<?php
require_once "header.php";
if (isset($_GET['id'])) {
$object = ItemPic::get_by_id($_GET['id']);
} else {
header("location: index.php?negative");
}
if (!$session->is_logged_in()) {
header("location: index.php?negative");
} else {
$loggeduser = User::get_by_id($session->userid);
if ($loggeduser->enabled == DISABLED) {
header("location: index.php?disabled");
}
}
$pathinfo = pathinfo($_SERVER["PHP_SELF"]);
$basename = $pathinfo["basename"];
$currentFile = str_replace(".php", "", $basename);
?>
<div class="container-fluid">
<div class="row-fluid">
<div class="span1"></div>
<div class="span9">
<form id="theform" class="form-horizontal" action="#" method="post" enctype="multipart/form-data">
<fieldset>
<legend>
Update
</legend>
<?php
require_once "../initialize.php";
$message = "";
if (isset($_POST['itemid']) && $_POST['itemid'] != "" && isset($_POST['itemtype']) && $_POST['itemtype'] != "") {
$object = ItemPic::get_by_id($_POST['itempicid']);
$object->itemid = $_POST['itemid'];
$object->itemtype = $_POST['itemtype'];
$object->pending = $_POST['pending'];
$object->enabled = $_POST['enabled'];
$file = new File($_FILES['picture']);
if ($file->valid) {
$object->picture = $file->data;
} else {
$object->picture = base64_decode($object->picture);
}
$object->update();
$log = new Log($session->userid, $clientip, "WEB", "UPDATED ITEM PIC: " . $object->id);
$log->create();
$message .= "success";
} else {
$message = "You have missed a required field.";
}
echo $message;