From 81415acba4a597219df48cf63d53a23a047710ff Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 13:43:50 +0200
Subject: [PATCH 1/8] =?UTF-8?q?=D0=A3=D0=B1=D1=80=D0=B0=D0=BB=20Deprecated?=
 =?UTF-8?q?.=20=D0=A0=D0=B0=D0=B1=D0=BE=D1=87=D0=B0=D1=8F=20=D0=B2=D0=B5?=
 =?UTF-8?q?=D1=80=D1=81=D0=B8=D1=8F.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 contacts.php | 88 ++++++++++++++++++----------------------------------
 1 file changed, 30 insertions(+), 58 deletions(-)

diff --git a/contacts.php b/contacts.php
index fb51dd0..cf7739f 100644
--- a/contacts.php
+++ b/contacts.php
@@ -2,69 +2,42 @@
 ob_start("ob_gzhandler");
 session_start();
 if ($_SESSION['uid'] == null) header("Location: index.php");
+require_once 'config.php';
 
-require_once 'functions.php';
-$friend = db::c()->query('SELECT * FROM `friends` WHERE `user` = ?i', $_SESSION['uid'])->fetch_assoc();
+if (input::post('friendadd')) {
+    $q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendadd'))->fetch_assoc();
+    $q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
 
-if ($_POST['sd4'] && $_POST['friendadd']) {
-    $_POST['friendadd'] = htmlspecialchars($_POST['friendadd'], NULL, 'cp1251');
-    if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendadd'])) $status = 'Персонаж не найден.';
-    else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendadd']}' LIMIT 1;"));
-
-    $_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
-    $igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
-    if (!$igogo['id']) $status = 'Персонаж не найден.';
-    elseif ($igogo['id'] == $user['id']) $status = 'Себя добавить нельзя.';
-    elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
-    elseif ($igogo2['friend']) $status = 'Персонаж уже есть в списке.';
+    if (!$q['id']) $status = 'Персонаж не найден.';
+    elseif ($q['id'] == $_SESSION['uid']) $status = 'Себя добавить нельзя.';
+    elseif ($q2->getNumRows()) $status = 'Персонаж уже есть в списке.';
     else {
-        if ($_POST['group'] == 0) $friend = $igogo['id'];
-
-        mysql_query("INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES(" . $user['id'] . ", " . $friend . ", '" . $_POST['comment'] . "');");
+        db::c()->query('INSERT INTO `friends` (`user`, `friend`, `comment`) VALUES (?i,?i,"?s")', $_SESSION['uid'], $q['id'], input::post('comment'));
         $status = 'Контакт добавлен.';
     }
 }
 
-if ($_POST['friendremove']) {
-    $_POST['friendremove'] = htmlspecialchars($_POST['friendremove'], NULL, 'cp1251');
-    if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendremove'])) $status = 'Персонаж не найден.';
-    else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendremove']}' LIMIT 1;"));
+if (input::post('friendremove')) {
+    $q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendremove'))->fetch_assoc();
+    $q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
 
-    if (!$igogo['id']) $status = 'Персонаж не найден.';
+    if (!$q['id'] OR !$q2->getNumRows()) $status = 'Персонаж не найден.';
     else {
-        $igogo2 = mysql_fetch_array(mysql_query("SELECT enemy,friend,notinlist FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
-        if (!$igogo2['friend']) $status = 'Персонаж не найден.';
-        else {
-            $per = "`friend`='" . $igogo2['friend'] . "'";
-
-            mysql_query("DELETE FROM `friends` WHERE `user`='" . $user['id'] . "' and " . $per . ";");
-            $status = 'Контакт удалён.';
-        }
+        db::c()->query('DELETE FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
+        $status = 'Контакт удалён.';
     }
 }
 
-if ($_POST['friendedit']) {
-    $_POST['friendedit'] = htmlspecialchars($_POST['friendedit'], NULL, 'cp1251');
-    if (preg_match('/^[- \p{L}\d]+$/u', $_POST['friendedit'])) $status = 'Персонаж не найден.';
-    else $igogo = mysql_fetch_array(mysql_query("SELECT id FROM `users` WHERE `login` = '{$_POST['friendedit']}' LIMIT 1;"));
+if (input::post('friendedit')) {
+    $q = db::c()->query('SELECT `id` FROM `users` WHERE `login` = "?s"', input::post('friendedit'))->fetch_assoc();
+    $q2 = db::c()->query('SELECT 1 FROM `friends` WHERE `user` = ?i AND `friend` = ?i', $_SESSION['uid'], $q['id']);
 
