<?php namespace blog; require "../connect.php"; if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (empty($_POST['title']) || empty($_POST['body']) || !isset($_POST['author'])) { $status = "Fill All Fields First"; $color = "red"; } else { $res = query($handler, "insert into posts (title,body,author) VALUE (:t,:b,:a)", [":t" => $_POST['title'], ":b" => $_POST['body'], ":a" => $_POST['author']], false); if (!$res) { $status = "An Error Has Occurred with the DB"; $color = "red"; } else { $status = "The new post is inserted"; $color = "green"; } } # if the form is posted .. load it with it's fields filled with previous valid/non-valid data view("newPost.php", "newPost.css", ["status" => $status, "color" => $color, "title" => $_POST['title'], "body" => $_POST['body'], "authors" => get_authors_options(isset($_POST['author']) ? $_POST['author'] : "")]); } else { # if the form is not posted .. load it empty view("newPost.php", "newPost.css", ["authors" => get_authors_options()]); }
$id = $_GET['id']; $title = $post['title']; $body = $post['body']; $authors = get_authors_options($post['author']); view("updatePost.php", "updatePost.css", ["title" => $title, "body" => $body, "id" => $id, "authors" => $authors]); } else { header("location:index.php"); } } # on script POST = save the edits to the db if ($_SERVER['REQUEST_METHOD'] == "POST") { if (empty($_POST['title']) || empty($_POST['body']) || !isset($_POST['author'])) { $status = "Fill both title and body first"; $color = "red"; } else { if (query($handler, "update posts set title=:t,body=:b,author=:a where id=:id", [":t" => $_POST['title'], ":b" => $_POST['body'], ":id" => $_POST['id'], ":a" => $_POST['author']])) { $status = "post is updated"; $color = "green"; } else { $status = "an error has occurred"; $color = "red"; } } $authors = get_authors_options($_POST['author']); view("updatePost.php", "newPost.css", ["title" => $_POST['title'], "body" => $_POST['body'], "id" => $_POST['id'], "authors" => $authors, "status" => $status, "color" => $color]); } ?> <?php