function update_page($path) { update_content($path, PAGES_PATH); }
<?php include 'function.php'; if ($_POST) { $kode_content = isset($_POST['kode_content']) ? $_POST['kode_content'] : NULL; $judul_content = isset($_POST['judul_content']) ? $_POST['judul_content'] : NULL; $kode_kategori = isset($_POST['kode_kategori']) ? $_POST['kode_kategori'] : NULL; $penulis = isset($_POST['penulis']) ? $_POST['penulis'] : NULL; $content = isset($_POST['content']) ? $_POST['content'] : NULL; $keyword = isset($_POST['keyword']) ? $_POST['keyword'] : NULL; $deskripsi = isset($_POST['deskripsi']) ? $_POST['deskripsi'] : NULL; $status = isset($_POST['status']) ? $_POST['status'] : NULL; if ($status == "lama") { $response = update_content($kode_content, $judul_content, $kode_kategori, $penulis, $content, $keyword, $deskripsi); if ($response == 1) { header('location:index.php?page=content&message=2'); } else { header('location:index.php?page=content&message=0'); } } else { $response = insert_content($judul_content, $kode_kategori, $penulis, $content, $keyword, $deskripsi); if ($response == 1) { header('location:index.php?page=content&message=1'); } else { header('location:index.php?page=content&message=0'); } } } else { if (isset($_GET['action'])) { if ($_GET['action'] == "delete") { $response = delete_content($_GET['kode']);
$kind = 'file_upload'; } else { if (array_key_exists('content', $_POST)) { $kind = 'user_comment'; } else { page_fail(BAD_REQUEST); } } // verify that the user can access the entity if (!abet_is_admin_authenticated() && !check_general_content_item_access($_SESSION['id'], $_POST['id'], $kind, $found)) { page_fail($found ? UNAUTHORIZED : NOT_FOUND); } // for security's sake I create these manually $updates = array(); $updates['id'] = $_POST['id']; if (array_key_exists('file_comment', $_POST)) { $updates['file_comment'] = "s:{$_POST['file_comment']}"; } else { $updates['content'] = "s:{$_POST['content']}"; } update_content($kind, $updates); echo "{\"success\":true}"; } else { page_fail(BAD_REQUEST); } } } } else { page_fail(BAD_REQUEST); } }