View file system/comm_edit.php

File size: 1.4Kb
<?php

if ($u['id']) {
    $comm_r = mysql_query("SELECT `id`, `id_".$type."`, `id_user`, `text`, `time` FROM `".$type."_comm` WHERE `id` = '$id'");
    $comm = mysql_fetch_assoc($comm_r);
    if ($comm['id']) {
        if ($u['access'] > 0 or ($u['id'] == $comm['id_user'] and TIME - $comm['time'] < $config['edit_time']) ) {
            tp($lang['edit_comm']);
            if ($ok) {
                if ($_POST['text']) {
                    $text = check($_POST['text']);
                    mysql_query("UPDATE `".$type."_comm` SET `id_".$type."` = '".$comm['id_'.$type]."', `text` = '$text', `edit_by` = '$u[id]', `edit_time` = '".TIME."' WHERE `id` = '$id'");
                    redirect('?act=comm&id='.$comm['id_'.$type]);
                } else {
                    redirect('?act=comm_edit&id='.$id);
                }
            } else {
                echo '<form name="form" action="?act=comm_edit&amp;id='.$id.'&amp;ok=1" method="post">
                 '.bbpanel('form', 'text').'<textarea name="text" cols="" rows="3">'.$comm['text'].'</textarea>
                <input name="submit" type="submit" value="Ok" />
                </form>';
                nav('?act=comm&amp;id='.$comm['id_'.$type]);
            }
        } else {
            redirect('?act=comm&id='.$comm['id_'.$type]);
        }
    } else {
        redirect('?');
    }
} else {
    redirect('login.php');
}

?>