1 files changed, 5 insertions, 5 deletions
diff --git a/pages/admin.php b/pages/admin.php
index a3dbffc..11cb35c 100755
--- a/pages/admin.php
+++ b/pages/admin.php

@@ -364,7 +364,7 @@ if (isLoggedIn())
                        {
                                if ($_GET['dir'] == 'up')
                                {
-                                        $get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " LIMIT 0,1";
+                                        $get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " ORDER BY id DESC LIMIT 0,1";
                                        $get2pending2 = mysql_query($get2pending);
                                        $get2pending3 = mysql_fetch_array($get2pending2);
@@ -379,7 +379,7 @@ if (isLoggedIn())
                                        }
                                } else if ($_GET['dir'] == 'down')
                                {
-                                        $get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " LIMIT 0,1";
+                                        $get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " ORDER BY id ASC LIMIT 0,1";
                                        $get2pending2 = mysql_query($get2pending);
                                        $get2pending3 = mysql_fetch_array($get2pending2);
@@ -399,11 +399,11 @@ if (isLoggedIn())
                                        $delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id'];
                                        $delpending2 = mysql_query($delpending);
-                                        $inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . $otherPending['text'] . "\",\"" . $otherPending['slug'] . "\")";
+                                        $inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . mysql_real_escape_string($otherPending['text']) . "\",\"" . $otherPending['slug'] . "\")";
                                        $inspending2 = mysql_query($inspending);
-                                        $ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . $getpending3['text'] . "\",\"" . $getpending3['slug'] . "\")";
+                                        $ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . mysql_real_escape_string($getpending3['text']) . "\",\"" . $getpending3['slug'] . "\")";
-                                        $ins2pending2 = mysql_query($ins2pending);
+                                        $ins2pending2 = mysql_query($ins2pending) or die($ins2pending);
                                        $tags1 = getTags($_GET['id'], 'pending');
                                        $tags2 = getTags($otherPending['id'], 'pending');

diff --git a/pages/admin.php b/pages/admin.php index a3dbffc..11cb35c 100755 --- a/pages/admin.php +++ b/pages/admin.php
@@ -364,7 +364,7 @@ if (isLoggedIn())
364	{	364	{
365	if ($_GET['dir'] == 'up')	365	if ($_GET['dir'] == 'up')
366	{	366	{
367	$get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " LIMIT 0,1";	367	$get2pending = "SELECT * FROM pending WHERE id < " . $_GET['id'] . " ORDER BY id DESC LIMIT 0,1";
368	$get2pending2 = mysql_query($get2pending);	368	$get2pending2 = mysql_query($get2pending);
369	$get2pending3 = mysql_fetch_array($get2pending2);	369	$get2pending3 = mysql_fetch_array($get2pending2);
370		370
@@ -379,7 +379,7 @@ if (isLoggedIn())
379	}	379	}
380	} else if ($_GET['dir'] == 'down')	380	} else if ($_GET['dir'] == 'down')
381	{	381	{
382	$get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " LIMIT 0,1";	382	$get2pending = "SELECT * FROM pending WHERE id > " . $_GET['id'] . " ORDER BY id ASC LIMIT 0,1";
383	$get2pending2 = mysql_query($get2pending);	383	$get2pending2 = mysql_query($get2pending);
384	$get2pending3 = mysql_fetch_array($get2pending2);	384	$get2pending3 = mysql_fetch_array($get2pending2);
385		385
@@ -399,11 +399,11 @@ if (isLoggedIn())
399	$delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id'];	399	$delpending = "DELETE FROM pending WHERE id = " . $_GET['id'] . " OR id = " . $otherPending['id'];
400	$delpending2 = mysql_query($delpending);	400	$delpending2 = mysql_query($delpending);
401		401
402	$inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . $otherPending['text'] . "\",\"" . $otherPending['slug'] . "\")";	402	$inspending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $_GET['id'] . ",\"" . $otherPending['title'] . "\",\"" . $otherPending['author'] . "\",\"" . mysql_real_escape_string($otherPending['text']) . "\",\"" . $otherPending['slug'] . "\")";
403	$inspending2 = mysql_query($inspending);	403	$inspending2 = mysql_query($inspending);
404		404
405	$ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . $getpending3['text'] . "\",\"" . $getpending3['slug'] . "\")";	405	$ins2pending = "INSERT INTO pending (id, title, author, text, slug) VALUES (" . $otherPending['id'] . ",\"" . $getpending3['title'] . "\",\"" . $getpending3['author'] . "\",\"" . mysql_real_escape_string($getpending3['text']) . "\",\"" . $getpending3['slug'] . "\")";
406	$ins2pending2 = mysql_query($ins2pending);	406	$ins2pending2 = mysql_query($ins2pending) or die($ins2pending);
407		407
408	$tags1 = getTags($_GET['id'], 'pending');	408	$tags1 = getTags($_GET['id'], 'pending');
409	$tags2 = getTags($otherPending['id'], 'pending');	409	$tags2 = getTags($otherPending['id'], 'pending');