$content .= '<input type="hidden" name="forum" value="' . $f . '"> <input type="hidden" name="type" value="' . $_GET['type'] . '"> <table>'; if ($rank > 2 && $_REQUEST['type'] == 2) { $content .= '<tr> <td class="commandtitle">Thread Title:</td> <td class="commandinput"><input size="40" maxlength="' . $title_length . '" id="charlimit_text_b" type="text" class="textinput" name="title" value="' . htmlentities(stripslashes($data[0]['title'])) . '"/> </td> </tr>'; } $content .= '<tr> <td class="commandtwo" colspan="2">You have <span id="charlimit_count_b">' . $title_length . '</span> characters <span id="charlimit_info_b" style="display: none">remaining</span> for your title.</td> </tr> <tr> <td class="commandtwo" colspan="2"> <textarea id="charlimit_text_a" name="message" rows="20" cols="60">' . htmlentities(stripslashes($base->remBr($data[0]['content']))) . '</textarea><br /> You have <span id="charlimit_count_a"><?php echo $chars; ?></span> characters <span id="charlimit_info_a" style="display: none">remaining</span> for your message.</td> </tr> <tr> <td class="commandtwo" colspan="2"><br /> <input type="submit" name="add" value="Edit" /> <!--<input type="submit" name="preview" value="Preview" /> --> <input type="submit" name="cancel" value="Cancel" /> </td> </tr> </table> </form> </div> <div id="smileylegend"> <span class="title">Smileys: </span><br>
if (!$user->isLoggedIn()) { $base->redirect('../index.php'); } if ($rank < 4) { $base->redirect('viewmessage.php?id=' . $_GET['convo']); } $user->updateLastActive(); if (!$msgcenter->canView($_GET['convo'], $username, $rank)) { $content = 'You can\'t edit a reply to a non-existent message. <input type="button" class="button" value="Back" onclick="goBack()" />'; } elseif (!isset($_POST['content'])) { //get current data $data = $database->processQuery("SELECT `content` FROM `replies` WHERE `id` = ? LIMIT 1", array($id), true); $content = ' <form action="editreply.php?id=' . $id . '&convo=' . $_GET['convo'] . '" method="POST"> <table> <tr><td>Message</td><td><textarea name="content" cols="45" rows="20" class="button" maxlength="2000">' . htmlentities($base->remBr(stripslashes($data[0]['content']))) . '</textarea></td></tr> <tr><td>Done?</td><td><input type="submit" class="button" value="Update Message"></td></tr> </table> </form>'; } elseif (strlen($_POST['content']) > 2000) { $content = 'Your reply cannot be greater than 2000 characters.'; } else { //update message $database->processQuery("UPDATE `replies` SET `content` = ? WHERE `id` = ? LIMIT 1", array(nl2br($_POST['content']), $id), false); $base->redirect('viewmessage.php?id=' . $_GET['convo']); } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html xmlns:IE> <head> <meta http-equiv="Expires" content="0">
</td></tr> <tr><td>Title</td><td><input type="text" name="title" class="button" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr> <tr> <td>Category</td> <td> <select name="category" class="button"> <option value="1">Website</option> <option value="2">Game</option> <option value="3">Shop</option> <option value="4">Customer Support</option> <option value="5">Technial</option> <option value="6">Behind the Scenes</option> </select> </td> </tr> <tr><td>Announcement</td><td><textarea name="content" class="button" rows="20" cols="50" maxlength="100000">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr> <tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"> <input type="submit" name="delete" class="button" value="Delete"></td></tr> </table> </form>'; } elseif (isset($_POST['delete'])) { $database->processQuery("DELETE FROM `news` WHERE `id` = ?", array($_GET['id']), false); $content = 'The news post has been deleted.'; } elseif (isset($_POST['preview'])) { $content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . stripslashes(nl2br($_POST['content'])); } elseif (!in_array($_POST['category'], array(1, 2, 3, 4, 5, 6))) { $content = 'Incorrect news category selected.'; } else { //insert the news post $database->processQuery("UPDATE `news` SET `title` = ?, `content` = ?, `category` = ?, `icon` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $_POST['category'], $_POST['icon'], $_GET['id']), false); $base->appendToFile('../forums/logs.txt', array($username . ' edited a news post')); $base->redirect('../news/viewarticle.php?id=' . $_GET['id']);
$database->processQuery("UPDATE `threads` SET `lastposter` = ?, `lastpost` = NOW() WHERE `id` = ?", array($username, $thread), false); //update their last post and lastip fieldss $database->processQuery("UPDATE `users` SET `lastpost` = ?, `lastip` = ? WHERE `username` = ? LIMIT 1", array(time(), $_SERVER['REMOTE_ADDR'], $username), false); //if the lock option was set, lock the thread! if ($_POST['lock'] == 1) { $thread_obj->lock($thread, $rank); } $base->appendToFile('logs.txt', array($username . ' locked the thread ' . $thread)); //send them to the thread they posted on $base->redirect('viewthread.php?forum=' . $f . '&id=' . $thread . '&goto=' . $creation_id); } } else { $chars = $rank > 2 ? $chars = 100000 : ($chars = 2000); if (isset($_GET['quote']) && isset($_GET['qt']) && $rank > 3) { $quote = $_GET['qt'] == 1 ? $database->processQuery("SELECT `content`,`username` FROM `posts` WHERE `id` = ?", array($_GET['quote']), true) : $database->processQuery("SELECT `content`,`username` FROM `threads` WHERE `id` = ?", array($_GET['quote']), true); $text = $base->remBr('[quote=' . $quote[0]['username'] . ']' . $quote[0]['content'] . '[/quote]'); } $content = ' <div id="nocontrols" class="phold"></div> <div id="command"> <form method="post" action="reply.php"> <input type="hidden" name="id" value="' . $thread . '"> <input type="hidden" name="forum" value="' . $f . '"> <table>'; if ($rank > 2) { $content .= '<tr><td class="commandtwo" colspan="2"><input type="checkbox" name="lock" value="1"> Toggle Lock</td></tr>'; } $content .= ' <tr> <td class="commandtwo" colspan="2"> <textarea id="charlimit_text_a" name="message" rows="20" cols="60">' . htmlentities($text) . '</textarea><br />
$base->redirect('../index.php'); } elseif (!isset($_GET['id'])) { $base->redirect('index.php'); } else { //id of the story we're editing $id = $_GET['id']; //extract content from selected news post $data = $database->processQuery("SELECT `title`,`content` FROM `stories` WHERE `id` = ?", array($id), true); if ($database->getRowCount() == 0) { $content = 'No story exists with the chosen ID. <input type="button" class="button" value="Back" onclick="goBack()" />'; } elseif (!isset($_POST['title']) || !isset($_POST['content'])) { $content = ' <form action="editstory.php?id=' . $id . '" method="POST"> <table> <tr><td>Title</td><td><input type="text" class="button" name="title" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr> <tr><td>Content</td><td><textarea name="content" class="button" cols="60" rows="35">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr> <tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"></td></tr> </table> </form>'; } elseif (isset($_POST['delete'])) { $database->processQuery("DELETE FROM `stories` WHERE `id` = ?", array($id), false); $content = 'The story has been deleted.'; } elseif (isset($_POST['preview'])) { $content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . $base->addSpecials(stripslashes(nl2br($_POST['content'])), '../img/varrock/lores/'); } else { //update the story to the new content/title $database->processQuery("UPDATE `stories` SET `title` = ?, `content` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $id), false); //log it $base->appendToFile('../forums/logs.txt', array($username . ' edited a story')); $base->redirect('../stories/lores/story.php?id=' . $id); }