$content .= '<input type="hidden" name="forum" value="' . $f . '">
<input type="hidden" name="type" value="' . $_GET['type'] . '">
<table>';
if ($rank > 2 && $_REQUEST['type'] == 2) {
$content .= '<tr>
<td class="commandtitle">Thread Title:</td>
<td class="commandinput"><input size="40" maxlength="' . $title_length . '" id="charlimit_text_b" type="text" class="textinput" name="title" value="' . htmlentities(stripslashes($data[0]['title'])) . '"/>
</td>
</tr>';
}
$content .= '<tr>
<td class="commandtwo" colspan="2">You have <span id="charlimit_count_b">' . $title_length . '</span> characters <span id="charlimit_info_b" style="display: none">remaining</span> for your title.</td>
</tr>
<tr>
<td class="commandtwo" colspan="2">
<textarea id="charlimit_text_a" name="message" rows="20" cols="60">' . htmlentities(stripslashes($base->remBr($data[0]['content']))) . '</textarea><br />
You have <span id="charlimit_count_a"><?php echo $chars; ?></span> characters <span id="charlimit_info_a" style="display: none">remaining</span> for your message.</td>
</tr>
<tr>
<td class="commandtwo" colspan="2"><br />
<input type="submit" name="add" value="Edit" />
<!--<input type="submit" name="preview" value="Preview" /> -->
<input type="submit" name="cancel" value="Cancel" />
</td>
</tr>
</table>
</form>
</div>
<div id="smileylegend">
<span class="title">Smileys: </span><br>
if (!$user->isLoggedIn()) {
$base->redirect('../index.php');
}
if ($rank < 4) {
$base->redirect('viewmessage.php?id=' . $_GET['convo']);
}
$user->updateLastActive();
if (!$msgcenter->canView($_GET['convo'], $username, $rank)) {
$content = 'You can\'t edit a reply to a non-existent message. <input type="button" class="button" value="Back" onclick="goBack()" />';
} elseif (!isset($_POST['content'])) {
//get current data
$data = $database->processQuery("SELECT `content` FROM `replies` WHERE `id` = ? LIMIT 1", array($id), true);
$content = '
<form action="editreply.php?id=' . $id . '&convo=' . $_GET['convo'] . '" method="POST">
<table>
<tr><td>Message</td><td><textarea name="content" cols="45" rows="20" class="button" maxlength="2000">' . htmlentities($base->remBr(stripslashes($data[0]['content']))) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update Message"></td></tr>
</table>
</form>';
} elseif (strlen($_POST['content']) > 2000) {
$content = 'Your reply cannot be greater than 2000 characters.';
} else {
//update message
$database->processQuery("UPDATE `replies` SET `content` = ? WHERE `id` = ? LIMIT 1", array(nl2br($_POST['content']), $id), false);
$base->redirect('viewmessage.php?id=' . $_GET['convo']);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html xmlns:IE>
<head>
<meta http-equiv="Expires" content="0">
</td></tr>
<tr><td>Title</td><td><input type="text" name="title" class="button" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr>
<tr>
<td>Category</td>
<td>
<select name="category" class="button">
<option value="1">Website</option>
<option value="2">Game</option>
<option value="3">Shop</option>
<option value="4">Customer Support</option>
<option value="5">Technial</option>
<option value="6">Behind the Scenes</option>
</select>
</td>
</tr>
<tr><td>Announcement</td><td><textarea name="content" class="button" rows="20" cols="50" maxlength="100000">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"> <input type="submit" name="delete" class="button" value="Delete"></td></tr>
</table>
</form>';
} elseif (isset($_POST['delete'])) {
$database->processQuery("DELETE FROM `news` WHERE `id` = ?", array($_GET['id']), false);
$content = 'The news post has been deleted.';
} elseif (isset($_POST['preview'])) {
$content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . stripslashes(nl2br($_POST['content']));
} elseif (!in_array($_POST['category'], array(1, 2, 3, 4, 5, 6))) {
$content = 'Incorrect news category selected.';
} else {
//insert the news post
$database->processQuery("UPDATE `news` SET `title` = ?, `content` = ?, `category` = ?, `icon` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $_POST['category'], $_POST['icon'], $_GET['id']), false);
$base->appendToFile('../forums/logs.txt', array($username . ' edited a news post'));
$base->redirect('../news/viewarticle.php?id=' . $_GET['id']);
$database->processQuery("UPDATE `threads` SET `lastposter` = ?, `lastpost` = NOW() WHERE `id` = ?", array($username, $thread), false);
//update their last post and lastip fieldss
$database->processQuery("UPDATE `users` SET `lastpost` = ?, `lastip` = ? WHERE `username` = ? LIMIT 1", array(time(), $_SERVER['REMOTE_ADDR'], $username), false);
//if the lock option was set, lock the thread!
