Location: PHPKode > projects > Fretsweb > fretsweb-1.2/fretsweb/admin/editforum.php
<?php

/*
Fretsweb - A Frets on Fire chart server
Copyright (C) 2009, Daan Sprenkels

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

require_once "common.php";
require_once "log.php";

//Login Test
session_start();
if($_SESSION['in'] < 1)
{
	header('location: login.php?need=moderator');
	die();
}

if(isset($_GET['delname']) && isset($_GET['deltime']))
{
	$delname = addslashes($_GET['delname']);
	$deltime = addslashes($_GET['deltime']);
	$sql = "DELETE FROM `contest_forum` WHERE `name` = '$delname' AND `time` = '$deltime'";
	if(mysql_num_rows(mysql_query("SELECT * FROM `contest_forum` WHERE `name` = '$delname' AND `time` = '$deltime'")) > 1)
		$info = "Sorry, I accidently removed more than one post. What are the odds of that? I mean: You gave me both the name, and the time, and the name and the time is the same. Wow... Dude. I'd say you did this on pupose, so you would see this easter egg... No? Than you just use Fretsweb good. Jeez. This is weird. Maybe the server did a mistake. Or some person had refreshed the forum page in one second while he had his cookies turned off. OH NO! Maybe there's a bot on your forum. AAH!";
	if(mysql_num_rows(mysql_query("SELECT * FROM `contest_forum` WHERE `name` = '$delname' AND `time` = '$deltime'")) > 0)
	{
		if(mysql_query($sql))
		{
			clog("Deleted forum post from $delname ($deltime)");
			$info = "Deleted post from $delname ($deltime).";
		}
		else
			$info = "Sorry, but there was some error.";
		
	}
	else
		$info = "Sorry, but there is no post with these data.";
}

?>
<html>
<head>
<title>Forum editing</title>
<link href="../css.php" rel="stylesheet" type="text/css" />
<link href="../images/favicon.png" rel="icon">
</head>
<body><center>
<h2>Edit forum</h2>
<p>Note: If you want the IP-address of a person, please look him up in the logs table.</p>
<?php

if(isset($info))
	echo '<p class="info">' . $info . '</p>';

echo '<table class="regular">';
$sql = 'SELECT `name`, `time`, `text` FROM `contest_forum`';
$query = mysql_query($sql);
while($row = mysql_fetch_assoc($query))
{
	echo "<tr><th style=\"vertical-align: middle;\">{$row['name']} at {$row['time']}</th><td style=\"vertical-align: middle;\">" . str_replace("\n", "<br/>", $row['text']) . "</td><td style=\"vertical-align: middle;\"><a href=\"{$_SERVER['PHP_SELF']}?delname={$row['name']}&deltime={$row['time']}\"><img src=\"../images/cross.png\" /></a></td></tr>";
}
echo '</table>';

?>
<p><b><a href="index.php">Back to main administration panel</a></b><p>
</center></body>
</html>

<?php
	// close DB
	mysql_close( $db_link );
?>

Return current item: Fretsweb