$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
if ($rank < 4) {
$base->redirect('../index.php');
}
if (!isset($_REQUEST['cat'])) {
$content = '
<form action="editcat.php" method="POST">
<select name="cat" class="button">';
foreach ($forum_index->retrieveCategories($rank) as $category) {
$content .= '<option value="' . $category['id'] . '">' . $category['title'] . '</option>';
}
$content .= '<input type="submit" value="Edit"></select></form>';
} else {
//make sure it exists
if (!$forum->catExists($_REQUEST['cat'])) {
$content = 'No category exists with the given ID.';
} else {
if (isset($_REQUEST['delete'])) {
if (!isset($_REQUEST['confirm'])) {
$content = 'Are you sure you wish to delete this category and all forums/threads/posts a long with it? <a href="?cat=' . $_REQUEST['cat'] . '&delete=1&confirm=1">Yes!</a> | <a href="?cat=' . $_REQUEST['cat'] . '">Back</a>';
} else {
//delete the forums and all threads/posts within them that belong to this category
foreach ($forum_index->retrieveSubForums($_REQUEST['cat']) as $a_forum) {
$forum->deleteForum($a_forum['id']);
}
//delete the category itself
$database->processQuery("DELETE FROM `cats` WHERE `id` = ?", array($_REQUEST['cat']), false);
$content = 'Delete successful!';
}
} else {
}
$content .= '></td>
</tr>
<tr>
<td><input type="submit" value="Update Forum" class="button"></td>
</tr>
</table>
</form>
';
} else {
//add forum
if (strlen($_POST['forum']) > 50) {
$content = 'The forum cannot have name larger than fifty characters.';
} elseif (strlen($_POST['description']) < 3) {
$content = 'The description must be at least 3 characters.';
} elseif (!$forum->catExists($_POST['category'])) {
$content = 'The chosen category doesn\'t exist.';
} elseif (!ctype_digit($_POST['pos'])) {
$content = 'The position must be a number.';
} else {
//update the selected forum!
$database->processQuery("UPDATE `forums` SET `icon` = ?, `title` = ?, `description` = ?, `type` = ?, `parent` = ?, `pos` = ? WHERE `id` = ? LIMIT 1", array($_POST['icon'], $_POST['forum'], $_POST['description'], $_POST['type'], $_POST['category'], $_POST['pos'], $_POST['id']), false);
//forum addition successful
$content = 'You have successfully updated the forum! <a href="index.php">Back</a> | <a href="editforum.php">Update another</a>';
}
}
} else {
$content = 'You chose a non-existing forum.';
}
}
?>