{
$this->fetchData();
Page::header('baseMVC - Edit "' . $this->article_data['title'] . '"');
$this->view('edit_view', $this->article_data);
}
function submitEdited()
{
$edited = $this->insert("UPDATE BlogContent\n\t\t\t\tSET title = '" . DB::$_instance->real_escape_string($_POST['title']) . "',\n\t\t\t\t\tintro = '" . DB::$_instance->real_escape_string($_POST['intro']) . "',\n\t\t\t\t\tcontent = '" . DB::$_instance->real_escape_string($_POST['content']) . "'\n\t\t\t\tWHERE id_Content = {$_GET['id']};");
if (DB::$_instance->affected_rows === 1) {
header('Location: ' . BASE_URL . "?page=article&id={$_GET['id']}");
} else {
echo 'Affected rows: ' . DB::$_instance->affected_rows . "<br/>UPDATE BlogContent\n\t\t\t\tSET title = '" . DB::$_instance->real_escape_string($_POST['title']) . "',\n\t\t\t\t\tintro = '" . DB::$_instance->real_escape_string($_POST['intro']) . "',\n\t\t\t\t\tcontent = '" . DB::$_instance->real_escape_string($_POST['content']) . "'\n\t\t\t\tWHERE id_Content = {$_GET['id']}";
}
}
}
$edit = new Edit();
if (isset($_GET['id']) && isset($_SESSION['uid']) && $edit->blogAuthorisation($_GET['id'], $_SESSION['uid']) && isset($_POST['submit'])) {
$edit->submitEdited();
}
if (!isset($_SESSION['uid'])) {
$_SESSION['error_msg'] = "<p>Login required to access the page</p>";
$edit->requireLogin(REFR_URL);
} elseif ($edit->blogAuthorisation($_GET['id'], $_SESSION['uid'])) {
// == $author_id && $user_group == 'blogauthor' ) :
$edit->getView();
$edit->footer();
} else {
$_SESSION['error_msg'] = "<p>You don't have the permission to edit this article!<br/>It seems that you don't own this article.</p>";
$edit->header('Page Access Error - baseMVC');
$edit->footer();
}
