Please Login First"); }else{ $sql .= " AND author_id=?"; } pdo_query($sql, $stat,$rid,$_SESSION[$OJ_NAME.'_'.'user_id']); }else{ // echo "$sql"; pdo_query($sql, $stat,$rid); } header('Location: thread.php?tid='.$tid."&cid=$cid"); exit(); } if($_REQUEST['target']=='thread'){ $tid = intval($_REQUEST['tid']); $toplevel = -1; $stat = -1; if($_REQUEST['action']=='sticky'){ if(isset($_REQUEST['level'])&&is_numeric($_REQUEST['level']) &&$_REQUEST['level']>=0 &&$_REQUEST['level']<4) $toplevel = intval($_REQUEST['level']); else err_msg("Invalid sticky level."); } if($_REQUEST['action']=='resume') $stat = 0; if($_REQUEST['action']=='lock') $stat = 1; if($_REQUEST['action']=='delete') $stat = 2; if(!isset($_SESSION[$OJ_NAME.'_'.'administrator']) && !isset($_SESSION[$OJ_NAME.'_'.'user_id'])) errmsg("Please Login First"); if($toplevel==-1 && $stat==-1) errmsg("Wrong action."); $tid = intval($tid); if($stat==-1) $sql = "UPDATE topic SET top_level = $toplevel WHERE `tid` = '$tid'"; else $sql = "UPDATE topic SET status = $stat WHERE `tid` = '$tid'"; pdo_query($sql); if($stat!=2){ header('Location: thread.php?tid='.$tid."&cid=$cid"); }else{ pdo_query("update reply set status=2 where topic_id=?",$tid); header('Location: discuss.php'."?cid=$cid"); } } ?>