<?php if ($_POST["attempt"] != null && $_POST["entry_name"] != null) { $validate_entry_name = JournalEntry::ValidateName($_POST["entry_name"]); } if ($validate_entry_name == null && $_POST["attempt"] != null && $_POST["entry_name"] != null && $_POST["entry_title"] != null) { $result = $entry->Modify($_POST["entry_name"], $_POST["entry_title"], $_POST["entry_content"]); if (!$result) { page_begin("Error"); ?> <p> <?php echo mysql_errno() . ": " . mysql_error(); ?> </p> <p style="text-align: center;"> <a href="/community/members/<?php echo $thisuser->Name; ?> /journals/<?php echo $journal->Name; ?> /entries/create.mmo">Return to Create Entry</a> </p> <?php page_end(); return; } header("Location: /community/members/" . $thisuser->ShortName . "/journals/" . $journal->Name . "/entries/" . $_POST["entry_name"]); return; }
public function Modify($entry_name, $entry_title, $entry_content) { if (!JournalEntry::ValidateName($entry_name)) { return false; } $entry_title = HTMLPurifier::instance()->purify($entry_title); $entry_content = HTMLPurifier::instance()->purify($entry_content); global $MySQL; $query = "UPDATE phpmmo_journal_entries SET " . "entry_name = '" . $MySQL->real_escape_string($entry_name) . "', " . "entry_title = '" . $MySQL->real_escape_string($entry_title) . "', " . "entry_content = '" . $MySQL->real_escape_string($entry_content) . "', " . "entry_timestamp_modified = NOW() WHERE entry_id = " . $this->ID; $result = $MySQL->query($query); return $MySQL->errno == 0; }