2011-03-28 14:21:28 +00:00
|
|
|
<?
|
|
|
|
|
authorize();
|
|
|
|
|
|
|
|
|
|
$CollageID = $_POST['collageid'];
|
2012-11-03 08:00:19 +00:00
|
|
|
if (!is_number($CollageID)) {
|
|
|
|
|
error(0);
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-07-10 00:08:53 +00:00
|
|
|
$DB->query("
|
|
|
|
|
SELECT UserID, CategoryID, Locked, MaxGroups, MaxGroupsPerUser
|
|
|
|
|
FROM collages
|
|
|
|
|
WHERE ID = '$CollageID'");
|
2012-11-03 08:00:19 +00:00
|
|
|
list($UserID, $CategoryID, $Locked, $MaxGroups, $MaxGroupsPerUser) = $DB->next_record();
|
|
|
|
|
if ($CategoryID == 0 && $UserID != $LoggedUser['ID'] && !check_perms('site_collages_delete')) {
|
|
|
|
|
error(403);
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2015-03-28 08:00:28 +00:00
|
|
|
if (isset($_POST['name'])) {
|
|
|
|
|
$DB->query("
|
|
|
|
|
SELECT ID, Deleted
|
|
|
|
|
FROM collages
|
|
|
|
|
WHERE Name = '".db_string($_POST['name'])."'
|
|
|
|
|
AND ID != '$CollageID'
|
|
|
|
|
LIMIT 1");
|
|
|
|
|
if ($DB->has_results()) {
|
|
|
|
|
list($ID, $Deleted) = $DB->next_record();
|
|
|
|
|
if ($Deleted) {
|
|
|
|
|
$Err = 'A collage with that name already exists but needs to be recovered, please <a href="staffpm.php">contact</a> the staff team!';
|
|
|
|
|
} else {
|
|
|
|
|
$Err = "A collage with that name already exists: <a href=\"/collages.php?id=$ID\">$_POST[name]</a>.";
|
|
|
|
|
}
|
|
|
|
|
$ErrNoEscape = true;
|
|
|
|
|
include(SERVER_ROOT.'/sections/collages/edit.php');
|
|
|
|
|
die();
|
2011-04-29 13:49:03 +00:00
|
|
|
}
|
|
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2013-07-10 00:08:53 +00:00
|
|
|
$TagList = explode(',', $_POST['tags']);
|
|
|
|
|
foreach ($TagList as $ID => $Tag) {
|
2012-10-11 08:00:15 +00:00
|
|
|
$TagList[$ID] = Misc::sanitize_tag($Tag);
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
2013-07-10 00:08:53 +00:00
|
|
|
$TagList = implode(' ', $TagList);
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2012-11-03 08:00:19 +00:00
|
|
|
$Updates = array("Description='".db_string($_POST['description'])."', TagList='".db_string($TagList)."'");
|
2011-03-28 14:21:28 +00:00
|
|
|
|
2011-10-27 08:00:15 +00:00
|
|
|
if (!check_perms('site_collages_delete') && ($CategoryID == 0 && $UserID == $LoggedUser['ID'] && check_perms('site_collages_renamepersonal'))) {
|
2012-11-03 08:00:19 +00:00
|
|
|
if (!stristr($_POST['name'], $LoggedUser['Username'])) {
|
2011-10-27 08:00:15 +00:00
|
|
|
error("Your personal collage's title must include your username.");
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isset($_POST['featured']) && $CategoryID == 0 && (($LoggedUser['ID'] == $UserID && check_perms('site_collages_personal')) || check_perms('site_collages_delete'))) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$DB->query("
|
|
|
|
|
UPDATE collages
|
|
|
|
|
SET Featured = 0
|
2013-07-19 08:00:28 +00:00
|
|
|
WHERE CategoryID = 0
|
2013-07-10 00:08:53 +00:00
|
|
|
AND UserID = $UserID");
|
|
|
|
|
$Updates[] = 'Featured = 1';
|
2011-10-27 08:00:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (check_perms('site_collages_delete') || ($CategoryID == 0 && $UserID == $LoggedUser['ID'] && check_perms('site_collages_renamepersonal'))) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$Updates[] = "Name = '".db_string($_POST['name'])."'";
|
2012-11-03 08:00:19 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (isset($_POST['category']) && !empty($CollageCats[$_POST['category']]) && $_POST['category'] != $CategoryID && ($_POST['category'] != 0 || check_perms('site_collages_delete'))) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$Updates[] = 'CategoryID = '.$_POST['category'];
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
|
2012-11-03 08:00:19 +00:00
|
|
|
if (check_perms('site_collages_delete')) {
|
|
|
|
|
if (isset($_POST['locked']) != $Locked) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$Updates[] = 'Locked = ' . ($Locked ? "'0'" : "'1'");
|
2012-11-03 08:00:19 +00:00
|
|
|
}
|
|
|
|
|
if (isset($_POST['maxgroups']) && ($_POST['maxgroups'] == 0 || is_number($_POST['maxgroups'])) && $_POST['maxgroups'] != $MaxGroups) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$Updates[] = 'MaxGroups = ' . $_POST['maxgroups'];
|
2012-11-03 08:00:19 +00:00
|
|
|
}
|
|
|
|
|
if (isset($_POST['maxgroups']) && ($_POST['maxgroupsperuser'] == 0 || is_number($_POST['maxgroupsperuser'])) && $_POST['maxgroupsperuser'] != $MaxGroupsPerUser) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$Updates[] = 'MaxGroupsPerUser = ' . $_POST['maxgroupsperuser'];
|
2012-11-03 08:00:19 +00:00
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
}
|
|
|
|
|
|
2012-11-03 08:00:19 +00:00
|
|
|
if (!empty($Updates)) {
|
2013-07-10 00:08:53 +00:00
|
|
|
$DB->query('
|
|
|
|
|
UPDATE collages
|
|
|
|
|
SET '.implode(', ', $Updates)."
|
|
|
|
|
WHERE ID = $CollageID");
|
2012-11-03 08:00:19 +00:00
|
|
|
}
|
2011-03-28 14:21:28 +00:00
|
|
|
$Cache->delete_value('collage_'.$CollageID);
|
|
|
|
|
header('Location: collages.php?id='.$CollageID);
|
|
|
|
|
?>
|
