Code: Select all
<?php
$e = <<<here
<script src="./jscripts/scriptaculous/prototype.js" type="text/javascript"></script>
<script src="./jscripts/scriptaculous/scriptaculous.js" type="text/javascript"></script>
<script type="text/javascript" src="./jscripts/ajax.js"></script>
here;
switch ($_REQUEST['option']) {
case 2:
echo $e;
require_once('../backstagefunctions.php');
require_once('../backstageconfig.php');
$id = $_GET['id'];
$query = mysql_query("SELECT * FROM `efed_bio_quotes` WHERE `id` = '" . $id . "'");
$row = mysql_fetch_array($query);
?>
<h1 class=backstage>Quote Management</h1><br />
<h2 class=backstage>Edit Quote</h2><br />
<form name="editquote" method="post">
<input type="hidden" name="action" value="quote" />
<table width="100%" class="table2">
<tr>
<td class=rowheading width=120>Quote:</td><td class=row3><input type="text" name="quote" class="fieldtext490" value="<?php $row['quote'];?>"></td>
</tr>
</table><br />
<input type="hidden" name="oldquote" value="'.$row['quote'].'">
<input type="hidden" name="defaultcharacterid" value="<?php echo $defaultcharacterid; ?>">
<input type=submit value="Edit Quote" class=button></form><br />
<form method=POST><input type=hidden name=action value=quotes><input type=submit value="Return to Quotes List" class=button200></form><br />
</form>
<?php
returnmain();
break;
}
function quotes($fedid,$uname,$pword,$userid,$isadmin,$admincssfile,$dbname,$defaultcharacterid,$defaultcharactername) {
if ((!empty($_POST['editted']))) {
$quote = mysql_real_escape_string($_POST['quote']);
$oldquote = mysql_real_escape_string($_POST['oldquote']);
$query = "UPDATE efed_bio_quotes SET quote = '$quote' WHERE quote = '$oldquote'";
mysql_query($query);
}
}
?>