Exemplo n.º 1
0
<?php

if ($_POST["attempt"] != null && $_POST["entry_name"] != null) {
    $validate_entry_name = JournalEntry::ValidateName($_POST["entry_name"]);
}
if ($validate_entry_name == null && $_POST["attempt"] != null && $_POST["entry_name"] != null && $_POST["entry_title"] != null) {
    $result = $entry->Modify($_POST["entry_name"], $_POST["entry_title"], $_POST["entry_content"]);
    if (!$result) {
        page_begin("Error");
        ?>
			<p>
				<?php 
        echo mysql_errno() . ": " . mysql_error();
        ?>
			</p>
			<p style="text-align: center;">
				<a href="/community/members/<?php 
        echo $thisuser->Name;
        ?>
/journals/<?php 
        echo $journal->Name;
        ?>
/entries/create.mmo">Return to Create Entry</a>
			</p>
			<?php 
        page_end();
        return;
    }
    header("Location: /community/members/" . $thisuser->ShortName . "/journals/" . $journal->Name . "/entries/" . $_POST["entry_name"]);
    return;
}
Exemplo n.º 2
0
 public function Modify($entry_name, $entry_title, $entry_content)
 {
     if (!JournalEntry::ValidateName($entry_name)) {
         return false;
     }
     $entry_title = HTMLPurifier::instance()->purify($entry_title);
     $entry_content = HTMLPurifier::instance()->purify($entry_content);
     global $MySQL;
     $query = "UPDATE phpmmo_journal_entries SET " . "entry_name = '" . $MySQL->real_escape_string($entry_name) . "', " . "entry_title = '" . $MySQL->real_escape_string($entry_title) . "', " . "entry_content = '" . $MySQL->real_escape_string($entry_content) . "', " . "entry_timestamp_modified = NOW() WHERE entry_id = " . $this->ID;
     $result = $MySQL->query($query);
     return $MySQL->errno == 0;
 }