prepare("SELECT isAdmin FROM users WHERE UserId = ?"); $stmt->execute([$userId]); $isAdmin = (int)($stmt->fetchColumn() ?? 0); if (!in_array($isAdmin, [2, 3, 4, 5])) { exit("Unauthorized"); } $postId = isset($_GET['PostID']) ? (int)$_GET['PostID'] : 0; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $subject = trim($_POST['subject']); $message = trim($_POST['message']); $stmt = $pdo->prepare("UPDATE forums SET Subject = ?, Message = ? WHERE id = ?"); $stmt->execute([$subject, $message, $postId]); header("Location: /Forum/ShowPost.aspx?PostID=$postId"); exit(); } $stmt = $pdo->prepare("SELECT Subject, Message FROM forums WHERE id = ?"); $stmt->execute([$postId]); $post = $stmt->fetch(PDO::FETCH_ASSOC); ?>

Edit Post