require_once "models/PasswordHash.php"; require_once "models/post.php"; session_start(); //Make sure the user is logged in if (isset($_SESSION['user'])) { $user = $_SESSION['user']; } else { die; } //If they aren't an admin they aren't allowed here either if ($user->admin != 2) { die; } //If they are authorized to be here, make a class object to handle the post $post = new post(); //If the id is set in the query string, do the following if (isset($_GET['id'])) { //First find the post in the database $page = $post->findPost($dbh, $_GET['id']); //If it doesn't exist, kill the page if (!$page) { die; } else { //And then send them back to the main page $post->deletePost($dbh, $page->id); header("Location: /"); die; } } else { die; }
$user = $_SESSION['user']; } else { header("Location: loginCheckCtrl"); die; } //If they are logged in but not an admin kill the page if ($user->admin != 2) { die; } //Create the flags and class object $post = new post(); $error = true; $sent = false; if (isset($_GET['id'])) { $id = $_GET['id']; $postToEdit = $post->findPost($dbh, $id); //If that post doesn't exist, just kill the page if (!$postToEdit) { die; } } else { die; } //Otherwise let them edit the post. if ($_POST) { if (isset($_POST['title'])) { if (empty($_POST['title'])) { $error = false; } } else { $error = false;