Access Denied\n"; echo"You do not have access to the Editor Reviews Manager"; include"$page_footer"; echo"\n"; exit; } ?> "Extensions","T"=>"Themes"); if (!$_GET["type"]) {$_GET["type"]="E";} ?>

Manage Reviews for :

Show: $typename) { $i++; echo"$typename"; if ($i !== $count) {echo" / "; } } unset($i); ?> \n"; echo"\n"; echo"\n"; echo"\n"; echo"\n"; echo"\n"; } ?>
Name Review... Review Posted
$i.$name$description$dateadded
Adding review for $name, please wait..."; if ($_POST["title"] && $_POST["body"] && $_POST["id"] && $_POST["method"]=="add") { //Everything We *must* have is present... Begin.... if (checkFormKey()) { $sql = "INSERT INTO `reviews` (`ID`,`DateAdded`,`AuthorID`,`Title`,`Body`,`ExtendedBody`,`pick`,`featured`,`featuredate`) VALUES ('".escape_string($_POST[id])."', NOW(NULL), '".escape_string($_SESSION[uid])."','".escape_string($_POST[title])."','".escape_string($_POST[body])."','".escape_string($_POST[extendedbody])."','".escape_string($_POST[pick])."','".escape_string($_POST[featured])."','".escape_string($_POST[featuredate])."');"; $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE); if ($sql_result) { echo"Your review of $name has been submitted successfully...
\n"; } } } } else if ($_POST["submit"]=="Update Review") { $name = escape_string($_POST["name"]); echo"

Updating review for $name, please wait...

"; if ($_POST["title"] && $_POST["body"] && $_POST["rid"] && $_POST["method"]=="edit") { //Everything We *must* have is present... Begin.... if (checkFormKey()) { $sql = "UPDATE `reviews` SET `Title`= '".escape_string($_POST[title])."', `Body`='".escape_string($_POST[body])."', `ExtendedBody`='".escape_string($_POST[extendedbody])."', `pick`='".escape_string($_POST[pick])."', `featured`='".escape_string($_POST[featured])."', `featuredate`='".escape_string($_POST[featuredate])."' WHERE `rID`='".escape_string($_POST[rid])."' LIMIT 1"; $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE); if ($sql_result) { echo"Your update to the review for $name has been submitted successfully...
\n"; } } } } else if ($_POST["submit"]=="Delete") { $name = escape_string($_POST["name"]); $rid = escape_string($_POST["rid"]); echo"

Deleting $name, please wait...

\n"; if (checkFormKey()) { $sql = "DELETE FROM `reviews` WHERE `rID`='$rid' LIMIT 1"; $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE); if ($sql_result) { echo"The review for $name has been deleted...
\n"; echo"«« Back to Main Page...
\n"; include"$page_footer"; echo"\n\n"; exit; } } } //Get Parent Item Information $id = escape_string($_GET["id"]); if (!$id) {$id = escape_string($_POST["id"]); } $sql = "SELECT TM.ID, TM.Type, TM.Name FROM `main` TM WHERE TM.ID = '$id' LIMIT 1"; $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE); $row = mysql_fetch_array($sql_result); $id = $row["ID"]; $type = $row["Type"]; $name = $row["Name"]; $sql = "SELECT `rID`,TU.UserName as AuthorName, `DateAdded`, `Title`, `Body`, `ExtendedBody`, `pick`, `featured`, `featuredate` FROM `reviews` INNER JOIN `userprofiles` TU ON reviews.AuthorID=TU.UserID WHERE `ID` = '$id' LIMIT 1"; $sql_result = mysql_query($sql, $connection) or trigger_error("MySQL Error ".mysql_errno().": ".mysql_error()."", E_USER_NOTICE); $sql_num = mysql_num_rows($sql_result); if ($sql_num=="0") { $method="Add"; $action="Add"; } else { $method="Edit"; $action="Update"; } $row = mysql_fetch_array($sql_result); $rid = $row["rID"]; $authorname = $row["AuthorName"]; $dateadded = date("F d, Y", strtotime($row["DateAdded"])); $title = $row["Title"]; $body = $row["Body"]; $extendedbody = $row["ExtendedBody"]; $pick = $row["pick"]; $featured = $row["featured"]; $featuredate = $row["featuredate"]; if (!$featuredate) {$featuredate = date("Ym"); } if (!$authorname) { $authorname = $_SESSION["name"]; } ?>

\n"; ?> "> "> "> ">
Title* " SIZE=50 MAXLENGTH=100>
Body*
Extended Body
\n"; if ($pick=="YES") { echo"Yes No"; } else if ($pick=="NO") { echo"Yes No"; } else { echo"Yes No"; } ?>
\n"; if ($featured=="YES") { echo"Yes No"; } else if ($featured=="NO") { echo"Yes No"; } else { echo"Yes No"; } ?>    Feature Month: ">
Review">    ?');">
   ">«« Back to Reviews Manager