Файл: public_html/modules/forum/edit.php
Строк: 33
<?php
$root = $_SERVER['DOCUMENT_ROOT'];
include_once ($root.'/core/base.php');
falseauth();
$section = fl($_GET['section']);
$theme_id = fl($_GET['theme']);
$theme = $db->query("SELECT * FROM `forum_themes` WHERE `id` = '".$theme_id."'");
if($theme->num_rows == 0) redirect('/');
$theme = $theme->fetch_object();
$header = $theme->name;
include_once ($root.'/core/head.php');
if($theme->author != $u['id'] && $u['admin'] == 0) redirect('/');
if(isset($_GET['edit']))
{
$name = fl($_POST['name']);
$text = fl($_POST['text']);
if(empty($name)) redirect('/forum/'.$section.'/theme'.$theme_id.'/edit', 'Введите название темы');
if(empty($text)) redirect('/forum/'.$section.'/theme'.$theme_id.'/edit', 'Введите текст темы');
if($theme->author != $u['id'] && $u['admin'] == 0) redirect('/forum/'.$section.'/theme'.$theme_id.'/edit');
$db->query("UPDATE `forum_themes` SET `name` = '".$name."', `text` = '".$text."' WHERE `id` = '".$theme_id."'");
redirect('/forum/'.$section.'/theme'.$theme_id,'Тема изменена!');
}
echo '<div class="b">
<center>
<form action="/forum/'.$section.'/theme'.$theme_id.'/edit/yes" method="post">
Название темы:<br>
<input type="text" name="name" value="'.$theme->name.'" required><br>
Текст:<br>
<textarea name="text" required>'.$theme->text.'</textarea><br>
<input type="submit" name="edit" value="Редактировать">
</form>
</center>
</div>';
include_once ($root.'/core/foot.php');