get_ip(); /* |------------------------------------------------------------- | Image Groups |------------------------------------------------------------- | The Long-awaited feature |------------------------------------------------------------- */ if (isset($_POST['group_submit'])) { $query = $group_info->get_group_info($conn, $_POST['group_id']); if ($_SESSION['id'] == $query['author'] || $user_info->is_admin($conn, $_SESSION['id'])) { $sql = "UPDATE groups SET image_list = ? WHERE id = ?"; // Checking if databse is doing ok if ($stmt = mysqli_prepare($conn, $sql)) { mysqli_stmt_bind_param($stmt, "si", $param_images, $param_id); // Setting parameters $param_images = implode(" ", $_POST['group_images']); $param_id = $_POST['group_id']; // Attempt to execute the prepared statement if (mysqli_stmt_execute($stmt)) { ?> get_group_info($conn, $_POST['group_id']); if ($_SESSION['id'] == $query['author'] || $user_info->is_admin($conn, $_SESSION['id'])) { // getting ready forSQL asky asky $sql = "UPDATE groups SET group_name = ? WHERE id = ?"; // Checking if databse is doing ok if ($stmt = mysqli_prepare($conn, $sql)) { mysqli_stmt_bind_param($stmt, "si", $param_title, $param_id); // Setting parameters $param_title = $_POST['group_title']; $param_id = $_POST['group_id']; // Attempt to execute the prepared statement if (mysqli_stmt_execute($stmt)) { ?> is_loggedin()) { $group_name = "New Group"; $sql = "INSERT INTO groups (group_name, author, image_list) VALUES('$group_name', '".$_SESSION['id']."', '')"; mysqli_query($conn, $sql); $group_id = mysqli_insert_id($conn); ?> get_group_info($conn, $_POST['group_id']); if ($_SESSION['id'] == $query['author'] || $user_info->is_admin($conn, $_SESSION['id'])) { $sql = "DELETE FROM groups WHERE id = ?"; if ($stmt = mysqli_prepare($conn, $sql)) { // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "i", $_POST['group_id']); if ($stmt->execute()) { ?>