Incoanhyto/mod.php

<?php
session_start();




function createLog($text) 
	{
		include 'config.php';
		if($Logging=='true')
		{
		

		
		$sql = "INSERT INTO Log (User, IP, Input, Date) VALUES (?, ?, ?, ?)";
				$stmt = $conn->prepare($sql); 
				$User=$_SESSION['ID'];
				$TimeIn=time();
				$stmt->bind_param("issi", $User, $_SERVER['REMOTE_ADDR'] , $text, $TimeIn);
				$stmt->execute();
		
		
				
		 }
	}

if($_SESSION['Level']=='-1' || $_GET["ID"]=="" && ($_GET["Mod"]!="4" && $_GET["Mod"]!="5" && $_GET["Mod"]!="7" && $_GET["Mod"]!="8" && $_GET["Mod"]!="9" && $_GET["Mod"]!="10" && $_GET["Mod"]!="11"  && $_GET["Mod"]!="12")) 
  {
	  echo "No ID for modification specified";
  }
  else 
  {
	  if(!isset($_POST['Creator']))
	  {
		  if (isset($_SESSION['Lock']))
		  {
			  unset($_SESSION['Lock']); 
		  }
		  if(($_GET["Mod"])=="12")
		  {
			  echo $Help;
		  }
		  if(($_GET["Mod"])=="11")
		  {
			  echo $Rules;
		  }
		  if(($_GET["Mod"])=="10")
		  {
				echo '<br><hr><br><b>Image List:</b><br>';
				$sql = "SELECT Link, License, Alt, ID FROM Images WHERE Unlocked=1";
				$stmt = $conn->prepare($sql); 
				$stmt->execute();
				$result = $stmt->get_result();
				if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{	
									echo $row["ID"].': <img src="' . $row["Link"] .  '" alt="'. htmlentities($row["Alt"]) .'" style="width:125;height:100px;"></label><br>Description:<br> '.htmlentities($row["Alt"]).'<br>License:<br>'.htmlentities($row["License"]).'<br><hr>';
								}
						  }
		  }
		  if($_GET["Mod"]=="9" && $_SESSION['Level']>=$UserSettingPermissionLevel)
		  {
			  			$sql = "SELECT Name, Level, ID FROM Users ORDER BY ID DESC";
						$stmt = $conn->prepare($sql); 
						$stmt->execute();
						$result = $stmt->get_result();
						echo '<b>Users:</b><br>';
						echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'" method="post" title="Set User Permission" enctype="multipart/form-data">';
						echo '<fieldset><legend>Select User to Edit</legend>';
						$i=0;
						if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{	
									echo '<input type="radio" name="UserSet" id="UserSet'.$i.'" value="'.$row["ID"].'">
									 <label for="UserSet'.$i.'">' . $row["ID"] . ': <a href=index.php?User='. $row["ID"] . '>'. htmlentities($row["Name"]) . '</a></label><br> User Level (-1 to ban): <input type="text" title="New User Level" name="Alt'.$row["ID"].'" value="'.htmlentities($row["Level"]).'" size="10"><hr>';		
									$i=$i+1;
								}
						  }  
						echo '</fieldset> <input type="submit" value="Send" title="Send" name="Creator">';
						echo '</form>'; 
		  }
		  if($_GET["Mod"]=="8" && ($_SESSION['Level']>=$LogPermissionLevel))
		  {
						$sql = "SELECT User, IP, Input, ID FROM Log ORDER BY ID DESC";
						$stmt = $conn->prepare($sql); 
						$stmt->execute();
						$result = $stmt->get_result();
						echo '<b>Log</b><br>';
						if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{	
									echo $row["ID"] . ' by <a href=index.php?User='. htmlentities($row["User"]) . '>User</a> with IP ' . $row["IP"] . ' edit: ' . htmlentities($row["Input"]) . '<hr>';		
								}
						  }  
		  }
		  if(($_GET["Mod"])=="7" && ($_SESSION['Level']>=$ImageEditPermissionLevel))
		  {
				echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'" method="post" title="Edit Images" enctype="multipart/form-data">';
				  		$sql = "SELECT Link, License, Alt, ID FROM Images WHERE Unlocked=0";
						$stmt = $conn->prepare($sql); 
						$stmt->execute();
						$result = $stmt->get_result();
						echo '<b>Awaiting approval</b><br><fieldset><legend>Select Image to Edit</legend>';
						$i=0;
						if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{	
									echo '<input type="radio" name="ImageSet" id="ImageSet'.$i.'" value="'.$row["ID"].'">
									 <label for="ImageSet'.$i.'">'.$row["ID"].'<img src="' . $row["Link"] .  '" alt="'. htmlentities($row["Alt"]) .'" style="width:125;height:100px;"></label><br>Description:<br> <input type="text" title="Alt Text" name="Alt'.$row["ID"].'" value="'.htmlentities($row["Alt"]).'" size="100"><br>Unlocked (-1 to delete):<br> <input type="text" title="Unlocked" name="Unlocked'.$row["ID"].'" value="0" size="100"><br>License:<br> <input type="text" title="Image License" name="License'.$row["ID"].'" value="'.htmlentities($row["License"]).'" size="100"><br>';
									 $i=$i+1;
								}
						  }
				echo '</fieldset><input type="submit" value="Send" title="Send" name="Creator">';
				echo '<br><hr><br><b>Edit approved images:</b><br>';
				$sql = "SELECT Link, License, Alt, ID FROM Images WHERE Unlocked=1";
				$stmt = $conn->prepare($sql); 
				$stmt->execute();
				$result = $stmt->get_result();
				echo '<fieldset><legend>Select Image to Edit</legend>';
				if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{	
									echo '<input type="radio" name="ImageSet" id="ImageSet'.$i.'" value="'.$row["ID"].'">
									 <label for="ImageSet'.$i.'">'.$row["ID"].'<img src="' . $row["Link"] .  '" alt="'. htmlentities($row["Alt"]) .'" style="width:125;height:100px;"></label><br>Description:<br> <input type="text" title="Image Alt Text" name="Alt'.$row["ID"].'" value="'.htmlentities($row["Alt"]).'" size="100"><br>Unlocked (-1 to delete):<br> <input type="text" title="Unlocked" name="Unlocked'.$row["ID"].'" value="1" size="100"><br>License:<br> <input type="text" title="License" name="License'.$row["ID"].'" value="'.htmlentities($row["License"]).'" size="100"><br>';
									$i=$i+1;
								}
						  }
				echo '</fieldset> <input type="submit" value="Send" name="Creator">';
				echo '</form>'; 
		  }
		  if(($_GET["Mod"])=="6")
		  {
			  $sql = "SELECT Title, Opener, Description, Owner FROM Stories WHERE ID=?";
			  $stmt = $conn->prepare($sql); 
			  $stmt->bind_param("i", $_GET["ID"]);
			  $stmt->execute();
			  $result = $stmt->get_result();  
			  if ($result->num_rows > 0) 
			 {
			 while($row = $result->fetch_assoc()) 
				{
					echo "Test: ". $row["Description"] . "<br>";
				echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'&ID='.htmlentities($_GET["ID"]).'" method="post" title="Edit Story" enctype="multipart/form-data">
				  <input type="text" title="Title" name="Title" value="'.htmlentities($row["Title"]).'" size="195"><br>
				  <input type="text" title="First Page ID" name="Opener" value="'.htmlentities($row["Opener"]).'" size="195"><br>
				  <input type="text" title="Short Description" name="desc" value="'.htmlentities($row["Description"]).'" size="195" maxlength="300"> (max size 300)<br>
				 
