$f = new Forum($fa->GetGroupObject(), $forum_id);
if (!$f || !is_object($f)) {
exit_error('Error', 'Error Getting Forum');
} elseif ($f->isError()) {
exit_error('Error', $f->getErrorMessage());
}
$fm = new ForumMessage($f, $msg_id, false, false);
if (!$fm || !is_object($fm)) {
exit_error(_('Error'), _('Error getting new forum message'));
} elseif ($fm->isError()) {
exit_error(_('Error'), $fm->getErrorMessage());
}
$subject = getStringFromRequest('subject');
$body = getStringFromRequest('body');
$sanitizer = new TextSanitizer();
$body = $sanitizer->SanitizeHtml($body);
$is_followup_to = getStringFromRequest('is_followup_to');
$form_key = getStringFromRequest('form_key');
$posted_by = getStringFromRequest('posted_by');
$post_date = getStringFromRequest('post_date');
$is_followup_to = getStringFromRequest('is_followup_to');
$has_followups = getStringFromRequest('has_followups');
$most_recent_date = getStringFromRequest('most_recent_date');
if ($fm->updatemsg($forum_id, $posted_by, $subject, $body, $post_date, $is_followup_to, $thread_id, $has_followups, $most_recent_date)) {
$feedback .= _('Message Edited Successfully');
} else {
$feedback .= $fm->getErrorMessage();
}
forum_header(array('title' => _('Edit a Message')));
echo '<p>' . util_make_link('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum"));
forum_footer(array());
$title = getStringFromRequest('title');
$description = getStringFromRequest('description');
$language_id = getIntFromRequest('language_id');
$data = getStringFromRequest('data');
$file_url = getStringFromRequest('file_url');
//$ftp_filename = getStringFromRequest('ftp_filename');
$uploaded_data = getUploadedFile('uploaded_data');
$stateid = getIntFromRequest('stateid');
$filetype = getStringFromRequest('filetype');
$editor = getStringFromRequest('editor');
$d = new Document($g, $docid);
if ($d->isError()) {
exit_error(_('Error'), $d->getErrorMessage());
}
$sanitizer = new TextSanitizer();
$data = $sanitizer->SanitizeHtml($data);
if ($editor && $d->getFileData() != $data && !$uploaded_data['name']) {
$filename = $d->getFileName();
if (!$filetype) {
$filetype = $d->getFileType();
}
} elseif ($uploaded_data['name']) {
if (!is_uploaded_file($uploaded_data['tmp_name'])) {
exit_error(_('Error'), sprintf(_('Invalid file attack attempt %1$s'), $uploaded_data['name']));
}
$data = addslashes(fread(fopen($uploaded_data['tmp_name'], 'r'), $uploaded_data['size']));
$filename = $uploaded_data['name'];
$filetype = $uploaded_data['type'];
} elseif ($file_url) {
$data = '';
$filename = $file_url;
news_footer(array());
} else {
if (user_ismember($sys_news_group, 'A')) {
/*
News uber-user admin pages
Show all waiting news items except those already rejected.
Admin members of $sys_news_group (news project) can edit/change/approve news items
*/
if ($post_changes) {
if ($approve) {
if ($status == 1) {
/*
Update the db so the item shows on the home page
*/
$sanitizer = new TextSanitizer();
$details = $sanitizer->SanitizeHtml($details);
$sql = "UPDATE news_bytes SET is_approved='1', post_date='" . time() . "', " . "summary='" . htmlspecialchars($summary) . "', details='" . $details . "' WHERE id='{$id}'";
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= _('Error On Update:');
} else {
$feedback .= _('NewsByte Updated.');
}
} else {
if ($status == 2) {
/*
Move msg to deleted status
*/
$sql = "UPDATE news_bytes SET is_approved='2' WHERE id='{$id}'";
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
