コード例 #1
0
{
    // Remove all HTML tags (e.g. <br/>) that could cause problems
    return strip_tags($title);
}
// Format content accordingly
function format_content($content)
{
    // Convert all \n into <br/> for proper content display
    return str_replace("\n", '<br />', $content);
}
$post_controller = new PostController($db);
// Initialize Post Controller
// HTTP Requests
if (isset($_POST['add'])) {
    // Publish a post
    $post_controller->publish($_SESSION['userid'], format_title($_POST['title']), format_content($_POST['content']));
}
if (isset($_GET['delete'])) {
    // Delete a post
    $post = $post_controller->search_by_id($_GET['id']);
    // Ensure that only authors can delete their own posts
    if ($_SESSION['userid'] == $post['author_id']) {
        // Authorized
        $post_controller->delete($post['id']);
    } else {
        // Not Authorized
        header('Location: index.php');
    }
}
if (isset($_POST['update'])) {
    // Update an existing post