			
				  <input type="submit" value="Send" name="Creator">
				</form>'; 
				}
			}
		  }
		  if(($_GET["Mod"])=="5" && $_SESSION['Level']>=$CreateStoryPermissionLevel)
		  {
				echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'" method="post" title="Create Story" enctype="multipart/form-data">
				  <input type="text" title="Title" name="Title" value="Title" size="195"><br>
				  <input type="text" title="First Page ID" name="Opener" value="First Page ID" size="195"><br>
				  <input type="text" title="Short Description" name="desc" value="A short description" size="195" maxlength="300"> (max size 300)<br>
				 
			
				  <input type="submit" value="Send" name="Creator">
				</form>'; 
		  }
		  if(($_GET["Mod"])=="4"  && $_SESSION['Level']>=$CreatePagePermissionLevel)
		  {
				echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'" method="post" title="Create Page" enctype="multipart/form-data">
				  <input type="text" title="Page Title" name="Title" value="Title" size="195"><br>
				  <input type="text" title="Page Description" name="Description" value="Link Description" size="195"><br>
				  <textarea id="TextInput" title="Page Text" name="WallOfText" rows="40" cols="200">Text</textarea><br>
				  <input type="checkbox" name="OpenStory" id="OpenStory" value="1">
					<label for="OpenStory"> Allow everyone to edit.</label><br>
				  <input type="checkbox" name="OpenALinks" id="OpenALinks" value="1">
					<label for="OpenALinks"> Allow everyone to add links.</label><br>
				  	<input type="checkbox" name="OpenRLinks" id="OpenRLinks" value="1">
					<label for="OpenRLinks"> Allow everyone to remove links.</label><br>
					<input type="checkbox" name="OpenImage" id="OpenImage"  value="1">
					<label for="OpenImage"> Allow everyone to set the image.</label><br>
				By saving you agree to release the text and changes made by a <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en">CC BY SA 4.0 License</a>. Do not submit things you did not create by yourself, or that are certainly public domain!<br>
				  <input type="submit" value="Send" title="Send" name="Creator">
				</form>'; 
		  }
		  if(($_GET["Mod"])=="3")
		  {
			$sql = "SELECT Options, Owner, OpenAddLinks, OpenRemoveLinks FROM stor WHERE RefID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$result = $stmt->get_result();  
			while($row = $result->fetch_assoc()) 
			{
			echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'&ID='.htmlentities($_GET["ID"]).'" method="post" title="Edit Links" enctype="multipart/form-data">';
			if($row["OpenAddLinks"]=='1' || $row["Owner"]==$_SESSION['ID'] || $_SESSION['Level']>=$ModPermissionLevel)
			{
			echo '<br>Add Option ID ( 0 only deletes options): <br> <input type="text" name="Add" title="IDs of Pages to add" value="0" size="50"><br><br>';
			}
			if ($result->num_rows > 0 && ($row["OpenRemoveLinks"]=='1' || $row["Owner"]==$_SESSION['ID'] || $_SESSION['Level']>=$ModPermissionLevel)) 
			 {
			echo 'Delete Option ( unselected only adds options ):<br>'; 

			
			$Options=$row["Options"];  
			if($Options!="")
			{
			$choices= explode(" ", $Options);
			$arrLength = count($choices);
			for($i = 0; $i < $arrLength; $i++) 
				{
					$l=$i+1;
					$sql2 = "SELECT Description FROM stor WHERE RefID=?";
					$stmt = $conn->prepare($sql2); 
					$stmt->bind_param("i", $choices[$i]);
					$stmt->execute();
					$result2 = $stmt->get_result();
					 while($row2 = $result2->fetch_assoc()) 
					{
					 echo '<input type="radio" name="DeleteOption" id="DeleteOption" value="'.$l.'">
						<label for="DeleteOption">'.$l. ':'. htmlentities($row2["Description"]) .'</label><br>';
					}
					

