$error = 'not found'; } else { /* we have valid access to this book */ $selectableCategories = new SelectableCategories($id); if (isset($_POST['author'])) { /* update base book data */ $query = 'update books set author = "' . $_POST['author'] . '", title = "' . $_POST['title'] . '", year = "' . $_POST['year'] . '", isbn = "' . $_POST['isbn'] . '", price = "' . str_replace(',', '.', $_POST['price']) . '", description = "' . $_POST['desc'] . '" where id="' . $id . '" and auth_key="' . $key . '"'; mysql_query($query); /* update category relations */ $selectableCategories->update(); /* update expire date and look at the book */ require 'renew.php'; } $book = Book::fromMySql($result); require_once 'tools/Output.php'; require_once 'text/Template.php'; $tmpl = Template::fromFile('view/edit.html'); $book->assignHtmlToTemplate($tmpl); assignSelectableCategories($selectableCategories, $tmpl); $tmpl->assign('id', $_GET['id']); $tmpl->assign('key', $_GET['key']); $output = new Output(); $output->send($tmpl->result()); }