$f = new Forum($fa->GetGroupObject(), $forum_id); if (!$f || !is_object($f)) { exit_error('Error', 'Error Getting Forum'); } elseif ($f->isError()) { exit_error('Error', $f->getErrorMessage()); } $fm = new ForumMessage($f, $msg_id, false, false); if (!$fm || !is_object($fm)) { exit_error(_('Error'), _('Error getting new forum message')); } elseif ($fm->isError()) { exit_error(_('Error'), $fm->getErrorMessage()); } $subject = getStringFromRequest('subject'); $body = getStringFromRequest('body'); $sanitizer = new TextSanitizer(); $body = $sanitizer->SanitizeHtml($body); $is_followup_to = getStringFromRequest('is_followup_to'); $form_key = getStringFromRequest('form_key'); $posted_by = getStringFromRequest('posted_by'); $post_date = getStringFromRequest('post_date'); $is_followup_to = getStringFromRequest('is_followup_to'); $has_followups = getStringFromRequest('has_followups'); $most_recent_date = getStringFromRequest('most_recent_date'); if ($fm->updatemsg($forum_id, $posted_by, $subject, $body, $post_date, $is_followup_to, $thread_id, $has_followups, $most_recent_date)) { $feedback .= _('Message Edited Successfully'); } else { $feedback .= $fm->getErrorMessage(); } forum_header(array('title' => _('Edit a Message'))); echo '<p>' . util_make_link('/forum/forum.php?forum_id=' . $forum_id, _("Return to the forum")); forum_footer(array());
$title = getStringFromRequest('title'); $description = getStringFromRequest('description'); $language_id = getIntFromRequest('language_id'); $data = getStringFromRequest('data'); $file_url = getStringFromRequest('file_url'); //$ftp_filename = getStringFromRequest('ftp_filename'); $uploaded_data = getUploadedFile('uploaded_data'); $stateid = getIntFromRequest('stateid'); $filetype = getStringFromRequest('filetype'); $editor = getStringFromRequest('editor'); $d = new Document($g, $docid); if ($d->isError()) { exit_error(_('Error'), $d->getErrorMessage()); } $sanitizer = new TextSanitizer(); $data = $sanitizer->SanitizeHtml($data); if ($editor && $d->getFileData() != $data && !$uploaded_data['name']) { $filename = $d->getFileName(); if (!$filetype) { $filetype = $d->getFileType(); } } elseif ($uploaded_data['name']) { if (!is_uploaded_file($uploaded_data['tmp_name'])) { exit_error(_('Error'), sprintf(_('Invalid file attack attempt %1$s'), $uploaded_data['name'])); } $data = addslashes(fread(fopen($uploaded_data['tmp_name'], 'r'), $uploaded_data['size'])); $filename = $uploaded_data['name']; $filetype = $uploaded_data['type']; } elseif ($file_url) { $data = ''; $filename = $file_url;
news_footer(array()); } else { if (user_ismember($sys_news_group, 'A')) { /* News uber-user admin pages Show all waiting news items except those already rejected. Admin members of $sys_news_group (news project) can edit/change/approve news items */ if ($post_changes) { if ($approve) { if ($status == 1) { /* Update the db so the item shows on the home page */ $sanitizer = new TextSanitizer(); $details = $sanitizer->SanitizeHtml($details); $sql = "UPDATE news_bytes SET is_approved='1', post_date='" . time() . "', " . "summary='" . htmlspecialchars($summary) . "', details='" . $details . "' WHERE id='{$id}'"; $result = db_query($sql); if (!$result || db_affected_rows($result) < 1) { $feedback .= _('Error On Update:'); } else { $feedback .= _('NewsByte Updated.'); } } else { if ($status == 2) { /* Move msg to deleted status */ $sql = "UPDATE news_bytes SET is_approved='2' WHERE id='{$id}'"; $result = db_query($sql); if (!$result || db_affected_rows($result) < 1) {