<?php
$t = 'Гостевая книга';
require_once '../../wcore/core.php';
require_once '../../wcore/head.php';

if (isset($_POST['ok'])){
    iank();
    if ($_SESSION['csrf_token'] != antixs($_POST['csrf'])){echo msg_err('err',$lang['csrf']);require_once '../../wcore/foot.php';exit();}
    if($_POST['capcha'] != $_SESSION['capcha'])  {echo msg_err('err',$lang['ice']);require_once '../../wcore/foot.php';exit();}
    $msg = antixs($_POST['msg']);
    if (strlen($msg) < 3) {
		echo msg_err('err',$lang['guest_min_sim']);require_once '../../wcore/foot.php';exit();
	} elseif (strlen($msg) > 3000) {
		echo msg_err('err',$lang['guest_max_sim']);require_once '../../wcore/foot.php';exit();
	}
		mysqli_query($mysqli,"INSERT INTO `modules_chat` (`id_user`, `msg`, `time`) values('". $ank->id ."', '". $msg ."', '". time() ."')");
		header('Location: ?');
		exit;
} elseif (isset($_GET['del'])) {
    iank(2);
    mysqli_query($mysqli,"DELETE FROM `modules_chat` WHERE `id` = '".intval($_GET['del'])."'");
	header('Location: ?');
	exit;
} else {
    $k_post=_mc('modules_chat');
    $k_page = k_page($k_post, 10);
    $page = page($k_page);
    $start = 10*$page-10;
    $_tmp_news = mysqli_query($mysqli,"SELECT * FROM `modules_chat` ORDER BY `id` DESC LIMIT $start, 10") or die("Ошибка запроса: ".mysqli_error($mysqli));
    while ($ns = mysqli_fetch_assoc($_tmp_news)){
        $array[] = array('id'=>$ns['id'],'user' => acc($ns['id_user']),'msg' => output($ns['msg']),'time' => ptime($ns['time']), 'who' => acc($ns['id_user']));
    }
    if (!isset($array)){$array = FALSE;}
    $ank_prv = (isset($ank)?$ank->prv:0);
    echo $twig->render('pages_modules_guest.tpl', array(
        'guest' => $array,
        'created'=>$k_post,
        'lang' =>$lang,
        'crfs'=>_csrf(),'user'=>$ank_prv));
    if ($k_page > 1){str('?',$k_page,$page);}
}

require_once '../../wcore/foot.php';
?>