/**
* @package admin
* @copyright Copyright 2003-2006 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: reviews.php 4737 2006-10-13 07:13:11Z drbyte $
*/
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
$status_filter = isset($_GET['status']) ? $_GET['status'] : '';
$status_list[] = array('id' => 1, 'text' => TEXT_PENDING_APPROVAL);
$status_list[] = array('id' => 2, 'text' => TEXT_APPROVED);
if (zen_not_null($action)) {
switch ($action) {
case 'setflag':
zen_set_reviews_status($_GET['id'], $_GET['flag']);
zen_redirect(zen_href_link(FILENAME_REVIEWS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . 'rID=' . $_GET['id'], 'NONSSL'));
break;
case 'update':
$reviews_id = zen_db_prepare_input($_GET['rID']);
$reviews_rating = zen_db_prepare_input($_POST['reviews_rating']);
$reviews_text = zen_db_prepare_input($_POST['reviews_text']);
$db->Execute("update " . TABLE_REVIEWS . "\r\n set reviews_rating = '" . zen_db_input($reviews_rating) . "',\r\n last_modified = now() where reviews_id = '" . (int) $reviews_id . "'");
$db->Execute("update " . TABLE_REVIEWS_DESCRIPTION . "\r\n set reviews_text = '" . zen_db_input($reviews_text) . "'\r\n where reviews_id = '" . (int) $reviews_id . "'");
zen_redirect(zen_href_link(FILENAME_REVIEWS, 'page=' . $_GET['page'] . '&rID=' . $reviews_id));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
$messageStack->add_session(ERROR_ADMIN_DEMO, 'caution');
* @package admin
* @copyright Copyright 2003-2011 Zen Cart Development Team
* @copyright Portions Copyright 2003 osCommerce
* @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
* @version $Id: reviews.php 19330 2011-08-07 06:32:56Z drbyte $
*/
require 'includes/application_top.php';
$action = isset($_GET['action']) ? $_GET['action'] : '';
$status_filter = isset($_GET['status']) ? $_GET['status'] : '';
$status_list[] = array('id' => 1, 'text' => TEXT_PENDING_APPROVAL);
$status_list[] = array('id' => 2, 'text' => TEXT_APPROVED);
if (zen_not_null($action)) {
switch ($action) {
case 'setflag':
if (isset($_POST['flag']) && ($_POST['flag'] == 1 || $_POST['flag'] == 0)) {
zen_set_reviews_status($_GET['rID'], $_POST['flag']);
}
zen_redirect(zen_href_link(FILENAME_REVIEWS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . (isset($_GET['status']) ? 'status=' . $_GET['status'] . '&' : '') . 'rID=' . $_GET['rID'], 'NONSSL'));
break;
case 'update':
$reviews_id = zen_db_prepare_input($_GET['rID']);
$reviews_rating = zen_db_prepare_input($_POST['reviews_rating']);
$reviews_text = zen_db_prepare_input($_POST['reviews_text']);
$db->Execute("update " . TABLE_REVIEWS . "\n set reviews_rating = '" . zen_db_input($reviews_rating) . "',\n last_modified = now() where reviews_id = '" . (int) $reviews_id . "'");
$db->Execute("update " . TABLE_REVIEWS_DESCRIPTION . "\n set reviews_text = '" . zen_db_input($reviews_text) . "'\n where reviews_id = '" . (int) $reviews_id . "'");
zen_redirect(zen_href_link(FILENAME_REVIEWS, (isset($_GET['page']) ? 'page=' . $_GET['page'] . '&' : '') . (isset($_GET['status']) ? 'status=' . $_GET['status'] . '&' : '') . 'rID=' . $_GET['rID']));
break;
case 'deleteconfirm':
// demo active test
if (zen_admin_demo()) {
$_GET['action'] = '';