				}
			}
			}
			}
			 	echo' <input type="submit" value="Send" title="Send" name="Creator">
				</form>';  
		  }
		   if(($_GET["Mod"])=="2")
		  {
				echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'&ID='.htmlentities($_GET["ID"]).'" method="post" title="Set Page Image" enctype="multipart/form-data">		 
				 <fieldset><legend>Select Image</legend>
				  <input type="radio" name="ImageSet" id="ImageSet" value="0">
				  <label for="ImageSet"> No Image.</label><br>';
				  		$sql = "SELECT Link, Unlocked, Alt, ID FROM Images";
						$stmt = $conn->prepare($sql); 
						$stmt->execute();
						$result = $stmt->get_result();
						$i=0;
						
						if ($result->num_rows > 0) 
						  {
								while($row = $result->fetch_assoc()) 
								{
									if($row["Unlocked"]=='1')
									{
									echo '<input type="radio" name="ImageSet" id="ImageSet'.$i.'" value="'.$row["ID"].'">
									 <label for="ImageSet'.$i.'">'.$row["ID"].'<img src="' . $row["Link"] .  '" alt="'. htmlentities($row["Alt"]) .'" style="width:125;height:100px;"></label><br>';
									 $i=$i+1;
									}
								}
						  }
				echo' </fieldset><input type="submit" value="Send" title="Send" name="Creator">
				</form>'; 
		  }
		   if(($_GET["Mod"])=="1")
		  {
			$sql = "SELECT Name, Text, Description, Open, OpenAddLinks, OpenRemoveLinks, OpenImage FROM stor WHERE RefID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$result = $stmt->get_result();  
				if ($result->num_rows > 0) 
				  {
				  // output data of each row
				  while($row = $result->fetch_assoc()) 
					 {
						 
						 echo '<form action="index.php?Mod='.htmlentities($_GET["Mod"]).'&ID='.htmlentities($_GET["ID"]).'" title="New Page" method="post" enctype="multipart/form-data">
						  <input type="text" title="Page Title" name="Title" value="'.htmlentities($row["Name"]).'" size="195"><br>
						  <input type="text" title="Page Description" name="Description" value="'.htmlentities($row["Description"]).'" size="195"><br>
						  <textarea id="TextInput" title="Page Text" name="WallOfText" rows="40" cols="200">'.htmlentities($row["Text"]).'</textarea><br>';
						  
						 if($row["Open"]==0)
						 {
						 echo '<input type="checkbox" name="OpenStory" id="OpenStory" value="true">';
						 }
						 else
						 {
						 echo '<input type="checkbox" name="OpenStory" id="OpenStory" value="true" checked>';
						 }
						 echo '<label for="OpenStory"> Allow everyone to edit.</label><br>';
						 
						 if($row["OpenAddLinks"]==0)
						 {
						 echo '<input type="checkbox" name="OpenALinks" id="OpenALinks" value="true">';
						 }
						 else
						 {
						 echo '<input type="checkbox" name="OpenALinks" id="OpenALinks" value="true" checked>';
						 }
						 echo '<label for="OpenALinks"> Allow everyone to add links.</label><br>';
						 
						 if($row["OpenRemoveLinks"]==0)
						 {
						 echo '<input type="checkbox" name="OpenRLinks" id="OpenRLinks" value="true">';
						 }
						 else
						 {
						 echo '<input type="checkbox" name="OpenRLinks" id="OpenRLinks" value="true" checked>';
						 }
						 echo '<label for="OpenRLinks"> Allow everyone to remove links.</label><br>';
						 
						 if($row["OpenImage"]==0)
						 {
						 echo '<input type="checkbox" name="OpenImage" id="OpenImage" value="true">';
						 }
						 else
						 {
						 echo '<input type="checkbox" name="OpenImage" id="OpenImage" value="true" checked>';
						 }
						 echo '<label for="OpenImage"> Allow everyone to change the image.</label><br>';
						 
						 echo 'By saving you agree to release the text and changes made by a <a href="https://creativecommons.org/licenses/by-sa/4.0/deed.en">CC BY SA 4.0 License</a>. Do not submit things you did not create by yourself, or that are certainly public domain!<br><input type="submit" value="Send" title="Send" name="Creator">
						</form>'; 
						
