mirror of
https://github.com/WhatCD/Gazelle.git
synced 2024-12-15 03:46:25 +00:00
51 lines
2.2 KiB
PHP
51 lines
2.2 KiB
PHP
<?
|
|
authorize();
|
|
|
|
$CollageID = $_POST['collageid'];
|
|
if(!is_number($CollageID)) { error(0); }
|
|
|
|
$DB->query("SELECT UserID, CategoryID FROM collages WHERE ID='$CollageID'");
|
|
list($UserID, $CategoryID) = $DB->next_record();
|
|
if($CategoryID == 0 && $UserID!=$LoggedUser['ID'] && !check_perms('site_collages_delete')) { error(403); }
|
|
|
|
$DB->query("SELECT ID,Deleted FROM collages WHERE Name='".db_string($_POST['name'])."' AND ID!='$CollageID' LIMIT 1");
|
|
if($DB->record_count()) {
|
|
list($ID, $Deleted) = $DB->next_record();
|
|
if($Deleted) {
|
|
$Err = 'A collage with that name already exists but needs to be recovered, please <a href="staffpm.php">contact</a> the staff team!';
|
|
} else {
|
|
$Err = "A collage with that name already exists: <a href=\"/collages.php?id=$ID\">$ID</a>.";
|
|
}
|
|
}
|
|
|
|
$TagList = explode(',',$_POST['tags']);
|
|
foreach($TagList as $ID=>$Tag) {
|
|
$TagList[$ID] = Misc::sanitize_tag($Tag);
|
|
}
|
|
$TagList = implode(' ',$TagList);
|
|
|
|
$DB->query("UPDATE collages SET Description='".db_string($_POST['description'])."', TagList='$TagList' WHERE ID='$CollageID'");
|
|
|
|
if (!check_perms('site_collages_delete') && ($CategoryID == 0 && $UserID == $LoggedUser['ID'] && check_perms('site_collages_renamepersonal'))) {
|
|
if(!stristr($_POST['name'], $LoggedUser['Username'])) {
|
|
error("Your personal collage's title must include your username.");
|
|
}
|
|
}
|
|
|
|
if (isset($_POST['featured']) && $CategoryID == 0 && (($LoggedUser['ID'] == $UserID && check_perms('site_collages_personal')) || check_perms('site_collages_delete'))) {
|
|
$DB->query("UPDATE collages SET Featured=0 WHERE CategoryID=0 and UserID=$UserID");
|
|
$DB->query("UPDATE collages SET Featured=1 WHERE ID=$CollageID");
|
|
}
|
|
|
|
if (check_perms('site_collages_delete') || ($CategoryID == 0 && $UserID == $LoggedUser['ID'] && check_perms('site_collages_renamepersonal'))) {
|
|
$DB->query("UPDATE collages SET Name='".db_string($_POST['name'])."' WHERE ID='$CollageID'");
|
|
}
|
|
|
|
if(isset($_POST['category']) && !empty($CollageCats[$_POST['category']]) && $_POST['category']!=$CategoryID && ($_POST['category']!=0 || check_perms('site_collages_delete'))) {
|
|
$DB->query("UPDATE collages SET CategoryID='".db_string($_POST['category'])."' WHERE ID='$CollageID'");
|
|
}
|
|
|
|
$Cache->delete_value('collage_'.$CollageID);
|
|
header('Location: collages.php?id='.$CollageID);
|
|
?>
|