Пример #1
0
            $values1["objCreator"] = $objCreator;
            $values1["objSubmitDate!"] = "NOW()";
            sql_query("INSERT INTO `extras`" . dbValues($values1));
            $objid = mysql_insert_id();
            $values2["objEid"] = $objid;
            $values2["objSubmitIp"] = getHexIp($_SERVER["REMOTE_ADDR"]);
            sql_query("INSERT INTO `extExtData`" . dbValues($values2));
        } else {
            $values2["objNumEdits"] = $objData["objNumEdits"] + 1;
            $values2["objNoAbuse"] = 0;
            sql_query("UPDATE `extras`" . dbSet($values1) . dbWhere(array("objid" => $objid)));
            sql_query("UPDATE `extExtData`" . dbSet($values2) . dbWhere(array("objEid" => $objid)));
        }
        if ($isUpdated && $objCreator == $_auth["useid"]) {
            // Notify the watchers.
            addUpdateToWatchers(updTypeArtExtra, $objCreator, $objid);
        }
        redirect(url("view/e" . $objid));
    }
}
?>
<div class="caption"><?php 
echo _TITLE;
?>
:</div>
<div>
	<input class="notsowide largetext" id="submitTitle" name="title" type="text"
		<?php 
echo isset($_POST["title"]) ? 'value="' . htmlspecialchars($_POST["title"]) . '"' : "";
?>
 />
Пример #2
0
                // edit old option
                if (trim($_POST["option" . $i]) != "") {
                    // update old option
                    sql_query("UPDATE `pollOptions` SET `polOOption` = '" . addslashes($_POST["option" . $i]) . "' " . "WHERE `polOid` = '" . $editOptions[$i]["polOid"] . "' LIMIT 1");
                } else {
                    // delete old option
                    sql_query("DELETE FROM `pollOptions` WHERE `polOid` = '" . $editOptions[$i]["polOid"] . "' LIMIT 1");
                }
            } elseif (trim($_POST["option" . $i]) != "") {
                // insert new option
                sql_query("INSERT INTO `pollOptions`(`polOPoll`,`polOOption`) " . "VALUES('{$polid}','" . addslashes($_POST["option" . $i]) . "')");
            }
        }
    }
    // notify watchers about the poll update
    addUpdateToWatchers(updTypeJournalPoll, $_auth["useid"], $polid);
    redirect(url("poll/" . strtolower($_auth["useUsername"]) . "/" . $polid));
}
if ($ableToPost && $pollAction == "delete") {
    sql_query("DELETE FROM `polls` WHERE `polid` = '{$polid}' LIMIT 1");
    sql_query("DELETE FROM `pollOptions` WHERE `polOPoll` = '{$polid}' LIMIT 1");
    sql_query("DELETE FROM `updates` WHERE `updType` = '" . updTypeJournalPoll . "' AND `updObj` = '{$polid}'");
    redirect(url("poll/" . strtolower($_auth["useUsername"])));
}
if ($ableToPost && ($pollAction == "post" || $pollAction == "edit")) {
    ?>
				<div class="mar_bottom">
					<form action="<?php 
    echo url(".");
    ?>
" method="post">