require '../structure/msgcenter.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$msgcenter = new msgcenter($database);
$user = new user($database);
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
$id = $_GET['id'];
if (!$user->isLoggedIn()) {
$base->redirect('../index.php');
}
if ($rank < 4) {
$base->redirect('viewmessage.php?id=' . $id);
}
$user->updateLastActive();
if (!$msgcenter->canView($id, $username, $rank)) {
$content = 'You can\'t edit a non-existent message. <input type="button" class="button" value="Back" onclick="goBack()" />';
} elseif (!isset($_POST['message']) || !isset($_POST['title']) || !isset($_POST['receiver'])) {
//get current data
$data = $database->processQuery("SELECT `title`,`message`,`receiver` FROM `messages` WHERE `id` = ? LIMIT 1", array($id), true);
$content = '
<form action="editmessage.php?id=' . $id . '" method="POST">
<table>
<tr><td>Title</td><td align="left"><input type="text" class="button" name="title" maxlength="50" value="' . stripslashes($data[0]['title']) . '"></td></tr>
<tr><td>Receiver</td><td align="left"><input type="text" class="button" name="receiver" maxlength="12" value="' . stripslashes($data[0]['receiver']) . '"></td></tr>
<tr><td>Message</td><td><textarea name="message" cols="45" rows="20" class="button" maxlength="2000">' . htmlentities($base->remBr(stripslashes($data[0]['message']))) . '</textarea><br/></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update Message"></td></tr>
</table>
</form>';
} elseif (!$user->doesExist($_POST['receiver']) && $_POST['receiver'] != '!') {
$content = 'The user you chose to send the message to doesn\'t exist! <input type="button" class="button" value="Back" onclick="goBack()" />';
require '../structure/msgcenter.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$msgcenter = new msgcenter($database);
$user = new user($database);
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
$id = $_GET['id'];
if (!$user->isLoggedIn()) {
$base->redirect('../index.php');
}
if ($rank < 4) {
$base->redirect('viewmessage.php?id=' . $_GET['convo']);
}
$user->updateLastActive();
if (!$msgcenter->canView($_GET['convo'], $username, $rank)) {
$content = 'You can\'t edit a reply to a non-existent message. <input type="button" class="button" value="Back" onclick="goBack()" />';
} elseif (!isset($_POST['content'])) {
//get current data
$data = $database->processQuery("SELECT `content` FROM `replies` WHERE `id` = ? LIMIT 1", array($id), true);
$content = '
<form action="editreply.php?id=' . $id . '&convo=' . $_GET['convo'] . '" method="POST">
<table>
<tr><td>Message</td><td><textarea name="content" cols="45" rows="20" class="button" maxlength="2000">' . htmlentities($base->remBr(stripslashes($data[0]['content']))) . '</textarea></td></tr>
<tr><td>Done?</td><td><input type="submit" class="button" value="Update Message"></td></tr>
</table>
</form>';
} elseif (strlen($_POST['content']) > 2000) {
$content = 'Your reply cannot be greater than 2000 characters.';
} else {
//update message
<?php
require '../includes/config.php';
require '../structure/database.php';
require '../structure/base.php';
require '../structure/user.php';
require '../structure/msgcenter.php';
$database = new database($db_host, $db_name, $db_user, $db_password);
$base = new base($database);
$user = new user($database);
$msgcenter = new msgcenter($database);
$user->updateLastActive();
$username = $user->getUsername($_COOKIE['user'], 2);
$rank = $user->getRank($username);
if ($rank < 4 || !$msgcenter->canView($_GET['id'], $username, $rank)) {
$base->redirect('viewmessage.php?id=' . $_GET['id']);
} else {
$database->processQuery("DELETE FROM `replies` WHERE `conversation` = ?", array($_GET['id']), false);
$database->processQuery("DELETE FROM `messages` WHERE `id` = ?", array($_GET['id']), false);
$base->redirect('index.php');
}
