changeset 255 | c74736571f43 |
parent 237 | 4ab30e8dd168 |
child 256 | f8356d9c3481 |
254:f49e3c8b638c | 255:c74736571f43 |
---|---|
1794 { |
1794 { |
1795 $data = $content; |
1795 $data = $content; |
1796 $id = md5( microtime() . mt_rand() ); |
1796 $id = md5( microtime() . mt_rand() ); |
1797 |
1797 |
1798 $minor = isset($_POST['minor']) ? 'true' : 'false'; |
1798 $minor = isset($_POST['minor']) ? 'true' : 'false'; |
1799 $q='INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $db->escape($_POST['page_id']) . '\', \'' . $db->escape($_POST['namespace']) . '\', \''.$data.'\', \''.$id.'\', \''.$session->username.'\', \''.$db->escape(htmlspecialchars($_POST['summary'])).'\', '.$minor.');'; |
1799 $q='INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,page_id,namespace,page_text,char_tag,author,edit_summary,minor_edit) VALUES(\'page\', \'edit\', '.time().', \''.date('d M Y h:i a').'\', \'' . $db->escape($_POST['page_id']) . '\', \'' . $db->escape($_POST['namespace']) . '\', \''.$db->escape($data).'\', \''.$id.'\', \''.$session->username.'\', \''.$db->escape(htmlspecialchars($_POST['summary'])).'\', '.$minor.');'; |
1800 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
1800 if(!$db->sql_query($q)) $db->_die('The history (log) entry could not be inserted into the logs table.'); |
1801 |
1801 |
1802 $query = 'UPDATE '.table_prefix.'page_text SET page_text=\''.$db->escape($data).'\',char_tag=\''.$id.'\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'' . $db->escape($_POST['namespace']) . '\';'; |
1802 $query = 'UPDATE '.table_prefix.'page_text SET page_text=\''.$db->escape($data).'\',char_tag=\''.$id.'\' WHERE page_id=\'' . $db->escape($_POST['page_id']) . '\' AND namespace=\'' . $db->escape($_POST['namespace']) . '\';'; |
1803 $e = $db->sql_query($query); |
1803 $e = $db->sql_query($query); |
1804 if(!$e) echo '<div class="warning-box">The page data could not be saved. MySQL said: '.mysql_error().'<br /><br />Query:<br /><pre>'.$query.'</pre></div>'; |
1804 if(!$e) echo '<div class="warning-box">The page data could not be saved. MySQL said: '.mysql_error().'<br /><br />Query:<br /><pre>'.$query.'</pre></div>'; |
1807 echo '<h3>Preview</h3><p><b>Reminder:</b> This is only a preview; your changes to this page have not yet been saved.</p><div style="margin: 1em; padding: 10px; border: 1px dashed #606060; background-color: #F8F8F8; max-height: 200px; overflow: auto;">'.RenderMan::render($content).'</div>'; |
1807 echo '<h3>Preview</h3><p><b>Reminder:</b> This is only a preview; your changes to this page have not yet been saved.</p><div style="margin: 1em; padding: 10px; border: 1px dashed #606060; background-color: #F8F8F8; max-height: 200px; overflow: auto;">'.RenderMan::render($content).'</div>'; |
1808 } |
1808 } |
1809 ?> |
1809 ?> |
1810 <p> |
1810 <p> |
1811 <textarea name="content" rows="20" cols="60" style="width: 100%;"><?php echo htmlspecialchars($content); ?></textarea><br /> |
1811 <textarea name="content" rows="20" cols="60" style="width: 100%;"><?php echo htmlspecialchars($content); ?></textarea><br /> |
1812 Edit summary: <input name="summary" value="<?php if(isset($_POST['summary'])) echo $_POST['summary']; ?>" size="40" /><br /> |
1812 Edit summary: <input name="summary" value="<?php if(isset($_POST['summary'])) echo htmlspecialchars($_POST['summary']); ?>" size="40" /><br /> |
1813 <label><input type="checkbox" name="minor" <?php if(isset($_POST['minor'])) echo 'checked="checked" '; ?>/> This is a minor edit</label> |
1813 <label><input type="checkbox" name="minor" <?php if(isset($_POST['minor'])) echo 'checked="checked" '; ?>/> This is a minor edit</label> |
1814 </p> |
1814 </p> |
1815 <p> |
1815 <p> |
1816 <input type="hidden" name="page_id" value="<?php echo $_POST['page_id']; ?>" /> |
1816 <input type="hidden" name="page_id" value="<?php echo htmlspecialchars($_POST['page_id']); ?>" /> |
1817 <input type="hidden" name="namespace" value="<?php echo $_POST['namespace']; ?>" /> |
1817 <input type="hidden" name="namespace" value="<?php echo htmlspecialchars($_POST['namespace']); ?>" /> |
1818 <input type="submit" name="save" value="Save changes" style="font-weight: bold;" /> <input type="submit" name="preview" value="Show preview" /> <input type="submit" name="revert" value="Revert changes" onclick="return confirm('Do you really want to revert your changes?');" /> <input type="submit" name="cancel" value="Cancel" onclick="return confirm('Do you really want to cancel your changes?');" /> |
1818 <input type="submit" name="save" value="Save changes" style="font-weight: bold;" /> <input type="submit" name="preview" value="Show preview" /> <input type="submit" name="revert" value="Revert changes" onclick="return confirm('Do you really want to revert your changes?');" /> <input type="submit" name="cancel" value="Cancel" onclick="return confirm('Do you really want to cancel your changes?');" /> |
1819 </p> |
1819 </p> |
1820 <?php |
1820 <?php |
1821 echo '</form>'; |
1821 echo '</form>'; |
1822 } else { |
1822 } else { |