get_ip(); /* |------------------------------------------------------------- | Image Groups |------------------------------------------------------------- | The Long-awaited feature |------------------------------------------------------------- */ if (isset($_POST['group_submit'])) { $sql = "SELECT author FROM groups WHERE id= ?"; if ($stmt = mysqli_prepare($conn, $sql)) { // Bind variables to the prepared statement as parameters mysqli_stmt_bind_param($stmt, "i", $param_user_id); $param_user_id = $_POST['group_id']; $stmt->execute(); $query = $stmt->get_result(); if ($_SESSION['id'] == $query || $user_info->is_admin($conn, $_SESSION['id'])) { $sql = "UPDATE groups SET image_list = ? WHERE id = ?"; // Checking if databse is doing ok if ($stmt = mysqli_prepare($conn, $sql)) { mysqli_stmt_bind_param($stmt, "si", $param_images, $param_id); // Setting parameters $param_images = implode(" ", $_POST['group_images']); $param_id = $_POST['group_id']; // Attempt to execute the prepared statement if (mysqli_stmt_execute($stmt)) { ?> execute(); $query = $stmt->get_result(); if ($_SESSION['id'] == $query || $user_info->is_admin($conn, $_SESSION['id'])) { // getting ready forSQL asky asky $sql = "UPDATE groups SET group_name = ? WHERE id = ?"; // Checking if databse is doing ok if ($stmt = mysqli_prepare($conn, $sql)) { mysqli_stmt_bind_param($stmt, "si", $param_title, $param_id); // Setting parameters $param_title = $_POST['group_title']; $param_id = $_POST['group_id']; // Attempt to execute the prepared statement if (mysqli_stmt_execute($stmt)) { ?>