<?php
if (!$_POST || !$_POST['package'] || !$_POST['version'] || !$_POST['path']) {
print "MISSING PARAMETERS";
} else {
include "DownloadsDB.php";
$db = new DownloadsDB();
if (!$db->isLoggedIn()) {
print "INVALID CREDENTIALS";
return;
}
$package = $db->escape($_POST['package']);
$version = $db->escape($_POST['version']);
$path = $db->escape($_POST['path']);
$db->query("INSERT INTO releases (package, version, path, dateAdded) VALUES ('{$package}', '{$version}', '{$path}', NOW())");
}
print "SUCCESS";
<?php
include 'DownloadsDB.php';
$db = new DownloadsDB();
if ($_POST['id'] && $_POST['package'] && $_POST['version'] && $_POST['path'] && $db->isLoggedIn()) {
$package = $db->escape($_POST['package']);
$version = $db->escape($_POST['version']);
$path = $db->escape($_POST['path']);
$id = $db->escape($_POST['id']);
$db->query("UPDATE releases SET package='{$package}', version='{$version}', path='{$path}' WHERE id={$id}");
header("Location: admin.php");
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Edit</title>
<link rel="stylesheet" href="style.css" type="text/css">
<style type="text/css" media="screen">
label {
width: 200px;
display: block;
float: left;
text-align: right;
position: relative;
top: 2px;
margin-right: 10px;
}
</style>
</head>
<body>
