Файл: editpolls.php
Строк: 98
<?php
require('sistema/header.php');
require('sistema/utilition.php');
require('sistema/databaza.php');
require('sistema/login.php');
require('sistema/config.php');
$max_answers = 10;
if(isset($_GET['action']) && $_GET['action'] == 'rename')
{
mysql_query('UPDATE polls_questions SET question = "' . addslashes($_POST['question']) . '", date = CURRENT_TIMESTAMP WHERE id = "' . (int)$_GET['link_id'] . '"');
// обновляем вопросы
mysql_query('DELETE FROM polls_answers WHERE qid = "' . (int)$_GET['link_id'] . '"');
$qid = (int)$_GET['link_id'];
for($i = 1; $i <= $max_answers; $i++)
{
if($_POST['answer' . $i] != '')
{
mysql_query('INSERT INTO polls_answers(qid, aid, answer, votes) VALUES ("' . $qid . '", "' . $i . '", "' . mysql_real_escape_string($_POST['answer' . $i]) . '", "0")');
}
}
}
if(isset($_GET['action']) && $_GET['action'] == 'delete')
{
mysql_query('DELETE FROM polls_questions WHERE id = "' . (int)$_GET['link_id'] . '"');
mysql_query('DELETE FROM polls_answers WHERE qid = "' . (int)$_GET['link_id'] . '"');
?>
<wml>
<card id="added" title="added" ontimer="viewpolls.php?id=<?php echo $id; ?>&p=<?php echo $login; ?>"><timer value="15"/>
<p>
Голосование удалено<br/>
</p>
</card>
</wml>
<?php
exit;
}
?>
<wml>
<head><meta http-equiv="Cache-Control" content="no-cache" forua="true"/></head>
<card id="links" title="Менеджер файлов">
<do type="options" name="main" label="Меню"><go href="main.php?id=<?php echo $id; ?>&p=<?php echo $login; ?>"/></do>
<p>
<?php
$links_list = '';
$links = mysql_query('SELECT id, question FROM polls_questions WHERE user_id = "' . (int)($_GET['id']) . '" AND id = "' . (int)$_GET['link_id'] . '"');
if(($n = mysql_num_rows($links)) > 0)
{
$link = mysql_fetch_array($links, MYSQL_ASSOC);
}
?>
<br/>
Р’РѕРїСЂРѕСЃ:<br/>
<input name="question" type="text" maxlength="255" value="<?php echo $link['question']; ?>" title="page"/><br/>
<?php
for($i = 1; $i <= $max_answers; $i++)
{
?>
Ответ <?php echo $i; ?>:<br/>
<?php
$answers = mysql_query('SELECT answer FROM polls_answers WHERE qid = "' . (int)$_GET['link_id'] . '" AND aid = "' . $i . '"');
if(mysql_num_rows($answers) == 1)
{
list($answer) = mysql_fetch_array($answers);
}
else
{
$answer = '';
}
?>
<input name="answer<?php echo $i; ?>" type="text" maxlength="255" value="<?php echo $answer; ?>" title="answer<?php echo $i; ?>"/><br/>
<?php
}
?>
<anchor title="go">Ok<go href="editpolls.php?id=<?php echo $id; ?>&p=<?php echo $login; ?>&link_id=<?php echo $link['id']; ?>&action=rename" method="post">
<postfield name="question" value="$(question)"/>
<?php
for($i = 1; $i <= $max_answers; $i++)
{
?>
<postfield name="answer<?php echo $i; ?>" value="$(answer<?php echo $i; ?>)"/>
<?php
}
?>
</go></anchor><br/>
*********<br/>
<a href="editpolls.php?id=<?php echo $id; ?>&p=<?php echo $login; ?>&link_id=<?php echo $link['id']; ?>&action=delete">Удалить</a><br/>
*********<br/>
<a href="viewpolls.php?id=<?php echo $id; ?>&p=<?php echo $login; ?>">К списку</a><br/>
</p>
</card>
</wml>