Gazelle/sections/artist/takeedit.php

<?
/*********************************************************************\
The page that handles the backend of the 'edit artist' function. 
\*********************************************************************/

authorize();

if(!$_REQUEST['artistid'] || !is_number($_REQUEST['artistid'])) {
	error(404);
}

if(!check_perms('site_edit_wiki')) { error(403); }

// Variables for database input
$UserID = $LoggedUser['ID'];
$ArtistID = $_REQUEST['artistid'];

if($_GET['action'] == 'revert') { // if we're reverting to a previous revision
	authorize();
	$RevisionID=$_GET['revisionid'];
	if(!is_number($RevisionID)) { error(0); }
} else { // with edit, the variables are passed with POST
	$Body = db_string($_POST['body']);
	$Summary = db_string($_POST['summary']);
	$Image = db_string($_POST['image']);
	// Trickery
	if(!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {
		$Image = '';
	}
}

// Insert revision
if(!$RevisionID) { // edit
	$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)
				VALUES ('$ArtistID', '$Body', '$Image', '$UserID', '$Summary', '".sqltime()."')");
} else { // revert
	$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time) 
		SELECT '$ArtistID', Body, Image, '$UserID', 'Reverted to revision $RevisionID', '".sqltime()."' 
		FROM wiki_artists WHERE RevisionID='$RevisionID'");
}

$RevisionID=$DB->inserted_id();

// Update artists table (technically, we don't need the RevisionID column, but we can use it for a join which is nice and fast)
$DB->query("UPDATE artists_group SET RevisionID='$RevisionID' WHERE ArtistID='$ArtistID'");

// There we go, all done!
$Cache->delete_value('artist_'.$ArtistID); // Delete artist cache
header('Location: artist.php?id='.$ArtistID);
?>
Initial import from revision 11440 2011-03-28 14:21:28 +00:00			`<?`
			`/*********************************************************************\`
			`The page that handles the backend of the 'edit artist' function.`
			`\*********************************************************************/`

			`authorize();`

			`if(!$_REQUEST['artistid'] \|\| !is_number($_REQUEST['artistid'])) {`
			`error(404);`
			`}`

			`if(!check_perms('site_edit_wiki')) { error(403); }`

			`// Variables for database input`
			`$UserID = $LoggedUser['ID'];`
			`$ArtistID = $_REQUEST['artistid'];`

			`if($_GET['action'] == 'revert') { // if we're reverting to a previous revision`
			`authorize();`
			`$RevisionID=$_GET['revisionid'];`
			`if(!is_number($RevisionID)) { error(0); }`
			`} else { // with edit, the variables are passed with POST`
			`$Body = db_string($_POST['body']);`
			`$Summary = db_string($_POST['summary']);`
			`$Image = db_string($_POST['image']);`
			`// Trickery`
			`if(!preg_match("/^".IMAGE_REGEX."$/i", $Image)) {`
			`$Image = '';`
			`}`
			`}`

			`// Insert revision`
			`if(!$RevisionID) { // edit`
			`$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)`
			`VALUES ('$ArtistID', '$Body', '$Image', '$UserID', '$Summary', '".sqltime()."')");`
			`} else { // revert`
			`$DB->query("INSERT INTO wiki_artists (PageID, Body, Image, UserID, Summary, Time)`
			`SELECT '$ArtistID', Body, Image, '$UserID', 'Reverted to revision $RevisionID', '".sqltime()."'`
			`FROM wiki_artists WHERE RevisionID='$RevisionID'");`
			`}`

			`$RevisionID=$DB->inserted_id();`

			`// Update artists table (technically, we don't need the RevisionID column, but we can use it for a join which is nice and fast)`
			`$DB->query("UPDATE artists_group SET RevisionID='$RevisionID' WHERE ArtistID='$ArtistID'");`

			`// There we go, all done!`
			`$Cache->delete_value('artist_'.$ArtistID); // Delete artist cache`
			`header('Location: artist.php?id='.$ArtistID);`
			`?>`