Beispiel #1
0
<a href="#" class="btn">' . $LANG['options'] . '</a>
<ul>
<li><a href="?route=rewards.php&amp;action=delete&amp;id=' . $_GET['id'] . '&amp;token=' . $csrf . '" data-delete-msg="' . $LANG['delete_msg'] . '">' . $LANG['delete'] . '</a></li>
</ul>
</div>';
        }
        echo '<a href="?route=rewards.php&amp;action=list" class="btn">' . $LANG['rewards_view'] . '</a>
</div>';
        if (!empty($LANG['rewards_edit_subtitle'])) {
            echo '<span>' . $LANG['rewards_edit_subtitle'] . '</span>';
        }
        echo '</div>';
        if ($reward_exists) {
            if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'rewards_csrf')) {
                if (isset($_POST['name']) && isset($_POST['text']) && isset($_POST['points']) && isset($_POST['fields'])) {
                    if (actions::edit_reward($_GET['id'], array('points' => $_POST['points'], 'name' => $_POST['name'], 'description' => $_POST['text'], 'fields' => $_POST['fields'], 'publish' => isset($_POST['publish']) ? 1 : 0))) {
                        $info = \query\main::reward_infos($_GET['id']);
                        echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
                    } else {
                        echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                    }
                }
            } else {
                if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'rewards_csrf')) {
                    if ($_GET['type'] == 'delete_image') {
                        if (isset($_GET['id'])) {
                            if (actions::delete_reward_image($_GET['id'])) {
                                $info->image = '';
                                echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>';
                            } else {
                                echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';