summaryrefslogtreecommitdiff
path: root/lib/blog/edcom.php
blob: ca8fd7e304171996771bde75a14425362bf39821 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
<?php

require("lib/markdown.php");

assert_redir(count($args) == 3, 'blog');
$comid = intval($args[2]);

$com = mysql_fetch_assoc(sql(
	"SELECT blog_comments.owner AS owner, blog_comments.text AS text, blog_comments.post AS post ".
	"FROM blog_comments WHERE id = $comid"
	));
assert_error($com && ($com['owner'] == $user['id'] || $user['priv'] >= $priv_mod),
	"This comment does not exist, or you are not allowed to edit it.");

$com_text = $com['text'];
if (isset($_POST['text'])) {
	$com_text = esca($_POST['text']);
	$com_text_html = Markdown($com_text);
	if (trim($com_text) == "") {
		$error = "You cannot enter an empty comment. If you want your comment to be deleted, please edit your comment so that it says so, and an administrator will delete it.";
	} else {
		sql("UPDATE blog_comments SET text = '" . escs($com_text) . "', text_html = '" . escs($com_text_html) . "' ".
			"WHERE id = $comid");;
		header("Location: view-blog-" . $com['post']);
		die();
	}
}

$title = "Edit comment";
$fields = array(
	array("label" => "Comment : ", "name" => "text", "value" => $com_text, "type" => "textarea"),
	);
$validate = "Edit comment";

require("tpl/general/form.php");