blob: 92a1abaec3ef3af1f0729538a4a16655bdfebb85 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
<?php
/*
444444444
4::::::::4
4:::::::::4
4::::44::::4
4::::4 4::::4 Four Island
4::::4 4::::4
4::::4 4::::4 Written and maintained by Starla Insigna
4::::444444::::444
4::::::::::::::::4 pages/edit-comment.php
4444444444:::::444
4::::4 Please do not use, reproduce or steal the
4::::4 contents of this file without explicit
4::::4 permission from Hatkirby.
44::::::44
4::::::::4
4444444444
*/
if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
require('headerproc.php');
if (!isset($_GET['id']) || !isset($_POST['comment']))
{
generateError('404');
} else {
if (isLoggedIn())
{
$getcomment = "SELECT * FROM comments WHERE id = " . $_GET['id'];
$getcomment2 = mysql_query($getcomment);
$getcomment3 = mysql_fetch_array($getcomment2);
if ($getcomment3['id'] == $_GET['id'])
{
if ((isAdmin()) || (($getcomment3['is_anon'] == 0) && (getSessionUserID() === $getcomment3['user_id'])))
{
$setcomment = "UPDATE comments SET comment = \"" . mysql_real_escape_string($_POST['comment']) . "\" WHERE id = " . $_GET['id'];
$setcomment2 = mysql_query($setcomment);
header('Location: ' . getCommentUrl($getcomment3) . '#comment-' . $getcomment3['id']);
} else {
generateError('404');
}
} else {
generateError('404');
}
} else {
generateError('404');
}
}
?>
|
