function confirmDelete($db, $url) { $e = retrieveEntries($db, '', $url); return <<<FORM <form action="/admin.php" method="post"> <fieldset> <legend>Are you sure matey?</legend> <p>Are you sure you want to delete the entry "{$e['title']}"?</p> <input type="submit" name="submit" value="Yes" /> <input type="submit" name="submit" value="No" /> <input type="hidden" name="action" value="delete" /> <input type="hidden" name="url" value="{$url}" /> </fieldset> </form> FORM; }
function confirmDelete($db, $url) { $e = retrieveEntries($db, '', $url); return <<<FORM <form action="/simple_blog/admin.php" method="post"> \t <fieldset> \t \t\t<legend>Are you Sure!</legend> \t \t\t<p>Are you sure you want to delete an entry "{$e['title']}"?</p> \t \t\t<input type="submit" name="submit" value="Yes"/> \t \t\t<input type="submit" name="submit" value="No"/> \t \t\t<input type="hidden" name="action" value="delete" /> \t \t\t<input type="hidden" name="url" value="{$url}"/> \t </fieldset> \t</form> \t FORM; }
<?php // including the neccasary files include_once '../inc/functions.inc.php'; include_once '../inc/db.inc.php'; // Open a new database connection $db = new PDO(DB_INFO, DB_USER, DB_PASS); // load all the entries $e = retrieveEntries($db, 'blog'); //Remove the fulldisplay tag array_pop($e); //Perform basic sanitization $e = sanitizeData($e); // Add a content type header to ensure proper execution header('Content-Type: application/rss+xml'); // Output the XML declaration echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n"; ?> <rss version="2.0"> <channel> <title>My Simple Blog</title> <link>http://localhost/simple_blog/</link> <description>This blog is awesome.</description> <language>en-us</language> <?php // Loop through the entries and generate RSS items foreach ($e as $e) { // Escape HTML to avoid errors $entry = htmlentities($e['entry']); // Build the full URL to the entry
exit; } else { exit("Error deleting Entry"); } } else { header("Location: /simple_blog/blog/{$url}"); exit; } } if (isset($_GET['url'])) { $url = htmlentities(strip_tags($_GET['url'])); $legend = "Edit this Entry"; if ($page == 'delete') { $confirm = confirmDelete($db, $url); } $e = retrieveEntries($db, $page, $url); $id = $e['id']; $entry = $e['entry']; $title = $e['title']; } else { if ($page == 'createUser') { $create = createUserForm(); } $legend = "New Entry Submission"; $id = NULL; $entry = NULL; $title = NULL; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
<?php // Start the session. session_start(); // Include the functions so you can create an URL. include_once 'functions.inc.php'; // Include the image handling class. include_once 'images.inc.php'; include_once 'db.inc.php'; $db = new PDO(DB_INFO, DB_USER, DB_PASS); // Initial check. if ($_SERVER['REQUEST_METHOD'] == 'POST' && $_POST['submit'] == 'Save Entry' && !empty($_POST['page']) && !empty($_POST['title']) && !empty($_POST['entry'])) { // Create an URL to be saved in the database. $url = makeUrl($_POST['title']); // Retrieves entries for the given URL. $e = retrieveEntries($db, $_POST['page'], $url); // We run a check to see if there already is an image saved for the entry. // Otherwise we upload one if needed. if (empty($e['image'])) { // We check if there is an image to upload. if (!empty($_FILES['image']['tmp_name'])) { try { // Instantiate the class and set a save path. $img = new ImageHandler("/files/"); // Process the file and store the returned path. $img_path = $img->processUploadedImage($_FILES['image']); // Output the uploaded image as it was saved. echo '<img src=" ', $img_path, ' "/><br/>'; } catch (Exception $e) { // If an error occurred, output your custom error message. die($e->getMessage());
<?php /* * Include the necessary files * hello robo */ include_once 'inc/functions.inc.php'; include_once 'inc/db.inc.php'; // Open a database connection $db = new PDO(DB_INFO, DB_USER, DB_PASS); // Determine if an entry ID was passed in the URL $id = isset($_GET['id']) ? (int) $_GET['id'] : NULL; // Load the entries $e = retrieveEntries($db, $id); // Get the fulldisp flag and remove it from the array $fulldisp = array_pop($e); // Sanitize the entry data $e = sanitizeData($e); ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html;charset=ISO-8859-1" /> <link rel="stylesheet" href="/cfh/css/default.css" type="text/css" />