'.print_r($_POST,1).'';
if (!array_key_exists('id',$_POST) || !array_key_exists('OurDesc',$_POST) || !array_key_exists('OurDescEN',$_POST))
muoribene(__LINE__.': Malformed input.',true);
if (preg_match('/^[0-9]+$/',$_POST['id'])===1) {
$instid=$_POST['id']+0;
$res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
or muoribene(__LINE__.': '.mysqli_error($link),true);
if (mysqli_num_rows($res)!=1)
muoribene(__LINE__.': There is no instance with ID='.$instid.'.');
$inst=mysqli_fetch_assoc($res);
} else {
muoribene(__LINE__.': Malformed input.',true);
}
if ($account['Level']=='guest' && !in_array($_POST['id'],$account['Insts']))
muoribene('You can modify only your instances.',true);
$que='UPDATE Instances SET ';
if ($account['Level']!='guest') {
if (array_key_exists('NoxReason',$_POST) && array_key_exists('Noxious',$_POST) && $_POST['Noxious']=='on') {
$sets[]='Noxious=1';
$_POST['NoxReason']=trim($_POST['NoxReason']);
($_POST['NoxReason']!='') ? $sets[]='NoxReason=\''.myesc($link,$_POST['NoxReason']).'\'' : $sets[]='NoxReason=NULL';
$sets[]='NoxLastModTS='.$now;
} else {
$sets[]='Noxious=0';
// don't uncomment these two lines: let's remember when and why an instance has been marked as noxious even if we later unmark it
//$sets[]='NoxReason=NULL';
//$sets[]='NoxLastModTS=NULL';
}
(array_key_exists('Visible',$_POST) && $_POST['Visible']=='on') ? $sets[]='Visible=1' : $sets[]='Visible=0';
$_POST['Priority']=trim($_POST['Priority']);
(array_key_exists('Priority',$_POST) && preg_match('#^\d+#',$_POST['Priority'])===1) ? $sets[]='Priority='.$_POST['Priority'] : $sets[]='Priority=NULL';
}
(array_key_exists('OurLangsLock',$_POST) && $_POST['OurLangsLock']=='on') ? $sets[]='OurLangsLock=1' : $sets[]='OurLangsLock=0';
$_POST['OurDesc']=trim($_POST['OurDesc']);
($_POST['OurDesc']!='') ? $sets[]='OurDesc=\''.myesc($link,$_POST['OurDesc']).'\'' : $sets[]='OurDesc=NULL';
$_POST['OurDescEN']=trim($_POST['OurDescEN']);
($_POST['OurDescEN']!='') ? $sets[]='OurDescEN=\''.myesc($link,$_POST['OurDescEN']).'\'' : $sets[]='OurDescEN=NULL';
if (array_key_exists('LocalityID',$_POST)) {
if (preg_match('/^[0-9]+$/',$_POST['LocalityID'])===1)
$sets[]='LocalityID='.($_POST['LocalityID']+0);
else
muoribene(__LINE__.': Malformed input.',true);
} else {
$sets[]='LocalityID=NULL';
}
($account['Level']=='guest') ? $sets[]='LastGuestEdit='.$now : $sets[]='LastGuestEdit=NULL';
$que.=implode(', ',$sets).' WHERE ID='.$instid;
$dbg.='QUERONA: '.hspech($que).'
'.N;
mysqli_query($link,$que) or muoribene(__LINE__.': '.mysqli_error($link),true);
function multi(&$link,&$instid,&$dbg,$inpid,$table,$column,$line) {
$queries=array();
if (array_key_exists($inpid,$_POST)) {
if (is_array($_POST[$inpid])) {
$pos=0;
foreach ($_POST[$inpid] as $val) {
if (preg_match('/^[0-9]+$/',$val)===1) {
$pos++;
$val+=0;
$queries[]='INSERT INTO '.$table.' (InstID, '.$column.', Pos) VALUES ('.$instid.', '.$val.', '.$pos.')';
} else {
muoribene($line.':'.__LINE__.': Malformed input.',true);
}
}
} else {
muoribene($line.':'.__LINE__.': Malformed input.',true);
}
} //qui niente "else {muoribene...}!
$que='DELETE FROM '.$table.' WHERE InstID='.$instid;
$dbg.='QUEROTTA: '.hspech($que).'
'.N;
mysqli_query($link,$que) or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
foreach ($queries as $que) {
$dbg.='QUERINA: '.hspech($que).'
'.N;
mysqli_query($link,$que) or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
}
}
multi($link,$instid,$dbg,'ChosenLangs','InstOurLangs','OurLangID',__LINE__);
multi($link,$instid,$dbg,'ChosenFinModes','InstFinancing','FinID',__LINE__);
multi($link,$instid,$dbg,'ChosenPolicies','InstPolicies','PolID',__LINE__);
multi($link,$instid,$dbg,'ChosenTags','InstTags','TagID',__LINE__);
$res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
or muoribene(__LINE__.': '.mysqli_error($link),true);
$inst=mysqli_fetch_assoc($res);
require('include/columns.php');
require('include/gracetime.php');
$graceline=$now-$gracetime;
require('include/dispinst.php');
$out=dispinst($inst,$cols,$link,$dlang,$account,false,0,0,$graceline);
if ($account['Level']=='guest')
mysqli_query($link,'INSERT INTO Notifications (ID, Notification, Severity, Microtime, Seen) VALUES (NULL, \''.myesc($link,$account['Email'].' ha editato la sua istanza «'.$inst['URI'].'».').'\', 3, \''.$mtnow.'\', 0)')
or muoribene(__LINE__.': '.mysqli_error($link),true);
mysqli_close($link);
?>