// Las funciones en el if no necesitan usuario logged
if ($decoded == null && ($_GET["function"] != null && ($_GET["function"] == 'getPosts' || $_GET["function"] == 'getTemas'))) {
$token = '';
} else {
checkSecurity();
}
}
if ($decoded != null) {
if ($decoded->function == 'createPost') {
createPost($decoded->post);
} else {
if ($decoded->function == 'createTema') {
createTema($decoded->tema);
} else {
if ($decoded->function == 'updatePost') {
updatePost($decoded->post);
} else {
if ($decoded->function == 'updateTema') {
updateTema($decoded->tema);
} else {
if ($decoded->function == 'removePost') {
removePost($decoded->post_id);
} else {
if ($decoded->function == 'removeTema') {
removeTema($decoded->tema_id);
}
}
}
}
}
}
<?php
require_once "edit_functions.php";
//kas kasutaja uuendab andmeid
if (isset($_POST["update"])) {
updatePost($_POST["id"], $_POST["post_title"], $_POST["post"]);
}
if (!isset($_GET["view"])) {
//kui aadressi real ei ole ?view=, suuname table lehele
header("location: table2.php");
} else {
//küsime andmebaasist andmed id järgi
$post_object = getSinglePostData($_GET["view"]);
//var_dump($post_object);
}
?>
<?php
$page_title = "view";
$file_name = "view.php";
?>
<?php
require_once "../header.php";
?>
<h2><?php
echo $post_object->post_title;
?>
</h2>
<p style="width: 500px; padding: 10px; border: 1px solid gray;"><?php
$_POST['editor1'] = trim($_POST['editor1']);
//validation
if ($_POST['title'] == '') {
$error['title'] = 'Title is blank, please add one';
$form_valid = false;
} elseif (strlen($_POST['title']) > 25) {
$error['title'] = 'Title too long, keep it simple!';
$form_valid = false;
}
if ($_POST['editor1'] == '') {
$error['editor1'] = 'You have not entered any content! Try again yeh...?';
$form_valid = false;
}
// action taken if form filled in correctly...
if ($form_valid == true) {
updatePost($_GET['id'], $_SESSION['userId'], $_POST['title'], $_POST['editor1'], $_POST['category']);
// variables set to createPost function for insertion into db...
header('Location: ?page=cmsUpdated&goto=cmsPostsTable');
}
}
$id = $_GET['id'];
$post = getPostById($id);
include VIEWS . 'contentCMSUpdate.php';
break;
case 'delete':
$id = $_GET['id'];
if (!empty($_POST)) {
if ($_POST['deleteConf'] == 'Yes') {
deletePost($id);
header('Location: ?page=cmsUpdated&goto=cmsPostsTable');
} elseif ($_POST['deleteConf'] == 'No') {
<?php
require_once "functions.php";
if (isset($_POST["update_post"])) {
//vajutas salvesta nuppu
//numberplate ja color tulevad vormist, aga id varjatud väljas
updatePost($_POST["id"], $_POST["tweet"]);
}
//edit.php
//aadressireal on ?edit_id siis trükin välja selle väärtuse
if (isset($_GET["edit_id"])) {
echo $_GET["edit_id"];
//id oli aadressireal
//tahaks ühte rida kõige uuemaid andmeid kus id on $_GET["edit_id"]
$post = getEditData($_GET["edit_id"]);
var_dump($post);
} else {
//ei olnud aadressireal
echo "Viga";
//die - edasi lehte ei laeta
//die();
//suuname kasutaja table.php lehele
header("Location: table.php");
}
?>
