123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186 |
- <?php
- require '../../lib/glob.php';
- require '../../lib/muoribene.php';
- require '../../lib/sessionstart.php';
- require '../../lib/myconn.php';
- require '../../lib/getadmacc.php';
- require '../../lib/menu.php';
- $menu['menu']['selected']=true;
- $menu['menu']['submenu']['instances']['selected']=true;
- buildmenu($menu);
- $dbg='';
- $now=time();
- $mtnow=microtime(true);
- use function mysqli_real_escape_string as myesc;
- function hspech($str) {
- return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
- }
- $dbg.='<pre>'.print_r($_POST,1).'</pre>';
- if (!array_key_exists('id',$_POST) || !array_key_exists('OurDesc',$_POST) || !array_key_exists('OurDescEN',$_POST))
- muoribene(__LINE__.': Malformed input.',true);
- if (preg_match('/^[0-9]+$/',$_POST['id'])===1) {
- $instid=$_POST['id']+0;
- $res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
- or muoribene(__LINE__.': '.mysqli_error($link),true);
- if (mysqli_num_rows($res)!=1)
- muoribene(__LINE__.': There is no instance with ID='.$instid.'.');
- $inst=mysqli_fetch_assoc($res);
- } else {
- muoribene(__LINE__.': Malformed input.',true);
- }
- if ($account['Level']=='guest' && !in_array($_POST['id'],$account['Insts']))
- muoribene('You can modify only your instances.',true);
- $que='UPDATE Instances SET ';
- if ($account['Level']!='guest') {
- if (array_key_exists('NoxReason',$_POST) && array_key_exists('Noxious',$_POST) && $_POST['Noxious']=='on') {
- $sets[]='Noxious=1';
- $_POST['NoxReason']=trim($_POST['NoxReason']);
- ($_POST['NoxReason']!='') ? $sets[]='NoxReason=\''.myesc($link,$_POST['NoxReason']).'\'' : $sets[]='NoxReason=NULL';
- $sets[]='NoxLastModTS='.$now;
- } else {
- $sets[]='Noxious=0';
- // don't uncomment these two lines: let's remember when and why an instance has been marked as noxious even if we later unmark it
- //$sets[]='NoxReason=NULL';
- //$sets[]='NoxLastModTS=NULL';
- }
- (array_key_exists('Visible',$_POST) && $_POST['Visible']=='on') ? $sets[]='Visible=1' : $sets[]='Visible=0';
- $_POST['Priority']=trim($_POST['Priority']);
- (array_key_exists('Priority',$_POST) && preg_match('#^\d+#',$_POST['Priority'])===1) ? $sets[]='Priority='.$_POST['Priority'] : $sets[]='Priority=NULL';
- }
- (array_key_exists('OurLangsLock',$_POST) && $_POST['OurLangsLock']=='on') ? $sets[]='OurLangsLock=1' : $sets[]='OurLangsLock=0';
- $_POST['OurDesc']=trim($_POST['OurDesc']);
- ($_POST['OurDesc']!='') ? $sets[]='OurDesc=\''.myesc($link,$_POST['OurDesc']).'\'' : $sets[]='OurDesc=NULL';
- $_POST['OurDescEN']=trim($_POST['OurDescEN']);
- ($_POST['OurDescEN']!='') ? $sets[]='OurDescEN=\''.myesc($link,$_POST['OurDescEN']).'\'' : $sets[]='OurDescEN=NULL';
- if (array_key_exists('LocalityID',$_POST)) {
- if (preg_match('/^[0-9]+$/',$_POST['LocalityID'])===1)
- $sets[]='LocalityID='.($_POST['LocalityID']+0);
- else
- muoribene(__LINE__.': Malformed input.',true);
- } else {
- $sets[]='LocalityID=NULL';
- }
- ($account['Level']=='guest') ? $sets[]='LastGuestEdit='.$now : $sets[]='LastGuestEdit=NULL';
- $que.=implode(', ',$sets).' WHERE ID='.$instid;
- $dbg.='QUERONA: '.hspech($que).'<br>'.N;
- mysqli_query($link,$que) or muoribene(__LINE__.': '.mysqli_error($link),true);
- function multi(&$link,&$instid,&$dbg,$inpid,$table,$column,$line) {
- $queries=array();
- if (array_key_exists($inpid,$_POST)) {
- if (is_array($_POST[$inpid])) {
- $pos=0;
- foreach ($_POST[$inpid] as $val) {
- if (preg_match('/^[0-9]+$/',$val)===1) {
- $pos++;
- $val+=0;
- $queries[]='INSERT INTO '.$table.' (InstID, '.$column.', Pos) VALUES ('.$instid.', '.$val.', '.$pos.')';
- } else {
- muoribene($line.':'.__LINE__.': Malformed input.',true);
- }
- }
- } else {
- muoribene($line.':'.__LINE__.': Malformed input.',true);
- }
- } //qui niente "else {muoribene...}!
