prepare("SELECT isAdmin FROM users WHERE UserId = ?"); $stmt->execute([$userId]); $isAdmin = (int)($stmt->fetchColumn() ?? 0); if (!in_array($isAdmin, [2, 3, 4, 5])) { exit("Unauthorized"); } $replyId = isset($_GET['ReplyID']) ? (int)$_GET['ReplyID'] : 0; if ($_SERVER['REQUEST_METHOD'] === 'POST') { $content = trim($_POST['content']); $stmt = $pdo->prepare("UPDATE forum_replies SET Content = ? WHERE id = ?"); $stmt->execute([$content, $replyId]); $stmt = $pdo->prepare("SELECT PostId FROM forum_replies WHERE id = ?"); $stmt->execute([$replyId]); $postId = (int)$stmt->fetchColumn(); header("Location: /Forum/ShowPost.aspx?PostID=$postId"); exit(); } $stmt = $pdo->prepare("SELECT Content FROM forum_replies WHERE id = ?"); $stmt->execute([$replyId]); $reply = $stmt->fetch(PDO::FETCH_ASSOC); ?>

Edit Reply