<h2>Muuda postitusi</h2>
<form action="<?php
echo htmlspecialchars($_SERVER["PHP_SELF"]);
?>
" method="post">
if (!empty($images)) {
foreach ($images as $image) {
$image->thumbnailName = Util::getThumbnailName($image->originalName);
//printf("tname is %s \n",$image->thumbnailName);
array_push($data, $image);
//update sc_media.thumbnail_name
updateMedia($mysqli, $image->id, $image->thumbnailName);
}
//new mediaVO
$strMediaVO = json_encode($data);
//push new mediaVO to sc_post
updatePost($mysqli, $row['id'], $strMediaVO);
} else {
//no images case
$strMediaVO = '[]';
updatePost($mysqli, $row['id'], $strMediaVO);
}
}
sleep(1);
$count++;
}
function updateMedia($mysqli, $mediaId, $tname)
{
$updateSQL = " update sc_media set thumbnail_name = ? where id = ? ";
$stmt = $mysqli->prepare($updateSQL);
if ($stmt) {
$stmt->bind_param("si", $tname, $mediaId);
$stmt->execute();
$stmt->close();
}
}
//是否置顶。。
$isbase = @$_POST['isbase'];
//isbase为1:基础知识,2:相关技巧
$ishot = @$_POST['ishot'];
$citysub = @$_POST['citysub'];
//citysub为城市子类
$class = @$_POST['class'];
if (!$postid) {
$insert = createPost($title, $content, $city, $citysub, $class, $istop, $isbase, $ishot);
} else {
if (@$_POST['from'] == 'console') {
// $update = updatePost($postid,$title,$content,$city,$district,$security,$istop,$isbase,$ishot);
updatePost($postid, null, null, $city, $citysub, $class, $isbase, $istop, $ishot);
echo '1';
} else {
$update = updatePost($postid, $title, $content, $city, $citysub, $class, $isbase, $istop, $ishot);
}
}
qa_redirect_raw('console_page.php');
}
if (qa_post_text('doask')) {
require_once QA_INCLUDE_DIR . 'qa-app-users.php';
$errors = array();
$doask = qa_post_text('doask');
$doanswer = qa_post_text('doanswer');
if ($postid = qa_post_text('postid') && !$doanswer) {
$title = @$_POST['title'];
$content = @$_POST['content'];
//是否置顶。。
// $isbase=qa_post_text('isbase');
$ques = qa_post_get_full($postid);
}
if (POST('submit') == 'create') {
$title = POST('title');
$content = POST('content');
$statement = savePost2Database($title, $content);
//echo '{"status": "1", "id": "'.$statement.'","title": "'.$title.'"}';
echo '{"status": "1", "id": "' . $statement . '"}';
}
if (POST('submit') == 'read') {
$id = POST('id');
$statement = getPost($id);
$post = $statement->fetchObject();
if ($post) {
$content = $post->content;
echo $content;
} else {
echo "No post with ID: {$id}";
}
}
if (POST('submit') == 'update') {
$id = POST('id');
$title = POST('title');
$content = POST('content');
$statement = updatePost($title, $content, $id);
echo "{'status': '1'}";
}
if (POST('submit') == 'delete') {
$id = POST('id');
deletePost($id);
echo '{"status": "1"}';
}
}
if (isset($_GET["logout"])) {
//aadressireal on olemas muutuja logout
//kustutame kõik session muutujad ja peatame sessiooni
session_destroy();
header("Location: page/login.php");
}
// kas kustutame
// ?delete=vastav id mida kustutada on aadressi real
if (isset($_GET["delete"])) {
echo "Kustutame id " . $_GET["delete"];
//käivitan funktsiooni, saadan kaasa id!
