echo '</div>'; if ($reward_exists) { if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'rewards_csrf')) { if (isset($_POST['name']) && isset($_POST['text']) && isset($_POST['points']) && isset($_POST['fields'])) { if (actions::edit_reward($_GET['id'], array('points' => $_POST['points'], 'name' => $_POST['name'], 'description' => $_POST['text'], 'fields' => $_POST['fields'], 'publish' => isset($_POST['publish']) ? 1 : 0))) { $info = \query\main::reward_infos($_GET['id']); echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } else { if (isset($_GET['type']) && isset($_GET['token']) && check_csrf($_GET['token'], 'rewards_csrf')) { if ($_GET['type'] == 'delete_image') { if (isset($_GET['id'])) { if (actions::delete_reward_image($_GET['id'])) { $info->image = ''; echo '<div class="a-success">' . $LANG['msg_deleted'] . '</div>'; } else { echo '<div class="a-error">' . $LANG['msg_error'] . '</div>'; } } } } } $_SESSION['rewards_csrf'] = $csrf; echo '<div class="form-table"> <form action="#" method="POST" enctype="multipart/form-data"> <div class="row"><span>' . $LANG['form_name'] . ':</span><div><input type="text" name="name" value="' . $info->title . '" /></div></div>