-    $_POST['comment'] = htmlspecialchars($_POST['comment'], NULL, "");
-
-    if (!$igogo['id']) $status = 'Персонаж не найден.';
-    elseif ($igogo['id'] == $user['id']) $status = 'Себя отредактировать нельзя.';
-    elseif (preg_match('/^[- \p{L}\d]+$/u', $_POST['comment'])) $status = 'Ошибка ввода: запрещённые символы!';
+    if (!$q2['friend']) $status = 'Персонаж не найден.';
     else {
-        if ($_POST['group'] == 0) $friend = $igogo['id'];
-
-        $igogo2 = mysql_fetch_array(mysql_query("SELECT friend FROM `friends` WHERE `user` = '" . $user['id'] . "' and `friend`=" . $igogo['id'] . " LIMIT 1;"));
-        if (!$igogo2['friend']) $status = 'Персонаж не найден.';
-        else {
-            $per = "`friend`='" . $igogo2['friend'] . "'";
-
-            mysql_query("UPDATE `friends` SET `friend` = " . $friend . ",`comment` = " . $_POST['comment'] . "  WHERE `user`='" . $user['id'] . "' and " . $per . "");
-            $status = 'Контакт изменён.';
-        }
+        db::c()->query('UPDATE `friends` SET `comment` = "?s" WHERE `user` = ?i AND `friend` = ?i', input::post('comment'), $_SESSION['uid'], $q['id']);
+        $status = 'Контакт изменён.';
     }
+
 }
 
 $admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER BY `login` ASC', (time() - 60));
@@ -81,7 +54,8 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 <div style="text-align: right">
     <input type='button' style='width: 100px' value='Добавить контакт' onclick='addcontact()'>
     <input type='button' style='width: 100px' value='Удалить контакт' onclick='removecontact()'>
-    <input type='button' value='Обновить' style='width: 75px' onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
+    <input type='button' value='Обновить' style='width: 75px'
+           onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
     <input TYPE='button' value='Вернуться' style='width: 75px' onclick='location="main.php"'>
 </div>
 <div id=hint4 class=ahint>
@@ -128,7 +102,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
     function editcontact(login, comment) {
         var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Редактировать контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
         s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
-        s += '<tr><td><input type="hidden" name="friendedit" value="' + login + '"><input type="hidden" name="sd4">';
+        s += '<tr><td><input type="hidden" name="friendedit" value="' + login + '">';
         s += '<input name="comment" value="' + comment + '" placeholder="Комментарий" style="width: 105px"> ';
         s += '<input type="submit" value="Сохранить"></td></tr></form></table>';
         s += '</td></tr></table>';
@@ -145,7 +119,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
         s += '<table width=100% bgcolor=FFF6DD align=center><form method=POST>';
         s += '<tr><td><input name="friendadd" placeholder="Логин" style="width:105px"> ';
         s += '<input name="comment" placeholder="Комментарий" style="width:105px"></td></tr>';
-        s += '<tr><td><input type="submit" value="Добавить запись"><input type="hidden" name="sd4"></td></tr></form></table>';
+        s += '<tr><td><input type="submit" value="Добавить запись"></td></tr></form></table>';
         s += '</td></tr></table>';
         document.getElementById("hint4").innerHTML = s;
         document.getElementById("hint4").style.visibility = "visible";
@@ -158,22 +132,20 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
     function removecontact() {
         var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Удалить контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
         s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
-        s += '<tr><td><input type="hidden" name="sd4">';
-        s += '<input name="friendremove" placeholder="Логин" style="width: 105px"> ';
+        s += '<tr><td><input name="friendremove" placeholder="Логин" style="width: 105px"> ';
         s += '<input type="submit" value="Удалить"></td></tr></form></table>';
         s += '</td></tr></table>';
         document.getElementById("hint4").innerHTML = s;
         document.getElementById("hint4").style.visibility = "visible";
         document.getElementById("hint4").style.left = 100;
-        document.getElementById("hint4").style.top = document.body.scrollTop+50;
+        document.getElementById("hint4").style.top = document.body.scrollTop + 50;
         document.getElementById(name).focus();
         Hint3Name = name;
     }
 
