} echo "</table>"; } else { $nID = (int) $_GET['id']; $hLinkData = core::$sql->exec("select * from srcms_downloads where id='{$nID}'"); if (mssql_num_rows($hLinkData) > 0) { if (!isset($_POST['link'])) { $hArray = mssql_fetch_array($hLinkData); echo "<table id='table-3' border='1' cellspacing='0' cellpadding='0'>\r\n\t\t\t\t\t\t\t\t\t\t<form method='post'>\r\n\t\t\t\t\t\t\t\t\t\t<td>Name</td><td>Link</td><td>Description</td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td>{$hArray['name']}</td><td>{$hArray['link']}</td><td>{$hArray['description']}</td><tr/>\r\n\t\t\t\t\t\t\t\t\t\t<td><input type='submit' name='submit' value='Save'></td>\r\n\t\t\t\t\t\t\t\t\t\t</form>\r\n\t\t\t\t\t\t\t\t\t\t</table>\r\n\t\t\t\t\t\t\t\t\t\t"; } else { if (!security::isValidUrl($_POST['link'])) { echo "Invalid URL<br/>"; misc::back(); } else { $szName = misc::toHTML($_POST['name']); $szDesc = misc::toHTML($_POST['description']); core::$sql->exec("update srcms_downloads set name='{$szName}',description='{$szDesc}',link='{$_POST['link']}' where id='{$nID}'"); echo "Link successfully edited<br/>"; misc::redirect('?pg=admin&act=dl', 1); } } } else { echo "Record with ID you requested was not found in database.<br/>"; misc::back(); break; } } break; default: echo "Unknown subaction"; break;