}
}
echo '</ul>
</div>';
}
}
echo '<a href="?route=reviews.php&action=list" class="btn">' . $LANG['reviews_view'] . '</a>
</div>';
if (!empty($LANG['reviews_edit_subtitle'])) {
echo '<span>' . $LANG['reviews_edit_subtitle'] . '</span>';
}
echo '</div>';
if ($review_exists) {
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['csrf']) && check_csrf($_POST['csrf'], 'reviews_csrf')) {
if (isset($_POST['store']) && isset($_POST['user']) && isset($_POST['stars']) && isset($_POST['text'])) {
if (actions::edit_review($_GET['id'], array('user' => $_POST['user'], 'store' => $_POST['store'], 'text' => $_POST['text'], 'stars' => $_POST['stars'], 'publish' => isset($_POST['publish']) ? 1 : 0))) {
$info = \query\main::review_infos($_GET['id']);
echo '<div class="a-success">' . $LANG['msg_saved'] . '</div>';
} else {
echo '<div class="a-error">' . $LANG['msg_error'] . '</div>';
}
}
}
$_SESSION['reviews_csrf'] = $csrf;
echo '<div class="form-table">
<form action="#" method="POST">
<div class="row"><span>' . $LANG['form_store_id'] . ':</span><div data-search="store"><input type="text" name="store" value="' . $info->storeID . '" required /><a href="#" data-search="store">S</a></div></div>
<div class="row"><span>' . $LANG['form_user_id'] . ':</span><div data-search="user"><input type="text" name="user" value="' . $info->user . '" required /><a href="#">S</a></div></div>