Beispiel #1
0
                }
                echo '</ul>
</div>';
            }
        }
        echo '<a href="?route=reviews.php&amp;action=list" class="btn">' . $LANG['reviews_view'] . '</a>
</div>';
        if (!empty($LANG['reviews_edit_subtitle'])) {
            echo '<span>' . $LANG['reviews_edit_subtitle'] . '</span>';
        }
        echo '</div>';
        if ($review_exists) {
            if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'reviews_csrf')) {
                if (isset($_POST['store']) && isset($_POST['user']) && isset($_POST['stars']) && isset($_POST['text'])) {
                    if (actions::edit_review($_GET['id'], array('user' => $_POST['user'], 'store' => $_POST['store'], 'text' => $_POST['text'], 'stars' => $_POST['stars'], 'publish' => isset($_POST['publish']) ? 1 : 0))) {
                        $info = \query\main::review_infos($_GET['id']);
                        echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
                    } else {
                        echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
                    }
                }
            }
            $_SESSION['reviews_csrf'] = $csrf;
            echo '<div class="form-table">

<form action="#" method="POST">

<div class="row"><span>' . $LANG['form_store_id'] . ':</span><div data-search="store"><input type="text" name="store" value="' . $info->storeID . '" required /><a href="#" data-search="store">S</a></div></div>
<div class="row"><span>' . $LANG['form_user_id'] . ':</span><div data-search="user"><input type="text" name="user" value="' . $info->user . '" required /><a href="#">S</a></div></div>

<div class="row"><span>' . $LANG['form_stars'] . ':</span>