Файл: modules/forum/edit_topic.php
Строк: 40
<?php
$locate = 'in_forum';
if($user['level'] < '5' || !isset($_GET['topic_id'])) { go('/'); exit;}
if($db->query("SELECT * FROM `forum_pt` WHERE `topic_id` = '". abs(intval($_GET['topic_id'])) ."'")->rowCount() == 0) {
go('/forum/');
exit;
}
$edit_t = $db->query("SELECT * FROM `forum_t` WHERE `id` = '". abs(intval($_GET['topic_id'])) ."' LIMIT 1")->fetch();
$edit_topic = $db->query("SELECT * FROM `forum_pt` WHERE `topic_id` = '". abs(intval($_GET['topic_id'])) ."' LIMIT 1")->fetch();
if(isset($_POST['edit']) && $_GET['act'] == 'edit') {
$name = substr(input($_POST['name']), 0, 100);
$text = substr(input($_POST['text']), 0, 10000);
$db->query("UPDATE `forum_pt` SET `name` = '".$name."', `text` = '". $text ."' WHERE `topic_id` = '". abs(intval($_GET['topic_id'])) ."' LIMIT 1");
$db->query("UPDATE `forum_t` SET `name` = '".$name."' WHERE `id` = '". abs(intval($_GET['topic_id'])) ."'");
go('/forum/topic'. abs(intval($_GET['topic_id'])));
// print_r($db->errorInfo());
}
$title = $lang->word('edit_topic');
require_once(SYS.'/view/header.php');
$tpl->div('title', $lang->word('edit_topic'));
echo '<form action="/forum/edit_topic/'. abs(intval($_GET['topic_id'])) .'/?act=edit" method="post">
<div class="menu">
<b>'. $lang->word('name') .'</b>:<br/>
<input name="name" type="text" value="'. $edit_t['name'] .'" /><br/>
<b>'. $lang->word('message') .'</b>:<br/>
<textarea name="text">'. $edit_topic['text'] .'</textarea><br/>
<input name="edit" type="submit" value="'. $lang->word('edit') .'" /><br/>
</div>
</form>';
$tpl->div('block', img('forum.png') .'<a href="/forum/">'. $lang->word('forum') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
require_once(SYS.'/view/footer.php');
?>