-    function closehint()
-    {
-        document.getElementById("hint4").style.visibility="hidden";
-        Hint3Name='';
+    function closehint() {
+        document.getElementById("hint4").style.visibility = "hidden";
+        Hint3Name = '';
     }
 </script>
 </body>

From a71e31c18961a92e9a520b420cf765ee117bb46e Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 13:52:21 +0200
Subject: [PATCH 2/8] =?UTF-8?q?=D0=A3=D0=B1=D1=80=D0=B0=D0=BB=20=D0=B4?=
 =?UTF-8?q?=D1=83=D0=B1=D0=BB=D0=B8=D1=80=D1=83=D1=8E=D1=89=D0=B8=D0=B5=20?=
 =?UTF-8?q?=D1=84=D0=B0=D0=B9=D0=BB=D1=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 contacts.php           |  2 -
 css/friend/design3.css | 99 ------------------------------------------
 css/friend/main.css    | 40 -----------------
 3 files changed, 141 deletions(-)
 delete mode 100644 css/friend/design3.css
 delete mode 100644 css/friend/main.css

diff --git a/contacts.php b/contacts.php
index cf7739f..fe29527 100644
--- a/contacts.php
+++ b/contacts.php
@@ -47,8 +47,6 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 <HEAD>
     <meta charset="utf-8">
     <link rel=stylesheet href="css/main.css">
-    <link rel=stylesheet href="css/friend/main.css">
-    <link href="css/friend/design3.css" rel="stylesheet" type="text/css">
 </HEAD>
 <body>
 <div style="text-align: right">
diff --git a/css/friend/design3.css b/css/friend/design3.css
deleted file mode 100644
index 3411cf4..0000000
--- a/css/friend/design3.css
+++ /dev/null
@@ -1,99 +0,0 @@
-body {
-	margin: 0px 1px 0px 1px;
-	padding: 0px 1px 0px 1px;
-	background-color: #dedede;
-	color: #000000;
-}
-
-.main_text {
-	font-weight: bold;
-	font-size: 10px;
-	text-decoration: none;
-	color:#f0f0f0;
-	cursor:hand;	
-}
-
-.menutop, a.menutop:visited,  a.menutop:active {
-	font-weight: bold; 
-	font-size: 10px;
-	text-decoration: none; 
-	color: #3B3936;
-}
-
-a.menutop:hover {
-	color: #76726b;
-}
-
-.name {
-	font-weight: bold; 
-	font-size: 12px;
-}
-
-.parametr_title {
-	font-weight: bold; 
-	font-size: 11px;
-	color: #777773;
-}
-
-.prname {
-	padding-left: 4px;
-	font-size: 11px;
-	font-family: Arial, Helvetica, sans-serif;
-}
-
-.prvalue {
-	font-size: 11px;
-	font-family: Arial, Helvetica, sans-serif;	
-}
-
-.btn {
-	border: 1px double #9a9996;
-	font-size: 12px;
-	color: #dfdfdf;
-	background-color:#504F4C;
-}
-
-.mainmenu {
-	color: #23292C;
-	border-top-width: 1px;
-	border-right-width: 1px;
-	border-bottom-width: 1px;
-	border-left-width: 1px;
-	border-top-style: solid;
-	border-right-style: none;
-	border-bottom-style: solid;
-	border-left-style: solid;
-	border-top-color: #969697;
-	border-right-color: #969697;
-	border-bottom-color: #000000;
-	border-left-color: #969697;
-	background-color: #BABABB;
-	cursor:hand;
-}
-
-.maptext {
-	font-weight: bold; 
-	font-size: 12px;
-	color: #000000;
-	font-family: Arial, Helvetica, sans-serif;
-}
-.posit {
-	border-top-width: 1px;
-	border-right-width: 1px;
-	border-bottom-width: 1px;
