?>
</head>
<body>
<?php
require 'templates/title.php';
?>
<div class="post">
<h2>
<?php
echo htmlEscape($row['title']);
?>
</h2>
<div class="date">
<?php
echo convertSqlDate($row['created_at']);
?>
</div>
<?php
// This is already escaped, so doesn't need further escaping
?>
<?php
echo convertNewlinesToParagraphs($row['body']);
?>
</div>
<?php
require 'templates/list-comments.php';
?>
<?php
foreach (getCommentsForPost($pdo, $postId) as $comment) {
?>
<div class="comment">
<div class="comment-meta">
Comment from
<?php
echo htmlEscape($comment['name']);
?>
on
<?php
echo convertSqlDate($comment['created_at']);
?>
<?php
if (isLoggedIn()) {
?>
<input
type="submit"
name="delete-comment[<?php
echo $comment['id'];
?>
]"
value="Delete"
/>
<?php
}
?>
<div class="post-list">
<?php
foreach ($posts as $post) {
?>
<div class="post-synopsis">
<h2>
<?php
echo htmlEscape($post['title']);
?>
</h2>
<div class="meta">
<?php
echo convertSqlDate($post['created_at']);
?>
(<?php
echo $post['comment_count'];
?>
comments)
</div>
<p>
<?php
echo htmlEscape($post['body']);
?>
</p>
<div class="post-controls">
<a
href="view-post.php?post_id=<?php
