The following files exists in this folder. Click to view.
Foogler_blog/pages
PAuthor.php
PCommentProcess.php
PDeleteCommentProcess.php
PDeletePost.php
PDeletePostProcess.php
PEditPost.php
PEditPostProcess.php
PErDiagramme.php
PIndex.php
PInstall.php
PInstallProcess.php
PNewPost.php
PNewPostProcess.php
PRssFeed.php
PShowPost.php
PStatistics.php
PValidate.php
login/
<?php
//--------------------------
// PEditPost.php
//
// Page for editing posts
//--------------------------
//Checks that user is logged in
if(!isset($_SESSION['accountUser'])) {
require_once("login/PLogin.php");
exit;
}
//-----------------------------------
//Handles GET variables
$chosenPost = isset($_GET['id']) ? $_GET['id'] : '';
//--------------------------
//DB stuff
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE); //New DB object
$tablePost = DB_PREFIX . 'Post';
$tableTag = DB_PREFIX . 'Tag';
$tablePostTag = DB_PREFIX . 'PostTag';
//Makes sure DB connection worked
if (mysqli_connect_error()) {
echo "Connect failed: ".mysqli_connect_error()."<br>";
exit();
}
$mysqli->set_charset("utf8");
//Prevent SQL injections
$chosenPost = $mysqli->real_escape_string($chosenPost);
//-----------------------
//SQL query
$query = <<<END
--
-- Gets chosen post
--
SELECT * FROM {$tablePost}
WHERE idPost = {$chosenPost};
--
-- Gets tags for chosen post
--
SELECT tagName FROM {$tableTag}
JOIN {$tablePostTag} ON (idTag = PostTag_idTag)
WHERE PostTag_idPost = {$chosenPost};
END;
//Performs multiple queries
$res = $mysqli->multi_query($query) or die("Could not query database");
//----------------------------
//Gets result from first query
$res = $mysqli->store_result() or die("Failed to retrieve result from query.");
$row = $res->fetch_object(); //Gets first row
$title = $row->postTitle; //Gets post title
$text = $row->postText; //Gets post text
$res->close();
//----------------------------
//Gets result from second query
($mysqli->next_result() && ($res = $mysqli->store_result()) )
or die("Failed to retrive result from query.");
//For each returned tag, get tag name
$tagString = "";
while($row = $res->fetch_object()) {
$tagString .= $row->tagName . ", ";
}
$tagString = substr($tagString, 0, -2); //Removes last comma on the end
$res->close();
$mysqli->close(); //Closes DB connection
//Post form HTML with post info from DB
$html = <<<END
<h2>Edit post</h2>
<form action="?p=editp" method="POST">
<input type="hidden" name="idPost" value="{$chosenPost}" />
<label for="postTitle">Title:</label>
<input type="text" name="postTitle" id="postTitle" class="textboxLong" value="{$title}" />
<label for="postText">Post:</label>
<textarea name="postText" id="postText" style="height:300px;">{$text}</textarea>
<label for="tags">Tags (separated by a comma):</label><br />
<input type="text" name="tags" id="tags" class="textboxLong" value="{$tagString}" />
<input type="submit" value="Save post" class="button" />
</form>
END;
//-----------------
//Prints HTML
require_once(TP_SOURCEPATH . 'CHTMLPage.php');
$page = new CHTMLPage();
$page->printHTMLHeader();
$page->printPageHeader();
$page->printPageBody($html);
$page->printTagList();
$page->printRightColumn();