}
if ($post['parent'] == TINYIB_NEWTHREAD && $allowed != "" && !TINYIB_NOFILEOK) {
fancyDie("A {$allowed} is required to start a thread.");
}
if (str_replace('<br>', '', $post['message']) == "") {
fancyDie("Please enter a message" . ($allowed != "" ? " and/or upload a {$allowed}" : "") . ".");
}
} else {
echo $post['file_original'] . ' uploaded.<br>';
}
if (!$loggedin && ($post['file'] != '' && TINYIB_REQMOD == 'files' || TINYIB_REQMOD == 'all')) {
$post['moderated'] = '0';
echo 'Your ' . ($post['parent'] == TINYIB_NEWTHREAD ? 'thread' : 'post') . ' will be shown <b>once it has been approved</b>.<br>';
$slow_redirect = true;
}
$post['id'] = insertPost($post);
if ($post['moderated'] == '1') {
if (strtolower($post['email']) == 'noko') {
$redirect = 'res/' . ($post['parent'] == TINYIB_NEWTHREAD ? $post['id'] : $post['parent']) . '.html#' . $post['id'];
}
trimThreads();
echo 'Updating thread...<br>';
if ($post['parent'] != TINYIB_NEWTHREAD) {
rebuildThread($post['parent']);
if (strtolower($post['email']) != 'sage') {
if (TINYIB_MAXREPLIES == 0 || numRepliesToThreadByID($post['parent']) <= TINYIB_MAXREPLIES) {
bumpThreadByID($post['parent']);
}
}
} else {
rebuildThread($post['id']);
<?php
session_start();
!$_SESSION['login'] ? header('location:index.php') : '';
include '../db/config.php';
include '../db/koneksi.php';
include '../db/fungsi_insert.php';
include '../db/fungsi.php';
if (!@$_GET['module']) {
include '../db/fungsi_view.php';
}
if (@$_POST['judul_post']) {
insertPost($con);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<title></title>
<?php
include 'template/style.php';
?>
<link rel="stylesheet" href="">
</head>
<body>
<?php
include 'template/header.php';
?>
echo $user_id;
?>
" method="post" id="f">
<h2>What's your question today? let's discuss!</h2>
<input type="text" name="title" placeholder="Write a Title..." size="82" required="required"/><br/>
<textarea cols="83" rows="4" name="content" placeholder="Write description..."></textarea><br/>
<select name="topic">
<option>Select Topic</option>
<?php
getTopics();
?>
</select>
<input type="submit" name="sub" value="Post to Timeline"/>
</form>
<?php
insertPost();
?>
<h3>All Posts in this Category!</h3>
<?php
get_Cats();
?>
</div>
<!--Content timeline ends-->
</div>
<!--Content area ends-->
</div>
<!--Container ends-->
</body>
$post['tags'] = $_POST['post_tags'];
$post['content'] = $_POST['post_content'];
$post_image = $_FILES['post_image']['name'];
$post_image_tmp = $_FILES['post_image']['tmp_name'];
move_uploaded_file($post_image_tmp, "../images/{$post_image}");
if (isset($_POST['submit_publish'])) {
$post['status'] = "Published";
} else {
/*if (isset($_POST['submit_save_draft']))*/
$post['status'] = "Draft";
}
// Error handling
if (empty(trim($post['title']))) {
$error_message = "Post title can not be empty";
} else {
$id = insertPost($post['title'], $_SESSION['user']['username'], date("Y-m-d H:i:s"), $post_image, $post['content'], $post['tags'], 0, $post['status'], $post['category_id']);
$common_success_message = "Click <a class='alert-link' href='../post.php?id={$id}'>here</a> to view the post";
if ($post['status'] == "Published") {
$success_message = "Post published successfully. " . $common_success_message;
} else {
/*if ($post['status'] == "Draft")*/
$success_message = "Draft added successfully. " . $common_success_message;
}
}
}
?>
<div id="wrapper">
<?php
require "includes/admin_navigation.php";
}
function getPosts($descriptor = '')
{
$where_clause = "WHERE blog_posts.descriptor = '{$descriptor}'";
if ($descriptor == '') {
$where_clause = '';
}
$result = mysql_query("\n SELECT blog_posts.descriptor, blog_posts.title, blog_posts.content, blog_posts.poster,\n UNIX_TIMESTAMP(blog_posts.posted_date) as posted_date, \n COUNT(blog_comments.`comment-id`) as num_comments \n FROM blog_posts LEFT OUTER JOIN blog_comments on blog_posts.descriptor = blog_comments.descriptor \n {$where_clause}\n GROUP BY blog_posts.descriptor \n ORDER BY posted_date DESC\n ") or die(mysql_error());
