Файл: news/edit.php
Строк: 60
<?
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
$set['title']='Изменение новости';
include_once '../sys/inc/thead.php';
title();
aut(); // форма авторизации
user_access('adm_news',null,'index.php?'.SID);
if (!isset($user) && !isset($_GET['id'])){header("Location: index.php?".SID);exit;}
if (isset($_GET['id']))$idi=intval($_GET['id']);
$id=mysql_fetch_array(mysql_query("SELECT * FROM `news` WHERE `id` = '$idi' LIMIT 1"));
if (isset($_GET['set']) && isset($_POST['ok']))
{
mysql_query("UPDATE `news` SET `title` = '".my_esc($_POST['title'])."' WHERE `id` = '$id[id]' LIMIT 1");
mysql_query("UPDATE `news` SET `msg` = '".my_esc($_POST['msg'])."' WHERE `id` = '$id[id]' LIMIT 1");
header("Location: news.php?id=$id[id]");
}
echo "<form method='post' action='?id=$id[id]&set'><div>n";
echo "Название: <br /><input type='text' name='title' value='$id[title]' maxlength='32' /><br />";
echo "Текст новости: <br /><textarea name='msg' cols='30' rows='5'>$id[msg]</textarea><br />";
echo "<input class='doctor' type='submit' name='ok' value='Изменить' />n";
echo "<br /><<<a href='news.php?id=$id[id]'>Назад</a>";
echo "</form>n";
include_once '../sys/inc/tfoot.php';
?>