<?php session_start(); $user = $_POST['user']; $pw = md5($_POST['pw']); include_once "classes/DbConnection.class.php"; $db = new DbConnection(); $sql = "SELECT * FROM blog_admin WHERE username='******' AND password='******' LIMIT 1"; if ($all_users = $db->getRows($sql)) { $_SESSION['admin'] = $all_users[0]['username']; header("location:admin.php"); } else { header("location:blog.php"); }
<?php if (isset($_GET['p_id'])) { $p_id = $_GET['p_id']; } else { header("Location:blog.php"); } include_once "includes/functions.php"; include_once "classes/DbConnection.class.php"; $db = new DbConnection(); //a new DbConnection object $all_posts_sql = "SELECT * FROM blog_post WHERE post_id={$p_id}"; $all_posts = $db->getRows($all_posts_sql); foreach ($all_posts as $one_post) { $post = $one_post['post']; $post_id = $one_post['post_id']; $out = edit_post_form($p_id, $post); } //end foreach ?> <!DOCTYPE HTML> <html> <head> <meta charset="UTF-8"> <title>Edit a post in the blog</title> </head> <body> <div id="main"> <div id="blog"> <?php echo $out;
<?php session_start(); if (!isset($_SESSION["admin"])) { header("Location:blog.php"); } else { $admin = $_SESSION["admin"]; } include_once "includes/functions.php"; include_once "classes/DbConnection.class.php"; $db = new DbConnection(); $all_posts_sql = "SELECT * FROM blog_post ORDER BY post_id DESC"; $all_posts = $db->getRows($all_posts_sql); $out = post_form(); //display the form to submit new posts foreach ($all_posts as $one_post) { $post_id = $one_post['post_id']; $all_comments_one_post_sql = "SELECT * FROM blog_comment WHERE fk_post_id={$post_id} ORDER BY comment_id DESC"; $out .= "<div class='onepost'>"; $out .= "<p>" . $one_post['post'] . "</p>"; $out .= "<div class='date'>"; $out .= "<p>" . $one_post['post_date'] . "</p>"; $admin_links = "<p><a href=\"delete_post.php?p_id={$post_id}\">delete post</a>,"; $admin_links .= " <a href=\"edit_post.php?p_id={$post_id}\">edit post</a></p>"; $out .= $admin_links; //displays the links $out .= "</div>"; $out .= "</div>"; if ($comments = $db->getRows($all_comments_one_post_sql)) { $out .= "<ol>"; foreach ($comments as $comment) {
<?php include_once "includes/functions.php"; include_once "classes/DbConnection.class.php"; $db = new DbConnection(); //a new DbConnection object $all_posts_sql = "SELECT * FROM blog_post ORDER by post_id DESC"; $all_posts = $db->getRows($all_posts_sql); $out = ""; $log_form = "Login: <form method =\"post\" action=\"process_login.php\">"; $log_form .= "Username:<input type=\"text\" name=\"user\" /> "; $log_form .= "Password:<input type=\"password\" name=\"pw\" />"; $log_form .= "<input type=\"submit\" value=\"login\" />"; $log_form .= "</form>"; //$out .= $log_form; foreach ($all_posts as $one_post) { $out .= "<div class='onepost'>"; $out .= "<p>" . $one_post['post'] . "</p>"; $out .= "<div class='date'>"; $out .= "<p>" . $one_post['post_date'] . "</p>"; $out .= "</div>"; $out .= "</div>"; $post_id = $one_post['post_id']; $out .= comment_form($post_id); $all_comments_one_post_sql = "SELECT * FROM blog_comment WHERE fk_post_id={$post_id} ORDER BY comment_id DESC"; // here will the script to display the comments be... if ($comments = $db->getRows($all_comments_one_post_sql)) { $out .= ""; foreach ($comments as $comment) { $out .= "<div class='comment'>"; $out .= "<li>" . $comment['comment'];