<?php /** * This is a Hera pagecontroller. * */ // Include the essential config-file which also creates the $anax variable with its defaults. include __DIR__ . '/config.php'; $hera['stylesheets'][] = 'css/forms.css'; // Connect to a MySQL database using PHP PDO $db = new CDatabase($hera['database']); $user = new CUser($db); if ($user->IsAuthenticated()) { $output = "Du är inloggad som: {$user->GetAcronym()} ({$user->GetName()})"; } else { $output = "Du är INTE inloggad. / <a href='login.php'>Logga in?</a>"; } // Logout the user if (isset($_POST['logout'])) { $user->Logout(); header('Location: logout.php'); } // Do it and store it all in variables in the Hera container. $hera['title'] = "Logout"; $hera['main'] = <<<EOD <h1>{$hera['title']}</h1> <form method=post> <fieldset> <legend>Logga ut</legend> <p><input type='submit' value='Logga ut' name='logout'></p> <p>{$output}</p>
<?php /** * This is a Hera pagecontroller. * */ // Include the essential config-file which also creates the $anax variable with its defaults. include __DIR__ . '/config.php'; $hera['stylesheets'][] = 'css/forms.css'; // Connect to a MySQL database using PHP PDO $db = new CDatabase($hera['database']); $user = new CUser($db); if ($user->IsAuthenticated()) { $output = "Du är inloggad som: {$user->GetAcronym()} ({$user->GetName()}) / <a href='logout.php'>Logga ut?</a>"; } else { $output = "Du är INTE inloggad."; } // Check if user and password is okey if (isset($_POST['Login'])) { $user->Login($_POST['acronym'], $_POST['password']); header('Location: login.php'); } // Do it and store it all in variables in the Hera container. $hera['title'] = "Login"; $hera['main'] = <<<EOD <h1>{$hera['title']}</h1> <form method=post> <fieldset> <legend>Logga in</legend> <p><em>Du kan logga in med emsf14:emsf14 för att logga in som vanlig användare eller admin:admin för att logga in som administratör.</em></p> <div class='box'>Inte medlem än? Klicka <a href='register.php'>här</a> för att registrera dig.</div>
private function addEntry() { // Get parameters $title = isset($_POST['title']) ? $_POST['title'] : null; $slug = isset($_POST['slug']) ? $_POST['slug'] : null; $data = isset($_POST['data']) ? $_POST['data'] : array(); $published = isset($_POST['published']) ? strip_tags($_POST['published']) : array(); $updatedBy = isset($_POST['updatedBy']) ? $_POST['updatedBy'] : null; $publishedBy = strip_tags(CUser::GetName()); $category = isset($_POST['category']) ? $_POST['category'] : null; if (empty($published)) { $published = null; } $sql = ' INSERT INTO rm_news (slug, title, data, published, created, updatedBy, publishedBy, category) VALUES(?,?,?,?,NOW(),?,?,?) '; $slug = empty($slug) ? null : $this->slugify($slug); $category = empty($category) ? null : $this->slugify($category); $params = array($slug, $title, $data, $published, $updatedBy, $publishedBy, $category); $this->db->ExecuteQuery($sql, $params); header("Location: edit_news.php"); }