if (!($until = strtotime($_POST['until']))) {
fatal_error("het veld 'Zichtbaar vanaf' bevat geen geldige datum");
}
if (isset($_POST['bericht_id'])) {
if ($_POST['submit'] == 'Opslaan') {
// we wijzigen een bestaand bericht
mdb2_exec("UPDATE berichten SET bericht_title = '%q', bericht_body = '%q', bericht_visiblefrom = '%q', bericht_visibleuntil = '%q', bericht_update = {$_SERVER['REQUEST_TIME']} WHERE bericht_id = %i", bbtohtml(htmlenc($_POST['title'])), bbtohtml(htmlenc($_POST['body'])), $from, $until, $_POST['bericht_id']);
mdb2_exec("DELETE FROM entities2berichten WHERE bericht_id = %i", $_POST['bericht_id']);
if (isset($_POST['entity_ids'])) {
foreach ($_POST['entity_ids'] as $entity_id) {
mdb2_exec("INSERT INTO entities2berichten ( entity_id, bericht_id ) VALUES ( %i, %i )", $entity_id, $_POST['bericht_id']);
}
}
} else {
if ($_POST['submit'] == 'Wissen') {
mdb2_exec("DELETE FROM berichten WHERE bericht_id = %i", $_POST['bericht_id']);
mdb2_exec("DELETE FROM entities2berichten WHERE bericht_id = %i", $_POST['bericht_id']);
} else {
fatal_error('onmogelijke submit!');
}
}
} else {
mdb2_exec("INSERT INTO berichten ( bericht_title, bericht_body, bericht_visiblefrom, bericht_visibleuntil, bericht_update ) VALUES ( '%q', '%q', '%q', '%q', {$_SERVER['REQUEST_TIME']} )", bbtohtml(htmlenc($_POST['title'])), bbtohtml(htmlenc($_POST['body'])), $from, $until);
$bericht_id = mdb2_last_insert_id();
if (isset($_POST['entity_ids'])) {
foreach ($_POST['entity_ids'] as $entity_id) {
mdb2_exec("INSERT INTO entities2berichten ( entity_id, bericht_id ) VALUES ( %i, {$bericht_id} )", $entity_id);
}
}
}
header('Location: upload.php?secret=' . $_POST['secret']);
$ally['ally_image'] = mysql_escape_string(htmlspecialchars(strip_tags($_POST['image'])));
$ally['ally_request_notallow'] = intval($_POST['request_notallow']);
if ($ally['ally_request_notallow'] != 0 && $ally['ally_request_notallow'] != 1) {
message("Wähle bei \"Bewerbungen\" eine Option aus dem Formular!", "Fehler");
exit;
}
doquery("UPDATE {{table}} SET\n `ally_owner_range`='{$ally['ally_owner_range']}',\n `ally_image`='{$ally['ally_image']}',\n `ally_web`='{$ally['ally_web']}',\n `ally_request_notallow`='{$ally['ally_request_notallow']}'\n WHERE `id`='{$ally['id']}'", "alliance");
} elseif ($_POST['t']) {
if ($t == 3) {
$ally['ally_request'] = mysql_escape_string(strip_tags($_POST['text']));
doquery("UPDATE {{table}} SET\n `ally_request`='{$ally['ally_request']}'\n WHERE `id`='{$ally['id']}'", "alliance");
} elseif ($t == 2) {
$ally['ally_text'] = mysql_escape_string(strip_tags($_POST['text']));
doquery("UPDATE {{table}} SET\n `ally_text`='{$ally['ally_text']}'\n WHERE `id`='{$ally['id']}'", "alliance");
} else {
$ally['ally_description'] = bbtohtml($_POST['text']);
$ally['ally_description'] = filter_var($_POST['text'], FILTER_SANITIZE_STRING, FILTER_FLAG_ENCODE_AMP);
doquery("UPDATE {{table}} SET\n `ally_description`='" . $ally['ally_description'] . "'\n WHERE `id`='{$ally['id']}'", "alliance");
}
}
$lang['dpath'] = $dpath;
/*
Depende del $t, muestra el formulario para cada tipo de texto.
*/
if ($t == 3) {
$lang['request_type'] = $lang['Show_of_request_text'];
} elseif ($t == 2) {
$lang['request_type'] = $lang['Internal_text'];
} else {
$lang['request_type'] = $lang['Public_text_of_alliance'];
}