					 }
				 }
				 else
				 {
					 echo "Invalid ID!";
				 }
		  }
	  }
	  else 
	  {
		if (!isset($_SESSION['Lock']))
		{
		  $_SESSION['Lock'] = 'true';
		  if($_GET["Mod"]=="9" && $_SESSION['Level']>=$UserSettingPermissionLevel)
		  {
			  $sql = 'UPDATE Users SET Level=? WHERE ID=?';
				$stmt = $conn->prepare($sql); 
				$Link=$_POST['UserSet'];
				$Alttext='Alt'.$_POST['UserSet'];
				$Alttext=intval($_POST[$Alttext]);
				
				$stmt->bind_param("ii", $Alttext, $Link);
				$stmt->execute();
		  }
		   if(($_GET["Mod"])=="7" && $_SESSION['Level']>=$ImageEditPermissionLevel)
		  {
				$sql = 'UPDATE Images SET Unlocked=?, License=?, Alt=? WHERE ID=?';
				$stmt = $conn->prepare($sql); 
				$Link=$_POST['ImageSet'];
				$Alttext='Alt'.$_POST['ImageSet'];
				$Alttext=$_POST[$Alttext];
				$Unlocktext='Unlocked'.$_POST['ImageSet'];
				$Unlocktext=intval($_POST[$Unlocktext]);
				$Licensetext='License'.$_POST['ImageSet'];
				$Licensetext=$_POST[$Licensetext];
				$SID=$_GET["ID"];
				
				$stmt->bind_param("issi", $Unlocktext, $Licensetext, $Alttext, $Link);
				$stmt->execute();
		  }
		  if(($_GET["Mod"])=="6" && is_numeric($_POST['Opener']))
		  {
			$sql = "SELECT Title, Opener, Description, Owner FROM Stories WHERE ID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$result = $stmt->get_result();  
			if ($result->num_rows > 0) 
			{
				  // output data of each row
			while($row = $result->fetch_assoc()) 
			{
					if($row["Owner"]==$_SESSION['ID'] ||  $_SESSION['Level']>=$ModPermissionLevel)
					{
					$Tit=$row["Title"];
					$Ope=$row["Opener"];
					$Des=$row["Description"];
					$sql = 'UPDATE Stories SET Title=?, Opener=?, Description=? WHERE ID=?';
					$stmt = $conn->prepare($sql); 
					
					$SID=$_GET["ID"];
					
					$Tit=$_POST['Title'];
					if(is_numeric($_POST['Opener']))
					{
						$Ope=$_POST['Opener'];
					}
					$Des=$_POST['desc'];
					
					$stmt->bind_param("sisi", $Tit, $Ope, $Des, $SID);
					$stmt->execute();
					$log="Storie editet. Title: " . $Tit . " Opener: " . $Ope . " Des: " . $Des . " ID: " . $SID;
					createLog($log, $Logging);
					}
					else
					 {
						echo "Access denied.";	 
					 }
			}
			}
			 
		  }
		  if(($_GET["Mod"])=="5")
		  {

			 if(is_numeric($_POST['Opener']) &&  $_SESSION['Level']>=$CreateStoryPermissionLevel)
			 {
				$sql = "INSERT INTO Stories (Title, Opener, Description, Owner) VALUES (?, ?, ?, ?)";
				$stmt = $conn->prepare($sql); 
				$Title=$_POST['Title'];
				$Opener=intval($_POST['Opener']);
				$Desc=$_POST['desc'];
				$Owner=$_SESSION['ID'];
				$stmt->bind_param("sisi", $Title, $Opener, $Desc, $Owner);
				$stmt->execute();
				
				$log="Story created. Title: " . $Title . " Opener: " . $Opener . " Des: " . $Desc . " Owner: " . $Owner;
				createLog($log, $Logging);
				$_GET["ID"]=$Opener;
				}
				else
				{
					echo "Invalid ID";
				}
			 
