-
Notifications
You must be signed in to change notification settings - Fork 5
/
editvideo.php
119 lines (118 loc) · 5.13 KB
/
editvideo.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<!DOCTYPE html>
<html lang="en">
<head>
<?php require_once './assets/mod/meta.php';?>
</head>
<style>
.content .span9, .content .span5 {
min-height: 500px;
}
</style>
<body>
<?php require_once './assets/mod/db.php';?>
<?php require_once("./assets/mod/header.php"); ?>
<div class="container">
<div class="content">
<div class="page-header">
<?php require_once './assets/mod/msg.php'; ?>
<?php require_once './assets/mod/alert.php'?>
<h1>Edit your video <small><div id="clockbox"></div></small></h1>
<?php require_once './assets/mod/todaysdate.php'; ?>
</div>
<?php
$statement = $mysqli->prepare("SELECT * FROM `videos` WHERE `vid` = ? LIMIT 1");
$statement->bind_param("s", $_GET['v']);
$statement->execute();
$result = $statement->get_result();
while($row = $result->fetch_assoc()) {
$idk = strtotime($row['date']);
$upload = date("F d, Y", $idk);
$title = htmlspecialchars($row['videotitle']);
$desc = htmlspecialchars($row['description']);
if ($_SESSION['profileuser3'] !== $row['author']) {
echo('<script>window.location.href = "/?err=This is not your video!";</script>');
}
}
?>
<!-- <br>
<br>
<br>
<br> -->
<?php
if(!isset($_SESSION['profileuser3'])) {
echo('<script>
window.location.href = "/login";
</script>');
}
?>
<div class="row">
<div class="span9">
<form class="form-stacked" action="" method="post" enctype="multipart/form-data">
<br>
<div class="input-group">
<label for="videotitle">Title </label>
<input value="<?php echo $title;?>" class="yt-search-input" type="text" id="videotitle" placeholder="Title" name="videotitle">
</div>
<br>
<div class="input-group">
<label for="bio">Description </label>
<textarea class="yt-search-input" style="background-color: var(--inputlol);" name="bio" placeholder="Enter a description for your video here" rows="4" cols="50" required="required"><?php echo $desc;?></textarea>
</div>
<label for="comments">Comments </label>
<select class="form-select" name="comments" id="comments">
<option selected value="1">Select a option</option>
<option value="1" selected>Enabled</option>
<option value="0">Disabled</option>
</select>
<div class="input-group">
<br>
<div></div>
<div><input type="submit" class="yt-button primary" value="Save" name="submit"></div>
</div>
</form>
<?php
if (isset($_POST["submit"])){
if(!empty($_POST['bio'])){
$statement = $mysqli->prepare("UPDATE `videos` SET `description` = ? WHERE `vid` = '" . $_GET["v"] . "'");
$statement->bind_param("s", $description);
$description = str_replace(PHP_EOL, "<br>", htmlspecialchars($_POST['bio']));
$statement->execute();
$webhookurl = $webhook;
$ndesc = htmlspecialchars($_POST['bio']);
$statement->close();
}
if(!empty($_POST['videotitle'])){
$statement = $mysqli->prepare("UPDATE `videos` SET `videotitle` = ? WHERE `vid` = '" . $_GET["v"] . "'");
$statement->bind_param("s", $_POST['videotitle']);
$videotitle = htmlspecialchars($_POST['videotitle']);
$trimmed = substr($videotitle, 0, 27);
$statement->execute();
$webhookurl = $webhook;
$ntitle = htmlspecialchars($_POST['videotitle']);
$statement->close();
}
if(!empty($_POST['comments'])){
$statement = $mysqli->prepare("UPDATE `videos` SET `comments_enabled` = ? WHERE `vid` = '" . $_GET["v"] . "'");
$statement->bind_param("i", $_POST['comments']);
$statement->execute();
}
echo('<script>
window.location.href = "watch?v='.$_GET['v'].'";
</script>');
}
?>
</div>
<div class="span5">
<h2>Editing "<?php echo $title;?>"</h2>
<p>Published <?php echo $upload; ?></p>
<p><em><?php echo $desc; ?></em></p>
<!-- <div class="banner">UPLOAD IS UNDER MAINTENANCE PLEASE WAIT</div> -->
</div>
</div>
</div>
</div>
<hr>
<?php require_once("./assets/mod/footer.php") ?>
</body>
</html>
<?php $mysqli->close();?>