<input type="submit" value="Submit" id="submit" class="btn btn-default center-block"> </form>'; ?> </body> </html> <?php } if (isset($_GET['id']) && is_numeric($_GET['id'])) { $eArticle->verifyOwnership($_GET['id'], $author_id); if ($eArticle->er) { dispEr($eArticle->erm); } else { displayEditForm($eArticle); } } else { if (isset($_POST['id']) && is_numeric($_POST['id'])) { $eArticle->verifyOwnership($_POST['id'], $author_id); if ($eArticle->er) { dispEr($eArticle->erm); } $eArticle->updateArticle($_POST); if ($eArticle->er) { dispEr($eArticle->erm); displayEditForm($eArticle); } else { echo "Success.Click <a href='/'>here</a> to go back home."; } } else { header("LOCATION: /"); } }
function createFile() { $filename = basename($_POST["filename"]); $filename = preg_replace("/[^A-Za-z0-9_\\- ]/", "", $filename); if (!$filename) { displayFileList("Invalid filename - please try again"); return; } $filename .= ".txt"; $filepath = PATH_TO_FILES . "/{$filename}"; if (file_exists($filepath)) { displayFileList("The file {$filename} already exists!"); } else { if (file_put_contents($filepath, "") === false) { die("Couldn't create file"); } chmod($filepath, 0666); displayEditForm("{$filename}"); } }
require "./lang/lang.admin." . LANGUAGE_CODE . ".php"; require "functions.php"; $auth = auth(); $id = isset($_GET['id']) ? $_GET['id'] : null; $uid = isset($_SESSION['authdata']) ? $_SESSION['authdata']['uid'] : null; if ($auth) { if (empty($id)) { displayEditForm('Add', $uid); } else { mysql_connect(DB_HOST, DB_USER, DB_PASS) or die(mysql_error()); mysql_select_db(DB_NAME) or die(mysql_error()); $sql = "SELECT uid FROM " . DB_TABLE_PREFIX . "mssgs WHERE id = {$id}"; $result = mysql_query($sql) or die(mysql_error()); $row = mysql_fetch_assoc($result); if ($auth == 2 || $uid == $row['uid']) { displayEditForm('Edit', $uid, $id); } else { echo $lang['accessdenied']; } } } else { echo $lang['accessdenied']; } # ########################################################### function displayEditForm($mode, $uid, $id = "") { global $lang; if ($mode == "Add") { $d = $_GET['d']; $m = $_GET['m']; $y = $_GET['y'];
function read($db, $id) { //echo '@@@id = '.$id; $stmt = $db->prepare('SELECT * from user_activity where id="' . $id . '"'); $stmt->execute(); $results = $stmt->fetchAll(); //echo '<div id="inserted">inside the READ method</div>'; //displayTable($user); //what should this do? //var_dump($results[0]); //print_r($results[0]); displayEditForm($results[0]); }