if(isset($_GET["action"]))
{
if($_GET["action"]=="comment")
{
$id = $_GET["id"];
$message = htmlspecialchars($clean["message"],ENT_QUOTES);
$user = $_SESSION["username"];
if(empty($message))
{
echo '<br/><div class="error">comment left blank</div><br/>';
echo '<br/><div class="center"><a href="reply.php?id='.$id.'">Back</a></div>';
include "inc/foot.php";
exit();
}
$smiley = get_string($message, "-", "-");
if(file_exists('img/smilies/1/'.$smiley.'.gif')){
$message = str_replace($smiley,'<img src="img/smilies/1/'.$smiley.'.gif" alt="-"/>',$message);
$message = str_replace('-','',$message);
}
else
{
$date=time();
mysql_query("INSERT INTO forumreply SET id='', message='$message', forum='.$id.', user='$user', date='$date'");
}
header("Location: reply.php?id='.$id.'");
exit();
}
}