<?php
session_start();
$user = $_POST['user'];
$pw = md5($_POST['pw']);
include_once "classes/DbConnection.class.php";
$db = new DbConnection();
$sql = "SELECT * FROM blog_admin WHERE username='******' AND password='******' LIMIT 1";
if ($all_users = $db->getRows($sql)) {
$_SESSION['admin'] = $all_users[0]['username'];
header("location:admin.php");
} else {
header("location:blog.php");
}
<?php
if (isset($_GET['p_id'])) {
$p_id = $_GET['p_id'];
} else {
header("Location:blog.php");
}
include_once "includes/functions.php";
include_once "classes/DbConnection.class.php";
$db = new DbConnection();
//a new DbConnection object
$all_posts_sql = "SELECT * FROM blog_post WHERE post_id={$p_id}";
$all_posts = $db->getRows($all_posts_sql);
foreach ($all_posts as $one_post) {
$post = $one_post['post'];
$post_id = $one_post['post_id'];
$out = edit_post_form($p_id, $post);
}
//end foreach
?>
<!DOCTYPE HTML>
<html>
<head>
<meta charset="UTF-8">
<title>Edit a post in the blog</title>
</head>
<body>
<div id="main">
<div id="blog">
<?php
echo $out;
<?php
session_start();
if (!isset($_SESSION["admin"])) {
header("Location:blog.php");
} else {
$admin = $_SESSION["admin"];
}
include_once "includes/functions.php";
include_once "classes/DbConnection.class.php";
$db = new DbConnection();
$all_posts_sql = "SELECT * FROM blog_post ORDER BY post_id DESC";
$all_posts = $db->getRows($all_posts_sql);
$out = post_form();
//display the form to submit new posts
foreach ($all_posts as $one_post) {
$post_id = $one_post['post_id'];
$all_comments_one_post_sql = "SELECT * FROM blog_comment WHERE fk_post_id={$post_id} ORDER BY comment_id DESC";
$out .= "<div class='onepost'>";
$out .= "<p>" . $one_post['post'] . "</p>";
$out .= "<div class='date'>";
$out .= "<p>" . $one_post['post_date'] . "</p>";
$admin_links = "<p><a href=\"delete_post.php?p_id={$post_id}\">delete post</a>,";
$admin_links .= " <a href=\"edit_post.php?p_id={$post_id}\">edit post</a></p>";
$out .= $admin_links;
//displays the links
$out .= "</div>";
$out .= "</div>";
if ($comments = $db->getRows($all_comments_one_post_sql)) {
$out .= "<ol>";
foreach ($comments as $comment) {
<?php
include_once "includes/functions.php";
include_once "classes/DbConnection.class.php";
$db = new DbConnection();
//a new DbConnection object
$all_posts_sql = "SELECT * FROM blog_post ORDER by post_id DESC";
$all_posts = $db->getRows($all_posts_sql);
$out = "";
$log_form = "Login: <form method =\"post\" action=\"process_login.php\">";
$log_form .= "Username:<input type=\"text\" name=\"user\" /> ";
$log_form .= "Password:<input type=\"password\" name=\"pw\" />";
$log_form .= "<input type=\"submit\" value=\"login\" />";
$log_form .= "</form>";
//$out .= $log_form;
foreach ($all_posts as $one_post) {
$out .= "<div class='onepost'>";
$out .= "<p>" . $one_post['post'] . "</p>";
$out .= "<div class='date'>";
$out .= "<p>" . $one_post['post_date'] . "</p>";
$out .= "</div>";
$out .= "</div>";
$post_id = $one_post['post_id'];
$out .= comment_form($post_id);
$all_comments_one_post_sql = "SELECT * FROM blog_comment WHERE fk_post_id={$post_id} ORDER BY comment_id DESC";
// here will the script to display the comments be...
if ($comments = $db->getRows($all_comments_one_post_sql)) {
$out .= "";
foreach ($comments as $comment) {
$out .= "<div class='comment'>";
$out .= "<li>" . $comment['comment'];