		  }
		  
		 if(($_GET["Mod"])=="4" &&  $_SESSION['Level']>=$CreatePagePermissionLevel)
		  {

				
				$sql = "INSERT INTO stor (Name, Text, Options, Description, Image, Owner, Open, OpenAddLinks, OpenRemoveLinks, OpenImage, RefID) VALUES (?, ?, '', ?, '0', ?, ?, ?, ?, ?, ?)";
				$stmt = $conn->prepare($sql); 
				$Title=$_POST['Title'];
				$Text=$_POST['WallOfText'];
				$Desc=$_POST['Description'];
				$SID=$_SESSION['ID'];
				$OS=$_POST['OpenStory'];
				$OS2=$_POST['OpenALinks'];
				$OS3=$_POST['OpenRLinks'];
				$OS4=$_POST['OpenImage'];
				$Ref=rand(100, 999);
				$Ref.=time()-1687989600;
				echo $Ref;
				if($OS=="")$OS="0";
				if($OS2=="")$OS2="0";
				if($OS3=="")$OS3="0";
				if($OS4=="")$OS4="0";
				$stmt->bind_param("sssiiiiii", $Title, $Text, $Desc, $SID, $OS, $OS2, $OS3, $OS4, $Ref);
				$stmt->execute();
				
				$log="Page created. Title: " . $Title . " Text: " . $Text . " Des: " . $Desc . " ID: " . $SID . " Open: " . $OS . $OS2 . $OS3 . $OS4 . "Ref: " . $Ref;
				createLog($log, $Logging);
				$_GET["ID"]=$Ref;
				 
				
		  }
	  if(($_GET["Mod"])=="3")
		  {			
			$sql = "SELECT Options, Owner, Open, OpenAddLinks, OpenRemoveLinks FROM stor WHERE RefID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$Own='0';
			$Op='0';
			$OpAL='0';
			$OpRL='0';
			$Opta='';
			$result = $stmt->get_result();  
				if ($result->num_rows > 0) 
				  {
				  // output data of each row
				  while($row = $result->fetch_assoc()) 
					 {
						 $Own=$row["Owner"];
						 $Op=$row["Open"];
						 $OpAL=$row["OpenAddLinks"];
						 $OpRL=$row["OpenRemoveLinks"];
						 $Options=$row["Options"];  
						if($Options!="" && ($OpRL=='1' || $Own==$_SESSION['ID'] ||  $_SESSION['Level']>=$ModPermissionLevel))
						{
						$choices= explode(" ", $Options);
						$arrLength = count($choices);
						for($i = 0; $i < $arrLength; $i++) 
							{
								if($i!=($_POST['DeleteOption']-1))
								{
								$Opta.=$choices[$i];
								if($i!=$arrLength-1)
									{
									$Opta.=' ';
									}
								}
							}
						}
						else if($OpRL=='0')
						{
							$Opta.=$Options;
						}
						$check=str_replace(' ', '', $_POST['Add']);
						if(is_numeric($check) && ($OpAL=='1' || $Own==$_SESSION['ID'] ||  $_SESSION['Level']>=$ModPermissionLevel))
						{
							if($_POST['Add']!='0')
							{
							if($Opta!='')
							{
							$Opta.=' ';
							}
							$Opta.=$_POST['Add'];
							}
						}	
					 }
				  }
				$sql = 'UPDATE stor SET Options=? WHERE RefID=?';
				$stmt = $conn->prepare($sql); 
				
				$SID=$_GET["ID"];
				
				
				
				$stmt->bind_param("si", $Opta, $SID);
				$stmt->execute();
				
