/** * Edit topic * * @param mixed $data * @return bool|string */ public function editTopic($data) { global $db, $TNB_GLOBALS; $title = get_secure_string($data['title']); $category = get_secure_string($data['category']); $content = $data['content']; if (!$title || !$category || !$content || !isset($data['id'])) { return MSG_ALL_FIELDS_REQUIRED; } //Check Category ID is valid or not $query = $db->prepare("SELECT categoryID FROM " . TABLE_FORUM_CATEGORIES . " WHERE categoryID=%d", $category); $categoryID = $db->getVar($query); if (!$categoryID) { return MSG_INVALID_REQUEST; } $content = buckys_remove_tags_inside_code($content); //Remove Invalid Image URLs $content = buckys_remove_invalid_image_urls($content); $query = "UPDATE " . TABLE_FORUM_TOPICS . " SET \n `topicTitle`='" . $db->escapeInput($title) . "',\n `topicContent`='" . $db->escapeInput($content, false) . "',\n `categoryID`='" . $db->escapeInput($categoryID) . "'\n WHERE\n `topicID`='" . $db->escapeInput($data['id']) . "'"; $db->query($query); // $db->updateFromArray(TABLE_FORUM_TOPICS, $updateData, array('topicID'=>$data['id'])); return true; }
/** * Edit Post Reply * * @param mixed $data * @return bool|string */ public function editReply($data) { global $db, $TNB_GLOBALS; $content = trim($data['content']); if (!$content) { return MSG_ALL_FIELDS_REQUIRED; } $content = buckys_remove_invalid_image_urls($content); //Check Category ID is valid or not $query = $db->prepare("SELECT topicID, categoryID, creatorID FROM " . TABLE_FORUM_TOPICS . " WHERE topicID=%d AND status='publish'", $data['topicID']); $topic = $db->getRow($query); if (!$topic) { return MSG_INVALID_REQUEST; } $query = "UPDATE " . TABLE_FORUM_REPLIES . " SET `replyContent`='" . $db->escapeInput($content, false) . "' WHERE `replyID`=" . $db->escapeInput($data['replyID']); $db->query($query); return true; }