- 01
- 02
- 03
- 04
- 05
- 06
- 07
- 08
- 09
- 10
- 11
if(isset($_POST["x"]) and $_POST["subject"]!="Input subject" and $_POST["text"]!="Input text"){
if(!empty($_POST["subject"]) and !empty($_POST["text"]) and !empty($_POST['id']) and !empty($_POST['username']) and intval($_POST['id'])){
$queryUser = mysql_query('select id_item from data_tbl where idnumber="'.(int)$_POST['id'].'" and username="'.mysql_escape_string($_POST['username']).'"');
if(mysql_num_rows($queryUser)>0){
$arrResult = mysql_fetch_array($queryUser);
mysql_query("insert into tblsupport(strsubject,strinfo,dtmadded,intactive,enmtype_,intiduser) values ('".mysql_escape_string($_POST["subject"])."','
".mysql_escape_string(nl2br($_POST["text"]))."','".date("Y-m-d H:i:s")."','0','$redirect','".$arrResult['id_item']."')");
echo "<script>location.href='supportSuccess.php?type=$redirect';</script>";
}
}
}
cfdev 21.04.2010 16:53 # −13
murz 21.04.2010 16:54 # +7
cfdev 21.04.2010 17:34 # −3
Говногость 21.04.2010 17:16 # +6
fih 21.04.2010 19:25 # 0
DanxilLs 26.04.2010 16:55 # 0