Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_comment.php 1.3KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364
  1. <?php
  2. require_once('../includes/config.php');
  3. $commentID = 0;
  4. $post = "";
  5. //check to see that the form has been submitted
  6. if(isset($_POST))
  7. {
  8. //retrieve the $_POST variables
  9. $commentID = rawurldecode($_POST['commentID']);
  10. $post = rawurldecode($_POST['post']);
  11. $comment_select = $db->select('comments', "id=? LIMIT 1", array($commentID));
  12. if ($comment_select)
  13. {
  14. //initialize variables for form validation
  15. $success = true;
  16. if($success && !$logged_in)
  17. {
  18. $error = "You must be logged in to edit this comment.";
  19. $success = false;
  20. }
  21. if($success && empty($post))
  22. {
  23. $error = "You need to submit an actual comment.";
  24. $success = false;
  25. }
  26. if ($success && $comment_select['user_id'] != $user->id && !$user->admin)
  27. {
  28. $error = "You are not allowed to edit this comment.";
  29. $success = false;
  30. }
  31. if($success)
  32. {
  33. $data = array(
  34. "post" => $post
  35. );
  36. $comment_id = $db->update($data, 'comments', 'id=?', array($commentID));
  37. unset($_POST);
  38. echo "true";
  39. }
  40. else
  41. {
  42. unset($_POST);
  43. echo $error;
  44. }
  45. }
  46. else
  47. {
  48. echo "That comment does not exist.";
  49. }
  50. }
  51. else
  52. {
  53. echo "$_POST is not set.";
  54. }
  55. ?>