while ($row = mysql_fetch_array($result)) {
displayPost($row['descriptor'], $row['title'], $row['content'], $row['poster'], $row['posted_date'], $row['num_comments']);
}
}
if (isset($_GET['post'])) {
$_GET['post'] = mysql_real_escape_string($_GET['post']);
if (isset($_POST['content'])) {
$_POST['content'] = mysql_real_escape_string(htmlentities($_POST['content']));
$_POST['name'] = mysql_real_escape_string(htmlentities($_POST['name']));
$_POST['contact'] = mysql_real_escape_string(htmlentities($_POST['contact']));
$_POST['parent'] = mysql_real_escape_string(htmlentities($_POST['parent']));
insertPost($_GET['post'], $_POST['content'], $_POST['name'], $_POST['contact'], $_POST['parent']);
}
require_once 'header.php';
getPosts($_GET['post']);
echo '<div id = "comments-heading">Comments</div>';
showComments($_GET['post'], 0, 0);
displayReply(0);
} else {
require_once 'header.php';
getPosts();
}
require_once 'footer.php';
function pushPost()
{
?>
<!-- Modal -->
<div class="modal fade" id="myModal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal"><span aria-hidden="true">×</span><span class="sr-only">Close</span></button>
<h4 class="modal-title" id="myModalLabel">Create new post</h4>
</div>
<!-- dialog body -->
<div class="modal-body">
<form name="post" method="post" action="<?php
echo $_SERVER['PHP_SELF'];
?>
?p=home">
<label for="title">Title</label>
<input type="text" class="form-control" name="title" placeholder="Title">
<br>
<textarea form-id="post" name="content"></textarea>
</div>
<!-- dialog buttons -->
<div class="modal-footer">
<input type="submit" class="btn btn-primary">
<button type="button" class="btn btn-primary" data-dismiss="modal">Close</button>
</form>
</div>
</div>
</div>
</div>
<?php
insertPost();
}
$page = $page > 0 ? $page : 1;
$page = $page <= $max_page ? $page : $max_page;
$errors = [];
$posts = $stmt1->fetch();
$rows = $posts[0];
// Offsetting
$offset = $limit * $page - $limit;
$selectAll = "SELECT * FROM posts LIMIT :limit OFFSET :offset";
$stmt = $dbc->prepare($selectAll);
$stmt->bindValue(':limit', 4, PDO::PARAM_INT);
$stmt->bindValue(':offset', $offset, PDO::PARAM_INT);
$stmt->execute();
$posts = $stmt->fetchALL(PDO::FETCH_ASSOC);
if (!empty($_POST)) {
if (checkValues()) {
$errors = insertPost($dbc);
} else {
$message = "Invalid format. Please try again.";
$javascript = "<script type='text/javascript'>alert('{$message}');</script>";
echo $javascript;
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Handel</title>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
}
$poster = $_SESSION['user'];
printPostPage();
// the user can choose to insert a text post or image post
$postType = $_GET['type'];
// print a form to upload a text post
if ($postType == 'text') {
printTextPostForm();
}
// print a form to upload an image post
if ($postType == 'upload') {
printUploadForm();
}
// call the function to upload a text post
if (isset($_POST['new_entry'])) {
insertPost($dbh, $poster, $_POST['new_entry'], $_POST['postTitle']);
echo "\t\tSuccessful post!";
}
// determine the new filename for image post that will be stored and call the
// function to insert it into the database
$postNum = 0;
if (isset($_POST['uploadTitle'])) {
// the image files are stored in a folder
$tmp = $_FILES['fileInput']['tmp_name'];
$destdir = '/students/cmatulis/public_html/project/images/';
// store the image with a filename based on the entryid that it will correspond to in the database
// which is the highest current entryid + 1
$resultset = $dbh->query("select entry_id from blog_entry order by entry_id desc limit 1");
while ($row = $resultset->fetchRow(MDB2_FETCHMODE_ASSOC)) {
$postNum = $row['entry_id'] + 1;
}
