Teknik is a suite of services with attractive and functional interfaces. https://www.teknik.io/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

edit_blog.php 1.7KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283
  1. <?php
  2. require_once('../includes/config.php');
  3. $userID = 0;
  4. $postID = 0;
  5. $authorID = 0;
  6. $title = "";
  7. $post = "";
  8. //check to see that the form has been submitted
  9. if(isset($_POST))
  10. {
  11. //retrieve the $_POST variables
  12. $userID = rawurldecode($_POST['userID']);
  13. $postID = rawurldecode($_POST['postID']);
  14. $title = rawurldecode($_POST['title']);
  15. $post = rawurldecode($_POST['post']);
  16. $post_select = $db->select('blog', "id=? LIMIT 1", array($postID));
  17. if ($post_select)
  18. {
  19. //initialize variables for form validation
  20. $success = true;
  21. if($success && !$logged_in)
  22. {
  23. $error = "You must be logged in to edit this blog post.";
  24. $success = false;
  25. }
  26. if($success && empty($title))
  27. {
  28. $error = "You need to submit a title with your post.";
  29. $success = false;
  30. }
  31. if($success && strlen($title) > 140)
  32. {
  33. $error = "The maximum length for your title is 140 characters.";
  34. $success = false;
  35. }
  36. if($success && empty($post))
  37. {
  38. $error = "You need to submit an actual post.";
  39. $success = false;
  40. }
  41. if ($success && !$user->admin && $post_select['author_id'] != $user->id)
  42. {
  43. $error = "You are not allowed to edit this post.";
  44. $success = false;
  45. }
  46. if($success)
  47. {
  48. $data = array(
  49. "title" => $title,
  50. "tags" => "",
  51. "post" => $post
  52. );
  53. $post_id = $db->update($data, 'blog', 'id=?', array($postID));
  54. unset($_POST);
  55. echo "true";
  56. }
  57. else
  58. {
  59. unset($_POST);
  60. echo $error;
  61. }
  62. }
  63. else
  64. {
  65. echo "That blog post does not exist.";
  66. }
  67. }
  68. else
  69. {
  70. echo "$_POST is not set.";
  71. }
  72. ?>