Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Watersys/edit_message.php
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
153 lines (153 sloc)
5.74 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//This page let an user edit a message | |
include('config.php'); | |
if(isset($_GET['id'], $_GET['id2'])) | |
{ | |
$id = intval($_GET['id']); | |
$id2 = intval($_GET['id2']); | |
if(isset($_SESSION['username'])) | |
{ | |
$dn1 = mysqli_fetch_array(mysqli_query($var,'select count(t.id) as nb1, t.authorid, t2.title, t.message, t.parent, c.name from topics as t, topics as t2, categories as c where t.id="'.$id.'" and t.id2="'.$id2.'" and t2.id="'.$id.'" and t2.id2=1 and c.id=t.parent group by t.id')); | |
if($dn1['nb1']>0) | |
{ | |
if($_SESSION['userid']==$dn1['authorid'] or $_SESSION['username']==$admin) | |
{ | |
include('bbcode_function.php'); | |
?> | |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> | |
<html xmlns="http://www.w3.org/1999/xhtml"> | |
<head> | |
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> | |
<link href="<?php echo $design; ?>/style.css" rel="stylesheet" title="Style" /> | |
<title>Edit a reply - <?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?> - <?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?> - Forum</title> | |
<script type="text/javascript" src="functions.js"></script> | |
</head> | |
<body> | |
<div align="center"> | |
<div class="header"> | |
<a href="<?php echo $url_home; ?>"><img width="80%" src="<?php echo $design; ?>/images/logo.png" alt="Forum" /></a> | |
</div></div> | |
<div class="contentmessage"> | |
<?php | |
$nb_new_pm = mysqli_fetch_array(mysqli_query($var,'select count(*) as nb_new_pm from pm where ((user1="'.$_SESSION['userid'].'" and user1read="no") or (user2="'.$_SESSION['userid'].'" and user2read="no")) and id2="1"')); | |
$nb_new_pm = $nb_new_pm['nb_new_pm']; | |
?> | |
<div class="box"> | |
<div class="box_left"> | |
<a href="<?php echo $url_home; ?>">WCSF Index</a> > <a href="list_topics.php?parent=<?php echo $dn1['parent']; ?>"><?php echo htmlentities($dn1['name'], ENT_QUOTES, 'UTF-8'); ?></a> > <a href="read_topic.php?id=<?php echo $id; ?>"><?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?></a> > Edit a reply | |
</div> | |
<div class="box_right"> | |
<a href="list_pm.php">Your messages(<?php echo $nb_new_pm; ?>)</a> - <a href="profile.php?id=<?php echo $_SESSION['userid']; ?>"><?php echo htmlentities($_SESSION['username'], ENT_QUOTES, 'UTF-8'); ?></a> (<a href="login.php">Logout</a>) | |
</div> | |
<div class="clean"></div> | |
</div> | |
<?php | |
if(isset($_POST['message']) and $_POST['message']!='') | |
{ | |
if($id2==1) | |
{ | |
if($_SESSION['username']==$admin and isset($_POST['title']) and $_POST['title']!='') | |
{ | |
$title = $_POST['title']; | |
if(get_magic_quotes_gpc()) | |
{ | |
$title = stripslashes($title); | |
} | |
$title = mysql_real_escape_string($dn1['title']); | |
} | |
else | |
{ | |
$title = mysql_real_escape_string($dn1['title']); | |
} | |
} | |
else | |
{ | |
$title = ''; | |
} | |
$message = $_POST['message']; | |
if(get_magic_quotes_gpc()) | |
{ | |
$message = stripslashes($message); | |
} | |
$message = mysql_real_escape_string(bbcode_to_html($message)); | |
if(mysql_query('update topics set title="'.$title.'", message="'.$message.'" where id="'.$id.'" and id2="'.$id2.'"')) | |
{ | |
?> | |
<div class="message">The message have successfully been edited.<br /> | |
<a href="read_topic.php?id=<?php echo $id; ?>">Go the the topic</a></div> | |
<?php | |
} | |
else | |
{ | |
echo 'An error occurred while editing the message.'; | |
} | |
} | |
else | |
{ | |
?> | |
<form action="edit_message.php?id=<?php echo $id; ?>&id2=<?php echo $id2; ?>" method="post"> | |
<?php | |
if($_SESSION['username']==$admin and $id2==1) | |
{ | |
?> | |
<label for="title">Title</label><input type="text" name="title" id="title" value="<?php echo htmlentities($dn1['title'], ENT_QUOTES, 'UTF-8'); ?>" /> | |
<?php | |
} | |
?> | |
<label for="message">Message</label><br /> | |
<div class="message_buttons"> | |
<input type="button" value="Bold" onclick="javascript:insert('[b]', '[/b]', 'message');" /><!-- | |
--><input type="button" value="Italic" onclick="javascript:insert('[i]', '[/i]', 'message');" /><!-- | |
--><input type="button" value="Underlined" onclick="javascript:insert('[u]', '[/u]', 'message');" /><!-- | |
--><input type="button" value="Image" onclick="javascript:insert('[img]', '[/img]', 'message');" /><!-- | |
--><input type="button" value="Link" onclick="javascript:insert('[url]', '[/url]', 'message');" /><!-- | |
--><input type="button" value="Left" onclick="javascript:insert('[left]', '[/left]', 'message');" /><!-- | |
--><input type="button" value="Center" onclick="javascript:insert('[center]', '[/center]', 'message');" /><!-- | |
--><input type="button" value="Right" onclick="javascript:insert('[right]', '[/right]', 'message');" /> | |
</div> | |
<textarea name="message" id="message" cols="70" rows="6"><?php echo html_to_bbcode($dn1['message']); ?></textarea><br /> | |
<input type="submit" value="Submit" /> | |
</form> | |
<?php | |
} | |
?> | |
</div> | |
<!-- <div class="foot"> | |
<p><b>Water Control System and Discussion Portal for Farmers</b></p> | |
</div> --> | |
</body> | |
</html> | |
<?php | |
} | |
else | |
{ | |
echo '<h2>You don\'t have the right to edit this message.</h2>'; | |
} | |
} | |
else | |
{ | |
echo '<h2>The message you want to edit doesn\'t exist..</h2>'; | |
} | |
} | |
else | |
{ | |
?> | |
<h2>You must be logged to access this page:</h2> | |
<div class="box_login"> | |
<form action="login.php" method="post"> | |
<label for="username">Username</label><input type="text" name="username" id="username" /><br /> | |
<label for="password">Password</label><input type="password" name="password" id="password" /><br /> | |
<label for="memorize">Remember</label><input type="checkbox" name="memorize" id="memorize" value="yes" /> | |
<div class="center"> | |
<input type="submit" value="Login" /> <input type="button" onclick="javascript:document.location='signup.php';" value="Sign Up" /> | |
</div> | |
</form> | |
</div> | |
<?php | |
} | |
} | |
else | |
{ | |
header("location:login.php?msg=Login First to use service"); | |
} | |
?> |