{
// Remove all HTML tags (e.g. <br/>) that could cause problems
return strip_tags($title);
}
// Format content accordingly
function format_content($content)
{
// Convert all \n into <br/> for proper content display
return str_replace("\n", '<br />', $content);
}
$post_controller = new PostController($db);
// Initialize Post Controller
// HTTP Requests
if (isset($_POST['add'])) {
// Publish a post
$post_controller->publish($_SESSION['userid'], format_title($_POST['title']), format_content($_POST['content']));
}
if (isset($_GET['delete'])) {
// Delete a post
$post = $post_controller->search_by_id($_GET['id']);
// Ensure that only authors can delete their own posts
if ($_SESSION['userid'] == $post['author_id']) {
// Authorized
$post_controller->delete($post['id']);
} else {
// Not Authorized
header('Location: index.php');
}
}
if (isset($_POST['update'])) {
// Update an existing post