Файл: Source/admin/edit_page.php
Строк: 64
<?php
/*
* Script name: Points4Prize
* Author: Soft Projects
* Date created: 15/07/2015
*/
$ID = (int) htmlspecialchars($_GET['id']);
include "common.php";
head();
?>
<script src="//cdn.ckeditor.com/4.4.7/full/ckeditor.js"></script>
<div class="body content rows scroll-y">
<!-- Page header -->
<div class="page-heading">
<h1><b>Edit page</b> </h1>
</div>
<!-- End page header -->
<!-- Begin info box -->
<div class="row">
<div class="col-md-12">
<div class="box-info">
<h2>Edit page</h2>
<?php
$result = mysql_query("SELECT * FROM `pages` WHERE `id`= $ID");
$row = mysql_fetch_array($result);
if (isset($_POST['edit'])) {
$title = htmlspecialchars($_POST['title']);
$content = htmlspecialchars($_POST['content']);
$title = sprintf("%s", mysql_real_escape_string($title));
$content = sprintf("%s", mysql_real_escape_string($content));
$check = mysql_query("SELECT title FROM pages WHERE title='{$title}'") or die(mysql_error());
$result = mysql_num_rows($check);
if ($title == NULL) {
echo "<div class='alert alert-danger' role='alert'>Please add title of page.</div>";
} elseif ($content == NULL) {
echo "<div class='alert alert-danger' role='alert'>Please add content.</div>";
} else if (strlen($title) < 3 or strlen($title) > 20) {
echo "<div class='alert alert-danger' role='alert'>The title should be from 3-20 characters.</div>";
} elseif (preg_match("/[^a-zA-Z0-9_.-]/", $title)) {
echo "<div class='alert alert-danger' role='alert'>The title must not contain special characters.</div>";
} else {
$query = "UPDATE `pages` SET `title` = '$title', `content` = '$content' WHERE `id` =$ID";
mysql_query($query);
echo '<div class="alert alert-success" role="alert">The page was successfully edited.<br />';
echo 'You can view page at: <b><a target="_blank" href="' . $GLOBALS['site_url'] . 'show/' . $title . '">' . $GLOBALS['site_url'] . 'show/' . $title . '</a></b></div>';
}
}
$result = mysql_query("SELECT * FROM `pages` WHERE `id`= $ID");
$row = mysql_fetch_array($result);
?>
<form action="" method="post">
<p>
<label>
Page title
</label>
<input name="title" value="<?php echo $row['title']; ?>" class="form-control" type="text">
</p>
<p>
<label>
Content
</label>
<textarea name="content" class="form-control" rows="3"><?php echo $row['content']; ?></textarea>
<script>
CKEDITOR.replace('content');
</script>
</p>
<input type="submit" class="btn btn-success" name="edit" value="Edit page" />
</form>
</div>
<?php
footer();
?>
</div>
</div>