-	border-left-width: 1px;
-	border-top-style: solid;
-	border-right-style: solid;
-	border-bottom-style: solid;
-	border-left-style: solid;
-	border-top-color: #FFFFFF;
-	border-right-color: #666666;
-	border-bottom-color: #666666;
-	border-left-color: #FFFFFF;
-	padding: 2px;
-}
-
-td {
-  font-size: 10pt;
-  font-family: Verdana, Arial, Helvetica, Tahoma, sans-serif;
-}
\ No newline at end of file
diff --git a/css/friend/main.css b/css/friend/main.css
deleted file mode 100644
index 8c12988..0000000
--- a/css/friend/main.css
+++ /dev/null
@@ -1,40 +0,0 @@
-body, td, ol, ul, li , p {
-  FONT-SIZE: 10pt;
-  FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif;
-}
-.text {
-  FONT-SIZE: 10pt; COLOR: #000000; FONT-WEIGHT: normal;
-  FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif;
-}
-H3			{ COLOR: #8f0000;  FONT-FAMILY: Arial;  FONT-SIZE: 12pt;  FONT-WEIGHT: bold; TEXT-ALIGN: center }
-H4			{ COLOR: #8f0000;  FONT-FAMILY: Arial;  FONT-SIZE: 11pt;  FONT-WEIGHT: bold; MARGIN-BOTTOM: 5px;}
-H5			{ COLOR: #4f0000;  FONT-FAMILY: Arial;  FONT-SIZE: 11pt;  FONT-WEIGHT: bold; MARGIN-BOTTOM: 0px; MARGIN-TOP: 0px;}
-a,a:visited { text-decoration: none; FONT-WEIGHT: bold; color: #003388; }
-a:active	{ color: #6F0000}
-a:hover		{ color: #0066FF}
-.date		{ font-family: Courier; font-size: 8pt; text-decoration:none; font-weight:normal; color: #007000}
-.date2		{ font-family: Courier; font-size: 8pt; text-decoration:none; font-weight:normal; color: #007000; background-color: #00FFAA}
-.sysdate	{ font-family: Courier; font-size: 8pt; text-decoration:none; font-weight:normal; color: #B00000}
-.private	{ font-weight:bold; color: red; background-color: #FAE0E0}
-.number		{ font-size: 11pt; font-weight: bold; color: #6F0000}
-.dsc		{ color: #606060; font-weight:normal; }
-select,textarea,input	{ border: solid 1pt #B0B0B0; font-family: MS Sans Serif; font-size: 10px; color: #191970; MARGIN-BOTTOM: 2px; MARGIN-TOP: 1px;}
-
-.ahint		{font-family: MS Sans Serif; font-size:8px; text-decoration:none; color:#000080;z-index: 99;}
-#hint2		{position:absolute; width:140; background-color:#FFF6DD; layer-background-color:#FFF6DD; visibility:hidden}
-#hint3		{position:absolute; width:240; background-color:#FFF6DD; layer-background-color:#FFF6DD; visibility:hidden}
-#hint4		{position:absolute; width:240; visibility:hidden}
-
-.B1			{ font-weight: bold; color: #6666CC}
-.B2			{ font-weight: bold; color: #B06A00}
-.B3                     { font-weight: bold; color: #269088}
-.B4                     { font-weight: bold; color: #A0AF20}
-.B5                     { font-weight: bold; color: #0F79D3}
-.B6                     { font-weight: bold; color: #D85E23}
-.B7                     { font-weight: bold; color: #5C832F}
-.B8                     { font-weight: bold; color: #842B61}
-.B9                     { font-weight: bold; color: navy}
-.Bs1			{ font-size: 8pt; font-weight:bold; color: #6666CC}
-.Bs2			{ font-weight:bold; color: #B06A00}
-img,table	{border:0}
-

