query(' DELETE FROM do_not_upload WHERE ID = '.$_POST['id']); } else { //Edit & Create, Shared Validation $Val->SetFields('name', '1', 'string', 'The name must be set, has a maximum length of 100 characters, and has a minimum length of 5 characters.', array('maxlength' => 100, 'minlength' => 5)); $Val->SetFields('comment', '0', 'string', 'The description has a maximum length of 255 characters.', array('maxlength' => 255)); $Err = $Val->ValidateForm($_POST); // Validate the form if ($Err) { error($Err); } $P = array(); $P = db_array($_POST); // Sanitize the form if ($_POST['submit'] == 'Edit') { //Edit if (!is_number($_POST['id']) || $_POST['id'] == '') { error(0); } $DB->query(" UPDATE do_not_upload SET Name = '$P[name]', Comment = '$P[comment]', UserID = '$LoggedUser[ID]', Time = '".sqltime()."' WHERE ID = '$P[id]'"); } else { //Create $DB->query(" INSERT INTO do_not_upload (Name, Comment, UserID, Time) VALUES ('$P[name]','$P[comment]','$LoggedUser[ID]','".sqltime()."')"); } } // Go back header('Location: tools.php?action=dnu') ?>