<br>
<textarea name='content' id="" cols="30" rows="3"></textarea>
<br>
<span>Coment</span>
<input name='count'>
<span>Tag</span>
<input name='tag'>
<br>
<button name="insert_post" type="submit">Insert</button>
<br>
</form>
<?php
if (isset($_POST['insert_post'])) {
extract($_POST);
$img = $_FILES["img"]['name'];
move_uploaded_file($_FILES["img"]["tmp_name"], "../img/{$img}");
$posts = new Posts($db);
$posts->insert($id, $title, $author, $date, $views, $img, $content, $count, $tag);
}
?>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>
unset($row['postid']);
$postarr['comments'][] = $row;
}
$rarr = array_merge($postarr, $rarr);
die(json_encode($rarr));
} else {
if ($r['action'] == 'set') {
// create a new post
// send token, userid, content, [groupid, pollid]
$postObj = new Posts($r);
$postObj->checkTokenValid();
$postObj->checkInputHas(['content']);
$postObj->addInsertsFromArray($r, ['id', 'content']);
$postObj->addInsert('username', getUsername($r['id']));
$postObj->addInsert('doc', date('Y-m-d H:i:s'));
$result = $postObj->insert();
if ($result) {
$result = $postObj->customUpdate("weight = postid", "id = {$r['id']}", "order by postid desc limit 1");
// add weight=posts to the last post
// id = r[id] is a safety belt in case of parallel requests
die(json_encode($rarr));
}
} else {
if ($r['action'] == 'feed') {
// get feed for a user or a group
// userid, groupid
$postObj = new Posts($r);
if ($postObj->inputHas(['gid'])) {
$postObj->checkInputHas(['id']);
// limit by post id
if ($postObj->inputHas(['after'])) {
$content = Typo::cleanX($_POST['content']);
if (!isset($_POST['title']) || $_POST['title'] == "") {
$alertred[] = TITLE_CANNOT_EMPTY;
}
if (isset($alertred)) {
$data['alertred'] = $alertred;
} else {
if (!isset($_POST['date']) || $_POST['date'] == "") {
# code...
$date = date("Y-m-d H:i:s");
} else {
$date = $_POST['date'];
}
$vars = array('title' => $title, 'content' => $content, 'date' => $date, 'type' => 'page', 'author' => Session::val('username'), 'status' => Typo::int($_POST['status']));
//print_r($vars);
Posts::insert($vars);
$data['alertgreen'][] = PAGE . " {$_POST['title']} " . MSG_PAGE_ADDED;
Token::remove($_POST['token']);
}
break;
default:
# code...
//System::inc('pages_form', $data);
break;
}
Theme::admin('header', $data);
System::inc('pages_form', $data);
Theme::admin('footer');
break;
case 'edit':
//echo "edit";
});
$app->post('/posts/new', $authenticate($app, $settings), function () use($app, $settings) {
$title = $app->request->post('title');
$text = $app->request->post('markdown');
$redirect = $app->request->post('redirect');
if ($title == "") {
$app->flash('error', 1);
$app->redirect($settings->base_url . '/admin/posts/new');
}
if ($text == "") {
$app->flash('error', 2);
$app->redirect($settings->base_url . '/admin/posts/new');
}
$date = time();
$author = Users::get_id($_SESSION['user']);
Posts::insert(array('title' => $title, 'creation' => $date, 'text' => $text, 'user_id' => $author));
$app->render('success.html', array('redirect' => $redirect));
});
$app->post('/markdown/ajax', $authenticate($app, $settings), function () use($app) {
if ($app->request->post('markdown') !== null) {
echo $app->markdown->parse($app->request->post('markdown'));
}
});
$app->get('/posts/edit/:id', $authenticate($app, $settings), function ($id) use($app) {
$post = Posts::where('id', '=', $id)->first();
if ($post) {
$title = $post->title;
$text = $post->text;
$postId = $id;
$flash = $app->view()->getData('flash');
$error = isset($flash['error']) ? $flash['error'] : '';