From bde8c97790e14978167fede093bef1d6ab77ee8b Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 14:11:33 +0200
Subject: [PATCH 3/8] =?UTF-8?q?=D0=BF=D1=80=D0=B0=D0=B2=D0=BA=D0=B8=20?=
 =?UTF-8?q?=D1=81=D1=82=D0=B8=D0=BB=D1=8F?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 contacts.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/contacts.php b/contacts.php
index fe29527..5c5a999 100644
--- a/contacts.php
+++ b/contacts.php
@@ -50,8 +50,8 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 </HEAD>
 <body>
 <div style="text-align: right">
-    <input type='button' style='width: 100px' value='Добавить контакт' onclick='addcontact()'>
-    <input type='button' style='width: 100px' value='Удалить контакт' onclick='removecontact()'>
+    <input type='button' value='Добавить контакт' onclick='addcontact()'>
+    <input type='button' value='Удалить контакт' onclick='removecontact()'>
     <input type='button' value='Обновить' style='width: 75px'
            onclick='location="/contacts.php?friends=<?= mt_rand() ?>"'>
     <input TYPE='button' value='Вернуться' style='width: 75px' onclick='location="main.php"'>
@@ -64,7 +64,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 <TABLE width="100%">
     <TR>
         <TD style="vertical-align: top; background: silver;">
-            <TABLE cellspacing=0 cellpadding=2 width="100%">
+            <TABLE cellspacing=1 width="100%">
                 <tr>
                     <td colspan="3"><h3>Контакты</h3></td>
                 </tr>
@@ -79,7 +79,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                             else echo "<span style='color: grey'>" . nick::id($us['id'])->full() . "</span><br>";
                             ?>
                         </TD>
-                        <TD style="background: #efeded; width: 60%; font-style: italic;">
+                        <TD style="background: darkgrey; width: 65%; padding: 0.2em 1em; border-radius: 2px;">
                             <small><?= $row['comment'] ?></small>
                         </TD>
                         <TD width="1%">

From 54dc2b620af84cfaa773e42a371daab9e9343762 Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 14:15:04 +0200
Subject: [PATCH 4/8] =?UTF-8?q?=D0=BF=D1=80=D0=B0=D0=B2=D0=BA=D0=B8=20?=
 =?UTF-8?q?=D1=81=D1=82=D0=B8=D0=BB=D1=8F=20(=D0=B4=D0=B0,=20=D0=B2=D1=83?=
 =?UTF-8?q?=D0=BB=D1=8C=D0=B3=D0=B0=D1=80=D0=BD=D0=BE)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 contacts.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contacts.php b/contacts.php
index 5c5a999..472f73a 100644
--- a/contacts.php
+++ b/contacts.php
@@ -83,7 +83,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                             <small><?= $row['comment'] ?></small>
                         </TD>
                         <TD width="1%">
-                            <input type='button' style="float: right" value="Редактировать"
+                            <input type='button' style="float: right background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
                                    onclick='editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")'>
                         </TD>
                     </TR>

From 3116b8a5eb2d344685a7554b664a29592f32a39b Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 14:20:49 +0200
Subject: [PATCH 5/8] =?UTF-8?q?=D0=AD=D0=BA=D1=88=D0=BD=D1=8B,=20=D0=B2?=
 =?UTF-8?q?=D1=81=D0=BF=D0=BB=D1=8B=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5=20=D0=BF?=
 =?UTF-8?q?=D0=BE=D0=B2=D0=B5=D1=80=D1=85,=20=D0=BE=D0=BF=D0=B5=D1=87?=
 =?UTF-8?q?=D0=B0=D1=82=D0=BA=D0=B0=20=D0=B2=20=D1=81=D1=82=D0=B8=D0=BB?=
 =?UTF-8?q?=D1=8F=D1=85.?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 contacts.php | 8 ++++----
 css/main.css | 3 ++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/contacts.php b/contacts.php
index 472f73a..adfb80a 100644
--- a/contacts.php
+++ b/contacts.php
@@ -83,7 +83,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                             <small><?= $row['comment'] ?></small>
                         </TD>
                         <TD width="1%">
-                            <input type='button' style="float: right background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
+                            <input type='button' style="background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
                                    onclick='editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")'>
                         </TD>
                     </TR>
@@ -99,7 +99,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 <script>
     function editcontact(login, comment) {
         var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Редактировать контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
-        s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
+        s += '<table width=100% align=center bgcolor=FFF6DD><form action="contacts.php" method=POST>';
         s += '<tr><td><input type="hidden" name="friendedit" value="' + login + '">';
         s += '<input name="comment" value="' + comment + '" placeholder="Комментарий" style="width: 105px"> ';
         s += '<input type="submit" value="Сохранить"></td></tr></form></table>';
@@ -114,7 +114,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 
     function addcontact() {
         var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><B>Добавить контакт</td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
-        s += '<table width=100% bgcolor=FFF6DD align=center><form method=POST>';
+        s += '<table width=100% bgcolor=FFF6DD align=center><form action="contacts.php" method=POST>';
         s += '<tr><td><input name="friendadd" placeholder="Логин" style="width:105px"> ';
         s += '<input name="comment" placeholder="Комментарий" style="width:105px"></td></tr>';
         s += '<tr><td><input type="submit" value="Добавить запись"></td></tr></form></table>';
@@ -129,7 +129,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
 
