$HeroName = ""; $heroid = ""; $desc = ""; $stats = ""; $skills = ""; $type = 0; } if (isset($_POST["edit_hero"])) { $HeroName = EscapeStr($_POST["hero_name"]); $heroid = EscapeStr($_POST["heroid"]); $desc = my_nl2br(trim($_POST["desc"])); $desc = str_replace(array("Š", "š"), array("Š", "š"), $desc); $type = (int) $_POST["type"]; $stats = my_nl2br(removeDoubleSpaces(trim($_POST["stats"]))); $stats = str_replace(array("Š", "š"), array("Š", "š"), $stats); $skills = my_nl2br(removeDoubleSpaces(trim($_POST["skills"]))); $skills = str_replace(array("Š", "š"), array("Š", "š"), $skills); if ($heroid != "" and strlen($HeroName) >= 2) { if (isset($_GET["edit"])) { $update = $db->update(OSDB_HEROES, array("description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type), "heroid = '" . $edit . "' "); OS_AddLog($_SESSION["username"], "[os_heroes] EDITED HERO ( {$edit}, {$HeroName} )"); } else { $hid = str_replace(".gif", "", $heroid); $check = $db->prepare("SELECT * FROM " . OSDB_HEROES . " WHERE heroid = '" . $hid . "' "); $result = $check->execute(); if ($check->rowCount() >= 1) { ?> <h2>Hero already exists</h2><?php } else { //INSERT $db->insert(OSDB_HEROES, array("heroid" => $hid, "original" => $hid, "description" => $HeroName, "summary" => $desc, "stats" => $stats, "skills" => $skills, "type" => $type));
$sth = $db->prepare("SELECT * FROM " . OSDB_NEWS . " WHERE news_id>=1 AND status=1 {$sql} ORDER BY news_id DESC \n\t LIMIT {$offset}, {$rowsperpage}"); if (isset($_GET["post_id"]) and is_numeric($_GET["post_id"])) { $sth->bindValue(':news_id', (int) $id, PDO::PARAM_INT); } $result = $sth->execute(); $c = 0; $NewsData = array(); if ($numrows <= 0 and isset($_GET["post_id"])) { header('location: ' . OS_HOME . '?404'); die; } while ($row = $sth->fetch(PDO::FETCH_ASSOC)) { if (isset($_GET["post_id"]) and is_numeric($_GET["post_id"])) { $HomeTitle = $row["news_title"]; $HomeDesc = limit_words(convEnt($row["news_content"]), 15); $HomeDesc = removeDoubleSpaces($HomeDesc); $HomeKeywords = AutoKeywords($row["news_title"]) . ',' . $HomeKeywords; $CommentsAllowed = $row["allow_comments"]; if (!isset($updateViews)) { $updateViews = $db->query("UPDATE " . OSDB_NEWS . " SET views = views+1 WHERE news_id = '" . $row["news_id"] . "' LIMIT 1"); } } $NewsData[$c]["id"] = (int) $row["news_id"]; $id = (int) $row["news_id"]; $NewsData[$c]["title"] = $row["news_title"]; if (!isset($_GET["post_id"]) and isset($NewsWordLimit) and $NewsWordLimit >= 2) { $NewsData[$c]["text"] = limit_words(convEnt($row["news_content"]), $NewsWordLimit); $NewsData[$c]["read_more"] = '<a class="read_more" href="' . $website . '?post_id=' . $id . '">' . $lang["read_more"] . '</a>'; } else { $NewsData[$c]["text"] = convEnt($row["news_content"]); $NewsData[$c]["read_more"] = '';