<h2>Изменение новости</h2><br>
<a href="/index.php?module=news">Назад</a><br>
<form action="" method="post"><br><br>
<input type="text" name="titleedit" placeholder="Заголовок" value="<?php echo htmlspecialchars($row['title']); ?>"> <?php echo @$error['title']; ?><br><br>
<textarea name="textedit" placeholder="Текст"><?php echo htmlspecialchars($row['text']); ?></textarea><br><br>
<input type="text" name="catedit" placeholder="Категория" value="<?php echo htmlspecialchars($row['cat']); ?>"> <br><br>
<textarea name="descriptionedit" placeholder="Краткое описание"><?php echo htmlspecialchars($row['description']); ?></textarea> <br><br>
<input type="submit" name="editedit" value="Изменить">
</form>
И
<?php
if(isset($_POST['editedit'])) {
mysqli_query($link,"
INSERT INTO `news` SET
`title` = '".mysqli_real_escape_string($link,trim($_POST['titleedit']))."',
`cat` = '".mysqli_real_escape_string($link,trim($_POST['catedit']))."',
`description` = '".mysqli_real_escape_string($link,trim($_POST['descriptionedit']))."',
`text` = '".mysqli_real_escape_string($link,trim($_POST['textedit']))."',
WHERE `id` = ".(int)$_GET['id']."
") or die('Ошибка');
$_SESSION['good'] = 'Новость была успешно изменена';
header("Location: /index.php?module=news");
exit();
}
$news1 = mysqli_query($link, "
SELECT *
FROM `news`
WHERE `id` = ".(int)$_GET['id']."
LIMIT 1
") or exit(mysqli_error());
if(!mysqli_num_rows($news1)) {
$_SESSION['good'] = 'Данной новости не существует';
header("Location: /index.php?module=news");
exit();
}
$row = mysqli_fetch_assoc($news1);
if(isset($_POST['titleedit'])) {
$row['title'] = $_POST['titleedit'];
}
?>