     function removecontact() {
         var s = '<table width=250 bgcolor=CCC3AA><tr><td align=center><b>Удалить контакт</b></td><td width=20 align=right valign=top style="cursor: hand" onclick="closehint();"><b>x</td></tr><tr><td colspan=2>';
-        s += '<table width=100% align=center bgcolor=FFF6DD><form method=POST>';
+        s += '<table width=100% align=center bgcolor=FFF6DD><form action="contacts.php" method=POST>';
         s += '<tr><td><input name="friendremove" placeholder="Логин" style="width: 105px"> ';
         s += '<input type="submit" value="Удалить"></td></tr></form></table>';
         s += '</td></tr></table>';
diff --git a/css/main.css b/css/main.css
index 7e9e0ad..c0a4895 100644
--- a/css/main.css
+++ b/css/main.css
@@ -75,7 +75,8 @@ SELECT, TEXTAREA, INPUT {
 .ahint {
     FONT-SIZE: 8px;
     COLOR: #000080;
-    TEXT-DECORATION: none
+    TEXT-DECORATION: none;
+    z-index: 50;
 }
 
 #hint3 {

From c4273d88196892ab5ecc0f0d4c4dd778a50962ec Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 16:44:31 +0200
Subject: [PATCH 6/8] test

---
 contacts.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/contacts.php b/contacts.php
index adfb80a..5b9ba0e 100644
--- a/contacts.php
+++ b/contacts.php
@@ -43,6 +43,7 @@ if (input::post('friendedit')) {
 $admins_list = db::c()->query('SELECT `id` FROM `users` WHERE `admin` = 1 ORDER BY `login` ASC', (time() - 60));
 $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE `friend` > 0 AND `user` = ?i', $_SESSION['uid']);
 ?>
+<!doctype html>
 <HTML>
 <HEAD>
     <meta charset="utf-8">
@@ -84,7 +85,8 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                         </TD>
                         <TD width="1%">
                             <input type='button' style="background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
-                                   onclick='editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")'>
+                                   onclick='use(`comment`,`wow`)'>
+<!--                     editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")       -->
                         </TD>
                     </TR>
                 <? endwhile; ?>
@@ -145,6 +147,10 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
         document.getElementById("hint4").style.visibility = "hidden";
         Hint3Name = '';
     }
+
+    function use(option, placeholder) {
+        document.getElementById(option).innerHTML = "<form method='post'><input placeholder='"+placeholder+"' name='"+option+"'><input value='Ок' type='submit'></form>";
+    }
 </script>
 </body>
 </HTML>
\ No newline at end of file

From 38b0008b404c5b7f5020da76db9fd9b80b331dfc Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 17:02:19 +0200
Subject: [PATCH 7/8] test

---
 contacts.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contacts.php b/contacts.php
index 5b9ba0e..2afcd8d 100644
--- a/contacts.php
+++ b/contacts.php
@@ -85,7 +85,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                         </TD>
                         <TD width="1%">
                             <input type='button' style="background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
-                                   onclick='use(`comment`,`wow`)'>
+                                   onclick='use('comment','wow')'>
 <!--                     editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")       -->
                         </TD>
                     </TR>

From 9f3ee049b1b3e2192a0c2c7f38f2be5c10b5716e Mon Sep 17 00:00:00 2001
From: "Igor Barkov [iwork]" <lopar.4ever@gmail.com>
Date: Fri, 14 Dec 2018 17:02:58 +0200
Subject: [PATCH 8/8] test

---
 contacts.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/contacts.php b/contacts.php
index 2afcd8d..5c5ef5e 100644
--- a/contacts.php
+++ b/contacts.php
@@ -85,7 +85,7 @@ $contacts_list = db::c()->query('SELECT `friend`,`comment` FROM `friends` WHERE
                         </TD>
                         <TD width="1%">
                             <input type='button' style="background: darkgrey; border: 1px solid grey; border-radius: 2px;" value="Редактировать"
-                                   onclick='use('comment','wow')'>
+                                   onclick='use("comment","wow")'>
 <!--                     editcontact("<?= $us['login'] ?>", "<?= $row['comment'] ?>")       -->
                         </TD>
                     </TR>