<?php require_once $_SERVER['DOCUMENT_ROOT'] . '/class/autoload.php'; use NERDZ\Core\Comments; use NERDZ\Core\User; $user = new User(); $message = new Comments(); if (!$user->isLogged() || empty($_GET['message'])) { $_GET['message'] = $user->lang('ERROR'); } $vals = []; $vals['message_n'] = $message->bbcode($message->parseQuote(htmlspecialchars($_GET['message'], ENT_QUOTES, 'UTF-8'))); $user->getTPL()->assign($vals); $user->getTPL()->draw('base/preview');
public function edit($hpid, $message, $project = false) { $message = Comments::parseQuote(htmlspecialchars($message, ENT_QUOTES, 'UTF-8')); $table = ($project ? 'groups_' : '') . 'posts'; if (!($obj = Db::query(['SELECT "from","to","pid" FROM "' . $table . '" WHERE "hpid" = :hpid', [':hpid' => $hpid]], Db::FETCH_OBJ)) || !$this->canEdit(['from' => $obj->from, 'to' => $obj->to], $project)) { return 'ERROR'; } return Db::query(['UPDATE "' . $table . '" SET "message" = :message WHERE "hpid" = :hpid', [':message' => $message, ':hpid' => $hpid]], Db::FETCH_ERRSTR); }