Файл: modules/albums/edit_album.php
Строк: 73
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_photo_albums';
$alb_id = abs(intval($_GET['id']));
$alb = $db->query("SELECT * FROM `albums` WHERE `id` = '". $alb_id ."'")->fetch();
if(!isset($alb_id) && $db->query("SELECT * FROM `albums` WHERE `id` = '$alb_id'")->rowCount() == 0 || $alb['user_id'] != User::Id() && User::level() <= 6)
{
header('location: /albums/');
exit;
}
if(isset($_GET['act']) && $_GET['act'] == 'save')
{
$name = input($_POST['name']);
$desc = input($_POST['desc']);
$album_type = abs(input($_POST['album_type']));
$pass = input($_POST['pass']);
$t = array('0', '1', '2', '3');
if (empty($pass) && $album_type == 3) $err = _t('no_pass').'<br />';
if(!empty($name) && in_array($album_type, $t) && !isset($err))
{
$db->query("UPDATE `albums` SET `name` = '$name', `description` = '$desc', `type` = '$album_type', `password` = '$pass' WHERE `id` = '$alb_id'");
// print_r($db->errorInfo());
header('location: /albums/album/'.$alb_id);
exit;
}
}
$title = _t('edit');
include_header($title);
$tpl->div('title', _t('edit'));
if (isset($err)) echo '<div class="error">'. $err .'</div>';
echo '<div class="post">
<form action="/albums/edit_album/'.$alb_id.'?act=save" method="post">
'._t('name_album').':<br/>
<input type="text" value="'.$alb['name'].'" name="name" /><br/>
'._t('desc_album').':<br/>
<textarea name="desc" rows="5" cols="25">'.$alb['description'].'</textarea><br/><br/>
'._t('album_type').':<br/>
<select name="album_type" size="1">
<option value="0" '.($alb['type'] == '0' ? 'selected="selected"' : NULL).'>'._t('album_open').'</option>
<option value="1" '.($alb['type'] == '1' ? 'selected="selected"' : NULL).'>'._t('album_close').'</option>
<option value="2" '.($alb['type'] == '2' ? 'selected="selected"' : NULL).'>'._t('album_friends').'</option>
<option value="3" '.($alb['type'] == '3' ? 'selected="selected"' : NULL).'>'._t('album_pass').'</option>
</select><br />
'._t('password').' ('._t('album_pass2').'):<br/>
<input type="text" name="pass" value="'.($alb['type'] == '3' ? $alb['password'] : NULL).'" maxlength="15" /><br/>
<input type="submit" value="'. _t('save') .'" />
</form>
</div>';
$tpl->div('block', img('nav.png') . ' <a href="/albums/user/'.$alb['user_id'].'">'. _t('back') .'</a><br/>'
. img('nav.png') . ' <a href="/albums/">'. _t('photo_albums') .'</a><br/>'
. HICO .' <a href="/">'. _t('home') .'</a>');
include_footer();
?>