if ($_POST['lock'] == 1) {
$thread_obj->lock($thread, $rank);
}
$base->appendToFile('logs.txt', array($username . ' locked the thread ' . $thread));
//send them to the thread they posted on
$base->redirect('viewthread.php?forum=' . $f . '&id=' . $thread . '&goto=' . $creation_id);
}
} else {
$chars = $rank > 2 ? $chars = 100000 : ($chars = 2000);
if (isset($_GET['quote']) && isset($_GET['qt']) && $rank > 3) {
$quote = $_GET['qt'] == 1 ? $database->processQuery("SELECT `content`,`username` FROM `posts` WHERE `id` = ?", array($_GET['quote']), true) : $database->processQuery("SELECT `content`,`username` FROM `threads` WHERE `id` = ?", array($_GET['quote']), true);
$text = $base->remBr('[quote=' . $quote[0]['username'] . ']' . $quote[0]['content'] . '[/quote]');
}
$content = '
<div id="nocontrols" class="phold"></div>
<div id="command">
<form method="post" action="reply.php">
<input type="hidden" name="id" value="' . $thread . '">
<input type="hidden" name="forum" value="' . $f . '">
<table>';
if ($rank > 2) {
$content .= '<tr><td class="commandtwo" colspan="2"><input type="checkbox" name="lock" value="1"> Toggle Lock</td></tr>';
}
$content .= '
<tr>
<td class="commandtwo" colspan="2">
<textarea id="charlimit_text_a" name="message" rows="20" cols="60">' . htmlentities($text) . '</textarea><br />
$base->redirect('../index.php');
} elseif (!isset($_GET['id'])) {
$base->redirect('index.php');
} else {
//id of the story we're editing
$id = $_GET['id'];
//extract content from selected news post
$data = $database->processQuery("SELECT `title`,`content` FROM `stories` WHERE `id` = ?", array($id), true);
if ($database->getRowCount() == 0) {
$content = 'No story exists with the chosen ID. <input type="button" class="button" value="Back" onclick="goBack()" />';
} elseif (!isset($_POST['title']) || !isset($_POST['content'])) {
$content = '
<form action="editstory.php?id=' . $id . '" method="POST">
<table>
<tr><td>Title</td><td><input type="text" class="button" name="title" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr>
<tr><td>Content</td><td><textarea name="content" class="button" cols="60" rows="35">' . $base->remBr(stripslashes($data[0]['content'])) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update"> <input type="submit" name="preview" class="button" value="Preview"></td></tr>
</table>
</form>';
} elseif (isset($_POST['delete'])) {
$database->processQuery("DELETE FROM `stories` WHERE `id` = ?", array($id), false);
$content = 'The story has been deleted.';
} elseif (isset($_POST['preview'])) {
$content = '<center><input type="button" class="button" value="Back" onclick="goBack()" /></center><br/>' . $base->addSpecials(stripslashes(nl2br($_POST['content'])), '../img/varrock/lores/');
} else {
//update the story to the new content/title
$database->processQuery("UPDATE `stories` SET `title` = ?, `content` = ? WHERE `id` = ? LIMIT 1", array($_POST['title'], nl2br($_POST['content']), $id), false);
//log it
$base->appendToFile('../forums/logs.txt', array($username . ' edited a story'));
$base->redirect('../stories/lores/story.php?id=' . $id);
}
