File: /home/httpd/html/tubeshemale.com/public_html/edit_content.php
<?
session_start();
if(!is_numeric($_REQUEST[id])) { exit(); }
include('admin/db.php');
$title = "Edit Video";
$headertitle = "Edit Video";
include($basepath.'/templates/template.overall_header.php');
$id = mysql_real_escape_string($_REQUEST[id]);
if(!is_numeric($id)) {
exit("Invalid ID");
}
$result = mysql_query("SELECT * FROM content WHERE record_num = '$id' AND submitter = '$_SESSION[userid]'");
if(mysql_num_rows($result) < 1) {
echo "We're sorry, this video doesn't exist or doesn't belong to you.";
}
else {
if($_POST) {
if(count($_POST[niche]) < 7) {
$_POST = mysql_real_escape_array($_POST);
foreach($_POST as $k=>$v) {
if($k != 'niche') {
$_POST[$k] = htmlentities($v);
}
}
mysql_query("UPDATE content SET title = '$_POST[title]', description = '$_POST[description]', keywords = '$_POST[keywords]' WHERE record_num = '$id'") or die(mysql_error());
$success = true;
mysql_query("DELETE FROM content_niches WHERE content = '$_REQUEST[id]'");
if(is_array($_POST[niche])) {
foreach($_POST[niche] as $i) {
if(is_numeric($i)) {
mysql_query("INSERT INTO content_niches (content,niche) VALUES ('$id','$i')") or die(mysql_error());
}
}
}
echo "<strong>Your changes have been saved. <a href='$basehttp/my-uploads/'>Back To My Uploads</a>.</strong>";
}
else {
echo "<strong>You can choose a maximum of 6 categories</strong>";
}
}
$result = mysql_query("SELECT * FROM content WHERE record_num = '$id' AND submitter = '$_SESSION[userid]'");
$row = mysql_fetch_array($result);
?>
<form method='post' action=''>
<input type='hidden' name='id' value='<? echo $_REQUEST[id]; ?>' />
<table width="750" border="0" align="center" cellpadding="3" cellspacing="0" class='pagetable'>
<tr>
<td class="style4"><b>Title</b><br><font size=-2>(30-100 chars)</font></td>
<td colspan="3" align="left" class="style4"><input name="title" type="text" id="title" value="<? echo $row[title]; ?>" size="70" maxlength="100" onKeyup="document.getElementById('charlentitle').innerHTML = 'Length: '+document.getElementById('title').value.length;" onChange="document.getElementById('charlentitle').innerHTML = 'Length: '+document.getElementById('title').value.length;" /><span id='charlentitle'> Length: <? echo strlen($row[title]); ?></span>
</tr>
<tr>
<td valign="middle" class="style4"><b>Description</b><br><font size=-2>(100-250 chars)</font></td>
<td colspan="3" align="left" class="style4"><textarea name="description" type="text" cols="55" rows="2" id="description" onKeyup="document.getElementById('charlendescription').innerHTML = 'Length: '+document.getElementById('description').value.length;" onChange="document.getElementById('description').innerHTML = 'Length: '+document.getElementById('description').value.length;" /><? echo $row[description]; ?></textarea><span id='charlendescription'> Length: <? echo strlen($row[description]); ?></span></td>
</tr>
<tr>
<td valign="middle" class="style4">Keywords </td>
<td colspan="3" align="left" class="style4"><input name="keywords" type="text" id="keywords" value="<? echo $row[keywords]; ?>" size="70" maxlength="255" /> (<b>Comma</b> Separated)</td>
</tr>
<tr>
<td valign="top" class="style4">Select <b>6</b> Categories </td>
<td colspan="3" align="left" class="style4">
<?
unset($thisniche);
$sresult = mysql_query("SELECT * FROM content_niches WHERE content = '$id'");
while($srow = mysql_fetch_array($sresult)) {
$thisniche[] = $srow[niche];
}
?>
<select name='niche[]' size="10" multiple="multiple">
<?
$presult = mysql_query("SELECT * FROM niches ORDER BY name ASC");
while($srow = mysql_fetch_array($presult)) {
if(in_array($srow[record_num],$thisniche)) { $checked = 'selected'; } else { $checked = ''; }
echo "<option $checked value='$srow[record_num]'>$srow[name]</option>";
}
?>
</select>
<br />
(Hold CTRL to make multiple selections)
</td>
</tr>
<tr>
<td colspan="4" class="style4"><div align="center">
<input type="submit" name="button" id="button" value="Save" />
<br />
</div></td>
</tr>
</table>
</form>
<?
}
include($basepath.'/templates/template.overall_footer.php'); ?>