2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
|
authorize();
|
|
|
|
|
|
2013-04-24 08:00:23 +00:00
|
|
|
if (!check_perms('admin_manage_forums')) {
|
|
|
|
|
error(403);
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
$P = db_array($_POST);
|
2013-04-24 08:00:23 +00:00
|
|
|
if ($_POST['submit'] == 'Delete') { //Delete
|
|
|
|
|
if (!is_number($_POST['id']) || $_POST['id'] == '') {
|
|
|
|
|
error(0);
|
|
|
|
|
}
|
2013-07-04 08:00:56 +00:00
|
|
|
$DB->query('
|
|
|
|
|
DELETE FROM forums
|
|
|
|
|
WHERE ID = '.$_POST['id']);
|
2011-03-28 14:21:28 +00:00
|
|
|
} else { //Edit & Create, Shared Validation
|
2013-07-04 08:00:56 +00:00
|
|
|
$Val->SetFields('name', '1', 'string', 'The name must be set, and has a max length of 40 characters', array('maxlength' => 40, 'minlength' => 1));
|
|
|
|
|
$Val->SetFields('description', '0', 'string', 'The description has a max length of 255 characters', array('maxlength' => 255));
|
|
|
|
|
$Val->SetFields('sort', '1', 'number', 'Sort must be set');
|
|
|
|
|
$Val->SetFields('categoryid', '1', 'number', 'Category must be set');
|
|
|
|
|
$Val->SetFields('minclassread', '1', 'number', 'MinClassRead must be set');
|
|
|
|
|
$Val->SetFields('minclasswrite', '1', 'number', 'MinClassWrite must be set');
|
|
|
|
|
$Val->SetFields('minclasscreate', '1', 'number', 'MinClassCreate must be set');
|
2013-04-24 08:00:23 +00:00
|
|
|
$Err = $Val->ValidateForm($_POST); // Validate the form
|
|
|
|
|
if ($Err) {
|
|
|
|
|
error($Err);
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-04-24 08:00:23 +00:00
|
|
|
if ($P['minclassread'] > $LoggedUser['Class'] || $P['minclasswrite'] > $LoggedUser['Class'] || $P['minclasscreate'] > $LoggedUser['Class']) {
|
2011-07-13 08:00:06 +00:00
|
|
|
error(403);
|
|
|
|
|
}
|
2013-04-24 08:00:23 +00:00
|
|
|
$P['autolock'] = isset($_POST['autolock']) ? '1' : '0';
|
2011-07-13 08:00:06 +00:00
|
|
|
|
2013-04-24 08:00:23 +00:00
|
|
|
if ($_POST['submit'] == 'Edit') { //Edit
|
|
|
|
|
if (!is_number($_POST['id']) || $_POST['id'] == '') {
|
|
|
|
|
error(0);
|
|
|
|
|
}
|
2013-07-04 08:00:56 +00:00
|
|
|
$DB->query('
|
|
|
|
|
SELECT MinClassRead
|
|
|
|
|
FROM forums
|
|
|
|
|
WHERE ID = ' . $P['id']);
|
2013-04-24 08:00:23 +00:00
|
|
|
if ($DB->record_count() < 1) {
|
2011-07-13 08:00:06 +00:00
|
|
|
error(404);
|
|
|
|
|
} else {
|
|
|
|
|
list($MinClassRead) = $DB->next_record();
|
2013-04-24 08:00:23 +00:00
|
|
|
if ($MinClassRead > $LoggedUser['Class']) {
|
2011-07-13 08:00:06 +00:00
|
|
|
error(403);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-24 08:00:23 +00:00
|
|
|
$DB->query("
|
|
|
|
|
UPDATE forums
|
|
|
|
|
SET
|
2013-07-04 08:00:56 +00:00
|
|
|
Sort = '$P[sort]',
|
|
|
|
|
CategoryID = '$P[categoryid]',
|
|
|
|
|
Name = '$P[name]',
|
|
|
|
|
Description = '$P[description]',
|
|
|
|
|
MinClassRead = '$P[minclassread]',
|
|
|
|
|
MinClassWrite = '$P[minclasswrite]',
|
|
|
|
|
MinClassCreate = '$P[minclasscreate]',
|
|
|
|
|
AutoLock = '$P[autolock]',
|
|
|
|
|
AutoLockWeeks = '$P[autolockweeks]'
|
|
|
|
|
WHERE ID = '$P[id]'");
|
2011-03-28 14:21:28 +00:00
|
|
|
} else { //Create
|
2013-07-04 08:00:56 +00:00
|
|
|
$DB->query("
|
|
|
|
|
INSERT INTO forums
|
|
|
|
|
(Sort, CategoryID, Name, Description, MinClassRead, MinClassWrite, MinClassCreate, AutoLock, AutoLockWeeks)
|
|
|
|
|
VALUES
|
|
|
|
|
('$P[sort]', '$P[categoryid]', '$P[name]', '$P[description]', '$P[minclassread]', '$P[minclasswrite]', '$P[minclasscreate]', '$P[autolock]', '$P[autolockweeks]')");
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-27 08:01:06 +00:00
|
|
|
$Cache->delete_value('forums_list'); // Clear cache
|
2011-03-28 14:21:28 +00:00
|
|
|
|
|
|
|
|
// Go back
|
|
|
|
|
header('Location: tools.php?action=forum')
|
|
|
|
|
?>
|
