37 lines
934 B
PHP
37 lines
934 B
PHP
|
<?PHP
|
||
|
|
||
|
// do I need to do additional security checks to make sure the script is being called appropriately?
|
||
|
|
||
|
include("config.php");
|
||
|
|
||
|
if (!$_POST){ header('Location: '.$site_url); }
|
||
|
|
||
|
// error checking
|
||
|
if(!isset($_POST)) exit();
|
||
|
|
||
|
if (isset($_POST[delete])) {
|
||
|
// convert the array to a SQL friendly format
|
||
|
$deleteList = "(".implode(",", $_POST[delete]).")";
|
||
|
|
||
|
// build the SQL query to delete the edits that are bad
|
||
|
$sql = "DELETE FROM gforum_RetailersComment WHERE comment_id IN $deleteList";
|
||
|
|
||
|
mysql_query($sql) or die(mysql_error());
|
||
|
}
|
||
|
|
||
|
if (isset($_POST[validate])) {
|
||
|
// convert the array to a SQL friendly format
|
||
|
$comment_idlist = "(".implode(",", $_POST[validate]).")";
|
||
|
|
||
|
// build the SQL query
|
||
|
$sql = "UPDATE gforum_RetailersComment
|
||
|
SET comment_valid = 1
|
||
|
WHERE comment_id IN $comment_idlist;";
|
||
|
|
||
|
mysql_query($sql) or die(mysql_error());
|
||
|
}
|
||
|
|
||
|
|
||
|
header('Location: '.$site_url.'/comments_validate.php');
|
||
|
|
||
|
?>
|