-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathedit-post.php
More file actions
94 lines (88 loc) · 3.02 KB
/
edit-post.php
File metadata and controls
94 lines (88 loc) · 3.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
<?php
#session_start();
include 'system.php';
System::getPageHeader();
if((isset($_SESSION['is_logged']) === true) && ($_SESSION['user_info']['type'] === "Администратор" || $_SESSION['user_info']['type'] === "Модератор")){
function clear($message)
{
if (!get_magic_quotes_gpc()) {
$message = addslashes($message);
$message = strip_tags($message);
$message = htmlentities($message);
//$message = htmlspecialchars($message);
//$message = mysql_real_escape_string($message);
return trim($message);
}
}
System::db_init();
if(!isset($_GET['id']))
{
$query = System::run_mysql_query("SELECT * FROM web_info ORDER BY id DESC");
echo '<article id="main_content_body">
<header>
<div id="main_content_title">Редактирай публикация</div>
</header><br />';
while($output = mysql_fetch_assoc($query)) {
echo '<p>'.$output['subject'].' » <a href="?id='.$output['id'].'">Редактирай</a></p>';
}
echo '
<footer>
<a class="underline" href="edit-post.php">Назад</a>
</footer>
</article>';
}
else
{
if (isset($_POST['submit']))
{
$postedby = clear($_POST['postedby']);
$subject = clear($_POST['subject']);
$content = clear($_POST['content']);
$url = clear($_POST['url']);
$date = mktime();
$id = $_GET['id'];
System::run_mysql_query("UPDATE web_info SET subject='$subject', content='$content', posted_by='$postedby', url='$url', date='$date' WHERE id='$id'");
echo '
<article id="main_content_body">
<header>
<div id="main_content_title"></div>
</header><br />
<p><img src="img/success.png" width="24" height="24" /> <span style="bottom:7px; position:relative;">Редакцията беше успешна.</span></P>
<footer>
<a class="underline" href="edit-post.php">Назад</a>
</footer>
</article>';
}
else
{
$id = $_GET['id'];
$query = System::run_mysql_query("SELECT * FROM web_info WHERE id='$id'");
$output = mysql_fetch_assoc($query);
?>
<article id="main_content_body">
<header>
<div id="main_content_title">Редактирай публикация</div>
</header><br />
<p>
<form method="post" action="?id=<?php echo $output['id']; ?>">
Редакция на <?php echo $output['subject']; ?><br />
Публикувано от:<br /><input name="postedby" id="postedby" type="Text" size="50" maxlength="50" value="<?php echo $output['posted_by']; ?>"><br />
Тема:<br /><input name="subject" id="subject" type="Text" size="50" maxlength="50" value="<?php echo $output['subject']; ?>"><br />
Съдържание:<br /><textarea name="content" cols="50" rows="5"><?php echo $output['content']; ?></textarea><br /><br />
Линк:<br /><input name="url" id="url" type="Text" size="50" maxlength="255" value="<?php echo $output['url']; ?>"><br /><br />
<input type="submit" name="submit" value="Редактирай">
</form>
</P>
<footer>
<a class="underline" href="edit-post.php">Назад</a>
</footer>
</article>
<?php
}
}
} else {
header('Location: index.php');
exit;
}
System::getPageFooter();
?>