From d2e3a0b41a341edf471cc1e7d56d86aa48493080 Mon Sep 17 00:00:00 2001
From: lopar <lopar.4ever@gmail.com>
Date: Sun, 24 Jun 2018 17:09:58 +0300
Subject: [PATCH] =?UTF-8?q?=D0=91=D0=B0=D0=B3=20=D0=B2=20=D0=B0=D0=B4?=
 =?UTF-8?q?=D0=BC=D0=B8=D0=BD=D0=BA=D0=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 admin/admin.php | 6 +++++-
 post.php        | 3 +--
 2 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/admin/admin.php b/admin/admin.php
index c486c6c..48d4b5e 100644
--- a/admin/admin.php
+++ b/admin/admin.php
@@ -145,7 +145,11 @@ if ($_POST['sbr_par']) {
                 //	while($row = mysql_fetch_array($aligns)) {
                 $aligns = db::c()->query('SELECT `img`,`align`,`name` FROM `aligns` ORDER BY `align`');
                 while ($row = $aligns->fetch_assoc()): ?>
-                    <tr class=row onclick='document.all.im.value=\"{$row['img']}\"; document.all.ali.value=\"{$row['align']}\"; document.all.txt.value=\"{$row['name']}\";'><td><img src='i/{$row['img']}'></td><td>{$row['align']}</td><td>{$row['name']}</td></tr>
+                    <tr class=row onclick='document.all.im.value="<?=$row['img']?>"; document.all.ali.value="<?=$row['align']?>"; document.all.txt.value="<?=$row['name']?>";'>
+                        <td><img src="i/<?=$row['img']?>"></td>
+                        <td><?=$row['align']?></td>
+                        <td><?=$row['name']?></td>
+                    </tr>
                <?php endwhile ?>
                 <tr>
                     <td colspan=3><b>Добавить</b></td>
diff --git a/post.php b/post.php
index 67c60a2..31661b8 100644
--- a/post.php
+++ b/post.php
@@ -20,7 +20,6 @@ $razdelId = filter_input(INPUT_GET, 'razdel');
 $_SESSION['receiverName'] = filter_input(INPUT_POST, 'receiverName');
 $receiverId = null;
 $queryItems = null;
-$allowOperations = false;
 
 if ($_SESSION['receiverName']) {
     $receiver = db::c()->query('SELECT `id`, `level`, `login` FROM `users` WHERE `login` = "?s"', $_SESSION['receiverName'])->fetch_assoc();
@@ -65,7 +64,7 @@ if ($_SESSION['receiverName']) {
         }
         $queryItems = db::c()->query('SELECT * FROM `inventory` WHERE `owner` = ?i AND `dressed` = 0 AND `setsale` = 0 AND `present` = "?s" AND `artefact` = 0 ORDER BY `update` DESC', $_SESSION['uid'], null);
     }
-}
+} else $allowOperations = false;
 ?>
 <!DOCTYPE html>
 <html>