION['user_fio']:$ip;} if (empty($per3)){$per3=($_SESSION['auth'])?$_SESSION['user_mail']:null;} elseif(!test_mail($per3)){ $ok.="
". _ERROROSCHIBKA_." ^".__LINE__.""; } $array_text=explode(" ",$per1); while(list($key, $val) = each($array_text)) { if ( strlen($val)>$max_symbol_slovo ){ $ok.="
"._ERROROSCHIBKA_." ^".__LINE__.""; break; } } if(empty($ok)) $ok .= anti_flood($per2, $wcpsval['portal_flood']); if(empty($ok) && $my_http){ $query="INSERT INTO ".$wcpref."comment VALUES ('', '$per4', '$per2', '$per3', '$now', '$per1', '$mod')"; if(!MYSQL_QUERY($query)) WCInfoView(7,mysql_error()."
",__FILE__." ".__LINE__,1); #echo "$per1
$mod
$per2, $per3
"; $_SESSION['registr_key']=''; $_SESSION['add_coment_all_stat']=''; if (!empty($ncomment) && strstr($ncomment,'com') && !empty($tbl)){ $tbl=key_check($tbl); $ncomment=key_check($ncomment); MYSQL_QUERY("update `".$wcpref."$tbl` SET $ncomment=$ncomment+1 where id='$per4'"); } echo '
'._COMMOK_.'
'; // if ($mod=='catalog'){ list($title,$text) = MYSQL_FETCH_ARRAY($sqls); $per1="
$title
$text
$per1"; } $wcpsval['mail_type']=1; $subject=$wcpsval['module_name']." ".$wcpsval['portal_name']; $datagrate=date_time_new(date("Y-m-d H:i:s",$GLOBALS['korrekt_time']),2); $text="
$per2: $portal_url
$wcpsval[portal_name]
\n
$per1

$mod $per4
$datagrate
\n"; // if (!empty($per3) && !is_numeric($per3)){ wc_mail ($per3, $subject, $text,$GLOBALS['portal_mail']); } $result = MYSQL_QUERY("SELECT user_mail FROM ".$wcpref."user WHERE user_uroven = '1' OR user_uroven = '2'"); while ($row = MYSQL_FETCH_ROW($result)){ if ($GLOBALS['portal_mail']!=$row[0]){ wc_mail ($row[0], $subject, $text,$per3);} } $content=2; } else{ echo "
"._COMMNONE_."
$ok
"; $content=20; } if($mod=='catalog' && is_numeric($per5) && is_numeric($per4)){ echo ""; } else { echo ""; } } ?>

".basename(__FILE__)." $ok

$title

$per2: $portal_url$wcpsval[portal_name]

".basename(FILE)." ^$ok

$per2: $portal_url
$wcpsval[portal_name]