<?php
/**
* This is a Hera pagecontroller.
*
*/
// Include the essential config-file which also creates the $anax variable with its defaults.
include __DIR__ . '/config.php';
$hera['stylesheets'][] = 'css/forms.css';
// Connect to a MySQL database using PHP PDO
$db = new CDatabase($hera['database']);
$user = new CUser($db);
if ($user->IsAuthenticated()) {
$output = "Du är inloggad som: {$user->GetAcronym()} ({$user->GetName()})";
} else {
$output = "Du är INTE inloggad. / <a href='login.php'>Logga in?</a>";
}
// Logout the user
if (isset($_POST['logout'])) {
$user->Logout();
header('Location: logout.php');
}
// Do it and store it all in variables in the Hera container.
$hera['title'] = "Logout";
$hera['main'] = <<<EOD
<h1>{$hera['title']}</h1>
<form method=post>
<fieldset>
<legend>Logga ut</legend>
<p><input type='submit' value='Logga ut' name='logout'></p>
<p>{$output}</p>
<?php
/**
* This is a Hera pagecontroller.
*
*/
// Include the essential config-file which also creates the $anax variable with its defaults.
include __DIR__ . '/config.php';
$hera['stylesheets'][] = 'css/forms.css';
// Connect to a MySQL database using PHP PDO
$db = new CDatabase($hera['database']);
$user = new CUser($db);
if ($user->IsAuthenticated()) {
$output = "Du är inloggad som: {$user->GetAcronym()} ({$user->GetName()}) / <a href='logout.php'>Logga ut?</a>";
} else {
$output = "Du är INTE inloggad.";
}
// Check if user and password is okey
if (isset($_POST['Login'])) {
$user->Login($_POST['acronym'], $_POST['password']);
header('Location: login.php');
}
// Do it and store it all in variables in the Hera container.
$hera['title'] = "Login";
$hera['main'] = <<<EOD
<h1>{$hera['title']}</h1>
<form method=post>
<fieldset>
<legend>Logga in</legend>
<p><em>Du kan logga in med emsf14:emsf14 för att logga in som vanlig användare eller admin:admin för att logga in som administratör.</em></p>
<div class='box'>Inte medlem än? Klicka <a href='register.php'>här</a> för att registrera dig.</div>
private function addEntry()
{
// Get parameters
$title = isset($_POST['title']) ? $_POST['title'] : null;
$slug = isset($_POST['slug']) ? $_POST['slug'] : null;
$data = isset($_POST['data']) ? $_POST['data'] : array();
$published = isset($_POST['published']) ? strip_tags($_POST['published']) : array();
$updatedBy = isset($_POST['updatedBy']) ? $_POST['updatedBy'] : null;
$publishedBy = strip_tags(CUser::GetName());
$category = isset($_POST['category']) ? $_POST['category'] : null;
if (empty($published)) {
$published = null;
}
$sql = '
INSERT INTO rm_news (slug, title, data, published, created, updatedBy, publishedBy, category)
VALUES(?,?,?,?,NOW(),?,?,?)
';
$slug = empty($slug) ? null : $this->slugify($slug);
$category = empty($category) ? null : $this->slugify($category);
$params = array($slug, $title, $data, $published, $updatedBy, $publishedBy, $category);
$this->db->ExecuteQuery($sql, $params);
header("Location: edit_news.php");
}
