-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathedit_category.php
More file actions
92 lines (92 loc) · 3.26 KB
/
edit_category.php
File metadata and controls
92 lines (92 loc) · 3.26 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
<?php
//This page let an administrator edit a category
include('config.php');
if(isset($_GET['id']))
{
$id = intval($_GET['id']);
$dn1 = mysql_fetch_array(mysql_query('select count(id) as nb1, name, description from categories where id="'.$id.'" group by id'));
if($dn1['nb1']>0)
{
if(isset($_SESSION['username']) and $_SESSION['username']==$admin)
{
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" />
<title>Edit a category - <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> - Forum</title>
</head>
<body>
<div class="header">
<a href="<?php echo $url_home; ?>"><img src="<?php echo $design; ?>/images/logo.png" alt="Forum" /></a>
</div>
<div class="content">
<?php
$nb_new_pm = mysql_fetch_array(mysql_query('select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"'));
$nb_new_pm = $nb_new_pm['nb_new_pm'];
?>
<div class="box">
<div class="box_left">
<a href="<?php echo $url_home; ?>">Forum Index</a> > <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> > Edit the category
</div>
<div class="box_right">
<a href="list_pm.php">Your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_SESSION['userid']; ?>"><?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?></a> (<a href="login.php">Logout</a>)
</div>
<div class="clean"></div>
</div>
<?php
if(isset($_POST['name'], $_POST['description']) and $_POST['name']!='')
{
$name = $_POST['name'];
$description = $_POST['description'];
if(get_magic_quotes_gpc())
{
$name = stripslashes($name);
$description = stripslashes($description);
}
$name = mysql_real_escape_string($name);
$description = mysql_real_escape_string($description);
if(mysql_query('update categories set name="'.$name.'", description="'.$description.'" where id="'.$id.'"'))
{
?>
<div class="message">The category have successfully been edited..<br />
<a href="<?php echo $url_home; ?>">Go to the forum index</a></div>
<?php
}
else
{
echo 'An error occured while editing the category.';
}
}
else
{
?>
<form action="edit_category.php?id=<?php echo $id; ?>" method="post">
<label for="name">Name</label><input type="text" name="name" id="name" value="<?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?>" /><br />
<label for="description">Description</label>(html enabled)<br />
<textarea name="description" id="description" cols="70" rows="6"><?php echo htmlentities($dn1['description'], ENT_QUOTES, 'UTF-8'); ?></textarea><br />
<input type="submit" value="Edit" />
</form>
<?php
}
?>
</body>
</html>
<?php
}
else
{
echo '<h2>You must be logged as an administrator to access this page: <a href="login.php">Login</a> - <a href="signup.php">Sign Up</a></h2>';
}
}
else
{
echo '<h2>The category you want to edit doesn\'t exist..</h2>';
}
}
else
{
echo '<h2>The ID of the category you want to edit is not defined.</h2>';
}
?>