deleteReview($_GET["delete"]);
}
if (isset($_POST["save"])) {
updatePost($_POST["id"], $_POST["post"]);
}
//käivitan funktsiooni
$array_of_posts = getPostData();
?>
<div>
<br>
<p><a href="data.php" class="btn btn-primary" role="button">Tagasi teemade lehele</a></p>
<body style="background-color:#0074D9">
<h2 style=color:#F8F8FF>Postitused Eesti jalgpallist</h2>
<p><a href="mingiteema.php" class="btn btn-primary" role="button" style="text-align:left;color:#F8F8FF">Loo ise arvustus</a></p>
function formProcess_bb($option, $thread, $threadID)
{
$errorText = '';
if (!check_csrf_token()) {
zamgerlog("csrf token nije dobar", 3);
zamgerlog2("csrf token nije dobar");
return "Poslani podaci nisu ispravni. Vratite se nazad, ponovo popunite formu i kliknite na dugme Pošalji";
}
if (!in_array($option, array('add', 'edit'))) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
$id = intval($_REQUEST['id']);
if ($option == 'edit' && $id <= 0) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
zamgerlog("pokusao urediti nepostojeci post {$id}, projekat {$projekat} (pp{$predmet})", 3);
zamgerlog2("pokusao urediti nepostojeci post", $id, $projekat);
return $errorText;
}
if ($thread == true && $threadID <= 0) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
zamgerlog("pokusao urediti nepostojeci post {$id}, projekat {$projekat} (pp{$predmet})", 3);
zamgerlog2("pokusao urediti nepostojeci post", $id, $projekat);
return $errorText;
}
//get variables
$naslov = $_REQUEST['naslov'];
$tekst = $_REQUEST['tekst'];
$projekat = intval($_REQUEST['projekat']);
$predmet = intval($_REQUEST['predmet']);
global $userid;
if (empty($naslov) || empty($tekst)) {
$errorText = 'Unesite sva obavezna polja.';
return $errorText;
}
$naslov = trim($naslov);
$tekst = trim($tekst);
if ($option == 'edit') {
$entry = getPost($id);
}
$data = array('naslov' => $naslov, 'tekst' => $tekst, 'osoba' => $userid, 'projekat' => $projekat, 'threadID' => $threadID);
if ($option == 'add') {
if ($thread == false) {
//new thread inserting
if (!insertThread($data)) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
} else {
//inserting post in thread
if (!insertReplyForThread($threadID, $data)) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
}
} else {
if (!updatePost($data, $id)) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
}
//option == edit
return $errorText;
}
include ("phpFunctions.php");
session_start();
if(!$_SESSION['username'])
{
redirect("index.php");
$_SESSION['statusmessage'] = "Please login to edit the post";
}
else
{
$postid = $_POST['postid'];
$postTitle = $_POST['posttitle'];
$postContent = $_POST['postcontent'];
$postCategory = $_POST['postcategory'];
$postAuthor = $_SESSION['username'];
if(checkEmptyAndNullString($postTitle) || checkEmptyAndNullString($postContent) || checkEmptyAndNullString($postCategory) )
{
redirect("editpost_form.php?postid=$postid");
$_SESSION['statusmessage'] = "All fields are required";
}
else
{
updatePost($postid, $postTitle, $postContent, $postCategory);
$_SESSION['statusmessage'] = "Post edited successfully";
redirect("view_post.php?postid=$postid");
}
}
?>
<br> Vaata kõik kasutajad <a href="table.php"> siin!</a>
<br> Vaata sinu postitusi <a href="Single_post.php"> siin!</a>
<br> Data lehele! <a href="data.php"> siin!</a>
</body>
</html>
<?php
// table.php
require_once "User.class.php";
// table.php
require_once "functions.php";
require_once "header.php";
$user_table = getSelfData();
//kasutaja tahab midagi muuta
if (isset($_POST["update"])) {
updatePost($_POST["text"], $_POST["post_kd"]);
}
//kas kasutaja tahab kustutada
// kas aadressireal on ?delete=??!??!?!
if (isset($_GET["delete"])) {
// saadan kaasa id, mida kustutada
deletePost($_GET["delete"]);
}
?>
<table border=1 align="center" >
<tr>
<th>ID</th>
<th>user_id</th>
<th>email</th>
<th>text</th>
$post['title'] = $_POST['post_title'];
$post['category_id'] = $_POST['post_category'];
$post['tags'] = $_POST['post_tags'];
$post['content'] = $_POST['post_content'];
$new_post_image = $_FILES['post_image']['name'];
$new_post_image_tmp = $_FILES['post_image']['tmp_name'];
if (!empty($new_post_image)) {
move_uploaded_file($new_post_image_tmp, "../images/{$new_post_image}");
} else {
$new_post_image = $post['image'];
}
// Error handling
if (empty(trim($post['title']))) {
$error_message = "Post title can not be empty";
} else {
updatePost($id, $post['title'], $post['author'], $post['date'], $new_post_image, $post['content'], $post['tags'], $post['comment_count'], $post['status'], $post['category_id']);
$success_message = "Post edited successfully. Click <a class='alert-link' href='../post.php?id={$id}'>here</a> to view the post";
$post['image'] = $new_post_image;
}
}
?>
<div id="wrapper">
<?php
require "includes/admin_navigation.php";
?>
<div id="page-wrapper">
<div class="container-fluid">
