File: /home/httpd/html/baretube.com.new/admin/edit_comment.php
<?php
require "db.php";
if (!is_numeric($_GET['id'])) {
exit();
}
if (isset($_GET['type']) && !in_array($_GET['type'], array(0, 1, 2))) {
exit();
}
$commentType = (int) $_GET['type'];
$id = (int) $_GET['id'];
$row = dbRow("SELECT * FROM `comments` WHERE `record_num` = '$id'");
if (!is_array($row)) {
setMessage("Comment ID $id does not exist!", 'error');
pageNotFound(true);
}
if (isset($_POST['formSubmit'])) {
$_POST = array_map_array('trim', $_POST);
if ($_POST['comment'] == '') {
setMessage('Comment cannot be empty!', 'error');
}
if (!getMessages(false, 'error')) {
dbUpdate('comments', array(
'comment' => $_POST['comment'],
'record_num' => $id,
));
setMessage('Comment saved. <a href="comments.php?type=' . $commentType . '">Click here to go back</a>.');
header("Location: $_SERVER[REQUEST_URI]");
exit();
}
}
$_POST += $row;
entities_walk($_POST);
?>
<? require "header.php"; ?>
<div class="content-page">
<div class="header-area">
<div class="breadcrumbs">
<a href="index.php">Admin Home</a>
<span><a href="comments.php?type=<?php echo $commentType; ?>">Comments</a></span>
</div>
</div>
<div class="content-outer">
<h2>Edit<strong>Comment</strong></h2>
<div class="content-inner">
<? echo getMessages(); ?>
<form method="POST" action="" enctype="multipart/form-data" class="form" novalidate autocomplete="off">
<table class="pagetable">
<thead>
<tr>
<th colspan="2">Comment Details</th>
</tr>
</thead>
<tr>
<td>Comment content</td>
<td><textarea name="comment" rows="5" required><? echo $_POST['comment']; ?></textarea></td>
</tr>
<tr class="item submit">
<td colspan="2">
<input type="hidden" name="id" value="<? echo $id; ?>" />
<input type="hidden" name="formSubmit" value="1" />
<button type="submit" class="btn action-save">Save</button>
</td>
</tr>
</table>
</form>
</div>
</div>
</div>
<? require "footer.php"; ?>