function postUpdate($post_id, $params)
{
global $database_cfg;
if (!is_array($params)) {
return "Wrong parameters type";
}
$post = postGetById($post_id);
if (isset($params["topic"])) {
$post["topic_id"] = intval($params["topic"]);
}
if (isset($params["message"])) {
$post["message"] = stringEncode($params["message"]);
}
if (isset($params["flags"])) {
$post["flags"] = $params["flags"];
}
databaseQuery("update " . $database_cfg["prefix"] . "posts set topic_id='" . $post['topic_id'] . "', edited='" . stringEncode(date("H:i, d.m.Y")) . "', message='" . $post['message'] . "', flags='" . $post['flags'] . "' where id='" . intval($post_id) . "'", "Can't update post");
}
echo "Welcome back, " . stringDecode($user["nickname"]) . "<br /><br />";
echo "Your last visit: " . stringDecode($user["last_visit"]) . "<br /><br />";
echo "<a href=index.php?profile>Profile</a><br />";
echo "<a href=index.php?logout>Logout</a>";
}
?>
</div>
<div class="menu_bottom"></div>
</div>
<div id="content_container">
<div class="content">
<?php
if (isset($_GET["editpost"])) {
$post = postGetById(intval($_GET["post_id"]));
if (postExistsById($post["id"])) {
echo "<form action=\"index.php?changepost&post_id=" . $_GET["post_id"] . "\" method=\"post\">";
echo "Message:<br /><textarea name=\"message\">" . stringDecode($post["message"]) . "</textarea><br /><br />";
echo "<input type=\"submit\" value=\"Save\" />";
echo "</form>";
}
} else {
if (isset($_GET["find"])) {
$res2 = topicSearchByTitle(stringEncode($_POST["query"]));
$res4 = postSearchByMessage(stringEncode($_POST["query"]));
$res5 = userSearchByEmail(stringEncode($_POST["query"]));
$res6 = userSearchByNickname(stringEncode($_POST["query"]));
$res7 = groupSearchByName(stringEncode($_POST["query"]));
$user = userGetLoggedIn();
echo "<h1>Search results</h1><br />";
