function postUpdate($post_id, $params) { global $database_cfg; if (!is_array($params)) { return "Wrong parameters type"; } $post = postGetById($post_id); if (isset($params["topic"])) { $post["topic_id"] = intval($params["topic"]); } if (isset($params["message"])) { $post["message"] = stringEncode($params["message"]); } if (isset($params["flags"])) { $post["flags"] = $params["flags"]; } databaseQuery("update " . $database_cfg["prefix"] . "posts set topic_id='" . $post['topic_id'] . "', edited='" . stringEncode(date("H:i, d.m.Y")) . "', message='" . $post['message'] . "', flags='" . $post['flags'] . "' where id='" . intval($post_id) . "'", "Can't update post"); }
echo "Welcome back, " . stringDecode($user["nickname"]) . "<br /><br />"; echo "Your last visit: " . stringDecode($user["last_visit"]) . "<br /><br />"; echo "<a href=index.php?profile>Profile</a><br />"; echo "<a href=index.php?logout>Logout</a>"; } ?> </div> <div class="menu_bottom"></div> </div> <div id="content_container"> <div class="content"> <?php if (isset($_GET["editpost"])) { $post = postGetById(intval($_GET["post_id"])); if (postExistsById($post["id"])) { echo "<form action=\"index.php?changepost&post_id=" . $_GET["post_id"] . "\" method=\"post\">"; echo "Message:<br /><textarea name=\"message\">" . stringDecode($post["message"]) . "</textarea><br /><br />"; echo "<input type=\"submit\" value=\"Save\" />"; echo "</form>"; } } else { if (isset($_GET["find"])) { $res2 = topicSearchByTitle(stringEncode($_POST["query"])); $res4 = postSearchByMessage(stringEncode($_POST["query"])); $res5 = userSearchByEmail(stringEncode($_POST["query"])); $res6 = userSearchByNickname(stringEncode($_POST["query"])); $res7 = groupSearchByName(stringEncode($_POST["query"])); $user = userGetLoggedIn(); echo "<h1>Search results</h1><br />";