include "bib_fnc/_globals.php"; include "bib_fnc/func_mensagem_top.php"; include "censura/censura.php"; cookie(); // [Gabriel Lima] Filtrando parâmetro pagina (contra XSS\sqli) if(!is_numeric($_GET['pagina'])) $_GET['pagina'] = 1; if($_GET['acao'] == 'logoff' ){ logoff(); } if($_POST['acao'] == 'insert' && $_SESSION['CAR_ID'] != ''){ insert_comentario(); } if($_POST['acao'] == 'update' && $_SESSION['CAR_ID'] != ''){ altera_comentario(); } if($_GET['acao'] == 'delete' && $_SESSION['usu_permissao']{7} == 1){ delete_comentario(); } $top_id = mysql_real_escape_string($_GET['top_id']); $sqls_top = "SELECT * FROM topicos WHERE top_id = '$top_id'"; $querys_top = mysql_query($sqls_top); $rs_top = mysql_fetch_array($querys_top); $for_id = $rs_top['for_id']; $sqls_for = "SELECT for_url FROM forum WHERE for_id = '$for_id'"; $querys_for = mysql_query($sqls_for); $rs_for = mysql_fetch_array($querys_for); /* $car_id = $rs_top['car_id']; $sqls_car = "SELECT car_id, car_apelido FROM cards WHERE car_id = '$car_id'"; $querys_car = mysql_query($sqls_car); $rs_car = mysql_fetch_array($querys_car); $car_nome = xss($rs_car['car_apelido']); */ $query = mysql_fetch_assoc(mysql_query("SELECT top_ativo FROM topicos WHERE top_id = '$top_id'")); if ($query[top_ativo] == 0) { echo ""; die(); } $for_url = $rs_for['for_url']; $top_url = $rs_top['top_url']; $top_id = $rs_top['top_id']; header( "HTTP/1.1 301 Moved Permanently" ); header( "Location: http://www.teamplay.com.br/forum/$for_url/$top_id" ); ?>