header("Location: http://localhost/websites/ssl/day7/main.php"); } if (!isset($_SESSION["loggedin"])) { header("Location: http://localhost/websites/ssl/day7/main.php"); } if (!empty($_GET["action"])) { if ($_GET["action"] == "getAll") { $data = $posts->readPosts(); $myview->getView("../views/body.php", $data); } elseif ($_GET["action"] == "readPost") { $data = $posts->readPost($_GET["postId"]); $myview->getView("../views/blogPost.php", $data); } elseif ($_GET["action"] == "updatePost") { $data = $posts->readPost($_GET["postId"]); $myview->getView("../views/formUpdate.html", $data); } elseif ($_GET["action"] == "changePost") { $posts->updatePost($_POST["title"], $_POST["detail"], $_POST["postId"]); $data = $posts->readPosts(); $myview->getView("../views/body.php", $data); } elseif ($_GET["action"] == "deletePost") { $posts->deletePost($_GET["postId"]); $data = $posts->readPosts(); $myview->getView("../views/body.php", $data); } elseif ($_GET["action"] == "createPost") { $posts->createPost($_POST["title"], $_POST["detail"], $_SESSION["userId"]); $data = $posts->readPosts(); $myview->getView("../views/body.php", $data); } } elseif (empty($_GET["postId"])) { $myview->getView("../views/home.php", array()); }
$time = explode(" ", $date); $get_time = $time[1]; // joining date and time $date = dateToGregDB($date) . ' ' . $get_time; } else { $date = $_POST['new_post_date']; } $desc = $_POST['new_post_desc']; $status = $_POST['new_post_status']; $comment_status = $_POST['new_post_comment_status']; $link_title = escapeSingleQuotes($_POST['new_post_link_title']); $link_title = urlencode(str_replace(' ', '-', $link_title)); $type = $_POST['post_type']; // clearing all cache files so that they will rebuilt clearAllCache(); $res = $post->updatePost($id, $date, $title, $link_title, $content, $excerpt, $desc, $status, $comment_status); if (!$res) { goToError('?switch=new_post', _e('cant_make_new_post_or_page', '', '', true)); } $conn = MySQL::open_conn(); if (isset($_POST['category'])) { $post_id = $id; foreach ($_POST['category'] as $cat_id) { if (is_numeric($cat_id)) { $values[] = "({$post_id}, " . (int) $cat_id . ')'; } } $query = "DELETE FROM c_posts_cats WHERE post_id = {$post_id}"; // remove all rows where post_id = this post $res = $conn->query($query); dbQueryCheck($res, $conn);