- $que='DELETE FROM '.$table.' WHERE InstID='.$instid;
- $dbg.='QUEROTTA: '.hspech($que).'<br>'.N;
- mysqli_query($link,$que) or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
- foreach ($queries as $que) {
- $dbg.='QUERINA: '.hspech($que).'<br>'.N;
- mysqli_query($link,$que) or muoribene($line.':'.__LINE__.': '.mysqli_error($link),true);
- }
- }
- multi($link,$instid,$dbg,'ChosenLangs','InstOurLangs','OurLangID',__LINE__);
- multi($link,$instid,$dbg,'ChosenFinModes','InstFinancing','FinID',__LINE__);
- multi($link,$instid,$dbg,'ChosenPolicies','InstPolicies','PolID',__LINE__);
- multi($link,$instid,$dbg,'ChosenTags','InstTags','TagID',__LINE__);
- $res=mysqli_query($link,'SELECT *, ID AS IID FROM Instances WHERE ID='.$instid)
- or muoribene(__LINE__.': '.mysqli_error($link),true);
- $inst=mysqli_fetch_assoc($res);
- require '../../lib/columns.php';
- require '../../lib/dispinst.php';
- $out=dispinst($inst,$cols,$link,$dlang,$account,false,0,0,$graceline);
- if ($account['Level']=='guest')
- mysqli_query($link,'INSERT INTO Notifications (ID, Notification, Severity, Microtime, Seen) VALUES (NULL, \''.myesc($link,$account['Email'].' ha editato la sua istanza «<a href="viewinst.php?id='.$inst['IID'].'">'.$inst['URI'].'</a>».').'\', 3, \''.$mtnow.'\', 0)')
- or muoribene(__LINE__.': '.mysqli_error($link),true);
- mysqli_close($link);
- ?>
- <!DOCTYPE HTML>
- <html lang="en">
- <head>
- <title>Mustard - «<?php echo($inst['URI']); ?>» form saved</title>
- <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
- <meta name="description" content="Admin pages for Mastodon Help">
- <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
- <link rel="icon" type="image/png" href="imgs/icona-32.png" sizes="32x32">
- <link rel="icon" type="image/png" href="imgs/icona-192.png" sizes="192x192">
- <link rel="icon" type="image/png" href="imgs/icona-512.png" sizes="512x512">
- <link rel="apple-touch-icon-precomposed" href="imgs/icona-180.png">
- <script language="JavaScript" src="js/menu.js?v=<?php echo($cjrand); ?>"></script>
- <link rel="stylesheet" type="text/css" href="css/theme.css?v=<?php echo($cjrand); ?>">
- <script language="JavaScript">
- <!--
- //-->
- </script>
- </head>
- <body>
- <nav>
- <div id="hmenu">
- <ul>
- <?php echo($menuout); ?>
- </ul>
- <div class="mtit">Editing results for «<?php echo($inst['URI']); ?>»</div>
- <div id="rightdiv">
- <img src="imgs/esci.svg" class="rlinks" title="Logout" onclick="document.location.href='logout.php';">
- </div>
- </div>
- </nav>
- <div id="popup">
- <div id="inpopup">
- <div id="popupcont">
- ...
- </div>
- </div>
- </div>
- <!-- <div id="footer">
- </div> -->
- <div id="fullscreen">
- <div id="middlerow">
- <?php echo($out); ?>
- </div>
- </div>
- <div id="debug">
- <?php echo($dbg); ?>
- </div>
- </body>
- </html>
|