mirror of
https://github.com/WhatCD/Gazelle.git
synced 2024-12-15 03:46:25 +00:00
36 lines
1.2 KiB
PHP
36 lines
1.2 KiB
PHP
<?
|
|
if(!check_perms('admin_dnu')) { error(403); }
|
|
|
|
authorize();
|
|
|
|
if($_POST['submit'] == 'Delete'){ //Delete
|
|
if(!is_number($_POST['id']) || $_POST['id'] == ''){ error(0); }
|
|
$DB->query('DELETE FROM do_not_upload WHERE ID='.$_POST['id']);
|
|
} else { //Edit & Create, Shared Validation
|
|
$Val->SetFields('name', '1','string','The name must be set, and has a max length of 40 characters', array('maxlength'=>40, 'minlength'=>1));
|
|
$Val->SetFields('comment', '0','string','The description has a max length of 255 characters', array('maxlength'=>255));
|
|
$Err=$Val->ValidateForm($_POST); // Validate the form
|
|
if($Err){ error($Err); }
|
|
|
|
$P=array();
|
|
$P=db_array($_POST); // Sanitize the form
|
|
|
|
if($_POST['submit'] == 'Edit'){ //Edit
|
|
if(!is_number($_POST['id']) || $_POST['id'] == ''){ error(0); }
|
|
$DB->query("UPDATE do_not_upload SET
|
|
Name='$P[name]',
|
|
Comment='$P[comment]',
|
|
UserID='$LoggedUser[ID]',
|
|
Time='".sqltime()."'
|
|
WHERE ID='$P[id]'");
|
|
} else { //Create
|
|
$DB->query("INSERT INTO do_not_upload
|
|
(Name, Comment, UserID, Time) VALUES
|
|
('$P[name]','$P[comment]','$LoggedUser[ID]','".sqltime()."')");
|
|
}
|
|
}
|
|
|
|
// Go back
|
|
header('Location: tools.php?action=dnu')
|
|
?>
|