-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpost.php
executable file
·127 lines (118 loc) · 5.86 KB
/
post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
<?php include "includes/header.php" ?>
<body>
<!-- Navigation -->
<?php include "includes/navigation.php" ?>
<!-- Page Content -->
<div class="container">
<div class="row">
<!-- Blog Entries Column -->
<?php include "includes/db.php" ?>
<div class="col-md-8">
<!-- First Blog Post -->
<?php
if(isset($_GET['p_id'])) {
$post_id = $_GET['p_id'];
postViewed($post_id);
}
//get the post
$query = "SELECT * FROM posts WHERE post_id = {$post_id} ";
$select_all_posts = mysqli_query($connection, $query);
while($post = mysqli_fetch_assoc($select_all_posts)) {
$blog_post_title = $post['post_title'];
$blog_post_author = $post['post_author'];
$blog_post_date = $post['post_date'];
$blog_post_image = $post['post_image'];
$blog_post_content = $post['post_content'];
$blog_post_views = $post['post_views'];
}
//get the data on author
$author_name = getAuthorByPost($blog_post_author);
?>
<!-- post the post -->
<h2><?php echo $blog_post_title; ?></h2>
<p class='lead'>by
<a href='index.php'>
<?php echo $author_name; ?>
</a>
<?php
if(isset($_SESSION['id'])) {
if($_SESSION['role'] === 'admin') {
echo "<a href='admin/posts.php?source=edit&p_id={$post_id}¬ify=edit'>[Edit Post]</a>";
} else if ($_SESSION['id'] === $blog_post_author) {
echo "<a href='admin/posts.php?source=edit&p_id={$post_id}¬ify=edit'>[Edit Your Post]</a>";
}
}
?>
</p>
<p>
<span class='glyphicon glyphicon-time'></span>
Posted on <?php echo $blog_post_date; ?>
| Views: <?php echo $blog_post_views; ?>
| Comments: <?php echo getCommentCount($post_id); ?>
</p>
<img class='img-responsive' src='images/<?php echo $blog_post_image; ?>' alt=''>
<hr>
<p>
<?php
echo $blog_post_content;
?>
</p>
<hr>
<!-- Blog Comments -->
<!-- Comments Form -->
<?php
if(isset($_POST['comment'])) {
if(isset($_SESSION['id'])) {
$com_auth = escape($_SESSION['username']);
$com_email = escape($_SESSION['email']);
} else {
$com_auth = escape($_POST['name']);
$com_email = escape($_POST['email']);
}
$comment = escape($_POST['com_content']);
if(!empty($com_auth) && !empty($com_email) && !empty($comment)) {
addComment($post_id, $com_auth, $com_email, $comment);
} else {
echo "<script>alert('Fields cannot be empty!')</script>";
}
}
?>
<form action="" method="post" enctype="multipart/form-data">
<div class="col-xs-6">
<label for="name">Name: </label>
<input <?php
if(isset($_SESSION['id'])) {
echo "value={$_SESSION['username']}";
}
?> type="text" class="form-control" name="name">
</div>
<div class="col-xs-6">
<label for="email">e-mail: </label>
<input <?php
if(isset($_SESSION['id'])) {
echo "value={$_SESSION['email']}";
}
?> type="email" class="form-control" name="email">
</div>
<div class="col-xs-12 margin-bottom-space">
<label for="com_content">Leave a comment: </label>
<textarea class="form-control" name="com_content" rows="5"></textarea>
</div>
<div class="form-group">
<button type="submit" class="btn btn-primary" name="comment">Submit</button>
</div>
</form>
<hr>
<!-- Posted Comments -->
<!-- Comment -->
<?php
getComments('approved', $post_id);
?>
</div>
<!-- Blog Sidebar Widgets Column -->
<?php include "includes/sidebar.php" ?>
</div>
<!-- /.row -->
<hr>
<!-- Footer -->
<?php include "includes/footer.php" ?>