The following files exists in this folder. Click to view.
Foogler_blog/pages
PAuthor.php
PCommentProcess.php
PDeleteCommentProcess.php
PDeletePost.php
PDeletePostProcess.php
PEditPost.php
PEditPostProcess.php
PErDiagramme.php
PIndex.php
PInstall.php
PInstallProcess.php
PNewPost.php
PNewPostProcess.php
PRssFeed.php
PShowPost.php
PStatistics.php
PValidate.php
login/
<?php
//--------------------
//PIndex.php
//
//Index page showing all posts
//or posts by selected category
//--------------------
//-----------------------------------
//Handles GET variables
$chosenTag = isset($_GET['tag']) ? $_GET['tag'] : '';
$chosenAuthor = isset($_GET['author']) ? $_GET['author'] : '';
$chosenDate = isset($_GET['date']) ? $_GET['date'] : '';
//-----------------------------------
//Handles DB stuff
$mysqli = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE); //New DB object
$tablePost = DB_PREFIX . 'Post';
$tableTag = DB_PREFIX . 'Tag';
$tablePostTag = DB_PREFIX . 'PostTag';
$tableAuthor = DB_PREFIX . 'Author';
if (mysqli_connect_error()) {
echo "Connect failed: ".mysqli_connect_error()."<br>";
exit();
}
$mysqli->set_charset("utf8");
//Prevent SQL injections
$chosenTag = $mysqli->real_escape_string($chosenTag);
$chosenAuthor = $mysqli->real_escape_string($chosenAuthor);
$chosenDate = $mysqli->real_escape_string($chosenDate);
//-----------------------------
//SQL query
//Checks which GET variables have been set and depending adds WHERE clauses
$whereClause = "";
//If a tag has been chosen
if (isset($chosenTag) && $chosenTag != '') {
$whereClause = <<<END
WHERE idPost IN (
SELECT PostTag_idPost
FROM {$tablePostTag}
WHERE PostTag_idTag = (
SELECT idTag
FROM {$tableTag}
WHERE tagName = "{$chosenTag}"))
END;
}
//If an author has been chosen
if (isset($chosenAuthor) && $chosenAuthor != '') {
$whereClause = <<<END
WHERE Post_idAuthor = (
SELECT idAuthor
FROM {$tableAuthor}
WHERE screenname = '{$chosenAuthor}')
END;
}
//If a date has been chosen
if (isset($chosenDate) && $chosenDate != '') {
$whereClause = <<<END
WHERE MONTH(postDate) = MONTH('{$chosenDate}-01')
END;
}
//Query
$query = <<<END
--
-- Selects post from DB, with where clauses depending on user choice
--
SELECT idPost FROM {$tablePost}
{$whereClause}
ORDER BY postDate DESC;
END;
//Performs query
$res = $mysqli->query($query) or die("Could not query database" . $mysqli->errno .":" . $mysqli->error);
//-----------------------------------
//Prints HTML
require_once(TP_SOURCEPATH . "CHTMLPage.php");
$page = new CHTMLPage();
//For each returned post, gets formatted post HTML
$html = "";
while($row = $res->fetch_object()) {
$html .= $page->getFormattedPost($row->idPost);
}
$res->close();
$mysqli->close(); //Close DB connection
$page->printHTMLHeader();
$page->printPageHeader();
$page->printPageBody($html);
$page->printTagList();
$page->printRightColumn();