25 lines
886 B
PHP
25 lines
886 B
PHP
|
|
<?php
|
||
|
|
|
||
|
|
require_once($_SERVER['DOCUMENT_ROOT']."/config.php");
|
||
|
|
|
||
|
|
if($_SESSION['id'] && $_POST['comment'] && $_POST['object_id'] && is_numeric($_POST['object_id'])) {
|
||
|
|
$post = clearInputData($_POST);
|
||
|
|
|
||
|
|
$sqlObj = "SELECT objects.id_add_user FROM objects WHERE objects.id=$post[object_id]";
|
||
|
|
$rezObj = mysql_query($sqlObj);
|
||
|
|
$obj = mysql_fetch_assoc($rezObj);
|
||
|
|
|
||
|
|
$idUser = $_SESSION['id'];
|
||
|
|
$from_id = $_SESSION['id'];
|
||
|
|
if($obj['id_add_user'] > 0){
|
||
|
|
$idUser = $obj['id_add_user'];
|
||
|
|
}
|
||
|
|
|
||
|
|
if ($post['event_id']) {
|
||
|
|
$sql = "UPDATE user_object_events SET comment = '$post[comment]' WHERE id = $post[event_id] AND object_id = $post[object_id]";
|
||
|
|
} else {
|
||
|
|
$sql = "INSERT INTO user_object_events (user_id, from_id, object_id, type, comment) VALUES ($idUser, $from_id, $post[object_id], 'comment', '$post[comment]')";
|
||
|
|
}
|
||
|
|
|
||
|
|
mysql_query($sql);
|
||
|
|
}
|