				$log="Links edited. Set Options to " . $Opta . " for Page " . $_GET["ID"];
				createLog($log, $Logging);
		  }
		   if(($_GET["Mod"])=="2")
		  {			
			$sql = "SELECT Owner, OpenImage FROM stor WHERE RefID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$Own='0';
			$Op='0';
			$result = $stmt->get_result();  
				if ($result->num_rows > 0) 
				  {
				  // output data of each row
				  while($row = $result->fetch_assoc()) 
					 {
						 $Own=$row["Owner"];
						 $Op=$row["OpenImage"];
					 }
				  }
				if($Own==$_SESSION['ID'] || $Op=='1' ||  $_SESSION['Level']>=$ModPermissionLevel)
				{
				$sql = 'UPDATE stor SET Image=? WHERE RefID=?';
				$stmt = $conn->prepare($sql); 
				$Link=$_POST['ImageSet'];
				$SID=$_GET["ID"];
				
				$stmt->bind_param("si", $Link, $SID);
				$stmt->execute();
				
				$log="Image edited. Set Image to " . $Link . " for Page " . $_GET["ID"];
				createLog($log, $Logging);
				
				}
				else
				 {
					echo "Access denied.";	 
				 }
				
				
		  }
		  if(($_GET["Mod"])=="1")
		  {
			 $sql = "SELECT Owner, Open FROM stor WHERE RefID=?";
			$stmt = $conn->prepare($sql); 
			$stmt->bind_param("i", $_GET["ID"]);
			$stmt->execute();
			$Own='0';
			$Op='0';
			$result = $stmt->get_result();  
				if ($result->num_rows > 0) 
				  {
				  // output data of each row
				  while($row = $result->fetch_assoc()) 
					 {
						 $Own=$row["Owner"];
						 $Op=$row["Open"];
					 }
				  }
				if($Own==$_SESSION['ID'] ||  $_SESSION['Level']>=$ModPermissionLevel)
				{
				$sql = 'UPDATE stor SET Name=?, Text=?, Description=?, Open=?, OpenAddLinks=?, OpenRemoveLinks=?, OpenImage=? WHERE RefID=?';
				$stmt = $conn->prepare($sql); 
				$Title=$_POST['Title'];
				$Text=$_POST['WallOfText'];
				$Desc=$_POST['Description'];
				$SID=$_GET["ID"];
				$makeOpen=0;
				$makeALOpen="0";
				$makeRLOpen="0";
				$makeIOpen="0";
				$OS=$_POST['OpenStory'];
				$OS2=$_POST['OpenALinks'];
				$OS3=$_POST['OpenRLinks'];
				$OS4=$_POST['OpenImage'];
				if($OS=="true")$makeOpen="1";
				if($OS2=="true")$makeALOpen="1";	
				if($OS3=="true")$makeRLOpen="1";
				if($OS4=="true")$makeIOpen="1";
				echo "Openness: " . $makeOpen . " ";
				$stmt->bind_param("sssiiiii", $Title, $Text, $Desc, $makeOpen, $makeALOpen, $makeRLOpen, $makeIOpen, $SID);
				$stmt->execute();
				$log="Page edited. Title: " . $Title . " Text: " . $Text . " Des: " . $Desc . " ID: " . $SID . " Open: " . $makeOpen . $makeALOpen . $makeRLOpen . $makeIOpen .  "Ref: " . $SID;
				createLog($log, $Logging);
				}
				else
				 {
					 if($Op=='1')
					 {
						$sql = 'UPDATE stor SET Name=?, Text=?, Description=? WHERE RefID=?';
						$stmt = $conn->prepare($sql); 
						$Title=$_POST['Title'];
						$Text=$_POST['WallOfText'];
						$Desc=$_POST['Description'];
						$SID=$_GET["ID"];

						$stmt->bind_param("sssi", $Title, $Text, $Desc, $SID);
						$stmt->execute(); 
						$log="Page edited. Title: " . $Title . " Text: " . $Text . " Des: " . $Desc . " ID: " . $SID . "Ref: " . $SID;
						createLog($log, $Logging);
					 }
					 else
					 {
						 echo "Access denied.";
					 }
				 }
				
				 
				
		  }  
	  }
	 if($_GET["Mod"]=="6")
	 {
	  $_GET["ID"]='';
	 }
	 $_GET["Mod"]=0;
	 include 'read.php';
	}
	 
  }

?>